From 6d826cf032b50b42dc56caf6998db5bd6b3f1bd5 Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Wed, 12 Oct 2011 07:16:14 -0400
Subject: [PATCH] - Fixed #1799.

---
 server/plugins-available/nginx_plugin.inc.php |   18 +++++++++---------
 1 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php
index 640f070..9fd5a8a 100644
--- a/server/plugins-available/nginx_plugin.inc.php
+++ b/server/plugins-available/nginx_plugin.inc.php
@@ -1104,7 +1104,7 @@
 		if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);
 		if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);
 		$folder_path = escapeshellcmd($website['document_root'].'/web/'.$folder['path']);
-		if(substr($folder_path,-1 != '/')) $folder_path .= '/';
+		if(substr($folder_path,-1) != '/' && $folder['path'] != '') $folder_path .= '/';
 		
 		//* Check if the resulting path is inside the docroot
 		if(stristr($folder_path,'..') || stristr($folder_path,'./') || stristr($folder_path,'\\')) {
@@ -1122,6 +1122,7 @@
 			$app->log('Created file'.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
 		}
 		
+		/*
 		$auth_users = $app->db->queryAllRecords("SELECT * FROM web_folder_user WHERE active = 'y' AND web_folder_id = ".intval($folder_id));
 		$htpasswd_content = '';
 		if(is_array($auth_users) && !empty($auth_users)){
@@ -1132,9 +1133,9 @@
 		$htpasswd_content = trim($htpasswd_content);
 		@file_put_contents($folder_path.'.htpasswd', $htpasswd_content);
 		$app->log('Changed .htpasswd file: '.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
+		*/
 		
-		/*
-		if($data['new']['username'] != $data['old']['username'] || $data['new']['active'] == 'n') {
+		if(($data['new']['username'] != $data['old']['username'] || $data['new']['active'] == 'n') && $data['old']['username'] != '') {
 			$app->system->removeLine($folder_path.'.htpasswd',$data['old']['username'].':');
 			$app->log('Removed user: '.$data['old']['username'],LOGLEVEL_DEBUG);
 		}
@@ -1149,7 +1150,6 @@
 				$app->log('Added or updated user: '.$data['new']['username'],LOGLEVEL_DEBUG);
 			}
 		}
-		*/
 		
 		// write basic auth configuration to vhost file because nginx does not support .htaccess
 		$webdata['new'] = $webdata['old'] = $website;
@@ -1174,7 +1174,7 @@
 		if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);
 		if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);
 		$folder_path = realpath($website['document_root'].'/web/'.$folder['path']);
-		if(substr($folder_path,-1 != '/')) $folder_path .= '/';
+		if(substr($folder_path,-1) != '/' && $folder['path'] != '') $folder_path .= '/';
 		
 		//* Check if the resulting path is inside the docroot
 		if(substr($folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
@@ -1207,13 +1207,13 @@
 		//* Get the folder path.
 		if(substr($data['old']['path'],0,1) == '/') $data['old']['path'] = substr($data['old']['path'],1);
 		if(substr($data['old']['path'],-1) == '/') $data['old']['path'] = substr($data['old']['path'],0,-1);
-		$old_folder_path = escapeshellcmd($website['document_root'].'/web/'.$data['old']['path']);
-		if(substr($old_folder_path,-1 != '/')) $old_folder_path .= '/';
+		$old_folder_path = realpath($website['document_root'].'/web/'.$data['old']['path']);
+		if(substr($old_folder_path,-1) != '/' && $data['old']['path'] != '') $old_folder_path .= '/';
 			
 		if(substr($data['new']['path'],0,1) == '/') $data['new']['path'] = substr($data['new']['path'],1);
 		if(substr($data['new']['path'],-1) == '/') $data['new']['path'] = substr($data['new']['path'],0,-1);
 		$new_folder_path = escapeshellcmd($website['document_root'].'/web/'.$data['new']['path']);
-		if(substr($new_folder_path,-1 != '/')) $new_folder_path .= '/';
+		if(substr($new_folder_path,-1) != '/' && $data['new']['path'] != '') $new_folder_path .= '/';
 		
 		//* Check if the resulting path is inside the docroot
 		if(stristr($new_folder_path,'..') || stristr($new_folder_path,'./') || stristr($new_folder_path,'\\')) {
@@ -1244,7 +1244,7 @@
 			//* move .htpasswd file
 			if(is_file($old_folder_path.'.htpasswd')) {
 				rename($old_folder_path.'.htpasswd',$new_folder_path.'.htpasswd');
-				$app->log('Moved file '.$new_folder_path.'.htpasswd',LOGLEVEL_DEBUG);
+				$app->log('Moved file '.$old_folder_path.'.htpasswd to '.$new_folder_path.'.htpasswd',LOGLEVEL_DEBUG);
 			}
 		
 		}

--
Gitblit v1.9.1