get rid of some more functions

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

actions/admin/settings/210.security.php

@@ -45,7 +45,7 @@ return array(
 					'type' => 'option',
 					'default' => 0,
 					'option_mode' => 'one',
-					'option_options_method' => 'getAvailablePasswordHashes',
+					'option_options_method' => array('\\Froxlor\\System', 'getAvailablePasswordHashes'),
 					'save_method' => 'storeSettingField',
 					),
 				'system_allow_error_report_admin' => array(

customer_index.php

@@ -135,7 +135,7 @@ if ($page == 'overview') {
 
 			// Update ftp password
 			if (isset($_POST['change_main_ftp']) && $_POST['change_main_ftp'] == 'true') {
-				$cryptPassword = makeCryptPassword($new_password);
+				$cryptPassword = \Froxlor\System::makeCryptPassword($new_password);
 				$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
 					SET `password` = :password
 					WHERE `customerid` = :customerid

index.php

@@ -624,7 +624,7 @@ if ($action == 'resetpwd') {
 								WHERE `customerid` = :userid");
 						}
 						Database::pexecute($stmt, array(
-							"newpassword" => makeCryptPassword($new_password),
+							"newpassword" => \Froxlor\System::makeCryptPassword($new_password),
 							"userid" => $result['userid']
 						));
 

lib/Froxlor/Api/Commands/Admins.php

@@ -260,14 +260,14 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 				}
 
 				if ($password == '') {
-					$password = generatePassword();
+					$password = \Froxlor\System::generatePassword();
 				}
 
 				$_theme = Settings::Get('panel.default_theme');
 
 				$ins_data = array(
 					'loginname' => $loginname,
-					'password' => makeCryptPassword($password),
+					'password' => \Froxlor\System::makeCryptPassword($password),
 					'name' => $name,
 					'email' => $email,
 					'lang' => $def_language,
@@ -530,7 +530,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 
 					if ($password != '') {
 						$password = validatePassword($password, true);
-						$password = makeCryptPassword($password);
+						$password = \Froxlor\System::makeCryptPassword($password);
 					} else {
 						$password = $result['password'];
 					}

lib/Froxlor/Api/Commands/Customers.php

@@ -378,7 +378,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 					}
 
 					if ($password == '') {
-						$password = generatePassword();
+						$password = \Froxlor\System::generatePassword();
 					}
 
 					$_theme = Settings::Get('panel.default_theme');
@@ -386,7 +386,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 					$ins_data = array(
 						'adminid' => $this->getUserDetail('adminid'),
 						'loginname' => $loginname,
-						'passwd' => makeCryptPassword($password),
+						'passwd' => \Froxlor\System::makeCryptPassword($password),
 						'name' => $name,
 						'firstname' => $firstname,
 						'gender' => $gender,
@@ -552,7 +552,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 					Database::pexecute($ins_stmt, $ins_data, true, true);
 
 					inserttask('1');
-					$cryptPassword = makeCryptPassword($password);
+					$cryptPassword = \Froxlor\System::makeCryptPassword($password);
 					// add FTP-User
 					// @fixme use Ftp-ApiCommand later
 					$ins_stmt = Database::prepare("
@@ -941,7 +941,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 
 		if ($password != '') {
 			$password = validatePassword($password, true);
-			$password = makeCryptPassword($password);
+			$password = \Froxlor\System::makeCryptPassword($password);
 		} else {
 			$password = $result['password'];
 		}

lib/Froxlor/Api/Commands/EmailAccounts.php

@@ -122,7 +122,7 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
 			}
 
 			// encrypt the password
-			$cryptPassword = makeCryptPassword($password);
+			$cryptPassword = \Froxlor\System::makeCryptPassword($password);
 
 			$email_user = substr($email_full, 0, strrpos($email_full, "@"));
 			$email_domain = substr($email_full, strrpos($email_full, "@") + 1);
@@ -347,7 +347,7 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
 				standard_error('passwordshouldnotbeusername', '', true);
 			}
 			$password = validatePassword($password, true);
-			$cryptPassword = makeCryptPassword($password);
+			$cryptPassword = \Froxlor\System::makeCryptPassword($password);
 			$upd_query .= (Settings::Get('system.mailpwcleartext') == '1' ? "`password` = :password, " : '') . "`password_enc`= :password_enc";
 			$upd_params['password_enc'] = $cryptPassword;
 			if (Settings::Get('system.mailpwcleartext') == '1') {

lib/Froxlor/Api/Commands/Ftps.php

@@ -129,7 +129,7 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 				standard_error('passwordshouldnotbeusername', '', true);
 			} else {
 				$path = \Froxlor\FileDir::makeCorrectDir($customer['documentroot'] . '/' . $path);
-				$cryptPassword = makeCryptPassword($password);
+				$cryptPassword = \Froxlor\System::makeCryptPassword($password);
 
 				$stmt = Database::prepare("INSERT INTO `" . TABLE_FTP_USERS . "`
 						(`customerid`, `username`, `description`, `password`, `homedir`, `login_enabled`, `uid`, `gid`, `shell`)
@@ -358,7 +358,7 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 			if ($password == $result['username']) {
 				standard_error('passwordshouldnotbeusername', '', true);
 			}
-			$cryptPassword = makeCryptPassword($password);
+			$cryptPassword = \Froxlor\System::makeCryptPassword($password);
 
