From aee9e3aebd69a914cbedeb2f4ddfdc2a00c5fd53 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Thu, 29 Sep 2011 11:17:30 -0400
Subject: [PATCH] Started branch for 3.0.4

---
 server/plugins-available/apache2_plugin.inc.php |  194 +++++++++++++++++++++++++++++++++++++++++-------
 1 files changed, 165 insertions(+), 29 deletions(-)

diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index f340684..2e14ab0 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -82,6 +82,7 @@
 		$app->plugins->registerEvent('web_folder_user_update',$this->plugin_name,'web_folder_user');
 		$app->plugins->registerEvent('web_folder_user_delete',$this->plugin_name,'web_folder_user');
 		
+		$app->plugins->registerEvent('web_folder_update',$this->plugin_name,'web_folder_update');
 		$app->plugins->registerEvent('web_folder_delete',$this->plugin_name,'web_folder_delete');
 		
 	}
@@ -287,6 +288,23 @@
 		if($data['new']['system_user'] == 'root' or $data['new']['system_group'] == 'root') {
 			$app->log('Websites cannot be owned by the root user or group.',LOGLEVEL_WARN);
 			return 0;
+		}
+		
+		// Create group and user, if not exist
+		$app->uses('system');
+
+		$groupname = escapeshellcmd($data['new']['system_group']);
+		if($data['new']['system_group'] != '' && !$app->system->is_group($data['new']['system_group'])) {
+			exec('groupadd '.$groupname);
+			if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' groupadd '.$groupname);
+			$app->log('Adding the group: '.$groupname,LOGLEVEL_DEBUG);
+		}
+
+		$username = escapeshellcmd($data['new']['system_user']);
+		if($data['new']['system_user'] != '' && !$app->system->is_user($data['new']['system_user'])) {
+			exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname -G sshusers $username -s /bin/false");
+			if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname -G sshusers $username -s /bin/false");
+			$app->log('Adding the user: '.$username,LOGLEVEL_DEBUG);
 		}
 
 		//* If the client of the site has been changed, we have a change of the document root
@@ -510,23 +528,6 @@
 			exec('chown -R '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.$error_page_path);
 		}  // end copy error docs
 
-		// Create group and user, if not exist
-		$app->uses('system');
-
-		$groupname = escapeshellcmd($data['new']['system_group']);
-		if($data['new']['system_group'] != '' && !$app->system->is_group($data['new']['system_group'])) {
-			exec('groupadd '.$groupname);
-			if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' groupadd '.$groupname);
-			$app->log('Adding the group: '.$groupname,LOGLEVEL_DEBUG);
-		}
-
-		$username = escapeshellcmd($data['new']['system_user']);
-		if($data['new']['system_user'] != '' && !$app->system->is_user($data['new']['system_user'])) {
-			exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname -G sshusers $username -s /bin/false");
-			if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname -G sshusers $username -s /bin/false");
-			$app->log('Adding the user: '.$username,LOGLEVEL_DEBUG);
-		}
-
 		// Set the quota for the user
 		if($username != '' && $app->system->is_user($username)) {
 			if($data['new']['hd_quota'] > 0) {
@@ -650,6 +651,7 @@
 		$tpl->newTemplate('vhost.conf.master');
 
 		$vhost_data = $data['new'];
+		//unset($vhost_data['ip_address']);
 		$vhost_data['web_document_root'] = $data['new']['document_root'].'/web';
 		$vhost_data['web_document_root_www'] = $web_config['website_basedir'].'/'.$data['new']['domain'].'/web';
 		$vhost_data['web_basedir'] = $web_config['website_basedir'];
@@ -667,6 +669,7 @@
 		$crt_file = $ssl_dir.'/'.$domain.'.crt';
 		$bundle_file = $ssl_dir.'/'.$domain.'.bundle';
 
+		/*
 		if($domain!='' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0)  && (@filesize($key_file)>0)) {
 			$vhost_data['ssl_enabled'] = 1;
 			$app->log('Enable SSL for: '.$domain,LOGLEVEL_DEBUG);
@@ -674,6 +677,7 @@
 			$vhost_data['ssl_enabled'] = 0;
 			$app->log('SSL Disabled. '.$domain,LOGLEVEL_DEBUG);
 		}
+		*/
 
 		if(@is_file($bundle_file)) $vhost_data['has_bundle_cert'] = 1;
 
@@ -950,6 +954,32 @@
 		//* Make a backup copy of vhost file
 		if(file_exists($vhost_file)) copy($vhost_file,$vhost_file.'~');
 		
