maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

get rid of some more functions

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2018-12-20 07:43:40 +01:00
parent adc627ca4e
commit 8c896d60d6
31 changed files with 368 additions and 458 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
actions/admin/settings/210.security.php
View File

@@ -45,7 +45,7 @@ return array(
'type' => 'option',
'default' => 0,
'option_mode' => 'one',
'option_options_method' => 'getAvailablePasswordHashes',
'option_options_method' => array('\\Froxlor\\System', 'getAvailablePasswordHashes'),
'save_method' => 'storeSettingField',
),
'system_allow_error_report_admin' => array(

2
customer_index.php
View File

@@ -135,7 +135,7 @@ if ($page == 'overview') {
// Update ftp password
if (isset($_POST['change_main_ftp']) && $_POST['change_main_ftp'] == 'true') {
$cryptPassword = makeCryptPassword($new_password);
$cryptPassword = \Froxlor\System::makeCryptPassword($new_password);
$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
SET `password` = :password
WHERE `customerid` = :customerid

2
index.php
View File

@@ -624,7 +624,7 @@ if ($action == 'resetpwd') {
WHERE `customerid` = :userid");
}
Database::pexecute($stmt, array(
"newpassword" => makeCryptPassword($new_password),
"newpassword" => \Froxlor\System::makeCryptPassword($new_password),
"userid" => $result['userid']
));

6
lib/Froxlor/Api/Commands/Admins.php
View File

@@ -260,14 +260,14 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
}
if ($password == '') {
$password = generatePassword();
$password = \Froxlor\System::generatePassword();
}
$_theme = Settings::Get('panel.default_theme');
$ins_data = array(
'loginname' => $loginname,
'password' => makeCryptPassword($password),
'password' => \Froxlor\System::makeCryptPassword($password),
'name' => $name,
'email' => $email,
'lang' => $def_language,
@@ -530,7 +530,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
if ($password != '') {
$password = validatePassword($password, true);
$password = makeCryptPassword($password);
$password = \Froxlor\System::makeCryptPassword($password);
} else {
$password = $result['password'];
}

8
lib/Froxlor/Api/Commands/Customers.php
View File

@@ -378,7 +378,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
}
if ($password == '') {
$password = generatePassword();
$password = \Froxlor\System::generatePassword();
}
$_theme = Settings::Get('panel.default_theme');
@@ -386,7 +386,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
$ins_data = array(
'adminid' => $this->getUserDetail('adminid'),
'loginname' => $loginname,
'passwd' => makeCryptPassword($password),
'passwd' => \Froxlor\System::makeCryptPassword($password),
'name' => $name,
'firstname' => $firstname,
'gender' => $gender,
@@ -552,7 +552,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
Database::pexecute($ins_stmt, $ins_data, true, true);
inserttask('1');
$cryptPassword = makeCryptPassword($password);
$cryptPassword = \Froxlor\System::makeCryptPassword($password);
// add FTP-User
// @fixme use Ftp-ApiCommand later
$ins_stmt = Database::prepare("
@@ -941,7 +941,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
if ($password != '') {
$password = validatePassword($password, true);
$password = makeCryptPassword($password);
$password = \Froxlor\System::makeCryptPassword($password);
} else {
$password = $result['password'];
}

4
lib/Froxlor/Api/Commands/EmailAccounts.php
View File

@@ -122,7 +122,7 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
}
// encrypt the password
$cryptPassword = makeCryptPassword($password);
$cryptPassword = \Froxlor\System::makeCryptPassword($password);
$email_user = substr($email_full, 0, strrpos($email_full, "@"));
$email_domain = substr($email_full, strrpos($email_full, "@") + 1);
@@ -347,7 +347,7 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
standard_error('passwordshouldnotbeusername', '', true);
}
$password = validatePassword($password, true);
$cryptPassword = makeCryptPassword($password);
$cryptPassword = \Froxlor\System::makeCryptPassword($password);
$upd_query .= (Settings::Get('system.mailpwcleartext') == '1' ? "`password` = :password, " : '') . "`password_enc`= :password_enc";
$upd_params['password_enc'] = $cryptPassword;
if (Settings::Get('system.mailpwcleartext') == '1') {