 			$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
 				SET `password` = :password

lib/Froxlor/Http/Statistics.php

@@ -0,0 +1,128 @@
+<?php
+namespace Froxlor\Http;
+
+use Froxlor\Settings;
+
+class Statistics
+{
+	/**
+	 * Create or modify the AWStats configuration file for the given domain.
+	 * Modified by Berend Dekens to allow custom configurations.
+	 *
+	 * @param logFile
+	 * @param siteDomain
+	 * @param hostAliases
+	 * @return null
+	 */
+	public static function createAWStatsConf($logFile, $siteDomain, $hostAliases, $customerDocroot, $awstats_params = array()) {
+		
+		// Generation header
+		$header = "## GENERATED BY FROXLOR\n";
+		$header2 = "## Do not remove the line above! This tells Froxlor to update this configuration\n## If you wish to manually change this configuration file, remove the first line to make sure Froxlor won't rebuild this file\n## Generated for domain {SITE_DOMAIN} on " . date('l dS \of F Y h:i:s A') . "\n";
+		
+		$awstats_dir = \Froxlor\FileDir::makeCorrectDir($customerDocroot.'/awstats/'.$siteDomain.'/');
+		if (!is_dir($awstats_dir)) {
+			\Froxlor\FileDir::safe_exec('mkdir -p '.escapeshellarg($awstats_dir));
+		}
+		// chown created folder, #258
+		self::makeChownWithNewStats($awstats_params);
+		
+		// weird but could happen...
+		if (!is_dir(Settings::Get('system.awstats_conf'))) {
+			\Froxlor\FileDir::safe_exec('mkdir -p '.escapeshellarg(Settings::Get('system.awstats_conf')));
+		}
+		
+		// These are the variables we will replace
+		$regex = array(
+			'/\{LOG_FILE\}/',
+			'/\{SITE_DOMAIN\}/',
+			'/\{HOST_ALIASES\}/',
+			'/\{CUSTOMER_DOCROOT\}/',
+			'/\{AWSTATS_CONF\}/'
+		);
+		$replace = array(
+			\Froxlor\FileDir::makeCorrectFile($logFile),
+			$siteDomain,
+			$hostAliases,
+			$awstats_dir,
+			\Froxlor\FileDir::makeCorrectDir(Settings::Get('system.awstats_conf'))
+		);
+		
+		// File names
+		$domain_file = \Froxlor\FileDir::makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.' . $siteDomain . '.conf');
+		$model_file = \Froxlor\Froxlor::getInstallDir().'/templates/misc/awstats/awstats.froxlor.model.conf';
+		$model_file = \Froxlor\FileDir::makeCorrectFile($model_file);
+		
+		// Test if the file exists
+		if (file_exists($domain_file)) {
+			// Check for the generated header - if this is a manual modification we won't update
+			$awstats_domain_conf = fopen($domain_file, 'r');
+			
+			if (fgets($awstats_domain_conf, strlen($header)) != $header) {
+				fclose($awstats_domain_conf);
+				return;
+			}
+			
+			// Close the file
+			fclose($awstats_domain_conf);
+		}
+		
+		$awstats_domain_conf = fopen($domain_file, 'w');
+		$awstats_model_conf = fopen($model_file, 'r');
+		
+		// Write the header
+		fwrite($awstats_domain_conf, $header);
+		fwrite($awstats_domain_conf, preg_replace($regex, $replace, $header2));
+		
+		// Write the configuration file
+		while (($line = fgets($awstats_model_conf, 4096)) !== false) {
+			if (!preg_match('/^#/', $line)
+				&& trim($line) != ''
+				) {
+					fwrite($awstats_domain_conf, preg_replace($regex, $replace, $line));
+				}
+		}
+		
+		fclose($awstats_domain_conf);
+		fclose($awstats_model_conf);
+	}
+	
+	/**
+	 * chowns either awstats or webalizer folder,
+	 * either with webserver-user or - if fcgid
+	 * is used - the customers name, #258
+	 *
+	 * @param array $row array if panel_customers
+	 *
+	 * @return void
+	 */
+	public static function makeChownWithNewStats($row) {
+		
+		// get correct user
+		if ((Settings::Get('system.mod_fcgid') == '1' || Settings::Get('phpfpm.enabled') == '1')
+			&& isset($row['deactivated'])
+			&& $row['deactivated'] == '0'
+			) {
+				$user = $row['loginname'];
+				$group = $row['loginname'];
+			} else {
+				$user = $row['guid'];
+				$group = $row['guid'];
+			}
+			
+			// get correct directory
+			$dir = $row['documentroot'];
+			if (Settings::Get('system.awstats_enabled') == '1') {
+				$dir .= '/awstats/';
+			} else {
+				$dir .= '/webalizer/';
+			}
+			
+			// only run chown if directory exists
+			if (file_exists($dir)) {
+				// run chown
+				\Froxlor\FileDir::safe_exec('chown -R '.escapeshellarg($user).':'.escapeshellarg($group).' '.escapeshellarg(\Froxlor\FileDir::makeCorrectDir($dir)));
+			}
+	}
+	
+}

