From 81602f17bec500db6ac6e05abd34f1a447ae062c Mon Sep 17 00:00:00 2001 From: "Michael Kaufmann (d00p)" Date: Thu, 15 Feb 2018 14:44:48 +0100 Subject: [PATCH] add Domains api module Signed-off-by: Michael Kaufmann (d00p) --- admin_domains.php | 2125 +++----------------- lib/classes/api/commands/class.Domains.php | 1635 +++++++++++++++ 2 files changed, 1889 insertions(+), 1871 deletions(-) create mode 100644 lib/classes/api/commands/class.Domains.php diff --git a/admin_domains.php b/admin_domains.php index f731d59c..89c61f4b 100644 --- a/admin_domains.php +++ b/admin_domains.php @@ -35,9 +35,9 @@ if ($page == 'domains' || $page == 'overview') { } $countcustomers = Database::pexecute_first($stmt, $params); $countcustomers = (int) $countcustomers['countcustomers']; - + if ($action == '') { - + $log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_domains"); $fields = array( 'd.domain' => $lng['domains']['domainname'], @@ -49,17 +49,12 @@ if ($page == 'domains' || $page == 'overview') { ); $paging = new paging($userinfo, TABLE_PANEL_DOMAINS, $fields); $domains = ""; - $syshostname = ""; - if (Settings::Get('system.hostname_id')) - { - $syshostname = "AND `d`.`id` <> " . Settings::Get('system.hostname_id'); - } $result_stmt = Database::prepare(" SELECT `d`.*, `c`.`loginname`, `c`.`deactivated`, `c`.`name`, `c`.`firstname`, `c`.`company`, `c`.`standardsubdomain`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain` FROM `" . TABLE_PANEL_DOMAINS . "` `d` LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id` - WHERE `d`.`parentdomainid`='0' " . $syshostname . ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = :adminid ") . " " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()); + WHERE `d`.`parentdomainid`='0' " . ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = :adminid ") . " " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()); $params = array(); if ($userinfo['customers_see_all'] == '0') { $params['adminid'] = $userinfo['adminid']; @@ -72,17 +67,17 @@ if ($page == 'domains' || $page == 'overview') { $searchcode = $paging->getHtmlSearchCode($lng); $pagingcode = $paging->getHtmlPagingCode($filename . '?page=' . $page . '&s=' . $s); $domain_array = array(); - + while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) { - + formatDomainEntry($row, $idna_convert); - + if (! isset($domain_array[$row['domain']])) { $domain_array[$row['domain']] = $row; } else { $domain_array[$row['domain']] = array_merge($row, $domain_array[$row['domain']]); } - + if (isset($row['aliasdomainid']) && $row['aliasdomainid'] != null && isset($row['aliasdomain']) && $row['aliasdomain'] != '') { if (! isset($domain_array[$row['aliasdomain']])) { $domain_array[$row['aliasdomain']] = array(); @@ -91,7 +86,7 @@ if ($page == 'domains' || $page == 'overview') { $domain_array[$row['aliasdomain']]['domainalias'] = $row['domain']; } } - + /** * We need ksort/krsort here to make sure idna-domains are also sorted correctly */ @@ -100,26 +95,11 @@ if ($page == 'domains' || $page == 'overview') { } elseif ($paging->sortfield == 'd.domain' && $paging->sortorder == 'desc') { krsort($domain_array); } - - // show froxlor hostname as first entry - if (Settings::Get('system.hostname_id')) - { - $syshost_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `id` = :did"); - $row = Database::pexecute_first($syshost_stmt, array( - 'did' => Settings::Get('system.hostname_id') - )); - formatDomainEntry($row, $idna_convert); - $row['customername'] = 'Froxlor hostname'; - $row['loginname'] = null; - $row['termination_css'] = 'domain-hostname'; - $row['ipandport'] = str_replace("\n", "
", $row['ipandport']); - eval("\$domains.=\"" . getTemplate("domains/domains_domain") . "\";"); - } - + $i = 0; $count = 0; foreach ($domain_array as $row) { - + if (isset($row['domain']) && $row['domain'] != '' && $paging->checkDisplay($i)) { $row['customername'] = getCorrectFullUserDetails($row); $row = htmlentities_array($row); @@ -130,154 +110,41 @@ if ($page == 'domains' || $page == 'overview') { } $i ++; } - + $domainscount = $numrows_domains; - + // Display the list eval("echo \"" . getTemplate("domains/domains") . "\";"); } elseif ($action == 'delete' && $id != 0) { - - $result_stmt = Database::prepare(" - SELECT `d`.* FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` - WHERE `d`.`id` = :id AND `d`.`id` <> `c`.`standardsubdomain`" . ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = :adminid")); - $params = array( - 'id' => $id - ); - if ($userinfo['customers_see_all'] == '0') { - $params['adminid'] = $userinfo['adminid']; + + try { + $json_result = Domains::getLocal($userinfo, array( + 'id' => $id, + 'no_std_subdomain' => true + ))->get(); + } catch (Exception $e) { + dynamic_error($e->getMessage()); } - $result = Database::pexecute_first($result_stmt, $params); - + $result = json_decode($json_result, true)['data']; + $alias_check_stmt = Database::prepare(" SELECT COUNT(`id`) AS `count` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `aliasdomain`= :id"); $alias_check = Database::pexecute_first($alias_check_stmt, array( 'id' => $id )); - - if ($result['domain'] != '' && $alias_check['count'] == 0) { - if (isset($_POST['send']) && $_POST['send'] == 'send') { - // check for deletion of main-domains which are logically subdomains, #329 - $rsd_sql = ''; - $remove_subbutmain_domains = isset($_POST['delete_userfiles']) ? 1 : 0; - if ($remove_subbutmain_domains == 1) { - $rsd_sql .= " OR `ismainbutsubto` = :id"; + + if ($result['domain'] != '') { + if (isset($_POST['send']) && $_POST['send'] == 'send' && $alias_check['count'] == 0) { + + try { + Domains::getLocal($userinfo, array_merge(array( + 'id' => $id + ), $_POST))->delete(); + } catch (Exception $e) { + dynamic_error($e->getMessage()); } - - $subresult_stmt = Database::prepare(" - SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` - WHERE (`id` = :id OR `parentdomainid` = :id " . $rsd_sql . ")"); - Database::pexecute($subresult_stmt, array( - 'id' => $id - )); - $idString = array(); - $paramString = array(); - while ($subRow = $subresult_stmt->fetch(PDO::FETCH_ASSOC)) { - $idString[] = "`domainid` = :domain_" . (int) $subRow['id']; - $paramString['domain_' . $subRow['id']] = $subRow['id']; - } - - $idString = implode(' OR ', $idString); - - if ($idString != '') { - $del_stmt = Database::prepare(" - DELETE FROM `" . TABLE_MAIL_USERS . "` WHERE " . $idString); - Database::pexecute($del_stmt, $paramString); - $del_stmt = Database::prepare(" - DELETE FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE " . $idString); - Database::pexecute($del_stmt, $paramString); - $log->logAction(ADM_ACTION, LOG_NOTICE, "deleted domain/s from mail-tables"); - } - - // if mainbutsubto-domains are not to be deleted, re-assign the (ismainbutsubto value of the main - // domain which is being deleted) as their new ismainbutsubto value - if ($remove_subbutmain_domains !== 1) { - $upd_stmt = Database::prepare(" - UPDATE `" . TABLE_PANEL_DOMAINS . "` SET - `ismainbutsubto` = :newIsMainButSubtoValue - WHERE `ismainbutsubto` = :deletedMainDomainId - "); - Database::pexecute($upd_stmt, array( - 'newIsMainButSubtoValue' => $result['ismainbutsubto'], - 'deletedMainDomainId' => $id, - )); - } - - $del_stmt = Database::prepare(" - DELETE FROM `" . TABLE_PANEL_DOMAINS . "` - WHERE `id` = :id OR `parentdomainid` = :id " . $rsd_sql); - Database::pexecute($del_stmt, array( - 'id' => $id - )); - - $deleted_domains = $del_stmt->rowCount(); - - $upd_stmt = Database::prepare(" - UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET - `subdomains_used` = `subdomains_used` - :domaincount - WHERE `customerid` = :customerid"); - Database::pexecute($upd_stmt, array( - 'domaincount' => ($deleted_domains - 1), - 'customerid' => $result['customerid'] - )); - - $upd_stmt = Database::prepare(" - UPDATE `" . TABLE_PANEL_ADMINS . "` SET - `domains_used` = `domains_used` - 1 - WHERE `adminid` = :adminid"); - Database::pexecute($upd_stmt, array( - 'adminid' => $userinfo['adminid'] - )); - - $upd_stmt = Database::prepare(" - UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET - `standardsubdomain` = '0' - WHERE `standardsubdomain` = :id AND `customerid` = :customerid"); - Database::pexecute($upd_stmt, array( - 'id' => $result['id'], - 'customerid' => $result['customerid'] - )); - - $del_stmt = Database::prepare(" - DELETE FROM `" . TABLE_DOMAINTOIP . "` - WHERE `id_domain` = :domainid"); - Database::pexecute($del_stmt, array( - 'domainid' => $id - )); - - $del_stmt = Database::prepare(" - DELETE FROM `" . TABLE_PANEL_DOMAINREDIRECTS . "` - WHERE `did` = :domainid"); - Database::pexecute($del_stmt, array( - 'domainid' => $id - )); - - // remove certificate from domain_ssl_settings, fixes #1596 - $del_stmt = Database::prepare(" - DELETE FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` - WHERE `domainid` = :domainid"); - Database::pexecute($del_stmt, array( - 'domainid' => $id - )); - - // remove possible existing DNS entries - $del_stmt = Database::prepare(" - DELETE FROM `" . TABLE_DOMAIN_DNS . "` - WHERE `domain_id` = :domainid - "); - Database::pexecute($del_stmt, array( - 'domainid' => $id - )); - - triggerLetsEncryptCSRForAliasDestinationDomain($result['aliasdomain'], $log); - - $log->logAction(ADM_ACTION, LOG_INFO, "deleted domain/subdomains (#" . $result['id'] . ")"); - updateCounters(); - inserttask('1'); - - // Using nameserver, insert a task which rebuilds the server config - inserttask('4'); - + redirectTo($filename, array( 'page' => $page, 's' => $s @@ -285,7 +152,7 @@ if ($page == 'domains' || $page == 'overview') { } elseif ($alias_check['count'] > 0) { standard_error('domains_cantdeletedomainwithaliases'); } else { - + $showcheck = false; if (domainHasMainSubDomains($id)) { $showcheck = true; @@ -298,850 +165,196 @@ if ($page == 'domains' || $page == 'overview') { } } } elseif ($action == 'add') { - - if ($userinfo['domains_used'] < $userinfo['domains'] || $userinfo['domains'] == '-1') { - if (isset($_POST['send']) && $_POST['send'] == 'send') { - - if ($_POST['domain'] == Settings::Get('system.hostname')) { - standard_error('admin_domain_emailsystemhostname'); - } - - if (substr($_POST['domain'], 0, 4) == 'xn--') { - standard_error('domain_nopunycode'); - } - - $domain = $idna_convert->encode(preg_replace(array( - '/\:(\d)+$/', - '/^https?\:\/\//' - ), '', validate($_POST['domain'], 'domain'))); - - // Check whether domain validation is enabled and if, validate the domain - if (Settings::Get('system.validate_domain') && ! validateDomain($domain)) { - standard_error(array( - 'stringiswrong', - 'mydomain' - )); - } - - $subcanemaildomain = intval($_POST['subcanemaildomain']); - - $isemaildomain = 0; - if (isset($_POST['isemaildomain'])) { - $isemaildomain = intval($_POST['isemaildomain']); - } - - $email_only = 0; - if (isset($_POST['email_only'])) { - $email_only = intval($_POST['email_only']); - } - - $serveraliasoption = 0; - if (isset($_POST['selectserveralias'])) { - $serveraliasoption = intval($_POST['selectserveralias']); - } - - $speciallogfile = 0; - if (isset($_POST['speciallogfile'])) { - $speciallogfile = intval($_POST['speciallogfile']); - } - - $aliasdomain = intval($_POST['alias']); - $issubof = intval($_POST['issubof']); - $customerid = intval($_POST['customerid']); - $customer_stmt = Database::prepare(" - SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "` - WHERE `customerid` = :customerid " . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = :adminid")); - $params = array( - 'customerid' => $customerid - ); - if ($userinfo['customers_see_all'] == '0') { - $params['adminid'] = $userinfo['adminid']; - } - $customer = Database::pexecute_first($customer_stmt, $params); - - if (empty($customer) || $customer['customerid'] != $customerid) { - standard_error('customerdoesntexist'); - } - - if ($userinfo['customers_see_all'] == '1') { - - $adminid = intval($_POST['adminid']); - $admin_stmt = Database::prepare(" - SELECT * FROM `" . TABLE_PANEL_ADMINS . "` - WHERE `adminid` = :adminid AND (`domains_used` < `domains` OR `domains` = '-1')"); - $admin = Database::pexecute_first($admin_stmt, array( - 'adminid' => $adminid - )); - - if (empty($admin) || $admin['adminid'] != $adminid) { - standard_error('admindoesntexist'); - } - } else { - $adminid = $userinfo['adminid']; - $admin = $userinfo; - } - - // set default path if admin/reseller has "change_serversettings == false" but we still - // need to respect the documentroot_use_default_value - setting - $path_suffix = ''; - if (Settings::Get('system.documentroot_use_default_value') == 1) { - $path_suffix = '/' . $domain; - } - $documentroot = makeCorrectDir($customer['documentroot'] . $path_suffix); - - $registration_date = trim($_POST['registration_date']); - $registration_date = validate($registration_date, 'registration_date', '/^(19|20)\d\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array( - '0000-00-00', - '0', - '' - )); - if ($registration_date == '0000-00-00') { - $registration_date = null; - } - - $termination_date = trim($_POST['termination_date']); - $termination_date = validate($termination_date, 'termination_date', '/^(19|20)\d\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array( - '0000-00-00', - '0', - '' - )); - if ($termination_date == '0000-00-00') { - $termination_date = null; - } - - if ($userinfo['change_serversettings'] == '1') { - - $caneditdomain = isset($_POST['caneditdomain']) ? intval($_POST['caneditdomain']) : 0; - - $isbinddomain = '0'; - $zonefile = ''; - if (Settings::Get('system.bind_enable') == '1') { - if (isset($_POST['isbinddomain'])) { - $isbinddomain = intval($_POST['isbinddomain']); - } - $zonefile = validate($_POST['zonefile'], 'zonefile'); - } - - if (isset($_POST['dkim'])) { - $dkim = intval($_POST['dkim']); - } else { - $dkim = '1'; - } - - $specialsettings = validate(str_replace("\r\n", "\n", $_POST['specialsettings']), 'specialsettings', '/^[^\0]*$/'); - $notryfiles = isset($_POST['notryfiles']) && (int)$_POST['notryfiles'] == 1 ? 1 : 0; - validate($_POST['documentroot'], 'documentroot'); - - // If path is empty and 'Use domain name as default value for DocumentRoot path' is enabled in settings, - // set default path to subdomain or domain name - if (isset($_POST['documentroot']) && $_POST['documentroot'] != '') { - if (substr($_POST['documentroot'], 0, 1) != '/' && ! preg_match('/^https?\:\/\//', $_POST['documentroot'])) { - $documentroot .= '/' . $_POST['documentroot']; - } else { - $documentroot = $_POST['documentroot']; - } - } elseif (isset($_POST['documentroot']) && ($_POST['documentroot'] == '') && (Settings::Get('system.documentroot_use_default_value') == 1)) { - $documentroot = makeCorrectDir($customer['documentroot'] . '/' . $domain); - } - } else { - $isbinddomain = '0'; - if (Settings::Get('system.bind_enable') == '1') { - $isbinddomain = '1'; - } - $caneditdomain = '1'; - $zonefile = ''; - $dkim = '1'; - $specialsettings = ''; - $notryfiles = '0'; - } - - if ($userinfo['caneditphpsettings'] == '1' || $userinfo['change_serversettings'] == '1') { - - $phpenabled = isset($_POST['phpenabled']) ? intval($_POST['phpenabled']) : 0; - $openbasedir = isset($_POST['openbasedir']) ? intval($_POST['openbasedir']) : 0; - - if ((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) { - $phpsettingid = (int) $_POST['phpsettingid']; - $phpsettingid_check_stmt = Database::prepare(" - SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` - WHERE `id` = :phpsettingid"); - $phpsettingid_check = Database::pexecute_first($phpsettingid_check_stmt, array( - 'phpsettingid' => $phpsettingid - )); - - if (! isset($phpsettingid_check['id']) || $phpsettingid_check['id'] == '0' || $phpsettingid_check['id'] != $phpsettingid) { - standard_error('phpsettingidwrong'); - } - - if ((int) Settings::Get('system.mod_fcgid') == 1) { - $mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array( - '-1', - '' - )); - $mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array( - '-1', - '' - )); - } else { - $mod_fcgid_starter = '-1'; - $mod_fcgid_maxrequests = '-1'; - } - } else { - - if ((int) Settings::Get('phpfpm.enabled') == 1) { - $phpsettingid = Settings::Get('phpfpm.defaultini'); - } else { - $phpsettingid = Settings::Get('system.mod_fcgid_defaultini'); - } - $mod_fcgid_starter = '-1'; - $mod_fcgid_maxrequests = '-1'; - } - } else { - - $phpenabled = '1'; - $openbasedir = '1'; - - if ((int) Settings::Get('phpfpm.enabled') == 1) { - $phpsettingid = Settings::Get('phpfpm.defaultini'); - } else { - $phpsettingid = Settings::Get('system.mod_fcgid_defaultini'); - } - $mod_fcgid_starter = '-1'; - $mod_fcgid_maxrequests = '-1'; - } - - if ($userinfo['ip'] != "-1") { - $admin_ip_stmt = Database::prepare(" - SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` - WHERE `id` = :id ORDER BY `ip`, `port` ASC"); - $admin_ip = Database::pexecute_first($admin_ip_stmt, array( - 'id' => $userinfo['ip'] - )); - $additional_ip_condition = " AND `ip` = :adminip "; - $aip_param = array( - 'adminip' => $admin_ip['ip'] - ); - } else { - $additional_ip_condition = ''; - $aip_param = array(); - } - - $ipandports = array(); - if (isset($_POST['ipandport']) && ! is_array($_POST['ipandport'])) { - $_POST['ipandport'] = unserialize($_POST['ipandport']); - } - - if (isset($_POST['ipandport']) && is_array($_POST['ipandport'])) { - foreach ($_POST['ipandport'] as $ipandport) { - $ipandport = intval($ipandport); - $ipandport_check_stmt = Database::prepare(" - SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` - WHERE `id` = :id " . $additional_ip_condition); - $ip_params = null; - $ip_params = array_merge(array( - 'id' => $ipandport - ), $aip_param); - $ipandport_check = Database::pexecute_first($ipandport_check_stmt, $ip_params); - - if (! isset($ipandport_check['id']) || $ipandport_check['id'] == '0' || $ipandport_check['id'] != $ipandport) { - standard_error('ipportdoesntexist'); - } else { - $ipandports[] = $ipandport; - } - } - } - - if (Settings::Get('system.use_ssl') == "1" && isset($_POST['ssl_ipandport'])) { - $ssl_redirect = 0; - if (isset($_POST['ssl_redirect'])) { - $ssl_redirect = (int) $_POST['ssl_redirect']; - } - - $letsencrypt = 0; - if (isset($_POST['letsencrypt'])) { - $letsencrypt = (int) $_POST['letsencrypt']; - } - - $ssl_ipandports = array(); - if (isset($_POST['ssl_ipandport']) && ! is_array($_POST['ssl_ipandport'])) { - $_POST['ssl_ipandport'] = unserialize($_POST['ssl_ipandport']); - } - - // Verify SSL-Ports - if (isset($_POST['ssl_ipandport']) && is_array($_POST['ssl_ipandport'])) { - foreach ($_POST['ssl_ipandport'] as $ssl_ipandport) { - if (trim($ssl_ipandport) == "") - continue; - // fix if no ssl-ip/port is checked - if (trim($ssl_ipandport) < 1) - continue; - $ssl_ipandport = intval($ssl_ipandport); - $ssl_ipandport_check_stmt = Database::prepare(" - SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` - WHERE `id` = :id " . $additional_ip_condition); - $ip_params = null; - $ip_params = array_merge(array( - 'id' => $ssl_ipandport - ), $aip_param); - $ssl_ipandport_check = Database::pexecute_first($ssl_ipandport_check_stmt, $ip_params); - - if (! isset($ssl_ipandport_check['id']) || $ssl_ipandport_check['id'] == '0' || $ssl_ipandport_check['id'] != $ssl_ipandport) { - standard_error('ipportdoesntexist'); - } else { - $ssl_ipandports[] = $ssl_ipandport; - } - } - - $http2 = isset($_POST['http2']) && (int)$_POST['http2'] == 1 ? 