4
lib/Froxlor/Api/Commands/Ftps.php
View File

@@ -129,7 +129,7 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
standard_error('passwordshouldnotbeusername', '', true);
} else {
$path = \Froxlor\FileDir::makeCorrectDir($customer['documentroot'] . '/' . $path);
$cryptPassword = makeCryptPassword($password);
$cryptPassword = \Froxlor\System::makeCryptPassword($password);
$stmt = Database::prepare("INSERT INTO `" . TABLE_FTP_USERS . "`
(`customerid`, `username`, `description`, `password`, `homedir`, `login_enabled`, `uid`, `gid`, `shell`)
@@ -358,7 +358,7 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
if ($password == $result['username']) {
standard_error('passwordshouldnotbeusername', '', true);
}
$cryptPassword = makeCryptPassword($password);
$cryptPassword = \Froxlor\System::makeCryptPassword($password);
$stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "`
SET `password` = :password

128
lib/Froxlor/Http/Statistics.php Normal file
View File

@@ -0,0 +1,128 @@
<?php
namespace Froxlor\Http;
use Froxlor\Settings;
class Statistics
{
/**
* Create or modify the AWStats configuration file for the given domain.
* Modified by Berend Dekens to allow custom configurations.
*
* @param logFile
* @param siteDomain
* @param hostAliases
* @return null
*/
public static function createAWStatsConf($logFile, $siteDomain, $hostAliases, $customerDocroot, $awstats_params = array()) {
// Generation header
$header = "## GENERATED BY FROXLOR\n";
$header2 = "## Do not remove the line above! This tells Froxlor to update this configuration\n## If you wish to manually change this configuration file, remove the first line to make sure Froxlor won't rebuild this file\n## Generated for domain {SITE_DOMAIN} on " . date('l dS \of F Y h:i:s A') . "\n";
$awstats_dir = \Froxlor\FileDir::makeCorrectDir($customerDocroot.'/awstats/'.$siteDomain.'/');
if (!is_dir($awstats_dir)) {
\Froxlor\FileDir::safe_exec('mkdir -p '.escapeshellarg($awstats_dir));
}
// chown created folder, #258
self::makeChownWithNewStats($awstats_params);
// weird but could happen...
if (!is_dir(Settings::Get('system.awstats_conf'))) {
\Froxlor\FileDir::safe_exec('mkdir -p '.escapeshellarg(Settings::Get('system.awstats_conf')));
}
// These are the variables we will replace
$regex = array(
'/\{LOG_FILE\}/',
'/\{SITE_DOMAIN\}/',
'/\{HOST_ALIASES\}/',
'/\{CUSTOMER_DOCROOT\}/',
'/\{AWSTATS_CONF\}/'
);
$replace = array(
\Froxlor\FileDir::makeCorrectFile($logFile),
$siteDomain,
$hostAliases,
$awstats_dir,
\Froxlor\FileDir::makeCorrectDir(Settings::Get('system.awstats_conf'))
);
// File names
$domain_file = \Froxlor\FileDir::makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.' . $siteDomain . '.conf');
$model_file = \Froxlor\Froxlor::getInstallDir().'/templates/misc/awstats/awstats.froxlor.model.conf';
$model_file = \Froxlor\FileDir::makeCorrectFile($model_file);
// Test if the file exists
if (file_exists($domain_file)) {
// Check for the generated header - if this is a manual modification we won't update
$awstats_domain_conf = fopen($domain_file, 'r');
if (fgets($awstats_domain_conf, strlen($header)) != $header) {
fclose($awstats_domain_conf);
return;
}
// Close the file
fclose($awstats_domain_conf);
}
$awstats_domain_conf = fopen($domain_file, 'w');
$awstats_model_conf = fopen($model_file, 'r');
// Write the header
fwrite($awstats_domain_conf, $header);
fwrite($awstats_domain_conf, preg_replace($regex, $replace, $header2));
// Write the configuration file
while (($line = fgets($awstats_model_conf, 4096)) !== false) {
if (!preg_match('/^#/', $line)
&& trim($line) != ''
) {
fwrite($awstats_domain_conf, preg_replace($regex, $replace, $line));
}
}
fclose($awstats_domain_conf);
fclose($awstats_model_conf);
}
/**
* chowns either awstats or webalizer folder,
* either with webserver-user or - if fcgid
* is used - the customers name, #258
*
* @param array $row array if panel_customers
*
* @return void
*/
public static function makeChownWithNewStats($row) {
// get correct user
if ((Settings::Get('system.mod_fcgid') == '1' || Settings::Get('phpfpm.enabled') == '1')
&& isset($row['deactivated'])
&& $row['deactivated'] == '0'
) {
$user = $row['loginname'];
$group = $row['loginname'];
} else {
$user = $row['guid'];
$group = $row['guid'];
}
// get correct directory
$dir = $row['documentroot'];
if (Settings::Get('system.awstats_enabled') == '1') {
$dir .= '/awstats/';
} else {
$dir .= '/webalizer/';
}
// only run chown if directory exists
if (file_exists($dir)) {
// run chown
\Froxlor\FileDir::safe_exec('chown -R '.escapeshellarg($user).':'.escapeshellarg($group).' '.escapeshellarg(\Froxlor\FileDir::makeCorrectDir($dir)));
}
}
}

