From 378935a8a92592cf1ef164b4d969c376c46a78c6 Mon Sep 17 00:00:00 2001
From: nveid <nveid@ispconfig3>
Date: Fri, 09 Dec 2011 02:35:24 -0500
Subject: [PATCH] Fixed mysql error when switching from "Options" tab to "Ftp User" edit tab, the onUpdate thought we were trying to change the Website because the Options Datalog didn't have the parent_domain_id and the Ftp User tab did.
---
server/plugins-available/apache2_plugin.inc.php | 534 ++++++++++++++++++++++++++++++++++++++++++++++++----------
1 files changed, 439 insertions(+), 95 deletions(-)
diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 5a702b3..49bb90f 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -77,6 +77,14 @@
$app->plugins->registerEvent('webdav_user_delete',$this->plugin_name,'webdav');
$app->plugins->registerEvent('client_delete',$this->plugin_name,'client_delete');
+
+ $app->plugins->registerEvent('web_folder_user_insert',$this->plugin_name,'web_folder_user');
+ $app->plugins->registerEvent('web_folder_user_update',$this->plugin_name,'web_folder_user');
+ $app->plugins->registerEvent('web_folder_user_delete',$this->plugin_name,'web_folder_user');
+
+ $app->plugins->registerEvent('web_folder_update',$this->plugin_name,'web_folder_update');
+ $app->plugins->registerEvent('web_folder_delete',$this->plugin_name,'web_folder_delete');
+
}
// Handle the creation of SSL certificates
@@ -159,7 +167,7 @@
$app->log("Creating CA-signed SSL Cert for: $domain",LOGLEVEL_DEBUG);
if (filesize($crt_file)==0 || !file_exists($crt_file)) $app->log("CA-Certificate signing failed. openssl ca -out $crt_file -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -in $csr_file",LOGLEVEL_ERROR);
};
- if (filesize($crt_file)==0 || !file_exists($crt_file)){
+ if (@filesize($crt_file)==0 || !file_exists($crt_file)){
exec("openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $key_file -in $csr_file -out $crt_file -days $ssl_days -config $config_file ");
$app->log("Creating self-signed SSL Cert for: $domain",LOGLEVEL_DEBUG);
};
@@ -182,7 +190,7 @@
//* Save a SSL certificate to disk
if($data["new"]["ssl_action"] == 'save') {
$ssl_dir = $data["new"]["document_root"]."/ssl";
- $domain = $data["new"]["ssl_domain"];
+ $domain = ($data["new"]["ssl_domain"] != '')?$data["new"]["ssl_domain"]:$data["new"]["domain"];
$csr_file = $ssl_dir.'/'.$domain.".csr";
$crt_file = $ssl_dir.'/'.$domain.".crt";
$bundle_file = $ssl_dir.'/'.$domain.".bundle";
@@ -199,7 +207,7 @@
//* Delete a SSL certificate
if($data['new']['ssl_action'] == 'del') {
$ssl_dir = $data['new']['document_root'].'/ssl';
- $domain = $data['new']['ssl_domain'];
+ $domain = ($data["new"]["ssl_domain"] != '')?$data["new"]["ssl_domain"]:$data["new"]["domain"];
$csr_file = $ssl_dir.'/'.$domain.'.csr';
$crt_file = $ssl_dir.'/'.$domain.'.crt';
$bundle_file = $ssl_dir.'/'.$domain.'.bundle';
@@ -219,7 +227,6 @@
$app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
$app->log('Deleting SSL Cert for: '.$domain,LOGLEVEL_DEBUG);
}
-
}
@@ -280,6 +287,23 @@
if($data['new']['system_user'] == 'root' or $data['new']['system_group'] == 'root') {
$app->log('Websites cannot be owned by the root user or group.',LOGLEVEL_WARN);
return 0;
+ }
+
+ // Create group and user, if not exist
+ $app->uses('system');
+
+ $groupname = escapeshellcmd($data['new']['system_group']);
+ if($data['new']['system_group'] != '' && !$app->system->is_group($data['new']['system_group'])) {
+ exec('groupadd '.$groupname);
+ if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' groupadd '.$groupname);
+ $app->log('Adding the group: '.$groupname,LOGLEVEL_DEBUG);
+ }
+
+ $username = escapeshellcmd($data['new']['system_user']);
+ if($data['new']['system_user'] != '' && !$app->system->is_user($data['new']['system_user'])) {
+ exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname -G sshusers $username -s /bin/false");
+ if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname -G sshusers $username -s /bin/false");
+ $app->log('Adding the user: '.$username,LOGLEVEL_DEBUG);
}
//* If the client of the site has been changed, we have a change of the document root
@@ -503,23 +527,6 @@
exec('chown -R '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.$error_page_path);
} // end copy error docs
- // Create group and user, if not exist
- $app->uses('system');
-
- $groupname = escapeshellcmd($data['new']['system_group']);
- if($data['new']['system_group'] != '' && !$app->system->is_group($data['new']['system_group'])) {
- exec('groupadd '.$groupname);
- if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' groupadd '.$groupname);
- $app->log('Adding the group: '.$groupname,LOGLEVEL_DEBUG);
- }
-
- $username = escapeshellcmd($data['new']['system_user']);
- if($data['new']['system_user'] != '' && !$app->system->is_user($data['new']['system_user'])) {
- exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname -G sshusers $username -s /bin/false");
- if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname -G sshusers $username -s /bin/false");
- $app->log('Adding the user: '.$username,LOGLEVEL_DEBUG);
- }
-
// Set the quota for the user
if($username != '' && $app->system->is_user($username)) {
if($data['new']['hd_quota'] > 0) {
@@ -534,74 +541,76 @@
if($this->action == 'insert' || $data["new"]["system_user"] != $data["old"]["system_user"]) {
// Chown and chmod the directories below the document root
- $this->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']));
+ $this->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']).'/web');
// The document root itself has to be owned by root in normal level and by the web owner in security level 20
if($web_config['security_level'] == 20) {
- $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']));
+ $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']).'/web');
} else {
- $this->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']));
+ $this->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']).'/web');
}
}
//* If the security level is set to high
- if($web_config['security_level'] == 20) {
+ if($this->action == 'insert' && $data['new']['type'] == 'vhost') {
+ if($web_config['security_level'] == 20) {
- $this->_exec('chmod 751 '.escapeshellcmd($data['new']['document_root']));
- $this->_exec('chmod 751 '.escapeshellcmd($data['new']['document_root']).'/*');
- $this->_exec('chmod 710 '.escapeshellcmd($data['new']['document_root'].'/web'));
+ $this->_exec('chmod 751 '.escapeshellcmd($data['new']['document_root']));
+ $this->_exec('chmod 751 '.escapeshellcmd($data['new']['document_root']).'/*');
+ $this->_exec('chmod 710 '.escapeshellcmd($data['new']['document_root'].'/web'));
- // make tmp directory writable for Apache and the website users
- $this->_exec('chmod 777 '.escapeshellcmd($data['new']['document_root'].'/tmp'));
+ // make tmp directory writable for Apache and the website users
+ $this->_exec('chmod 777 '.escapeshellcmd($data['new']['document_root'].'/tmp'));
- // Set Log symlink to 755 to make the logs accessible by the FTP user
- $this->_exec("chmod 755 ".escapeshellcmd($data["new"]["document_root"])."/log");
+ // Set Log symlink to 755 to make the logs accessible by the FTP user
+ $this->_exec("chmod 755 ".escapeshellcmd($data["new"]["document_root"])."/log");
- $command = 'usermod';
- $command .= ' --groups sshusers';
- $command .= ' '.escapeshellcmd($data['new']['system_user']);
- $this->_exec($command);
+ $command = 'usermod';
+ $command .= ' --groups sshusers';
