From e1ceb050e19c7574bca146a8da7047ee4ff456b5 Mon Sep 17 00:00:00 2001
From: Marius Burkard <m.burkard@pixcept.de>
Date: Sun, 10 Jul 2016 05:02:35 -0400
Subject: [PATCH] Merge branch 'stable-3.1'

---
 interface/web/sites/web_vhost_domain_edit.php |  107 ++++++++++++++++++++++++++++++++++++++++++++---------
 1 files changed, 88 insertions(+), 19 deletions(-)

diff --git a/interface/web/sites/web_vhost_domain_edit.php b/interface/web/sites/web_vhost_domain_edit.php
index 87e2a29..6f84357 100644
--- a/interface/web/sites/web_vhost_domain_edit.php
+++ b/interface/web/sites/web_vhost_domain_edit.php
@@ -50,6 +50,7 @@
 
 class page_action extends tform_actions {
 	var $_vhostdomain_type = 'domain';
+	var $_letsencrypt_on_insert = false;
 
 	//* Returna a "3/2/1" path hash from a numeric id '123'
 	function id_hash($id, $levels) {
@@ -187,7 +188,7 @@
 				}
 				$server_id = intval(@$this->dataRecord["server_id"]);
 			} else {
-				$server_id = (isset($web_servers[0])) ? intval($web_servers[0]) : 0;
+				$server_id = (isset($web_servers[0])) ? intval($web_servers[0]['server_id']) : 0;
 			}
 			
 			if($app->functions->intval($this->dataRecord["server_id"]) > 0) {
@@ -199,9 +200,9 @@
 				}
 			}
 			
-			//* Fill the IPv4 select field with the IP addresses that are allowed for this client
-			$sql = "SELECT ip_address FROM server_ip WHERE server_id IN ? AND ip_type = 'IPv4' AND (client_id = 0 OR client_id=".$_SESSION['s']['user']['client_id'].")";
-			$ips = $app->db->queryAllRecords($sql, explode(',', $client['web_servers']));
+			//* Fill the IPv4 select field with the IP addresses that are allowed for this client on the current server
+			$sql = "SELECT ip_address FROM server_ip WHERE server_id = ? AND ip_type = 'IPv4' AND (client_id = 0 OR client_id=".$_SESSION['s']['user']['client_id'].")";
+			$ips = $app->db->queryAllRecords($sql, $server_id);
 			$ip_select = ($web_config[$server_id]['enable_ip_wildcard'] == 'y')?"<option value='*'>*</option>":"";
 			//if(!in_array($this->dataRecord["ip_address"], $ips)) $ip_select .= "<option value='".$this->dataRecord["ip_address"]."' SELECTED>".$this->dataRecord["ip_address"]."</option>\r\n";
 			//$ip_select = "";
@@ -216,10 +217,11 @@
 			unset($ips);
 
 			//* Fill the IPv6 select field with the IP addresses that are allowed for this client
-			$sql = "SELECT ip_address FROM server_ip WHERE server_id IN ? AND ip_type = 'IPv6' AND (client_id = 0 OR client_id=?)";
-			$ips = $app->db->queryAllRecords($sql, explode(',', $client['web_servers']), $_SESSION['s']['user']['client_id']);
-			$ip_select = ($web_config[$server_id]['enable_ip_wildcard'] == 'y')?"<option value='*'>*</option>":"";
+			$sql = "SELECT ip_address FROM server_ip WHERE server_id = ? AND ip_type = 'IPv6' AND (client_id = 0 OR client_id=?)";
+			$ips = $app->db->queryAllRecords($sql, $server_id, $_SESSION['s']['user']['client_id']);
+			//$ip_select = ($web_config[$server_id]['enable_ip_wildcard'] == 'y')?"<option value='*'>*</option>":"";
 			//$ip_select = "";
+			$ip_select = "<option value=''></option>";
 			if(is_array($ips)) {
 				foreach( $ips as $ip) {
 					$selected = ($ip["ip_address"] == $this->dataRecord["ipv6_address"])?'SELECTED':'';
@@ -303,6 +305,17 @@
 