lib/Froxlor/System.php

@@ -0,0 +1,204 @@
+<?php
+namespace Froxlor\System;
+
+use Froxlor\Settings;
+
+class System
+{
+
+	/**
+	 * Generates a random password
+	 *
+	 * @param boolean $isSalt
+	 *        	optional, create a hash for a salt used in \Froxlor\System::makeCryptPassword because crypt() does not like some special characters in its salts, default is false
+	 */
+	public static function generatePassword($isSalt = false)
+	{
+		$alpha_lower = 'abcdefghijklmnopqrstuvwxyz';
+		$alpha_upper = strtoupper($alpha_lower);
+		$numeric = '0123456789';
+		$special = Settings::Get('panel.password_special_char');
+		$length = Settings::Get('panel.password_min_length') > 3 ? Settings::Get('panel.password_min_length') : 10;
+
+		$pw = self::special_shuffle($alpha_lower);
+		$n = floor(($length) / 4);
+
+		if (Settings::Get('panel.password_alpha_upper')) {
+			$pw .= mb_substr(self::special_shuffle($alpha_upper), 0, $n);
+		}
+
+		if (Settings::Get('panel.password_numeric')) {
+			$pw .= mb_substr(self::special_shuffle($numeric), 0, $n);
+		}
+
+		if (Settings::Get('panel.password_special_char_required') && ! $isSalt) {
+			$pw .= mb_substr(self::special_shuffle($special), 0, $n);
+		}
+
+		$pw = mb_substr($pw, - $length);
+
+		return self::special_shuffle($pw);
+	}
+
+	/**
+	 * multibyte-character safe shuffle function
+	 *
+	 * @param string $str
+	 *
+	 * @return string
+	 */
+	private static function special_shuffle($str = null)
+	{
+		$len = mb_strlen($str);
+		$sploded = array();
+		while ($len -- > 0) {
+			$sploded[] = mb_substr($str, $len, 1);
+		}
+		shuffle($sploded);
+		return join('', $sploded);
+	}
+
+	/**
+	 * Make crypted password from clear text password
+	 *
+	 * @author Michal Wojcik <m.wojcik@sonet3.pl>
+	 * @author Michael Kaufmann <mkaufmann@nutime.de>
+	 * @author Froxlor team <team@froxlor.org> (2010-)
+	 *        
+	 *         0 - default crypt (depenend on system configuration)
+	 *         1 - MD5 $1$
+	 *         2 - BLOWFISH $2a$ | $2y$07$ (on php 5.3.7+)
+	 *         3 - SHA-256 $5$ (default)
+	 *         4 - SHA-512 $6$
+	 *        
+	 * @param string $password
+	 *        	Password to be crypted
+	 *        	
+	 * @return string encrypted password
+	 */
+	public static function makeCryptPassword($password)
+	{
+		$type = Settings::Get('system.passwordcryptfunc') !== null ? (int) Settings::Get('system.passwordcryptfunc') : 3;
+
+		switch ($type) {
+			case 0:
+				$cryptPassword = crypt($password);
+				break;
+			case 1:
+				$cryptPassword = crypt($password, '$1$' . self::generatePassword(true) . self::generatePassword(true));
+				break;
+			case 2:
+				if (version_compare(phpversion(), '5.3.7', '<')) {
+					$cryptPassword = crypt($password, '$2a$' . self::generatePassword(true) . self::generatePassword(true));
+				} else {
+					// Blowfish hashing with a salt as follows: "$2a$", "$2x$" or "$2y$",
+					// a two digit cost parameter, "$", and 22 characters from the alphabet "./0-9A-Za-z"
+					$cryptPassword = crypt($password, '$2y$07$' . substr(self::generatePassword(true) . self::generatePassword(true) . self::generatePassword(true), 0, 22));
+				}
+				break;
+			case 3:
+				$cryptPassword = crypt($password, '$5$' . self::generatePassword(true) . self::generatePassword(true));
+				break;
+			case 4:
+				$cryptPassword = crypt($password, '$6$' . self::generatePassword(true) . self::generatePassword(true));
+				break;
+			default:
+				$cryptPassword = crypt($password);
+				break;
+		}
+		return $cryptPassword;
+	}
+
+	/**
+	 * return an array of available hashes for the crypt() function
+	 *
+	 * @return array
+	 */
+	public static function getAvailablePasswordHashes()
+	{
+		global $lng;
+
+		// get available pwd-hases
+		$available_pwdhashes = array(
+			0 => $lng['serversettings']['systemdefault']
+		);
+		if (defined('CRYPT_MD5') && CRYPT_MD5 == 1) {
+			$available_pwdhashes[1] = 'MD5';
+		}
+		if (defined('CRYPT_BLOWFISH') && CRYPT_BLOWFISH == 1) {
+			$available_pwdhashes[2] = 'BLOWFISH';
+		}
+		if (defined('CRYPT_SHA256') && CRYPT_SHA256 == 1) {
+			$available_pwdhashes[3] = 'SHA-256';
+		}
+		if (defined('CRYPT_SHA512') && CRYPT_SHA512 == 1) {
+			$available_pwdhashes[4] = 'SHA-512';
+		}
+
+		return $available_pwdhashes;
+	}
+
+	/**
+	 * Cronjob function to end a cronjob in a critical condition
+	 * but not without sending a notification mail to the admin
+	 *
+	 * @param string $message
+	 * @param string $subject
+	 *
+	 * @return void
+	 */
+	public static function dieWithMail($message, $subject = "[froxlor] Cronjob error")
+	{
+		if (Settings::Get('system.send_cron_errors') == '1') {
+
+			$_mail = new \PHPMailer\PHPMailer\PHPMailer(true);
+			$_mail->CharSet = "UTF-8";
+
+			if (Settings::Get('system.mail_use_smtp')) {
+				$_mail->isSMTP();
+				$_mail->Host = Settings::Get('system.mail_smtp_host');
+				$_mail->SMTPAuth = Settings::Get('system.mail_smtp_auth') == '1' ? true : false;
+				$_mail->Username = Settings::Get('system.mail_smtp_user');
+				$_mail->Password = Settings::Get('system.mail_smtp_passwd');
+				if (Settings::Get('system.mail_smtp_usetls')) {
+					$_mail->SMTPSecure = 'tls';
+				} else {
+					$_mail->SMTPAutoTLS = false;
+				}
+				$_mail->Port = Settings::Get('system.mail_smtp_port');
+			}
+
+			if (\PHPMailer\PHPMailer\PHPMailer::ValidateAddress(Settings::Get('panel.adminmail')) !== false) {
+				// set return-to address and custom sender-name, see #76
+				$_mail->SetFrom(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname'));
+				if (Settings::Get('panel.adminmail_return') != '') {
+					$_mail->AddReplyTo(Settings::Get('panel.adminmail_return'), Settings::Get('panel.adminmail_defname'));
+				}
+			}
+
+			$_mailerror = false;
+			$mailerr_msg = "";
+			try {
+				$_mail->Subject = $subject;
+				$_mail->AltBody = $message;
+				$_mail->MsgHTML(nl2br($message));
+				$_mail->AddAddress(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname'));
+				$_mail->Send();
+			} catch (\PHPMailer\PHPMailer\Exception $e) {
+				$mailerr_msg = $e->errorMessage();
+				$_mailerror = true;
+			} catch (\Exception $e) {
+				$mailerr_msg = $e->getMessage();
+				$_mailerror = true;
+			}
+
+			$_mail->ClearAddresses();
+
+			if ($_mailerror) {
+				echo 'Error sending mail: ' . $mailerr_msg . "\n";
+			}
+		}
+
+		die($message);
+	}
+}

