From aa370627b211a51dc46891cfa4b6e3d2ef3e52db Mon Sep 17 00:00:00 2001
From: mcramer <m.cramer@pixcept.de>
Date: Tue, 16 Jul 2013 10:45:17 -0400
Subject: [PATCH] - Fixed FS#2924 - the month will not set automatically in the autoresponder by click now Along with this fixed some display problems with the combo boxes introduced in 3.0.5. Some fields were not correctly displayed with the predefined values if value and text of the underlying option element differ.
---
server/plugins-available/nginx_plugin.inc.php | 422 ++++++++++++++++++++++++++++++++++++----------------
1 files changed, 288 insertions(+), 134 deletions(-)
diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php
index 67963f8..84ee8ee 100644
--- a/server/plugins-available/nginx_plugin.inc.php
+++ b/server/plugins-available/nginx_plugin.inc.php
@@ -99,7 +99,7 @@
$app->uses('getconf');
$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
if ($web_config['CA_path']!='' && !file_exists($web_config['CA_path'].'/openssl.cnf'))
- $app->log("CA path error, file does not exist:".$web_config['CA_path'].'/openssl.conf',LOGLEVEL_ERROR);
+ $app->log("CA path error, file does not exist:".$web_config['CA_path'].'/openssl.cnf',LOGLEVEL_ERROR);
//* Only vhosts can have a ssl cert
if($data["new"]["type"] != "vhost" && $data["new"]["type"] != "vhostsubdomain") return;
@@ -120,8 +120,14 @@
$this->ssl_certificate_changed = true;
//* Rename files if they exist
- if(file_exists($key_file)) $app->system->rename($key_file,$key_file.'.bak');
- if(file_exists($key_file2)) $app->system->rename($key_file2,$key_file2.'.bak');
+ if(file_exists($key_file)){
+ $app->system->rename($key_file,$key_file.'.bak');
+ $app->system->chmod($key_file.'.bak',0400);
+ }
+ if(file_exists($key_file2)){
+ $app->system->rename($key_file2,$key_file2.'.bak');
+ $app->system->chmod($key_file2.'.bak',0400);
+ }
if(file_exists($csr_file)) $app->system->rename($csr_file,$csr_file.'.bak');
if(file_exists($crt_file)) $app->system->rename($crt_file,$crt_file.'.bak');
@@ -164,11 +170,15 @@
$rand_file = escapeshellcmd($rand_file);
$key_file = escapeshellcmd($key_file);
+ if(substr($domain, 0, 2) == '*.' && strpos($key_file, '/ssl/\*.') != false) $key_file = str_replace('/ssl/\*.', '/ssl/*.', $key_file); // wildcard certificate
$key_file2 = escapeshellcmd($key_file2);
+ if(substr($domain, 0, 2) == '*.' && strpos($key_file2, '/ssl/\*.') != false) $key_file2 = str_replace('/ssl/\*.', '/ssl/*.', $key_file2); // wildcard certificate
$ssl_days = 3650;
$csr_file = escapeshellcmd($csr_file);
+ if(substr($domain, 0, 2) == '*.' && strpos($csr_file, '/ssl/\*.') != false) $csr_file = str_replace('/ssl/\*.', '/ssl/*.', $csr_file); // wildcard certificate
$config_file = escapeshellcmd($ssl_cnf_file);
$crt_file = escapeshellcmd($crt_file);
+ if(substr($domain, 0, 2) == '*.' && strpos($crt_file, '/ssl/\*.') != false) $crt_file = str_replace('/ssl/\*.', '/ssl/*.', $crt_file); // wildcard certificate
if(is_file($ssl_cnf_file) && !is_link($ssl_cnf_file)) {
@@ -189,6 +199,7 @@
}
+ $app->system->chmod($key_file,0400);
$app->system->chmod($key_file2,0400);
@$app->system->unlink($config_file);
@$app->system->unlink($rand_file);
@@ -215,8 +226,14 @@
//$bundle_file = $ssl_dir.'/'.$domain.".bundle";
//* Backup files
- if(file_exists($key_file)) $app->system->copy($key_file,$key_file.'~');
- if(file_exists($key_file2)) $app->system->copy($key_file2,$key_file2.'~');
+ if(file_exists($key_file)){
+ $app->system->copy($key_file,$key_file.'~');
+ $app->system->chmod($key_file.'~',0400);
+ }
+ if(file_exists($key_file2)){
+ $app->system->copy($key_file2,$key_file2.'~');
+ $app->system->chmod($key_file2.'~',0400);
+ }
if(file_exists($csr_file)) $app->system->copy($csr_file,$csr_file.'~');
if(file_exists($crt_file)) $app->system->copy($crt_file,$crt_file.'~');
//if(file_exists($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'~');
@@ -226,6 +243,7 @@
if(trim($data["new"]["ssl_cert"]) != '') $app->system->file_put_contents($crt_file,$data["new"]["ssl_cert"]);
//if(trim($data["new"]["ssl_bundle"]) != '') $app->system->file_put_contents($bundle_file,$data["new"]["ssl_bundle"]);
if(trim($data["new"]["ssl_key"]) != '') $app->system->file_put_contents($key_file2,$data["new"]["ssl_key"]);
+ $app->system->chmod($key_file2,0400);
// for nginx, bundle files have to be appended to the certificate file