+ $command .= ' '.escapeshellcmd($data['new']['system_user']);
+ $this->_exec($command);
- //* if we have a chrooted Apache environment
- if($apache_chrooted) {
- $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);
+ //* if we have a chrooted Apache environment
+ if($apache_chrooted) {
+ $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);
- //* add the apache user to the client group in the chroot environment
- $tmp_groupfile = $app->system->server_conf['group_datei'];
- $app->system->server_conf['group_datei'] = $web_config['website_basedir'].'/etc/group';
+ //* add the apache user to the client group in the chroot environment
+ $tmp_groupfile = $app->system->server_conf['group_datei'];
+ $app->system->server_conf['group_datei'] = $web_config['website_basedir'].'/etc/group';
+ $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));
+ $app->system->server_conf['group_datei'] = $tmp_groupfile;
+ unset($tmp_groupfile);
+ }
+
+ //* add the Apache user to the client group
$app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));
- $app->system->server_conf['group_datei'] = $tmp_groupfile;
- unset($tmp_groupfile);
- }
- //* add the Apache user to the client group
- $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));
+ $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']));
- $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']));
+ /*
+ * Workaround for jailkit: If jailkit is enabled for the site, the
+ * website root has to be owned by the root user and we have to chmod it to 755 then
+ */
- /*
- * Workaround for jailkit: If jailkit is enabled for the site, the
- * website root has to be owned by the root user and we have to chmod it to 755 then
- */
+ //* Check if there is a jailkit user for this site
+ $tmp = $app->db->queryOneRecord('SELECT count(shell_user_id) as number FROM shell_user WHERE parent_domain_id = '.$data['new']['domain_id']." AND chroot = 'jailkit'");
+ if($tmp['number'] > 0) {
+ $this->_exec('chmod 755 '.escapeshellcmd($data['new']['document_root']));
+ $this->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']));
+ }
+ unset($tmp);
- //* Check if there is a jailkit user for this site
- $tmp = $app->db->queryOneRecord('SELECT count(shell_user_id) as number FROM shell_user WHERE parent_domain_id = '.$data['new']['domain_id']." AND chroot = 'jailkit'");
- if($tmp['number'] > 0) {
+ // If the security Level is set to medium
+ } else {
+
$this->_exec('chmod 755 '.escapeshellcmd($data['new']['document_root']));
+ $this->_exec('chmod 755 '.escapeshellcmd($data['new']['document_root'].'/*'));
$this->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']));
+
+ // make temp directory writable for Apache and the website users
+ $this->_exec('chmod 777 '.escapeshellcmd($data['new']['document_root'].'/tmp'));
}
- unset($tmp);
-
- // If the security Level is set to medium
- } else {
-
- $this->_exec('chmod 755 '.escapeshellcmd($data['new']['document_root']));
- $this->_exec('chmod 755 '.escapeshellcmd($data['new']['document_root'].'/*'));
- $this->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']));
-
- // make temp directory writable for Apache and the website users
- $this->_exec('chmod 777 '.escapeshellcmd($data['new']['document_root'].'/tmp'));
}
// Change the ownership of the error log to the owner of the website
@@ -643,6 +652,7 @@
$tpl->newTemplate('vhost.conf.master');
$vhost_data = $data['new'];
+ //unset($vhost_data['ip_address']);
$vhost_data['web_document_root'] = $data['new']['document_root'].'/web';
$vhost_data['web_document_root_www'] = $web_config['website_basedir'].'/'.$data['new']['domain'].'/web';
$vhost_data['web_basedir'] = $web_config['website_basedir'];
@@ -660,6 +670,7 @@
$crt_file = $ssl_dir.'/'.$domain.'.crt';