lib/formfields/admin/admin/formfield.admin_add.php

@@ -39,7 +39,7 @@ return array(
 						'label' => $lng['customer']['generated_pwd'],
 						'type' => 'text',
 						'visible' => (\Froxlor\Settings::Get('panel.password_regex') == ''),
-						'value' => generatePassword(),
+						'value' => \Froxlor\System::generatePassword(),
 					),
 					'def_language' => array(
 						'label' => $lng['login']['language'],

lib/formfields/admin/admin/formfield.admin_edit.php

@@ -48,7 +48,7 @@ return array(
 						'label' => $lng['customer']['generated_pwd'],
 						'type' => 'text',
 						'visible' => (\Froxlor\Settings::Get('panel.password_regex') == ''),
-						'value' => generatePassword(),
+						'value' => \Froxlor\System::generatePassword(),
 						'visible' => ($result['adminid'] == $userinfo['userid'] ? false : true)
 					),
 					'def_language' => array(

lib/formfields/admin/customer/formfield.customer_add.php

@@ -62,7 +62,7 @@ return array(
 						'label' => $lng['customer']['generated_pwd'],
 						'type' => 'text',
 						'visible' => (\Froxlor\Settings::Get('panel.password_regex') == ''),
-						'value' => generatePassword()
+						'value' => \Froxlor\System::generatePassword()
 					),
 					'sendpassword' => array(
 						'label' => $lng['admin']['sendpassword'],

lib/formfields/admin/customer/formfield.customer_edit.php

@@ -59,7 +59,7 @@ return array(
 						'label' => $lng['customer']['generated_pwd'],
 						'type' => 'text',
 						'visible' => (\Froxlor\Settings::Get('panel.password_regex') == ''),
-						'value' => generatePassword(),
+						'value' => \Froxlor\System::generatePassword(),
 					),
 					'def_language' => array(
 						'label' => $lng['login']['language'],

lib/formfields/customer/email/formfield.emails_accountchangepasswd.php

@@ -38,7 +38,7 @@ return array(
 						'label' => $lng['customer']['generated_pwd'],
 						'type' => 'text',
 						'visible' => (Settings::Get('panel.password_regex') == ''),
-						'value' => generatePassword(),
+						'value' => \Froxlor\System::generatePassword(),
 					)
 				)
 			)

