From 77cc4a99b15f4639b56c29a1207dc04b459c5d54 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Fri, 19 Dec 2014 12:18:11 -0500
Subject: [PATCH] - re-added jquery ui

---
 interface/lib/classes/validate_domain.inc.php |   44 ++++++++++++++++++++++++++++++++++++++++++--
 1 files changed, 42 insertions(+), 2 deletions(-)

diff --git a/interface/lib/classes/validate_domain.inc.php b/interface/lib/classes/validate_domain.inc.php
index 1280c89..a072412 100644
--- a/interface/lib/classes/validate_domain.inc.php
+++ b/interface/lib/classes/validate_domain.inc.php
@@ -97,6 +97,45 @@
 		$result = $this->_check_unique($field_value . '.' . $check_domain, true);
 		if(!$result) return $this->get_error('domain_error_autosub');
 	}
+	
+	/* Check apache directives */
+	function web_apache_directives($field_name, $field_value, $validator) {
+		global $app;
+		
+		if(trim($field_value) != '') {
+			$security_config = $app->getconf->get_security_config('ids');
+		
+			if($security_config['apache_directives_scan_enabled'] == 'yes') {
+				
+				// Get blacklist
+				$blacklist_path = '/usr/local/ispconfig/security/apache_directives.blacklist';
+				if(is_file('/usr/local/ispconfig/security/apache_directives.blacklist.custom')) $blacklist_path = '/usr/local/ispconfig/security/apache_directives.blacklist.custom';
+				if(!is_file($blacklist_path)) $blacklist_path = realpath(ISPC_ROOT_PATH.'/../security/apache_directives.blacklist');
+				
+				$directives = explode("\n",$field_value);
+				$regex = explode("\n",file_get_contents($blacklist_path));
+				$blocked = false;
+				$blocked_line = '';
+				
+				if(is_array($directives) && is_array($regex)) {
+					foreach($directives as $directive) {
+						$directive = trim($directive);
+						foreach($regex as $r) {
+							if(preg_match(trim($r),$directive)) {
+								$blocked = true;
+								$blocked_line .= $directive.'<br />';
+							};
+						}
+					}
+				}
+			}
+		}
+		
+		if($blocked === true) {
+			return $this->get_error('apache_directive_blocked_error').' '.$blocked_line;
+		}
+	}
+	
 
 	/* internal validator function to match regexp */
 	function _regex_validate($domain_name, $allow_wildcard = false) {
@@ -134,7 +173,7 @@
 		}
 		
 		
-		$qrystr = "SELECT d.domain_id, IF(d.parent_domain_id != 0 AND p.domain_id IS NOT NULL, p.ip_address, d.ip_address) as `ip_address`, IF(d.parent_domain_id != 0 AND p.domain_id IS NOT NULL, p.ipv6_address, d.ipv6_address) as `ipv6_address` FROM `web_domain` as d LEFT JOIN `web_domain` as p ON (p.domain_id = d.parent_domain_id) WHERE (d.domain = '" . $app->db->quote($domain_name) . "'" . $additional_sql1 . ") AND d.server_id = " . $app->functions->intval($domain['server_id']) . " AND d.domain_id != " . $app->functions->intval($primary_id) . " AND d.parent_domain_id != " . $app->functions->intval($primary_id);
+		$qrystr = "SELECT d.domain_id, IF(d.parent_domain_id != 0 AND p.domain_id IS NOT NULL, p.ip_address, d.ip_address) as `ip_address`, IF(d.parent_domain_id != 0 AND p.domain_id IS NOT NULL, p.ipv6_address, d.ipv6_address) as `ipv6_address` FROM `web_domain` as d LEFT JOIN `web_domain` as p ON (p.domain_id = d.parent_domain_id) WHERE (d.domain = '" . $app->db->quote($domain_name) . "'" . $additional_sql1 . ") AND d.server_id = " . $app->functions->intval($domain['server_id']) . " AND d.domain_id != " . $app->functions->intval($primary_id) . ($primary_id ? " AND d.parent_domain_id != " . $app->functions->intval($primary_id) : "");
 		$checks = $app->db->queryAllRecords($qrystr);
 		if(is_array($checks) && !empty($checks)){
 			foreach($checks as $check){
@@ -146,7 +185,7 @@
 		}
 		
 		if($only_domain == false) {
-			$qrystr = "SELECT d.domain_id, IF(d.parent_domain_id != 0 AND p.domain_id IS NOT NULL, p.ip_address, d.ip_address) as `ip_address`, IF(d.parent_domain_id != 0 AND p.domain_id IS NOT NULL, p.ipv6_address, d.ipv6_address) as `ipv6_address` FROM `web_domain` as d LEFT JOIN `web_domain` as p ON (p.domain_id = d.parent_domain_id) WHERE (CONCAT(d.subdomain, '.', d.domain)= '" . $app->db->quote($domain_name) . "'" . $additional_sql2 . ") AND d.server_id = " . $app->functions->intval($domain['server_id']) . " AND d.domain_id != " . $app->functions->intval($primary_id) . " AND d.parent_domain_id != " . $app->functions->intval($primary_id);
+			$qrystr = "SELECT d.domain_id, IF(d.parent_domain_id != 0 AND p.domain_id IS NOT NULL, p.ip_address, d.ip_address) as `ip_address`, IF(d.parent_domain_id != 0 AND p.domain_id IS NOT NULL, p.ipv6_address, d.ipv6_address) as `ipv6_address` FROM `web_domain` as d LEFT JOIN `web_domain` as p ON (p.domain_id = d.parent_domain_id) WHERE (CONCAT(d.subdomain, '.', d.domain)= '" . $app->db->quote($domain_name) . "'" . $additional_sql2 . ") AND d.server_id = " . $app->functions->intval($domain['server_id']) . " AND d.domain_id != " . $app->functions->intval($primary_id) . ($primary_id ? " AND d.parent_domain_id != " . $app->functions->intval($primary_id) : "");
 			$checks = $app->db->queryAllRecords($qrystr);
 			if(is_array($checks) && !empty($checks)){
 				foreach($checks as $check){
@@ -175,5 +214,6 @@
 		}
 		return true; // admin may always add wildcard domain
 	}
+	
 
 }

--
Gitblit v1.9.1