$bundle_file = $ssl_dir.'/'.$domain.'.bundle';
+ /*
if($domain!='' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0) && (@filesize($key_file)>0)) {
$vhost_data['ssl_enabled'] = 1;
$app->log('Enable SSL for: '.$domain,LOGLEVEL_DEBUG);
@@ -667,38 +678,68 @@
$vhost_data['ssl_enabled'] = 0;
$app->log('SSL Disabled. '.$domain,LOGLEVEL_DEBUG);
}
+ */
if(@is_file($bundle_file)) $vhost_data['has_bundle_cert'] = 1;
//$vhost_data['document_root'] = $data['new']['document_root'].'/web';
+
+ // Set SEO Redirect
+ if($data['new']['seo_redirect'] != '' && ($data['new']['subdomain'] == 'www' || $data['new']['subdomain'] == '*')){
+ $vhost_data['seo_redirect_enabled'] = 1;
+ if($data['new']['seo_redirect'] == 'non_www_to_www'){
+ $vhost_data['seo_redirect_origin_domain'] = $data['new']['domain'];
+ $vhost_data['seo_redirect_target_domain'] = 'www.'.$data['new']['domain'];
+ }
+ if($data['new']['seo_redirect'] == 'www_to_non_www'){
+ $vhost_data['seo_redirect_origin_domain'] = 'www.'.$data['new']['domain'];
+ $vhost_data['seo_redirect_target_domain'] = $data['new']['domain'];
+ }
+ } else {
+ $vhost_data['seo_redirect_enabled'] = 0;
+ }
+
$tpl->setVar($vhost_data);
// Rewrite rules
$rewrite_rules = array();
if($data['new']['redirect_type'] != '') {
if(substr($data['new']['redirect_path'],-1) != '/') $data['new']['redirect_path'] .= '/';
+ if(substr($data['new']['redirect_path'],0,8) == '[scheme]'){
+ $rewrite_target = 'http'.substr($data['new']['redirect_path'],8);
+ $rewrite_target_ssl = 'https'.substr($data['new']['redirect_path'],8);
+ } else {
+ $rewrite_target = $data['new']['redirect_path'];
+ $rewrite_target_ssl = $data['new']['redirect_path'];
+ }
/* Disabled path extension
if($data['new']['redirect_type'] == 'no' && substr($data['new']['redirect_path'],0,4) != 'http') {
$data['new']['redirect_path'] = $data['new']['document_root'].'/web'.realpath($data['new']['redirect_path']).'/';
}
*/
- $rewrite_rules[] = array( 'rewrite_domain' => $data['new']['domain'],
- 'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
- 'rewrite_target' => $data['new']['redirect_path']);
-
switch($data['new']['subdomain']) {
case 'www':
- $rewrite_rules[] = array( 'rewrite_domain' => 'www.'.$data['new']['domain'],
+ $rewrite_rules[] = array( 'rewrite_domain' => '^'.$data['new']['domain'],
+ 'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
+ 'rewrite_target' => $rewrite_target,
+ 'rewrite_target_ssl' => $rewrite_target_ssl);
+ $rewrite_rules[] = array( 'rewrite_domain' => '^www.'.$data['new']['domain'],
'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
- 'rewrite_target' => $data['new']['redirect_path']);
+ 'rewrite_target' => $rewrite_target,
+ 'rewrite_target_ssl' => $rewrite_target_ssl);
break;
case '*':
- // TODO
- //$rewrite_rules[] = array( 'rewrite_domain' => '*'.$alias['domain'],
- // 'rewrite_type' => $alias['redirect_type'],
- // 'rewrite_target' => $alias['redirect_path']);
+ $rewrite_rules[] = array( 'rewrite_domain' => $data['new']['domain'],
+ 'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
+ 'rewrite_target' => $rewrite_target,
+ 'rewrite_target_ssl' => $rewrite_target_ssl);
break;
+ default:
+ $rewrite_rules[] = array( 'rewrite_domain' => '^'.$data['new']['domain'],
+ 'rewrite_type' => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
+ 'rewrite_target' => $rewrite_target,
+ 'rewrite_target_ssl' => $rewrite_target_ssl);
}
}
@@ -729,27 +770,42 @@
$app->log('Add server alias: '.$alias['domain'],LOGLEVEL_DEBUG);
// Rewriting
if($alias['redirect_type'] != '') {
- if(substr($data['new']['redirect_path'],-1) != '/') $data['new']['redirect_path'] .= '/';
+ if(substr($alias['redirect_path'],-1) != '/') $alias['redirect_path'] .= '/';