lib/formfields/customer/email/formfield.emails_addaccount.php

@@ -38,7 +38,7 @@ return array(
 						'label' => $lng['customer']['generated_pwd'],
 						'type' => 'text',
 						'visible' => (Settings::Get('panel.password_regex') == ''),
-						'value' => generatePassword(),
+						'value' => \Froxlor\System::generatePassword(),
 					),
 					'email_quota' => array(
 						'visible' => (Settings::Get('system.mail_quota_enabled') == '1' ? true : false),

lib/formfields/customer/extras/formfield.htpasswd_add.php

@@ -44,7 +44,7 @@ return array(
 						'label' => $lng['customer']['generated_pwd'],
 						'type' => 'text',
 						'visible' => (Settings::Get('panel.password_regex') == ''),
-						'value' => generatePassword(),
+						'value' => \Froxlor\System::generatePassword(),
 					),
 					'directory_authname' => array(
 						'label' => $lng['extras']['htpasswdauthname'],

lib/formfields/customer/extras/formfield.htpasswd_edit.php

@@ -43,7 +43,7 @@ return array(
 						'label' => $lng['customer']['generated_pwd'],
 						'type' => 'text',
 						'visible' => (Settings::Get('panel.password_regex') == ''),
-						'value' => generatePassword(),
+						'value' => \Froxlor\System::generatePassword(),
 					),
 					'directory_authname' => array(
 						'label' => $lng['extras']['htpasswdauthname'],

lib/formfields/customer/ftp/formfield.ftp_add.php

@@ -54,7 +54,7 @@ return array(
 						'label' => $lng['customer']['generated_pwd'],
 						'type' => 'text',
 						'visible' => (Settings::Get('panel.password_regex') == ''),
-						'value' => generatePassword(),
+						'value' => \Froxlor\System::generatePassword(),
 					),
 					'sendinfomail' => array(
 						'label' => $lng['customer']['sendinfomail'],

lib/formfields/customer/ftp/formfield.ftp_edit.php

@@ -50,7 +50,7 @@ return array(
 						'label' => $lng['customer']['generated_pwd'],
 						'type' => 'text',
 						'visible' => (Settings::Get('panel.password_regex') == ''),
-						'value' => generatePassword(),
+						'value' => \Froxlor\System::generatePassword(),
 					),
 					'shell' => array(
 						'visible' => (Settings::Get('system.allow_customer_shell') == '1' ? true : false),

lib/formfields/customer/mysql/formfield.mysql_add.php

@@ -41,7 +41,7 @@ return array(
                         'label' => $lng['customer']['generated_pwd'],
                         'type' => 'text',
                         'visible' => (Settings::Get('panel.password_regex') == ''),
-                        'value' => generatePassword()
+                        'value' => \Froxlor\System::generatePassword()
                     ),
                     'sendinfomail' => array(
                         'label' => $lng['customer']['sendinfomail'],

lib/formfields/customer/mysql/formfield.mysql_edit.php

@@ -47,7 +47,7 @@ return array(
                         'label' => $lng['customer']['generated_pwd'],
                         'type' => 'text',
                         'visible' => (Settings::Get('panel.password_regex') == ''),
-                        'value' => generatePassword()
+                        'value' => \Froxlor\System::generatePassword()
                     )
                 )
             )

lib/functions/filedir/function.makeChownWithNewStats.php

@@ -1,54 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Functions
- *
- */
-
-/**
- * chowns either awstats or webalizer folder,
- * either with webserver-user or - if fcgid
- * is used - the customers name, #258
- *
- * @param array $row array if panel_customers
- *
- * @return void
- */
-function makeChownWithNewStats($row) {
-
-	// get correct user
-	if ((Settings::Get('system.mod_fcgid') == '1' || Settings::Get('phpfpm.enabled') == '1')
-		&& isset($row['deactivated'])
-		&& $row['deactivated'] == '0'
-	) {
-		$user = $row['loginname'];
-		$group = $row['loginname'];
-	} else {
-		$user = $row['guid'];
-		$group = $row['guid'];
-	}
-
-	// get correct directory
-	$dir = $row['documentroot'];
-	if (Settings::Get('system.awstats_enabled') == '1') {
-		$dir .= '/awstats/';
-	} else {
-		$dir .= '/webalizer/';
-	}
-
-	// only run chown if directory exists
-	if (file_exists($dir)) {
-		// run chown
-	 \Froxlor\FileDir::safe_exec('chown -R '.escapeshellarg($user).':'.escapeshellarg($group).' '.escapeshellarg(\Froxlor\FileDir::makeCorrectDir($dir)));
-	}
-}