1 : 0; - - // HSTS - $hsts_maxage = isset($_POST['hsts_maxage']) ? (int)$_POST['hsts_maxage'] : 0; - $hsts_sub = isset($_POST['hsts_sub']) && (int)$_POST['hsts_sub'] == 1 ? 1 : 0; - $hsts_preload = isset($_POST['hsts_preload']) && (int)$_POST['hsts_preload'] == 1 ? 1 : 0; - - // OCSP stapling - $ocsp_stapling = isset($_POST['ocsp_stapling']) && (int)$_POST['ocsp_stapling'] == 1 ? 1 : 0; - - } else { - $ssl_redirect = 0; - $letsencrypt = 0; - $http2 = 0; - // we need this for the serialize - // if ssl is disabled or no ssl-ip/port exists - $ssl_ipandports[] = - 1; - - // HSTS - $hsts_maxage = 0; - $hsts_sub = 0; - $hsts_preload = 0; - - // OCSP stapling - $ocsp_stapling = 0; - } - } else { - $ssl_redirect = 0; - $letsencrypt = 0; - $http2 = 0; - // we need this for the serialize - // if ssl is disabled or no ssl-ip/port exists - $ssl_ipandports[] = - 1; - - // HSTS - $hsts_maxage = 0; - $hsts_sub = 0; - $hsts_preload = 0; - - // OCSP stapling - $ocsp_stapling = 0; - } - - // We can't enable let's encrypt for wildcard - domains if using acme-v1 - if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '1') { - standard_error('nowildcardwithletsencrypt'); - } - // if using acme-v2 we cannot issue wildcard-certificates - // because they currently only support the dns-01 challenge - if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '2') { - standard_error('nowildcardwithletsencryptv2'); - } - - // Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated - if ($ssl_redirect > 0 && $letsencrypt == 1) { - $ssl_redirect = 2; - } - - if (! preg_match('/^https?\:\/\//', $documentroot)) { - if (strstr($documentroot, ":") !== false) { - standard_error('pathmaynotcontaincolon'); - } else { - $documentroot = makeCorrectDir($documentroot); - } - } - - $domain_check_stmt = Database::prepare(" - SELECT `id`, `domain` FROM `" . TABLE_PANEL_DOMAINS . "` - WHERE `domain` = :domain"); - $domain_check = Database::pexecute_first($domain_check_stmt, array( - 'domain' => strtolower($domain) - )); - - $aliasdomain_check = array( - 'id' => 0 - ); - - if ($aliasdomain != 0) { - // Overwrite given ipandports with these of the "main" domain - $ipandports = array(); - $ssl_ipandports = array(); - $origipresult_stmt = Database::prepare(" - SELECT `id_ipandports` FROM `" . TABLE_DOMAINTOIP . "` - WHERE `id_domain` = :id"); - Database::pexecute($origipresult_stmt, array( - 'id' => $aliasdomain - )); - $ipdata_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = :ipid"); - while ($origip = $origipresult_stmt->fetch(PDO::FETCH_ASSOC)) { - $_origip_tmp = Database::pexecute_first($ipdata_stmt, array( - 'ipid' => $origip['id_ipandports'] - )); - if ($_origip_tmp['ssl'] == 0) { - $ipandports[] = $origip['id_ipandports']; - } else { - $ssl_ipandports[] = $origip['id_ipandports']; - } - } - - if (count($ssl_ipandports) == 0) { - // we need this for the serialize - // if ssl is disabled or no ssl-ip/port exists - $ssl_ipandports[] = - 1; - } - - $aliasdomain_check_stmt = Database::prepare(" - SELECT `d`.`id` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` - WHERE `d`.`customerid` = :customerid - AND `d`.`aliasdomain` IS NULL AND `d`.`id` <> `c`.`standardsubdomain` - AND `c`.`customerid` = :customerid - AND `d`.`id` = :aliasdomainid"); - $alias_params = array( - 'customerid' => $customerid, - 'aliasdomainid' => $aliasdomain - ); - $aliasdomain_check = Database::pexecute_first($aliasdomain_check_stmt, $alias_params); - } - - if (count($ipandports) == 0) { - standard_error('noipportgiven'); - } - - if ($phpenabled != '1') { - $phpenabled = '0'; - } - - if ($openbasedir != '1') { - $openbasedir = '0'; - } - - if ($speciallogfile != '1') { - $speciallogfile = '0'; - } - - if ($isbinddomain != '1') { - $isbinddomain = '0'; - } - - if ($isemaildomain != '1') { - $isemaildomain = '0'; - } - - if ($email_only == '1') { - $isemaildomain = '1'; - } else { - $email_only = '0'; - } - - if ($subcanemaildomain != '1' && $subcanemaildomain != '2' && $subcanemaildomain != '3') { - $subcanemaildomain = '0'; - } - - if ($dkim != '1') { - $dkim = '0'; - } - - if ($serveraliasoption != '1' && $serveraliasoption != '2') { - $serveraliasoption = '0'; - } - - if ($caneditdomain != '1') { - $caneditdomain = '0'; - } - - if ($issubof <= '0') { - $issubof = '0'; - } - - if ($domain == '') { - standard_error(array( - 'stringisempty', - 'mydomain' - )); - } elseif ($documentroot == '') { - standard_error(array( - 'stringisempty', - 'mydocumentroot' - )); - } elseif ($customerid == 0) { - standard_error('adduserfirst'); - } elseif (strtolower($domain_check['domain']) == strtolower($domain)) { - standard_error('domainalreadyexists', $idna_convert->decode($domain)); - } elseif ($aliasdomain_check['id'] != $aliasdomain) { - standard_error('domainisaliasorothercustomer'); - } else { - $params = array( - 'page' => $page, - 'action' => $action, - 'domain' => $domain, - 'customerid' => $customerid, - 'adminid' => $adminid, - 'documentroot' => $documentroot, - 'alias' => $aliasdomain, - 'isbinddomain' => $isbinddomain, - 'isemaildomain' => $isemaildomain, - 'email_only' => $email_only, - 'subcanemaildomain' => $subcanemaildomain, - 'caneditdomain' => $caneditdomain, - 'zonefile' => $zonefile, - 'dkim' => $dkim, - 'speciallogfile' => $speciallogfile, - 'selectserveralias' => $serveraliasoption, - 'ipandport' => serialize($ipandports), - 'ssl_redirect' => $ssl_redirect, - 'ssl_ipandport' => serialize($ssl_ipandports), - 'phpenabled' => $phpenabled, - 'openbasedir' => $openbasedir, - 'phpsettingid' => $phpsettingid, - 'mod_fcgid_starter' => $mod_fcgid_starter, - 'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests, - 'specialsettings' => $specialsettings, - 'notryfiles' => $notryfiles, - 'registration_date' => $registration_date, - 'termination_date' => $termination_date, - 'issubof' => $issubof, - 'letsencrypt' => $letsencrypt, - 'http2' => $http2, - 'hsts_maxage' => $hsts_maxage, - 'hsts_sub' => $hsts_sub, - 'hsts_preload' => $hsts_preload, - 'ocsp_stapling' => $ocsp_stapling - ); - - $security_questions = array( - 'reallydisablesecuritysetting' => ($openbasedir == '0' && $userinfo['change_serversettings'] == '1'), - 'reallydocrootoutofcustomerroot' => (substr($documentroot, 0, strlen($customer['documentroot'])) != $customer['documentroot'] && ! preg_match('/^https?\:\/\//', $documentroot)) - ); - $question_nr = 1; - foreach ($security_questions as $question_name => $question_launch) { - if ($question_launch !== false) { - $params[$question_name] = $question_name; - - if (! isset($_POST[$question_name]) || $_POST[$question_name] != $question_name) { - ask_yesno('admin_domain_' . $question_name, $filename, $params, $question_nr); - } - } - $question_nr ++; - } - - $wwwserveralias = ($serveraliasoption == '1') ? '1' : '0'; - $iswildcarddomain = ($serveraliasoption == '0') ? '1' : '0'; - - $ins_data = array( - 'domain' => $domain, - 'customerid' => $customerid, - 'adminid' => $adminid, - 'documentroot' => $documentroot, - 'aliasdomain' => ($aliasdomain != 0 ? $aliasdomain : null), - 'zonefile' => $zonefile, - 'dkim' => $dkim, - 'wwwserveralias' => $wwwserveralias, - 'iswildcarddomain' => $iswildcarddomain, - 'isbinddomain' => $isbinddomain, - 'isemaildomain' => $isemaildomain, - 'email_only' => $email_only, - 'subcanemaildomain' => $subcanemaildomain, - 'caneditdomain' => $caneditdomain, - 'phpenabled' => $phpenabled, - 'openbasedir' => $openbasedir, - 'speciallogfile' => $speciallogfile, - 'specialsettings' => $specialsettings, - 'notryfiles' => $notryfiles, - 'ssl_redirect' => $ssl_redirect, - 'add_date' => time(), - 'registration_date' => $registration_date, - 'termination_date' => $termination_date, - 'phpsettingid' => $phpsettingid, - 'mod_fcgid_starter' => $mod_fcgid_starter, - 'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests, - 'ismainbutsubto' => $issubof, - 'letsencrypt' => $letsencrypt, - 'http2' => $http2, - 'hsts' => $hsts_maxage, - 'hsts_sub' => $hsts_sub, - 'hsts_preload' => $hsts_preload, - 'ocsp_stapling' => $ocsp_stapling - ); - - $ins_stmt = Database::prepare(" - INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET - `domain` = :domain, - `customerid` = :customerid, - `adminid` = :adminid, - `documentroot` = :documentroot, - `aliasdomain` = :aliasdomain, - `zonefile` = :zonefile, - `dkim` = :dkim, - `dkim_id` = '0', - `dkim_privkey` = '', - `dkim_pubkey` = '', - `wwwserveralias` = :wwwserveralias, - `iswildcarddomain` = :iswildcarddomain, - `isbinddomain` = :isbinddomain, - `isemaildomain` = :isemaildomain, - `email_only` = :email_only, - `subcanemaildomain` = :subcanemaildomain, - `caneditdomain` = :caneditdomain, - `phpenabled` = :phpenabled, - `openbasedir` = :openbasedir, - `speciallogfile` = :speciallogfile, - `specialsettings` = :specialsettings, - `notryfiles` = :notryfiles, - `ssl_redirect` = :ssl_redirect, - `add_date` = :add_date, - `registration_date` = :registration_date, - `termination_date` = :termination_date, - `phpsettingid` = :phpsettingid, - `mod_fcgid_starter` = :mod_fcgid_starter, - `mod_fcgid_maxrequests` = :mod_fcgid_maxrequests, - `ismainbutsubto` = :ismainbutsubto, - `letsencrypt` = :letsencrypt, - `http2` = :http2, - `hsts` = :hsts, - `hsts_sub` = :hsts_sub, - `hsts_preload` = :hsts_preload, - `ocsp_stapling` = :ocsp_stapling - "); - Database::pexecute($ins_stmt, $ins_data); - $domainid = Database::lastInsertId(); - - $upd_stmt = Database::prepare(" - UPDATE `" . TABLE_PANEL_ADMINS . "` SET `domains_used` = `domains_used` + 1 - WHERE `adminid` = :adminid"); - Database::pexecute($upd_stmt, array( - 'adminid' => $adminid - )); - - $ins_stmt = Database::prepare(" - INSERT INTO `" . TABLE_DOMAINTOIP . "` SET - `id_domain` = :domainid, - `id_ipandports` = :ipandportsid - "); - - foreach ($ipandports as $ipportid) { - $ins_data = array( - 'domainid' => $domainid, - 'ipandportsid' => $ipportid - ); - Database::pexecute($ins_stmt, $ins_data); - } - - foreach ($ssl_ipandports as $ssl_ipportid) { - if ($ssl_ipportid > 0) { - $ins_data = array( - 'domainid' => $domainid, - 'ipandportsid' => $ssl_ipportid - ); - Database::pexecute($ins_stmt, $ins_data); - } - } - - triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $log); - - $log->logAction(ADM_ACTION, LOG_INFO, "added domain '" . $domain . "'"); - inserttask('1'); - - // Using nameserver, insert a task which rebuilds the server config - inserttask('4'); - - redirectTo($filename, array( - 'page' => $page, - 's' => $s - )); - } - } else { - - $customers = makeoption($lng['panel']['please_choose'], 0, 0, true); - $result_customers_stmt = Database::prepare(" + + if (isset($_POST['send']) && $_POST['send'] == 'send') { + try { + Domains::getLocal($userinfo, $_POST)->add(); + } catch (Exception $e) { + dynamic_error($e->getMessage()); + } + redirectTo($filename, array( + 'page' => $page, + 's' => $s + )); + } else { + + $customers = makeoption($lng['panel']['please_choose'], 0, 0, true); + $result_customers_stmt = Database::prepare(" SELECT `customerid`, `loginname`, `name`, `firstname`, `company` FROM `" . TABLE_PANEL_CUSTOMERS . "` " . ($userinfo['customers_see_all'] ? '' : " WHERE `adminid` = '" . (int) $userinfo['adminid'] . "' ") . " ORDER BY COALESCE(NULLIF(`name`,''), `company`) ASC"); - $params = array(); - if ($userinfo['customers_see_all'] == '0') { - $params['adminid'] = $userinfo['adminid']; - } - Database::pexecute($result_customers_stmt, $params); - - while ($row_customer = $result_customers_stmt->fetch(PDO::FETCH_ASSOC)) { - $customers .= makeoption(getCorrectFullUserDetails($row_customer) . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']); - } - - $admins = ''; - if ($userinfo['customers_see_all'] == '1') { - - $result_admins_stmt = Database::query(" + $params = array(); + if ($userinfo['customers_see_all'] == '0') { + $params['adminid'] = $userinfo['adminid']; + } + Database::pexecute($result_customers_stmt, $params); + + while ($row_customer = $result_customers_stmt->fetch(PDO::FETCH_ASSOC)) { + $customers .= makeoption(getCorrectFullUserDetails($row_customer) . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']); + } + + $admins = ''; + if ($userinfo['customers_see_all'] == '1') { + + $result_admins_stmt = Database::query(" SELECT `adminid`, `loginname`, `name` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `domains_used` < `domains` OR `domains` = '-1' ORDER BY `name` ASC"); - - while ($row_admin = $result_admins_stmt->fetch(PDO::FETCH_ASSOC)) { - $admins .= makeoption(getCorrectFullUserDetails($row_admin) . ' (' . $row_admin['loginname'] . ')', $row_admin['adminid'], $userinfo['adminid']); - } + + while ($row_admin = $result_admins_stmt->fetch(PDO::FETCH_ASSOC)) { + $admins .= makeoption(getCorrectFullUserDetails($row_admin) . ' (' . $row_admin['loginname'] . ')', $row_admin['adminid'], $userinfo['adminid']); } - - if ($userinfo['ip'] == "-1") { - $result_ipsandports_stmt = Database::query(" + } + + if ($userinfo['ip'] == "-1") { + $result_ipsandports_stmt = Database::query(" SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ssl`='0' ORDER BY `ip`, `port` ASC "); - $result_ssl_ipsandports_stmt = Database::query(" + $result_ssl_ipsandports_stmt = Database::query(" SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ssl`='1' ORDER BY `ip`, `port` ASC "); - } else { - $admin_ip_stmt = Database::prepare(" + } else { + $admin_ip_stmt = Database::prepare(" SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = :ipid ORDER BY `ip`, `port` ASC "); - $admin_ip = Database::pexecute_first($admin_ip_stmt, array( - 'ipid' => $userinfo['ip'] - )); - - $result_ipsandports_stmt = Database::prepare(" + $admin_ip = Database::pexecute_first($admin_ip_stmt, array( + 'ipid' => $userinfo['ip'] + )); + + $result_ipsandports_stmt = Database::prepare(" SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ssl`='0' AND `ip` = :ipid ORDER BY `ip`, `port` ASC "); - Database::pexecute($result_ipsandports_stmt, array( - 'ipid' => $admin_ip['ip'] - )); - - $result_ssl_ipsandports_stmt = Database::prepare(" + Database::pexecute($result_ipsandports_stmt, array( + 'ipid' => $admin_ip['ip'] + )); + + $result_ssl_ipsandports_stmt = Database::prepare(" SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ssl`='1' AND `ip` = :ipid ORDER BY `ip`, `port` ASC "); - Database::pexecute($result_ssl_ipsandports_stmt, array( - 'ipid' => $admin_ip['ip'] - )); + Database::pexecute($result_ssl_ipsandports_stmt, array( + 'ipid' => $admin_ip['ip'] + )); + } + + // Build array holding all IPs and Ports available to this admin + $ipsandports = array(); + while ($row_ipandport = $result_ipsandports_stmt->fetch(PDO::FETCH_ASSOC)) { + + if (filter_var($row_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { + $row_ipandport['ip'] = '[' . $row_ipandport['ip'] . ']'; } - - // Build array holding all IPs and Ports available to this admin - $ipsandports = array(); - while ($row_ipandport = $result_ipsandports_stmt->fetch(PDO::FETCH_ASSOC)) { - - if (filter_var($row_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { - $row_ipandport['ip'] = '[' . $row_ipandport['ip'] . ']'; - } - - $ipsandports[] = array( - 'label' => $row_ipandport['ip'] . ':' . $row_ipandport['port'] . '
', - 'value' => $row_ipandport['id'] - ); + + $ipsandports[] = array( + 'label' => $row_ipandport['ip'] . ':' . $row_ipandport['port'] . '
', + 'value' => $row_ipandport['id'] + ); + } + + $ssl_ipsandports = array(); + while ($row_ssl_ipandport = $result_ssl_ipsandports_stmt->fetch(PDO::FETCH_ASSOC)) { + + if (filter_var($row_ssl_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { + $row_ssl_ipandport['ip'] = '[' . $row_ssl_ipandport['ip'] . ']'; } - - $ssl_ipsandports = array(); - while ($row_ssl_ipandport = $result_ssl_ipsandports_stmt->fetch(PDO::FETCH_ASSOC)) { - - if (filter_var($row_ssl_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { - $row_ssl_ipandport['ip'] = '[' . $row_ssl_ipandport['ip'] . ']'; - } - - $ssl_ipsandports[] = array( - 'label' => $row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'] . '
