maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

add persistent db storage to goaccess-traffictool to have more data in the output index.html; add security questions when deleting certificates as we do for apikeys and dns-entries

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2022-11-06 10:11:40 +01:00
parent 8eedf87ac3
commit 78945768ec
7 changed files with 173 additions and 153 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
api_keys.php
View File

@@ -61,7 +61,7 @@ if ($action == 'delete' && $id > 0) {
'section' => 'index', 'section' => 'index',
'page' => $page 'page' => $page
]); ]);
} elseif ($action == 'deletesure' && $id > 0) { } elseif (isset($_POST['send']) && $_POST['send'] == 'send' && $action == 'deletesure' && $id > 0) {
$chk = (AREA == 'admin' && $userinfo['customers_see_all'] == '1') ? true : false; $chk = (AREA == 'admin' && $userinfo['customers_see_all'] == '1') ? true : false;
if (AREA == 'customer') { if (AREA == 'customer') {
$chk_stmt = Database::prepare(" $chk_stmt = Database::prepare("

2
dns_editor.php
View File

@@ -82,7 +82,7 @@ if ($action == 'add_record' && !empty($_POST)) {
'page' => $page, 'page' => $page,
'domain_id' => $domain_id 'domain_id' => $domain_id
]); ]);
} elseif ($action == 'deletesure' && !empty($_POST)) { } elseif (isset($_POST['send']) && $_POST['send'] == 'send' && $action == 'deletesure' && !empty($_POST)) {
$entry_id = isset($_POST['id']) ? (int)$_POST['id'] : 0; $entry_id = isset($_POST['id']) ? (int)$_POST['id'] : 0;
$domain_id = isset($_POST['domain_id']) ? (int)$_POST['domain_id'] : 0; $domain_id = isset($_POST['domain_id']) ? (int)$_POST['domain_id'] : 0;
// remove entry // remove entry

33
index.php
View File

@@ -435,17 +435,25 @@ if ($action == 'forgotpwd') {
} }
} }
if ($adminchecked) {
if (Settings::Get('panel.allow_preset_admin') != '1') {
$message = lng('pwdreminder.notallowed');
unset($adminchecked);
}
} else {
if (Settings::Get('panel.allow_preset') != '1') {
$message = lng('pwdreminder.notallowed');
}
}
if (empty($message)) {
if ($result_stmt !== null) { if ($result_stmt !== null) {
$user = $result_stmt->fetch(PDO::FETCH_ASSOC); $user = $result_stmt->fetch(PDO::FETCH_ASSOC);
/* Check whether user is banned */ /* Check whether user is banned */
if ($user['deactivated']) { if ($user['deactivated']) {
Response::redirectTo('index.php', [ $message = lng('pwdreminder.notallowed');
'showmessage' => '8' } else {
]);
exit();
}
if (($adminchecked && Settings::Get('panel.allow_preset_admin') == '1') || $adminchecked == false) { if (($adminchecked && Settings::Get('panel.allow_preset_admin') == '1') || $adminchecked == false) {
if ($user !== false) { if ($user !== false) {
// build a activation code // build a activation code
@@ -570,25 +578,16 @@ if ($action == 'forgotpwd') {
'loginname' => 'password_reset' 'loginname' => 'password_reset'
]); ]);
$rstlog->logAction(FroxlorLogger::USR_ACTION, LOG_WARNING, "User '" . $loginname . "' requested to set a new password, but was not found in database!"); $rstlog->logAction(FroxlorLogger::USR_ACTION, LOG_WARNING, "User '" . $loginname . "' requested to set a new password, but was not found in database!");
$message = lng('login.combination_not_found'); $message = lng('login.usernotfound');
} }
unset($user); unset($user);
} }
}
} else { } else {
$message = lng('login.usernotfound'); $message = lng('login.usernotfound');
} }
} }
if ($adminchecked) {
if (Settings::Get('panel.allow_preset_admin') != '1') {
$message = lng('pwdreminder.notallowed');
unset($adminchecked);
}
} else {
if (Settings::Get('panel.allow_preset') != '1') {
$message = lng('pwdreminder.notallowed');
}
} }
UI::view('login/fpwd.html.twig', [ UI::view('login/fpwd.html.twig', [