+ if(substr($alias['redirect_path'],0,8) == '[scheme]'){
+ $rewrite_target = 'http'.substr($alias['redirect_path'],8);
+ $rewrite_target_ssl = 'https'.substr($alias['redirect_path'],8);
+ } else {
+ $rewrite_target = $alias['redirect_path'];
+ $rewrite_target_ssl = $alias['redirect_path'];
+ }
/* Disabled the path extension
if($data['new']['redirect_type'] == 'no' && substr($data['new']['redirect_path'],0,4) != 'http') {
$data['new']['redirect_path'] = $data['new']['document_root'].'/web'.realpath($data['new']['redirect_path']).'/';
}
*/
- $rewrite_rules[] = array( 'rewrite_domain' => $alias['domain'],
- 'rewrite_type' => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
- 'rewrite_target' => $alias['redirect_path']);
+
switch($alias['subdomain']) {
case 'www':
- $rewrite_rules[] = array( 'rewrite_domain' => 'www.'.$alias['domain'],
+ $rewrite_rules[] = array( 'rewrite_domain' => '^'.$alias['domain'],
+ 'rewrite_type' => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
+ 'rewrite_target' => $rewrite_target,
+ 'rewrite_target_ssl' => $rewrite_target_ssl);
+ $rewrite_rules[] = array( 'rewrite_domain' => '^www.'.$alias['domain'],
'rewrite_type' => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
- 'rewrite_target' => $alias['redirect_path']);
+ 'rewrite_target' => $rewrite_target,
+ 'rewrite_target_ssl' => $rewrite_target_ssl);
break;
case '*':
- // TODO
- //$rewrite_rules[] = array( 'rewrite_domain' => '*'.$alias['domain'],
- // 'rewrite_type' => $alias['redirect_type'],
- // 'rewrite_target' => $alias['redirect_path']);
+ $rewrite_rules[] = array( 'rewrite_domain' => $alias['domain'],
+ 'rewrite_type' => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
+ 'rewrite_target' => $rewrite_target,
+ 'rewrite_target_ssl' => $rewrite_target_ssl);
break;
+ default:
+ $rewrite_rules[] = array( 'rewrite_domain' => '^'.$alias['domain'],
+ 'rewrite_type' => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
+ 'rewrite_target' => $rewrite_target,
+ 'rewrite_target_ssl' => $rewrite_target_ssl);
}
}
}
@@ -772,12 +828,13 @@
$tpl->setVar('alias','');
}
- if(count($rewrite_rules) > 0) {
+ if(count($rewrite_rules) > 0 || $vhost_data['seo_redirect_enabled'] > 0) {
$tpl->setVar('rewrite_enabled',1);
} else {
$tpl->setVar('rewrite_enabled',0);
}
- $tpl->setLoop('redirects',$rewrite_rules);
+
+ //$tpl->setLoop('redirects',$rewrite_rules);
/**
* install fast-cgi starter script and add script aliasd config
@@ -898,6 +955,49 @@
$vhost_file = escapeshellcmd($web_config['vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost');
//* Make a backup copy of vhost file
if(file_exists($vhost_file)) copy($vhost_file,$vhost_file.'~');
+
+ //* create empty vhost array
+ $vhosts = array();
+
+ //* Add vhost for ipv4 IP
+ if(count($rewrite_rules) > 0){
+ $vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 0, 'port' => 80, 'redirects' => $rewrite_rules);
+ } else {
+ $vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 0, 'port' => 80);
+ }
+
+ //* Add vhost for ipv4 IP with SSL
+ if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0) && (@filesize($key_file)>0)) {
+ if(count($rewrite_rules) > 0){
+ $vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 1, 'port' => '443', 'redirects' => $rewrite_rules);
+ } else {
+ $vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 1, 'port' => '443');
+ }
+ $app->log('Enable SSL for: '.$domain,LOGLEVEL_DEBUG);
+ }
+
+ //* Add vhost for IPv6 IP
+ if($data['new']['ipv6_address'] != '') {
+ if(count($rewrite_rules) > 0){
+ $vhosts[] = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 0, 'port' => 80, 'redirects' => $rewrite_rules);
+ } else {
+ $vhosts[] = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 0, 'port' => 80);
+ }
+