', - 'value' => $row_ssl_ipandport['id'] - ); - } - - $standardsubdomains = array(); - $result_standardsubdomains_stmt = Database::query(" + + $ssl_ipsandports[] = array( + 'label' => $row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'] . '
', + 'value' => $row_ssl_ipandport['id'] + ); + } + + $standardsubdomains = array(); + $result_standardsubdomains_stmt = Database::query(" SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `d`.`id` = `c`.`standardsubdomain` "); - - while ($row_standardsubdomain = $result_standardsubdomains_stmt->fetch(PDO::FETCH_ASSOC)) { - $standardsubdomains[] = $row_standardsubdomain['id']; - } - - if (count($standardsubdomains) > 0) { - $standardsubdomains = " AND `d`.`id` NOT IN (" . join(',', $standardsubdomains) . ") "; - } else { - $standardsubdomains = ''; - } - - $domains = makeoption($lng['domains']['noaliasdomain'], 0, NULL, true); - $result_domains_stmt = Database::prepare(" + + while ($row_standardsubdomain = $result_standardsubdomains_stmt->fetch(PDO::FETCH_ASSOC)) { + $standardsubdomains[] = $row_standardsubdomain['id']; + } + + if (count($standardsubdomains) > 0) { + $standardsubdomains = " AND `d`.`id` NOT IN (" . join(',', $standardsubdomains) . ") "; + } else { + $standardsubdomains = ''; + } + + $domains = makeoption($lng['domains']['noaliasdomain'], 0, NULL, true); + $result_domains_stmt = Database::prepare(" SELECT `d`.`id`, `d`.`domain`, `c`.`loginname` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `d`.`aliasdomain` IS NULL AND `d`.`parentdomainid` = 0" . $standardsubdomains . ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = :adminid") . " AND `d`.`customerid`=`c`.`customerid` ORDER BY `loginname`, `domain` ASC "); - $params = array(); - if ($userinfo['customers_see_all'] == '0') { - $params['adminid'] = $userinfo['adminid']; - } - Database::pexecute($result_domains_stmt, $params); - - while ($row_domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) { - $domains .= makeoption($idna_convert->decode($row_domain['domain']) . ' (' . $row_domain['loginname'] . ')', $row_domain['id']); - } - - $subtodomains = makeoption($lng['domains']['nosubtomaindomain'], 0, NULL, true); - $result_domains_stmt = Database::prepare(" + $params = array(); + if ($userinfo['customers_see_all'] == '0') { + $params['adminid'] = $userinfo['adminid']; + } + Database::pexecute($result_domains_stmt, $params); + + while ($row_domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) { + $domains .= makeoption($idna_convert->decode($row_domain['domain']) . ' (' . $row_domain['loginname'] . ')', $row_domain['id']); + } + + $subtodomains = makeoption($lng['domains']['nosubtomaindomain'], 0, NULL, true); + $result_domains_stmt = Database::prepare(" SELECT `d`.`id`, `d`.`domain`, `c`.`loginname` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `d`.`aliasdomain` IS NULL AND `d`.`parentdomainid` = 0 AND `d`.`ismainbutsubto` = 0 " . $standardsubdomains . ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = :adminid") . " AND `d`.`customerid`=`c`.`customerid` ORDER BY `loginname`, `domain` ASC "); - // params from above still valid - Database::pexecute($result_domains_stmt, $params); - - while ($row_domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) { - $subtodomains .= makeoption($idna_convert->decode($row_domain['domain']) . ' (' . $row_domain['loginname'] . ')', $row_domain['id']); - } - - $phpconfigs = ''; - $configs = Database::query(" + // params from above still valid + Database::pexecute($result_domains_stmt, $params); + + while ($row_domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) { + $subtodomains .= makeoption($idna_convert->decode($row_domain['domain']) . ' (' . $row_domain['loginname'] . ')', $row_domain['id']); + } + + $phpconfigs = ''; + $configs = Database::query(" SELECT c.*, fc.description as interpreter FROM `" . TABLE_PANEL_PHPCONFIGS . "` c LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid "); - - while ($row = $configs->fetch(PDO::FETCH_ASSOC)) { - if ((int) Settings::Get('phpfpm.enabled') == 1) { - $phpconfigs .= makeoption($row['description'] . " [".$row['interpreter']."]", $row['id'], Settings::Get('phpfpm.defaultini'), true, true); - } else { - $phpconfigs .= makeoption($row['description'], $row['id'], Settings::Get('system.mod_fcgid_defaultini'), true, true); - } + + while ($row = $configs->fetch(PDO::FETCH_ASSOC)) { + if ((int) Settings::Get('phpfpm.enabled') == 1) { + $phpconfigs .= makeoption($row['description'] . " [" . $row['interpreter'] . "]", $row['id'], Settings::Get('phpfpm.defaultini'), true, true); + } else { + $phpconfigs .= makeoption($row['description'], $row['id'], Settings::Get('system.mod_fcgid_defaultini'), true, true); } - - // create serveralias options - $serveraliasoptions = ""; - $serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_wildcard'], '0', '0', true, true); - $serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_www'], '1', '0', true, true); - $serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_none'], '2', '0', true, true); - - $subcanemaildomain = makeoption($lng['admin']['subcanemaildomain']['never'], '0', '0', true, true); - $subcanemaildomain .= makeoption($lng['admin']['subcanemaildomain']['choosableno'], '1', '0', true, true); - $subcanemaildomain .= makeoption($lng['admin']['subcanemaildomain']['choosableyes'], '2', '0', true, true); - $subcanemaildomain .= makeoption($lng['admin']['subcanemaildomain']['always'], '3', '0', true, true); - - $add_date = date('Y-m-d'); - - $domain_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/domains/formfield.domains_add.php'; - $domain_add_form = htmlform::genHTMLForm($domain_add_data); - - $title = $domain_add_data['domain_add']['title']; - $image = $domain_add_data['domain_add']['image']; - - eval("echo \"" . getTemplate("domains/domains_add") . "\";"); } + + // create serveralias options + $serveraliasoptions = ""; + $serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_wildcard'], '0', '0', true, true); + $serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_www'], '1', '0', true, true); + $serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_none'], '2', '0', true, true); + + $subcanemaildomain = makeoption($lng['admin']['subcanemaildomain']['never'], '0', '0', true, true); + $subcanemaildomain .= makeoption($lng['admin']['subcanemaildomain']['choosableno'], '1', '0', true, true); + $subcanemaildomain .= makeoption($lng['admin']['subcanemaildomain']['choosableyes'], '2', '0', true, true); + $subcanemaildomain .= makeoption($lng['admin']['subcanemaildomain']['always'], '3', '0', true, true); + + $add_date = date('Y-m-d'); + + $domain_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/domains/formfield.domains_add.php'; + $domain_add_form = htmlform::genHTMLForm($domain_add_data); + + $title = $domain_add_data['domain_add']['title']; + $image = $domain_add_data['domain_add']['image']; + + eval("echo \"" . getTemplate("domains/domains_add") . "\";"); } } elseif ($action == 'edit' && $id != 0) { - - $result_stmt = Database::prepare(" - SELECT `d`.*, `c`.`customerid` - FROM `" . TABLE_PANEL_DOMAINS . "` `d` - LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) - WHERE `d`.`parentdomainid` = '0' - AND `d`.`id` = :id" . ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = :adminid") - ); - $params = array( - 'id' => $id - ); - if ($userinfo['customers_see_all'] == '0') { - $params['adminid'] = $userinfo['adminid']; + + try { + $json_result = Domains::getLocal($userinfo, array( + 'id' => $id + ))->get(); + } catch (Exception $e) { + dynamic_error($e->getMessage()); } - $result = Database::pexecute_first($result_stmt, $params); - + $result = json_decode($json_result, true)['data']; + if ($result['domain'] != '') { - + $subdomains_stmt = Database::prepare(" SELECT COUNT(`id`) AS count FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `parentdomainid` = :resultid @@ -1150,7 +363,7 @@ if ($page == 'domains' || $page == 'overview') { 'resultid' => $result['id'] )); $subdomains = $subdomains['count']; - + $alias_check_stmt = Database::prepare(" SELECT COUNT(`id`) AS count FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `aliasdomain` = :resultid @@ -1159,7 +372,7 @@ if ($page == 'domains' || $page == 'overview') { 'resultid' => $result['id'] )); $alias_check = $alias_check['count']; - + $domain_emails_result_stmt = Database::prepare(" SELECT `email`, `email_full`, `destination`, `popaccountid` AS `number_email_forwarders` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid` = :customerid AND `domainid` = :id @@ -1168,876 +381,49 @@ if ($page == 'domains' || $page == 'overview') { 'customerid' => $result['customerid'], 'id' => $result['id'] )); - + $emails = Database::num_rows(); $email_forwarders = 0; $email_accounts = 0; - + while ($domain_emails_row = $domain_emails_result_stmt->fetch(PDO::FETCH_ASSOC)) { - + if ($domain_emails_row['destination'] != '') { - + $domain_emails_row['destination'] = explode(' ', makeCorrectDestination($domain_emails_row['destination'])); $email_forwarders += count($domain_emails_row['destination']); - + if (in_array($domain_emails_row['email_full'], $domain_emails_row['destination'])) { $email_forwarders -= 1; $email_accounts ++; } } } - + $ipsresult_stmt = Database::prepare(" SELECT `id_ipandports` FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = :id "); Database::pexecute($ipsresult_stmt, array( 'id' => $result['id'] )); - + $usedips = array(); while ($ipsresultrow = $ipsresult_stmt->fetch(PDO::FETCH_ASSOC)) { $usedips[] = $ipsresultrow['id_ipandports']; } - + if (isset($_POST['send']) && $_POST['send'] == 'send') { - - $customer_stmt = Database::prepare(" - SELECT * FROM " . TABLE_PANEL_CUSTOMERS . " WHERE `customerid` = :customerid - "); - $customer = Database::pexecute_first($customer_stmt, array( - 'customerid' => $result['customerid'] - )); - - $customerid = - 1; - if (isset($_POST['customerid'])) { - $customerid = intval($_POST['customerid']); - } - - if ($customerid > 0 && $customerid != $result['customerid'] && Settings::Get('panel.allow_domain_change_customer') == '1') { - - $customer_stmt = Database::prepare(" - SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "` - WHERE `customerid` = :customerid - AND (`subdomains_used` + :subdomains <= `subdomains` OR `subdomains` = '-1' ) - AND (`emails_used` + :emails <= `emails` OR `emails` = '-1' ) - AND (`email_forwarders_used` + :forwarders <= `email_forwarders` OR `email_forwarders` = '-1' ) - AND (`email_accounts_used` + :accounts <= `email_accounts` OR `email_accounts` = '-1' ) " . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = :adminid")); - - $params = array( - 'customerid' => $customerid, - 'subdomains' => $subdomains, - 'emails' => $emails, - 'forwarders' => $email_forwarders, - 'accounts' => $email_accounts - ); - if ($userinfo['customers_see_all'] == '0') { - $params['adminid'] = $userinfo['adminid']; - } - - $customer = Database::pexecute_first($customer_stmt, $params); - if (empty($customer) || $customer['customerid'] != $customerid) { - standard_error('customerdoesntexist'); - } - } else { - $customerid = $result['customerid']; - } - - $customer_stmt = Database::prepare(" - SELECT * FROM " . TABLE_PANEL_ADMINS . " WHERE `adminid` = :adminid - "); - $admin = Database::pexecute_first($customer_stmt, array( - 'adminid' => $result['adminid'] - )); - - if ($userinfo['customers_see_all'] == '1') { - - $adminid = - 1; - if (isset($_POST['adminid'])) { - $adminid = intval($_POST['adminid']); - } - - if ($adminid > 0 && $adminid != $result['adminid'] && Settings::Get('panel.allow_domain_change_admin') == '1') { - - $admin_stmt = Database::prepare(" - SELECT * FROM `" . TABLE_PANEL_ADMINS . "` - WHERE `adminid` = :adminid AND ( `domains_used` < `domains` OR `domains` = '-1' ) - "); - $admin = Database::pexecute_first($admin_stmt, array( - 'adminid' => $adminid - )); - - if (empty($admin) || $admin['adminid'] != $adminid) { - standard_error('admindoesntexist'); - } - } else { - $adminid = $result['adminid']; - } - } else { - $adminid = $result['adminid']; - } - - $aliasdomain = isset($_POST['alias']) ? intval($_POST['alias']) : 0; - $issubof = intval($_POST['issubof']); - $subcanemaildomain = intval($_POST['subcanemaildomain']); - $caneditdomain = isset($_POST['caneditdomain']) ? intval($_POST['caneditdomain']) : 0; - $registration_date = trim($_POST['registration_date']); - $registration_date = validate($registration_date, 'registration_date', '/^(19|20)\d\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array( - '0000-00-00', - '0', - '' - )); - if ($registration_date == '0000-00-00') { - $registration_date = null; - } - $termination_date = trim($_POST['termination_date']); - $termination_date = validate($termination_date, 'termination_date', '/^(19|20)\d\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array( - '0000-00-00', - '0', - '' - )); - if ($termination_date == '0000-00-00') { - $termination_date = null; - } - - $isemaildomain = 0; - if (isset($_POST['isemaildomain'])) { - $isemaildomain = intval($_POST['isemaildomain']); - } - - $email_only = 0; - if (isset($_POST['email_only'])) { - $email_only = intval($_POST['email_only']); - } - - $serveraliasoption = '2'; - if ($result['iswildcarddomain'] == '1') { - $serveraliasoption = '0'; - } elseif ($result['wwwserveralias'] == '1') { - $serveraliasoption = '1'; - } - if (isset($_POST['selectserveralias'])) { - $serveraliasoption = intval($_POST['selectserveralias']); - } - - $speciallogfile = 0; - if (isset($_POST['speciallogfile'])) - $speciallogfile = intval($_POST['speciallogfile']); - - if ($userinfo['change_serversettings'] == '1') { - $isbinddomain = $result['isbinddomain']; - $zonefile = $result['zonefile']; - if (Settings::Get('system.bind_enable') == '1') { - if (isset($_POST['isbinddomain'])) { - $isbinddomain = (int) $_POST['isbinddomain']; - } else { - $isbinddomain = 0; - } - $zonefile = validate($_POST['zonefile'], 'zonefile'); - } - - if (Settings::Get('dkim.use_dkim') == '1') { - $dkim = isset($_POST['dkim']) ? 1 : 0; - } else { - $dkim = $result['dkim']; - } - - $specialsettings = validate(str_replace("\r\n", "\n", $_POST['specialsettings']), 'specialsettings', '/^[^\0]*$/'); - $ssfs = (isset($_POST['specialsettingsforsubdomains']) && intval($_POST['specialsettingsforsubdomains']) == 1) ? 1 : 0; - $notryfiles = isset($_POST['notryfiles']) && (int)$_POST['notryfiles'] == 1 ? 1 : 0; - $documentroot = validate($_POST['documentroot'], 'documentroot'); - - if ($documentroot == '') { - // If path is empty and 'Use domain name as default value for DocumentRoot path' is enabled in settings, - // set default path to subdomain or domain name - if (Settings::Get('system.documentroot_use_default_value') == 1) { - $documentroot = makeCorrectDir($customer['documentroot'] . '/' . $result['domain']); - } else { - $documentroot = $customer['documentroot']; - } - } - - if (! preg_match('/^https?\:\/\//', $documentroot) && strstr($documentroot, ":") !== false) { - standard_error('pathmaynotcontaincolon'); - } - } else { - $isbinddomain = $result['isbinddomain']; - $zonefile = $result['zonefile']; - $dkim = $result['dkim']; - $specialsettings = $result['specialsettings']; - $ssfs = (empty($specialsettings) ? 0 : 1); - $notryfiles = $result['notryfiles']; - $documentroot = $result['documentroot']; - } - - $speciallogverified = (isset($_POST['speciallogverified']) ? (int) $_POST['speciallogverified'] : 0); - - if ($userinfo['caneditphpsettings'] == '1' || $userinfo['change_serversettings'] == '1') { - - $phpenabled = isset($_POST['phpenabled']) ? intval($_POST['phpenabled']) : 0; - $openbasedir = isset($_POST['openbasedir']) ? intval($_POST['openbasedir']) : 0; - $phpfs = (isset($_POST['phpsettingsforsubdomains']) && intval($_POST['phpsettingsforsubdomains']) == 1) ? 1 : 0; - - if ((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) { - $phpsettingid = (int) $_POST['phpsettingid']; - $phpsettingid_check_stmt = Database::prepare(" - SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :phpid - "); - $phpsettingid_check = Database::pexecute_first($phpsettingid_check_stmt, array( - 'phpid' => $phpsettingid - )); - - if (! isset($phpsettingid_check['id']) || $phpsettingid_check['id'] == '0' || $phpsettingid_check['id'] != $phpsettingid) { - standard_error('phpsettingidwrong'); - } - - if ((int) Settings::Get('system.mod_fcgid') == 1) { - $mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array( - '-1', - '' - )); - $mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array( - '-1', - '' - )); - } else { - $mod_fcgid_starter = $result['mod_fcgid_starter']; - $mod_fcgid_maxrequests = $result['mod_fcgid_maxrequests']; - } - } else { - $phpsettingid = $result['phpsettingid']; - $phpfs = 1; - $mod_fcgid_starter = $result['mod_fcgid_starter']; - $mod_fcgid_maxrequests = $result['mod_fcgid_maxrequests']; - } - } else { - $phpenabled = $result['phpenabled']; - $openbasedir = $result['openbasedir']; - $phpsettingid = $result['phpsettingid']; - $phpfs = 1; - $mod_fcgid_starter = $result['mod_fcgid_starter']; - $mod_fcgid_maxrequests = $result['mod_fcgid_maxrequests']; - } - - $ipandports = array(); - if (isset($_POST['ipandport']) && ! is_array($_POST['ipandport'])) { - $_POST['ipandport'] = unserialize($_POST['ipandport']); - } - if (isset($_POST['ipandport']) && is_array($_POST['ipandport'])) { - - $ipandport_check_stmt = Database::prepare(" - SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = :ipandport - "); - foreach ($_POST['ipandport'] as $ipandport) { - if (trim($ipandport) == "") - continue; - $ipandport = intval($ipandport); - $ipandport_check = Database::pexecute_first($ipandport_check_stmt, array( - 'ipandport' => $ipandport - )); - if (! isset($ipandport_check['id']) || $ipandport_check['id'] == '0' || $ipandport_check['id'] != $ipandport) { - standard_error('ipportdoesntexist'); - } else { - $ipandports[] = $ipandport; - } - } - } - - if (Settings::Get('system.use_ssl') == '1' && isset($_POST['ssl_ipandport'])) { - $ssl = 1; // if ssl is set and != 0, it can only be 1 - $ssl_redirect = 0; - if (isset($_POST['ssl_redirect'])) { - $ssl_redirect = (int) $_POST['ssl_redirect']; - } - - $letsencrypt = 0; - if (isset($_POST['letsencrypt'])) { - $letsencrypt = (int) $_POST['letsencrypt']; - } - - $http2 = isset($_POST['http2']) && (int)$_POST['http2'] == 1 ? 