From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty

---
 interface/lib/config.inc.php |  218 ++++++++++++++++++++++++++++--------------------------
 1 files changed, 114 insertions(+), 104 deletions(-)

diff --git a/interface/lib/config.inc.php b/interface/lib/config.inc.php
index e5d155a..907f372 100644
--- a/interface/lib/config.inc.php
+++ b/interface/lib/config.inc.php
@@ -1,6 +1,7 @@
 <?php
+
 /*
-Copyright (c) 2007, Till Brehm, Falko Timme, projektfarm Gmbh
+Copyright (c) 2007, Till Brehm, projektfarm Gmbh
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification,
@@ -27,129 +28,138 @@
 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 
-error_reporting(E_ALL|E_NOTICE);
+//** Web-only
+if( !empty($_SERVER['DOCUMENT_ROOT']) ) {
 
-header('Pragma: no-cache');
-header('Cache-Control: no-store, no-cache, max-age=0, must-revalidate');
-header('Content-Type: text/html');
-//* TODO: Js caching - pedro
+	header("Pragma: no-cache");
+	header("Cache-Control: no-store, no-cache, max-age=0, must-revalidate");
+	header("Content-Type: text/html; charset=utf-8");
 
-//** Key paramaters
-define('ISPC_APP_TITLE', 'ISPConfig');
-$conf['app_title'] = 'ISPConfig';
-define('ISPC_APP_VERSION', '3.0.0');
-$conf['app_version'] = '3.0.0';
-$conf['modules_available'] 	= 'admin,mail,sites,monitor,client,dns';
-
-
-//********************************************************************************
-//** Future Code idea  - pedro - rfc
-//** >>>>
-/*  Database connection
-	The only time paramaters are needed is to connect, otherwise the variables
-	are not required "around" the application. ie Connected and done.
-	Prefered is an array as $DB in capitals, ie
-	$DB['engine'] = 'type'; 
-	$DB['host'] = 'ip';
-	$DB['user'] = 'me';
-	$DB['password'] = 'secret';
-	$DB['database'] = 'db_name';
-	
-	The connection paramaters are all contained within one array structure
-	With this array structure the connection can be passed around, to functions
-	However it can also leak so it can be destroyed eg
-	$dbClass->connect($DB);
-	unset($DB); // only the paranoid survive
-		
-	Also there is a scenario where we are devloping and using this file
-	and the database paramaters might leak into svn etc.
-    (This idea is borrowed from the tikiwiki.org project)
-	To resolve this there is a file called db_local.php.skel which is not detected
-	rename this to db_local.php and edit the paramaters.
-*/
-
-//* Detect the local database settings ie $DB array()
-//* Copy db_local.php.skel for and change for local development
-if(file_exists(dirname(__FILE__).'/db_local.php')){
-	require_once(dirname(__FILE__).'/db_local.php');
-	$conf['db_type']			= $DB['type'];
-	$conf['db_host']			= $DB['host'];
-	$conf['db_user']			= $DB['user'];
-	$conf['db_password']		= $DB['password'];	
-    $conf['db_database']        = $DB['database'];
-}else{
-	//** Database Settings
-	$conf['db_type']			= 'mysql';
-	$conf['db_host']			= 'localhost';
-	$conf['db_user']			= 'root';
-	$conf['db_password']		= '';
-    $conf['db_database']        = 'ispconfig3';
+	ini_set('register_globals', 0);
 }
 
+//** SVN Revision
+$svn_revision = '$Revision: 1525 $';
+$revision = str_replace(array('Revision:', '$', ' '), '', $svn_revision);
 
-//** The main ROOT is the parent directory to this file, ie Interface/. NO trailing slashes.
-define('ISPC_ROOT_PATH',  realpath(dirname(__FILE__).'/../'));
-define('ISPC_LIB_PATH',   ISPC_ROOT_PATH.'/lib');
-define('ISPC_CLASS_PATH', ISPC_ROOT_PATH.'/lib/classes');
-define('ISPC_TEMP_PATH',  ISPC_ROOT_PATH.'/temp');
-define('ISPC_CACHE_PATH', ISPC_ROOT_PATH.'/cache');
+//** Application
+define('ISPC_APP_TITLE', 'ISPConfig');
+define('ISPC_APP_VERSION', '3.1dev');
+define('DEVSYSTEM', 0);
 