204
lib/Froxlor/System.php Normal file
View File

@@ -0,0 +1,204 @@
<?php
namespace Froxlor\System;
use Froxlor\Settings;
class System
{
/**
* Generates a random password
*
* @param boolean $isSalt
* optional, create a hash for a salt used in \Froxlor\System::makeCryptPassword because crypt() does not like some special characters in its salts, default is false
*/
public static function generatePassword($isSalt = false)
{
$alpha_lower = 'abcdefghijklmnopqrstuvwxyz';
$alpha_upper = strtoupper($alpha_lower);
$numeric = '0123456789';
$special = Settings::Get('panel.password_special_char');
$length = Settings::Get('panel.password_min_length') > 3 ? Settings::Get('panel.password_min_length') : 10;
$pw = self::special_shuffle($alpha_lower);
$n = floor(($length) / 4);
if (Settings::Get('panel.password_alpha_upper')) {
$pw .= mb_substr(self::special_shuffle($alpha_upper), 0, $n);
}
if (Settings::Get('panel.password_numeric')) {
$pw .= mb_substr(self::special_shuffle($numeric), 0, $n);
}
if (Settings::Get('panel.password_special_char_required') && ! $isSalt) {
$pw .= mb_substr(self::special_shuffle($special), 0, $n);
}
$pw = mb_substr($pw, - $length);
return self::special_shuffle($pw);
}
/**
* multibyte-character safe shuffle function
*
* @param string $str
*
* @return string
*/
private static function special_shuffle($str = null)
{
$len = mb_strlen($str);
$sploded = array();
while ($len -- > 0) {
$sploded[] = mb_substr($str, $len, 1);
}
shuffle($sploded);
return join('', $sploded);
}
/**
* Make crypted password from clear text password
*
* @author Michal Wojcik <m.wojcik@sonet3.pl>
* @author Michael Kaufmann <mkaufmann@nutime.de>
* @author Froxlor team <team@froxlor.org> (2010-)
*
* 0 - default crypt (depenend on system configuration)
* 1 - MD5 $1$
* 2 - BLOWFISH $2a$ | $2y$07$ (on php 5.3.7+)
* 3 - SHA-256 $5$ (default)
* 4 - SHA-512 $6$
*
* @param string $password
* Password to be crypted
*
* @return string encrypted password
*/
public static function makeCryptPassword($password)
{
$type = Settings::Get('system.passwordcryptfunc') !== null ? (int) Settings::Get('system.passwordcryptfunc') : 3;
switch ($type) {
case 0:
$cryptPassword = crypt($password);
break;
case 1:
$cryptPassword = crypt($password, '$1$' . self::generatePassword(true) . self::generatePassword(true));
break;
case 2:
if (version_compare(phpversion(), '5.3.7', '<')) {
$cryptPassword = crypt($password, '$2a$' . self::generatePassword(true) . self::generatePassword(true));
} else {
// Blowfish hashing with a salt as follows: "$2a$", "$2x$" or "$2y$",
// a two digit cost parameter, "$", and 22 characters from the alphabet "./0-9A-Za-z"
$cryptPassword = crypt($password, '$2y$07$' . substr(self::generatePassword(true) . self::generatePassword(true) . self::generatePassword(true), 0, 22));
}
break;
case 3:
$cryptPassword = crypt($password, '$5$' . self::generatePassword(true) . self::generatePassword(true));
break;
case 4:
$cryptPassword = crypt($password, '$6$' . self::generatePassword(true) . self::generatePassword(true));
break;
default:
$cryptPassword = crypt($password);
break;
}
return $cryptPassword;
}
/**
* return an array of available hashes for the crypt() function
*
* @return array
*/
public static function getAvailablePasswordHashes()
{
global $lng;
// get available pwd-hases
$available_pwdhashes = array(
0 => $lng['serversettings']['systemdefault']
);
if (defined('CRYPT_MD5') && CRYPT_MD5 == 1) {
$available_pwdhashes[1] = 'MD5';
}
if (defined('CRYPT_BLOWFISH') && CRYPT_BLOWFISH == 1) {
$available_pwdhashes[2] = 'BLOWFISH';
}
if (defined('CRYPT_SHA256') && CRYPT_SHA256 == 1) {
$available_pwdhashes[3] = 'SHA-256';
}
if (defined('CRYPT_SHA512') && CRYPT_SHA512 == 1) {
$available_pwdhashes[4] = 'SHA-512';
}
return $available_pwdhashes;
}
/**
* Cronjob function to end a cronjob in a critical condition
* but not without sending a notification mail to the admin
*
* @param string $message
* @param string $subject
*
* @return void
*/
public static function dieWithMail($message, $subject = "[froxlor] Cronjob error")
{
if (Settings::Get('system.send_cron_errors') == '1') {
$_mail = new \PHPMailer\PHPMailer\PHPMailer(true);
$_mail->CharSet = "UTF-8";
if (Settings::Get('system.mail_use_smtp')) {
$_mail->isSMTP();
$_mail->Host = Settings::Get('system.mail_smtp_host');
$_mail->SMTPAuth = Settings::Get('system.mail_smtp_auth') == '1' ? true : false;
$_mail->Username = Settings::Get('system.mail_smtp_user');
$_mail->Password = Settings::Get('system.mail_smtp_passwd');
if (Settings::Get('system.mail_smtp_usetls')) {
$_mail->SMTPSecure = 'tls';
} else {
$_mail->SMTPAutoTLS = false;
}
$_mail->Port = Settings::Get('system.mail_smtp_port');
}
if (\PHPMailer\PHPMailer\PHPMailer::ValidateAddress(Settings::Get('panel.adminmail')) !== false) {
// set return-to address and custom sender-name, see #76
$_mail->SetFrom(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname'));
if (Settings::Get('panel.adminmail_return') != '') {
$_mail->AddReplyTo(Settings::Get('panel.adminmail_return'), Settings::Get('panel.adminmail_defname'));
}
}
$_mailerror = false;
$mailerr_msg = "";
try {
$_mail->Subject = $subject;
$_mail->AltBody = $message;
$_mail->MsgHTML(nl2br($message));
$_mail->AddAddress(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname'));
$_mail->Send();
} catch (\PHPMailer\PHPMailer\Exception $e) {
$mailerr_msg = $e->errorMessage();
$_mailerror = true;
} catch (\Exception $e) {
$mailerr_msg = $e->getMessage();
$_mailerror = true;
}
$_mail->ClearAddresses();
if ($_mailerror) {
echo 'Error sending mail: ' . $mailerr_msg . "\n";
}
}
die($message);
}
}