1 : 0; - - // HSTS - $hsts_maxage = isset($_POST['hsts_maxage']) ? (int)$_POST['hsts_maxage'] : 0; - $hsts_sub = isset($_POST['hsts_sub']) && (int)$_POST['hsts_sub'] == 1 ? 1 : 0; - $hsts_preload = isset($_POST['hsts_preload']) && (int)$_POST['hsts_preload'] == 1 ? 1 : 0; - - // OCSP stapling - $ocsp_stapling = isset($_POST['ocsp_stapling']) && (int)$_POST['ocsp_stapling'] == 1 ? 1 : 0; - - $ssl_ipandports = array(); - if (isset($_POST['ssl_ipandport']) && ! is_array($_POST['ssl_ipandport'])) { - $_POST['ssl_ipandport'] = unserialize($_POST['ssl_ipandport']); - } - if (isset($_POST['ssl_ipandport']) && is_array($_POST['ssl_ipandport'])) { - - $ssl_ipandport_check_stmt = Database::prepare(" - SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = :ipandport - "); - foreach ($_POST['ssl_ipandport'] as $ssl_ipandport) { - if (trim($ssl_ipandport) == "") - continue; - // fix if ip/port got de-checked and it was the last one - if (trim($ssl_ipandport) < 1) - continue; - $ssl_ipandport = intval($ssl_ipandport); - $ssl_ipandport_check = Database::pexecute_first($ssl_ipandport_check_stmt, array( - 'ipandport' => $ssl_ipandport - )); - if (! isset($ssl_ipandport_check['id']) || $ssl_ipandport_check['id'] == '0' || $ssl_ipandport_check['id'] != $ssl_ipandport) { - standard_error('ipportdoesntexist'); - } else { - $ssl_ipandports[] = $ssl_ipandport; - } - } - - } else { - $ssl_redirect = 0; - $letsencrypt = 0; - $http2 = 0; - // we need this for the serialize - // if ssl is disabled or no ssl-ip/port exists - $ssl_ipandports[] = - 1; - - // HSTS - $hsts_maxage = 0; - $hsts_sub = 0; - $hsts_preload = 0; - - // OCSP stapling - $ocsp_stapling = 0; - } - } else { - $ssl_redirect = 0; - $letsencrypt = 0; - $http2 = 0; - // we need this for the serialize - // if ssl is disabled or no ssl-ip/port exists - $ssl_ipandports[] = - 1; - - // HSTS - $hsts_maxage = 0; - $hsts_sub = 0; - $hsts_preload = 0; - - // OCSP stapling - $ocsp_stapling = 0; - } - - // We can't enable let's encrypt for wildcard domains when using acme-v1 - if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '1') { - standard_error('nowildcardwithletsencrypt'); - } - // if using acme-v2 we cannot issue wildcard-certificates - // because they currently only support the dns-01 challenge - if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '2') { - standard_error('nowildcardwithletsencryptv2'); - } - - // Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated - if ($ssl_redirect > 0 && $letsencrypt == 1 && $result['letsencrypt'] != $letsencrypt) { - $ssl_redirect = 2; - } - - if (! preg_match('/^https?\:\/\//', $documentroot)) { - $documentroot = makeCorrectDir($documentroot); - } - - if ($phpenabled != '1') { - $phpenabled = '0'; - } - - if ($openbasedir != '1') { - $openbasedir = '0'; - } - - if ($isbinddomain != '1') { - $isbinddomain = '0'; - } - - if ($isemaildomain != '1') { - $isemaildomain = '0'; - } - - if ($email_only == '1') { - $isemaildomain = '1'; - } else { - $email_only = '0'; - } - - if ($subcanemaildomain != '1' && $subcanemaildomain != '2' && $subcanemaildomain != '3') { - $subcanemaildomain = '0'; - } - - if ($dkim != '1') { - $dkim = '0'; - } - - if ($caneditdomain != '1') { - $caneditdomain = '0'; - } - - $aliasdomain_check = array( - 'id' => 0 - ); - - if ($aliasdomain != 0) { - // Overwrite given ipandports with these of the "main" domain - $ipandports = array(); - $ssl_ipandports = array(); - $origipresult_stmt = Database::prepare(" - SELECT `id_ipandports` FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = :aliasdomain - "); - Database::pexecute($origipresult_stmt, array( - 'aliasdomain' => $aliasdomain - )); - $ipdata_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = :ipid"); - while ($origip = $origipresult_stmt->fetch(PDO::FETCH_ASSOC)) { - $_origip_tmp = Database::pexecute_first($ipdata_stmt, array( - 'ipid' => $origip['id_ipandports'] - )); - if ($_origip_tmp['ssl'] == 0) { - $ipandports[] = $origip['id_ipandports']; - } else { - $ssl_ipandports[] = $origip['id_ipandports']; - } - } - - if (count($ssl_ipandports) == 0) { - // we need this for the serialize - // if ssl is disabled or no ssl-ip/port exists - $ssl_ipandports[] = - 1; - } - - $aliasdomain_check_stmt = Database::prepare(" - SELECT `d`.`id` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` - WHERE `d`.`customerid` = :customerid - AND `d`.`aliasdomain` IS NULL AND `d`.`id` <> `c`.`standardsubdomain` - AND `c`.`customerid` = :customerid - AND `d`.`id` = :aliasdomain - "); - $aliasdomain_check = Database::pexecute_first($aliasdomain_check_stmt, array( - 'customerid' => $customerid, - 'aliasdomain' => $aliasdomain - )); - } - - if (count($ipandports) == 0) { - standard_error('noipportgiven'); - } - - if ($aliasdomain_check['id'] != $aliasdomain) { - standard_error('domainisaliasorothercustomer'); - } - - if ($issubof <= '0') { - $issubof = '0'; - } - - if ($serveraliasoption != '1' && $serveraliasoption != '2') { - $serveraliasoption = '0'; - } - - $params = array( - 'id' => $id, - 'page' => $page, - 'action' => $action, - 'customerid' => $customerid, - 'adminid' => $adminid, - 'documentroot' => $documentroot, - 'alias' => $aliasdomain, - 'isbinddomain' => $isbinddomain, - 'isemaildomain' => $isemaildomain, - 'email_only' => $email_only, - 'subcanemaildomain' => $subcanemaildomain, - 'caneditdomain' => $caneditdomain, - 'zonefile' => $zonefile, - 'dkim' => $dkim, - 'selectserveralias' => $serveraliasoption, - 'ssl_redirect' => $ssl_redirect, - 'phpenabled' => $phpenabled, - 'openbasedir' => $openbasedir, - 'phpsettingid' => $phpsettingid, - 'phpsettingsforsubdomains' => $phpfs, - 'mod_fcgid_starter' => $mod_fcgid_starter, - 'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests, - 'specialsettings' => $specialsettings, - 'specialsettingsforsubdomains' => $ssfs, - 'notryfiles' => $notryfiles, - 'registration_date' => $registration_date, - 'termination_date' => $termination_date, - 'issubof' => $issubof, - 'speciallogfile' => $speciallogfile, - 'speciallogverified' => $speciallogverified, - 'ipandport' => serialize($ipandports), - 'ssl_ipandport' => serialize($ssl_ipandports), - 'letsencrypt' => $letsencrypt, - 'http2' => $http2, - 'hsts_maxage' => $hsts_maxage, - 'hsts_sub' => $hsts_sub, - 'hsts_preload' => $hsts_preload, - 'ocsp_stapling' => $ocsp_stapling - ); - - $security_questions = array( - 'reallydisablesecuritysetting' => ($openbasedir == '0' && $userinfo['change_serversettings'] == '1'), - 'reallydocrootoutofcustomerroot' => (substr($documentroot, 0, strlen($customer['documentroot'])) != $customer['documentroot'] && ! preg_match('/^https?\:\/\//', $documentroot)) - ); - foreach ($security_questions as $question_name => $question_launch) { - if ($question_launch !== false) { - $params[$question_name] = $question_name; - if (! isset($_POST[$question_name]) || $_POST[$question_name] != $question_name) { - ask_yesno('admin_domain_' . $question_name, $filename, $params); - } - } - } - - $wwwserveralias = ($serveraliasoption == '1') ? '1' : '0'; - $iswildcarddomain = ($serveraliasoption == '0') ? '1' : '0'; - - if ( - $documentroot != $result['documentroot'] || - $ssl_redirect != $result['ssl_redirect'] || - $wwwserveralias != $result['wwwserveralias'] || - $iswildcarddomain != $result['iswildcarddomain'] || - $phpenabled != $result['phpenabled'] || - $openbasedir != $result['openbasedir'] || - $phpsettingid != $result['phpsettingid'] || - $mod_fcgid_starter != $result['mod_fcgid_starter'] || - $mod_fcgid_maxrequests != $result['mod_fcgid_maxrequests'] || - $specialsettings != $result['specialsettings'] || - $notryfiles != $result['notryfiles'] || - $aliasdomain != $result['aliasdomain'] || - $issubof != $result['ismainbutsubto'] || - $email_only != $result['email_only'] || - ($speciallogfile != $result['speciallogfile'] && $speciallogverified == '1') || - $letsencrypt != $result['letsencrypt'] || - $http2 != $result['http2'] || - $hsts_maxage != $result['hsts'] || - $hsts_sub != $result['hsts_sub'] || - $hsts_preload != $result['hsts_preload'] || - $ocsp_stapling != $result['ocsp_stapling'] - ) { - inserttask('1'); - } - - if ($speciallogfile != $result['speciallogfile'] && $speciallogverified != '1') { - $speciallogfile = $result['speciallogfile']; - } - - if ($isbinddomain != $result['isbinddomain'] || $zonefile != $result['zonefile'] || $dkim != $result['dkim']) { - inserttask('4'); - } - - if ($isemaildomain == '0' && $result['isemaildomain'] == '1') { - $del_stmt = Database::prepare(" - DELETE FROM `" . TABLE_MAIL_USERS . "` WHERE `domainid` = :id - "); - Database::pexecute($del_stmt, array( - 'id' => $id - )); - - $del_stmt = Database::prepare(" - DELETE FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `domainid` = :id - "); - Database::pexecute($del_stmt, array( - 'id' => $id - )); - $log->logAction(ADM_ACTION, LOG_NOTICE, "deleted domain #" . $id . " from mail-tables"); - } - - // check whether LE has been disabled, so we remove the certificate - if ($letsencrypt == '0' && $result['letsencrypt'] == '1') { - $del_stmt = Database::prepare(" - DELETE FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` = :id - "); - Database::pexecute($del_stmt, array( - 'id' => $id - )); - } - - $updatechildren = ''; - - if ($subcanemaildomain == '0' && $result['subcanemaildomain'] != '0') { - $updatechildren = ", `isemaildomain` = '0' "; - } elseif ($subcanemaildomain == '3' && $result['subcanemaildomain'] != '3') { - $updatechildren = ", `isemaildomain` = '1' "; - } - - if ($customerid != $result['customerid'] && Settings::Get('panel.allow_domain_change_customer') == '1') { - $upd_data = array( - 'customerid' => $customerid, - 'domainid' => $result['id'] - ); - $upd_stmt = Database::prepare(" - UPDATE `" . TABLE_MAIL_USERS . "` SET `customerid` = :customerid WHERE `domainid` = :domainid - "); - Database::pexecute($upd_stmt, $upd_data); - $upd_stmt = Database::prepare(" - UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `customerid` = :customerid WHERE `domainid` = :domainid - "); - Database::pexecute($upd_stmt, $upd_data); - $upd_data = array( - 'subdomains' => $subdomains, - 'emails' => $emails, - 'forwarders' => $email_forwarders, - 'accounts' => $email_accounts - ); - $upd_data['customerid'] = $customerid; - $upd_stmt = Database::prepare(" - UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET - `subdomains_used` = `subdomains_used` + :subdomains, - `emails_used` = `emails_used` + :emails, - `email_forwarders_used` = `email_forwarders_used` + :forwarders, - `email_accounts_used` = `email_accounts_used` + :accounts - WHERE `customerid` = :customerid - "); - Database::pexecute($upd_stmt, $upd_data); - - $upd_data['customerid'] = $result['customerid']; - $upd_stmt = Database::prepare(" - UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET - `subdomains_used` = `subdomains_used` - :subdomains, - `emails_used` = `emails_used` - :emails, - `email_forwarders_used` = `email_forwarders_used` - :forwarders, - `email_accounts_used` = `email_accounts_used` - :accounts - WHERE `customerid` = :customerid - "); - Database::pexecute($upd_stmt, $upd_data); - } - - if ($adminid != $result['adminid'] && Settings::Get('panel.allow_domain_change_admin') == '1') { - $upd_stmt = Database::prepare(" - UPDATE `" . TABLE_PANEL_ADMINS . "` SET `domains_used` = `domains_used` + 1 WHERE `adminid` = :adminid - "); - Database::pexecute($upd_stmt, array( - 'adminid' => $adminid - )); - - $upd_stmt = Database::prepare(" - UPDATE `" . TABLE_PANEL_ADMINS . "` SET `domains_used` = `domains_used` - 1 WHERE `adminid` = :adminid - "); - Database::pexecute($upd_stmt, array( - 'adminid' => $result['adminid'] - )); - } - - $_update_data = array(); - - $ssfs = isset($_POST['specialsettingsforsubdomains']) ? 1 : 0; - if ($ssfs == 1) { - $_update_data['specialsettings'] = $specialsettings; - $upd_specialsettings = ", `specialsettings` = :specialsettings "; - } else { - $upd_specialsettings = ''; - unset($_update_data['specialsettings']); - $upd_stmt = Database::prepare(" - UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `specialsettings`='' WHERE `parentdomainid` = :id - "); - Database::pexecute($upd_stmt, array( - 'id' => $id - )); - $log->logAction(ADM_ACTION, LOG_INFO, "removed specialsettings on all subdomains of domain #" . $id); - } - - $wwwserveralias = ($serveraliasoption == '1') ? '1' : '0'; - $iswildcarddomain = ($serveraliasoption == '0') ? '1' : '0'; - - $update_data = array(); - $update_data['customerid'] = $customerid; - $update_data['adminid'] = $adminid; - $update_data['documentroot'] = $documentroot; - $update_data['ssl_redirect'] = $ssl_redirect; - $update_data['aliasdomain'] = ($aliasdomain != 0 && $alias_check == 0) ? $aliasdomain : null; - $update_data['isbinddomain'] = $isbinddomain; - $update_data['isemaildomain'] = $isemaildomain; - $update_data['email_only'] = $email_only; - $update_data['subcanemaildomain'] = $subcanemaildomain; - $update_data['dkim'] = $dkim; - $update_data['caneditdomain'] = $caneditdomain; - $update_data['zonefile'] = $zonefile; - $update_data['wwwserveralias'] = $wwwserveralias; - $update_data['iswildcarddomain'] = $iswildcarddomain; - $update_data['phpenabled'] = $phpenabled; - $update_data['openbasedir'] = $openbasedir; - $update_data['speciallogfile'] = $speciallogfile; - $update_data['phpsettingid'] = $phpsettingid; - $update_data['mod_fcgid_starter'] = $mod_fcgid_starter; - $update_data['mod_fcgid_maxrequests'] = $mod_fcgid_maxrequests; - $update_data['specialsettings'] = $specialsettings; - $update_data['notryfiles'] = $notryfiles; - $update_data['registration_date'] = $registration_date; - $update_data['termination_date'] = $termination_date; - $update_data['ismainbutsubto'] = $issubof; - $update_data['letsencrypt'] = $letsencrypt; - $update_data['http2'] = $http2; - $update_data['hsts'] = $hsts_maxage; - $update_data['hsts_sub'] = $hsts_sub; - $update_data['hsts_preload'] = $hsts_preload; - $update_data['ocsp_stapling'] = $ocsp_stapling; - $update_data['id'] = $id; - - $update_stmt = Database::prepare(" - UPDATE `" . TABLE_PANEL_DOMAINS . "` SET - `customerid` = :customerid, - `adminid` = :adminid, - `documentroot` = :documentroot, - `ssl_redirect` = :ssl_redirect, - `aliasdomain` = :aliasdomain, - `isbinddomain` = :isbinddomain, - `isemaildomain` = :isemaildomain, - `email_only` = :email_only, - `subcanemaildomain` = :subcanemaildomain, - `dkim` = :dkim, - `caneditdomain` = :caneditdomain, - `zonefile` = :zonefile, - `wwwserveralias` = :wwwserveralias, - `iswildcarddomain` = :iswildcarddomain, - `phpenabled` = :phpenabled, - `openbasedir` = :openbasedir, - `speciallogfile` = :speciallogfile, - `phpsettingid` = :phpsettingid, - `mod_fcgid_starter` = :mod_fcgid_starter, - `mod_fcgid_maxrequests` = :mod_fcgid_maxrequests, - `specialsettings` = :specialsettings, - `notryfiles` = :notryfiles, - `registration_date` = :registration_date, - `termination_date` = :termination_date, - `ismainbutsubto` = :ismainbutsubto, - `letsencrypt` = :letsencrypt, - `http2` = :http2, - `hsts` = :hsts, - `hsts_sub` = :hsts_sub, - `hsts_preload` = :hsts_preload, - `ocsp_stapling` = :ocsp_stapling - WHERE `id` = :id - "); - Database::pexecute($update_stmt, $update_data); - - $_update_data['customerid'] = $customerid; - $_update_data['adminid'] = $adminid; - $_update_data['phpenabled'] = $phpenabled; - $_update_data['openbasedir'] = $openbasedir; - $_update_data['mod_fcgid_starter'] = $mod_fcgid_starter; - $_update_data['mod_fcgid_maxrequests'] = $mod_fcgid_maxrequests; - $_update_data['parentdomainid'] = $id; - - // if php config is to be set for all subdomains, check here - $update_phpconfig = ''; - $phpfs = isset($_POST['phpsettingsforsubdomains']) ? 