maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

get rid of some more functions

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2018-12-20 07:43:40 +01:00
parent adc627ca4e
commit 8c896d60d6
31 changed files with 368 additions and 458 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/Froxlor/Api/Commands/Admins.php
View File

@@ -260,14 +260,14 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
}
if ($password == '') {
$password = generatePassword();
$password = \Froxlor\System::generatePassword();
}
$_theme = Settings::Get('panel.default_theme');
$ins_data = array(
'loginname' => $loginname,
'password' => makeCryptPassword($password),
'password' => \Froxlor\System::makeCryptPassword($password),
'name' => $name,
'email' => $email,
'lang' => $def_language,
@@ -530,7 +530,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
if ($password != '') {
$password = validatePassword($password, true);
$password = makeCryptPassword($password);
$password = \Froxlor\System::makeCryptPassword($password);
} else {
$password = $result['password'];
}

8
lib/Froxlor/Api/Commands/Customers.php
View File

@@ -378,7 +378,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
}
if ($password == '') {
$password = generatePassword();
$password = \Froxlor\System::generatePassword();
}
$_theme = Settings::Get('panel.default_theme');
@@ -386,7 +386,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
$ins_data = array(
'adminid' => $this->getUserDetail('adminid'),
'loginname' => $loginname,
'passwd' => makeCryptPassword($password),
'passwd' => \Froxlor\System::makeCryptPassword($password),
'name' => $name,
'firstname' => $firstname,
'gender' => $gender,
@@ -552,7 +552,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
Database::pexecute($ins_stmt, $ins_data, true, true);
inserttask('1');
$cryptPassword = makeCryptPassword($password);
$cryptPassword = \Froxlor\System::makeCryptPassword($password);
// add FTP-User
// @fixme use Ftp-ApiCommand later
$ins_stmt = Database::prepare("
@@ -941,7 +941,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
if ($password != '') {
$password = validatePassword($password, true);
$password = makeCryptPassword($password);
$password = \Froxlor\System::makeCryptPassword($password);
} else {
$password = $result['password'];
}

4
lib/Froxlor/Api/Commands/EmailAccounts.php
View File

@@ -122,7 +122,7 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
}
// encrypt the password
$cryptPassword = makeCryptPassword($password);
$cryptPassword = \Froxlor\System::makeCryptPassword($password);
$email_user = substr($email_full, 0, strrpos($email_full, "@"));
$email_domain = substr($email_full, strrpos($email_full, "@") + 1);
@@ -347,7 +347,7 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
standard_error('passwordshouldnotbeusername', '', true);
}
$password = validatePassword($password, true);
$cryptPassword = makeCryptPassword($password);
$cryptPassword = \Froxlor\System::makeCryptPassword($password);
$upd_query .= (Settings::Get('system.mailpwcleartext') == '1' ? "`password` = :password, " : '') . "`password_enc`= :password_enc";
$upd_params['password_enc'] = $cryptPassword;
if (Settings::Get('system.mailpwcleartext') == '1') {

4
lib/Froxlor/Api/Commands/Ftps.php
View File

@@ -129,7 +129,7 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
standard_error('passwordshouldnotbeusername', '', true);
} else {
$path = \Froxlor\FileDir::makeCorrectDir($customer['documentroot'] . '/' . $path);
$cryptPassword = makeCryptPassword($password);
$cryptPassword = \Froxlor\System::makeCryptPassword($password);
$stmt = Database::prepare("INSERT INTO `" . TABLE_FTP_USERS . "`
(`customerid`, `username`, `description`, `password`, `homedir`, `login_enabled`, `uid`, `gid`, `shell`)
@@ -358,7 +358,7 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
if ($password == $result['username']) {
standard_error('passwordshouldnotbeusername', '', true);
}
$cryptPassword = makeCryptPassword($password);
$cryptPassword = \Froxlor\System::makeCryptPassword($password);
$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
SET `password` = :password

