From 0ba04fbe420fb039a90b019cfc904c9873ee331a Mon Sep 17 00:00:00 2001 From: "Tilman Klaeger (tilman19)" Date: Sun, 2 Dec 2012 15:12:10 +0100 Subject: [PATCH 01/11] Change database structure to support multistack, #581 --- install/froxlor.sql | 12 ++++- .../updates/froxlor/0.9/update_0.9.inc.php | 49 ++++++++++++++++++- 2 files changed, 58 insertions(+), 3 deletions(-) diff --git a/install/froxlor.sql b/install/froxlor.sql index fac01608..347bc50c 100644 --- a/install/froxlor.sql +++ b/install/froxlor.sql @@ -539,7 +539,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES ('panel', 'phpconfigs_hidestdsubdomain', '0'), ('panel', 'allow_theme_change_admin', '1'), ('panel', 'allow_theme_change_customer', '1'), - ('panel', 'version', '0.9.29-dev3'); + ('panel', 'version', '0.9.29-dev4'); @@ -750,7 +750,6 @@ INSERT INTO `panel_phpconfigs` (`id`, `description`, `binary`, `file_extensions` (1, 'Default Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = Off\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 30\r\nmax_input_time = 60\r\nmemory_limit = 16M\r\n{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n'); - DROP TABLE IF EXISTS `aps_instances`; CREATE TABLE IF NOT EXISTS `aps_instances` ( `ID` int(4) NOT NULL auto_increment, @@ -917,3 +916,12 @@ CREATE TABLE IF NOT EXISTS `domain_docrootsettings` ( PRIMARY KEY (`id`) ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci; + + +DROP TABLE IF EXISTS `panel_domaintoip`; +CREATE TABLE IF NOT EXISTS `panel_domaintoip` ( + `id_domain` int(11) unsigned NOT NULL, + `id_ipandports` int(11) unsigned NOT NULL, + PRIMARY KEY (`id_domain`,`id_ipandports`) +) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci; + diff --git a/install/updates/froxlor/0.9/update_0.9.inc.php b/install/updates/froxlor/0.9/update_0.9.inc.php index 12984dd9..f9b4c48b 100644 --- a/install/updates/froxlor/0.9/update_0.9.inc.php +++ b/install/updates/froxlor/0.9/update_0.9.inc.php @@ -1985,7 +1985,7 @@ if(isFroxlorVersion('0.9.28-svn4')) { updateToVersion('0.9.28-svn5'); } -if(isFroxlorVersion('0.9.28-svn5')) { +if (isFroxlorVersion('0.9.28-svn5')) { showUpdateStep("Updating from 0.9.28-svn5 to 0.9.28-svn6", true); lastStepStatus(0); @@ -2109,3 +2109,50 @@ if (isFroxlorVersion('0.9.29-dev2')) { updateToVersion('0.9.29-dev3'); } + +if (isFroxlorVersion('0.9.29-dev3')) { + + showUpdateStep("Updating from 0.9.29-dev3 to 0.9.29-dev4", false); + + showUpdateStep("Adding new ip to domain - mapping-table"); + $db->query("DROP TABLE IF EXISTS `panel_domaintoip`;"); + $sql = "CREATE TABLE `".TABLE_DOMAINTOIP."` ( + `id_domain` int(11) unsigned NOT NULL, + `id_ipandports` int(11) unsigned NOT NULL, + PRIMARY KEY (`id_domain`, `id_ipandports`) + ) ENGINE=MyISAM ;"; + $db->query($sql); + lastStepStatus(0); + + showUpdateStep("Convert old domain to ip - mappings"); + $result = $db->query("SELECT `id`, `ipandport`, `ssl_ipandport`, `ssl_redirect`, `parentdomainid` FROM `" . TABLE_PANEL_DOMAINS . "`;"); + + while ($row = $db->fetch_array($result)) { + if ((int)$row['ipandport'] != 0) { + $db->query("INSERT INTO `".TABLE_DOMAINTOIP."` SET + `id_domain` = " . (int)$row['id'] . ", + `id_ipandports` = " . (int)$row['ipandport']); + } + if ((int)$row['ssl_ipandport'] != 0) { + $db->query("INSERT INTO `".TABLE_DOMAINTOIP."` SET + `id_domain` = " . (int)$row['id'] . ", + `id_ipandports` = " . (int)$row['ssl_ipandport']); + } + // Subdomains also have ssl ports if the parent has + elseif ((int)$row['ssl_ipandport'] == 0 && (int)$row['ssl_redirect'] != 0 && (int)$row['parentdomainid'] != 0) { + $db->query("INSERT INTO `".TABLE_DOMAINTOIP."` SET + `id_domain` = " . (int)$row['id'] . ", + `id_ipandports` = (SELECT `ssl_ipandport` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `id` = '".(int)$row['parentdomainid']."');"); + } + + } + lastStepStatus(0); + + showUpdateStep("Updating table layouts"); + $db->query("ALTER TABLE `".TABLE_PANEL_DOMAINS."` DROP `ipandport`;"); + $db->query("ALTER TABLE `".TABLE_PANEL_DOMAINS."` DROP `ssl`;"); + $db->query("ALTER TABLE `".TABLE_PANEL_DOMAINS."` DROP `ssl_ipandport`;"); + lastStepStatus(0); + + updateToVersion('0.9.28-svn6'); +} From a5048007def2083800e7e9785661b01df01cda3a Mon Sep 17 00:00:00 2001 From: "Tilman Klaeger (tilman19)" Date: Sun, 2 Dec 2012 15:14:21 +0100 Subject: [PATCH 02/11] Create multistack configuration for Apache, fixes #582 --- .../jobs/cron_tasks.inc.http.10.apache.php | 82 +++++++++++++------ 1 file changed, 59 insertions(+), 23 deletions(-) diff --git a/scripts/jobs/cron_tasks.inc.http.10.apache.php b/scripts/jobs/cron_tasks.inc.http.10.apache.php index 0136367d..3dfadf53 100644 --- a/scripts/jobs/cron_tasks.inc.http.10.apache.php +++ b/scripts/jobs/cron_tasks.inc.http.10.apache.php @@ -56,6 +56,7 @@ class apache $this->debugHandler = $debugHandler; $this->idnaConvert = $idnaConvert; $this->settings = $settings; + } protected function getDB() @@ -581,40 +582,51 @@ class apache protected function getVhostContent($domain, $ssl_vhost = false) { if ($ssl_vhost === true - && $domain['ssl'] != '1' + && ($domain['ssl_redirect'] != '1' + && $domain['ssl'] != '1') ) { return ''; } - if ($ssl_vhost === true - && $domain['ssl'] == '1' + $query = "SELECT * FROM `".TABLE_PANEL_IPSANDPORTS."` `i`, `".TABLE_DOMAINTOIP."` `dip` + WHERE dip.id_domain = '".$domain[id]."' AND i.id = dip.id_ipandports "; + + if ($ssl_vhost === true + && ($domain['ssl'] == '1' || $domain['ssl_redirect'] == '1') ) { - $query = "SELECT * FROM " . TABLE_PANEL_IPSANDPORTS . " WHERE `id`='" . $domain['ssl_ipandport'] . "'"; + $query .= "AND i.ssl = 1 ORDER BY i.ssl_cert_file ASC;"; // by ordering by cert-file the row with filled out SSL-Fields will be shown last, thus it is enough to fill out 1 set of SSL-Fields } else { - $query = "SELECT * FROM " . TABLE_PANEL_IPSANDPORTS . " WHERE `id`='" . $domain['ipandport'] . "'"; + $query .= "AND i.ssl = '0';"; } - $ipandport = $this->db->query_first($query); - $domain['ip'] = $ipandport['ip']; - $domain['port'] = $ipandport['port']; - $domain['ssl_cert_file'] = $ipandport['ssl_cert_file']; + $ipport = ''; + + $result = $this->db->query($query); + while ($ipandport = $this->db->fetch_array($result)) { + + $domain['ip'] = $ipandport['ip']; + $domain['port'] = $ipandport['port']; + + if (filter_var($domain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { + $ipport .= '['.$domain[ip].']:'.$domain[port]. ' '; + } else { + $ipport .= $domain[ip].':'.$domain[port].' '; + } + } + + $domain['ssl_cert_file'] = $ipandport['ssl_cert_file']; // save last delivered ssl settings $domain['ssl_key_file'] = $ipandport['ssl_key_file']; $domain['ssl_ca_file'] = $ipandport['ssl_ca_file']; // #418 $domain['ssl_cert_chainfile'] = $ipandport['ssl_cert_chainfile']; - if (filter_var($domain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { - $ipport = '[' . $domain['ip'] . ']:' . $domain['port']; - } else { - $ipport = $domain['ip'] . ':' . $domain['port']; - } - $vhost_content = '' . "\n"; - $vhost_content .= $this->getServerNames($domain); - if ($ssl_vhost == false + $vhost_content.= $this->getServerNames($domain); + + if(($ssl_vhost == false && $domain['ssl'] == '1' - && $domain['ssl_redirect'] == '1' + && $domain['ssl_redirect'] == '1') ) { $domain['documentroot'] = 'https://' . $domain['domain'] . '/'; } @@ -712,8 +724,32 @@ class apache */ public function createVirtualHosts() { - $result_domains = $this->db->query("SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`, `d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`, `c`.`documentroot` AS `customerroot`, `c`.`deactivated`, `c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`, `d`.`mod_fcgid_maxrequests` FROM `" . TABLE_PANEL_DOMAINS . "` `d` LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) " . "LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `pd` ON (`pd`.`id` = `d`.`parentdomainid`) " . "WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> 1 ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC"); + //$result_domains = $this->db->query("SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`, `d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`, `c`.`documentroot` AS `customerroot`, `c`.`deactivated`, `c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`, `d`.`mod_fcgid_maxrequests` FROM `" . TABLE_PANEL_DOMAINS . "` `d` LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) " . "LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `pd` ON (`pd`.`id` = `d`.`parentdomainid`) " . "WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> 1 ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC"); + $query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`, + `d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`, + `c`.`documentroot` AS `customerroot`, `c`.`deactivated`, + `c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`, + `d`.`mod_fcgid_maxrequests`, `p`.`ssl` AS `ssl`, + `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` + FROM `".TABLE_PANEL_DOMAINS."` `d` + + LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`) + LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`) + + INNER JOIN ( + SELECT * FROM ( + SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` + FROM `".TABLE_DOMAINTOIP."` `di` , `".TABLE_PANEL_IPSANDPORTS."` `p` + WHERE `p`.`id` = `di`.`id_ipandports` + ORDER BY `p`.`ssl` DESC + ) AS my_table_tmp + GROUP BY `id_domain` + ) AS p ON p.`id_domain` = `d`.`id` + + WHERE `d`.`aliasdomain` IS NULL + ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;"; + $result_domains = $this->db->query($query); while ($domain = $this->db->fetch_array($result_domains)) { fwrite($this->debugHandler, ' apache::createVirtualHosts: creating vhost container for domain ' . $domain['id'] . ', customer ' . $domain['loginname'] . "\n"); $this->logger->logAction(CRON_ACTION, LOG_INFO, 'creating vhost container for domain ' . $domain['id'] . ', customer ' . $domain['loginname']); @@ -723,11 +759,12 @@ class apache $this->virtualhosts_data[$vhosts_filename] = '# Domain ID: ' . $domain['id'] . ' - CustomerID: ' . $domain['customerid'] . ' - CustomerLogin: ' . $domain['loginname'] . "\n"; if ($domain['deactivated'] != '1' - || $this->settings['system']['deactivateddocroot'] != '' + || $this->settings['system']['deactivateddocroot'] != '' ) { - $this->virtualhosts_data[$vhosts_filename].