1 : 0; - if ($phpfs == 1) { - $_update_data['phpsettingid'] = $phpsettingid; - $update_phpconfig = ", `phpsettingid` = :phpsettingid"; - } - - // if we have no more ssl-ip's for this domain, - // all its subdomains must have "ssl-redirect = 0" - // and disable let's encrypt - $update_sslredirect = ''; - if (count($ssl_ipandports) == 1 && $ssl_ipandports[0] == - 1) { - $update_sslredirect = ", `ssl_redirect` = '0', `letsencrypt` = '0' "; - } - - $_update_stmt = Database::prepare(" - UPDATE `" . TABLE_PANEL_DOMAINS . "` SET - `customerid` = :customerid, - `adminid` = :adminid, - `phpenabled` = :phpenabled, - `openbasedir` = :openbasedir, - `mod_fcgid_starter` = :mod_fcgid_starter, - `mod_fcgid_maxrequests` = :mod_fcgid_maxrequests - " . $update_phpconfig . $upd_specialsettings . $updatechildren . $update_sslredirect . " - WHERE `parentdomainid` = :parentdomainid - "); - Database::pexecute($_update_stmt, $_update_data); - - // FIXME check how many we got and if the amount of assigned IP's - // has changed so we can insert a config-rebuild task if only - // the ip's of this domain were changed - // -> for now, always insert a rebuild-task - inserttask('1'); - - // Cleanup domain <-> ip mapping - $del_stmt = Database::prepare(" - DELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = :id - "); - Database::pexecute($del_stmt, array( - 'id' => $id - )); - - $ins_stmt = Database::prepare(" - INSERT INTO `" . TABLE_DOMAINTOIP . "` SET `id_domain` = :domainid, `id_ipandports` = :ipportid - "); - - foreach ($ipandports as $ipportid) { - Database::pexecute($ins_stmt, array( - 'domainid' => $id, - 'ipportid' => $ipportid - )); - } - foreach ($ssl_ipandports as $ssl_ipportid) { - if ($ssl_ipportid > 0) { - Database::pexecute($ins_stmt, array( - 'domainid' => $id, - 'ipportid' => $ssl_ipportid - )); - } - } - - // Cleanup domain <-> ip mapping for subdomains - $domainidsresult_stmt = Database::prepare(" - SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `parentdomainid` = :id - "); - Database::pexecute($domainidsresult_stmt, array( - 'id' => $id - )); - - while ($row = $domainidsresult_stmt->fetch(PDO::FETCH_ASSOC)) { - - $del_stmt = Database::prepare(" - DELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = :rowid - "); - Database::pexecute($del_stmt, array( - 'rowid' => $row['id'] - )); - - $ins_stmt = Database::prepare(" - INSERT INTO `" . TABLE_DOMAINTOIP . "` SET - `id_domain` = :rowid, - `id_ipandports` = :ipportid - "); - - foreach ($ipandports as $ipportid) { - Database::pexecute($ins_stmt, array( - 'rowid' => $row['id'], - 'ipportid' => $ipportid - )); - } - foreach ($ssl_ipandports as $ssl_ipportid) { - if ($ssl_ipportid > 0) { - Database::pexecute($ins_stmt, array( - 'rowid' => $row['id'], - 'ipportid' => $ssl_ipportid - )); - } - } - } - if ($result['aliasdomain'] != $aliasdomain) { - // trigger when domain id for alias destination has changed: both for old and new destination - triggerLetsEncryptCSRForAliasDestinationDomain($result['aliasdomain'], $log); - triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $log); - } else - if ($result['wwwserveralias'] != $wwwserveralias || $result['letsencrypt'] != $letsencrypt) { - // or when wwwserveralias or letsencrypt was changed - triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $log); - } - - $log->logAction(ADM_ACTION, LOG_INFO, "edited domain #" . $id); + try { + Domains::getLocal($userinfo, $_POST)->update(); + } catch (Exception $e) { + dynamic_error($e->getMessage()); + } redirectTo($filename, array( 'page' => $page, 's' => $s )); } else { - + if (Settings::Get('panel.allow_domain_change_customer') == '1') { $customers = ''; $result_customers_stmt = Database::prepare(" @@ -2059,7 +445,7 @@ if ($page == 'domains' || $page == 'overview') { $params['adminid'] = $userinfo['adminid']; } Database::pexecute($result_customers_stmt, $params); - + while ($row_customer = $result_customers_stmt->fetch(PDO::FETCH_ASSOC)) { $customers .= makeoption(getCorrectFullUserDetails($row_customer) . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid'], $result['customerid']); } @@ -2073,10 +459,10 @@ if ($page == 'domains' || $page == 'overview') { )); $result['customername'] = getCorrectFullUserDetails($customer) . ' (' . $customer['loginname'] . ')'; } - + if ($userinfo['customers_see_all'] == '1') { if (Settings::Get('panel.allow_domain_change_admin') == '1') { - + $admins = ''; $result_admins_stmt = Database::prepare(" SELECT `adminid`, `loginname`, `name` FROM `" . TABLE_PANEL_ADMINS . "` @@ -2085,7 +471,7 @@ if ($page == 'domains' || $page == 'overview') { Database::pexecute($result_admins_stmt, array( 'adminid' => $result['adminid'] )); - + while ($row_admin = $result_admins_stmt->fetch(PDO::FETCH_ASSOC)) { $admins .= makeoption(getCorrectFullUserDetails($row_admin) . ' (' . $row_admin['loginname'] . ')', $row_admin['adminid'], $result['adminid']); } @@ -2099,10 +485,10 @@ if ($page == 'domains' || $page == 'overview') { $result['adminname'] = getCorrectFullUserDetails($admin) . ' (' . $admin['loginname'] . ')'; } } - + $result['domain'] = $idna_convert->decode($result['domain']); $domains = makeoption($lng['domains']['noaliasdomain'], 0, null, true); - + $result_domains_stmt = Database::prepare(" SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `d`.`aliasdomain` IS NULL AND `d`.`parentdomainid` = '0' AND `d`.`id` <> :id @@ -2113,11 +499,11 @@ if ($page == 'domains' || $page == 'overview') { 'id' => $result['id'], 'customerid' => $result['customerid'] )); - + while ($row_domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) { $domains .= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['id'], $result['aliasdomain']); } - + $subtodomains = makeoption($lng['domains']['nosubtomaindomain'], 0, null, true); $result_domains_stmt = Database::prepare(" SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` @@ -2132,11 +518,11 @@ if ($page == 'domains' || $page == 'overview') { $params['adminid'] = $userinfo['adminid']; } Database::pexecute($result_domains_stmt, $params); - + while ($row_domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) { $subtodomains .= makeoption($idna_convert->decode($row_domain['domain']), $row_domain['id'], $result['ismainbutsubto']); } - + if ($userinfo['ip'] == "-1") { $result_ipsandports_stmt = Database::query(" SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ssl`='0' ORDER BY `ip`, `port` ASC @@ -2151,14 +537,14 @@ if ($page == 'domains' || $page == 'overview') { $admin_ip = Database::pexecute_first($admin_ip_stmt, array( 'ipid' => $userinfo['ip'] )); - + $result_ipsandports_stmt = Database::prepare(" SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ssl`='0' AND `ip` = :ipid ORDER BY `ip`, `port` ASC "); Database::pexecute($result_ipsandports_stmt, array( 'ipid' => $admin_ip['ip'] )); - + $result_ssl_ipsandports_stmt = Database::prepare(" SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ssl`='1' AND `ip` = :ipid ORDER BY `ip`, `port` ASC "); @@ -2166,7 +552,7 @@ if ($page == 'domains' || $page == 'overview') { 'ipid' => $admin_ip['ip'] )); } - + $ipsandports = array(); while ($row_ipandport = $result_ipsandports_stmt->fetch(PDO::FETCH_ASSOC)) { if (filter_var($row_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { @@ -2177,7 +563,7 @@ if ($page == 'domains' || $page == 'overview') { 'value' => $row_ipandport['id'] ); } - + $ssl_ipsandports = array(); while ($row_ssl_ipandport = $result_ssl_ipsandports_stmt->fetch(PDO::FETCH_ASSOC)) { if (filter_var($row_ssl_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { @@ -2188,7 +574,7 @@ if ($page == 'domains' || $page == 'overview') { 'value' => $row_ssl_ipandport['id'] ); } - + // create serveralias options $serveraliasoptions = ""; $_value = '2'; @@ -2198,22 +584,22 @@ if ($page == 'domains' || $page == 'overview') { } elseif ($result['wwwserveralias'] == '1') { $_value = '1'; } - + // Fudge the result for ssl_redirect to hide the Let's Encrypt steps $result['temporary_ssl_redirect'] = $result['ssl_redirect']; $result['ssl_redirect'] = ($result['ssl_redirect'] == 0 ? 0 : 1); - + $serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_wildcard'], '0', $_value, true, true); $serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_www'], '1', $_value, true, true); $serveraliasoptions .= makeoption($lng['domains']['serveraliasoption_none'], '2', $_value, true, true); - + $subcanemaildomain = makeoption($lng['admin']['subcanemaildomain']['never'], '0', $result['subcanemaildomain'], true, true); $subcanemaildomain .= makeoption($lng['admin']['subcanemaildomain']['choosableno'], '1', $result['subcanemaildomain'], true, true); $subcanemaildomain .= makeoption($lng['admin']['subcanemaildomain']['choosableyes'], '2', $result['subcanemaildomain'], true, true); $subcanemaildomain .= makeoption($lng['admin']['subcanemaildomain']['always'], '3', $result['subcanemaildomain'], true, true); $speciallogfile = ($result['speciallogfile'] == 1 ? $lng['panel']['yes'] : $lng['panel']['no']); $result['add_date'] = date('Y-m-d', $result['add_date']); - + $phpconfigs = ''; $phpconfigs_result_stmt = Database::query(" SELECT c.*, fc.description as interpreter @@ -2221,31 +607,31 @@ if ($page == 'domains' || $page == 'overview') { LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid "); $c_allowed_configs = getCustomerDetail($result['customerid'], 'allowed_phpconfigs'); - if (!empty($c_allowed_configs)) { + if (! empty($c_allowed_configs)) { $c_allowed_configs = json_decode($c_allowed_configs, true); } else { $c_allowed_configs = array(); } - + while ($phpconfigs_row = $phpconfigs_result_stmt->fetch(PDO::FETCH_ASSOC)) { - $disabled = !empty($c_allowed_configs) && !in_array($phpconfigs_row['id'], $c_allowed_configs); + $disabled = ! empty($c_allowed_configs) && ! in_array($phpconfigs_row['id'], $c_allowed_configs); if ((int) Settings::Get('phpfpm.enabled') == 1) { - $phpconfigs .= makeoption($phpconfigs_row['description'] . " [".$phpconfigs_row['interpreter']."]", $phpconfigs_row['id'], $result['phpsettingid'], true, true, null, $disabled); + $phpconfigs .= makeoption($phpconfigs_row['description'] . " [" . $phpconfigs_row['interpreter'] . "]", $phpconfigs_row['id'], $result['phpsettingid'], true, true, null, $disabled); } else { $phpconfigs .= makeoption($phpconfigs_row['description'], $phpconfigs_row['id'], $result['phpsettingid'], true, true, null, $disabled); } } - + $result = htmlentities_array($result); - + $domain_edit_data = include_once dirname(__FILE__) . '/lib/formfields/admin/domains/formfield.domains_edit.php'; $domain_edit_form = htmlform::genHTMLForm($domain_edit_data); - + $title = $domain_edit_data['domain_edit']['title']; $image = $domain_edit_data['domain_edit']['image']; - + $speciallogwarning = sprintf($lng['admin']['speciallogwarning'], $lng['admin']['delete_statistics']); - + eval("echo \"" . getTemplate("domains/domains_edit") . "\";"); } } @@ -2253,36 +639,35 @@ if ($page == 'domains' || $page == 'overview') { $customerid = intval($_POST['customerid']); $allowed_phpconfigs = getCustomerDetail($customerid, 'allowed_phpconfigs'); - echo !empty($allowed_phpconfigs) ? $allowed_phpconfigs : json_encode(array()); - exit; - + echo ! empty($allowed_phpconfigs) ? $allowed_phpconfigs : json_encode(array()); + exit(); } elseif ($action == 'import') { - + if (isset($_POST['send']) && $_POST['send'] == 'send') { - + $customerid = intval($_POST['customerid']); $separator = validate($_POST['separator'], 'separator'); $offset = (int) validate($_POST['offset'], 'offset', "/[0-9]/i"); - + $file_name = $_FILES['file']['tmp_name']; - + $result = array(); - + try { $bulk = new DomainBulkAction($file_name, $customerid); $result = $bulk->doImport($separator, $offset); } catch (Exception $e) { standard_error('domain_import_error', $e->getMessage()); } - + // @FIXME find a way to display $result['notice'] here somehow, // as it might be important if you've reached your maximum allocation of domains - + // update customer/admin counters updateCounters(false); inserttask('1'); inserttask('4'); - + $result_str = $result['imported'] . ' / ' . $result['all']; standard_success('domain_import_successfully', $result_str, array( 'filename' => $filename, @@ -2299,47 +684,45 @@ if ($page == 'domains' || $page == 'overview') { $params['adminid'] = $userinfo['adminid']; } Database::pexecute($result_customers_stmt, $params); - + while ($row_customer = $result_customers_stmt->fetch(PDO::FETCH_ASSOC)) { $customers .= makeoption(getCorrectFullUserDetails($row_customer) . ' (' . $row_customer['loginname'] . ')', $row_customer['customerid']); } - + $domain_import_data = include_once dirname(__FILE__) . '/lib/formfields/admin/domains/formfield.domains_import.php'; $domain_import_form = htmlform::genHTMLForm($domain_import_data); - + $title = $domain_import_data['domain_import']['title']; $image = $domain_import_data['domain_import']['image']; - + eval("echo \"" . getTemplate("domains/domains_import") . "\";"); } } } elseif ($page == 'domaindnseditor' && Settings::Get('system.dnsenabled') == '1') { - - require_once __DIR__.'/dns_editor.php'; - + + require_once __DIR__ . '/dns_editor.php'; } elseif ($page == 'sslcertificates') { - - require_once __DIR__.'/ssl_certificates.php'; - + + require_once __DIR__ . '/ssl_certificates.php'; } function formatDomainEntry(&$row, &$idna_convert) { $row['domain'] = $idna_convert->decode($row['domain']); $row['aliasdomain'] = $idna_convert->decode($row['aliasdomain']); - + $resultips_stmt = Database::prepare(" SELECT `ips`.* FROM `" . TABLE_DOMAINTOIP . "` AS `dti`, `" . TABLE_PANEL_IPSANDPORTS . "` AS `ips` WHERE `dti`.`id_ipandports` = `ips`.`id` AND `dti`.`id_domain` = :domainid "); - + Database::pexecute($resultips_stmt, array( 'domainid' => $row['id'] )); - + $row['ipandport'] = ''; while ($rowip = $resultips_stmt->fetch(PDO::FETCH_ASSOC)) { - + if (filter_var($rowip['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { $row['ipandport'] .= '[' . $rowip['ip'] . ']:' . $rowip['port'] . "\n"; } else { @@ -2348,12 +731,12 @@ function formatDomainEntry(&$row, &$idna_convert) } $row['ipandport'] = substr($row['ipandport'], 0, - 1); $row['termination_date'] = str_replace("0000-00-00", "", $row['termination_date']); - + $row['termination_css'] = ""; if ($row['termination_date'] != "") { $cdate = strtotime($row['termination_date'] . " 23:59:59"); $today = time(); - + if ($cdate < $today) { $row['termination_css'] = 'domain-expired'; } else { diff --git a/lib/classes/api/commands/class.Domains.php b/lib/classes/api/commands/class.Domains.php new file mode 100644 index 00000000..1f44d4f6 --- /dev/null +++ b/lib/classes/api/commands/class.Domains.php @@ -0,0 +1,1635 @@ +isAdmin()) { + $this->logger()->logAction(ADM_ACTION, LOG_NOTICE, "[API] list domains"); + $result_stmt = Database::prepare(" + SELECT + `d`.*, `c`.`loginname`, `c`.`deactivated`, `c`.`name`, `c`.`firstname`, `c`.`company`, `c`.`standardsubdomain`, + `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain` + FROM `" . TABLE_PANEL_DOMAINS . "` `d` + LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) + LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id` + WHERE `d`.`parentdomainid`='0' " . ($this->getUserDetail('customers_see_all') ? '' : " AND `d`.`adminid` = :adminid ")); + $params = array(); + if ($this->getUserDetail('customers_see_all') == '0') { + $params['adminid'] = $this->getUserDetail('adminid'); + } + Database::pexecute($result_stmt, $params); + $result = array(); + while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) { + $result[] = $row; + } + return $this->response(200, "successfull", array( + 'count' => count($result), + 'list' => $result + )); + } + throw new Exception("Not allowed to execute given command.", 403); + } + + public function get() + { + if ($this->isAdmin()) { + $id = $this->getParam('id'); + $no_std_subdomain = $this->getParam('no_std_subdomain', false); + $this->logger()->logAction(ADM_ACTION, LOG_NOTICE, "[API] get domain #" . $id); + $result_stmt = Database::prepare(" + SELECT `d`.*, `c`.`customerid` + FROM `" . TABLE_PANEL_DOMAINS . "` `d` + LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) + WHERE `d`.`parentdomainid` = '0' + AND `d`.`id` = :id" . ($no_std_subdomain ? ' AND `d.`id` <> `c`.`standardsubdomain`' : '') . ($this->getUserDetail('customers_see_all') ? '' : " AND `d`.`adminid` = :adminid")); + $params = array( + 'id' => $id + ); + if ($this->getUserDetail('customers_see_all') == '0') { + $params['adminid'] = $this->getUserDetail('adminid'); + } + $result = Database::pexecute_first($result_stmt, $params, true, true); + if ($result) { + return $this->response(200, "successfull", $result); + } + throw new Exception("Domain with id #" . $id . " could not be found"); + } + throw new Exception("Not allowed to execute given command.", 403); + } + + public function add() + { + if ($this->isAdmin() && $this->getUserDetail('change_serversettings')) { + if ($this->getUserDetail('domains_used') < $this->getUserDetail('domains') || $this->getUserDetail('domains') == '-1') { + + if ($this->getParam('domain') == Settings::Get('system.hostname')) { + standard_error('admin_domain_emailsystemhostname', '', true); + } + + if (substr($this->getParam('domain'), 0, 4) == 'xn--') { + standard_error('domain_nopunycode', '', true); + } + + $idna_convert = new idna_convert_wrapper(); + $domain = $idna_convert->encode(preg_replace(array( + '/\:(\d)+$/', + '/^https?