+ //* Add vhost for ipv6 IP with SSL
+ if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0) && (@filesize($key_file)>0)) {
+
+ if(count($rewrite_rules) > 0){
+ $vhosts[] = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 1, 'port' => '443', 'redirects' => $rewrite_rules);
+ } else {
+ $vhosts[] = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 1, 'port' => '443');
+ }
+ $app->log('Enable SSL for IPv6: '.$domain,LOGLEVEL_DEBUG);
+ }
+ }
+
+ //* Set the vhost loop
+ $tpl->setLoop('vhosts',$vhosts);
//* Write vhost file
file_put_contents($vhost_file,$tpl->grab());
@@ -1044,11 +1144,24 @@
} else {
//* This is a website
// Deleting the vhost file, symlink and the data directory
- $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost');
- unlink($vhost_symlink);
- $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file,LOGLEVEL_DEBUG);
-
$vhost_file = escapeshellcmd($web_config['vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost');
+
+ $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost');
+ if(is_link($vhost_symlink)){
+ unlink($vhost_symlink);
+ $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file,LOGLEVEL_DEBUG);
+ }
+ $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost');
+ if(is_link($vhost_symlink)){
+ unlink($vhost_symlink);
+ $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file,LOGLEVEL_DEBUG);
+ }
+ $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost');
+ if(is_link($vhost_symlink)){
+ unlink($vhost_symlink);
+ $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file,LOGLEVEL_DEBUG);
+ }
+
unlink($vhost_file);
$app->log('Removing vhost file: '.$vhost_file,LOGLEVEL_DEBUG);
@@ -1112,6 +1225,13 @@
if($data['old']['stats_type'] == 'awstats') {
$this->awstats_delete($data,$web_config);
}
+
+ if($apache_chrooted) {
+ $app->services->restartServiceDelayed('httpd','restart');
+ } else {
+ // request a httpd reload when all records have been processed
+ $app->services->restartServiceDelayed('httpd','reload');
+ }
}
}
@@ -1129,9 +1249,30 @@
$tpl = new tpl();
$tpl->newTemplate('apache_ispconfig.conf.master');
$records = $app->db->queryAllRecords('SELECT * FROM server_ip WHERE server_id = '.$conf['server_id']." AND virtualhost = 'y'");
-
- if(count($records) > 0) {
- $tpl->setLoop('ip_adresses',$records);
+
+ $records_out= array();
+ if(is_array($records)) {
+ foreach($records as $rec) {
+ if($rec['ip_type'] == 'IPv6') {
+ $ip_address = '['.$rec['ip_address'].']';
+ } else {
+ $ip_address = $rec['ip_address'];
+ }
+ $ports = explode(',',$rec['virtualhost_port']);
+ if(is_array($ports)) {
+ foreach($ports as $port) {
+ $port = intval($port);
+ if($port > 0 && $port < 65536 && $ip_address != '') {
+ $records_out[] = array('ip_address' => $ip_address, 'port' => $port);
+ }
+ }
+ }
+ }
+ }
+
+
+ if(count($records_out) > 0) {
+ $tpl->setLoop('ip_adresses',$records_out);
}
$vhost_file = escapeshellcmd($web_config['vhost_conf_dir'].'/ispconfig.conf');
@@ -1139,6 +1280,206 @@
$app->log('Writing the conf file: '.$vhost_file,LOGLEVEL_DEBUG);
unset($tpl);
+ }
+
+ //* Create or update the .htaccess folder protection
+ function web_folder_user($event_name,$data) {
+ global $app, $conf;
+
+ $app->uses('system');
+
+ if($event_name == 'web_folder_user_delete') {
+ $folder_id = $data['old']['web_folder_id'];
+ } else {
+ $folder_id = $data['new']['web_folder_id'];
+ }
+
+ $folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE web_folder_id = ".intval($folder_id));
+ $website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($folder['parent_domain_id']));
+
+ if(!is_array($folder) or !is_array($website)) {
+ $app->log('Not able to retrieve folder or website record.',LOGLEVEL_DEBUG);
+ return false;
+ }
+
+ //* Get the folder path.