 			$app->tpl->setVar("server_id", $options_web_servers);
 			unset($options_web_servers);
+			
+			if($this->id > 0) {
+				if(!isset($this->dataRecord["server_id"])){
+					$tmp = $app->db->queryOneRecord("SELECT server_id FROM web_domain WHERE domain_id = ?", $this->id);
+					$this->dataRecord["server_id"] = $tmp["server_id"];
+					unset($tmp);
+				}
+				$server_id = intval(@$this->dataRecord["server_id"]);
+			} else {
+				$server_id = (isset($web_servers[0])) ? intval($web_servers[0]['server_id']) : 0;
+			}
 
 			if ($settings['use_domain_module'] != 'y') {
 				// Fill the client select field
@@ -333,8 +346,8 @@
 			}
 			
 			//* Fill the IPv4 select field with the IP addresses that are allowed for this client
-			$sql = "SELECT ip_address FROM server_ip WHERE server_id IN ? AND ip_type = 'IPv4' AND (client_id = 0 OR client_id=?)";
-			$ips = $app->db->queryAllRecords($sql, explode(',', $client['web_servers']), $_SESSION['s']['user']['client_id']);
+			$sql = "SELECT ip_address FROM server_ip WHERE server_id = ? AND ip_type = 'IPv4' AND (client_id = 0 OR client_id=?)";
+			$ips = $app->db->queryAllRecords($sql, $server_id, $_SESSION['s']['user']['client_id']);
 			$ip_select = ($web_config[$server_id]['enable_ip_wildcard'] == 'y')?"<option value='*'>*</option>":"";
 			//if(!in_array($this->dataRecord["ip_address"], $ips)) $ip_select .= "<option value='".$this->dataRecord["ip_address"]."' SELECTED>".$this->dataRecord["ip_address"]."</option>\r\n";
 			//$ip_select = "";
@@ -349,8 +362,8 @@
 			unset($ips);
 
 			//* Fill the IPv6 select field with the IP addresses that are allowed for this client
-			$sql = "SELECT ip_address FROM server_ip WHERE server_id IN ? AND ip_type = 'IPv6' AND (client_id = 0 OR client_id=?)";
-			$ips = $app->db->queryAllRecords($sql, $client['web_servers'], $_SESSION['s']['user']['client_id']);
+			$sql = "SELECT ip_address FROM server_ip WHERE server_id = ? AND ip_type = 'IPv6' AND (client_id = 0 OR client_id=?)";
+			$ips = $app->db->queryAllRecords($sql, $server_id, $_SESSION['s']['user']['client_id']);
 			$ip_select = "<option value=''></option>";
 			//$ip_select = "";
 			if(is_array($ips)) {
@@ -757,6 +770,7 @@
 		 * Now we have to check, if we should use the domain-module to select the domain
 		 * or not
 		 */
+		$settings = $app->getconf->get_global_config('domains');
 		if ($settings['use_domain_module'] == 'y') {
 			/*
 			 * The domain-module is in use.
@@ -1021,7 +1035,7 @@
 			if($client['limit_wildcard'] != 'y' && $this->dataRecord['subdomain'] == '*') $this->dataRecord['subdomain'] = 'n';
 			if($client['limit_ssl'] != 'y') $this->dataRecord['ssl'] = 'n';
 			if($client['limit_ssl_letsencrypt'] != 'y') $this->dataRecord['ssl_letsencrypt'] = 'n';
-			if($client['limit_directive_snippets'] != 'y') $this->dataRecord['directive_snippets_id'] = 0
+			if($client['limit_directive_snippets'] != 'y') $this->dataRecord['directive_snippets_id'] = 0;
 
 			// only generate quota and traffic warnings if value has changed
 			if($this->id > 0) {
@@ -1304,8 +1318,51 @@
 			$this->dataRecord['folder_directive_snippets'] = trim($this->dataRecord['folder_directive_snippets']);
 		}
 		