= $this->getVhostContent($domain); + // Create vhost without ssl + $this->virtualhosts_data[$vhosts_filename].= $this->getVhostContent($domain, false); - if ($domain['ssl'] == '1') { + if ($domain['ssl'] == '1' || $domain['ssl_redirect'] == '1') { // Adding ssl stuff if enabled $vhosts_filename_ssl = $this->getVhostFilename($domain, true); $this->virtualhosts_data[$vhosts_filename_ssl] = '# Domain ID: ' . $domain['id'] . ' (SSL) - CustomerID: ' . $domain['customerid'] . ' - CustomerLogin: ' . $domain['loginname'] . "\n"; @@ -1039,7 +1076,6 @@ class apache fwrite($vhosts_file_handler, $vhosts_file); fclose($vhosts_file_handler); } - } } } From af899c290f272d894ca901f2eb2eae32c5a48940 Mon Sep 17 00:00:00 2001 From: "Tilman Klaeger (tilman19)" Date: Sun, 2 Dec 2012 15:15:04 +0100 Subject: [PATCH 03/11] Add multistack configuration for nginx, fixes #584 --- scripts/jobs/cron_tasks.inc.http.30.nginx.php | 187 +++++++++++------- 1 file changed, 120 insertions(+), 67 deletions(-) diff --git a/scripts/jobs/cron_tasks.inc.http.30.nginx.php b/scripts/jobs/cron_tasks.inc.http.30.nginx.php index 5393d35e..d11c8f3c 100644 --- a/scripts/jobs/cron_tasks.inc.http.30.nginx.php +++ b/scripts/jobs/cron_tasks.inc.http.30.nginx.php @@ -182,7 +182,6 @@ class nginx $this->nginx_data[$vhost_filename] .= "\t".'# Froxlor default vhost' . "\n"; $this->nginx_data[$vhost_filename] .= "\t".'server_name ' . $this->settings['system']['hostname'] . ';' . "\n"; - $this->nginx_data[$vhost_filename] .= "\t".'access_log /var/log/nginx/access.log;' . "\n"; $mypath = ''; @@ -214,15 +213,7 @@ class nginx * SSL config options */ if ($row_ipsandports['ssl'] == '1') { - if ($row_ipsandports['ssl_cert_file'] != '') { - $this->nginx_data[$vhost_filename] .= "\t" . 'ssl_certificate ' . makeCorrectFile($row_ipsandports['ssl_cert_file']) . ';' . "\n"; - } - if ($row_ipsandports['ssl_key_file'] != '') { - $this->nginx_data[$vhost_filename] .= "\t" . 'ssl_certificate_key ' .makeCorrectFile($row_ipsandports['ssl_key_file']) . ';' . "\n"; - } - if ($row_ipsandports['ssl_ca_file'] != '') { - $this->nginx_data[$vhost_filename] .= 'ssl_client_certificate ' . makeCorrectFile($row_ipsandports['ssl_ca_file']) . ';' . "\n"; - } + $this->nginx_data[$vhost_filename].=$this->composeSslSettings($row_ipsandports); } $this->nginx_data[$vhost_filename] .= "\t".'location ~ \.php$ {'."\n"; @@ -263,27 +254,41 @@ class nginx $this->createNginxHosts($row_ipsandports['ip'], $row_ipsandports['port'], $row_ipsandports['ssl'], $vhost_filename); } + $this->createNginxHosts(); + /** * standard error pages */ $this->_createStandardErrorHandler(); } - protected function createNginxHosts($ip, $port, $ssl, $vhost_filename) + protected function createNginxHosts() { - $query = "SELECT * FROM " . TABLE_PANEL_IPSANDPORTS . " WHERE `ip` = '" . $ip . "' AND `port` = '" . $port . "'"; - $ipandport = $this->db->query_first($query); + $query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`, + `d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`, + `c`.`documentroot` AS `customerroot`, `c`.`deactivated`, + `c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`, + `d`.`mod_fcgid_maxrequests`, `p`.`ssl` AS `ssl`, + `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` + FROM `".TABLE_PANEL_DOMAINS."` `d` + + LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`) + LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`) + + INNER JOIN ( + SELECT * FROM ( + SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` + FROM `".TABLE_DOMAINTOIP."` `di` , `".TABLE_PANEL_IPSANDPORTS."` `p` + WHERE `p`.`id` = `di`.`id_ipandports` + ORDER BY `p`.`ssl` DESC + ) AS my_table_tmp + GROUP BY `id_domain` + ) AS p ON p.`id_domain` = `d`.`id` + + WHERE `d`.`aliasdomain` IS NULL + ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;"; - $query2 = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`, `c`.`guid`, `c`.`email`, `c`.`documentroot` AS `customerroot`, `c`.`deactivated`, `c`.`phpenabled` AS `phpenabled` FROM `" . TABLE_PANEL_DOMAINS . "` `d` LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `pd` ON (`pd`.`id` = `d`.`parentdomainid`) "; - if ($ssl == '0') { - $query2 .= "WHERE `d`.`ipandport` = '" . $ipandport['id'] . "' "; - } else { - $query2 .= "WHERE `d`.`ssl_ipandport` = '" . $ipandport['id'] . "' "; - } - $query2 .= "AND `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> 1 ORDER BY `d`.`iswildcarddomain`, `d`.`domain` ASC"; - - $included_vhosts = array(); - $result_domains = $this->db->query($query2); + $result_domains = $this->db->query($query); while ($domain = $this->db->fetch_array($result_domains)) { if (is_dir($this->settings['system']['apacheconf_vhost'])) { safe_exec('mkdir -p '.escapeshellarg(makeCorrectDir($this->settings['system']['apacheconf_vhost']))); @@ -294,25 +299,20 @@ class nginx $this->nginx_data[$vhost_filename] = ''; } - $query = "SELECT * FROM " . TABLE_PANEL_IPSANDPORTS . " WHERE `id`='" . $domain['ipandport'] . "'"; - $ipandport = $this->db->query_first($query); - $domain['ip'] = $ipandport['ip']; - $domain['port'] = $ipandport['port']; - $domain['ssl_cert_file'] = $ipandport['ssl_cert_file']; - - if ((!empty($this->nginx_data[$vhost_filename]) && !is_dir($this->settings['system']['apacheconf_vhost'])) - || is_dir($this->settings['system']['apacheconf_vhost']) + if ((!empty($this->nginx_data[$vhost_filename]) + && !is_dir($this->settings['system']['apacheconf_vhost'])) + || is_dir($this->settings['system']['apacheconf_vhost']) ) { - if ($ssl == '1') { - $ssl_vhost = true; - $ips_and_ports_index = 'ssl_ipandport'; - } else { - $ssl_vhost = false; - $ips_and_ports_index = 'ipandport'; + // Create non-ssl host + $this->nginx_data[$vhost_filename].= $this->getVhostContent($domain, false); + if ($domain['ssl'] == '1' || $domain['ssl_redirect'] == '1') { + $vhost_filename_ssl = $this->getVhostFilename($domain, true); + if (!isset($this->nginx_data[$vhost_filename_ssl])) { + $this->nginx_data[$vhost_filename_ssl] = ''; + } + // Now enable ssl stuff + $this->nginx_data[$vhost_filename_ssl] .= $this->getVhostContent($domain, true); } - - $this->nginx_data[$vhost_filename].= $this->getVhostContent($domain, $ssl_vhost); - $this->nginx_data[$vhost_filename].= isset($this->needed_htpasswds[$domain[$ips_and_ports_index]]) ? $this->needed_htpasswds[$domain[$ips_and_ports_index]] . "\n" : ''; } } } @@ -347,35 +347,44 @@ class nginx { if ($ssl_vhost === true && $domain['ssl'] != '1' + && $domain['ssl_redirect'] != '1' ) { return ''; } - if ($ssl_vhost === true - && $domain['ssl'] == '1' - ) { - $query = "SELECT * FROM " . TABLE_PANEL_IPSANDPORTS . " WHERE `id`='" . $domain['ssl_ipandport'] . "'"; - } else { - $query = "SELECT * FROM " . TABLE_PANEL_IPSANDPORTS . " WHERE `id`='" . $domain['ipandport'] . "'"; - } - - $ipandport = $this->db->query_first($query); - $domain['ip'] = $ipandport['ip']; - $domain['port'] = $ipandport['port']; - $domain['ssl_cert_file'] = $ipandport['ssl_cert_file']; - - if (filter_var($domain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { - $ipport = '[' . $domain['ip'] . ']:' . $domain['port']; - } else { - $ipport = $domain['ip'] . ':' . $domain['port']; - } - $vhost_content = ''; + $vhost_content.= 'server { ' . "\n"; - // open vhost-container - $vhost_content .= 'server { ' . "\n"; - // listening statement (required) - $vhost_content .= "\t" . 'listen ' . $ipport . ($ssl_vhost == true ? ' ssl' : '') . ';' . "\n"; + $query = "SELECT * FROM `".TABLE_PANEL_IPSANDPORTS."` `i`, `".TABLE_DOMAINTOIP."` `dip` WHERE dip.id_domain = '$domain[id]' AND i.id = dip.id_ipandports "; + if ($ssl_vhost === true + && ($domain['ssl'] == '1' || $domain['ssl_redirect'] == '1') + ) { + // by ordering by cert-file the row with filled out SSL-Fields will be shown last, + // thus it is enough to fill out 1 set of SSL-Fields + $query .= "AND i.ssl = 1 ORDER BY i.ssl_cert_file ASC;"; + } else { + $query .= "AND i.ssl = '0';"; + } + + $result = $this->db->query($query); + while ($ipandport = $this->db->fetch_array($result)) { + + $domain['ip'] = $ipandport['ip']; + $domain['port'] = $ipandport['port']; + + if (filter_var($domain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { + $ipport = '[' . $domain['ip'] . ']:' . $domain['port']; + } else { + $ipport = $domain['ip'] . ':' . $domain['port']; + } + + $vhost_content.= "\t" . 'listen ' . $ipport . ($ssl_vhost == true ? ' ssl' : '') . ';' . "\n"; + } + $domain['ssl_cert_file'] = $ipandport['ssl_cert_file']; // save latest delivered ssl settings + $domain['ssl_key_file'] = $ipandport['ssl_key_file']; + $domain['ssl_ca_file'] = $ipandport['ssl_ca_file']; + // #418 + $domain['ssl_cert_chainfile'] = $ipandport['ssl_cert_chainfile']; // get all server-names $vhost_content .= $this->getServerNames($domain); @@ -383,8 +392,8 @@ class nginx // respect ssl_redirect settings, #542 if ($ssl_vhost == false && $domain['ssl'] == '1' - && $domain['ssl_redirect'] == '1' - ) { + && $domain['ssl_redirect'] == '1') + { $domain['documentroot'] = 'https://' . $domain['domain'] . '/'; } @@ -398,8 +407,17 @@ class nginx $vhost_content .= $this->getWebroot($domain, $ssl_vhost); if ($this->_deactivated == false) { - $vhost_content .= $this->create_pathOptions($domain); - $vhost_content .= $this->composePhpOptions($domain, $ssl_vhost); + + if ($ssl_vhost === true + && $domain['ssl'] == '1' + && $this->settings['system']['use_ssl'] == '1' + ) { + $vhost_content.= $this->composeSslSettings($domain); + } + $vhost_content.= $this->create_pathOptions($domain); + $vhost_content.= $this->composePhpOptions($domain, $ssl_vhost); + + $vhost_content.= isset($this->needed_htpasswds[$domain['id']]) ? $this->needed_htpasswds[$domain['id']] . "\n" : ''; if ($domain['specialsettings'] != "") { $vhost_content .