if(trim($data["new"]["ssl_bundle"]) != ''){
@@ -330,7 +348,7 @@
}
if($data['new']['document_root'] == '') {
- $app->log('document_root not set',LOGLEVEL_WARN);
+ if($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain') $app->log('document_root not set',LOGLEVEL_WARN);
return 0;
}
if($data['new']['system_user'] == 'root' or $data['new']['system_group'] == 'root') {
@@ -418,39 +436,43 @@
}
}
- //* Move the site data
- $tmp_docroot = explode('/',$data['new']['document_root']);
- unset($tmp_docroot[count($tmp_docroot)-1]);
- $new_dir = implode('/',$tmp_docroot);
+ if($data["new"]["type"] != "vhostsubdomain") {
+ //* Move the site data
+ $tmp_docroot = explode('/',$data['new']['document_root']);
+ unset($tmp_docroot[count($tmp_docroot)-1]);
+ $new_dir = implode('/',$tmp_docroot);
- $tmp_docroot = explode('/',$data['old']['document_root']);
- unset($tmp_docroot[count($tmp_docroot)-1]);
- $old_dir = implode('/',$tmp_docroot);
+ $tmp_docroot = explode('/',$data['old']['document_root']);
+ unset($tmp_docroot[count($tmp_docroot)-1]);
+ $old_dir = implode('/',$tmp_docroot);
- //* Check if there is already some data in the new docroot and rename it as we need a clean path to move the existing site to the new path
- if(@is_dir($data['new']['document_root'])) {
- $app->system->rename($data['new']['document_root'],$data['new']['document_root'].'_bak_'.date('Y_m_d'));
- $app->log('Renaming existing directory in new docroot location. mv '.$data['new']['document_root'].' '.$data['new']['document_root'].'_bak_'.date('Y_m_d'),LOGLEVEL_DEBUG);
- }
+ //* Check if there is already some data in the new docroot and rename it as we need a clean path to move the existing site to the new path
+ if(@is_dir($data['new']['document_root'])) {
+ $app->system->web_folder_protection($data['new']['document_root'],false);
+ $app->system->rename($data['new']['document_root'],$data['new']['document_root'].'_bak_'.date('Y_m_d_H_i_s'));
+ $app->log('Renaming existing directory in new docroot location. mv '.$data['new']['document_root'].' '.$data['new']['document_root'].'_bak_'.date('Y_m_d_H_i_s'),LOGLEVEL_DEBUG);
+ }
- //* Create new base directory, if it does not exist yet
- if(!is_dir($new_dir)) $app->system->mkdirpath($new_dir);
- //exec('mv '.$data['old']['document_root'].' '.$new_dir);
- $app->system->rename($data['old']['document_root'],$new_dir);
- $app->log('Moving site to new document root: mv '.$data['old']['document_root'].' '.$new_dir,LOGLEVEL_DEBUG);
+ //* Create new base directory, if it does not exist yet
+ if(!is_dir($new_dir)) $app->system->mkdirpath($new_dir);
+ $app->system->web_folder_protection($data['old']['document_root'],false);
+ exec('mv '.escapeshellarg($data['old']['document_root']).' '.escapeshellarg($new_dir));
+ //$app->system->rename($data['old']['document_root'],$new_dir);
+ $app->log('Moving site to new document root: mv '.$data['old']['document_root'].' '.$new_dir,LOGLEVEL_DEBUG);
- // Handle the change in php_open_basedir
- $data['new']['php_open_basedir'] = str_replace($data['old']['document_root'],$data['new']['document_root'],$data['old']['php_open_basedir']);
+ // Handle the change in php_open_basedir
+ $data['new']['php_open_basedir'] = str_replace($data['old']['document_root'],$data['new']['document_root'],$data['old']['php_open_basedir']);
- //* Change the owner of the website files to the new website owner
- exec('chown --recursive --from='.escapeshellcmd($data['old']['system_user']).':'.escapeshellcmd($data['old']['system_group']).' '.escapeshellcmd($data['new']['system_user']).':'.escapeshellcmd($data['new']['system_group']).' '.$new_dir);
+ //* Change the owner of the website files to the new website owner
+ exec('chown --recursive --from='.escapeshellcmd($data['old']['system_user']).':'.escapeshellcmd($data['old']['system_group']).' '.escapeshellcmd($data['new']['system_user']).':'.escapeshellcmd($data['new']['system_group']).' '.$new_dir);
- //* Change the home directory and group of the website user
- $command = 'usermod';
- $command .= ' --home '.escapeshellcmd($data['new']['document_root']);
- $command .= ' --gid '.escapeshellcmd($data['new']['system_group']);
- $command .= ' '.escapeshellcmd($data['new']['system_user']);
- exec($command);
+ //* Change the home directory and group of the website user
+ $command = 'killall -u '.escapeshellcmd($data['new']['system_user']).' ; usermod';