+		//* create empty vhost array
+		$vhosts = array();
+		
+		//* Add vhost for ipv4 IP
+		$vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 0, 'port' => 80 );
+		
+		//* Add vhost for ipv4 IP with SSL
+		if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0)  && (@filesize($key_file)>0)) {
+			$vhosts[] = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 1, 'port' => '443' );
+			$app->log('Enable SSL for: '.$domain,LOGLEVEL_DEBUG);
+		}
+		
+		//* Add vhost for IPv6 IP
+		if($data['new']['ipv6_address'] != '') {
+			$vhosts[] = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 0, 'port' => 80 );
+		
+			//* Add vhost for ipv6 IP with SSL
+			if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0)  && (@filesize($key_file)>0)) {
+				$vhosts[] = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 1, 'port' => '443' );
+				$app->log('Enable SSL for IPv6: '.$domain,LOGLEVEL_DEBUG);
+			}
+		}
+		
+		//* Set the vhost loop
+		$tpl->setLoop('vhosts',$vhosts);
+		
 		//* Write vhost file
 		file_put_contents($vhost_file,$tpl->grab());
 		$app->log('Writing the vhost file: '.$vhost_file,LOGLEVEL_DEBUG);
@@ -1180,9 +1210,30 @@
 		$tpl = new tpl();
 		$tpl->newTemplate('apache_ispconfig.conf.master');
 		$records = $app->db->queryAllRecords('SELECT * FROM server_ip WHERE server_id = '.$conf['server_id']." AND virtualhost = 'y'");
-
-		if(count($records) > 0) {
-			$tpl->setLoop('ip_adresses',$records);
+		
+		$records_out= array();
+		if(is_array($records)) {
+			foreach($records as $rec) {
+				if($rec['ip_type'] == 'IPv6') {
+					$ip_address = '['.$rec['ip_address'].']';
+				} else {
+					$ip_address = $rec['ip_address'];
+				}
+				$ports = explode(',',$rec['virtualhost_port']);
+				if(is_array($ports)) {
+					foreach($ports as $port) {
+						$port = intval($port);
+						if($port > 0 && $port < 65536 && $ip_address != '') {
+							$records_out[] = array('ip_address' => $ip_address, 'port' => $port);
+						}
+					}
+				}
+			}
+		}
+		
+		
+		if(count($records_out) > 0) {
+			$tpl->setLoop('ip_adresses',$records_out);
 		}
 
 		$vhost_file = escapeshellcmd($web_config['vhost_conf_dir'].'/ispconfig.conf');
@@ -1195,7 +1246,7 @@
 	//* Create or update the .htaccess folder protection
 	function web_folder_user($event_name,$data) {
 		global $app, $conf;
-		
+
 		$app->uses('system');
 		
 		if($event_name == 'web_folder_user_delete') {
@@ -1213,17 +1264,19 @@
 		}
 		
 		//* Get the folder path.
-		$folder_path = realpath($website['document_root'].'/web/'.$folder['path']);
+		if(substr($folder['path'],0,1) == '/') $folder['path'] = substr($folder['path'],1);
+		if(substr($folder['path'],-1) == '/') $folder['path'] = substr($folder['path'],0,-1);
+		$folder_path = escapeshellcmd($website['document_root'].'/web/'.$folder['path']);
 		if(substr($folder_path,-1 != '/')) $folder_path .= '/';
 		
 		//* Check if the resulting path is inside the docroot
-		if(substr($folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
-			$app->log('Folder path is outside of docroot.',LOGLEVEL_DEBUG);
+		if(stristr($folder_path,'..') || stristr($folder_path,'./') || stristr($folder_path,'\\')) {
+			$app->log('Folder path "'.$folder_path.'" contains .. or ./.',LOGLEVEL_DEBUG);
 			return false;
 		}
 		
 		//* Create the folder path, if it does not exist
-		if(!is_dir($folder_path)) exec('mkdir -p '.escapehsellarg($folder_path));
+		if(!is_dir($folder_path)) exec('mkdir -p '.$folder_path);
 		
 		//* Create empty .htpasswd file, if it does not exist
 		if(!is_file($folder_path.'.htpasswd')) {
@@ -1232,13 +1285,20 @@
 			$app->log('Created file'.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
 		}
 		
+		if($data['new']['username'] != $data['old']['username'] || $data['new']['active'] == 'n') {
+			$app->system->removeLine($folder_path.'.htpasswd',$data['old']['username'].':');
+			$app->log('Removed user: '.$data['old']['username'],LOGLEVEL_DEBUG);
+		}
+		
 		//* Add or remove the user from .htpasswd file
 		if($event_name == 'web_folder_user_delete') {
-			$app->system->removeLine($folder_path.'.htpasswd',$data['new']['username'].':');
-			$app->log('Removed user: '.$data['new']['username'],LOGLEVEL_DEBUG);
+			$app->system->removeLine($folder_path.'.htpasswd',$data['old']['username'].':');
+			$app->log('Removed user: '.$data['old']['username'],LOGLEVEL_DEBUG);
 		} else {
-			$app->system->replaceLine($folder_path.'.htpasswd',$data['new']['username'].':',$data['new']['username'].':'.$data['new']['password'],0,1);
-			$app->log('Added or updated user: '.$data['new']['username'],LOGLEVEL_DEBUG);
+			if($data['new']['active'] == 'y') {
+				$app->system->replaceLine($folder_path.'.htpasswd',$data['new']['username'].':',$data['new']['username'].':'.$data['new']['password'],0,1);
+				$app->log('Added or updated user: '.$data['new']['username'],LOGLEVEL_DEBUG);
+			}
 		}
 		