= $domain['specialsettings'] . "\n"; @@ -432,6 +450,41 @@ class nginx return $vhost_content; } + protected function composeSslSettings($domain) { + + $sslsettings = ''; + + if ($domain['ssl_cert_file'] == '') { + $domain['ssl_cert_file'] = $this->settings['system']['ssl_cert_file']; + } + + if ($domain['ssl_key_file'] == '') { + $domain['ssl_key_file'] = $this->settings['system']['ssl_key_file']; + } + + if ($domain['ssl_ca_file'] == '') { + $domain['ssl_ca_file'] = $this->settings['system']['ssl_ca_file']; + } + + // #418 + if ($domain['ssl_cert_chainfile'] == '') { + $domain['ssl_cert_chainfile'] = $this->settings['system']['ssl_cert_chainfile']; + } + + if ($domain['ssl_cert_file'] != '') { + // FIXME ssl on now belongs to the listen block as 'ssl' at the end + $sslsettings .= "\t" . 'ssl on;' . "\n"; + $sslsettings .= "\t" . 'ssl_certificate ' . makeCorrectFile($domain['ssl_cert_file']) . ';' . "\n"; + $sslsettings .= "\t" . 'ssl_certificate_key ' .makeCorrectFile($domain['ssl_key_file']) . ';' . "\n"; + + if ($domain['ssl_ca_file'] != '') { + $sslsettings.= 'ssl_client_certificate ' . makeCorrectFile($domain['ssl_ca_file']) . ';' . "\n"; + } + } + + return $sslsettings; + } + protected function create_pathOptions($domain) { $has_location = false; From 0d3daace49f46b33afca03456a577cf2979130e9 Mon Sep 17 00:00:00 2001 From: "Tilman Klaeger (tilman19)" Date: Sun, 2 Dec 2012 15:15:51 +0100 Subject: [PATCH 04/11] Add multistack configuration to Bind nameserver, fixes #585 --- scripts/jobs/cron_tasks.inc.dns.10.bind.php | 85 +++++++++++---------- 1 file changed, 44 insertions(+), 41 deletions(-) diff --git a/scripts/jobs/cron_tasks.inc.dns.10.bind.php b/scripts/jobs/cron_tasks.inc.dns.10.bind.php index 45d719ca..752e33c0 100644 --- a/scripts/jobs/cron_tasks.inc.dns.10.bind.php +++ b/scripts/jobs/cron_tasks.inc.dns.10.bind.php @@ -92,7 +92,7 @@ class bind $known_filenames = array(); $bindconf_file = '# ' . $this->settings['system']['bindconf_directory'] . 'froxlor_bind.conf' . "\n" . '# Created ' . date('d.m.Y H:i') . "\n" . '# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.' . "\n" . "\n"; - $result_domains = $this->db->query("SELECT `d`.`id`, `d`.`domain`, `d`.`iswildcarddomain`, `d`.`customerid`, `d`.`zonefile`, `d`.`bindserial`, `d`.`dkim`, `d`.`dkim_id`, `d`.`dkim_pubkey`, `d`.`wwwserveralias`, `ip`.`ip`, `c`.`loginname`, `c`.`guid` FROM `" . TABLE_PANEL_DOMAINS . "` `d` LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) LEFT JOIN `" . TABLE_PANEL_IPSANDPORTS . "` AS `ip` ON(`d`.`ipandport`=`ip`.`id`) WHERE `d`.`isbinddomain` = '1' ORDER BY `d`.`domain` ASC"); + $result_domains = $this->db->query("SELECT `d`.`id`, `d`.`domain`, `d`.`iswildcarddomain`, `d`.`wwwserveralias`, `d`.`customerid`, `d`.`zonefile`, `d`.`bindserial`, `d`.`dkim`, `d`.`dkim_id`, `d`.`dkim_pubkey`, `c`.`loginname`, `c`.`guid` FROM `" . TABLE_PANEL_DOMAINS . "` `d` LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) WHERE `d`.`isbinddomain` = '1' ORDER BY `d`.`domain` ASC"); while($domain = $this->db->fetch_array($result_domains)) { @@ -179,17 +179,23 @@ class bind protected function generateZone($domain) { - if(filter_var($domain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) - { - $ip_a_record = 'A ' . $domain['ip']; - } - elseif(filter_var($domain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) - { - $ip_a_record = 'AAAA ' . $domain['ip']; - } - else - { - return ''; + /** Array to save all ips needed in the records (already including IN A/AAAA */ + $ip_a_records = array(); + /** Array to save DNS records */ + $records = array(); + + $result_ip = $this->db->query("SELECT `p`.`ip` AS `ip` FROM `".TABLE_PANEL_IPSANDPORTS."` `p`, `".TABLE_DOMAINTOIP."` `di` WHERE `di`.`id_domain` = '$domain[id]' AND `p`.`id` = `di`.`id_ipandports` GROUP BY `p`.`ip`;"); + + while ($ip = $this->db->fetch_array($result_ip)) { + + if(filter_var($ip['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) + $ip_a_records[] = "A $ip[ip]"; + + elseif(filter_var($ip['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) + $ip_a_records[] = "AAAA $ip[ip]"; + + else + return ";Error in at least one IP Adress ($ip[ip]), could not create zonefile!"; } $date = date('Ymd'); @@ -223,12 +229,12 @@ class bind if(count($this->mxservers) == 0) { $zonefile.= '@ IN MX 10 mail' . "\n"; - $zonefile.= 'mail IN ' . $ip_a_record . "\n"; + $records[] = 'mail'; if($domain['iswildcarddomain'] != '1') { - $zonefile.= 'imap IN ' . $ip_a_record . "\n"; - $zonefile.= 'smtp IN ' . $ip_a_record . "\n"; - $zonefile.= 'pop3 IN ' . $ip_a_record . "\n"; + $records[] = 'imap'; + $records[] = 'smtp'; + $records[] = 'pop3'; } } else @@ -240,12 +246,12 @@ class bind if($this->settings['system']['dns_createmailentry'] == '1') { - $zonefile.= 'mail IN ' . $ip_a_record . "\n"; + $records[] = 'mail'; if($domain['iswildcarddomain'] != '1') { - $zonefile.= 'imap IN ' . $ip_a_record . "\n"; - $zonefile.= 'smtp IN ' . $ip_a_record . "\n"; - $zonefile.= 'pop3 IN ' . $ip_a_record . "\n"; + $records[] = 'imap'; + $records[] = 'smtp'; + $records[] = 'pop3'; } } } @@ -286,37 +292,34 @@ class bind } } - $zonefile.= '@ IN ' . $ip_a_record . "\n"; - $zonefile.= 'www IN ' . $ip_a_record . "\n"; + $records[] = '@'; + $records[] = 'www'; + if($domain['iswildcarddomain'] == '1') { - $zonefile.= '* IN ' . $ip_a_record . "\n"; + $records[] = '*'; } - $subdomains = $this->db->query('SELECT `d`.`domain`, `ip`.`ip` AS `ip` FROM `' . TABLE_PANEL_DOMAINS . '` `d`, `' . TABLE_PANEL_IPSANDPORTS . '` `ip` WHERE `parentdomainid`=\'' . $domain['id'] . '\' AND `d`.`ipandport`=`ip`.`id`'); + $subdomains = $this->db->query("SELECT `domain` FROM `".TABLE_PANEL_DOMAINS."` WHERE `parentdomainid` = '$domain[id]';"); while($subdomain = $this->db->fetch_array($subdomains)) { - if(filter_var($subdomain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) - { - $zonefile.= str_replace('.' . $domain['domain'], '', $subdomain['domain']) . ' IN A ' . $subdomain['ip'] . "\n"; - - /* Check whether to add a www.-prefix */ - if($domain['wwwserveralias'] == '1') - { - $zonefile.= str_replace('www.' . $domain['domain'], '', $subdomain['domain']) . ' IN A ' . $subdomain['ip'] . "\n"; - } + // Listing domains is enough as there currently is no support for choosing + // different ips for a subdomain => use same IPs as toplevel + $records[] = str_replace('.' . $domain['domain'], '', $subdomain['domain']); + + // Check whether to add a www.-prefix + if ($domain['wwwserveralias'] == '1') { + $records[] = str_replace('.' . $domain['domain'], '', $subdomain['domain']); } - elseif(filter_var($domain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) - { - $zonefile.= str_replace('.' . $domain['domain'], '', $subdomain['domain']) . ' IN AAAA ' . $subdomain['ip'] . "\n"; + } - /* Check whether to add a www.-prefix */ - if($domain['wwwserveralias'] == '1') - { - $zonefile.= str_replace('www.' . $domain['domain'], '', $subdomain['domain']) . ' IN AAAA ' . $subdomain['ip'] . "\n"; - } + // Create DNS-Records for every name we have saved + foreach ($records as $record) { + // we create an entry for every ip we have saved + foreach ($ip_a_records as $ip_a_record) { + $zonefile.= $record . "\tIN\t" . $ip_a_record . "\n"; } } From 80f19c7dfb2522f09071774e420a31bf784dd05b Mon Sep 17 00:00:00 2001 From: "Tilman Klaeger (tilman19)" Date: Sun, 2 Dec 2012 15:16:22 +0100 Subject: [PATCH 05/11] Add multistack options to userpanel, fixes #586 --- admin_domains.php | 340 ++++++++++++++---- customer_domains.php | 31 +- .../DefinitionCache/Serializer/README | 0 .../admin/domains/formfield.domains_add.php | 26 +- .../admin/domains/formfield.domains_edit.php | 26 +- lib/tables.inc.php | 4 +- lng/english.lng.php | 2 +- lng/german.lng.php | 2 +- templates/Froxlor/admin/domains/domains.tpl | 2 +- 9 files changed, 312 insertions(+), 121 deletions(-) mode change 100644 => 100755 lib/classes/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer/README diff --git a/admin_domains.php b/admin_domains.php index a9c4597b..b40e96af 100644 --- a/admin_domains.php +++ b/admin_domains.php @@ -47,8 +47,6 @@ if($page == 'domains' $log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_domains"); $fields = array( 'd.domain' => $lng['domains']['domainname'], - 'ip.ip' => $lng['admin']['ipsandports']['ip'], - 'ip.port' => $lng['admin']['ipsandports']['port'], 'c.name' => $lng['customer']['name'], 'c.firstname' => $lng['customer']['firstname'], 'c.company' => $lng['customer']['company'], @@ -57,7 +55,7 @@ if($page == 'domains' ); $paging = new paging($userinfo, $db, TABLE_PANEL_DOMAINS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']); $domains = ''; - $result = $db->query("SELECT `d`.*, `c`.`loginname`, `c`.`name`, `c`.`firstname`, `c`.`company`, `c`.`standardsubdomain`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`, `ip`.`id` AS `ipid`, `ip`.`ip`, `ip`.`port` " . "FROM `" . TABLE_PANEL_DOMAINS . "` `d` " . "LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) " . "LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id` " . "LEFT JOIN `" . TABLE_PANEL_IPSANDPORTS . "` `ip` ON (`d`.`ipandport` = `ip`.`id`) " . "WHERE `d`.`parentdomainid`='0' " . ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = '" . (int)$userinfo['adminid'] . "' ") . " " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()); + $result = $db->query("SELECT `d`.*, `c`.`loginname`, `c`.`name`, `c`.`firstname`, `c`.`company`, `c`.`standardsubdomain`, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain` " . "FROM `" . TABLE_PANEL_DOMAINS . "` `d` " . "LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) " . "LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `ad` ON `d`.`aliasdomain`=`ad`.`id` WHERE `d`.`parentdomainid`='0' " . ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = '" . (int)$userinfo['adminid'] . "' ") . " " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()); $paging->setEntries($db->num_rows($result)); $sortcode = $paging->getHtmlSortCode($lng); $arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s); @@ -70,14 +68,21 @@ if($page == 'domains' $row['domain'] = $idna_convert->decode($row['domain']); $row['aliasdomain'] = $idna_convert->decode($row['aliasdomain']); - if(filter_var($row['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) + $resultips = $db->query("SELECT `ips`.