+ $command .= ' --home '.escapeshellcmd($data['new']['document_root']);
+ $command .= ' --gid '.escapeshellcmd($data['new']['system_group']);
+ $command .= ' '.escapeshellcmd($data['new']['system_user']).' 2>/dev/null';
+ exec($command);
+ }
if($nginx_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);
@@ -634,8 +656,8 @@
exec('chown -R '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.$error_page_path);
} // end copy error docs
- // Set the quota for the user
- if($username != '' && $app->system->is_user($username)) {
+ // Set the quota for the user, but only for vhosts, not vhostsubdomains
+ if($username != '' && $app->system->is_user($username) && $data['new']['type'] == 'vhost') {
if($data['new']['hd_quota'] > 0) {
$blocks_soft = $data['new']['hd_quota'] * 1024;
$blocks_hard = $blocks_soft + 1024;
@@ -657,6 +679,9 @@
}
}
+ //* add the nginx user to the client group if this is a vhost and security level is set to high, no matter if this is an insert or update and regardless of set_folder_permissions_on_update
+ if($data['new']['type'] == 'vhost' && $web_config['security_level'] == 20) $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['nginx_user']));
+
//* If the security level is set to high
if(($this->action == 'insert' && $data['new']['type'] == 'vhost') or ($web_config['set_folder_permissions_on_update'] == 'y' && $data['new']['type'] == 'vhost')) {
@@ -684,7 +709,7 @@
if($web_config['add_web_users_to_sshusers_group'] == 'y') {
$command = 'usermod';
$command .= ' --groups sshusers';
- $command .= ' '.escapeshellcmd($data['new']['system_user']);
+ $command .= ' '.escapeshellcmd($data['new']['system_user']).' 2>/dev/null';
$this->_exec($command);
}
@@ -695,13 +720,10 @@
//* add the nginx user to the client group in the chroot environment
$tmp_groupfile = $app->system->server_conf['group_datei'];
$app->system->server_conf['group_datei'] = $web_config['website_basedir'].'/etc/group';
- $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));
+ $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['nginx_user']));
$app->system->server_conf['group_datei'] = $tmp_groupfile;
unset($tmp_groupfile);
}
-
- //* add the nginx user to the client group
- $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['nginx_user']));
//* Chown all default directories
$app->system->chown($data['new']['document_root'],'root');
@@ -810,7 +832,7 @@
if(!is_dir($web_config['website_basedir'].'/conf')) mkdir($web_config['website_basedir'].'/conf');
if(trim($data['new']['custom_php_ini']) != '') {
$has_custom_php_ini = true;
- if(!is_dir($custom_php_ini_dir)) $app->system->mkdir($custom_php_ini_dir);
+ if(!is_dir($custom_php_ini_dir)) $app->system->mkdirpath($custom_php_ini_dir);
$php_ini_content = '';
if($data['new']['php'] == 'mod') {
$master_php_ini_path = $web_config['php_ini_path_apache'];
@@ -965,6 +987,7 @@
// Rewrite rules
$own_rewrite_rules = array();
$rewrite_rules = array();
+ $local_rewrite_rules = array();
if($data['new']['redirect_type'] != '' && $data['new']['redirect_path'] != '') {
if(substr($data['new']['redirect_path'],-1) != '/') $data['new']['redirect_path'] .= '/';
if(substr($data['new']['redirect_path'],0,8) == '[scheme]'){
@@ -994,6 +1017,7 @@
switch($data['new']['subdomain']) {
case 'www':
+ $exclude_own_hostname = '';
if(substr($data['new']['redirect_path'],0,1) == '/'){ // relative path
if($data['new']['redirect_type'] == 'proxy'){
$vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
@@ -1016,6 +1040,7 @@
break;
} else {
$rewrite_exclude = '(?!/\b('.substr($tmp_redirect_path_parts['path'],1).(substr($tmp_redirect_path_parts['path'],1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').')\b)/';
+ $exclude_own_hostname = $tmp_redirect_path_parts['host'];
}
} else {
// external URL
@@ -1024,7 +1049,8 @@
$vhost_data['use_proxy'] = 'y';
$rewrite_subdir = $tmp_redirect_path_parts['path'];
if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
- if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
+ if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
+ if($rewrite_subdir == '/') $rewrite_subdir = '';
}
}
unset($tmp_redirect_path);
@@ -1035,11 +1061,13 @@
'rewrite_target' => $data['new']['redirect_path'],
'rewrite_exclude' => $rewrite_exclude,
'rewrite_subdir' => $rewrite_subdir,
+ 'exclude_own_hostname' => $exclude_own_hostname,