lib/functions/froxlor/function.createAWStatsConf.php

@@ -1,100 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2003-2009 the SysCP Team (see authors).
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Florian Lippert <flo@syscp.org> (2003-2009)
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Functions
- *
- */
-
-/**
- * Create or modify the AWStats configuration file for the given domain.
- * Modified by Berend Dekens to allow custom configurations.
- *
- * @param logFile
- * @param siteDomain
- * @param hostAliases
- * @return null
- */
-function createAWStatsConf($logFile, $siteDomain, $hostAliases, $customerDocroot, $awstats_params = array()) {
-
-	// Generation header
-	$header = "## GENERATED BY FROXLOR\n";
-	$header2 = "## Do not remove the line above! This tells Froxlor to update this configuration\n## If you wish to manually change this configuration file, remove the first line to make sure Froxlor won't rebuild this file\n## Generated for domain {SITE_DOMAIN} on " . date('l dS \of F Y h:i:s A') . "\n";
-
-	$awstats_dir = \Froxlor\FileDir::makeCorrectDir($customerDocroot.'/awstats/'.$siteDomain.'/');
-	if (!is_dir($awstats_dir)) {
-	 \Froxlor\FileDir::safe_exec('mkdir -p '.escapeshellarg($awstats_dir));
-	}
-	// chown created folder, #258
-	makeChownWithNewStats($awstats_params);
-
-	// weird but could happen...
-	if (!is_dir(Settings::Get('system.awstats_conf'))) {
-	 \Froxlor\FileDir::safe_exec('mkdir -p '.escapeshellarg(Settings::Get('system.awstats_conf')));
-	}
-
-	// These are the variables we will replace
-	$regex = array(
-		'/\{LOG_FILE\}/',
-		'/\{SITE_DOMAIN\}/',
-		'/\{HOST_ALIASES\}/',
-		'/\{CUSTOMER_DOCROOT\}/',
-		'/\{AWSTATS_CONF\}/'
-	);
-	$replace = array(
-	 \Froxlor\FileDir::makeCorrectFile($logFile),
-		$siteDomain,
-		$hostAliases,
-		$awstats_dir,
-	 \Froxlor\FileDir::makeCorrectDir(Settings::Get('system.awstats_conf'))
-	);
-
-	// File names
-	$domain_file = \Froxlor\FileDir::makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.' . $siteDomain . '.conf');
-	$model_file = \Froxlor\Froxlor::getInstallDir().'/templates/misc/awstats/awstats.froxlor.model.conf';
-	$model_file = \Froxlor\FileDir::makeCorrectFile($model_file);
-
-	// Test if the file exists
-	if (file_exists($domain_file)) {
-		// Check for the generated header - if this is a manual modification we won't update
-		$awstats_domain_conf = fopen($domain_file, 'r');
-
-		if (fgets($awstats_domain_conf, strlen($header)) != $header) {
-			fclose($awstats_domain_conf);
-			return;
-		}
-
-		// Close the file
-		fclose($awstats_domain_conf);
-	}
-
-	$awstats_domain_conf = fopen($domain_file, 'w');
-	$awstats_model_conf = fopen($model_file, 'r');
-
-	// Write the header
-	fwrite($awstats_domain_conf, $header);
-	fwrite($awstats_domain_conf, preg_replace($regex, $replace, $header2));
-
-	// Write the configuration file
-	while (($line = fgets($awstats_model_conf, 4096)) !== false) {
-		if (!preg_match('/^#/', $line)
-		   && trim($line) != ''
-		) {
-			fwrite($awstats_domain_conf, preg_replace($regex, $replace, $line));
-		}
-	}
-
-	fclose($awstats_domain_conf);
-	fclose($awstats_model_conf);
-}

lib/functions/froxlor/function.generatePassword.php

@@ -1,68 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2011- the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Froxlor team <team@froxlor.org> (2011-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Functions
- *
- */
-
-/**
- * Generates a random password
- *
- * @param boolean $isSalt
- *            optional, create a hash for a salt used in makeCryptPassword because crypt() does not like some special characters in its salts, default is false
- */
-function generatePassword($isSalt = false)
-{
-    $alpha_lower = 'abcdefghijklmnopqrstuvwxyz';
-    $alpha_upper = strtoupper($alpha_lower);
-    $numeric = '0123456789';
-    $special = Settings::Get('panel.password_special_char');
-    $length = Settings::Get('panel.password_min_length') > 3 ? Settings::Get('panel.password_min_length') : 10;
-    
-    $pw = special_shuffle($alpha_lower);
-    $n = floor(($length) / 4);
-    
-    if (Settings::Get('panel.password_alpha_upper')) {
-        $pw .= mb_substr(special_shuffle($alpha_upper), 0, $n);
-    }
-    
-    if (Settings::Get('panel.password_numeric')) {
-        $pw .= mb_substr(special_shuffle($numeric), 0, $n);
-    }
-    
-    if (Settings::Get('panel.password_special_char_required') && !$isSalt) {
-        $pw .= mb_substr(special_shuffle($special), 0, $n);
-    }
-    
-    $pw = mb_substr($pw, - $length);
-    
-    return special_shuffle($pw);
-}
-
-/**
- * multibyte-character safe shuffle function
- *
- * @param string $str            
- *
- * @return string
- */
-function special_shuffle($str = null)
-{
-    $len = mb_strlen($str);
-    $sploded = array();
-    while ($len -- > 0) {
-        $sploded[] = mb_substr($str, $len, 1);
-    }
-    shuffle($sploded);
-    return join('', $sploded);
-}