* FROM `".TABLE_DOMAINTOIP . "` AS `dti`, `".TABLE_PANEL_IPSANDPORTS."` AS `ips` WHERE `dti`.`id_ipandports` = `ips`.`id` AND `dti`.`id_domain` = " . (int)$row['id']); + + $row['ipandport'] = ''; + while ($rowip = $db->fetch_array($resultips)) { - $row['ipandport'] = '[' . $row['ip'] . ']:' . $row['port']; - } - else - { - $row['ipandport'] = $row['ip'] . ':' . $row['port']; + if(filter_var($rowip['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) + { + $row['ipandport'] .= '[' . $rowip['ip'] . ']:' . $rowip['port'] . "\n"; + } + else + { + $row['ipandport'] .= $rowip['ip'] . ':' . $rowip['port'] . "\n"; + } } + $row['ipandport'] = substr($row['ipandport'], 0, -1); if(!isset($domain_array[$row['domain']])) { @@ -190,6 +195,7 @@ if($page == 'domains' $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `subdomains_used` = `subdomains_used` - " . (int)($deleted_domains - 1) . " WHERE `customerid` = '" . (int)$result['customerid'] . "'"); $db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `domains_used` = `domains_used` - 1 WHERE `adminid` = '" . (int)$userinfo['adminid'] . "'"); $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `standardsubdomain`=\'0\' WHERE `standardsubdomain`=\'' . (int)$result['id'] . '\' AND `customerid`=\'' . (int)$result['customerid'] . '\''); + $db->query("DELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = '" . (int)$id . "'"); $db->query("DELETE FROM `" . TABLE_PANEL_DOMAINREDIRECTS . "` WHERE `did` = '".(int)$id."'"); $log->logAction(ADM_ACTION, LOG_INFO, "deleted domain/subdomains (#" . $result['id'] . ")"); updateCounters(); @@ -383,42 +389,69 @@ if($page == 'domains' $additional_ip_condition = ''; } - $ipandport = intval($_POST['ipandport']); - $ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ipandport) . "' AND `ssl` = '0'" . $additional_ip_condition); - - if(!isset($ipandport_check['id']) - || $ipandport_check['id'] == '0' - || $ipandport_check['id'] != $ipandport) + $ipandports = array(); + if (isset($_POST['ipandport']) && !is_array($_POST['ipandport'])) { - standard_error('ipportdoesntexist'); + $_POST['ipandport'] = unserialize($_POST['ipandport']); + } + + if (isset($_POST['ipandport']) && is_array($_POST['ipandport'])) + { + foreach($_POST['ipandport'] as $ipandport) + { + $ipandport = intval($ipandport); + $ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ipandport) . "' " . $additional_ip_condition); + if(!isset($ipandport_check['id']) + || $ipandport_check['id'] == '0' + || $ipandport_check['id'] != $ipandport) + { + standard_error('ipportdoesntexist'); + } + else + { + $ipandports[] = $ipandport; + } + } } if($settings['system']['use_ssl'] == "1" - && isset($_POST['ssl']) - /*&& isset($_POST['ssl_redirect'])*/ - && isset($_POST['ssl_ipandport']) - && $_POST['ssl'] != '0') + && isset($_POST['ssl_ipandport'])) { - $ssl = 1; // if ssl is set and != 0 it can only be 1 $ssl_redirect = 0; if (isset($_POST['ssl_redirect'])) { $ssl_redirect = (int)$_POST['ssl_redirect']; } - $ssl_ipandport = (int)$_POST['ssl_ipandport']; - $ssl_ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ssl_ipandport) . "' AND `ssl` = '1'" . $additional_ip_condition); - if(!isset($ssl_ipandport_check['id']) - || $ssl_ipandport_check['id'] == '0' - || $ssl_ipandport_check['id'] != $ssl_ipandport) + $ssl_ipandports = array(); + if (isset($_POST['ssl_ipandport']) && !is_array($_POST['ssl_ipandport'])) { - standard_error('ipportdoesntexist'); + $_POST['ssl_ipandport'] = unserialize($_POST['ssl_ipandport']); } + + // Verify SSL-Ports + if (isset($_POST['ssl_ipandport']) && is_array($_POST['ssl_ipandport'])) + { + foreach($_POST['ssl_ipandport'] as $ssl_ipandport) + { + $ssl_ipandport = intval($ssl_ipandport); + $ssl_ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ssl_ipandport) . "' " . $additional_ip_condition); + if(!isset($ssl_ipandport_check['id']) + || $ssl_ipandport_check['id'] == '0' + || $ssl_ipandport_check['id'] != $ssl_ipandport) + { + standard_error('ipportdoesntexist'); + } + else + { + $ssl_ipandports[] = $ssl_ipandport; + } + } + } + } else { - $ssl = 0; $ssl_redirect = 0; - $ssl_ipandport = 0; } if(!preg_match('/^https?\:\/\//', $documentroot)) @@ -440,10 +473,23 @@ if($page == 'domains' if($aliasdomain != 0) { + // Overwrite given ipandports with these of the "main" domain + $ipandports = array(); + $origipresult = $db->query("SELECT `id_ipandports` FROM `" . TABLE_DOMAINTOIP ."` WHERE `id_domain` = '" . (int)$aliasdomain . "'"); + while($origip = $db->fetch_array($origipresult)) + { + $ipandports[] = $origip['id_ipandports']; + } + // also check ip/port combination to be the same, #176 $aliasdomain_check = $db->query_first('SELECT `d`.`id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$customerid . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$customerid . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\' AND `d`.`ipandport` = \''.(int)$ipandport.'\''); } + if(count($ipandports) == 0) + { + standard_error('noipportgiven'); + } + if($openbasedir != '1') { $openbasedir = '0'; @@ -545,7 +591,6 @@ if($page == 'domains' 'speciallogfile' => $speciallogfile, 'wwwserveralias' => $wwwserveralias, 'ipandport' => $ipandport, - 'ssl' => $ssl, 'ssl_redirect' => $ssl_redirect, 'ssl_ipandport' => $ssl_ipandport, 'openbasedir' => $openbasedir, @@ -578,9 +623,45 @@ if($page == 'domains' $question_nr++; } - $db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` (`domain`, `customerid`, `adminid`, `documentroot`, `ipandport`,`aliasdomain`, `zonefile`, `dkim`, `wwwserveralias`, `isbinddomain`, `isemaildomain`, `email_only`, `subcanemaildomain`, `caneditdomain`, `openbasedir`, `speciallogfile`, `specialsettings`, `ssl`, `ssl_redirect`, `ssl_ipandport`, `add_date`, `registration_date`, `phpsettingid`, `mod_fcgid_starter`, `mod_fcgid_maxrequests`, `ismainbutsubto`) VALUES ('" . $db->escape($domain) . "', '" . (int)$customerid . "', '" . (int)$adminid . "', '" . $db->escape($documentroot) . "', '" . $db->escape($ipandport) . "', " . (($aliasdomain != 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ", '" . $db->escape($zonefile) . "', '" . $db->escape($dkim) . "', '" . $db->escape($wwwserveralias) . "', '" . $db->escape($isbinddomain) . "', '" . $db->escape($isemaildomain) . "', '" . $db->escape($email_only) . "', '" . $db->escape($subcanemaildomain) . "', '" . $db->escape($caneditdomain) . "', '" . $db->escape($openbasedir) . "', '" . $db->escape($speciallogfile) . "', '" . $db->escape($specialsettings) . "', '" . $ssl . "', '" . $ssl_redirect . "' , '" . $ssl_ipandport . "', '" . $db->escape(time()) . "', '" . $db->escape($registration_date) . "', '" . (int)$phpsettingid . "', '" . (int)$mod_fcgid_starter . "', '" . (int)$mod_fcgid_maxrequests . "', '".(int)$issubof."')"); + $db->query("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET + `domain` = '" . $db->escape($domain) . "', + `customerid` = '" . (int)$customerid . "', + `adminid` = '" . (int)$adminid . "', + `documentroot` = '" . $db->escape($documentroot) . "', + `aliasdomain` = " . (($aliasdomain != 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ", + `zonefile` = '" . $db->escape($zonefile) . "', + `dkim` = '" . $db->escape($dkim) . "', + `wwwserveralias` = '" . $db->escape($wwwserveralias) . "', + `isbinddomain` = '" . $db->escape($isbinddomain) . "', + `isemaildomain` = '" . $db->escape($isemaildomain) . "', + `email_only` = '" . $db->escape($email_only) . "', + `subcanemaildomain` = '" . $db->escape($subcanemaildomain) . "', + `caneditdomain` = '" . $db->escape($caneditdomain) . "', + `openbasedir` = '" . $db->escape($openbasedir) . "', + `speciallogfile` = '" . $db->escape($speciallogfile) . "', + `specialsettings` = '" . $db->escape($specialsettings) . "', + `ssl_redirect` = '" . $ssl_redirect . "', + `add_date` = '" . $db->escape(time()) . "', + `registration_date` = '" . $db->escape($registration_date) . "', + `phpsettingid` = '" . (int)$phpsettingid . "', + `mod_fcgid_starter` = '" . (int)$mod_fcgid_starter . "', + `mod_fcgid_maxrequests` = '" . (int)$mod_fcgid_maxrequests . "', + `ismainbutsubto` = '".(int)$issubof."' + "); $domainid = $db->insert_id(); $db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `domains_used` = `domains_used` + 1 WHERE `adminid` = '" . (int)$adminid . "'"); + foreach ($ipandports as $ipportid) { + $db->query("INSERT INTO `" . TABLE_DOMAINTOIP . "` SET + `id_domain` = '" . $domainid . "', + `id_ipandports` = '" . (int)$ipportid . "'; + "); + } + foreach ($ssl_ipandports as $ssl_ipportid) { + $db->query("INSERT INTO `" . TABLE_DOMAINTOIP . "` SET + `id_domain` = '" . $domainid . "', + `id_ipandports` = '" . (int)$ssl_ipportid . "'; + "); + } $log->logAction(ADM_ACTION, LOG_INFO, "added domain '" . $domain . "'"); inserttask('1'); @@ -624,8 +705,8 @@ if($page == 'domains' $result_ssl_ipsandports = $db->query("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ssl`='1' AND `ip`='" . $admin_ip['ip'] . "' ORDER BY `ip`, `port` ASC"); } - $ipsandports = ''; - + // Build array holding all IPs and Ports available to this admin + $ipsandports = array(); while($row_ipandport = $db->fetch_array($result_ipsandports)) { if(filter_var($row_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) @@ -633,11 +714,10 @@ if($page == 'domains' $row_ipandport['ip'] = '[' . $row_ipandport['ip'] . ']'; } - $ipsandports.= makeoption($row_ipandport['ip'] . ':' . $row_ipandport['port'], $row_ipandport['id'], $settings['system']['defaultip']); + $ipsandports[] = array('label' => $row_ipandport['ip'] . ':' . $row_ipandport['port'], 'value' => $row_ipandport['id']); } - $ssl_ipsandports = ''; - + $ssl_ipsandports = array(); while($row_ssl_ipandport = $db->fetch_array($result_ssl_ipsandports)) { if(filter_var($row_ssl_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) @@ -645,7 +725,7 @@ if($page == 'domains' $row_ssl_ipandport['ip'] = '[' . $row_ssl_ipandport['ip'] . ']'; } - $ssl_ipsandports.