maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

fix allowed-phpconfigs check in SubDomains.add() and SubDomains.update()

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2021-10-11 19:26:13 +02:00
parent 5d2f44ecd8
commit 5e281cf486
6 changed files with 23 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
install/lib/class.FroxlorInstall.php
View File

@@ -835,6 +835,8 @@ class FroxlorInstall
$content .= $this->_status_message('red', $this->_lng['install']['db_exists']);
$this->_abort = true;
}
} else {
$content .= $content .= $this->_status_message('green', 'OK');
}
return $content;

8
lib/Froxlor/Api/Commands/SubDomains.php
View File

@@ -262,14 +262,14 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
$phpsid_result['phpsettingid'] = intval($phpsettingid);
}
$allowed_phpconfigs = $this->getUserDetail('allowed_phpconfigs');
$allowed_phpconfigs = $customer['allowed_phpconfigs'];
if (! empty($allowed_phpconfigs)) {
$allowed_phpconfigs = json_decode($allowed_phpconfigs, true);
} else {
$allowed_phpconfigs = [];
}
if (! in_array($phpsid_result['phpsettingid'], $allowed_phpconfigs)) {
\Froxlor\UI\Response::dynamic_error('Trying to use php-config which is not assigned to customer');
\Froxlor\UI\Response::standard_error('notallowedphpconfigused', '', true);
}
// actually insert domain
@@ -626,7 +626,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
// We can't enable let's encrypt for wildcard-domains
if ($iswildcarddomain == '1' && $letsencrypt == '1') {
\Froxlor\UI\Response::standard_error('nowildcardwithletsencrypt');
\Froxlor\UI\Response::standard_error('nowildcardwithletsencrypt', '', true);
}
// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
@@ -655,7 +655,7 @@ class SubDomains extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resourc
$allowed_phpconfigs = [];
}
if (! in_array($phpsettingid, $allowed_phpconfigs)) {
\Froxlor\UI\Response::dynamic_error('Trying to use php-config which is not assigned to customer');
\Froxlor\UI\Response::standard_error('notallowedphpconfigused', '', true);
}
// handle redirect

2
lib/Froxlor/Database/Manager/DbManagerMySQL.php
View File

@@ -60,7 +60,7 @@ class DbManagerMySQL
*/
public function createDatabase($dbname = null)
{
Database::query("CREATE DATABASE `" . Database::quote($dbname) . "`");
Database::query("CREATE DATABASE `" . $dbname . "`");
}
/**

1
lng/english.lng.php
View File

@@ -2131,3 +2131,4 @@ $lng['serversettings']['froxlorusergroup']['description'] = 'Usage of libnss-ext
$lng['error']['local_group_exists'] = 'The given group already exists on the system.';
$lng['error']['local_group_invalid'] = 'The given group name is invalid';
$lng['error']['invaliddnsforletsencrypt'] = 'The domains DNS does not include any of the chosen IP addresses. Let\'s Encrypt certificate generation not possible.';
$lng['error']['notallowedphpconfigused'] = 'Trying to use php-config which is not assigned to customer';

1
lng/german.lng.php
View File

@@ -1777,3 +1777,4 @@ $lng['serversettings']['froxlorusergroup']['description'] = 'Voraussetzung hierf
$lng['error']['local_group_exists'] = 'Die angegebene Gruppe existiert bereits auf dem System';
$lng['error']['local_group_invalid'] = 'Der angegebene Gruppen-Name ist nicht gültig';
$lng['error']['invaliddnsforletsencrypt'] = 'Die DNS-Einträge der Domain enhalten keine der gewählten IP Adressen. Let\'s Encrypt Zertifikats-Erstellung ist nicht möglich.';
$lng['error']['notallowedphpconfigused'] = 'Nutzung einer PHP-Konfiguration welche nicht dem Kunden zugeordnet ist';

17
tests/bootstrap.php
View File

@@ -43,14 +43,25 @@ require dirname(__DIR__) . '/lib/tables.inc.php';
use Froxlor\Database\Database;
use Froxlor\Settings;
Database::needRoot(true);
if (TRAVIS_CI == 0) {
Database::needRoot(true);
Database::query("DROP DATABASE IF EXISTS `froxlor010`;");
Database::query("CREATE DATABASE `froxlor010`;");
exec("mysql -u root -p" . $rpwd . " froxlor010 < " . dirname(__DIR__) . "/install/froxlor.sql");
Database::query("DROP USER IF EXISTS 'test1sql1'@'localhost';");
Database::query("DROP USER IF EXISTS 'test1sql1'@'127.0.0.1';");
Database::query("DROP USER IF EXISTS 'test1sql1'@'172.17.0.1';");
Database::query("DROP USER IF EXISTS 'test1sql1'@'82.149.225.46';");
Database::query("DROP USER IF EXISTS 'test1sql1'@'2a01:440:1:12:82:149:225:46';");
Database::query("DROP USER IF EXISTS 'test1_abc123'@'localhost';");
Database::query("DROP USER IF EXISTS 'test1_abc123'@'127.0.0.1';");
Database::query("DROP USER IF EXISTS 'test1_abc123'@'172.17.0.1';");
Database::query("DROP USER IF EXISTS 'test1_abc123'@'82.149.225.46';");
Database::query("DROP USER IF EXISTS 'test1_abc123'@'2a01:440:1:12:82:149:225:46';");
Database::query("DROP DATABASE IF EXISTS `test1sql1`;");
Database::query("DROP DATABASE IF EXISTS `test1_abc123`;");
Database::needRoot(false);
}
Database::query("DROP DATABASE IF EXISTS `test1sql1`;");
Database::needRoot(false);
// clear all tables
Database::query("TRUNCATE TABLE `" . TABLE_PANEL_CUSTOMERS . "`;");