+ if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);
+ if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);
+ $folder_path = escapeshellcmd($website['document_root'].'/web/'.$folder['path']);
+ if(substr($folder_path,-1) != '/') $folder_path .= '/';
+
+ //* Check if the resulting path is inside the docroot
+ if(stristr($folder_path,'..') || stristr($folder_path,'./') || stristr($folder_path,'\\')) {
+ $app->log('Folder path "'.$folder_path.'" contains .. or ./.',LOGLEVEL_DEBUG);
+ return false;
+ }
+
+ //* Create the folder path, if it does not exist
+ if(!is_dir($folder_path)) exec('mkdir -p '.$folder_path);
+
+ //* Create empty .htpasswd file, if it does not exist
+ if(!is_file($folder_path.'.htpasswd')) {
+ touch($folder_path.'.htpasswd');
+ chmod($folder_path.'.htpasswd',0755);
+ $app->log('Created file '.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
+ }
+
+ /*
+ $auth_users = $app->db->queryAllRecords("SELECT * FROM web_folder_user WHERE active = 'y' AND web_folder_id = ".intval($folder_id));
+ $htpasswd_content = '';
+ if(is_array($auth_users) && !empty($auth_users)){
+ foreach($auth_users as $auth_user){
+ $htpasswd_content .= $auth_user['username'].':'.$auth_user['password']."\n";
+ }
+ }
+ $htpasswd_content = trim($htpasswd_content);
+ @file_put_contents($folder_path.'.htpasswd', $htpasswd_content);
+ $app->log('Changed .htpasswd file: '.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
+ */
+
+ if(($data['new']['username'] != $data['old']['username'] || $data['new']['active'] == 'n') && $data['old']['username'] != '') {
+ $app->system->removeLine($folder_path.'.htpasswd',$data['old']['username'].':');
+ $app->log('Removed user: '.$data['old']['username'],LOGLEVEL_DEBUG);
+ }
+
+ //* Add or remove the user from .htpasswd file
+ if($event_name == 'web_folder_user_delete') {
+ $app->system->removeLine($folder_path.'.htpasswd',$data['old']['username'].':');
+ $app->log('Removed user: '.$data['old']['username'],LOGLEVEL_DEBUG);
+ } else {
+ if($data['new']['active'] == 'y') {
+ $app->system->replaceLine($folder_path.'.htpasswd',$data['new']['username'].':',$data['new']['username'].':'.$data['new']['password'],0,1);
+ $app->log('Added or updated user: '.$data['new']['username'],LOGLEVEL_DEBUG);
+ }
+ }
+
+
+ //* Create the .htaccess file
+ //if(!is_file($folder_path.'.htaccess')) {
+ $ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$folder_path.".htpasswd\nrequire valid-user";
+ file_put_contents($folder_path.'.htaccess',$ht_file);
+ chmod($folder_path.'.htpasswd',0755);
+ $app->log('Created file '.$folder_path.'.htaccess',LOGLEVEL_DEBUG);
+ //}
+
+ }
+
+ //* Remove .htaccess and .htpasswd file, when folder protection is removed
+ function web_folder_delete($event_name,$data) {
+ global $app, $conf;
+
+ $folder_id = $data['old']['web_folder_id'];
+
+ $folder = $data['old'];
+ $website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($folder['parent_domain_id']));
+
+ if(!is_array($folder) or !is_array($website)) {
+ $app->log('Not able to retrieve folder or website record.',LOGLEVEL_DEBUG);
+ return false;
+ }
+
+ //* Get the folder path.
+ if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);
+ if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);
+ $folder_path = realpath($website['document_root'].'/web/'.$folder['path']);
+ if(substr($folder_path,-1) != '/') $folder_path .= '/';
+
+ //* Check if the resulting path is inside the docroot
+ if(substr($folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
+ $app->log('Folder path is outside of docroot.',LOGLEVEL_DEBUG);
+ return false;
+ }
+
+ //* Remove .htpasswd file
+ if(is_file($folder_path.'.htpasswd')) {
+ unlink($folder_path.'.htpasswd');
+ $app->log('Removed file '.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
+ }
+
+ //* Remove .htaccess file
+ if(is_file($folder_path.'.htaccess')) {
+ unlink($folder_path.'.htaccess');
+ $app->log('Removed file '.$folder_path.'.htaccess',LOGLEVEL_DEBUG);
+ }
+ }
+
+ //* Update folder protection, when path has been changed
+ function web_folder_update($event_name,$data) {
+ global $app, $conf;
+
+ $website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($data['new']['parent_domain_id']));
+
+ if(!is_array($website)) {
+ $app->log('Not able to retrieve folder or website record.',LOGLEVEL_DEBUG);
+ return false;
+ }
+
+ //* Get the folder path.