= makeoption($row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'], $row_ssl_ipandport['id'], $settings['system']['defaultip']); + $ssl_ipsandports[] = array('label' => $row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'], 'value' => $row_ssl_ipandport['id']); } $standardsubdomains = array(); @@ -737,6 +817,13 @@ if($page == 'domains' } } + $ipsresult = $db->query("SELECT `id_ipandports` FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = '" . (int)$result['id'] . "'"); + $usedips = array(); + while ($ipsresultrow = $db->fetch_array($ipsresult)) + { + $usedips[] = $ipsresultrow['id_ipandports']; + } + if(isset($_POST['send']) && $_POST['send'] == 'send') { @@ -909,39 +996,70 @@ if($page == 'domains' $ipandport = intval($_POST['ipandport']); $ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ipandport) . "' AND `ssl` = '0'" . $additional_ip_condition); - if(!isset($ipandport_check['id']) - || $ipandport_check['id'] == '0' - || $ipandport_check['id'] != $ipandport) + $ipandports = array(); + if (isset($_POST['ipandport']) && !is_array($_POST['ipandport'])) { - standard_error('ipportdoesntexist'); + $_POST['ipandport'] = unserialize($_POST['ipandport']); } + if (isset($_POST['ipandport']) && is_array($_POST['ipandport'])) + { + foreach($_POST['ipandport'] as $ipandport) + { + $ipandport = intval($ipandport); + $ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ipandport) . "' " . $additional_ip_condition); + if(!isset($ipandport_check['id']) + || $ipandport_check['id'] == '0' + || $ipandport_check['id'] != $ipandport) + { + standard_error('ipportdoesntexist'); + } + else + { + $ipandports[] = $ipandport; + } + } + } if($settings['system']['use_ssl'] == "1" - && isset($_POST['ssl']) - /*&& isset($_POST['ssl_redirect'])*/ - && isset($_POST['ssl_ipandport']) - && $_POST['ssl'] != '0') + && isset($_POST['ssl_ipandport'])) { $ssl = 1; // if ssl is set and != 0, it can only be 1 $ssl_redirect = 0; if (isset($_POST['ssl_redirect'])) { $ssl_redirect = (int)$_POST['ssl_redirect']; } - $ssl_ipandport = (int)$_POST['ssl_ipandport']; + + $ssl_ipandport = intval($_POST['ssl_ipandport']); $ssl_ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ssl_ipandport) . "' AND `ssl` = '1'" . $additional_ip_condition); - if(!isset($ssl_ipandport_check['id']) - || $ssl_ipandport_check['id'] == '0' - || $ssl_ipandport_check['id'] != $ssl_ipandport) + $ssl_ipandports = array(); + if (isset($_POST['ssl_ipandport']) && !is_array($_POST['ssl_ipandport'])) { - standard_error('ipportdoesntexist'); + $_POST['ssl_ipandport'] = unserialize($_POST['ssl_ipandport']); + } + if (isset($_POST['ssl_ipandport']) && is_array($_POST['ssl_ipandport'])) + { + foreach($_POST['ssl_ipandport'] as $ssl_ipandport) + { + $ssl_ipandport = intval($ssl_ipandport); + $ssl_ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ssl_ipandport) . "' " . $additional_ip_condition); + if(!isset($ssl_ipandport_check['id']) + || $ssl_ipandport_check['id'] == '0' + || $ssl_ipandport_check['id'] != $ssl_ipandport) + { + standard_error('ipportdoesntexist'); + } + else + { + $ssl_ipandports[] = $ssl_ipandport; + } + } } } else { - $ssl = 0; $ssl_redirect = 0; - $ssl_ipandport = 0; + //$ssl_ipandports[] = ''; } if(!preg_match('/^https?\:\/\//', $documentroot)) @@ -994,11 +1112,23 @@ if($page == 'domains' 'id' => 0 ); - if($aliasdomain != 0) - { - // also check ip/port combination to be the same, #176 - $aliasdomain_check = $db->query_first('SELECT `d`.`id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$result['customerid'] . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$result['customerid'] . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\' AND `d`.`ipandport` = \''.(int)$ipandport.'\''); - } + if($aliasdomain != 0) + { + // Overwrite given ipandports with these of the "main" domain + $ipandports = array(); + $origipresult = $db->query("SELECT `id_ipandports` FROM `" . TABLE_DOMAINTOIP ."` WHERE `id_domain` = '" . (int)$aliasdomain . "'"); + while($origip = $db->fetch_array($origipresult)) + { + $ipandports[] = $origip['id_ipandports']; + } + + $aliasdomain_check = $db->query_first('SELECT `d`.`id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$customerid . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$customerid . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\''); + } + + if(count($ipandports) == 0) + { + standard_error('noipportgiven'); + } if($aliasdomain_check['id'] != $aliasdomain) { @@ -1026,10 +1156,7 @@ if($page == 'domains' 'zonefile' => $zonefile, 'dkim' => $dkim, 'wwwserveralias' => $wwwserveralias, - 'ipandport' => $ipandport, - 'ssl' => $ssl, 'ssl_redirect' => $ssl_redirect, - 'ssl_ipandport' => $ssl_ipandport, 'openbasedir' => $openbasedir, 'phpsettingid' => $phpsettingid, 'mod_fcgid_starter' => $mod_fcgid_starter, @@ -1037,7 +1164,9 @@ if($page == 'domains' 'specialsettings' => $specialsettings, 'registration_date' => $registration_date, 'issubof' => $issubof, - 'speciallogfile' => $speciallogfile + 'speciallogfile' => $speciallogfile, + 'ipandport' => serialize($ipandports), + 'ssl_ipandport' => serialize($ssl_ipandports) ); $security_questions = array( @@ -1060,10 +1189,7 @@ if($page == 'domains' } if($documentroot != $result['documentroot'] - || $ipandport != $result['ipandport'] - || $ssl != $result['ssl'] || $ssl_redirect != $result['ssl_redirect'] - || $ssl_ipandport != $result['ssl_ipandport'] || $wwwserveralias != $result['wwwserveralias'] || $openbasedir != $result['openbasedir'] || $phpsettingid != $result['phpsettingid'] @@ -1082,8 +1208,7 @@ if($page == 'domains' if($isbinddomain != $result['isbinddomain'] || $zonefile != $result['zonefile'] - || $dkim != $result['dkim'] - || $ipandport != $result['ipandport']) + || $dkim != $result['dkim']) { inserttask('4'); } @@ -1137,8 +1262,74 @@ if($page == 'domains' $log->logAction(ADM_ACTION, LOG_INFO, "removed specialsettings on all subdomains of domain #" . $id); } - $result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `customerid` = '" . (int)$customerid . "', `adminid` = '" . (int)$adminid . "', `documentroot`='" . $db->escape($documentroot) . "', `ipandport`='" . $db->escape($ipandport) . "', `ssl`='" . (int)$ssl . "', `ssl_redirect`='" . (int)$ssl_redirect . "', `ssl_ipandport`='" . (int)$ssl_ipandport . "', `aliasdomain`=" . (($aliasdomain != 0 && $alias_check == 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ", `isbinddomain`='" . $db->escape($isbinddomain) . "', `isemaildomain`='" . $db->escape($isemaildomain) . "', `email_only`='" . $db->escape($email_only) . "', `subcanemaildomain`='" . $db->escape($subcanemaildomain) . "', `dkim`='" . $db->escape($dkim) . "', `caneditdomain`='" . $db->escape($caneditdomain) . "', `zonefile`='" . $db->escape($zonefile) . "', `wwwserveralias`='" . $db->escape($wwwserveralias) . "', `openbasedir`='" . $db->escape($openbasedir) . "', `speciallogfile`='" . $db->escape($speciallogfile) . "', `phpsettingid`='" . $db->escape($phpsettingid) . "', `mod_fcgid_starter`='" . $db->escape($mod_fcgid_starter) . "', `mod_fcgid_maxrequests`='" . $db->escape($mod_fcgid_maxrequests) . "', `specialsettings`='" . $db->escape($specialsettings) . "', `registration_date`='" . $db->escape($registration_date) . "', `ismainbutsubto`='" . (int)$issubof . "' WHERE `id`='" . (int)$id . "'"); - $result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `customerid` = '" . (int)$customerid . "', `adminid` = '" . (int)$adminid . "', `ipandport`='" . $db->escape($ipandport) . "', `openbasedir`='" . $db->escape($openbasedir) . "', `phpsettingid`='" . $db->escape($phpsettingid) . "', `mod_fcgid_starter`='" . $db->escape($mod_fcgid_starter) . "', `mod_fcgid_maxrequests`='" . $db->escape($mod_fcgid_maxrequests) . "'" . $upd_specialsettings . $updatechildren . " WHERE `parentdomainid`='" . (int)$id . "'"); + $result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET + `customerid` = '" . (int)$customerid . "', + `adminid` = '" . (int)$adminid . "', + `documentroot`='" . $db->escape($documentroot) . "', + `ssl_redirect`='" . (int)$ssl_redirect . "', + `aliasdomain`=" . (($aliasdomain != 0 && $alias_check == 0) ? '\'' . $db->escape($aliasdomain) . '\'' : 'NULL') . ", + `isbinddomain`='" . $db->escape($isbinddomain) . "', + `isemaildomain`='" . $db->escape($isemaildomain) . "', + `email_only`='" . $db->escape($email_only) . "', + `subcanemaildomain`='" . $db->escape($subcanemaildomain) . "', + `dkim`='" . $db->escape($dkim) . "', + `caneditdomain`='" . $db->escape($caneditdomain) . "', + `zonefile`='" . $db->escape($zonefile) . "', + `wwwserveralias`='" . $db->escape($wwwserveralias) . "', + `openbasedir`='" . $db->escape($openbasedir) . "', + `speciallogfile`='" . $db->escape($speciallogfile) . "', + `phpsettingid`='" . $db->escape($phpsettingid) . "', + `mod_fcgid_starter`='" . $db->escape($mod_fcgid_starter) . "', + `mod_fcgid_maxrequests`='" . $db->escape($mod_fcgid_maxrequests) . "', + `specialsettings`='" . $db->escape($specialsettings) . "', + `registration_date`='" . $db->escape($registration_date) . "', + `ismainbutsubto`='" . (int)$issubof . "' WHERE `id`='" . (int)$id . "' + "); + $result = $db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET + `customerid` = '" . (int)$customerid . "', + `adminid` = '" . (int)$adminid . "', + `openbasedir`='" . $db->escape($openbasedir) . "', + `phpsettingid`='" . $db->escape($phpsettingid) . "', + `mod_fcgid_starter`='" . $db->escape($mod_fcgid_starter) . "', + `mod_fcgid_maxrequests`='" . $db->escape($mod_fcgid_maxrequests) . "' + " . $upd_specialsettings . $updatechildren . " + WHERE `parentdomainid`='" . (int)$id . "' + "); + + // Cleanup domain <-> ip mapping + $db->query("DELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = '" . (int)$id . "'"); + + foreach ($ipandports as $ipportid) { + $db->query("INSERT INTO `" . TABLE_DOMAINTOIP . "` SET + `id_domain` = '" . (int)$id . "', + `id_ipandports` = '" . (int)$ipportid . "'; + "); + } + foreach ($ssl_ipandports as $ssl_ipportid) { + $db->query("INSERT INTO `" . TABLE_DOMAINTOIP . "` SET + `id_domain` = '" . (int)$id . "', + `id_ipandports` = '" . (int)$ssl_ipportid . "'; + "); + } + + // Cleanup domain <-> ip mapping for subdomains + $domainidsresult = $db->query("SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `parentdomainid`='" . (int)$id . "'"); + while ($row = $db->fetch_array($domainidsresult)) { + $db->query("DELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = '" . (int)$row['id'] . "'"); + foreach ($ipandports as $ipportid) { + $db->query("INSERT INTO `" . TABLE_DOMAINTOIP . "` SET + `id_domain` = '" . (int)$row['id'] . "', + `id_ipandports` = '" . (int)$ipportid . "'; + "); + } + foreach ($ssl_ipandports as $ssl_ipportid) { + $db->query("INSERT INTO `" . TABLE_DOMAINTOIP . "` SET + `id_domain` = '" . (int)$row['id'] . "', + `id_ipandports` = '" . (int)$ssl_ipportid . "'; + "); + } + } + $log->logAction(ADM_ACTION, LOG_INFO, "edited domain #" . $id); $redirect_props = Array( 'page' => $page, @@ -1213,8 +1404,7 @@ if($page == 'domains' $result_ssl_ipsandports = $db->query("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ssl`='1' AND `ip`='" . $admin_ip['ip'] . "' ORDER BY `ip`, `port` ASC"); } - $ipsandports = ''; - + $ipsandports = array(); while($row_ipandport = $db->fetch_array($result_ipsandports)) { if(filter_var($row_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) @@ -1222,11 +1412,10 @@ if($page == 'domains' $row_ipandport['ip'] = '[' . $row_ipandport['ip'] . ']'; } - $ipsandports.