 
-//** Database Settings
-/* See above
-$conf['db_type']            = 'mysql';
-$conf['db_host']            = 'localhost';
-$conf['db_user']            = 'root';
-$conf['db_password']        = '';
-$conf['db_database']        = 'ispconfig3';
-*/
+//** Database
+$conf['db_type'] = 'mysql';
+$conf['db_host'] = 'localhost';
+$conf['db_port'] = 3306;
+$conf['db_database'] = 'ispconfig3_305';
+$conf['db_user'] = 'root';
+$conf['db_password'] = '';
+$conf['db_charset'] = 'utf8'; // same charset as html-charset - (HTML --> MYSQL: "utf-8" --> "utf8", "iso-8859-1" --> "latin1")
+$conf['db_new_link'] = false;
+$conf['db_client_flags'] = 0;
 
-$conf['rootpath']			= substr(dirname(__FILE__),0,-4);
-$conf['fs_div']				= '/'; // File system divider, \\ on windows and / on linux and unix
-$conf['temppath']			= $conf['rootpath'].$conf['fs_div'].'temp';
-// predro notes: not sure this is the right thing ?
-$conf['cache_dir']          = $conf['rootpath'].$conf['fs_div'].'/cache';
-
-
-/* pedro notes ? this stuff is REALLY not necessay, can leak everywhere 
-   Don think this lot is being used so commented out
 define('DB_TYPE', $conf['db_type']);
 define('DB_HOST', $conf['db_host']);
-define('DB_DATABASE',$conf['db_database']);
+define('DB_PORT', $conf['db_port']);
+define('DB_DATABASE', $conf['db_database']);
 define('DB_USER', $conf['db_user']);
 define('DB_PASSWORD', $conf['db_password']);
-*/
+define('DB_CHARSET', $conf['db_charset']);
 
-//**  External programs
-//$conf["programs"]["convert"]	= "/usr/bin/convert";
-$conf['programs']['wput']		= $conf['rootpath']."\\tools\\wput\\wput.exe";
+
+//** Database settings for the master DB. This setting is only used in multiserver setups
+$conf['dbmaster_type']   = 'mysql';
+$conf['dbmaster_host']   = '{mysql_master_server_host}';
+$conf['dbmaster_port']   = '{mysql_master_server_port}';
+$conf['dbmaster_database']  = '{mysql_master_server_database}';
+$conf['dbmaster_user']   = '{mysql_master_server_ispconfig_user}';
+$conf['dbmaster_password']  = '{mysql_master_server_ispconfig_password}';
+$conf['dbmaster_new_link']   = false;
+$conf['dbmaster_client_flags']  = 0;
+
+
+//** Paths
+$conf['ispconfig_log_dir'] = '/var/log/ispconfig';
+define('ISPC_ROOT_PATH', realpath(dirname(__FILE__).'/../')); // The main ROOT is the parent directory to this file, ie Interface/. NO trailing slashes.
+define('ISPC_LIB_PATH', ISPC_ROOT_PATH.'/lib');
+define('ISPC_CLASS_PATH', ISPC_ROOT_PATH.'/lib/classes');
+define('ISPC_WEB_PATH', ISPC_ROOT_PATH.'/web');
+define('ISPC_THEMES_PATH', ISPC_ROOT_PATH.'/web/themes');
+define('ISPC_WEB_TEMP_PATH', ISPC_WEB_PATH.'/temp'); // Path for downloads, accessible via browser
+define('ISPC_CACHE_PATH', ISPC_ROOT_PATH.'/cache');
+
+//** Paths (Do not change!)
+$conf['rootpath'] = substr(dirname(__FILE__), 0, -4);
+$conf['fs_div'] = '/'; // File system separator (divider), "\\" on Windows and "/" on Linux and UNIX
+$conf['classpath'] = $conf['rootpath'].$conf['fs_div'].'lib'.$conf['fs_div'].'classes';
+$conf['temppath'] = $conf['rootpath'].$conf['fs_div'].'temp';
+
+define('FS_DIV', $conf['fs_div']);
+define('SERVER_ROOT', $conf['rootpath']);
+define('INCLUDE_ROOT', SERVER_ROOT.FS_DIV.'lib');
+define('CLASSES_ROOT', INCLUDE_ROOT.FS_DIV.'classes');
+
+
+//** Server
+$conf['app_title'] = ISPC_APP_TITLE;
+$conf['app_version'] = ISPC_APP_VERSION;
+$conf['app_link'] = 'http://www.howtoforge.com/forums/showthread.php?t=26988';
+$conf['modules_available'] = 'admin,mail,sites,monitor,client,dns,help';
+$conf['server_id'] = '1';
+
+
+//** Interface
+$conf['interface_modules_enabled'] = 'dashboard,mail,sites,dns,tools';
+
+//** Demo mode
+/* The demo mode is an option to restrict certain actions in the interface like
+*  changing the password of users with sys_userid < 3 etc. to be
+*  able to run the ISPConfig interface as online demo. It does not
+*  affect the server part. The demo mode should be always set to false
+*  on every normal installation
+*/
+$conf['demo_mode'] = false;
+
+
+//** Logging
+$conf['log_file'] = $conf['ispconfig_log_dir'].'/ispconfig.log';
+$conf['log_priority'] = 0; // 0 = Debug, 1 = Warning, 2 = Error
+
+
+//** Allow software package installations
+$conf['software_updates_enabled'] = false;
 