'proxy_directives' => $final_proxy_directives,
'use_rewrite' => ($data['new']['redirect_type'] == 'proxy' ? false:true),
'use_proxy' => ($data['new']['redirect_type'] == 'proxy' ? true:false));
break;
case '*':
+ $exclude_own_hostname = '';
if(substr($data['new']['redirect_path'],0,1) == '/'){ // relative path
if($data['new']['redirect_type'] == 'proxy'){
$vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
@@ -1064,6 +1092,7 @@
break;
} else {
$rewrite_exclude = '(?!/\b('.substr($tmp_redirect_path_parts['path'],1).(substr($tmp_redirect_path_parts['path'],1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').')\b)/';
+ $exclude_own_hostname = $tmp_redirect_path_parts['host'];
}
} else {
// external URL
@@ -1072,7 +1101,8 @@
$vhost_data['use_proxy'] = 'y';
$rewrite_subdir = $tmp_redirect_path_parts['path'];
if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
- if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
+ if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
+ if($rewrite_subdir == '/') $rewrite_subdir = '';
}
}
unset($tmp_redirect_path);
@@ -1083,12 +1113,14 @@
'rewrite_target' => $data['new']['redirect_path'],
'rewrite_exclude' => $rewrite_exclude,
'rewrite_subdir' => $rewrite_subdir,
+ 'exclude_own_hostname' => $exclude_own_hostname,
'proxy_directives' => $final_proxy_directives,
'use_rewrite' => ($data['new']['redirect_type'] == 'proxy' ? false:true),
'use_proxy' => ($data['new']['redirect_type'] == 'proxy' ? true:false));
break;
default:
if(substr($data['new']['redirect_path'],0,1) == '/'){ // relative path
+ $exclude_own_hostname = '';
if($data['new']['redirect_type'] == 'proxy'){
$vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
$vhost_data['web_document_root_www'] .= substr($data['new']['redirect_path'],0,-1);
@@ -1110,6 +1142,7 @@
break;
} else {
$rewrite_exclude = '(?!/\b('.substr($tmp_redirect_path_parts['path'],1).(substr($tmp_redirect_path_parts['path'],1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').')\b)/';
+ $exclude_own_hostname = $tmp_redirect_path_parts['host'];
}
} else {
// external URL
@@ -1118,7 +1151,8 @@
$vhost_data['use_proxy'] = 'y';
$rewrite_subdir = $tmp_redirect_path_parts['path'];
if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
- if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
+ if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
+ if($rewrite_subdir == '/') $rewrite_subdir = '';
}
}
unset($tmp_redirect_path);
@@ -1129,6 +1163,7 @@
'rewrite_target' => $data['new']['redirect_path'],
'rewrite_exclude' => $rewrite_exclude,
'rewrite_subdir' => $rewrite_subdir,
+ 'exclude_own_hostname' => $exclude_own_hostname,
'proxy_directives' => $final_proxy_directives,
'use_rewrite' => ($data['new']['redirect_type'] == 'proxy' ? false:true),
'use_proxy' => ($data['new']['redirect_type'] == 'proxy' ? true:false));
@@ -1185,7 +1220,7 @@
$final_proxy_directives = false;
}
- if($alias['redirect_type'] == '' || $alias['redirect_path'] == '') {
+ if($alias['redirect_type'] == '' || $alias['redirect_path'] == '' || substr($alias['redirect_path'],0,1) == '/') {
switch($alias['subdomain']) {
case 'www':
$server_alias[] = 'www.'.$alias['domain'].' '.$alias['domain'].' ';
@@ -1208,8 +1243,44 @@
}
}
- // Rewriting
- if($alias['redirect_type'] != '' && $alias['redirect_path'] != '') {
+ // Local Rewriting (inside vhost server {} container)
+ if($alias['redirect_type'] != '' && substr($alias['redirect_path'],0,1) == '/' && $alias['redirect_type'] != 'proxy') { // proxy makes no sense with local path
+ if(substr($alias['redirect_path'],-1) != '/') $alias['redirect_path'] .= '/';
+ $rewrite_exclude = '(?!/\b('.substr($alias['redirect_path'],1,-1).(substr($alias['redirect_path'],1,-1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').')\b)/';
+ switch($alias['subdomain']) {
+ case 'www':
+ // example.com
+ $local_rewrite_rules[] = array( 'local_redirect_origin_domain' => $alias['domain'],
+ 'local_redirect_operator' => '=',
+ 'local_redirect_exclude' => $rewrite_exclude,
+ 'local_redirect_target' => $alias['redirect_path'],
+ 'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
+
+ // www.example.com
+ $local_rewrite_rules[] = array( 'local_redirect_origin_domain' => 'www.'.$alias['domain'],
+ 'local_redirect_operator' => '=',
+ 'local_redirect_exclude' => $rewrite_exclude,
+ 'local_redirect_target' => $alias['redirect_path'],
