From 6ad1e4080e9cd8e10ab9ec1e876debece7ae6512 Mon Sep 17 00:00:00 2001 From: ftimme <ft@falkotimme.com> Date: Thu, 29 Sep 2011 07:33:17 -0400 Subject: [PATCH] - Remove hidden iframe after file upload. --- server/plugins-available/cron_jailkit_plugin.inc.php | 25 ++++++++++++++----------- 1 files changed, 14 insertions(+), 11 deletions(-) diff --git a/server/plugins-available/cron_jailkit_plugin.inc.php b/server/plugins-available/cron_jailkit_plugin.inc.php index 4677c84..2e5f06e 100644 --- a/server/plugins-available/cron_jailkit_plugin.inc.php +++ b/server/plugins-available/cron_jailkit_plugin.inc.php @@ -81,7 +81,7 @@ $app->log("Parent domain not found",LOGLEVEL_WARN); return 0; } elseif($parent_domain["system_user"] == 'root' or $parent_domain["system_group"] == 'root') { - $app->log("Websites (and Crons) can not be owned by the root user or group.",LOGLEVEL_WARN); + $app->log("Websites (and Crons) cannot be owned by the root user or group.",LOGLEVEL_WARN); return 0; } @@ -150,7 +150,7 @@ $app->log("Parent domain not found",LOGLEVEL_WARN); return 0; } elseif($parent_domain["system_user"] == 'root' or $parent_domain["system_group"] == 'root') { - $app->log("Websites (and Crons) can not be owned by the root user or group.",LOGLEVEL_WARN); + $app->log("Websites (and Crons) cannot be owned by the root user or group.",LOGLEVEL_WARN); return 0; } @@ -230,20 +230,20 @@ $tpl->setVar('home_dir',$this->_get_home_dir("")); $bashrc = escapeshellcmd($this->parent_domain['document_root']).'/etc/bash.bashrc'; - if(@is_file($bashrc)) exec('rm '.$bashrc); + if(@is_file($bashrc)) unlink($bashrc); file_put_contents($bashrc,$tpl->grab()); unset($tpl); - $this->app->log("Added bashrc scrpt : ".$bashrc,LOGLEVEL_DEBUG); + $this->app->log('Added bashrc script: '.$bashrc,LOGLEVEL_DEBUG); $tpl = new tpl(); - $tpl->newTemplate("motd.master"); + $tpl->newTemplate('motd.master'); $tpl->setVar('domain',$this->parent_domain['domain']); $motd = escapeshellcmd($this->parent_domain['document_root']).'/var/run/motd'; - if(@is_file($motd)) exec('rm '.$motd); + if(@is_file($motd)) unlink($motd); file_put_contents($motd,$tpl->grab()); @@ -290,7 +290,10 @@ $this->app->log("Added jailkit user to chroot with command: ".$command,LOGLEVEL_DEBUG); - exec("mkdir -p ".escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome)); + mkdir(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), 0755, true); + chown(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), escapeshellcmd($this->parent_domain['system_user'])); + chgrp(escapeshellcmd($this->parent_domain['document_root'].$jailkit_chroot_userhome), escapeshellcmd($this->parent_domain['system_group'])); + } function _get_home_dir($username) @@ -308,8 +311,8 @@ //* If the security level is set to high if($web_config['security_level'] == 20) { - $this->_exec("chmod 755 ".escapeshellcmd($this->parent_domain['document_root'])); - $this->_exec("chown root:root ".escapeshellcmd($this->parent_domain['document_root'])); + $this->_exec('chmod 755 '.escapeshellcmd($this->parent_domain['document_root'])); + $this->_exec('chown root:root '.escapeshellcmd($this->parent_domain['document_root'])); } } @@ -317,7 +320,7 @@ //* Wrapper for exec function for easier debugging private function _exec($command) { global $app; - $app->log("exec: ".$command,LOGLEVEL_DEBUG); + $app->log('exec: '.$command,LOGLEVEL_DEBUG); exec($command); } @@ -325,4 +328,4 @@ } // end class -?> \ No newline at end of file +?> -- Gitblit v1.9.1