add persistent db storage to goaccess-traffictool to have more data in the output index.html; add security questions when deleting certificates as we do for apikeys and dns-entries

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

api_keys.php

@@ -61,7 +61,7 @@ if ($action == 'delete' && $id > 0) {
 		'section' => 'index',
 		'page' => $page
 	]);
-} elseif ($action == 'deletesure' && $id > 0) {
+} elseif (isset($_POST['send']) && $_POST['send'] == 'send' && $action == 'deletesure' && $id > 0) {
 	$chk = (AREA == 'admin' && $userinfo['customers_see_all'] == '1') ? true : false;
 	if (AREA == 'customer') {
 		$chk_stmt = Database::prepare("

dns_editor.php

@@ -82,7 +82,7 @@ if ($action == 'add_record' && !empty($_POST)) {
 		'page' => $page,
 		'domain_id' => $domain_id
 	]);
-} elseif ($action == 'deletesure' && !empty($_POST)) {
+} elseif (isset($_POST['send']) && $_POST['send'] == 'send' && $action == 'deletesure' && !empty($_POST)) {
 	$entry_id = isset($_POST['id']) ? (int)$_POST['id'] : 0;
 	$domain_id = isset($_POST['domain_id']) ? (int)$_POST['domain_id'] : 0;
 	// remove entry

index.php

@@ -435,17 +435,25 @@ if ($action == 'forgotpwd') {
 			}
 		}
 
+		if ($adminchecked) {
+			if (Settings::Get('panel.allow_preset_admin') != '1') {
+				$message = lng('pwdreminder.notallowed');
+				unset($adminchecked);
+			}
+		} else {
+			if (Settings::Get('panel.allow_preset') != '1') {
+				$message = lng('pwdreminder.notallowed');
+			}
+		}
+
+		if (empty($message)) {
 			if ($result_stmt !== null) {
 				$user = $result_stmt->fetch(PDO::FETCH_ASSOC);
 
 				/* Check whether user is banned */
 				if ($user['deactivated']) {
-				Response::redirectTo('index.php', [
-					'showmessage' => '8'
-				]);
-				exit();
-			}
-
+					$message = lng('pwdreminder.notallowed');
+				} else {
 					if (($adminchecked && Settings::Get('panel.allow_preset_admin') == '1') || $adminchecked == false) {
 						if ($user !== false) {
 							// build a activation code
@@ -570,25 +578,16 @@ if ($action == 'forgotpwd') {
 								'loginname' => 'password_reset'
 							]);
 							$rstlog->logAction(FroxlorLogger::USR_ACTION, LOG_WARNING, "User '" . $loginname . "' requested to set a new password, but was not found in database!");
-					$message = lng('login.combination_not_found');
+							$message = lng('login.usernotfound');
 						}
 
 						unset($user);
 					}
+				}
 			} else {
 				$message = lng('login.usernotfound');
 			}
 		}
-
-	if ($adminchecked) {
-		if (Settings::Get('panel.allow_preset_admin') != '1') {
-			$message = lng('pwdreminder.notallowed');
-			unset($adminchecked);
-		}
-	} else {
-		if (Settings::Get('panel.allow_preset') != '1') {
-			$message = lng('pwdreminder.notallowed');
-		}
 	}
 
 	UI::view('login/fpwd.html.twig', [

lib/Froxlor/Cron/Traffic/TrafficCron.php

@@ -645,10 +645,20 @@ class TrafficCron extends FroxlorCron
 				@unlink($outputdir . '.tmp.json');
 			}
 
+			// goaccess <1.4
+			$keep_params = '--keep-db-files --load-from-disk';
+			$res = FileDir::safe_exec('goaccess --version');
+			$ver_str = array_shift($res);
+			$cGoVer = substr($ver_str, strrpos($ver_str, " ") + 1, -1);
+			if (version_compare($cGoVer, '1.4', '>=')) {
+				// at least 1.4
+				$keep_params = '--persist --restore';
+			}
+
 			$format = Settings::Get('system.logfiles_type') == '2' ? 'VCOMBINED' : 'COMBINED';
 			$monthyear = $monthyear_arr['month'] . '/' . $monthyear_arr['year'];
 			$return_value = false;
-			FileDir::safe_exec("grep '" . $monthyear . "' " . escapeshellarg($logfile) . " | goaccess -o " . escapeshellarg($outputdir . '.tmp.json') . " -o " . escapeshellarg($outputdir . 'index.html') . " --html-report-title=" . escapeshellarg($caption) . " --log-format=" . $format . " - ", $return_value, ['|']);
+			FileDir::safe_exec("grep '" . $monthyear . "' " . escapeshellarg($logfile) . " | goaccess " . $keep_params . " --db-path=" . escapeshellarg($outputdir) . " -o " . escapeshellarg($outputdir . '.tmp.json') . " -o " . escapeshellarg($outputdir . 'index.html') . " --html-report-title=" . escapeshellarg($caption) . " --log-format=" . $format . " - ", $return_value, ['|']);
 
 			if (file_exists($outputdir . '.tmp.json')) {
 				// need jq here because of potentially LARGE json files

lng/de.lng.php

@@ -1267,6 +1267,7 @@ Vielen Dank, Ihr Administrator',
 		'plan_reallydelete' => 'Wollen Sie den Hostingplan %s wirklich löschen?',
 		'apikey_reallydelete' => 'Wollen Sie den Api-Key wirklich löschen?',
 		'dnsentry_reallydelete' => 'Wollen Sie den DNS-Eintrag wirklich löschen?',
+		'certificate_reallydelete' => 'Wollen Sie diese Zertifikat wirklich löschen?',
 	],
 	'serversettings' => [
 		'session_timeout' => [

lng/en.lng.php

@@ -1377,6 +1377,7 @@ Yours sincerely, your administrator',
 		'plan_reallydelete' => 'Do you really want to delete the hosting plan %s?',
 		'apikey_reallydelete' => 'Do you really want to delete this api-key?',
 		'dnsentry_reallydelete' => 'Do you really want to delete this zone entry?',
+		'certificate_reallydelete' => 'Do you really want to delete this certificate?',
 	],
 	'redirect_desc' => [
 		'rc_default' => 'default',

ssl_certificates.php

@@ -41,10 +41,19 @@ use Froxlor\UI\Response;
 // and therefore does not need to require lib/init.php
 
 $success_message = "";
+$id = (int)Request::get('id');
 
 // do the delete and then just show a success-message and the certificates list again
 if ($action == 'delete') {
-	$id = isset($_GET['id']) ? (int)$_GET['id'] : 0;
+	HTML::askYesNo('certificate_reallydelete', $filename, [
+		'id' => $id,
+		'page' => $page,
+		'action' => 'deletesure'
+	], '', [
+		'section' => 'index',
+		'page' => $page
+	]);
+} elseif (isset($_POST['send']) && $_POST['send'] == 'send' && $action == 'deletesure' && $id > 0) {
 	if ($id > 0) {
 		try {
 			$json_result = Certificates::getLocal($userinfo, [