+ 'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
+ break;
+ case '*':
+ $local_rewrite_rules[] = array( 'local_redirect_origin_domain' => '^('.str_replace('.', '\.', $alias['domain']).'|.+\.'.str_replace('.', '\.', $alias['domain']).')$',
+ 'local_redirect_operator' => '~*',
+ 'local_redirect_exclude' => $rewrite_exclude,
+ 'local_redirect_target' => $alias['redirect_path'],
+ 'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
+ break;
+ default:
+ $local_rewrite_rules[] = array( 'local_redirect_origin_domain' => $alias['domain'],
+ 'local_redirect_operator' => '=',
+ 'local_redirect_exclude' => $rewrite_exclude,
+ 'local_redirect_target' => $alias['redirect_path'],
+ 'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
+ }
+ }
+
+ // External Rewriting (extra server {} containers)
+ if($alias['redirect_type'] != '' && $alias['redirect_path'] != '' && substr($alias['redirect_path'],0,1) != '/') {
if(substr($alias['redirect_path'],-1) != '/') $alias['redirect_path'] .= '/';
if(substr($alias['redirect_path'],0,8) == '[scheme]'){
if($alias['redirect_type'] != 'proxy'){
@@ -1221,21 +1292,15 @@
switch($alias['subdomain']) {
case 'www':
- if(substr($alias['redirect_path'],0,1) == '/'){ // relative path
- if($alias['redirect_type'] == 'proxy'){
- $rewrite_subdir = substr($alias['redirect_path'],1);
- if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
- }
- $alias['redirect_path'] = ($alias['redirect_type'] == 'proxy'? 'http' : '$scheme').'://'.($vhost_data['seo_redirect_enabled'] ? $vhost_data['seo_redirect_target_domain'] : $data['new']['domain']).$alias['redirect_path'];
- } else {
- if($alias['redirect_type'] == 'proxy'){
- $tmp_redirect_path = $alias['redirect_path'];
- $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
- $rewrite_subdir = $tmp_redirect_path_parts['path'];
- if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
- if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
- }
+ if($alias['redirect_type'] == 'proxy'){
+ $tmp_redirect_path = $alias['redirect_path'];
+ $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
+ $rewrite_subdir = $tmp_redirect_path_parts['path'];
+ if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
+ if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
+ if($rewrite_subdir == '/') $rewrite_subdir = '';
}
+
if($alias['redirect_type'] != 'proxy'){
if(substr($alias['redirect_path'],-1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'],0,-1);
}
@@ -1255,26 +1320,7 @@
'use_rewrite' => ($alias['redirect_type'] == 'proxy' ? false:true),
'use_proxy' => ($alias['redirect_type'] == 'proxy' ? true:false),
'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));
-
-
- if(substr($alias['redirect_path'],0,1) == '/'){ // relative path
- if($alias['redirect_type'] == 'proxy'){
- $rewrite_subdir = substr($alias['redirect_path'],1);
- if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
- }
- $alias['redirect_path'] = ($alias['redirect_type'] == 'proxy'? 'http' : '$scheme').'://'.($vhost_data['seo_redirect_enabled'] ? $vhost_data['seo_redirect_target_domain'] : $data['new']['domain']).$alias['redirect_path'];
- } else {
- if($alias['redirect_type'] == 'proxy'){
- $tmp_redirect_path = $alias['redirect_path'];
- $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
- $rewrite_subdir = $tmp_redirect_path_parts['path'];
- if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
- if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
- }
- }
- if($alias['redirect_type'] != 'proxy'){
- if(substr($alias['redirect_path'],-1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'],0,-1);
- }
+
// Add SEO redirects for alias domains
$alias_seo_redirects2 = array();
if($alias['seo_redirect'] != ''){
@@ -1293,21 +1339,15 @@
'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));
break;
case '*':
- if(substr($alias['redirect_path'],0,1) == '/'){ // relative path
- if($alias['redirect_type'] == 'proxy'){
- $rewrite_subdir = substr($alias['redirect_path'],1);
- if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
- }
- $alias['redirect_path'] = ($alias['redirect_type'] == 'proxy'? 'http' : '$scheme').'://'.($vhost_data['seo_redirect_enabled'] ? $vhost_data['seo_redirect_target_domain'] : $data['new']['domain']).$alias['redirect_path'];
- } else {
- if($alias['redirect_type'] == 'proxy'){
- $tmp_redirect_path = $alias['redirect_path'];