 		//* Create the .htaccess file
@@ -1285,6 +1345,79 @@
 		if(is_file($folder_path.'.htaccess')) {
 			unlink($folder_path.'.htaccess');
 			$app->log('Removed file'.$folder_path.'.htaccess',LOGLEVEL_DEBUG);
+		}
+	}
+	
+	//* Update folder protection, when path has been changed
+	function web_folder_update($event_name,$data) {
+		global $app, $conf;
+		
+		$website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($data['new']['parent_domain_id']));
+	
+		if(!is_array($website)) {
+			$app->log('Not able to retrieve folder or website record.',LOGLEVEL_DEBUG);
+			return false;
+		}
+		
+		//* Get the folder path.
+		$old_folder_path = realpath($website['document_root'].'/web/'.$data['old']['path']);
+		if(substr($old_folder_path,-1 != '/')) $old_folder_path .= '/';
+			
+		$new_folder_path = escapeshellcmd($website['document_root'].'/web/'.$data['new']['path']);
+		if(substr($new_folder_path,-1 != '/')) $new_folder_path .= '/';
+		
+		//* Check if the resulting path is inside the docroot
+		if(stristr($new_folder_path,'..') || stristr($new_folder_path,'./') || stristr($new_folder_path,'\\')) {
+			$app->log('Folder path "'.$new_folder_path.'" contains .. or ./.',LOGLEVEL_DEBUG);
+			return false;
+		}
+		if(stristr($old_folder_path,'..') || stristr($old_folder_path,'./') || stristr($old_folder_path,'\\')) {
+			$app->log('Folder path "'.$old_folder_path.'" contains .. or ./.',LOGLEVEL_DEBUG);
+			return false;
+		}
+		
+		//* Check if the resulting path is inside the docroot
+		if(substr($old_folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
+			$app->log('Old folder path '.$old_folder_path.' is outside of docroot.',LOGLEVEL_DEBUG);
+			return false;
+		}
+		if(substr($new_folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
+			$app->log('New folder path '.$new_folder_path.' is outside of docroot.',LOGLEVEL_DEBUG);
+			return false;
+		}
+			
+		//* Create the folder path, if it does not exist
+		if(!is_dir($new_folder_path)) exec('mkdir -p '.$new_folder_path);
+		
+		if($data['old']['path'] != $data['new']['path']) {
+
+		
+			//* move .htpasswd file
+			if(is_file($old_folder_path.'.htpasswd')) {
+				rename($old_folder_path.'.htpasswd',$new_folder_path.'.htpasswd');
+				$app->log('Moved file'.$new_folder_path.'.htpasswd',LOGLEVEL_DEBUG);
+			}
+			
+			//* move .htpasswd file
+			if(is_file($old_folder_path.'.htaccess')) {
+				rename($old_folder_path.'.htaccess',$new_folder_path.'.htaccess');
+				$app->log('Moved file'.$new_folder_path.'.htaccess',LOGLEVEL_DEBUG);
+			}
+		
+		}
+		
+		//* Create the .htaccess file
+		if($data['new']['active'] == 'y' && !is_file($new_folder_path.'.htaccess')) {
+			$ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$folder_path.".htpasswd\nrequire valid-user";
+			file_put_contents($new_folder_path.'.htaccess',$ht_file);
+			chmod($new_folder_path.'.htpasswd',0755);
+			$app->log('Created file'.$new_folder_path.'.htaccess',LOGLEVEL_DEBUG);
+		}
+		
+		//* Remove .htaccess file
+		if($data['new']['active'] == 'n' && is_file($new_folder_path.'.htaccess')) {
+			unlink($new_folder_path.'.htaccess');
+			$app->log('Removed file'.$new_folder_path.'.htaccess',LOGLEVEL_DEBUG);
 		}
 		
 		
@@ -1565,6 +1698,9 @@
 			file_put_contents($awstats_conf_dir.'/awstats.'.$data['new']['domain'].'.conf',$content);
 			$app->log('Created AWStats config file: '.$awstats_conf_dir.'/awstats.'.$data['new']['domain'].'.conf',LOGLEVEL_DEBUG);
 		}
+		
+		unlink($data['new']['document_root']."/web/stats/index.html");
+		copy("/usr/local/ispconfig/server/conf/awstats_index.php.master",$data['new']['document_root']."/web/stats/index.php");
 	}
 	
 	//* Delete the awstats configuration file

--
Gitblit v1.9.1