128
lib/Froxlor/Http/Statistics.php Normal file
View File

@@ -0,0 +1,128 @@
<?php
namespace Froxlor\Http;
use Froxlor\Settings;
class Statistics
{
/**
* Create or modify the AWStats configuration file for the given domain.
* Modified by Berend Dekens to allow custom configurations.
*
* @param logFile
* @param siteDomain
* @param hostAliases
* @return null
*/
public static function createAWStatsConf($logFile, $siteDomain, $hostAliases, $customerDocroot, $awstats_params = array()) {
// Generation header
$header = "## GENERATED BY FROXLOR\n";
$header2 = "## Do not remove the line above! This tells Froxlor to update this configuration\n## If you wish to manually change this configuration file, remove the first line to make sure Froxlor won't rebuild this file\n## Generated for domain {SITE_DOMAIN} on " . date('l dS \of F Y h:i:s A') . "\n";
$awstats_dir = \Froxlor\FileDir::makeCorrectDir($customerDocroot.'/awstats/'.$siteDomain.'/');
if (!is_dir($awstats_dir)) {
\Froxlor\FileDir::safe_exec('mkdir -p '.escapeshellarg($awstats_dir));
}
// chown created folder, #258
self::makeChownWithNewStats($awstats_params);
// weird but could happen...
if (!is_dir(Settings::Get('system.awstats_conf'))) {
\Froxlor\FileDir::safe_exec('mkdir -p '.escapeshellarg(Settings::Get('system.awstats_conf')));
}
// These are the variables we will replace
$regex = array(
'/\{LOG_FILE\}/',
'/\{SITE_DOMAIN\}/',
'/\{HOST_ALIASES\}/',
'/\{CUSTOMER_DOCROOT\}/',
'/\{AWSTATS_CONF\}/'
);
$replace = array(
\Froxlor\FileDir::makeCorrectFile($logFile),
$siteDomain,
$hostAliases,
$awstats_dir,
\Froxlor\FileDir::makeCorrectDir(Settings::Get('system.awstats_conf'))
);
// File names
$domain_file = \Froxlor\FileDir::makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.' . $siteDomain . '.conf');
$model_file = \Froxlor\Froxlor::getInstallDir().'/templates/misc/awstats/awstats.froxlor.model.conf';
$model_file = \Froxlor\FileDir::makeCorrectFile($model_file);
// Test if the file exists
if (file_exists($domain_file)) {
// Check for the generated header - if this is a manual modification we won't update
$awstats_domain_conf = fopen($domain_file, 'r');
if (fgets($awstats_domain_conf, strlen($header)) != $header) {
fclose($awstats_domain_conf);
return;
}
// Close the file
fclose($awstats_domain_conf);
}
$awstats_domain_conf = fopen($domain_file, 'w');
$awstats_model_conf = fopen($model_file, 'r');
// Write the header
fwrite($awstats_domain_conf, $header);
fwrite($awstats_domain_conf, preg_replace($regex, $replace, $header2));
// Write the configuration file
while (($line = fgets($awstats_model_conf, 4096)) !== false) {
if (!preg_match('/^#/', $line)
&& trim($line) != ''
) {
fwrite($awstats_domain_conf, preg_replace($regex, $replace, $line));
}
}
fclose($awstats_domain_conf);
fclose($awstats_model_conf);
}
/**
* chowns either awstats or webalizer folder,
* either with webserver-user or - if fcgid
* is used - the customers name, #258
*
* @param array $row array if panel_customers
*
* @return void
*/
public static function makeChownWithNewStats($row) {
// get correct user
if ((Settings::Get('system.mod_fcgid') == '1' || Settings::Get('phpfpm.enabled') == '1')
&& isset($row['deactivated'])
&& $row['deactivated'] == '0'
) {
$user = $row['loginname'];
$group = $row['loginname'];
} else {
$user = $row['guid'];
$group = $row['guid'];
}
// get correct directory
$dir = $row['documentroot'];
if (Settings::Get('system.awstats_enabled') == '1') {
$dir .= '/awstats/';
} else {
$dir .= '/webalizer/';
}
// only run chown if directory exists
if (file_exists($dir)) {
// run chown
\Froxlor\FileDir::safe_exec('chown -R '.escapeshellarg($user).':'.escapeshellarg($group).' '.escapeshellarg(\Froxlor\FileDir::makeCorrectDir($dir)));
}
}
}