- $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
- $rewrite_subdir = $tmp_redirect_path_parts['path'];
- if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
- if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
- }
+ if($alias['redirect_type'] == 'proxy'){
+ $tmp_redirect_path = $alias['redirect_path'];
+ $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
+ $rewrite_subdir = $tmp_redirect_path_parts['path'];
+ if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
+ if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
+ if($rewrite_subdir == '/') $rewrite_subdir = '';
}
+
if($alias['redirect_type'] != 'proxy'){
if(substr($alias['redirect_path'],-1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'],0,-1);
}
@@ -1329,21 +1369,15 @@
'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));
break;
default:
- if(substr($alias['redirect_path'],0,1) == '/'){ // relative path
- if($alias['redirect_type'] == 'proxy'){
- $rewrite_subdir = substr($alias['redirect_path'],1);
- if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
- }
- $alias['redirect_path'] = ($alias['redirect_type'] == 'proxy'? 'http' : '$scheme').'://'.($vhost_data['seo_redirect_enabled'] ? $vhost_data['seo_redirect_target_domain'] : $data['new']['domain']).$alias['redirect_path'];
- } else {
- if($alias['redirect_type'] == 'proxy'){
- $tmp_redirect_path = $alias['redirect_path'];
- $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
- $rewrite_subdir = $tmp_redirect_path_parts['path'];
- if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
- if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
- }
+ if($alias['redirect_type'] == 'proxy'){
+ $tmp_redirect_path = $alias['redirect_path'];
+ $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
+ $rewrite_subdir = $tmp_redirect_path_parts['path'];
+ if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
+ if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
+ if($rewrite_subdir == '/') $rewrite_subdir = '';
}
+
if($alias['redirect_type'] != 'proxy'){
if(substr($alias['redirect_path'],-1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'],0,-1);
}
@@ -1394,6 +1428,9 @@
}
if(count($own_rewrite_rules) > 0) {
$tpl->setLoop('own_redirects',$own_rewrite_rules);
+ }
+ if(count($local_rewrite_rules) > 0) {
+ $tpl->setLoop('local_redirects',$local_rewrite_rules);
}
if(count($alias_seo_redirects) > 0) {
$tpl->setLoop('alias_seo_redirects',$alias_seo_redirects);
@@ -1489,7 +1526,8 @@
$nginx_online_status_before_restart = $this->_checkTcp('localhost',80);
$app->log('nginx status is: '.$nginx_online_status_before_restart,LOGLEVEL_DEBUG);
- $app->services->restartService('httpd','restart');
+ $retval = $app->services->restartService('httpd','restart'); // $retval['retval'] is 0 on success and > 0 on failure
+ $app->log('nginx restart return value is: '.$retval['retval'],LOGLEVEL_DEBUG);
// wait a few seconds, before we test the apache status again
sleep(2);
@@ -1497,9 +1535,10 @@
//* Check if nginx restarted successfully if it was online before
$nginx_online_status_after_restart = $this->_checkTcp('localhost',80);
$app->log('nginx online status after restart is: '.$nginx_online_status_after_restart,LOGLEVEL_DEBUG);
- if($nginx_online_status_before_restart && !$nginx_online_status_after_restart) {
- $app->log('nginx did not restart after the configuration change for website '.$data['new']['domain'].' Reverting the configuration. Saved non-working config as '.$vhost_file.'.err',LOGLEVEL_WARN);
+ if($nginx_online_status_before_restart && !$nginx_online_status_after_restart || $retval['retval'] > 0) {
+ $app->log('nginx did not restart after the configuration change for website '.$data['new']['domain'].'. Reverting the configuration. Saved non-working config as '.$vhost_file.'.err',LOGLEVEL_WARN);
$app->system->copy($vhost_file,$vhost_file.'.err');
+ if(is_array($retval['output']) && !empty($retval['output'])) $app->log('Reason for nginx restart failure: '.implode("\n", $retval['output']),LOGLEVEL_WARN);
if(is_file($vhost_file.'~')) {
//* Copy back the last backup file
$app->system->copy($vhost_file.'~',$vhost_file);
@@ -1519,8 +1558,14 @@
//$bundle_file = $ssl_dir.'/'.$domain.'.bundle';
//* Backup the files that might have caused the error
- if(is_file($key_file)) $app->system->copy($key_file,$key_file.'.err');
- if(is_file($key_file2)) $app->system->copy($key_file2,$key_file2.'.err');