2
lib/formfields/admin/admin/formfield.admin_add.php
View File

@@ -39,7 +39,7 @@ return array(
'label' => $lng['customer']['generated_pwd'],
'type' => 'text',
'visible' => (\Froxlor\Settings::Get('panel.password_regex') == ''),
'value' => generatePassword(),
'value' => \Froxlor\System::generatePassword(),
),
'def_language' => array(
'label' => $lng['login']['language'],

2
lib/formfields/admin/admin/formfield.admin_edit.php
View File

@@ -48,7 +48,7 @@ return array(
'label' => $lng['customer']['generated_pwd'],
'type' => 'text',
'visible' => (\Froxlor\Settings::Get('panel.password_regex') == ''),
'value' => generatePassword(),
'value' => \Froxlor\System::generatePassword(),
'visible' => ($result['adminid'] == $userinfo['userid'] ? false : true)
),
'def_language' => array(

2
lib/formfields/admin/customer/formfield.customer_add.php
View File

@@ -62,7 +62,7 @@ return array(
'label' => $lng['customer']['generated_pwd'],
'type' => 'text',
'visible' => (\Froxlor\Settings::Get('panel.password_regex') == ''),
'value' => generatePassword()
'value' => \Froxlor\System::generatePassword()
),
'sendpassword' => array(
'label' => $lng['admin']['sendpassword'],

2
lib/formfields/admin/customer/formfield.customer_edit.php
View File

@@ -59,7 +59,7 @@ return array(
'label' => $lng['customer']['generated_pwd'],
'type' => 'text',
'visible' => (\Froxlor\Settings::Get('panel.password_regex') == ''),
'value' => generatePassword(),
'value' => \Froxlor\System::generatePassword(),
),
'def_language' => array(
'label' => $lng['login']['language'],

2
lib/formfields/customer/email/formfield.emails_accountchangepasswd.php
View File

@@ -38,7 +38,7 @@ return array(
'label' => $lng['customer']['generated_pwd'],
'type' => 'text',
'visible' => (Settings::Get('panel.password_regex') == ''),
'value' => generatePassword(),
'value' => \Froxlor\System::generatePassword(),
)
)
)

