From d3dd34bb7fdaee52eef5184ad8b5d09e3d9ec5be Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Tue, 20 Sep 2011 07:44:36 -0400
Subject: [PATCH] Disabled the "Server Type" drop-down menu under Server Config > Web.

---
 server/plugins-available/nginx_plugin.inc.php |    7 ++++---
 1 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/server/plugins-available/nginx_plugin.inc.php b/server/plugins-available/nginx_plugin.inc.php
index 24b83b2..0b31c6d 100644
--- a/server/plugins-available/nginx_plugin.inc.php
+++ b/server/plugins-available/nginx_plugin.inc.php
@@ -680,6 +680,7 @@
 		$rewrite_rules = array();
 		if($data['new']['redirect_type'] != '') {
 			if(substr($data['new']['redirect_path'],-1) != '/') $data['new']['redirect_path'] .= '/';
+			if(substr($data['new']['redirect_path'],0,8) == '[scheme]') $data['new']['redirect_path'] = '$scheme'.substr($data['new']['redirect_path'],8);
 			/* Disabled path extension
 			if($data['new']['redirect_type'] == 'no' && substr($data['new']['redirect_path'],0,4) != 'http') {
 				$data['new']['redirect_path'] = $data['new']['document_root'].'/web'.realpath($data['new']['redirect_path']).'/';
@@ -1100,7 +1101,7 @@
 			$tpl->setVar('fpm_port', $web_config['php_fpm_start_port'] + $data['new']['domain_id']);
 			$tpl->setVar('fpm_user', $data['new']['system_user']);
 			$tpl->setVar('fpm_group', $data['new']['system_group']);
-			$php_open_basedir = ($data['new']['php_open_basedir'] == '')?$data['new']['document_root']:$data['new']['php_open_basedir'];
+			$php_open_basedir = ($data['new']['php_open_basedir'] == '')?escapeshellcmd($data['new']['document_root']):escapeshellcmd($data['new']['php_open_basedir']);
 			$tpl->setVar('php_open_basedir', $php_open_basedir);
 			if($php_open_basedir != ''){
 				$tpl->setVar('enable_php_open_basedir', '');
@@ -1120,8 +1121,8 @@
 					foreach($ini_settings as $ini_setting){
 							list($key, $value) = explode('=', $ini_setting);
 							if($value){
-								$value = trim($value);
-								$key = trim($key);
+								$value = escapeshellcmd(trim($value));
+								$key = escapeshellcmd(trim($key));
 								switch (strtolower($value)) {
 									case 'on':
 									case 'off':

--
Gitblit v1.9.1