lib/functions/output/function.dieWithMail.php

@@ -1,83 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Michael Kaufmann <mkaufmann@nutime.de>
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Cron
- *
- * @since      0.9.33
- *
- */
-use Froxlor\Settings;
-
-/**
- * Cronjob function to end a cronjob in a critical condition
- * but not without sending a notification mail to the admin
- *
- * @param string $message
- * @param string $subject
- *
- * @return void
- */
-function dieWithMail($message, $subject = "[froxlor] Cronjob error")
-{
-	if (Settings::Get('system.send_cron_errors') == '1') {
-
-		$_mail = new \PHPMailer\PHPMailer\PHPMailer(true);
-		$_mail->CharSet = "UTF-8";
-
-		if (Settings::Get('system.mail_use_smtp')) {
-			$_mail->isSMTP();
-			$_mail->Host = Settings::Get('system.mail_smtp_host');
-			$_mail->SMTPAuth = Settings::Get('system.mail_smtp_auth') == '1' ? true : false;
-			$_mail->Username = Settings::Get('system.mail_smtp_user');
-			$_mail->Password = Settings::Get('system.mail_smtp_passwd');
-			if (Settings::Get('system.mail_smtp_usetls')) {
-				$_mail->SMTPSecure = 'tls';
-			} else {
-				$mail->SMTPAutoTLS = false;
-			}
-			$_mail->Port = Settings::Get('system.mail_smtp_port');
-		}
-
-		if (\PHPMailer\PHPMailer\PHPMailer::ValidateAddress(Settings::Get('panel.adminmail')) !== false) {
-			// set return-to address and custom sender-name, see #76
-			$_mail->SetFrom(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname'));
-			if (Settings::Get('panel.adminmail_return') != '') {
-				$_mail->AddReplyTo(Settings::Get('panel.adminmail_return'), Settings::Get('panel.adminmail_defname'));
-			}
-		}
-
-		$_mailerror = false;
-		try {
-			$_mail->Subject = $subject;
-			$_mail->AltBody = $message;
-			$_mail->MsgHTML(nl2br($message));
-			$_mail->AddAddress(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname'));
-			$_mail->Send();
-		} catch (\PHPMailer\PHPMailer\Exception $e) {
-			$mailerr_msg = $e->errorMessage();
-			$_mailerror = true;
-		} catch (Exception $e) {
-			$mailerr_msg = $e->getMessage();
-			$_mailerror = true;
-		}
-
-		$_mail->ClearAddresses();
-
-		if ($_mailerror) {
-			echo 'Error sending mail: ' . $mailerr_msg . "\n";
-		}
-	}
-
-	die($message);
-}

lib/functions/system/function.getAvailablePasswordHashes.php

@@ -1,46 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2015 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Froxlor team <team@froxlor.org> (2014-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Functions
- *
- * @since      0.9.33.1
- */
-
-/**
- * return an array of available hashes for the crypt() function
- *
- * @return array
- */
-function getAvailablePasswordHashes()
-{
-	global $lng;
-
-	// get available pwd-hases
-	$available_pwdhashes = array(
-		0 => $lng['serversettings']['systemdefault']
-	);
-	if (defined('CRYPT_MD5') && CRYPT_MD5 == 1) {
-		$available_pwdhashes[1] = 'MD5';
-	}
-	if (defined('CRYPT_BLOWFISH') && CRYPT_BLOWFISH == 1) {
-		$available_pwdhashes[2] = 'BLOWFISH';
-	}
-	if (defined('CRYPT_SHA256') && CRYPT_SHA256 == 1) {
-		$available_pwdhashes[3] = 'SHA-256';
-	}
-	if (defined('CRYPT_SHA512') && CRYPT_SHA512 == 1) {
-		$available_pwdhashes[4] = 'SHA-512';
-	}
-
-	return $available_pwdhashes;
-}

lib/functions/system/function.makeCryptPassword.php

@@ -1,71 +0,0 @@
-<?php
-
-/**
- * This file is part of the Froxlor project.
- * Copyright (c) 2010 the Froxlor Team (see authors).
- *
- * For the full copyright and license information, please view the COPYING
- * file that was distributed with this source code. You can also view the
- * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
- *
- * @copyright  (c) the authors
- * @author     Michal Wojcik <m.wojcik@sonet3.pl>
- * @author     Michael Kaufmann <mkaufmann@nutime.de>
- * @author     Froxlor team <team@froxlor.org> (2010-)
- * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Functions
- *
- */
-
-/**
- * Make crypted password from clear text password
- *
- * @author Michal Wojcik <m.wojcik@sonet3.pl>
- * @author Michael Kaufmann <mkaufmann@nutime.de>
- * @author Froxlor team <team@froxlor.org> (2010-)
- *
- * 0 - default crypt (depenend on system configuration)
- * 1 - MD5 $1$
- * 2 - BLOWFISH $2a$ | $2y$07$ (on php 5.3.7+)
- * 3 - SHA-256 $5$ (default)
- * 4 - SHA-512 $6$
- *
- * @param string $password Password to be crypted
- *
- * @return string encrypted password
- */
-function makeCryptPassword ($password) {
-
-	$type = Settings::Get('system.passwordcryptfunc') !== null ? (int)Settings::Get('system.passwordcryptfunc') : 3;
-
-	switch ($type) {
-		case 0:
-			$cryptPassword = crypt($password);
-			break;
-		case 1:
-			$cryptPassword = crypt($password, '$1$' . generatePassword(true).  generatePassword(true));
-			break;
-		case 2:
-			if (version_compare(phpversion(), '5.3.7', '<')) {
-				$cryptPassword = crypt($password, '$2a$' . generatePassword(true).  generatePassword(true));
-			} else {
-				// Blowfish hashing with a salt as follows: "$2a$", "$2x$" or "$2y$",
-				// a two digit cost parameter, "$", and 22 characters from the alphabet "./0-9A-Za-z"
-				$cryptPassword = crypt(
-					$password,
-					'$2y$07$' . substr(generatePassword(true).generatePassword(true).generatePassword(true), 0, 22)
-				);
-			}
-			break;
-		case 3:
-			$cryptPassword = crypt($password, '$5$' . generatePassword(true).  generatePassword(true));
-			break;
-		case 4:
-			$cryptPassword = crypt($password, '$6$' . generatePassword(true).  generatePassword(true));
-			break;
-		default:
-			$cryptPassword = crypt($password);
-			break;
-	}
-	return $cryptPassword;
-}