+ if(is_file($key_file)){
+ $app->system->copy($key_file,$key_file.'.err');
+ $app->system->chmod($key_file.'.err',0400);
+ }
+ if(is_file($key_file2)){
+ $app->system->copy($key_file2,$key_file2.'.err');
+ $app->system->chmod($key_file2.'.err',0400);
+ }
if(is_file($csr_file)) $app->system->copy($csr_file,$csr_file.'.err');
if(is_file($crt_file)) $app->system->copy($crt_file,$crt_file.'.err');
//if(is_file($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'.err');
@@ -1539,12 +1584,7 @@
}
} else {
//* We do not check the nginx config after changes (is faster)
- if($nginx_chrooted) {
- $app->services->restartServiceDelayed('httpd','reload');
- } else {
- // request a httpd reload when all records have been processed
- $app->services->restartServiceDelayed('httpd','reload');
- }
+ $app->services->restartServiceDelayed('httpd','reload');
}
//* The vhost is written and apache has been restarted, so we
@@ -1581,7 +1621,7 @@
$app->uses('system');
$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
- $app->system->web_folder_protection($data['old']['document_root'],false);
+ if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain') $app->system->web_folder_protection($data['old']['document_root'],false);
//* Check if this is a chrooted setup
if($web_config['website_basedir'] != '' && @is_file($web_config['website_basedir'].'/etc/passwd')) {
@@ -1595,18 +1635,73 @@
$web_folder = '';
if($data['old']['type'] == 'vhostsubdomain') {
$tmp = $app->db->queryOneRecord('SELECT `domain`,`document_root` FROM web_domain WHERE domain_id = '.intval($data['old']['parent_domain_id']));
- $subdomain_host = preg_replace('/^(.*)\.' . preg_quote($tmp['domain'], '/') . '$/', '$1', $data['old']['domain']);
- if($subdomain_host == '') $subdomain_host = 'web'.$data['old']['domain_id'];
- $web_folder = $data['old']['web_folder'];
- $log_folder .= '/' . $subdomain_host;
+ if($tmp['domain'] != ''){
+ $subdomain_host = preg_replace('/^(.*)\.' . preg_quote($tmp['domain'], '/') . '$/', '$1', $data['old']['domain']);
+ } else {
+ // get log folder from /etc/fstab
+ /*
+ $bind_mounts = $app->system->file_get_contents('/etc/fstab');
+ $bind_mount_lines = explode("\n", $bind_mounts);
+ if(is_array($bind_mount_lines) && !empty($bind_mount_lines)){
+ foreach($bind_mount_lines as $bind_mount_line){
+ $bind_mount_line = preg_replace('/\s+/', ' ', $bind_mount_line);
+ $bind_mount_parts = explode(' ', $bind_mount_line);
+ if(is_array($bind_mount_parts) && !empty($bind_mount_parts)){
+ if($bind_mount_parts[0] == '/var/log/ispconfig/httpd/'.$data['old']['domain'] && $bind_mount_parts[2] == 'none' && strpos($bind_mount_parts[3], 'bind') !== false){
+ $subdomain_host = str_replace($data['old']['document_root'].'/log/', '', $bind_mount_parts[1]);
+ }
+ }
+ }
+ }
+ */
+ // we are deleting the parent domain, so we can delete everything in the log directory
+ $subdomain_hosts = array();
+ $files = array_diff(scandir($data['old']['document_root'].'/'.$log_folder), array('.','..'));
+ if(is_array($files) && !empty($files)){
+ foreach($files as $file){
+ if(is_dir($data['old']['document_root'].'/'.$log_folder.'/'.$file)){
+ $subdomain_hosts[] = $file;
+ }
+ }
+ }
+ }
+ if(is_array($subdomain_hosts) && !empty($subdomain_hosts)){
+ $log_folders = array();
+ foreach($subdomain_hosts as $subdomain_host){
+ $log_folders[] = $log_folder.'/'.$subdomain_host;
+ }
+ } else {
+ if($subdomain_host == '') $subdomain_host = 'web'.$data['old']['domain_id'];
+ $log_folder .= '/' . $subdomain_host;
+ }
+ $web_folder = $data['old']['web_folder'];
unset($tmp);
+ unset($subdomain_hosts);
}
- exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
+ if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain'){
+ if(is_array($log_folders) && !empty($log_folders)){
+ foreach($log_folders as $log_folder){
+ //if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
+ exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');
+ }
+ } else {
+ //if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
+ exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');
+ }
+ }
//* remove mountpoint from fstab
- $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.' none bind';
- $app->system->removeLine('/etc/fstab',$fstab_line);
+ if(is_array($log_folders) && !empty($log_folders)){
+ foreach($log_folders as $log_folder){
