- implemented 'Create vHost-Container' and 'Own vHost-Settings' for lighttpd

- implemented Froxlor-directory protection (apache and lighttpd), fixes #72
- enable `vhostcontainer` and `vhostcontainer_servername_statement` by default

install/install.php

@@ -602,8 +602,11 @@ if(isset($_POST['installstep'])
 
 	// and lets insert the default ip and port
 
-	$query = 'INSERT INTO `%s`  SET `ip`   = \'%s\',  `port` = \'80\' ';
+	$query = "INSERT INTO `".TABLE_PANEL_IPSANDPORTS."` 
-	$query = sprintf($query, TABLE_PANEL_IPSANDPORTS, $db->escape($serverip));
+			 SET `ip`= '".$db->escape($serverip)."', 
+			 `port` = '80', 
+			 `vhostcontainer` = '1', 
+			 `vhostcontainer_servername_statement` = '1'";
 	$db->query($query);
 	$defaultip = $db->insert_id();
 

scripts/jobs/cron_tasks.inc.http.10.apache.php

@@ -121,11 +121,33 @@ class apache
 			{
 				$this->virtualhosts_data[$vhosts_filename].= '<VirtualHost ' . $ipport . '>' . "\n";
 
+				/**
+				 * add 'real'-vhost content here, like doc-root :)
+				 */
+				$mypath = makeCorrectDir(dirname(dirname(dirname(__FILE__))));
+				$this->virtualhosts_data[$vhosts_filename].= 'DocumentRoot "'.$mypath.'"'."\n";
+				
 				if($row_ipsandports['vhostcontainer_servername_statement'] == '1')
 				{
 					$this->virtualhosts_data[$vhosts_filename].= ' ServerName ' . $this->settings['system']['hostname'] . "\n";
 				}
 
+				/**
+				 * dirprotection, see #72
+				 */
+				$this->virtualhosts_data[$vhosts_filename].= "\t<Directory \"'.$mypath.'(images|packages|templates)\">\n";
+				$this->virtualhosts_data[$vhosts_filename].= "\t\tAllow from all\n";
+				$this->virtualhosts_data[$vhosts_filename].= "\t\tOptions -Indexes\n";
+				$this->virtualhosts_data[$vhosts_filename].= "\t</Directory>\n";
+				
+				$this->virtualhosts_data[$vhosts_filename].= "\t<Directory \"'.$mypath.'*\">\n";
+				$this->virtualhosts_data[$vhosts_filename].= "\t\tOrder Deny,Allow\n";
+				$this->virtualhosts_data[$vhosts_filename].= "\t\tDeny from All\n";
+				$this->virtualhosts_data[$vhosts_filename].= "\t</Directory>\n";
+				/**
+				 * end of dirprotection
+				 */
+
 				if($row_ipsandports['specialsettings'] != '')
 				{
 					$this->virtualhosts_data[$vhosts_filename].= $row_ipsandports['specialsettings'] . "\n";

scripts/jobs/cron_tasks.inc.http.20.lighttpd.php

@@ -68,7 +68,7 @@ class lighttpd
 
 	public function createIpPort()
 	{
-		$query = "SELECT `id`, `ip`, `port`, `listen_statement`, `namevirtualhost_statement`, `vhostcontainer`, " . " `vhostcontainer_servername_statement`, `specialsettings`, `ssl`, `ssl_cert_file` " . " FROM `" . TABLE_PANEL_IPSANDPORTS . "` ORDER BY `ip` ASC, `port` ASC";
+		$query = "SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` ORDER BY `ip` ASC, `port` ASC";
 		$result_ipsandports = $this->db->query($query);
 
 		while($row_ipsandports = $this->db->fetch_array($result_ipsandports))
@@ -101,6 +101,30 @@ class lighttpd
 				$this->lighttpd_data[$vhost_filename].= 'server.bind = "' . $ip . '"' . "\n";
 			}
 			
+			if($row_ipsandports['vhostcontainer'] == '1')
+			{
+				$myhost = str_replace('.', '\.', $this->settings['system']['hostname']);
+				$this->lighttpd_data[$vhost_filename].= '# Froxlor default vhost' . "\n";
+				$this->lighttpd_data[$vhost_filename].= '$HTTP["host"] =~ "^(?:www\.|)' . $myhost . '$" {' . "\n";
+
+				$mypath = makeCorrectDir(dirname(dirname(dirname(__FILE__))));
+				$this->lighttpd_data[$vhost_filename].= '  server.document-root = "'.$mypath.'"'."\n";
+
+				/**
+				 * dirprotection, see #72
+				 */
+				$this->lighttpd_data[$vhost_filename].= '  $HTTP["url"] =~ "^/(actions|install|lib|lng|scripts|temp)" {' . "\n";
+				$this->lighttpd_data[$vhost_filename].= '    url.access-deny = ("")' . "\n";
+				$this->lighttpd_data[$vhost_filename].= '  }' . "\n";
+
+				if($row_ipsandports['specialsettings'] != '')
+				{
+					$this->lighttpd_data[$vhost_filename].= $row_ipsandports['specialsettings'] . "\n";
+				}
+
+				$this->lighttpd_data[$vhost_filename].= '}' . "\n";
+			}
+	
 			if($row_ipsandports['ssl'] == '1')
 			{
 				$this->lighttpd_data[$vhost_filename].= 'ssl.engine = "enable"' . "\n";
@@ -116,7 +140,7 @@ class lighttpd
 			if($vhosts !== null && is_array($vhosts) && isset($vhosts[0]))
 			{
 				foreach($vhosts as $vhost) {
-					$this->lighttpd_data[$vhost_filename].= ' include "vhosts/'.basename($vhost).'"'."\n";
+					$this->lighttpd_data[$vhost_filename].= ' include "'.$vhost.'"'."\n";
 				}
 			}
 			

templates/admin/ipsandports/ipsandports_edit.tpl

@@ -43,15 +43,11 @@ $header
 				<td class="main_field_display" nowrap="nowrap">$namevirtualhost_statement</td>
 			</tr>
 			<tr>
-				<td class="main_field_name">{$lng['admin']['ipsandports']['create_vhostcontainer']}:
+				<td class="main_field_name">{$lng['admin']['ipsandports']['create_vhostcontainer']}:</td>
-				<if $settings['system']['webserver'] == 'lighttpd'><div style="color:red">{$lng['panel']['not_supported']}lighttpd</div></if>
-				</td>
 				<td class="main_field_display" nowrap="nowrap">$vhostcontainer</td>
 			</tr>
 			<tr>
-				<td class="main_field_name" valign="top">{$lng['admin']['ownvhostsettings']}:<br /><font size="1">{$lng['serversettings']['default_vhostconf']['description']}</font>
+				<td class="main_field_name" valign="top">{$lng['admin']['ownvhostsettings']}:<br /><font size="1">{$lng['serversettings']['default_vhostconf']['description']}</font></td>
-				<if $settings['system']['webserver'] == 'lighttpd'><div style="color:red">{$lng['panel']['not_supported']}lighttpd</div></if>
-				</td>
 				<td class="main_field_display" nowrap="nowrap"><textarea class="textarea_border" rows="12" cols="60" name="specialsettings">{$result['specialsettings']}</textarea></td>
 			</tr>
 			<tr>