lib/functions/validate/function.validatePasswordLogin.php

@@ -71,7 +71,7 @@ function validatePasswordLogin($userinfo = null, $password = null, $table = 'pan
 				UPDATE " . $table . " SET `password` = :newpasswd WHERE `" . $uid . "` = :uid
 			");
 			$params = array (
-				'newpasswd' => makeCryptPassword($password),
+				'newpasswd' => \Froxlor\System::makeCryptPassword($password),
 				'uid' => $userinfo[$uid]
 			);
 			Database::pexecute($upd_stmt, $params);

tests/Emails/EmailsTest.php

@@ -377,7 +377,7 @@ class MailsTest extends TestCase
 
 		$data = [
 			'emailaddr' => 'info@test2.local',
-			'email_password' => generatePassword(),
+			'email_password' => \Froxlor\System::generatePassword(),
 			'alternative_email' => 'noone@example.com',
 			'email_quota' => 1337,
 			'sendinfomail' => TRAVIS_CI == 1 ? 0 : 1
@@ -399,7 +399,7 @@ class MailsTest extends TestCase
 
 		$data = [
 			'emailaddr' => 'info@test2.local',
-			'email_password' => generatePassword(),
+			'email_password' => \Froxlor\System::generatePassword(),
 			'alternative_email' => 'noone@example.com',
 			'email_quota' => 1338
 		];
@@ -459,7 +459,7 @@ class MailsTest extends TestCase
 		// add account
 		$data = [
 			'emailaddr' => 'info@test2.local',
-			'email_password' => generatePassword(),
+			'email_password' => \Froxlor\System::generatePassword(),
 			'alternative_email' => 'noone@example.com',
 			'sendinfomail' => TRAVIS_CI == 1 ? 0 : 1
 		];

tests/Extras/DirProtectionsTest.php

@@ -27,7 +27,7 @@ class DirProtectionsTest extends TestCase
 		$data = [
 			'path' => '/test',
 			'username' => 'testing',
-			'directory_password' => generatePassword(),
+			'directory_password' => \Froxlor\System::generatePassword(),
 			'directory_authname' => 'test1'
 		];
 		$json_result = DirProtections::getLocal($customer_userdata, $data)->add();
@@ -49,7 +49,7 @@ class DirProtectionsTest extends TestCase
 		$data = [
 			'path' => '/test',
 			'username' => 'testing',
-			'directory_password' => generatePassword(),
+			'directory_password' => \Froxlor\System::generatePassword(),
 			'directory_authname' => 'test2'
 		];
 		$this->expectExceptionMessage("Combination of username and path already exists");
@@ -65,7 +65,7 @@ class DirProtectionsTest extends TestCase
 			'loginname' => 'test1'
 		))->get();
 		$customer_userdata = json_decode($json_result, true)['data'];
-		$up = generatePassword();
+		$up = \Froxlor\System::generatePassword();
 		$data = [
 			'path' => '/test',
 			'username' => $up,
@@ -146,7 +146,7 @@ class DirProtectionsTest extends TestCase
 
 		$data = [
 			'id' => 1,
-			'directory_password' => generatePassword(),
+			'directory_password' => \Froxlor\System::generatePassword(),
 			'directory_authname' => 'test1337'
 		];
 		$json_result = DirProtections::getLocal($customer_userdata, $data)->update();

tests/Mysqls/MysqlsTest.php

@@ -27,7 +27,7 @@ class MysqlsTest extends TestCase
 		$customer_userdata = json_decode($json_result, true)['data'];
 
 		$data = [
-			'mysql_password' => generatePassword(),
+			'mysql_password' => \Froxlor\System::generatePassword(),
 			'description' => 'testdb',
 			'sendinfomail' => TRAVIS_CI == 1 ? 0 : 1
 		];
@@ -103,7 +103,7 @@ class MysqlsTest extends TestCase
 
 		$data = [
 			'dbname' => 'test1sql1',
-			'mysql_password' => generatePassword(),
+			'mysql_password' => \Froxlor\System::generatePassword(),
 			'description' => 'testdb-upd',
 			'loginname' => 'test1'
 		];