maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

validate allowed php configurations to be none-empty if php is enabled for the customer

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2023-07-28 14:51:35 +02:00
parent 20aa162fcc
commit 52a06bf806
3 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
lib/Froxlor/Api/Commands/Customers.php
View File

@@ -424,6 +424,10 @@ class Customers extends ApiCommand implements ResourceEntity
} }
$allowed_phpconfigs = array_map('intval', $allowed_phpconfigs); $allowed_phpconfigs = array_map('intval', $allowed_phpconfigs);
if (empty($allowed_phpconfigs) && $phpenabled == 1) {
Response::standardError('customerphpenabledbutnoconfig', '', true);
}
$allowed_mysqlserver = array(); $allowed_mysqlserver = array();
if (! empty($p_allowed_mysqlserver) && is_array($p_allowed_mysqlserver)) { if (! empty($p_allowed_mysqlserver) && is_array($p_allowed_mysqlserver)) {
foreach ($p_allowed_mysqlserver as $allowed_ms) { foreach ($p_allowed_mysqlserver as $allowed_ms) {
@@ -1163,6 +1167,9 @@ class Customers extends ApiCommand implements ResourceEntity
if (!empty($allowed_phpconfigs)) { if (!empty($allowed_phpconfigs)) {
$allowed_phpconfigs = array_map('intval', $allowed_phpconfigs); $allowed_phpconfigs = array_map('intval', $allowed_phpconfigs);
} }
if (empty($allowed_phpconfigs) && $phpenabled == 1) {
Response::standardError('customerphpenabledbutnoconfig', '', true);
}
// add permission for allowed mysql usage if customer was not allowed to use mysql prior // add permission for allowed mysql usage if customer was not allowed to use mysql prior
if ($result['mysqls'] == 0 && ($mysqls == -1 || $mysqls > 0)) { if ($result['mysqls'] == 0 && ($mysqls == -1 || $mysqls > 0)) {

1
lng/de.lng.php
View File

@@ -938,6 +938,7 @@ return [
'gnupgextensionnotavailable' => 'Die PHP GnuPG Extension ist nicht verfügbar. PGP Schlüssel können nicht validiert werden.', 'gnupgextensionnotavailable' => 'Die PHP GnuPG Extension ist nicht verfügbar. PGP Schlüssel können nicht validiert werden.',
'invalidpgppublickey' => 'Der angegebene PGP Public Key ist ungültig', 'invalidpgppublickey' => 'Der angegebene PGP Public Key ist ungültig',
'invalid_validtime' => 'Wert der valid_time in Sekunden muss zwischen 10 und 120 liegen.', 'invalid_validtime' => 'Wert der valid_time in Sekunden muss zwischen 10 und 120 liegen.',
'customerphpenabledbutnoconfig' => 'Kunde hat PHP aktiviert aber keine PHP-Konfiguration wurde gewählt.',
], ],
'extras' => [ 'extras' => [
'description' => 'Hier können Sie zusätzliche Extras einrichten, wie zum Beispiel einen Verzeichnisschutz.<br />Die Änderungen sind erst nach einer kurzen Zeit wirksam.', 'description' => 'Hier können Sie zusätzliche Extras einrichten, wie zum Beispiel einen Verzeichnisschutz.<br />Die Änderungen sind erst nach einer kurzen Zeit wirksam.',

1
lng/en.lng.php
View File

@@ -1009,6 +1009,7 @@ return [
'gnupgextensionnotavailable' => 'The PHP GnuPG extension is not available. Unable to validate PGP Public Key', 'gnupgextensionnotavailable' => 'The PHP GnuPG extension is not available. Unable to validate PGP Public Key',
'invalidpgppublickey' => 'The PGP Public Key is not valid', 'invalidpgppublickey' => 'The PGP Public Key is not valid',
'invalid_validtime' => 'Valid time in seconds can only be between 10 and 120', 'invalid_validtime' => 'Valid time in seconds can only be between 10 and 120',
'customerphpenabledbutnoconfig' => 'Customer has PHP activated but no PHP-configuration was selected.',
], ],
'extras' => [ 'extras' => [
'description' => 'Here you can add some extras, for example directory protection.<br />The system will need some time to apply the new settings after every change.', 'description' => 'Here you can add some extras, for example directory protection.<br />The system will need some time to apply the new settings after every change.',