12
lib/Froxlor/Cron/Traffic/TrafficCron.php
View File

@@ -645,10 +645,20 @@ class TrafficCron extends FroxlorCron
@unlink($outputdir . '.tmp.json'); @unlink($outputdir . '.tmp.json');
} }
// goaccess <1.4
$keep_params = '--keep-db-files --load-from-disk';
$res = FileDir::safe_exec('goaccess --version');
$ver_str = array_shift($res);
$cGoVer = substr($ver_str, strrpos($ver_str, " ") + 1, -1);
if (version_compare($cGoVer, '1.4', '>=')) {
// at least 1.4
$keep_params = '--persist --restore';
}
$format = Settings::Get('system.logfiles_type') == '2' ? 'VCOMBINED' : 'COMBINED'; $format = Settings::Get('system.logfiles_type') == '2' ? 'VCOMBINED' : 'COMBINED';
$monthyear = $monthyear_arr['month'] . '/' . $monthyear_arr['year']; $monthyear = $monthyear_arr['month'] . '/' . $monthyear_arr['year'];
$return_value = false; $return_value = false;
FileDir::safe_exec("grep '" . $monthyear . "' " . escapeshellarg($logfile) . " | goaccess -o " . escapeshellarg($outputdir . '.tmp.json') . " -o " . escapeshellarg($outputdir . 'index.html') . " --html-report-title=" . escapeshellarg($caption) . " --log-format=" . $format . " - ", $return_value, ['|']); FileDir::safe_exec("grep '" . $monthyear . "' " . escapeshellarg($logfile) . " | goaccess " . $keep_params . " --db-path=" . escapeshellarg($outputdir) . " -o " . escapeshellarg($outputdir . '.tmp.json') . " -o " . escapeshellarg($outputdir . 'index.html') . " --html-report-title=" . escapeshellarg($caption) . " --log-format=" . $format . " - ", $return_value, ['|']);
if (file_exists($outputdir . '.tmp.json')) { if (file_exists($outputdir . '.tmp.json')) {
// need jq here because of potentially LARGE json files // need jq here because of potentially LARGE json files

1
lng/de.lng.php
View File

@@ -1267,6 +1267,7 @@ Vielen Dank, Ihr Administrator',
'plan_reallydelete' => 'Wollen Sie den Hostingplan %s wirklich löschen?', 'plan_reallydelete' => 'Wollen Sie den Hostingplan %s wirklich löschen?',
'apikey_reallydelete' => 'Wollen Sie den Api-Key wirklich löschen?', 'apikey_reallydelete' => 'Wollen Sie den Api-Key wirklich löschen?',
'dnsentry_reallydelete' => 'Wollen Sie den DNS-Eintrag wirklich löschen?', 'dnsentry_reallydelete' => 'Wollen Sie den DNS-Eintrag wirklich löschen?',
'certificate_reallydelete' => 'Wollen Sie diese Zertifikat wirklich löschen?',
], ],
'serversettings' => [ 'serversettings' => [
'session_timeout' => [ 'session_timeout' => [

1
lng/en.lng.php
View File

@@ -1377,6 +1377,7 @@ Yours sincerely, your administrator',
'plan_reallydelete' => 'Do you really want to delete the hosting plan %s?', 'plan_reallydelete' => 'Do you really want to delete the hosting plan %s?',
'apikey_reallydelete' => 'Do you really want to delete this api-key?', 'apikey_reallydelete' => 'Do you really want to delete this api-key?',
'dnsentry_reallydelete' => 'Do you really want to delete this zone entry?', 'dnsentry_reallydelete' => 'Do you really want to delete this zone entry?',
'certificate_reallydelete' => 'Do you really want to delete this certificate?',
], ],
'redirect_desc' => [ 'redirect_desc' => [
'rc_default' => 'default', 'rc_default' => 'default',

11
ssl_certificates.php
View File

@@ -41,10 +41,19 @@ use Froxlor\UI\Response;
// and therefore does not need to require lib/init.php // and therefore does not need to require lib/init.php
$success_message = ""; $success_message = "";
$id = (int)Request::get('id');
// do the delete and then just show a success-message and the certificates list again // do the delete and then just show a success-message and the certificates list again
if ($action == 'delete') { if ($action == 'delete') {
$id = isset($_GET['id']) ? (int)$_GET['id'] : 0; HTML::askYesNo('certificate_reallydelete', $filename, [
'id' => $id,
'page' => $page,
'action' => 'deletesure'
], '', [
'section' => 'index',
'page' => $page
]);
} elseif (isset($_POST['send']) && $_POST['send'] == 'send' && $action == 'deletesure' && $id > 0) {
if ($id > 0) { if ($id > 0) {
try { try {
$json_result = Certificates::getLocal($userinfo, [ $json_result = Certificates::getLocal($userinfo, [