204
lib/Froxlor/System.php Normal file
View File

@@ -0,0 +1,204 @@
<?php
namespace Froxlor\System;
use Froxlor\Settings;
class System
{
/**
* Generates a random password
*
* @param boolean $isSalt
* optional, create a hash for a salt used in \Froxlor\System::makeCryptPassword because crypt() does not like some special characters in its salts, default is false
*/
public static function generatePassword($isSalt = false)
{
$alpha_lower = 'abcdefghijklmnopqrstuvwxyz';
$alpha_upper = strtoupper($alpha_lower);
$numeric = '0123456789';
$special = Settings::Get('panel.password_special_char');
$length = Settings::Get('panel.password_min_length') > 3 ? Settings::Get('panel.password_min_length') : 10;
$pw = self::special_shuffle($alpha_lower);
$n = floor(($length) / 4);
if (Settings::Get('panel.password_alpha_upper')) {
$pw .= mb_substr(self::special_shuffle($alpha_upper), 0, $n);
}
if (Settings::Get('panel.password_numeric')) {
$pw .= mb_substr(self::special_shuffle($numeric), 0, $n);
}
if (Settings::Get('panel.password_special_char_required') && ! $isSalt) {
$pw .= mb_substr(self::special_shuffle($special), 0, $n);
}
$pw = mb_substr($pw, - $length);
return self::special_shuffle($pw);
}
/**
* multibyte-character safe shuffle function
*
* @param string $str
*
* @return string
*/
private static function special_shuffle($str = null)
{
$len = mb_strlen($str);
$sploded = array();
while ($len -- > 0) {
$sploded[] = mb_substr($str, $len, 1);
}
shuffle($sploded);
return join('', $sploded);
}
/**
* Make crypted password from clear text password
*
* @author Michal Wojcik <m.wojcik@sonet3.pl>
* @author Michael Kaufmann <mkaufmann@nutime.de>
* @author Froxlor team <team@froxlor.org> (2010-)
*
* 0 - default crypt (depenend on system configuration)
* 1 - MD5 $1$
* 2 - BLOWFISH $2a$ | $2y$07$ (on php 5.3.7+)
* 3 - SHA-256 $5$ (default)
* 4 - SHA-512 $6$
*
* @param string $password
* Password to be crypted
*
* @return string encrypted password
*/
public static function makeCryptPassword($password)
{
$type = Settings::Get('system.passwordcryptfunc') !== null ? (int) Settings::Get('system.passwordcryptfunc') : 3;
switch ($type) {
case 0:
$cryptPassword = crypt($password);
break;
case 1:
$cryptPassword = crypt($password, '$1$' . self::generatePassword(true) . self::generatePassword(true));
break;
case 2:
if (version_compare(phpversion(), '5.3.7', '<')) {
$cryptPassword = crypt($password, '$2a$' . self::generatePassword(true) . self::generatePassword(true));
} else {
// Blowfish hashing with a salt as follows: "$2a$", "$2x$" or "$2y$",
// a two digit cost parameter, "$", and 22 characters from the alphabet "./0-9A-Za-z"
$cryptPassword = crypt($password, '$2y$07$' . substr(self::generatePassword(true) . self::generatePassword(true) . self::generatePassword(true), 0, 22));
}
break;
case 3:
$cryptPassword = crypt($password, '$5$' . self::generatePassword(true) . self::generatePassword(true));
break;
case 4:
$cryptPassword = crypt($password, '$6$' . self::generatePassword(true) . self::generatePassword(true));
break;
default:
$cryptPassword = crypt($password);
break;
}
return $cryptPassword;
}
/**
* return an array of available hashes for the crypt() function
*
* @return array
*/
public static function getAvailablePasswordHashes()
{
global $lng;
// get available pwd-hases
$available_pwdhashes = array(
0 => $lng['serversettings']['systemdefault']
);
if (defined('CRYPT_MD5') && CRYPT_MD5 == 1) {
$available_pwdhashes[1] = 'MD5';
}
if (defined('CRYPT_BLOWFISH') && CRYPT_BLOWFISH == 1) {
$available_pwdhashes[2] = 'BLOWFISH';
}
if (defined('CRYPT_SHA256') && CRYPT_SHA256 == 1) {
$available_pwdhashes[3] = 'SHA-256';
}
if (defined('CRYPT_SHA512') && CRYPT_SHA512 == 1) {
$available_pwdhashes[4] = 'SHA-512';
}
return $available_pwdhashes;
}
/**
* Cronjob function to end a cronjob in a critical condition
* but not without sending a notification mail to the admin
*
* @param string $message
* @param string $subject
*
* @return void
*/
public static function dieWithMail($message, $subject = "[froxlor] Cronjob error")
{
if (Settings::Get('system.send_cron_errors') == '1') {
$_mail = new \PHPMailer\PHPMailer\PHPMailer(true);
$_mail->CharSet = "UTF-8";
if (Settings::Get('system.mail_use_smtp')) {
$_mail->isSMTP();
$_mail->Host = Settings::Get('system.mail_smtp_host');
$_mail->SMTPAuth = Settings::Get('system.mail_smtp_auth') == '1' ? true : false;
$_mail->Username = Settings::Get('system.mail_smtp_user');
$_mail->Password = Settings::Get('system.mail_smtp_passwd');
if (Settings::Get('system.mail_smtp_usetls')) {
$_mail->SMTPSecure = 'tls';
} else {
$_mail->SMTPAutoTLS = false;
}
$_mail->Port = Settings::Get('system.mail_smtp_port');
}
if (\PHPMailer\PHPMailer\PHPMailer::ValidateAddress(Settings::Get('panel.adminmail')) !== false) {
// set return-to address and custom sender-name, see #76
$_mail->SetFrom(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname'));
if (Settings::Get('panel.adminmail_return') != '') {
$_mail->AddReplyTo(Settings::Get('panel.adminmail_return'), Settings::Get('panel.adminmail_defname'));
}
}
$_mailerror = false;
$mailerr_msg = "";
try {
$_mail->Subject = $subject;
$_mail->AltBody = $message;
$_mail->MsgHTML(nl2br($message));
$_mail->AddAddress(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname'));
$_mail->Send();
} catch (\PHPMailer\PHPMailer\Exception $e) {
$mailerr_msg = $e->errorMessage();
$_mailerror = true;
} catch (\Exception $e) {
$mailerr_msg = $e->getMessage();
$_mailerror = true;
}
$_mail->ClearAddresses();
if ($_mailerror) {
echo 'Error sending mail: ' . $mailerr_msg . "\n";
}
}
die($message);
}
}