2
lib/formfields/customer/email/formfield.emails_addaccount.php
View File

@@ -38,7 +38,7 @@ return array(
'label' => $lng['customer']['generated_pwd'],
'type' => 'text',
'visible' => (Settings::Get('panel.password_regex') == ''),
'value' => generatePassword(),
'value' => \Froxlor\System::generatePassword(),
),
'email_quota' => array(
'visible' => (Settings::Get('system.mail_quota_enabled') == '1' ? true : false),

2
lib/formfields/customer/extras/formfield.htpasswd_add.php
View File

@@ -44,7 +44,7 @@ return array(
'label' => $lng['customer']['generated_pwd'],
'type' => 'text',
'visible' => (Settings::Get('panel.password_regex') == ''),
'value' => generatePassword(),
'value' => \Froxlor\System::generatePassword(),
),
'directory_authname' => array(
'label' => $lng['extras']['htpasswdauthname'],

2
lib/formfields/customer/extras/formfield.htpasswd_edit.php
View File

@@ -43,7 +43,7 @@ return array(
'label' => $lng['customer']['generated_pwd'],
'type' => 'text',
'visible' => (Settings::Get('panel.password_regex') == ''),
'value' => generatePassword(),
'value' => \Froxlor\System::generatePassword(),
),
'directory_authname' => array(
'label' => $lng['extras']['htpasswdauthname'],

2
lib/formfields/customer/ftp/formfield.ftp_add.php
View File

@@ -54,7 +54,7 @@ return array(
'label' => $lng['customer']['generated_pwd'],
'type' => 'text',
'visible' => (Settings::Get('panel.password_regex') == ''),
'value' => generatePassword(),
'value' => \Froxlor\System::generatePassword(),
),
'sendinfomail' => array(
'label' => $lng['customer']['sendinfomail'],

2
lib/formfields/customer/ftp/formfield.ftp_edit.php
View File

@@ -50,7 +50,7 @@ return array(
'label' => $lng['customer']['generated_pwd'],
'type' => 'text',
'visible' => (Settings::Get('panel.password_regex') == ''),
'value' => generatePassword(),
'value' => \Froxlor\System::generatePassword(),
),
'shell' => array(
'visible' => (Settings::Get('system.allow_customer_shell') == '1' ? true : false),

2
lib/formfields/customer/mysql/formfield.mysql_add.php
View File

@@ -41,7 +41,7 @@ return array(
'label' => $lng['customer']['generated_pwd'],
'type' => 'text',
'visible' => (Settings::Get('panel.password_regex') == ''),
'value' => generatePassword()
'value' => \Froxlor\System::generatePassword()
),
'sendinfomail' => array(
'label' => $lng['customer']['sendinfomail'],

2
lib/formfields/customer/mysql/formfield.mysql_edit.php
View File

@@ -47,7 +47,7 @@ return array(
'label' => $lng['customer']['generated_pwd'],
'type' => 'text',
'visible' => (Settings::Get('panel.password_regex') == ''),
'value' => generatePassword()
'value' => \Froxlor\System::generatePassword()
)
)
)

54
lib/functions/filedir/function.makeChownWithNewStats.php
View File

@@ -1,54 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
/**
* chowns either awstats or webalizer folder,
* either with webserver-user or - if fcgid
* is used - the customers name, #258
*
* @param array $row array if panel_customers
*
* @return void
*/
function makeChownWithNewStats($row) {
// get correct user
if ((Settings::Get('system.mod_fcgid') == '1' || Settings::Get('phpfpm.enabled') == '1')
&& isset($row['deactivated'])
&& $row['deactivated'] == '0'
) {
$user = $row['loginname'];
$group = $row['loginname'];
} else {
$user = $row['guid'];
$group = $row['guid'];
}
// get correct directory
$dir = $row['documentroot'];
if (Settings::Get('system.awstats_enabled') == '1') {
$dir .= '/awstats/';
} else {
$dir .= '/webalizer/';
}
// only run chown if directory exists
if (file_exists($dir)) {
// run chown
\Froxlor\FileDir::safe_exec('chown -R '.escapeshellarg($user).':'.escapeshellarg($group).' '.escapeshellarg(\Froxlor\FileDir::makeCorrectDir($dir)));
}
}