= makeoption($row_ipandport['ip'] . ':' . $row_ipandport['port'], $row_ipandport['id'], $result['ipandport']); + $ipsandports[] = array('label' => $row_ipandport['ip'] . ':' . $row_ipandport['port'], 'value' => $row_ipandport['id']); } - $ssl_ipsandports = ''; - + $ssl_ipsandports = array(); while($row_ssl_ipandport = $db->fetch_array($result_ssl_ipsandports)) { if(filter_var($row_ssl_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) @@ -1234,7 +1423,7 @@ if($page == 'domains' $row_ssl_ipandport['ip'] = '[' . $row_ssl_ipandport['ip'] . ']'; } - $ssl_ipsandports.= makeoption($row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'], $row_ssl_ipandport['id'], $result['ssl_ipandport']); + $ssl_ipsandports[] = array('label' => $row_ssl_ipandport['ip'] . ':' . $row_ssl_ipandport['port'], 'value' => $row_ssl_ipandport['id']); } $result['specialsettings'] = $result['specialsettings']; @@ -1249,8 +1438,7 @@ if($page == 'domains' $phpconfigs = ''; $phpconfigs_result = $db->query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`"); - while($phpconfigs_row = $db->fetch_array($phpconfigs_result)) - { + while ($phpconfigs_row = $db->fetch_array($phpconfigs_result)) { $phpconfigs.= makeoption($phpconfigs_row['description'], $phpconfigs_row['id'], $result['phpsettingid'], true, true); } diff --git a/customer_domains.php b/customer_domains.php index ae594057..8bb8d77c 100644 --- a/customer_domains.php +++ b/customer_domains.php @@ -232,9 +232,9 @@ elseif($page == 'domains') $_doredirect = false; if($aliasdomain != 0) - { + { // also check ip/port combination to be the same, #176 - $aliasdomain_check = $db->query_first('SELECT `id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$userinfo['customerid'] . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$userinfo['customerid'] . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\' AND `d`.`ipandport` = \''.(int)$domain_check['ipandport'].'\''); + $aliasdomain_check = $db->query_first("SELECT `d`.`id` FROM `" . TABLE_PANEL_DOMAINS . "` `d` , `" . TABLE_PANEL_CUSTOMERS . "` `c` , `".TABLE_DOMAINTOIP."` `dip` WHERE `d`.`aliasdomain` IS NULL AND `d`.`id` = '".(int)$aliasdomain."' AND `c`.`standardsubdomain` <> `d`.`id` AND `d`.`customerid` = '" . (int)$userinfo['customerid'] . "' AND `c`.`customerid` = `d`.`customerid` AND `d`.`id` = `dip`.`id_domain` AND `dip`.`id_ipandports` IN (SELECT `id_ipandports` FROM `".TABLE_DOMAINTOIP."` WHERE `id_domain` = '".(int)$aliasdomain."') GROUP BY `d`.`domain` ORDER BY `d`.`domain` ASC;"); } if(isset($_POST['url']) @@ -336,7 +336,6 @@ elseif($page == 'domains') `customerid` = '" . (int)$userinfo['customerid'] . "', `domain` = '" . $db->escape($completedomain) . "', `documentroot` = '" . $db->escape($path) . "', - `ipandport` = '" . $db->escape($domain_check['ipandport']) . "', `aliasdomain` = ".(($aliasdomain != 0) ? "'" . $db->escape($aliasdomain) . "'" : "NULL") .", `parentdomainid` = '" . (int)$domain_check['id'] . "', `isemaildomain` = '" . ($domain_check['subcanemaildomain'] == '3' ? '1' : '0') . "', @@ -347,6 +346,8 @@ elseif($page == 'domains') `ssl_redirect` = '" . $ssl_redirect . "', `phpsettingid` = '" . $phpsid_result['phpsettingid'] . "'"); + $result = $db->query("INSERT INTO `".TABLE_DOMAINTOIP."` (`id_domain`, `id_ipandports`) SELECT LAST_INSERT_ID(), `id_ipandports` FROM `".TABLE_DOMAINTOIP."` WHERE `id_domain` = '" . (int)$domain_check['id'] . "';"); + if($_doredirect) { $did = $db->insert_id(); @@ -415,11 +416,13 @@ elseif($page == 'domains') elseif($action == 'edit' && $id != 0) { - $result = $db->query_first("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `d`.`ssl_redirect`, `d`.`aliasdomain`, `d`.`openbasedir_path`, `d`.`ipandport`, `pd`.`subcanemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_DOMAINS . "` `pd` WHERE `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `d`.`id`='" . (int)$id . "' AND ((`d`.`parentdomainid`!='0' AND `pd`.`id`=`d`.`parentdomainid`) OR (`d`.`parentdomainid`='0' AND `pd`.`id`=`d`.`id`)) AND `d`.`caneditdomain`='1'"); + $result = $db->query_first("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`iswildcarddomain`, `d`.`parentdomainid`, `d`.`ssl_redirect`, `d`.`aliasdomain`, `d`.`openbasedir_path`, `pd`.`subcanemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_DOMAINS . "` `pd` WHERE `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `d`.`id`='" . (int)$id . "' AND ((`d`.`parentdomainid`!='0' AND `pd`.`id`=`d`.`parentdomainid`) OR (`d`.`parentdomainid`='0' AND `pd`.`id`=`d`.`id`)) AND `d`.`caneditdomain`='1'"); $alias_check = $db->query_first('SELECT COUNT(`id`) AS count FROM `' . TABLE_PANEL_DOMAINS . '` WHERE `aliasdomain`=\'' . (int)$result['id'] . '\''); $alias_check = $alias_check['count']; $_doredirect = false; + + if(isset($result['customerid']) && $result['customerid'] == $userinfo['customerid']) { @@ -562,9 +565,10 @@ elseif($page == 'domains') else { $result['domain'] = $idna_convert->decode($result['domain']); + $domains = makeoption($lng['domains']['noaliasdomain'], 0, $result['aliasdomain'], true); // also check ip/port combination to be the same, #176 - $result_domains = $db->query("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `d`.`aliasdomain` IS NULL AND `d`.`id`<>'" . (int)$result['id'] . "' AND `c`.`standardsubdomain`<>`d`.`id` AND `d`.`customerid`='" . (int)$userinfo['customerid'] . "' AND `c`.`customerid`=`d`.`customerid` AND `d`.`ipandport` = '".(int)$result['ipandport']."' ORDER BY `d`.`domain` ASC"); + $result_domains = $db->query("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d` , `" . TABLE_PANEL_CUSTOMERS . "` `c` , `".TABLE_DOMAINTOIP."` `dip` WHERE `d`.`aliasdomain` IS NULL AND `d`.`id` <> '".(int)$result['id']."' AND `c`.`standardsubdomain` <> `d`.`id` AND `d`.`customerid` = '" . (int)$userinfo['customerid'] . "' AND `c`.`customerid` = `d`.`customerid` AND `d`.`id` = `dip`.`id_domain` AND `dip`.`id_ipandports` IN (SELECT `id_ipandports` FROM `".TABLE_DOMAINTOIP."` WHERE `id_domain` = '".(int)$result['id']."') GROUP BY `d`.`domain` ORDER BY `d`.`domain` ASC"); while($row_domain = $db->fetch_array($result_domains)) { @@ -611,11 +615,26 @@ elseif($page == 'domains') $openbasedir = makeoption($lng['domain']['docroot'], 0, $result['openbasedir_path'], true) . makeoption($lng['domain']['homedir'], 1, $result['openbasedir_path'], true); - $result_ipandport = $db->query_first("SELECT `ip` FROM `".TABLE_PANEL_IPSANDPORTS."` WHERE `id`='".(int)$result['ipandport']."'"); + $resultips = $db->query("SELECT `p`.`ip` AS `ip` FROM `".TABLE_PANEL_IPSANDPORTS."` `p` LEFT JOIN `".TABLE_DOMAINTOIP."` `dip` ON ( `dip`.`id_ipandports` = `p`.`id` ) WHERE `dip`.`id_domain` = '".(int)$result['id']."' GROUP BY `p`.`ip`"); + $result_ipandport['ip'] = ''; + while ($rowip = $db->fetch_array($resultips)) + { + if(filter_var($rowip['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) + { + $result_ipandport['ip'] .= '[' . $rowip['ip'] . ']' . "  \n"; + } + else + { + $result_ipandport['ip'] .= $rowip['ip'] . "  \n"; + } + } + + if(filter_var($result_ipandport['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { $result_ipandport['ip'] = '[' . $result_ipandport['ip'] . ']'; } + $domainip = $result_ipandport['ip']; $result = htmlentities_array($result); diff --git a/lib/classes/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer/README b/lib/classes/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer/README old mode 100644 new mode 100755 diff --git a/lib/formfields/admin/domains/formfield.domains_add.php b/lib/formfields/admin/domains/formfield.domains_add.php index 3b427c0f..19fb9bad 100644 --- a/lib/formfields/admin/domains/formfield.domains_add.php +++ b/lib/formfields/admin/domains/formfield.domains_add.php @@ -88,18 +88,16 @@ return array( ), 'ipandport' => array( 'label' => 'IP/Port', - 'type' => 'select', - 'select_var' => $ipsandports, - 'mandatory' => true, - ), - 'ssl' => array( - 'visible' => ($settings['system']['use_ssl'] == '1' ? ($ssl_ipsandports != '' ? true : false) : false), - 'label' => 'SSL', 'type' => 'checkbox', - 'values' => array( - array ('label' => $lng['panel']['yes'], 'value' => '1') - ), - 'value' => array() + 'values' => $ipsandports, + 'value' => array($settings['system']['defaultip']), + 'mandatory' => true + ), + 'ssl_ipandport' => array( + 'label' => 'IP/Port (SSL)', + 'type' => 'checkbox', + 'values' => $ssl_ipsandports, + 'value' => '' ), 'ssl_redirect' => array( 'visible' => ($settings['system']['use_ssl'] == '1' ? ($ssl_ipsandports != '' ? true : false) : false), @@ -110,12 +108,6 @@ return array( ), 'value' => array() ), - 'ssl_ipandport' => array( - 'visible' => ($settings['system']['use_ssl'] == '1' ? ($ssl_ipsandports != '' ? true : false) : false), - 'label' => 'SSL IP/Port', - 