From 49a4ebff7c069a34fb1c9967aab06486b75735e0 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Mon, 02 Jan 2012 07:26:26 -0500
Subject: [PATCH] Add option "set_folder_permissions_on_update" in server config to configure if folder permissions should be forced on web update.

---
 server/plugins-available/apache2_plugin.inc.php |   15 ++++++++++-----
 1 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 7849aca..bd93b51 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -553,7 +553,7 @@
 
 
 		//* If the security level is set to high
-		if($this->action == 'insert' && $data['new']['type'] == 'vhost') {
+		if(($this->action == 'insert' && $data['new']['type'] == 'vhost') or ($web_config['set_folder_permissions_on_update'] == 'y' && $data['new']['type'] == 'vhost')) {
 			if($web_config['security_level'] == 20) {
 
 				$this->_exec('chmod 751 '.escapeshellcmd($data['new']['document_root']));
@@ -585,8 +585,13 @@
 
 				//* add the Apache user to the client group
 				$app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));
-
-				$this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']));
+				
+				//* Chown all default directories
+				$this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/cgi-bin'));
+				$this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/log'));
+				$this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/ssl'));
+				$this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/tmp'));
+				$this->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/web'));
 
 				/*
 				* Workaround for jailkit: If jailkit is enabled for the site, the 
@@ -730,7 +735,7 @@
 							'rewrite_target_ssl' => $rewrite_target_ssl);
 					break;
 				case '*':
-					$rewrite_rules[] = array(	'rewrite_domain' 	=> $data['new']['domain'],
+					$rewrite_rules[] = array(	'rewrite_domain' 	=> '(^|\.)'.$data['new']['domain'],
 						'rewrite_type' 		=> ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
 						'rewrite_target' 	=> $rewrite_target,
 						'rewrite_target_ssl' => $rewrite_target_ssl);
@@ -796,7 +801,7 @@
 									'rewrite_target_ssl' => $rewrite_target_ssl);
 							break;
 						case '*':
-							$rewrite_rules[] = array(	'rewrite_domain' 	=> $alias['domain'],
+							$rewrite_rules[] = array(	'rewrite_domain' 	=> '(^|\.)'.$alias['domain'],
 								'rewrite_type' 		=> ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
 								'rewrite_target' 	=> $rewrite_target,
 								'rewrite_target_ssl' => $rewrite_target_ssl);

--
Gitblit v1.9.1