+		// Check custom PHP version
+		if(isset($this->dataRecord['fastcgi_php_version']) && $this->dataRecord['fastcgi_php_version'] != '') {
+			// Check php-fpm mode
+			if($this->dataRecord['php'] == 'php-fpm'){
+				$tmp = $app->db->queryOneRecord("SELECT * FROM server_php WHERE CONCAT(name,':',php_fpm_init_script,':',php_fpm_ini_dir,':',php_fpm_pool_dir) = '".$app->db->quote($this->dataRecord['fastcgi_php_version'])."'");
+				if(is_array($tmp)) {
+					$this->dataRecord['fastcgi_php_version'] = $tmp['name'].':'.$tmp['php_fpm_init_script'].':'.$tmp['php_fpm_ini_dir'].':'.$tmp['php_fpm_pool_dir'];
+				} else {
+					$this->dataRecord['fastcgi_php_version'] = '';
+				}
+				unset($tmp);
+			// Check fast-cgi mode
+			} elseif($this->dataRecord['php'] == 'fast-cgi') {
+				$tmp = $app->db->queryOneRecord("SELECT * FROM server_php WHERE CONCAT(name,':',php_fastcgi_binary,':',php_fastcgi_ini_dir) = '".$app->db->quote($this->dataRecord['fastcgi_php_version'])."'");
+				if(is_array($tmp)) {
+					$this->dataRecord['fastcgi_php_version'] = $tmp['name'].':'.$tmp['php_fastcgi_binary'].':'.$tmp['php_fastcgi_ini_dir'];
+				} else {
+					$this->dataRecord['fastcgi_php_version'] = '';
+				}
+				unset($tmp);
+			} else {
+				// Other PHP modes do not have custom versions, so we force the value to be empty
+				$this->dataRecord['fastcgi_php_version'] = '';
+			}
+		}
+		
 		parent::onSubmit();
 	}
+	
+	function onBeforeInsert() {
+		global $app, $conf;
+		
+		// Letsencrypt can not be activated before the website has been created
+		// So we deactivate it here and add a datalog update in onAfterInsert
+		if(isset($this->dataRecord['ssl_letsencrypt']) && $this->dataRecord['ssl_letsencrypt'] == 'y' && isset($this->dataRecord['ssl']) && $this->dataRecord['ssl'] == 'y') {
+			// Disable letsencrypt and ssl temporarily
+			$this->dataRecord['ssl_letsencrypt'] = 'n';
+			$this->dataRecord['ssl'] = 'n';
+			// Prevent that the datalog history gets written
+			$app->tform->formDef['db_history'] = 'no';
+			// Set variable that we check in onAfterInsert
+			$this->_letsencrypt_on_insert = true;
+		}
+	}
+	
 
 	function onAfterInsert() {
 		global $app, $conf;
@@ -1356,11 +1413,10 @@
 			$php_open_basedir = str_replace("[website_path]", $document_root, $web_config["php_open_basedir"]);
 			$php_open_basedir = str_replace("[website_domain]", $web_rec['domain'], $php_open_basedir);
 			$htaccess_allow_override = $web_config["htaccess_allow_override"];
-			$added_date = date($app->lng('conf_format_dateshort'));
 			$added_by = $_SESSION['s']['user']['username'];
 
-			$sql = "UPDATE web_domain SET system_user = ?, system_group = ?, document_root = ?, allow_override = ?, php_open_basedir = ?, added_date = ?, added_by = ?  WHERE domain_id = ?";
-			$app->db->query($sql, $system_user, $system_group, $document_root, $htaccess_allow_override, $php_open_basedir, $added_date, $added_by, $this->id);
+			$sql = "UPDATE web_domain SET system_user = ?, system_group = ?, document_root = ?, allow_override = ?, php_open_basedir = ?, added_date = CURDATE(), added_by = ?  WHERE domain_id = ?";
+			$app->db->query($sql, $system_user, $system_group, $document_root, $htaccess_allow_override, $php_open_basedir, $added_by, $this->id);
 		} else  {
 			// Set the values for document_root, system_user and system_group
 			$system_user = $this->parent_domain_record['system_user'];
@@ -1371,13 +1427,22 @@
 			$php_open_basedir = str_replace("[website_path]", $document_root, $php_open_basedir);
 			$php_open_basedir = str_replace("[website_domain]", $web_rec['domain'], $php_open_basedir);
 			$htaccess_allow_override = $this->parent_domain_record['allow_override'];
-			$added_date = date($app->lng('conf_format_dateshort'));
 			$added_by = $_SESSION['s']['user']['username'];
 			