'type' => 'select', - 'select_var' => $ssl_ipsandports - ), 'no_ssl_available_info' => array( 'visible' => ($settings['system']['use_ssl'] == '1' ? ($ssl_ipsandports == '' ? true : false) : false), 'label' => 'SSL', diff --git a/lib/formfields/admin/domains/formfield.domains_edit.php b/lib/formfields/admin/domains/formfield.domains_edit.php index bbf8404b..e78e354f 100644 --- a/lib/formfields/admin/domains/formfield.domains_edit.php +++ b/lib/formfields/admin/domains/formfield.domains_edit.php @@ -99,18 +99,16 @@ return array( ), 'ipandport' => array( 'label' => 'IP/Port', - 'type' => 'select', - 'select_var' => $ipsandports, - 'mandatory' => true, - ), - 'ssl' => array( - 'visible' => ($settings['system']['use_ssl'] == '1' ? ($ssl_ipsandports != '' ? true : false) : false), - 'label' => 'SSL', 'type' => 'checkbox', - 'values' => array( - array ('label' => $lng['panel']['yes'], 'value' => '1') - ), - 'value' => array($result['ssl']) + 'values' => $ipsandports, + 'value' => $usedips, + 'mandatory' => true + ), + 'ssl_ipandport' => array( + 'label' => 'IP/Port (SSL)', + 'type' => 'checkbox', + 'values' => $ssl_ipsandports, + 'value' => $usedips ), 'ssl_redirect' => array( 'visible' => ($settings['system']['use_ssl'] == '1' ? ($ssl_ipsandports != '' ? true : false) : false), @@ -121,12 +119,6 @@ return array( ), 'value' => array($result['ssl_redirect']) ), - 'ssl_ipandport' => array( - 'visible' => ($settings['system']['use_ssl'] == '1' ? ($ssl_ipsandports != '' ? true : false) : false), - 'label' => 'SSL IP/Port', - 'type' => 'select', - 'select_var' => $ssl_ipsandports - ), 'no_ssl_available_info' => array( 'visible' => ($settings['system']['use_ssl'] == '1' ? ($ssl_ipsandports == '' ? true : false) : false), 'label' => 'SSL', diff --git a/lib/tables.inc.php b/lib/tables.inc.php index 7e7601a9..d8e16e7c 100644 --- a/lib/tables.inc.php +++ b/lib/tables.inc.php @@ -54,6 +54,7 @@ define('TABLE_PANEL_REDIRECTCODES', 'redirect_codes'); define('TABLE_PANEL_DOMAINREDIRECTS', 'domain_redirect_codes'); define('TABLE_PANEL_IPDOCROOTSETTINGS', 'ipsandports_docrootsettings'); define('TABLE_PANEL_DOMDOCROOTSETTINGS', 'domain_docrootsettings'); +define('TABLE_DOMAINTOIP', 'panel_domaintoip'); // APS constants @@ -72,7 +73,6 @@ define('PACKAGE_LOCKED', 1); define('PACKAGE_ENABLED', 2); // VERSION INFO - -$version = '0.9.29-dev3'; +$version = '0.9.29-dev4'; $dbversion = '2'; $branding = ''; diff --git a/lng/english.lng.php b/lng/english.lng.php index 9fb857ea..ae013d41 100644 --- a/lng/english.lng.php +++ b/lng/english.lng.php @@ -816,7 +816,7 @@ $lng['admin']['awstatssettings'] = 'AWstats settings'; // ADDED IN 1.2.19-svn16 $lng['admin']['domain_dns_settings'] = 'Domain dns settings'; -$lng['dns']['destinationip'] = 'Domain IP'; +$lng['dns']['destinationip'] = 'Domain IP(s)'; $lng['dns']['standardip'] = 'Server standard IP'; $lng['dns']['a_record'] = 'A-Record (IPv6 optional)'; $lng['dns']['cname_record'] = 'CNAME-Record'; diff --git a/lng/german.lng.php b/lng/german.lng.php index 5d1ec026..bb7c31ba 100644 --- a/lng/german.lng.php +++ b/lng/german.lng.php @@ -815,7 +815,7 @@ $lng['admin']['awstatssettings'] = 'AWstats Einstellungen'; // ADDED IN 1.2.19-svn16 $lng['admin']['domain_dns_settings'] = 'Domain DNS Einstellungen'; -$lng['dns']['destinationip'] = 'Domain IP'; +$lng['dns']['destinationip'] = 'Domain IP(s)'; $lng['dns']['standardip'] = 'Server Standard IP'; $lng['dns']['a_record'] = 'A-Eintrag (IPv6 optional)'; $lng['dns']['cname_record'] = 'CNAME-Eintrag'; diff --git a/templates/Froxlor/admin/domains/domains.tpl b/templates/Froxlor/admin/domains/domains.tpl index 1420e111..8ace9f0f 100644 --- a/templates/Froxlor/admin/domains/domains.tpl +++ b/templates/Froxlor/admin/domains/domains.tpl @@ -26,7 +26,7 @@ {$lng['domains']['domainname']} {$arrowcode['d.domain']} - {$lng['admin']['ipsandports']['ip']} {$arrowcode['ip.ip']} : {$lng['admin']['ipsandports']['port']} {$arrowcode['ip.port']} + {$lng['admin']['ipsandports']['ip']} : {$lng['admin']['ipsandports']['port']} {$lng['admin']['customer']}  {$arrowcode['c.loginname']} {$lng['panel']['options']} From 8aa74a9b9006f9833909bc9e3c179ce918fd1c9f Mon Sep 17 00:00:00 2001 From: "Michael Kaufmann (d00p)" Date: Mon, 29 Apr 2013 10:02:44 +0200 Subject: [PATCH 06/11] fixes for dualstack by tilman19 Signed-off-by: Michael Kaufmann (d00p) --- admin_domains.php | 64 ++++++--------- .../updates/froxlor/0.9/update_0.9.inc.php | 2 +- lib/classes/output/class.htmlform.php | 80 +++++++++---------- .../admin/domains/formfield.domains_add.php | 4 +- .../admin/domains/formfield.domains_edit.php | 4 +- 5 files changed, 72 insertions(+), 82 deletions(-) diff --git a/admin_domains.php b/admin_domains.php index b40e96af..60a418cf 100644 --- a/admin_domains.php +++ b/admin_domains.php @@ -128,6 +128,8 @@ if($page == 'domains' { $row['customername'] = getCorrectFullUserDetails($row); $row = htmlentities_array($row); + // display a nice list of IP's + $row['ipandport'] = str_replace("\n", "
", $row['ipandport']); eval("\$domains.=\"" . getTemplate("domains/domains_domain") . "\";"); $count++; } @@ -993,32 +995,24 @@ if($page == 'domains' $additional_ip_condition = ''; } - $ipandport = intval($_POST['ipandport']); - $ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ipandport) . "' AND `ssl` = '0'" . $additional_ip_condition); - - $ipandports = array(); - if (isset($_POST['ipandport']) && !is_array($_POST['ipandport'])) - { + $ipandports = array(); + if (isset($_POST['ipandport']) && !is_array($_POST['ipandport'])) { $_POST['ipandport'] = unserialize($_POST['ipandport']); } - if (isset($_POST['ipandport']) && is_array($_POST['ipandport'])) - { - foreach($_POST['ipandport'] as $ipandport) - { - $ipandport = intval($ipandport); - $ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ipandport) . "' " . $additional_ip_condition); - if(!isset($ipandport_check['id']) - || $ipandport_check['id'] == '0' - || $ipandport_check['id'] != $ipandport) - { - standard_error('ipportdoesntexist'); - } - else - { - $ipandports[] = $ipandport; - } - } - } + if (isset($_POST['ipandport']) && is_array($_POST['ipandport'])) { + foreach($_POST['ipandport'] as $ipandport) { + $ipandport = intval($ipandport); + $ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ipandport) . "' " . $additional_ip_condition); + if (!isset($ipandport_check['id']) + || $ipandport_check['id'] == '0' + || $ipandport_check['id'] != $ipandport + ) { + standard_error('ipportdoesntexist'); + } else { + $ipandports[] = $ipandport; + } + } + } if($settings['system']['use_ssl'] == "1" && isset($_POST['ssl_ipandport'])) @@ -1029,28 +1023,20 @@ if($page == 'domains' $ssl_redirect = (int)$_POST['ssl_redirect']; } - $ssl_ipandport = intval($_POST['ssl_ipandport']); - $ssl_ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ssl_ipandport) . "' AND `ssl` = '1'" . $additional_ip_condition); - $ssl_ipandports = array(); - if (isset($_POST['ssl_ipandport']) && !is_array($_POST['ssl_ipandport'])) - { + if (isset($_POST['ssl_ipandport']) && !is_array($_POST['ssl_ipandport'])) { $_POST['ssl_ipandport'] = unserialize($_POST['ssl_ipandport']); } - if (isset($_POST['ssl_ipandport']) && is_array($_POST['ssl_ipandport'])) - { - foreach($_POST['ssl_ipandport'] as $ssl_ipandport) - { + if (isset($_POST['ssl_ipandport']) && is_array($_POST['ssl_ipandport'])) { + foreach ($_POST['ssl_ipandport'] as $ssl_ipandport) { $ssl_ipandport = intval($ssl_ipandport); $ssl_ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ssl_ipandport) . "' " . $additional_ip_condition); - if(!isset($ssl_ipandport_check['id']) + if (!isset($ssl_ipandport_check['id']) || $ssl_ipandport_check['id'] == '0' - || $ssl_ipandport_check['id'] != $ssl_ipandport) - { + || $ssl_ipandport_check['id'] != $ssl_ipandport + ) { standard_error('ipportdoesntexist'); - } - else - { + } else { $ssl_ipandports[] = $ssl_ipandport; } } diff --git a/install/updates/froxlor/0.9/update_0.9.inc.php b/install/updates/froxlor/0.9/update_0.9.inc.php index f9b4c48b..bdd74191 100644 --- a/install/updates/froxlor/0.9/update_0.9.inc.php +++ b/install/updates/froxlor/0.9/update_0.9.inc.php @@ -2154,5 +2154,5 @@ if (isFroxlorVersion('0.9.29-dev3')) { $db->query("ALTER TABLE `".TABLE_PANEL_DOMAINS."` DROP `ssl_ipandport`;"); lastStepStatus(0); - updateToVersion('0.9.28-svn6'); + updateToVersion('0.9.29-dev4'); } diff --git a/lib/classes/output/class.htmlform.php b/lib/classes/output/class.htmlform.php index 6aa3a2c3..a6106547 100644 --- a/lib/classes/output/class.htmlform.php +++ b/lib/classes/output/class.htmlform.php @@ -15,7 +15,7 @@ * */ -class htmlform +class htmlform { /** * internal tmp-variable to store form @@ -39,7 +39,7 @@ class htmlform { /* * here be section title & image - */ + */ $title = $section['title']; $image = $section['image']; @@ -47,7 +47,7 @@ class htmlform { continue; } - + if (!isset($section['nobuttons']) || $section['nobuttons'] == false) { eval("self::\$_form .= \"" . getTemplate("misc/form/table_section", "1") . "\";"); } else { @@ -83,9 +83,9 @@ class htmlform $data_field = str_replace("\t", "", $data_field); $data_field = $fielddata['next_to_prefix'].$data_field; self::$_form = str_replace( - '{NEXTTOFIELD_'.$fielddata['next_to'].'}', - $data_field, - self::$_form + '{NEXTTOFIELD_'.$fielddata['next_to'].'}', + $data_field, + self::$_form ); $nexto = false; } @@ -150,8 +150,8 @@ class htmlform $extras .= ' size="'.$data['size'].'"'; } if(isset($data['autocomplete'])) { - $extras .= ' autocomplete="'.$data['autocomplete'].'"'; - } + $extras .= ' autocomplete="'.$data['autocomplete'].'"'; + } // add support to save reloaded forms if (isset($data['value'])) { @@ -161,7 +161,7 @@ class htmlform } else { $value = ''; } - + $ulfield = ($unlimited == true ? ' '.$data['ul_field'] : ''); if(isset($data['display']) && $data['display'] != '') { @@ -182,7 +182,7 @@ class htmlform if(isset($data['rows'])) { $extras .= ' rows="'.