From 9edea9976bd605071e0694a90d704266c0b7e0f9 Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Thu, 14 Aug 2014 11:30:03 -0400
Subject: [PATCH] - Added warning in the interface when a path for a shelluser is set that is outside of the website docroot. - Added security settings feature to allow the root user of a server to control most aspects of whet the admin user of the controlpanel is allowed to do in system settings. This is especially useful for managed severs where the ispconfig admin user and the root user of the server are different persons.

---
 interface/web/help/lib/module.conf.php |   95 +++++++++++++++++++++++++++--------------------
 1 files changed, 54 insertions(+), 41 deletions(-)

diff --git a/interface/web/help/lib/module.conf.php b/interface/web/help/lib/module.conf.php
index c783228..bee099d 100644
--- a/interface/web/help/lib/module.conf.php
+++ b/interface/web/help/lib/module.conf.php
@@ -10,10 +10,15 @@
 $module['template']  = 'module.tpl.htm';
 
 //* The page that is displayed when the module is loaded. the path must is relative to the web directory
-if(isset($_GET['go2_faq_sections_list']))
+if(isset($_GET['go2_faq_sections_list'])){
 	$module['startpage'] = 'help/faq_sections_list.php';
-else
-	$module['startpage'] = 'help/index.php';
+} else {
+	if($_SESSION['s']['user']['typ'] == 'admin') {
+		$module['startpage'] = 'help/version.php';
+	} else {
+		$module['startpage'] = 'help/support_message_list.php';
+	}
+}
 
 //* The width of the tab. Normally you should leave this empty and let the browser define the width automatically.
 $module['tab_width'] = '';
@@ -26,65 +31,73 @@
 
 //* Add a menu item with the label 'Send message'
 $items[] = array( 'title'   => 'Send message',
-                  'target'  => 'content',
-                  'link'    => 'help/support_message_edit.php',
-                  'html_id' => 'help_message_send');
+	'target'  => 'content',
+	'link'    => 'help/support_message_edit.php',
+	'html_id' => 'help_message_send');
 
 //* Add a menu item with the label 'View messages'
 $items[] = array( 'title'   => 'View messages',
-                  'target'  => 'content',
-                  'link'    => 'help/support_message_list.php',
-                  'html_id' => 'help_message_list');
+	'target'  => 'content',
+	'link'    => 'help/support_message_list.php',
+	'html_id' => 'help_message_list');
 
 
 //* Add the menu items defined above to a menu section labeled 'Support'
 $module['nav'][] = array( 'title' => 'Support',
-                          'open'  => 1,
-                          'items'	=> $items);
+	'open'  => 1,
+	'items' => $items);
 
 //* the FAQ menu section
 $itemsfaq = array();
 //* admin's tools
 if($_SESSION['s']['user']['typ'] == 'admin') {
-        $itemsfaq[] = array( 'title'   => 'Add a Question & Answer Pair',
-                  'target'  => 'content',
-                  'link'    => 'help/faq_edit.php');
-        $itemsfaq[] = array( 'title'   => 'Manage Sections',
-                  'target'  => 'content',
-                  'link'    => 'help/faq_sections_list.php');
-}
-$sql = "SELECT * FROM help_faq_sections";
-$res = $app->db->queryAllRecords($sql);
-//* all the content sections
-foreach($res as $v)
-{
-        $itemsfaq[] = array( 'title'   => $v['hfs_name'],
-                  'target'  => 'content',
-                  'link'    => 'help/faq_list.php?hfs_id='.$v['hfs_id']);
-}
+	$itemsfaq[] = array(  'title'  => 'Manage Sections',
+		'target' => 'content',
+		'link'  => 'help/faq_sections_list.php');
+	$itemsfaq[] = array(  'title'  => 'Manage Questions',
+		'target' => 'content',
+		'link'  => 'help/faq_manage_questions_list.php');
 
-$module['nav'][] = array( 'title' => 'FAQ',
-                          'open'  => 1,
-                          'items'       => $itemsfaq);
+	$module['nav'][] = array(  'title' => 'FAQ',
+		'open' => 1,
+		'items' => $itemsfaq);
+}
+else
+	{ //* the user
+	$sql = "SELECT * FROM help_faq_sections";
+	$res = $app->db->queryAllRecords($sql);
+	//* all the content sections
+	if(is_array($res) && !empty($res)) {
+		foreach($res as $v) {
+			$itemsfaq[] = array(  'title'  => $v['hfs_name'],
+				'target' => 'content',
+				'link'  => 'help/faq_list.php?hfs_id='.$v['hfs_id']);
+		}
+		// Display 'FAQ' menu only if there are sections
+		$module['nav'][] = array(  'title' => 'FAQ',
+			'open' => 1,
+			'items' => $itemsfaq);
+	}
+}
 //* -- end of the FAQ menu section
 
 
 
 if($_SESSION['s']['user']['typ'] == 'admin') {
-//* make sure that the items array is empty
-$items = array();
+	//* make sure that the items array is empty
+	$items = array();
 
-//* Add a menu item with the label 'Version'
-$items[] = array( 'title'   => 'Version',
-                  'target'  => 'content',
-                  'link'    => 'help/version.php',
-                  'html_id' => 'help_version' );
+	//* Add a menu item with the label 'Version'
+	$items[] = array( 'title'   => 'Version',
+		'target'  => 'content',
+		'link'    => 'help/version.php',
+		'html_id' => 'help_version' );
 
 
-//* Add the menu items defined above to a menu section labeled 'Support'
-$module['nav'][] = array( 'title' => 'About ISPConfig',
-                          'open'  => 1,
-                          'items'	=> $items);
+	//* Add the menu items defined above to a menu section labeled 'Support'
+	$module['nav'][] = array( 'title' => 'About ISPConfig',
+		'open'  => 1,
+		'items' => $items);
 
 }
 

--
Gitblit v1.9.1