From b36d50e4a4087c4740e81680190b7dcab92665a6 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Wed, 05 Aug 2009 06:14:11 -0400
Subject: [PATCH] Fixed bug in firewall.

---
 server/plugins-available/apache2_plugin.inc.php |   29 +++++++++++++----------------
 1 files changed, 13 insertions(+), 16 deletions(-)

diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index bfdc6bf..1a962ec 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -261,7 +261,7 @@
 					// Remove trailing slash
 					if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1);
 					// create the symlinks, if not exist
-					if(!is_link($tmp_symlink)) {
+					if(is_link($tmp_symlink)) {
 						exec("rm -f ".escapeshellcmd($tmp_symlink));
 						$app->log("Removed Symlink: rm -f ".$tmp_symlink,LOGLEVEL_DEBUG);
 					}
@@ -473,30 +473,25 @@
 		if($web_config['security_level'] == 20) {
 			
 			exec("chmod 711 ".escapeshellcmd($data["new"]["document_root"]."/"));
-			exec("chmod 711 ".escapeshellcmd($data["new"]["document_root"]."/*"));
+			exec("chmod 711 ".escapeshellcmd($data["new"]["document_root"])."/*");
 			exec("chmod 710 ".escapeshellcmd($data["new"]["document_root"]."/web"));
 			
-			//* Change the home directory and group of the website user
+			// make temp direcory writable for the apache user and the website user
+			exec("chmod 777 ".escapeshellcmd($data["new"]["document_root"]."/tmp"));
+			
 			$command = 'usermod';
-			$command .= ' --groups sshusers,'.escapeshellcmd($web_config['group']);
+			$command .= ' --groups sshusers';
 			$command .= ' '.escapeshellcmd($data["new"]["system_user"]);
 			exec($command);
-			$app->log("Modifying user: $command",LOGLEVEL_DEBUG);
-		
-			// make temp direcory writable for the apache user and the website user
-			// exec("chmod 777 ".escapeshellcmd($data["new"]["document_root"]."/tmp"));
+			
+			//* add the apache user to the client group
+			$app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));
+			
 		// If the security Level is set to medium
 		} else {
 		
 			exec("chmod 755 ".escapeshellcmd($data["new"]["document_root"]."/"));
 			exec("chmod 755 ".escapeshellcmd($data["new"]["document_root"]."/*"));
-			
-			//* Change the home directory and group of the website user
-			$command = 'usermod';
-			$command .= ' --groups sshusers ';
-			$command .= ' '.escapeshellcmd($data["new"]["system_user"]);
-			exec($command);
-			$app->log("Modifying user: $command",LOGLEVEL_DEBUG);
 		
 			// make temp direcory writable for the apache user and the website user
 			exec("chmod 777 ".escapeshellcmd($data["new"]["document_root"]."/tmp"));
@@ -663,6 +658,7 @@
 			$fcgi_tpl->setVar('php_fcgi_children',$fastcgi_config["fastcgi_children"]);
 			$fcgi_tpl->setVar('php_fcgi_max_requests',$fastcgi_config["fastcgi_max_requests"]);
 			$fcgi_tpl->setVar('php_fcgi_bin',$fastcgi_config["fastcgi_bin"]);
+			$fcgi_tpl->setVar('security_level',$web_config["security_level"]);
 				
 			$fcgi_starter_script = escapeshellcmd($fastcgi_starter_path.$fastcgi_config["fastcgi_starter_script"]);
 			file_put_contents($fcgi_starter_script,$fcgi_tpl->grab());
@@ -714,6 +710,7 @@
 			// This will NOT work!
 			//$cgi_tpl->setVar('open_basedir', "/var/www/" . $data["new"]["domain"]);
 			$cgi_tpl->setVar('php_cgi_bin',$cgi_config["cgi_bin"]);
+			$cgi_tpl->setVar('security_level',$web_config["security_level"]);
 
 			$cgi_starter_script = escapeshellcmd($cgi_starter_path.$cgi_config["cgi_starter_script"]);
 			file_put_contents($cgi_starter_script,$cgi_tpl->grab());
@@ -759,7 +756,7 @@
 		}
 		
 		//* Create .htaccess and .htpasswd file for website statistics
-		if(!is_file($data["new"]["document_root"].'/web/stats/.htaccess')) {
+		if(!is_file($data["new"]["document_root"].'/web/stats/.htaccess') or $data["old"]["document_root"] != $data["new"]["document_root"]) {
 			if(!is_dir($data["new"]["document_root"].'/web/stats')) mkdir($data["new"]["document_root"].'/web/stats');
 			$ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$data["new"]["document_root"]."/.htpasswd_stats\n<limit GET PUT POST>\nrequire valid-user\n</limit>";
 			file_put_contents($data["new"]["document_root"].'/web/stats/.htaccess',$ht_file);

--
Gitblit v1.9.1