 
 //** Themes
-$conf['theme']					= 'default';
-$conf['html_content_encoding']	= 'text/html; charset=iso-8859-1';
-$conf['logo'] 					= 'themes/default/images/mydnsconfig_logo.gif';
+$conf['theme'] = 'default';
+$conf['html_content_encoding'] = 'utf-8'; // example: utf-8, iso-8859-1, ...
+$conf['logo'] = 'themes/default/images/header_logo.png';
+
+//** Templates
+$conf['templates'] = '/usr/local/ispconfig/server/conf';
 
 //** Default Language
-$conf['language']       = 'en';
+$conf['language'] = 'en';
+$conf['debug_language'] = false;
+$conf['language_file_import_enabled'] = true; // Bool value: true / false
 
-//**  Auto Load Modules
-$conf['start_db']		= true;
-$conf['start_session']	= true;
+//** Default Country
+$conf['country'] = 'DE';
 
 
-//** DNS Settings
+//** Misc.
+$conf['interface_logout_url'] = ''; // example: http://www.domain.tld/
 
-//* Automatically create PTR records?
-$conf['auto_create_ptr'] 	 = 1; 
-//* must be set if $conf['auto_create_ptr'] is 1. Don't forget the trailing dot!
-$conf['default_ns'] 		 = 'ns1.example.com.'; 
-//* Admin email address. Must be set if $conf['auto_create_ptr'] is 1. Replace "@" with ".". Don't forget the trailing dot!
-$conf['default_mbox'] 		 = 'admin.example.com.'; 
-$conf['default_ttl'] 		 = 86400;
-$conf['default_refresh'] 	 = 28800;
-$conf['default_retry'] 		 = 7200;
-$conf['default_expire'] 	 = 604800;
-$conf['default_minimum_ttl'] = 86400;
 
-?>
\ No newline at end of file
+//** Auto Load Modules
+$conf['start_db'] = true;
+$conf['start_session'] = true;
+
+
+//** Constants
+define('LOGLEVEL_DEBUG', 0);
+define('LOGLEVEL_WARN', 1);
+define('LOGLEVEL_ERROR', 2);
+
+?>

--
Gitblit v1.9.1