100
lib/functions/froxlor/function.createAWStatsConf.php
View File

@@ -1,100 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
/**
* Create or modify the AWStats configuration file for the given domain.
* Modified by Berend Dekens to allow custom configurations.
*
* @param logFile
* @param siteDomain
* @param hostAliases
* @return null
*/
function createAWStatsConf($logFile, $siteDomain, $hostAliases, $customerDocroot, $awstats_params = array()) {
// Generation header
$header = "## GENERATED BY FROXLOR\n";
$header2 = "## Do not remove the line above! This tells Froxlor to update this configuration\n## If you wish to manually change this configuration file, remove the first line to make sure Froxlor won't rebuild this file\n## Generated for domain {SITE_DOMAIN} on " . date('l dS \of F Y h:i:s A') . "\n";
$awstats_dir = \Froxlor\FileDir::makeCorrectDir($customerDocroot.'/awstats/'.$siteDomain.'/');
if (!is_dir($awstats_dir)) {
\Froxlor\FileDir::safe_exec('mkdir -p '.escapeshellarg($awstats_dir));
}
// chown created folder, #258
makeChownWithNewStats($awstats_params);
// weird but could happen...
if (!is_dir(Settings::Get('system.awstats_conf'))) {
\Froxlor\FileDir::safe_exec('mkdir -p '.escapeshellarg(Settings::Get('system.awstats_conf')));
}
// These are the variables we will replace
$regex = array(
'/\{LOG_FILE\}/',
'/\{SITE_DOMAIN\}/',
'/\{HOST_ALIASES\}/',
'/\{CUSTOMER_DOCROOT\}/',
'/\{AWSTATS_CONF\}/'
);
$replace = array(
\Froxlor\FileDir::makeCorrectFile($logFile),
$siteDomain,
$hostAliases,
$awstats_dir,
\Froxlor\FileDir::makeCorrectDir(Settings::Get('system.awstats_conf'))
);
// File names
$domain_file = \Froxlor\FileDir::makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.' . $siteDomain . '.conf');
$model_file = \Froxlor\Froxlor::getInstallDir().'/templates/misc/awstats/awstats.froxlor.model.conf';
$model_file = \Froxlor\FileDir::makeCorrectFile($model_file);
// Test if the file exists
if (file_exists($domain_file)) {
// Check for the generated header - if this is a manual modification we won't update
$awstats_domain_conf = fopen($domain_file, 'r');
if (fgets($awstats_domain_conf, strlen($header)) != $header) {
fclose($awstats_domain_conf);
return;
}
// Close the file
fclose($awstats_domain_conf);
}
$awstats_domain_conf = fopen($domain_file, 'w');
$awstats_model_conf = fopen($model_file, 'r');
// Write the header
fwrite($awstats_domain_conf, $header);
fwrite($awstats_domain_conf, preg_replace($regex, $replace, $header2));
// Write the configuration file
while (($line = fgets($awstats_model_conf, 4096)) !== false) {
if (!preg_match('/^#/', $line)
&& trim($line) != ''
) {
fwrite($awstats_domain_conf, preg_replace($regex, $replace, $line));
}
}
fclose($awstats_domain_conf);
fclose($awstats_model_conf);
}

68
lib/functions/froxlor/function.generatePassword.php
View File

@@ -1,68 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2011- the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2011-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
/**
* Generates a random password
*
* @param boolean $isSalt
* optional, create a hash for a salt used in makeCryptPassword because crypt() does not like some special characters in its salts, default is false
*/
function generatePassword($isSalt = false)
{
$alpha_lower = 'abcdefghijklmnopqrstuvwxyz';
$alpha_upper = strtoupper($alpha_lower);
$numeric = '0123456789';
$special = Settings::Get('panel.password_special_char');
$length = Settings::Get('panel.password_min_length') > 3 ? Settings::Get('panel.password_min_length') : 10;
$pw = special_shuffle($alpha_lower);
$n = floor(($length) / 4);
if (Settings::Get('panel.password_alpha_upper')) {
$pw .= mb_substr(special_shuffle($alpha_upper), 0, $n);
}
if (Settings::Get('panel.password_numeric')) {
$pw .= mb_substr(special_shuffle($numeric), 0, $n);
}
if (Settings::Get('panel.password_special_char_required') && !$isSalt) {
$pw .= mb_substr(special_shuffle($special), 0, $n);
}
$pw = mb_substr($pw, - $length);
return special_shuffle($pw);
}
/**
* multibyte-character safe shuffle function
*
* @param string $str
*
* @return string
*/
function special_shuffle($str = null)
{
$len = mb_strlen($str);
$sploded = array();
while ($len -- > 0) {
$sploded[] = mb_substr($str, $len, 1);
}
shuffle($sploded);
return join('', $sploded);
}