\:\/\//' + ), '', validate($this->getParam('domain'), 'domain'))); + + // Check whether domain validation is enabled and if, validate the domain + if (Settings::Get('system.validate_domain') && ! validateDomain($domain)) { + standard_error(array( + 'stringiswrong', + 'mydomain' + ), '', true); + } + + $subcanemaildomain = $this->getParam('subcanemaildomain', 0); + $isemaildomain = $this->getParam('isemaildomain', 0); + $email_only = $this->getParam('email_only', 0); + $serveraliasoption = $this->getParam('selectserveralias', 0); + $speciallogfile = $this->getParam('speciallogfile', 0); + + $aliasdomain = intval($this->getParam('alias')); + $issubof = intval($this->getParam('issubof')); + $customerid = intval($this->getParam('customerid')); + $customer_stmt = Database::prepare(" + SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "` + WHERE `customerid` = :customerid " . ($this->getUserDetail('customers_see_all') ? '' : " AND `adminid` = :adminid")); + $params = array( + 'customerid' => $customerid + ); + if ($this->getUserDetail('customers_see_all') == '0') { + $params['adminid'] = $this->getUserDetail('adminid'); + } + $customer = Database::pexecute_first($customer_stmt, $params, true, true); + + if (empty($customer) || $customer['customerid'] != $customerid) { + standard_error('customerdoesntexist', '', true); + } + + if ($this->getUserDetail('customers_see_all') == '1') { + + $adminid = intval($this->getParam('adminid')); + $admin_stmt = Database::prepare(" + SELECT * FROM `" . TABLE_PANEL_ADMINS . "` + WHERE `adminid` = :adminid AND (`domains_used` < `domains` OR `domains` = '-1')"); + $admin = Database::pexecute_first($admin_stmt, array( + 'adminid' => $adminid + ), true, true); + + if (empty($admin) || $admin['adminid'] != $adminid) { + standard_error('admindoesntexist', '', true); + } + } else { + $adminid = $this->getUserDetail('adminid'); + $admin = $this->getUserData(); + } + + // set default path if admin/reseller has "change_serversettings == false" but we still + // need to respect the documentroot_use_default_value - setting + $path_suffix = ''; + if (Settings::Get('system.documentroot_use_default_value') == 1) { + $path_suffix = '/' . $domain; + } + $documentroot = makeCorrectDir($customer['documentroot'] . $path_suffix); + + $registration_date = trim($this->getParam('registration_date', '')); + $registration_date = validate($registration_date, 'registration_date', '/^(19|20)\d\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array( + '0000-00-00', + '0', + '' + ), true); + if ($registration_date == '0000-00-00') { + $registration_date = null; + } + + $termination_date = trim($this->getParam('termination_date', '')); + $termination_date = validate($termination_date, 'termination_date', '/^(19|20)\d\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array( + '0000-00-00', + '0', + '' + ), true); + if ($termination_date == '0000-00-00') { + $termination_date = null; + } + + if ($this->getUserDetail('change_serversettings') == '1') { + + $caneditdomain = $this->getParam('caneditdomain', 0); + + $isbinddomain = '0'; + $zonefile = ''; + if (Settings::Get('system.bind_enable') == '1') { + $isbinddomain = $this->getParam('isbinddomain', 0); + $zonefile = validate($this->getParam('zonefile', ''), 'zonefile', '', '', array(), true); + } + + $dkim = intval($this->getParam('dkim', 0)); + + $specialsettings = validate(str_replace("\r\n", "\n", $this->getParam('specialsettings', '')), 'specialsettings', '/^[^\0]*$/', '', array(), true); + $notryfiles = $this->getParam('notryfiles', 0); + validate($this->getParam('documentroot', ''), 'documentroot', '', '', array(), true); + + // If path is empty and 'Use domain name as default value for DocumentRoot path' is enabled in settings, + // set default path to subdomain or domain name + if ($this->getParam('documentroot', '') != '') { + if (substr($this->getParam('documentroot'), 0, 1) != '/' && ! preg_match('/^https?\:\/\//', $this->getParam('documentroot'))) { + $documentroot .= '/' . $this->getParam('documentroot'); + } else { + $documentroot = $this->getParam('documentroot'); + } + } elseif ($this->getParam('documentroot', '') == '' && Settings::Get('system.documentroot_use_default_value') == 1) { + $documentroot = makeCorrectDir($customer['documentroot'] . '/' . $domain); + } + } else { + $isbinddomain = '0'; + if (Settings::Get('system.bind_enable') == '1') { + $isbinddomain = '1'; + } + $caneditdomain = '1'; + $zonefile = ''; + $dkim = '0'; + $specialsettings = ''; + $notryfiles = '0'; + } + + if ($this->getUserDetail('caneditphpsettings') == '1' || $this->getUserDetail('change_serversettings') == '1') { + + $phpenabled = $this->getParam('phpenabled', 0); + $openbasedir = $this->getParam('openbasedir', 0); + + if ((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) { + $phpsettingid = $this->getParam('phpsettingid', 1); + $phpsettingid_check_stmt = Database::prepare(" + SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` + WHERE `id` = :phpsettingid"); + $phpsettingid_check = Database::pexecute_first($phpsettingid_check_stmt, array( + 'phpsettingid' => $phpsettingid + ), true, true); + + if (! isset($phpsettingid_check['id']) || $phpsettingid_check['id'] == '0' || $phpsettingid_check['id'] != $phpsettingid) { + standard_error('phpsettingidwrong', '', true); + } + + if ((int) Settings::Get('system.mod_fcgid') == 1) { + $mod_fcgid_starter = validate($this->getParam('mod_fcgid_starter', - 1), 'mod_fcgid_starter', '/^[0-9]*$/', '', array( + '-1', + '' + ), true); + $mod_fcgid_maxrequests = validate($this->getParam('mod_fcgid_maxrequests', - 1), 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array( + '-1', + '' + ), true); + } else { + $mod_fcgid_starter = '-1'; + $mod_fcgid_maxrequests = '-1'; + } + } else { + + if ((int) Settings::Get('phpfpm.enabled') == 1) { + $phpsettingid = Settings::Get('phpfpm.defaultini'); + } else { + $phpsettingid = Settings::Get('system.mod_fcgid_defaultini'); + } + $mod_fcgid_starter = '-1'; + $mod_fcgid_maxrequests = '-1'; + } + } else { + + $phpenabled = '1'; + $openbasedir = '1'; + + if ((int) Settings::Get('phpfpm.enabled') == 1) { + $phpsettingid = Settings::Get('phpfpm.defaultini'); + } else { + $phpsettingid = Settings::Get('system.mod_fcgid_defaultini'); + } + $mod_fcgid_starter = '-1'; + $mod_fcgid_maxrequests = '-1'; + } + + if ($this->getUserDetail('ip') != "-1") { + $admin_ip_stmt = Database::prepare(" + SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` + WHERE `id` = :id ORDER BY `ip`, `port` ASC"); + $admin_ip = Database::pexecute_first($admin_ip_stmt, array( + 'id' => $this->getUserDetail('ip') + ), true, true); + $additional_ip_condition = " AND `ip` = :adminip "; + $aip_param = array( + 'adminip' => $admin_ip['ip'] + ); + } else { + $additional_ip_condition = ''; + $aip_param = array(); + } + + $ipandports = array(); + if (! empty($this->getParam('ipandport')) && ! is_array($this->getParam('ipandport'))) { + $this->updateParam('ipandport', unserialize($this->getParam('ipandport'))); + } + + if (! empty($this->getParam('ipandport')) && is_array($this->getParam('ipandport'))) { + foreach ($this->getParam('ipandport') as $ipandport) { + $ipandport = intval($ipandport); + $ipandport_check_stmt = Database::prepare(" + SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` + WHERE `id` = :id " . $additional_ip_condition); + $ip_params = null; + $ip_params = array_merge(array( + 'id' => $ipandport + ), $aip_param); + $ipandport_check = Database::pexecute_first($ipandport_check_stmt, $ip_params, true, true); + + if (! isset($ipandport_check['id']) || $ipandport_check['id'] == '0' || $ipandport_check['id'] != $ipandport) { + standard_error('ipportdoesntexist', '', true); + } else { + $ipandports[] = $ipandport; + } + } + } + + if (Settings::Get('system.use_ssl') == "1" && ! empty($this->getParam('ssl_ipandport'))) { + $ssl_redirect = $this->getParam('ssl_redirect', 0); + $letsencrypt = $this->getParam('letsencrypt', 0); + + $ssl_ipandports = array(); + if (! empty($this->getParam('ssl_ipandport')) && ! is_array($this->getParam('ssl_ipandport'))) { + $this->updateParam('ssl_ipandport', unserialize($this->getParam('ssl_ipandport'))); + } + + // Verify SSL-Ports + if (! empty($this->getParam('ssl_ipandport')) && is_array($this->getParam('ssl_ipandport'))) { + foreach ($this->getParam('ssl_ipandport') as $ssl_ipandport) { + if (trim($ssl_ipandport) == "") { + continue; + } + // fix if no ssl-ip/port is checked + if (trim($ssl_ipandport) < 1) { + continue; + } + $ssl_ipandport = intval($ssl_ipandport); + $ssl_ipandport_check_stmt = Database::prepare(" + SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` + WHERE `id` = :id " . $additional_ip_condition); + $ip_params = null; + $ip_params = array_merge(array( + 'id' => $ssl_ipandport + ), $aip_param); + $ssl_ipandport_check = Database::pexecute_first($ssl_ipandport_check_stmt, $ip_params, true, true); + + if (! isset($ssl_ipandport_check['id']) || $ssl_ipandport_check['id'] == '0' || $ssl_ipandport_check['id'] != $ssl_ipandport) { + standard_error('ipportdoesntexist', '', true); + } else { + $ssl_ipandports[] = $ssl_ipandport; + } + } + + $http2 = $this->getParam('http2', 0); + // HSTS + $hsts_maxage = $this->getParam('hsts_maxage', 0); + $hsts_sub = $this->getParam('hsts_sub', 0); + $hsts_preload = $this->getParam('hsts_preload', 0); + // OCSP stapling + $ocsp_stapling = $this->getParam('ocsp_stapling', 0); + } else { + $ssl_redirect = 0; + $letsencrypt = 0; + $http2 = 0; + // we need this for the serialize + // if ssl is disabled or no ssl-ip/port exists + $ssl_ipandports[] = - 1; + + // HSTS + $hsts_maxage = 0; + $hsts_sub = 0; + $hsts_preload = 0; + + // OCSP stapling + $ocsp_stapling = 0; + } + } else { + $ssl_redirect = 0; + $letsencrypt = 0; + $http2 = 0; + // we need this for the serialize + // if ssl is disabled or no ssl-ip/port exists + $ssl_ipandports[] = - 1; + + // HSTS + $hsts_maxage = 0; + $hsts_sub = 0; + $hsts_preload = 0; + + // OCSP stapling + $ocsp_stapling = 0; + } + + // We can't enable let's encrypt for wildcard - domains if using acme-v1 + if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '1') { + standard_error('nowildcardwithletsencrypt', '', true); + } + // if using acme-v2 we cannot issue wildcard-certificates + // because they currently only support the dns-01 challenge + if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '2') { + standard_error('nowildcardwithletsencryptv2', '', true); + } + + // Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated + if ($ssl_redirect > 0 && $letsencrypt == 1) { + $ssl_redirect = 2; + } + + if (! preg_match('/^https?\:\/\//', $documentroot)) { + if (strstr($documentroot, ":") !== false) { + standard_error('pathmaynotcontaincolon', '', true); + } else { + $documentroot = makeCorrectDir($documentroot); + } + } + + $domain_check_stmt = Database::prepare(" + SELECT `id`, `domain` FROM `" . TABLE_PANEL_DOMAINS . "` + WHERE `domain` = :domain"); + $domain_check = Database::pexecute_first($domain_check_stmt, array( + 'domain' => strtolower($domain) + ), true, true); + $aliasdomain_check = array( + 'id' => 0 + ); + + if ($aliasdomain != 0) { + // Overwrite given ipandports with these of the "main" domain + $ipandports = array(); + $ssl_ipandports = array(); + $origipresult_stmt = Database::prepare(" + SELECT `id_ipandports` FROM `" . TABLE_DOMAINTOIP . "` + WHERE `id_domain` = :id"); + Database::pexecute($origipresult_stmt, array( + 'id' => $aliasdomain + ), true, true); + $ipdata_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = :ipid"); + while ($origip = $origipresult_stmt->fetch(PDO::FETCH_ASSOC)) { + $_origip_tmp = Database::pexecute_first($ipdata_stmt, array( + 'ipid' => $origip['id_ipandports'] + ), true, true); + if ($_origip_tmp['ssl'] == 0) { + $ipandports[] = $origip['id_ipandports']; + } else { + $ssl_ipandports[] = $origip['id_ipandports']; + } + } + + if (count($ssl_ipandports) == 0) { + // we need this for the serialize + // if ssl is disabled or no ssl-ip/port exists + $ssl_ipandports[] = - 1; + } + + $aliasdomain_check_stmt = Database::prepare(" + SELECT `d`.`id` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` + WHERE `d`.`customerid` = :customerid + AND `d`.`aliasdomain` IS NULL AND `d`.`id` <> `c`.`standardsubdomain` + AND `c`.`customerid` = :customerid + AND `d`.`id` = :aliasdomainid"); + $alias_params = array( + 'customerid' => $customerid, + 'aliasdomainid' => $aliasdomain + ); + $aliasdomain_check = Database::pexecute_first($aliasdomain_check_stmt, $alias_params, true, true); + } + + if (count($ipandports) == 0) { + standard_error('noipportgiven', '', true); + } + + if ($phpenabled != '1') { + $phpenabled = '0'; + } + + if ($openbasedir != '1') { + $openbasedir = '0'; + } + + if ($speciallogfile != '1') { + $speciallogfile = '0'; + } + + if ($isbinddomain != '1') { + $isbinddomain = '0'; + } + + if ($isemaildomain != '1') { + $isemaildomain = '0'; + } + + if ($email_only == '1') { + $isemaildomain = '1'; + } else { + $email_only = '0'; + } + + if ($subcanemaildomain != '1' && $subcanemaildomain != '2' && $subcanemaildomain != '3') { + $subcanemaildomain = '0'; + } + + if ($dkim != '1') { + $dkim = '0'; + } + + if ($serveraliasoption != '1' && $serveraliasoption != '2') { + $serveraliasoption = '0'; + } + + if ($caneditdomain != '1') { + $caneditdomain = '0'; + } + + if ($issubof <= '0') { + $issubof = '0'; + } + + if ($domain == '') { + standard_error(array( + 'stringisempty', + 'mydomain' + ), '', true); + } elseif ($documentroot == '') { + standard_error(array( + 'stringisempty', + 'mydocumentroot' + ), '', true); + } elseif ($customerid == 0) { + standard_error('adduserfirst', '', true); + } elseif (strtolower($domain_check['domain']) == strtolower($domain)) { + standard_error('domainalreadyexists', $idna_convert->decode($domain), true); + } elseif ($aliasdomain_check['id'] != $aliasdomain) { + standard_error('domainisaliasorothercustomer', '', true); + } else { + + /** + * + * @todo how to handle security questions now? + * + * $params = array( + * 'page' => $page, + * 'action' => $action, + * 'domain' => $domain, + * 'customerid' => $customerid, + * 'adminid' => $adminid, + * 'documentroot' => $documentroot, + * 'alias' => $aliasdomain, + * 'isbinddomain' => $isbinddomain, + * 'isemaildomain' => $isemaildomain, + * 'email_only' => $email_only, + * 'subcanemaildomain' => $subcanemaildomain, + * 'caneditdomain' => $caneditdomain, + * 'zonefile' => $zonefile, + * 'dkim' => $dkim, + * 'speciallogfile' => $speciallogfile, + * 'selectserveralias' => $serveraliasoption, + * 'ipandport' => serialize($ipandports), + * 'ssl_redirect' => $ssl_redirect, + * 'ssl_ipandport' => serialize($ssl_ipandports), + * 'phpenabled' => $phpenabled, + * 'openbasedir' => $openbasedir, + * 'phpsettingid' => $phpsettingid, + * 'mod_fcgid_starter' => $mod_fcgid_starter, + * 'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests, + * 'specialsettings' => $specialsettings, + * 'notryfiles' => $notryfiles, + * 'registration_date' => $registration_date, + * 'termination_date' => $termination_date, + * 'issubof' => $issubof, + * 'letsencrypt' => $letsencrypt, + * 'http2' => $http2, + * 'hsts_maxage' => $hsts_maxage, + * 'hsts_sub' => $hsts_sub, + * 'hsts_preload' => $hsts_preload, + * 'ocsp_stapling' => $ocsp_stapling + * ); + * + * $security_questions = array( + * 'reallydisablesecuritysetting' => ($openbasedir == '0' && $userinfo['change_serversettings'] == '1'), + * 'reallydocrootoutofcustomerroot' => (substr($documentroot, 0, strlen($customer['documentroot'])) != $customer['documentroot'] && ! preg_match('/^https?\:\/\//', $documentroot)) + * ); + * $question_nr = 1; + * foreach ($security_questions as $question_name => $question_launch) { + * if ($question_launch !== false) { + * $params[$question_name] = $question_name; + * + * if (! isset($_POST[$question_name]) || $_POST[$question_name] != $question_name) { + * ask_yesno('admin_domain_' . $question_name, $filename, $params, $question_nr); + * } + * } + * $question_nr ++; + * } + */ + + $wwwserveralias = ($serveraliasoption == '1') ? '1' : '0'; + $iswildcarddomain = ($serveraliasoption == '0') ? '1' : '0'; + + $ins_data = array( + 'domain' => $domain, + 'customerid' => $customerid, + 'adminid' => $adminid, + 'documentroot' => $documentroot, + 'aliasdomain' => ($aliasdomain != 0 ? $aliasdomain : null), + 'zonefile' => $zonefile, + 'dkim' => $dkim, + 'wwwserveralias' => $wwwserveralias, + 'iswildcarddomain' => $iswildcarddomain, + 'isbinddomain' => $isbinddomain, + 'isemaildomain' => $isemaildomain, + 'email_only' => $email_only, + 'subcanemaildomain' => $subcanemaildomain, + 'caneditdomain' => $caneditdomain, + 'phpenabled' => $phpenabled, + 'openbasedir' => $openbasedir, + 'speciallogfile' => $speciallogfile, + 'specialsettings' => $specialsettings, + 'notryfiles' => $notryfiles, + 'ssl_redirect' => $ssl_redirect, + 'add_date' => time(), + 'registration_date' => $registration_date, + 'termination_date' => $termination_date, + 'phpsettingid' => $phpsettingid, + 'mod_fcgid_starter' => $mod_fcgid_starter, + 'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests, + 'ismainbutsubto' => $issubof, + 'letsencrypt' => $letsencrypt, + 'http2' => $http2, + 'hsts' => $hsts_maxage, + 'hsts_sub' => $hsts_sub, + 'hsts_preload' => $hsts_preload, + 'ocsp_stapling' => $ocsp_stapling + ); + + $ins_stmt = Database::prepare(" + INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET + `domain` = :domain, + `customerid` = :customerid, + `adminid` = :adminid, + `documentroot` = :documentroot, + `aliasdomain` = :aliasdomain, + `zonefile` = :zonefile, + `dkim` = :dkim, + `dkim_id` = '0', + `dkim_privkey` = '', + `dkim_pubkey` = '', + `wwwserveralias` = :wwwserveralias, + `iswildcarddomain` = :iswildcarddomain, + `isbinddomain` = :isbinddomain, + `isemaildomain` = :isemaildomain, + `email_only` = :email_only, + `subcanemaildomain` = :subcanemaildomain, + `caneditdomain` = :caneditdomain, + `phpenabled` = :phpenabled, + `openbasedir` = :openbasedir, + `speciallogfile` = :speciallogfile, + `specialsettings` = :specialsettings, + `notryfiles` = :notryfiles, + `ssl_redirect` = :ssl_redirect, + `add_date` = :add_date, + `registration_date` = :registration_date, + `termination_date` = :termination_date, + `phpsettingid` = :phpsettingid, + `mod_fcgid_starter` = :mod_fcgid_starter, + `mod_fcgid_maxrequests` = :mod_fcgid_maxrequests, + `ismainbutsubto` = :ismainbutsubto, + `letsencrypt` = :letsencrypt, + `http2` = :http2, + `hsts` = :hsts, + `hsts_sub` = :hsts_sub, + `hsts_preload` = :hsts_preload, + `ocsp_stapling` = :ocsp_stapling + "); + Database::pexecute($ins_stmt, $ins_data, true, true); + $domainid = Database::lastInsertId(); + + $upd_stmt = Database::prepare(" + UPDATE `" . TABLE_PANEL_ADMINS . "` SET `domains_used` = `domains_used` + 1 + WHERE `adminid` = :adminid"); + Database::pexecute($upd_stmt, array( + 'adminid' => $adminid + ), true, true); + + $ins_stmt = Database::prepare(" + INSERT INTO `" . TABLE_DOMAINTOIP . "` SET + `id_domain` = :domainid, + `id_ipandports` = :ipandportsid + "); + + foreach ($ipandports as $ipportid) { + $ins_data = array( + 'domainid' => $domainid, + 'ipandportsid' => $ipportid + ); + Database::pexecute($ins_stmt, $ins_data, true, true); + } + + foreach ($ssl_ipandports as $ssl_ipportid) { + if ($ssl_ipportid > 0) { + $ins_data = array( + 'domainid' => $domainid, + 'ipandportsid' => $ssl_ipportid + ); + Database::pexecute($ins_stmt, $ins_data, true, true); + } + } + + triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $this->logger()); + + inserttask('1'); + // Using nameserver, insert a task which rebuilds the server config + inserttask('4'); + + $this->logger()->logAction(ADM_ACTION, LOG_WARNING, "[API] added domain '" . $domain . "'"); + return $this->response(200, "successfull", $ins_data); + } + } + throw new Exception("No more resources available", 406); + } + throw new Exception("Not allowed to execute given command.", 403); + } + + public function update() + { + if ($this->isAdmin() && $this->getUserDetail('change_serversettings')) { + $id = $this->getParam('id'); + + $json_result = Domains::getLocal($this->getUserData(), array( + 'id' => $id, + 'no_std_subdomain' => true + ))->get(); + $result = json_decode($json_result, true)['data']; + + $customer_stmt = Database::prepare(" + SELECT * FROM " . TABLE_PANEL_CUSTOMERS . " WHERE `customerid` = :customerid + "); + $customer = Database::pexecute_first($customer_stmt, array( + 'customerid' => $result['customerid'] + )); + + $customerid = $this->getParam('customerid', $result['customerid']); + + if ($customerid > 0 && $customerid != $result['customerid'] && Settings::Get('panel.allow_domain_change_customer') == '1') { + + $customer_stmt = Database::prepare(" + SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "` + WHERE `customerid` = :customerid + AND (`subdomains_used` + :subdomains <= `subdomains` OR `subdomains` = '-1' ) + AND (`emails_used` + :emails <= `emails` OR `emails` = '-1' ) + AND (`email_forwarders_used` + :forwarders <= `email_forwarders` OR `email_forwarders` = '-1' ) + AND (`email_accounts_used` + :accounts <= `email_accounts` OR `email_accounts` = '-1' ) " . ($this->getUserDetail('customers_see_all') ? '' : " AND `adminid` = :adminid")); + + $params = array( + 'customerid' => $customerid, + 'subdomains' => $subdomains, + 'emails' => $emails, + 'forwarders' => $email_forwarders, + 'accounts' => $email_accounts + ); + if ($this->getUserDetail('customers_see_all') == '0') { + $params['adminid'] = $this->getUserDetail('adminid'); + } + + $customer = Database::pexecute_first($customer_stmt, $params, true, true); + if (empty($customer) || $customer['customerid'] != $customerid) { + standard_error('customerdoesntexist', '', true); + } + } else { + $customerid = $result['customerid']; + } + + $customer_stmt = Database::prepare(" + SELECT * FROM " . TABLE_PANEL_ADMINS . " WHERE `adminid` = :adminid + "); + $admin = Database::pexecute_first($customer_stmt, array( + 'adminid' => $result['adminid'] + ), true, true); + + if ($this->getUserDetail('customers_see_all') == '1') { + + $adminid = $this->getParam('adminid', $result['adminid']); + + if ($adminid > 0 && $adminid != $result['adminid'] && Settings::Get('panel.allow_domain_change_admin') == '1') { + + $admin_stmt = Database::prepare(" + SELECT * FROM `" . TABLE_PANEL_ADMINS . "` + WHERE `adminid` = :adminid AND ( `domains_used` < `domains` OR `domains` = '-1' ) + "); + $admin = Database::pexecute_first($admin_stmt, array( + 'adminid' => $adminid + ), true, true); + + if (empty($admin) || $admin['adminid'] != $adminid) { + standard_error('admindoesntexist', '', true); + } + } else { + $adminid = $result['adminid']; + } + } else { + $adminid = $result['adminid']; + } + + $aliasdomain = $this->getParam('alias', $result['aliasdomain']); + $issubof = $this->getParam('issubof', $result['ismainbutsubto']); + $subcanemaildomain = $this->getParam('subcanemaildomain', $result['subcanemaildomain']); + $caneditdomain = $this->getParam('caneditdomain', $result['caneditdomain']); + $registration_date = $this->getParam('registration_date', $result['registration_date']); + $registration_date = validate($registration_date, 'registration_date', '/^(19|20)\d\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array( + '0000-00-00', + '0', + '' + ), true); + if ($registration_date == '0000-00-00') { + $registration_date = null; + } + $termination_date = $this->getParam('termination_date', $result['termination_date']); + $termination_date = validate($termination_date, 'termination_date', '/^(19|20)\d\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array( + '0000-00-00', + '0', + '' + ), true); + if ($termination_date == '0000-00-00') { + $termination_date = null; + } + + $isemaildomain = $this->getParam('isemaildomain', $result['isemaildomain']); + $email_only = $this->getParam('email_only', $result['email_only']); + + $serveraliasoption = '2'; + if ($result['iswildcarddomain'] == '1') { + $serveraliasoption = '0'; + } elseif ($result['wwwserveralias'] == '1') { + $serveraliasoption = '1'; + } + if (! empty($this->getParam('selectserveralias'))) { + $serveraliasoption = intval($this->getParam('selectserveralias')); + } + + $speciallogfile = $this->getParam('speciallogfile', $result['speciallogfile']); + + if ($this->getUserDetail('change_serversettings') == '1') { + $isbinddomain = $result['isbinddomain']; + $zonefile = $result['zonefile']; + if (Settings::Get('system.bind_enable') == '1') { + $isbinddomain = $this->getParam('isbinddomain', $result['isbinddomain']); + $zonefile = validate($this->getParam('zonefile', $result['zonefile']), 'zonefile', '', '', array(), true); + } + + if (Settings::Get('dkim.use_dkim') == '1') { + $dkim = $this->getParam('dkim', $result['dkim']); + } else { + $dkim = $result['dkim']; + } + + $specialsettings = validate(str_replace("\r\n", "\n", $this->getParam('specialsettings', $result['specialsettings'])), 'specialsettings', '/^[^\0]*$/', '', array(), true); + $ssfs = $this->getParam('specialsettingsforsubdomains', 0); + $notryfiles = $this->getParam('notryfiles', $result['notryfiles']); + $documentroot = validate($this->getParam('documentroot', $result['documentroot']), 'documentroot', '', '', array(), true); + + if ($documentroot == '') { + // If path is empty and 'Use domain name as default value for DocumentRoot path' is enabled in settings, + // set default path to subdomain or domain name + if (Settings::Get('system.documentroot_use_default_value') == 1) { + $documentroot = makeCorrectDir($customer['documentroot'] . '/' . $result['domain']); + } else { + $documentroot = $customer['documentroot']; + } + } + + if (! preg_match('/^https?\:\/\//', $documentroot) && strstr($documentroot, ":") !== false) { + standard_error('pathmaynotcontaincolon', '', true); + } + } else { + $isbinddomain = $result['isbinddomain']; + $zonefile = $result['zonefile']; + $dkim = $result['dkim']; + $specialsettings = $result['specialsettings']; + $ssfs = (empty($specialsettings) ? 0 : 1); + $notryfiles = $result['notryfiles']; + $documentroot = $result['documentroot']; + } + + // @TODO unsure whether this will still work + $speciallogverified = $this->getParam('speciallogverified', 0); + + if ($this->getUserDetail('caneditphpsettings') == '1' || $this->getUserDetail('change_serversettings') == '1') { + + $phpenabled = $this->getParam('phpenabled', $result['phpenabled']); + $openbasedir = $this->getParam('openbasedir', $result['openbasedir']); + $phpfs = $this->getParam('phpsettingsforsubdomains', 0); + + if ((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) { + $phpsettingid = $this->getParam('phpsettingid', $result['phpsettingid']); + $phpsettingid_check_stmt = Database::prepare(" + SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :phpid + "); + $phpsettingid_check = Database::pexecute_first($phpsettingid_check_stmt, array( + 'phpid' => $phpsettingid + ), true, true); + + if (! isset($phpsettingid_check['id']) || $phpsettingid_check['id'] == '0' || $phpsettingid_check['id'] != $phpsettingid) { + standard_error('phpsettingidwrong', '', true); + } + + if ((int) Settings::Get('system.mod_fcgid') == 1) { + $mod_fcgid_starter = validate($this->getParam('mod_fcgid_starter', $result['mod_fcgid_starter']), 'mod_fcgid_starter', '/^[0-9]*$/', '', array( + '-1', + '' + ), true); + $mod_fcgid_maxrequests = validate($this->getParam('mod_fcgid_maxrequests', $result['mod_fcgid_maxrequests']), 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array( + '-1', + '' + ), true); + } else { + $mod_fcgid_starter = $result['mod_fcgid_starter']; + $mod_fcgid_maxrequests = $result['mod_fcgid_maxrequests']; + } + } else { + $phpsettingid = $result['phpsettingid']; + $phpfs = 1; + $mod_fcgid_starter = $result['mod_fcgid_starter']; + $mod_fcgid_maxrequests = $result['mod_fcgid_maxrequests']; + } + } else { + $phpenabled = $result['phpenabled']; + $openbasedir = $result['openbasedir']; + $phpsettingid = $result['phpsettingid']; + $phpfs = 1; + $mod_fcgid_starter = $result['mod_fcgid_starter']; + $mod_fcgid_maxrequests = $result['mod_fcgid_maxrequests']; + } + + $ipandports = array(); + if (! empty($this->getParam('ipandport')) && ! is_array($this->getParam('ipandport'))) { + $this->updateParam('ipandport', unserialize($this->getParam('ipandport'))); + } + + if (! empty($this->getParam('ipandport')) && is_array($this->getParam('ipandport'))) { + $ipandport_check_stmt = Database::prepare(" + SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = :ipandport + "); + foreach ($this->getParam('ipandport') as $ipandport) { + if (trim($ipandport) == "") { + continue; + } + $ipandport = intval($ipandport); + $ipandport_check = Database::pexecute_first($ipandport_check_stmt, array( + 'ipandport' => $ipandport + ), true, true); + if (! isset($ipandport_check['id']) || $ipandport_check['id'] == '0' || $ipandport_check['id'] != $ipandport) { + standard_error('ipportdoesntexist', '', true); + } else { + $ipandports[] = $ipandport; + } + } + } + + if (Settings::Get('system.use_ssl') == '1' && ! empty($this->getParam('ssl_ipandport'))) { + $ssl = 1; // if ssl is set and != 0, it can only be 1 + $ssl_redirect = $this->getParam('ssl_redirect', $result['ssl_redirect']); + $letsencrypt = $this->getParam('letsencrypt', $result['letsencrypt']); + + $ssl_ipandports = array(); + if (! empty($this->getParam('ssl_ipandport')) && ! is_array($this->getParam('ssl_ipandport'))) { + $this->updateParam('ssl_ipandport', unserialize($this->getParam('ssl_ipandport'))); + } + if (! empty($this->getParam('ssl_ipandport')) && is_array($this->getParam('ssl_ipandport'))) { + $ssl_ipandport_check_stmt = Database::prepare(" + SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = :ipandport + "); + foreach ($this->getParam('ssl_ipandport') as $ssl_ipandport) { + if (trim($ssl_ipandport) == "") { + continue; + } + // fix if ip/port got de-checked and it was the last one + if (trim($ssl_ipandport) < 1) { + continue; + } + $ssl_ipandport = intval($ssl_ipandport); + $ssl_ipandport_check = Database::pexecute_first($ssl_ipandport_check_stmt, array( + 'ipandport' => $ssl_ipandport + ), true, true); + if (! isset($ssl_ipandport_check['id']) || $ssl_ipandport_check['id'] == '0' || $ssl_ipandport_check['id'] != $ssl_ipandport) { + standard_error('ipportdoesntexist', '', true); + } else { + $ssl_ipandports[] = $ssl_ipandport; + } + } + + $http2 = $this->getParam('http2', $result['http2']); + // HSTS + $hsts_maxage = $this->getParam('hsts_maxage', $result['hsts_maxage']); + $hsts_sub = $this->getParam('hsts_sub', $result['hsts_sub']); + $hsts_preload = $this->getParam('hsts_preload', $result['hsts_preload']); + // OCSP stapling + $ocsp_stapling = $this->getParam('ocsp_stapling', $result['ocsp_stapling']); + } else { + $ssl_redirect = 0; + $letsencrypt = 0; + $http2 = 0; + // we need this for the serialize + // if ssl is disabled or no ssl-ip/port exists + $ssl_ipandports[] = - 1; + + // HSTS + $hsts_maxage = 0; + $hsts_sub = 0; + $hsts_preload = 0; + + // OCSP stapling + $ocsp_stapling = 0; + } + } else { + $ssl_redirect = 0; + $letsencrypt = 0; + $http2 = 0; + // we need this for the serialize + // if ssl is disabled or no ssl-ip/port exists + $ssl_ipandports[] = - 1; + + // HSTS + $hsts_maxage = 0; + $hsts_sub = 0; + $hsts_preload = 0; + + // OCSP stapling + $ocsp_stapling = 0; + } + + // We can't enable let's encrypt for wildcard domains when using acme-v1 + if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '1') { + standard_error('nowildcardwithletsencrypt', '', true); + } + // if using acme-v2 we cannot issue wildcard-certificates + // because they currently only support the dns-01 challenge + if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '2') { + standard_error('nowildcardwithletsencryptv2', '', true); + } + + // Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated + if ($ssl_redirect > 0 && $letsencrypt == 1 && $result['letsencrypt'] != $letsencrypt) { + $ssl_redirect = 2; + } + + if (! preg_match('/^https?\:\/\//', $documentroot)) { + $documentroot = makeCorrectDir($documentroot); + } + + if ($phpenabled != '1') { + $phpenabled = '0'; + } + + if ($openbasedir != '1') { + $openbasedir = '0'; + } + + if ($isbinddomain != '1') { + $isbinddomain = '0'; + } + + if ($isemaildomain != '1') { + $isemaildomain = '0'; + } + + if ($email_only == '1') { + $isemaildomain = '1'; + } else { + $email_only = '0'; + } + + if ($subcanemaildomain != '1' && $subcanemaildomain != '2' && $subcanemaildomain != '3') { + $subcanemaildomain = '0'; + } + + if ($dkim != '1') { + $dkim = '0'; + } + + if ($caneditdomain != '1') { + $caneditdomain = '0'; + } + + $aliasdomain_check = array( + 'id' => 0 + ); + + if ($aliasdomain != 0) { + // Overwrite given ipandports with these of the "main" domain + $ipandports = array(); + $ssl_ipandports = array(); + $origipresult_stmt = Database::prepare(" + SELECT `id_ipandports` FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = :aliasdomain + "); + Database::pexecute($origipresult_stmt, array( + 'aliasdomain' => $aliasdomain + ), true, true); + $ipdata_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = :ipid"); + while ($origip = $origipresult_stmt->fetch(PDO::FETCH_ASSOC)) { + $_origip_tmp = Database::pexecute_first($ipdata_stmt, array( + 'ipid' => $origip['id_ipandports'] + ), true, true); + if ($_origip_tmp['ssl'] == 0) { + $ipandports[] = $origip['id_ipandports']; + } else { + $ssl_ipandports[] = $origip['id_ipandports']; + } + } + + if (count($ssl_ipandports) == 0) { + // we need this for the serialize + // if ssl is disabled or no ssl-ip/port exists + $ssl_ipandports[] = - 1; + } + + $aliasdomain_check_stmt = Database::prepare(" + SELECT `d`.`id` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` + WHERE `d`.`customerid` = :customerid + AND `d`.`aliasdomain` IS NULL AND `d`.`id` <> `c`.`standardsubdomain` + AND `c`.`customerid` = :customerid + AND `d`.`id` = :aliasdomain + "); + $aliasdomain_check = Database::pexecute_first($aliasdomain_check_stmt, array( + 'customerid' => $customerid, + 'aliasdomain' => $aliasdomain + ), true, true); + } + + if (count($ipandports) == 0) { + standard_error('noipportgiven', '', true); + } + + if ($aliasdomain_check['id'] != $aliasdomain) { + standard_error('domainisaliasorothercustomer', '', true); + } + + if ($issubof <= '0') { + $issubof = '0'; + } + + if ($serveraliasoption != '1' && $serveraliasoption != '2') { + $serveraliasoption = '0'; + } + + /** + * + * @todo how to handle security questions now? + * + * $params = array( + * 'id' => $id, + * 'page' => $page, + * 'action' => $action, + * 'customerid' => $customerid, + * 'adminid' => $adminid, + * 'documentroot' => $documentroot, + * 'alias' => $aliasdomain, + * 'isbinddomain' => $isbinddomain, + * 'isemaildomain' => $isemaildomain, + * 'email_only' => $email_only, + * 'subcanemaildomain' => $subcanemaildomain, + * 'caneditdomain' => $caneditdomain, + * 'zonefile' => $zonefile, + * 'dkim' => $dkim, + * 'selectserveralias' => $serveraliasoption, + * 'ssl_redirect' => $ssl_redirect, + * 'phpenabled' => $phpenabled, + * 'openbasedir' => $openbasedir, + * 'phpsettingid' => $phpsettingid, + * 'phpsettingsforsubdomains' => $phpfs, + * 'mod_fcgid_starter' => $mod_fcgid_starter, + * 'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests, + * 'specialsettings' => $specialsettings, + * 'specialsettingsforsubdomains' => $ssfs, + * 'notryfiles' => $notryfiles, + * 'registration_date' => $registration_date, + * 'termination_date' => $termination_date, + * 'issubof' => $issubof, + * 'speciallogfile' => $speciallogfile, + * 'speciallogverified' => $speciallogverified, + * 'ipandport' => serialize($ipandports), + * 'ssl_ipandport' => serialize($ssl_ipandports), + * 'letsencrypt' => $letsencrypt, + * 'http2' => $http2, + * 'hsts_maxage' => $hsts_maxage, + * 'hsts_sub' => $hsts_sub, + * 'hsts_preload' => $hsts_preload, + * 'ocsp_stapling' => $ocsp_stapling + * ); + * + * $security_questions = array( + * 'reallydisablesecuritysetting' => ($openbasedir == '0' && $userinfo['change_serversettings'] == '1'), + * 'reallydocrootoutofcustomerroot' => (substr($documentroot, 0, strlen($customer['documentroot'])) != $customer['documentroot'] && ! preg_match('/^https?