-			$sql = "UPDATE web_domain SET sys_groupid = ?, system_user = ?, system_group = ?, document_root = ?, allow_override = ?, php_open_basedir = ?, added_date = ?, added_by = ?  WHERE domain_id = ?";
-			$app->db->query($sql, $this->parent_domain_record['sys_groupid'], $system_user, $system_group, $document_root, $htaccess_allow_override, $php_open_basedir, $added_date, $added_by, $this->id);
+			$sql = "UPDATE web_domain SET sys_groupid = ?, system_user = ?, system_group = ?, document_root = ?, allow_override = ?, php_open_basedir = ?, added_date = CURDATE(), added_by = ?  WHERE domain_id = ?";
+			$app->db->query($sql, $this->parent_domain_record['sys_groupid'], $system_user, $system_group, $document_root, $htaccess_allow_override, $php_open_basedir, $added_by, $this->id);
 		}
 		if(isset($this->dataRecord['folder_directive_snippets'])) $app->db->query("UPDATE web_domain SET folder_directive_snippets = ? WHERE domain_id = ?", $this->dataRecord['folder_directive_snippets'], $this->id);
+		
+		// Add a datalog insert without letsencrypt and then an update with letsencrypt enabled (see also onBeforeInsert)
+		if($this->_letsencrypt_on_insert == true) {
+			$new_data_record = $app->tform->getDataRecord($this->id);
+			$app->tform->datalogSave('INSERT', $this->id, array(), $new_data_record);
+			$new_data_record['ssl_letsencrypt'] = 'y';
+			$new_data_record['ssl'] = 'y';
+			$app->db->datalogUpdate('web_domain', $new_data_record, 'domain_id', $this->id);
+		}
+	
 	}
 
 	function onBeforeUpdate () {
@@ -1400,15 +1465,19 @@
 			} else {
 				//* We do not allow users to change a domain which has been created by the admin
 				$rec = $app->db->queryOneRecord("SELECT sys_perm_group, domain, ip_address, ipv6_address from web_domain WHERE domain_id = ?", $this->id);
-				if(isset($this->dataRecord["domain"]) && $rec['domain'] != $this->dataRecord["domain"] && $app->tform->checkPerm($this->id, 'u')) {
+				if(isset($this->dataRecord["domain"]) && $rec['domain'] != $this->dataRecord["domain"] && !$app->tform->checkPerm($this->id, 'u')) {
 					//* Add a error message and switch back to old server
 					$app->tform->errorMessage .= $app->lng('The Domain can not be changed. Please ask your Administrator if you want to change the domain name.');
 					$this->dataRecord["domain"] = $rec['domain'];
 				}
 				if(isset($this->dataRecord["ip_address"]) && $rec['ip_address'] != $this->dataRecord["ip_address"] && $rec['sys_perm_group'] != 'riud') {
+					//* Add a error message and switch back to old server
+					$app->tform->errorMessage .= $app->lng('The IP can not be changed. Please ask your Administrator if you want to change the IPv4-Address.');
 					$this->dataRecord["ip_address"] = $rec['ip_address'];
 				}
 				if(isset($this->dataRecord["ipv6_address"]) && $rec['ipv6_address'] != $this->dataRecord["ipv6_address"] && $rec['sys_perm_group'] != 'riud') {
+					//* Add a error message and switch back to old server
+					$app->tform->errorMessage .= $app->lng('The IP can not be changed. Please ask your Administrator if you want to change the IPv6-Address.');
 					$this->dataRecord["ipv6_address"] = $rec['ipv6_address'];
 				}
 				unset($rec);

--
Gitblit v1.9.1