83
lib/functions/output/function.dieWithMail.php
View File

@@ -1,83 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Michael Kaufmann <mkaufmann@nutime.de>
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Cron
*
* @since 0.9.33
*
*/
use Froxlor\Settings;
/**
* Cronjob function to end a cronjob in a critical condition
* but not without sending a notification mail to the admin
*
* @param string $message
* @param string $subject
*
* @return void
*/
function dieWithMail($message, $subject = "[froxlor] Cronjob error")
{
if (Settings::Get('system.send_cron_errors') == '1') {
$_mail = new \PHPMailer\PHPMailer\PHPMailer(true);
$_mail->CharSet = "UTF-8";
if (Settings::Get('system.mail_use_smtp')) {
$_mail->isSMTP();
$_mail->Host = Settings::Get('system.mail_smtp_host');
$_mail->SMTPAuth = Settings::Get('system.mail_smtp_auth') == '1' ? true : false;
$_mail->Username = Settings::Get('system.mail_smtp_user');
$_mail->Password = Settings::Get('system.mail_smtp_passwd');
if (Settings::Get('system.mail_smtp_usetls')) {
$_mail->SMTPSecure = 'tls';
} else {
$mail->SMTPAutoTLS = false;
}
$_mail->Port = Settings::Get('system.mail_smtp_port');
}
if (\PHPMailer\PHPMailer\PHPMailer::ValidateAddress(Settings::Get('panel.adminmail')) !== false) {
// set return-to address and custom sender-name, see #76
$_mail->SetFrom(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname'));
if (Settings::Get('panel.adminmail_return') != '') {
$_mail->AddReplyTo(Settings::Get('panel.adminmail_return'), Settings::Get('panel.adminmail_defname'));
}
}
$_mailerror = false;
try {
$_mail->Subject = $subject;
$_mail->AltBody = $message;
$_mail->MsgHTML(nl2br($message));
$_mail->AddAddress(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname'));
$_mail->Send();
} catch (\PHPMailer\PHPMailer\Exception $e) {
$mailerr_msg = $e->errorMessage();
$_mailerror = true;
} catch (Exception $e) {
$mailerr_msg = $e->getMessage();
$_mailerror = true;
}
$_mail->ClearAddresses();
if ($_mailerror) {
echo 'Error sending mail: ' . $mailerr_msg . "\n";
}
}
die($message);
}

46
lib/functions/system/function.getAvailablePasswordHashes.php
View File

@@ -1,46 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2015 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2014-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
* @since 0.9.33.1
*/
/**
* return an array of available hashes for the crypt() function
*
* @return array
*/
function getAvailablePasswordHashes()
{
global $lng;
// get available pwd-hases
$available_pwdhashes = array(
0 => $lng['serversettings']['systemdefault']
);
if (defined('CRYPT_MD5') && CRYPT_MD5 == 1) {
$available_pwdhashes[1] = 'MD5';
}
if (defined('CRYPT_BLOWFISH') && CRYPT_BLOWFISH == 1) {
$available_pwdhashes[2] = 'BLOWFISH';
}
if (defined('CRYPT_SHA256') && CRYPT_SHA256 == 1) {
$available_pwdhashes[3] = 'SHA-256';
}
if (defined('CRYPT_SHA512') && CRYPT_SHA512 == 1) {
$available_pwdhashes[4] = 'SHA-512';
}
return $available_pwdhashes;
}

71
lib/functions/system/function.makeCryptPassword.php
View File

@@ -1,71 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Michal Wojcik <m.wojcik@sonet3.pl>
* @author Michael Kaufmann <mkaufmann@nutime.de>
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
/**
* Make crypted password from clear text password
*
* @author Michal Wojcik <m.wojcik@sonet3.pl>
* @author Michael Kaufmann <mkaufmann@nutime.de>
* @author Froxlor team <team@froxlor.org> (2010-)
*
* 0 - default crypt (depenend on system configuration)
* 1 - MD5 $1$
* 2 - BLOWFISH $2a$ | $2y$07$ (on php 5.3.7+)
* 3 - SHA-256 $5$ (default)
* 4 - SHA-512 $6$
*
* @param string $password Password to be crypted
*
* @return string encrypted password
*/
function makeCryptPassword ($password) {
$type = Settings::Get('system.passwordcryptfunc') !== null ? (int)Settings::Get('system.passwordcryptfunc') : 3;
switch ($type) {
case 0:
$cryptPassword = crypt($password);
break;
case 1:
$cryptPassword = crypt($password, '$1$' . generatePassword(true). generatePassword(true));
break;
case 2:
if (version_compare(phpversion(), '5.3.7', '<')) {
$cryptPassword = crypt($password, '$2a$' . generatePassword(true). generatePassword(true));
} else {
// Blowfish hashing with a salt as follows: "$2a$", "$2x$" or "$2y$",
// a two digit cost parameter, "$", and 22 characters from the alphabet "./0-9A-Za-z"
$cryptPassword = crypt(
$password,
'$2y$07$' . substr(generatePassword(true).generatePassword(true).generatePassword(true), 0, 22)
);
}
break;
case 3:
$cryptPassword = crypt($password, '$5$' . generatePassword(true). generatePassword(true));
break;
case 4:
$cryptPassword = crypt($password, '$6$' . generatePassword(true). generatePassword(true));
break;
default:
$cryptPassword = crypt($password);
break;
}
return $cryptPassword;
}