\:\/\//', $documentroot)) + * ); + * foreach ($security_questions as $question_name => $question_launch) { + * if ($question_launch !== false) { + * $params[$question_name] = $question_name; + * if (! isset($_POST[$question_name]) || $_POST[$question_name] != $question_name) { + * ask_yesno('admin_domain_' . $question_name, $filename, $params); + * } + * } + * } + */ + + $wwwserveralias = ($serveraliasoption == '1') ? '1' : '0'; + $iswildcarddomain = ($serveraliasoption == '0') ? '1' : '0'; + + if ($documentroot != $result['documentroot'] || $ssl_redirect != $result['ssl_redirect'] || $wwwserveralias != $result['wwwserveralias'] || $iswildcarddomain != $result['iswildcarddomain'] || $phpenabled != $result['phpenabled'] || $openbasedir != $result['openbasedir'] || $phpsettingid != $result['phpsettingid'] || $mod_fcgid_starter != $result['mod_fcgid_starter'] || $mod_fcgid_maxrequests != $result['mod_fcgid_maxrequests'] || $specialsettings != $result['specialsettings'] || $notryfiles != $result['notryfiles'] || $aliasdomain != $result['aliasdomain'] || $issubof != $result['ismainbutsubto'] || $email_only != $result['email_only'] || ($speciallogfile != $result['speciallogfile'] && $speciallogverified == '1') || $letsencrypt != $result['letsencrypt'] || $http2 != $result['http2'] || $hsts_maxage != $result['hsts'] || $hsts_sub != $result['hsts_sub'] || $hsts_preload != $result['hsts_preload'] || $ocsp_stapling != $result['ocsp_stapling']) { + inserttask('1'); + } + + if ($speciallogfile != $result['speciallogfile'] && $speciallogverified != '1') { + $speciallogfile = $result['speciallogfile']; + } + + if ($isbinddomain != $result['isbinddomain'] || $zonefile != $result['zonefile'] || $dkim != $result['dkim']) { + inserttask('4'); + } + + if ($isemaildomain == '0' && $result['isemaildomain'] == '1') { + $del_stmt = Database::prepare(" + DELETE FROM `" . TABLE_MAIL_USERS . "` WHERE `domainid` = :id + "); + Database::pexecute($del_stmt, array( + 'id' => $id + ), true, true); + + $del_stmt = Database::prepare(" + DELETE FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `domainid` = :id + "); + Database::pexecute($del_stmt, array( + 'id' => $id + ), true, true); + $this->logger()->logAction(ADM_ACTION, LOG_NOTICE, "[API] deleted domain #" . $id . " from mail-tables as is-email-domain was set to 0"); + } + + // check whether LE has been disabled, so we remove the certificate + if ($letsencrypt == '0' && $result['letsencrypt'] == '1') { + $del_stmt = Database::prepare(" + DELETE FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` = :id + "); + Database::pexecute($del_stmt, array( + 'id' => $id + ), true, true); + } + + $updatechildren = ''; + + if ($subcanemaildomain == '0' && $result['subcanemaildomain'] != '0') { + $updatechildren = ", `isemaildomain` = '0' "; + } elseif ($subcanemaildomain == '3' && $result['subcanemaildomain'] != '3') { + $updatechildren = ", `isemaildomain` = '1' "; + } + + if ($customerid != $result['customerid'] && Settings::Get('panel.allow_domain_change_customer') == '1') { + $upd_data = array( + 'customerid' => $customerid, + 'domainid' => $result['id'] + ); + $upd_stmt = Database::prepare(" + UPDATE `" . TABLE_MAIL_USERS . "` SET `customerid` = :customerid WHERE `domainid` = :domainid + "); + Database::pexecute($upd_stmt, $upd_data, true, true); + $upd_stmt = Database::prepare(" + UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `customerid` = :customerid WHERE `domainid` = :domainid + "); + Database::pexecute($upd_stmt, $upd_data, true, true); + $upd_data = array( + 'subdomains' => $subdomains, + 'emails' => $emails, + 'forwarders' => $email_forwarders, + 'accounts' => $email_accounts + ); + $upd_data['customerid'] = $customerid; + $upd_stmt = Database::prepare(" + UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET + `subdomains_used` = `subdomains_used` + :subdomains, + `emails_used` = `emails_used` + :emails, + `email_forwarders_used` = `email_forwarders_used` + :forwarders, + `email_accounts_used` = `email_accounts_used` + :accounts + WHERE `customerid` = :customerid + "); + Database::pexecute($upd_stmt, $upd_data, true, true); + + $upd_data['customerid'] = $result['customerid']; + $upd_stmt = Database::prepare(" + UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET + `subdomains_used` = `subdomains_used` - :subdomains, + `emails_used` = `emails_used` - :emails, + `email_forwarders_used` = `email_forwarders_used` - :forwarders, + `email_accounts_used` = `email_accounts_used` - :accounts + WHERE `customerid` = :customerid + "); + Database::pexecute($upd_stmt, $upd_data, true, true); + } + + if ($adminid != $result['adminid'] && Settings::Get('panel.allow_domain_change_admin') == '1') { + $upd_stmt = Database::prepare(" + UPDATE `" . TABLE_PANEL_ADMINS . "` SET `domains_used` = `domains_used` + 1 WHERE `adminid` = :adminid + "); + Database::pexecute($upd_stmt, array( + 'adminid' => $adminid + ), true, true); + + $upd_stmt = Database::prepare(" + UPDATE `" . TABLE_PANEL_ADMINS . "` SET `domains_used` = `domains_used` - 1 WHERE `adminid` = :adminid + "); + Database::pexecute($upd_stmt, array( + 'adminid' => $result['adminid'] + ), true, true); + } + + $_update_data = array(); + + $ssfs = $this->getParam('specialsettingsforsubdomains', 0); + if ($ssfs == 1) { + $_update_data['specialsettings'] = $specialsettings; + $upd_specialsettings = ", `specialsettings` = :specialsettings "; + } else { + $upd_specialsettings = ''; + unset($_update_data['specialsettings']); + $upd_stmt = Database::prepare(" + UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `specialsettings`='' WHERE `parentdomainid` = :id + "); + Database::pexecute($upd_stmt, array( + 'id' => $id + ), true, true); + $this->logger()->logAction(ADM_ACTION, LOG_INFO, "[API] removed specialsettings on all subdomains of domain #" . $id); + } + + $wwwserveralias = ($serveraliasoption == '1') ? '1' : '0'; + $iswildcarddomain = ($serveraliasoption == '0') ? '1' : '0'; + + $update_data = array(); + $update_data['customerid'] = $customerid; + $update_data['adminid'] = $adminid; + $update_data['documentroot'] = $documentroot; + $update_data['ssl_redirect'] = $ssl_redirect; + $update_data['aliasdomain'] = ($aliasdomain != 0 && $alias_check == 0) ? $aliasdomain : null; + $update_data['isbinddomain'] = $isbinddomain; + $update_data['isemaildomain'] = $isemaildomain; + $update_data['email_only'] = $email_only; + $update_data['subcanemaildomain'] = $subcanemaildomain; + $update_data['dkim'] = $dkim; + $update_data['caneditdomain'] = $caneditdomain; + $update_data['zonefile'] = $zonefile; + $update_data['wwwserveralias'] = $wwwserveralias; + $update_data['iswildcarddomain'] = $iswildcarddomain; + $update_data['phpenabled'] = $phpenabled; + $update_data['openbasedir'] = $openbasedir; + $update_data['speciallogfile'] = $speciallogfile; + $update_data['phpsettingid'] = $phpsettingid; + $update_data['mod_fcgid_starter'] = $mod_fcgid_starter; + $update_data['mod_fcgid_maxrequests'] = $mod_fcgid_maxrequests; + $update_data['specialsettings'] = $specialsettings; + $update_data['notryfiles'] = $notryfiles; + $update_data['registration_date'] = $registration_date; + $update_data['termination_date'] = $termination_date; + $update_data['ismainbutsubto'] = $issubof; + $update_data['letsencrypt'] = $letsencrypt; + $update_data['http2'] = $http2; + $update_data['hsts'] = $hsts_maxage; + $update_data['hsts_sub'] = $hsts_sub; + $update_data['hsts_preload'] = $hsts_preload; + $update_data['ocsp_stapling'] = $ocsp_stapling; + $update_data['id'] = $id; + + $update_stmt = Database::prepare(" + UPDATE `" . TABLE_PANEL_DOMAINS . "` SET + `customerid` = :customerid, + `adminid` = :adminid, + `documentroot` = :documentroot, + `ssl_redirect` = :ssl_redirect, + `aliasdomain` = :aliasdomain, + `isbinddomain` = :isbinddomain, + `isemaildomain` = :isemaildomain, + `email_only` = :email_only, + `subcanemaildomain` = :subcanemaildomain, + `dkim` = :dkim, + `caneditdomain` = :caneditdomain, + `zonefile` = :zonefile, + `wwwserveralias` = :wwwserveralias, + `iswildcarddomain` = :iswildcarddomain, + `phpenabled` = :phpenabled, + `openbasedir` = :openbasedir, + `speciallogfile` = :speciallogfile, + `phpsettingid` = :phpsettingid, + `mod_fcgid_starter` = :mod_fcgid_starter, + `mod_fcgid_maxrequests` = :mod_fcgid_maxrequests, + `specialsettings` = :specialsettings, + `notryfiles` = :notryfiles, + `registration_date` = :registration_date, + `termination_date` = :termination_date, + `ismainbutsubto` = :ismainbutsubto, + `letsencrypt` = :letsencrypt, + `http2` = :http2, + `hsts` = :hsts, + `hsts_sub` = :hsts_sub, + `hsts_preload` = :hsts_preload, + `ocsp_stapling` = :ocsp_stapling + WHERE `id` = :id + "); + Database::pexecute($update_stmt, $update_data, true, true); + + $_update_data['customerid'] = $customerid; + $_update_data['adminid'] = $adminid; + $_update_data['phpenabled'] = $phpenabled; + $_update_data['openbasedir'] = $openbasedir; + $_update_data['mod_fcgid_starter'] = $mod_fcgid_starter; + $_update_data['mod_fcgid_maxrequests'] = $mod_fcgid_maxrequests; + $_update_data['parentdomainid'] = $id; + + // if php config is to be set for all subdomains, check here + $update_phpconfig = ''; + $phpfs = $this->getParam('phpsettingsforsubdomains', 0); + if ($phpfs == 1) { + $_update_data['phpsettingid'] = $phpsettingid; + $update_phpconfig = ", `phpsettingid` = :phpsettingid"; + } + + // if we have no more ssl-ip's for this domain, + // all its subdomains must have "ssl-redirect = 0" + // and disable let's encrypt + $update_sslredirect = ''; + if (count($ssl_ipandports) == 1 && $ssl_ipandports[0] == - 1) { + $update_sslredirect = ", `ssl_redirect` = '0', `letsencrypt` = '0' "; + } + + $_update_stmt = Database::prepare(" + UPDATE `" . TABLE_PANEL_DOMAINS . "` SET + `customerid` = :customerid, + `adminid` = :adminid, + `phpenabled` = :phpenabled, + `openbasedir` = :openbasedir, + `mod_fcgid_starter` = :mod_fcgid_starter, + `mod_fcgid_maxrequests` = :mod_fcgid_maxrequests + " . $update_phpconfig . $upd_specialsettings . $updatechildren . $update_sslredirect . " + WHERE `parentdomainid` = :parentdomainid + "); + Database::pexecute($_update_stmt, $_update_data, true, true); + + // FIXME check how many we got and if the amount of assigned IP's + // has changed so we can insert a config-rebuild task if only + // the ip's of this domain were changed + // -> for now, always insert a rebuild-task + inserttask('1'); + + // Cleanup domain <-> ip mapping + $del_stmt = Database::prepare(" + DELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = :id + "); + Database::pexecute($del_stmt, array( + 'id' => $id + ), true, true); + + $ins_stmt = Database::prepare(" + INSERT INTO `" . TABLE_DOMAINTOIP . "` SET `id_domain` = :domainid, `id_ipandports` = :ipportid + "); + + foreach ($ipandports as $ipportid) { + Database::pexecute($ins_stmt, array( + 'domainid' => $id, + 'ipportid' => $ipportid + ), true, true); + } + foreach ($ssl_ipandports as $ssl_ipportid) { + if ($ssl_ipportid > 0) { + Database::pexecute($ins_stmt, array( + 'domainid' => $id, + 'ipportid' => $ssl_ipportid + ), true, true); + } + } + + // Cleanup domain <-> ip mapping for subdomains + $domainidsresult_stmt = Database::prepare(" + SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `parentdomainid` = :id + "); + Database::pexecute($domainidsresult_stmt, array( + 'id' => $id + ), true, true); + + while ($row = $domainidsresult_stmt->fetch(PDO::FETCH_ASSOC)) { + + $del_stmt = Database::prepare(" + DELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = :rowid + "); + Database::pexecute($del_stmt, array( + 'rowid' => $row['id'] + ), true, true); + + $ins_stmt = Database::prepare(" + INSERT INTO `" . TABLE_DOMAINTOIP . "` SET + `id_domain` = :rowid, + `id_ipandports` = :ipportid + "); + + foreach ($ipandports as $ipportid) { + Database::pexecute($ins_stmt, array( + 'rowid' => $row['id'], + 'ipportid' => $ipportid + ), true, true); + } + foreach ($ssl_ipandports as $ssl_ipportid) { + if ($ssl_ipportid > 0) { + Database::pexecute($ins_stmt, array( + 'rowid' => $row['id'], + 'ipportid' => $ssl_ipportid + ), true, true); + } + } + } + if ($result['aliasdomain'] != $aliasdomain) { + // trigger when domain id for alias destination has changed: both for old and new destination + triggerLetsEncryptCSRForAliasDestinationDomain($result['aliasdomain'], $this->logger()); + triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $this->logger()); + } else if ($result['wwwserveralias'] != $wwwserveralias || $result['letsencrypt'] != $letsencrypt) { + // or when wwwserveralias or letsencrypt was changed + triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $this->logger()); + } + + $this->logger()->logAction(ADM_ACTION, LOG_WARNING, "[API] updated domain '" . $result['domain'] . "'"); + return $this->response(200, "successfull", $update_data); + } + throw new Exception("Not allowed to execute given command.", 403); + } + + public function delete() + { + if ($this->isAdmin()) { + $id = $this->getParam('id'); + + $json_result = Domains::getLocal($this->getUserData(), array( + 'id' => $id, + 'no_std_subdomain' => true + ))->get(); + $result = json_decode($json_result, true)['data']; + + // check for deletion of main-domains which are logically subdomains, #329 + $rsd_sql = ''; + $remove_subbutmain_domains = $this->getParam('delete_userfiles', 0) ? 1 : 0; + if ($remove_subbutmain_domains == 1) { + $rsd_sql .= " OR `ismainbutsubto` = :id"; + } + + $subresult_stmt = Database::prepare(" + SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` + WHERE (`id` = :id OR `parentdomainid` = :id " . $rsd_sql . ")"); + Database::pexecute($subresult_stmt, array( + 'id' => $id + ), true, true); + $idString = array(); + $paramString = array(); + while ($subRow = $subresult_stmt->fetch(PDO::FETCH_ASSOC)) { + $idString[] = "`domainid` = :domain_" . (int) $subRow['id']; + $paramString['domain_' . $subRow['id']] = $subRow['id']; + } + $idString = implode(' OR ', $idString); + + if ($idString != '') { + $del_stmt = Database::prepare(" + DELETE FROM `" . TABLE_MAIL_USERS . "` WHERE " . $idString); + Database::pexecute($del_stmt, $paramString, true, true); + $del_stmt = Database::prepare(" + DELETE FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE " . $idString); + Database::pexecute($del_stmt, $paramString, true, true); + $this->logger()->logAction(ADM_ACTION, LOG_NOTICE, "[API] deleted domain/s from mail-tables"); + } + + // if mainbutsubto-domains are not to be deleted, re-assign the (ismainbutsubto value of the main + // domain which is being deleted) as their new ismainbutsubto value + if ($remove_subbutmain_domains !== 1) { + $upd_stmt = Database::prepare(" + UPDATE `" . TABLE_PANEL_DOMAINS . "` SET + `ismainbutsubto` = :newIsMainButSubtoValue + WHERE `ismainbutsubto` = :deletedMainDomainId + "); + Database::pexecute($upd_stmt, array( + 'newIsMainButSubtoValue' => $result['ismainbutsubto'], + 'deletedMainDomainId' => $id + ), true, true); + } + + $del_stmt = Database::prepare(" + DELETE FROM `" . TABLE_PANEL_DOMAINS . "` + WHERE `id` = :id OR `parentdomainid` = :id " . $rsd_sql); + Database::pexecute($del_stmt, array( + 'id' => $id + ), true, true); + + $deleted_domains = $del_stmt->rowCount(); + + $upd_stmt = Database::prepare(" + UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET + `subdomains_used` = `subdomains_used` - :domaincount + WHERE `customerid` = :customerid"); + Database::pexecute($upd_stmt, array( + 'domaincount' => ($deleted_domains - 1), + 'customerid' => $result['customerid'] + ), true, true); + + $upd_stmt = Database::prepare(" + UPDATE `" . TABLE_PANEL_ADMINS . "` SET + `domains_used` = `domains_used` - 1 + WHERE `adminid` = :adminid"); + Database::pexecute($upd_stmt, array( + 'adminid' => $this->getUserDetail('adminid') + ), true, true); + + $upd_stmt = Database::prepare(" + UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET + `standardsubdomain` = '0' + WHERE `standardsubdomain` = :id AND `customerid` = :customerid"); + Database::pexecute($upd_stmt, array( + 'id' => $result['id'], + 'customerid' => $result['customerid'] + ), true, true); + + $del_stmt = Database::prepare(" + DELETE FROM `" . TABLE_DOMAINTOIP . "` + WHERE `id_domain` = :domainid"); + Database::pexecute($del_stmt, array( + 'domainid' => $id + ), true, true); + + $del_stmt = Database::prepare(" + DELETE FROM `" . TABLE_PANEL_DOMAINREDIRECTS . "` + WHERE `did` = :domainid"); + Database::pexecute($del_stmt, array( + 'domainid' => $id + ), true, true); + + // remove certificate from domain_ssl_settings, fixes #1596 + $del_stmt = Database::prepare(" + DELETE FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` + WHERE `domainid` = :domainid"); + Database::pexecute($del_stmt, array( + 'domainid' => $id + ), true, true); + + // remove possible existing DNS entries + $del_stmt = Database::prepare(" + DELETE FROM `" . TABLE_DOMAIN_DNS . "` + WHERE `domain_id` = :domainid + "); + Database::pexecute($del_stmt, array( + 'domainid' => $id + ), true, true); + + triggerLetsEncryptCSRForAliasDestinationDomain($result['aliasdomain'], $this->logger()); + + $this->logger()->logAction(ADM_ACTION, LOG_INFO, "[API] deleted domain/subdomains (#" . $result['id'] . ")"); + updateCounters(); + inserttask('1'); + // Using nameserver, insert a task which rebuilds the server config + inserttask('4'); + return $this->response(200, "successfull", $result); + } + throw new Exception("Not allowed to execute given command.", 403); + } +}