+ $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.' none bind';
+ $app->system->removeLine('/etc/fstab',$fstab_line);
+ }
+ } else {
+ $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.' none bind';
+ $app->system->removeLine('/etc/fstab',$fstab_line);
+ }
+ unset($log_folders);
if($data['old']['type'] != 'vhost' && $data['old']['type'] != 'vhostsubdomain' && $data['old']['parent_domain_id'] > 0) {
//* This is a alias domain or subdomain, so we have to update the website instead
@@ -1772,11 +1867,11 @@
$vhost_logfile_dir = escapeshellcmd('/var/log/ispconfig/httpd/'.$data['old']['domain']);
if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir,'..')) exec('rm -rf '.$vhost_logfile_dir);
$app->log('Removing website logfile directory: '.$vhost_logfile_dir,LOGLEVEL_DEBUG);
-
+
if($data['old']['type'] == 'vhost') {
//delete the web user
- $command = 'userdel';
- $command .= ' '.$data['old']['system_user'];
+ $command = 'killall -u '.escapeshellcmd($data['old']['system_user']).' ; userdel';
+ $command .= ' '.escapeshellcmd($data['old']['system_user']);
exec($command);
if($nginx_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);
@@ -2286,12 +2381,58 @@
}
}
+ private function nginx_replace($matches){
+ $location = 'location'.($matches[1] != '' ? ' '.$matches[1] : '').' '.$matches[2].' '.$matches[3];
+ if($matches[4] == '##merge##' || $matches[7] == '##merge##') $location .= ' ##merge##';
+ $location .= "\n";
+ $location .= $matches[5]."\n";
+ $location .= $matches[6];
+ return $location;
+ }
+
private function nginx_merge_locations($vhost_conf){
$lines = explode("\n", $vhost_conf);
+ // if whole location block is in one line, split it up into multiple lines
if(is_array($lines) && !empty($lines)){
+ $linecount = sizeof($lines);
+ for($h=0;$h<$linecount;$h++){
+ // remove comments
+ if(substr(trim($lines[$h]),0,1) == '#'){
+ unset($lines[$h]);
+ continue;
+ }
+
+ $lines[$h] = rtrim($lines[$h]);
+ /*
+ if(substr(ltrim($lines[$h]), 0, 8) == 'location' && strpos($lines[$h], '{') !== false && strpos($lines[$h], ';') !== false){
+ $lines[$h] = str_replace("{", "{\n", $lines[$h]);
+ $lines[$h] = str_replace(";", ";\n", $lines[$h]);
+ if(strpos($lines[$h], '##merge##') !== false){
+ $lines[$h] = str_replace('##merge##', '', $lines[$h]);
+ $lines[$h] = substr($lines[$h],0,strpos($lines[$h], '{')).' ##merge##'.substr($lines[$h],strpos($lines[$h], '{')+1);
+ }
+ }
+ if(substr(ltrim($lines[$h]), 0, 8) == 'location' && strpos($lines[$h], '{') !== false && strpos($lines[$h], '}') !== false && strpos($lines[$h], ';') === false){
+ $lines[$h] = str_replace("{", "{\n", $lines[$h]);
+ if(strpos($lines[$h], '##merge##') !== false){
+ $lines[$h] = str_replace('##merge##', '', $lines[$h]);
+ $lines[$h] = substr($lines[$h],0,strpos($lines[$h], '{')).' ##merge##'.substr($lines[$h],strpos($lines[$h], '{')+1);
+ }
+ }
+ */
+ $pattern = '/^[^\S\n]*location[^\S\n]+(?:(.+)[^\S\n]+)?(.+)[^\S\n]*(\{)[^\S\n]*(##merge##)?[^\S\n]*(.+)[^\S\n]*(\})[^\S\n]*(##merge##)?[^\S\n]*$/';
+ $lines[$h] = preg_replace_callback($pattern, array($this, 'nginx_replace') ,$lines[$h]);
+ }
+ }
+ $vhost_conf = implode("\n", $lines);
+ unset($lines);
+ unset($linecount);
+ $lines = explode("\n", $vhost_conf);
+
+ if(is_array($lines) && !empty($lines)){
$locations = array();
$islocation = false;
$linecount = sizeof($lines);
@@ -2360,7 +2501,7 @@
$vhost_conf = implode("\n", $lines);
}
- return $vhost_conf;
+ return trim($vhost_conf);
}
function client_delete($event_name,$data) {
@@ -2374,12 +2515,25 @@
$client_dir = $web_config['website_basedir'].'/clients/client'.$client_id;
if(is_dir($client_dir) && !stristr($client_dir,'..')) {
+ // remove symlinks from $client_dir
+ $files = array_diff(scandir($client_dir), array('.','..'));
+ if(is_array($files) && !empty($files)){
+ foreach($files as $file){
+ if(is_link($client_dir.'/'.$file)){
+ unlink($client_dir.'/'.$file);
+ $app->log('Removed symlink: '.$client_dir.'/'.$file,LOGLEVEL_DEBUG);
+ }
+ }
+ }
+
@rmdir($client_dir);
$app->log('Removed client directory: '.$client_dir,LOGLEVEL_DEBUG);
}
- $this->_exec('groupdel client'.$client_id);
- $app->log('Removed group client'.$client_id,LOGLEVEL_DEBUG);
+ if($app->system->is_group('client'.$client_id)){
+ $this->_exec('groupdel client'.$client_id);
+ $app->log('Removed group client'.$client_id,LOGLEVEL_DEBUG);
+ }
}
}
--
Gitblit v1.9.1