2
lib/functions/validate/function.validatePasswordLogin.php
View File

@@ -71,7 +71,7 @@ function validatePasswordLogin($userinfo = null, $password = null, $table = 'pan
UPDATE " . $table . " SET `password` = :newpasswd WHERE `" . $uid . "` = :uid
");
$params = array (
'newpasswd' => makeCryptPassword($password),
'newpasswd' => \Froxlor\System::makeCryptPassword($password),
'uid' => $userinfo[$uid]
);
Database::pexecute($upd_stmt, $params);

6
tests/Emails/EmailsTest.php
View File

@@ -377,7 +377,7 @@ class MailsTest extends TestCase
$data = [
'emailaddr' => 'info@test2.local',
'email_password' => generatePassword(),
'email_password' => \Froxlor\System::generatePassword(),
'alternative_email' => 'noone@example.com',
'email_quota' => 1337,
'sendinfomail' => TRAVIS_CI == 1 ? 0 : 1
@@ -399,7 +399,7 @@ class MailsTest extends TestCase
$data = [
'emailaddr' => 'info@test2.local',
'email_password' => generatePassword(),
'email_password' => \Froxlor\System::generatePassword(),
'alternative_email' => 'noone@example.com',
'email_quota' => 1338
];
@@ -459,7 +459,7 @@ class MailsTest extends TestCase
// add account
$data = [
'emailaddr' => 'info@test2.local',
'email_password' => generatePassword(),
'email_password' => \Froxlor\System::generatePassword(),
'alternative_email' => 'noone@example.com',
'sendinfomail' => TRAVIS_CI == 1 ? 0 : 1
];

8
tests/Extras/DirProtectionsTest.php
View File

@@ -27,7 +27,7 @@ class DirProtectionsTest extends TestCase
$data = [
'path' => '/test',
'username' => 'testing',
'directory_password' => generatePassword(),
'directory_password' => \Froxlor\System::generatePassword(),
'directory_authname' => 'test1'
];
$json_result = DirProtections::getLocal($customer_userdata, $data)->add();
@@ -49,7 +49,7 @@ class DirProtectionsTest extends TestCase
$data = [
'path' => '/test',
'username' => 'testing',
'directory_password' => generatePassword(),
'directory_password' => \Froxlor\System::generatePassword(),
'directory_authname' => 'test2'
];
$this->expectExceptionMessage("Combination of username and path already exists");
@@ -65,7 +65,7 @@ class DirProtectionsTest extends TestCase
'loginname' => 'test1'
))->get();
$customer_userdata = json_decode($json_result, true)['data'];
$up = generatePassword();
$up = \Froxlor\System::generatePassword();
$data = [
'path' => '/test',
'username' => $up,
@@ -146,7 +146,7 @@ class DirProtectionsTest extends TestCase
$data = [
'id' => 1,
'directory_password' => generatePassword(),
'directory_password' => \Froxlor\System::generatePassword(),
'directory_authname' => 'test1337'
];
$json_result = DirProtections::getLocal($customer_userdata, $data)->update();

4
tests/Mysqls/MysqlsTest.php
View File

@@ -27,7 +27,7 @@ class MysqlsTest extends TestCase
$customer_userdata = json_decode($json_result, true)['data'];
$data = [
'mysql_password' => generatePassword(),
'mysql_password' => \Froxlor\System::generatePassword(),
'description' => 'testdb',
'sendinfomail' => TRAVIS_CI == 1 ? 0 : 1
];
@@ -103,7 +103,7 @@ class MysqlsTest extends TestCase
$data = [
'dbname' => 'test1sql1',
'mysql_password' => generatePassword(),
'mysql_password' => \Froxlor\System::generatePassword(),
'description' => 'testdb-upd',
'loginname' => 'test1'
];