+ if(substr($data['old']['path'],0,1) == '/') $data['old']['path'] = substr($data['old']['path'],1);
+ if(substr($data['old']['path'],-1) == '/') $data['old']['path'] = substr($data['old']['path'],0,-1);
+ $old_folder_path = realpath($website['document_root'].'/web/'.$data['old']['path']);
+ if(substr($old_folder_path,-1) != '/') $old_folder_path .= '/';
+
+ if(substr($data['new']['path'],0,1) == '/') $data['new']['path'] = substr($data['new']['path'],1);
+ if(substr($data['new']['path'],-1) == '/') $data['new']['path'] = substr($data['new']['path'],0,-1);
+ $new_folder_path = escapeshellcmd($website['document_root'].'/web/'.$data['new']['path']);
+ if(substr($new_folder_path,-1) != '/') $new_folder_path .= '/';
+
+ //* Check if the resulting path is inside the docroot
+ if(stristr($new_folder_path,'..') || stristr($new_folder_path,'./') || stristr($new_folder_path,'\\')) {
+ $app->log('Folder path "'.$new_folder_path.'" contains .. or ./.',LOGLEVEL_DEBUG);
+ return false;
+ }
+ if(stristr($old_folder_path,'..') || stristr($old_folder_path,'./') || stristr($old_folder_path,'\\')) {
+ $app->log('Folder path "'.$old_folder_path.'" contains .. or ./.',LOGLEVEL_DEBUG);
+ return false;
+ }
+
+ //* Check if the resulting path is inside the docroot
+ if(substr($old_folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
+ $app->log('Old folder path '.$old_folder_path.' is outside of docroot.',LOGLEVEL_DEBUG);
+ return false;
+ }
+ if(substr($new_folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
+ $app->log('New folder path '.$new_folder_path.' is outside of docroot.',LOGLEVEL_DEBUG);
+ return false;
+ }
+
+ //* Create the folder path, if it does not exist
+ if(!is_dir($new_folder_path)) exec('mkdir -p '.$new_folder_path);
+
+ if($data['old']['path'] != $data['new']['path']) {
+
+
+ //* move .htpasswd file
+ if(is_file($old_folder_path.'.htpasswd')) {
+ rename($old_folder_path.'.htpasswd',$new_folder_path.'.htpasswd');
+ $app->log('Moved file '.$old_folder_path.'.htpasswd to '.$new_folder_path.'.htpasswd',LOGLEVEL_DEBUG);
+ }
+
+ //* delete old .htaccess file
+ if(is_file($old_folder_path.'.htaccess')) {
+ unlink($old_folder_path.'.htaccess');
+ $app->log('Deleted file '.$old_folder_path.'.htaccess',LOGLEVEL_DEBUG);
+ }
+
+ }
+
+ //* Create the .htaccess file
+ if($data['new']['active'] == 'y') {
+ $ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$new_folder_path.".htpasswd\nrequire valid-user";
+ file_put_contents($new_folder_path.'.htaccess',$ht_file);
+ chmod($new_folder_path.'.htpasswd',0755);
+ $app->log('Created file '.$new_folder_path.'.htaccess',LOGLEVEL_DEBUG);
+ }
+
+ //* Remove .htaccess file
+ if($data['new']['active'] == 'n' && is_file($new_folder_path.'.htaccess')) {
+ unlink($new_folder_path.'.htaccess');
+ $app->log('Removed file '.$new_folder_path.'.htaccess',LOGLEVEL_DEBUG);
+ }
+
+
}
/**
@@ -1416,6 +1757,9 @@
file_put_contents($awstats_conf_dir.'/awstats.'.$data['new']['domain'].'.conf',$content);
$app->log('Created AWStats config file: '.$awstats_conf_dir.'/awstats.'.$data['new']['domain'].'.conf',LOGLEVEL_DEBUG);
}
+
+ if(is_file($data['new']['document_root']."/web/stats/index.html")) unlink($data['new']['document_root']."/web/stats/index.html");
+ copy("/usr/local/ispconfig/server/conf/awstats_index.php.master",$data['new']['document_root']."/web/stats/index.php");
}
//* Delete the awstats configuration file
--
Gitblit v1.9.1