$data['rows'].'"'; } - + // add support to save reloaded forms if (isset($data['value'])) { $value = $data['value']; @@ -201,7 +201,7 @@ class htmlform { return $data['yesno_var']; } - + private static function _labelField($data = array()) { return $data['value']; @@ -217,33 +217,33 @@ class htmlform } else { $select_var = ''; } - - return ''; + + return ''; } - + /** * Function to generate checkboxes. - * + * * * $data = array( - * 'label' => $lng['customer']['email_imap'], - * 'type' => 'checkbox', - * 'values' => array( - * array( 'label' => 'active', - * 'value' => '1' - * ) - * ), - * 'value' => array('1'), - * 'mandatory' => true - * ) + * 'label' => $lng['customer']['email_imap'], + * 'type' => 'checkbox', + * 'values' => array( + * array( 'label' => 'active', + * 'value' => '1' + * ) + * ), + * 'value' => array('1'), + * 'mandatory' => true + * ) * - * + * * @param string $fieldname contains the fieldname * @param array $data contains the data array */ @@ -254,7 +254,7 @@ class htmlform } else { $checked = array(); } - + if (isset($_SESSION['requestData'])) { if(isset($_SESSION['requestData'][$fieldname])) { $checked = array($_SESSION['requestData'][$fieldname]); @@ -262,14 +262,14 @@ class htmlform $checked = array(); } } - + // default value is none, so the checkbox isn't an array $isArray = ''; - - if (count($data['values']) > 1) { + + if (count($data['values']) > 1 || (isset($data['is_array']) && $data['is_array'] == 1)) { $isArray = '[]'; } - + // will contain the output $output = ""; foreach($data['values'] as $val) { @@ -282,11 +282,11 @@ class htmlform break; } } - + $output .= ''; } - + return $output; } - + } diff --git a/lib/formfields/admin/domains/formfield.domains_add.php b/lib/formfields/admin/domains/formfield.domains_add.php index 19fb9bad..626cb530 100644 --- a/lib/formfields/admin/domains/formfield.domains_add.php +++ b/lib/formfields/admin/domains/formfield.domains_add.php @@ -91,13 +91,15 @@ return array( 'type' => 'checkbox', 'values' => $ipsandports, 'value' => array($settings['system']['defaultip']), + 'is_array' => 1, 'mandatory' => true ), 'ssl_ipandport' => array( 'label' => 'IP/Port (SSL)', 'type' => 'checkbox', 'values' => $ssl_ipsandports, - 'value' => '' + 'value' => '', + 'is_array' => 1 ), 'ssl_redirect' => array( 'visible' => ($settings['system']['use_ssl'] == '1' ? ($ssl_ipsandports != '' ? true : false) : false), diff --git a/lib/formfields/admin/domains/formfield.domains_edit.php b/lib/formfields/admin/domains/formfield.domains_edit.php index e78e354f..9f714d8f 100644 --- a/lib/formfields/admin/domains/formfield.domains_edit.php +++ b/lib/formfields/admin/domains/formfield.domains_edit.php @@ -102,13 +102,15 @@ return array( 'type' => 'checkbox', 'values' => $ipsandports, 'value' => $usedips, + 'is_array' => 1, 'mandatory' => true ), 'ssl_ipandport' => array( 'label' => 'IP/Port (SSL)', 'type' => 'checkbox', 'values' => $ssl_ipsandports, - 'value' => $usedips + 'value' => $usedips, + 'is_array' => 1 ), 'ssl_redirect' => array( 'visible' => ($settings['system']['use_ssl'] == '1' ? ($ssl_ipsandports != '' ? true : false) : false), From 9691a391029a17bce7a628d35773ac3bd5338056 Mon Sep 17 00:00:00 2001 From: "Michael Kaufmann (d00p)" Date: Thu, 2 May 2013 10:38:44 +0200 Subject: [PATCH 07/11] fix setting of default IP/Port (which still used panel_domain's ipandport-field), don't show ssl-enabled IP/Ports for default-ip (wrong default parameter of function getIpPortCombinations()), smaller fixes in bind- and lighttpdcronjob Signed-off-by: Michael Kaufmann (d00p) --- admin_domains.php | 37 ++++++---- .../function.getIpPortCombinations.php | 2 +- .../function.storeSettingDefaultIp.php | 32 ++++---- scripts/jobs/cron_tasks.inc.dns.10.bind.php | 25 ++++--- .../jobs/cron_tasks.inc.http.20.lighttpd.php | 74 ++++++++++--------- 5 files changed, 92 insertions(+), 78 deletions(-) diff --git a/admin_domains.php b/admin_domains.php index 60a418cf..727147fa 100644 --- a/admin_domains.php +++ b/admin_domains.php @@ -1098,23 +1098,24 @@ if($page == 'domains' 'id' => 0 ); - if($aliasdomain != 0) - { - // Overwrite given ipandports with these of the "main" domain - $ipandports = array(); - $origipresult = $db->query("SELECT `id_ipandports` FROM `" . TABLE_DOMAINTOIP ."` WHERE `id_domain` = '" . (int)$aliasdomain . "'"); - while($origip = $db->fetch_array($origipresult)) - { - $ipandports[] = $origip['id_ipandports']; - } + if ($aliasdomain != 0) { + // Overwrite given ipandports with these of the "main" domain + $ipandports = array(); + $origipresult = $db->query("SELECT `id_ipandports` FROM `" . TABLE_DOMAINTOIP ."` WHERE `id_domain` = '" . (int)$aliasdomain . "'"); + while ($origip = $db->fetch_array($origipresult)) { + $ipandports[] = $origip['id_ipandports']; + } + $aliasdomain_check = $db->query_first("SELECT `d`.`id` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` + WHERE `d`.`customerid`='" . (int)$customerid . "' + AND `d`.`aliasdomain` IS NULL AND + `d`.`id` <> `c`.`standardsubdomain` + AND `c`.`customerid`='" . (int)$customerid . "' + AND `d`.`id`='" . (int)$aliasdomain . "'"); + } - $aliasdomain_check = $db->query_first('SELECT `d`.`id` FROM `' . TABLE_PANEL_DOMAINS . '` `d`,`' . TABLE_PANEL_CUSTOMERS . '` `c` WHERE `d`.`customerid`=\'' . (int)$customerid . '\' AND `d`.`aliasdomain` IS NULL AND `d`.`id`<>`c`.`standardsubdomain` AND `c`.`customerid`=\'' . (int)$customerid . '\' AND `d`.`id`=\'' . (int)$aliasdomain . '\''); - } - - if(count($ipandports) == 0) - { - standard_error('noipportgiven'); - } + if (count($ipandports) == 0) { + standard_error('noipportgiven'); + } if($aliasdomain_check['id'] != $aliasdomain) { @@ -1282,6 +1283,10 @@ if($page == 'domains' WHERE `parentdomainid`='" . (int)$id . "' "); + // FIXME check how many we got and if the amount of assigned IP's + // has changed so we can insert a config-rebuild task if only + // the ip's of this domain were changed + // Cleanup domain <-> ip mapping $db->query("DELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_domain` = '" . (int)$id . "'"); diff --git a/lib/functions/froxlor/function.getIpPortCombinations.php b/lib/functions/froxlor/function.getIpPortCombinations.php index 24ba82e4..ee1294e3 100644 --- a/lib/functions/froxlor/function.getIpPortCombinations.php +++ b/lib/functions/froxlor/function.getIpPortCombinations.php @@ -17,7 +17,7 @@ * */ -function getIpPortCombinations($ssl = null) +function getIpPortCombinations($ssl = false) { global $db, $theme; diff --git a/lib/functions/settings/function.storeSettingDefaultIp.php b/lib/functions/settings/function.storeSettingDefaultIp.php index 66b9be4b..83d2fd35 100644 --- a/lib/functions/settings/function.storeSettingDefaultIp.php +++ b/lib/functions/settings/function.storeSettingDefaultIp.php @@ -16,30 +16,34 @@ * @package Functions * */ +function storeSettingDefaultIp($fieldname, $fielddata, $newfieldvalue) { -function storeSettingDefaultIp($fieldname, $fielddata, $newfieldvalue) -{ $returnvalue = storeSettingField($fieldname, $fielddata, $newfieldvalue); - if($returnvalue !== false && is_array($fielddata) && isset($fielddata['settinggroup']) && $fielddata['settinggroup'] == 'system' && isset($fielddata['varname']) && $fielddata['varname'] == 'defaultip') - { + if ($returnvalue !== false + && is_array($fielddata) + && isset($fielddata['settinggroup']) + && $fielddata['settinggroup'] == 'system' + && isset($fielddata['varname']) + && $fielddata['varname'] == 'defaultip' + ) { global $db, $theme; - - $customerstddomains_result = $db->query('SELECT `standardsubdomain` FROM `' . TABLE_PANEL_CUSTOMERS . '` WHERE `standardsubdomain` <> \'0\''); + + $customerstddomains_result = $db->query("SELECT `standardsubdomain` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `standardsubdomain` <> '0'"); $ids = array(); - while($customerstddomains_row = $db->fetch_array($customerstddomains_result)) - { + while($customerstddomains_row = $db->fetch_array($customerstddomains_result)) { $ids[] = (int)$customerstddomains_row['standardsubdomain']; } - if(count($ids) > 0) - { - $db->query('UPDATE `' . TABLE_PANEL_DOMAINS . '` SET `ipandport`=\'' . (int)$newfieldvalue . '\' WHERE `id` IN (\'' . implode('\',\'', $ids) . '\') AND `ipandport` = \'' . $db->escape(getSetting('system', 'defaultip')) . '\''); + if(count($ids) > 0) { + $db->query("UPDATE `" . TABLE_DOMAINTOIP . "` SET + `id_ipandports`='" . (int)$newfieldvalue . "' + WHERE `id_domain` IN ('" . implode(', ', $ids) . "') + AND `id_ipandports` = '" . $db->escape(getSetting('system', 'defaultip')) . "'" + ); } } - + return $returnvalue; } - -?> diff --git a/scripts/jobs/cron_tasks.inc.dns.10.bind.php b/scripts/jobs/cron_tasks.inc.dns.10.bind.php index 752e33c0..4086b79a 100644 --- a/scripts/jobs/cron_tasks.inc.dns.10.bind.php +++ b/scripts/jobs/cron_tasks.inc.dns.10.bind.php @@ -17,9 +17,6 @@ * */ -/* - * This script creates the php.ini's used by mod_suPHP+php-cgi -*/ if(@php_sapi_name() != 'cli' && @php_sapi_name() != 'cgi' @@ -179,23 +176,24 @@ class bind protected function generateZone($domain) { - /** Array to save all ips needed in the records (already including IN A/AAAA */ + // Array to save all ips needed in the records (already including IN A/AAAA) $ip_a_records = array(); - /** Array to save DNS records */ + // Array to save DNS records $records = array(); $result_ip = $this->db->query("SELECT `p`.`ip` AS `ip` FROM `".TABLE_PANEL_IPSANDPORTS."` `p`, `".TABLE_DOMAINTOIP."` `di` WHERE `di`.`id_domain` = '$domain[id]' AND `p`.`id` = `di`.`id_ipandports` GROUP BY `p`.`ip`;"); while ($ip = $this->db->fetch_array($result_ip)) { - if(filter_var($ip['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) + if (filter_var($ip['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { $ip_a_records[] = "A $ip[ip]"; - - elseif(filter_var($ip['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) + } + elseif (filter_var($ip['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { $ip_a_records[] = "AAAA $ip[ip]"; - - else - return ";Error in at least one IP Adress ($ip[ip]), could not create zonefile!"; + } + else { + return ";Error in at least one IP Adress (".$ip['ip']."), could not create zonefile!"; + } } $date = date('Ymd'); @@ -214,17 +212,20 @@ class bind $zonefile.= ' ' . $bindserial . ' ; serial' . "\n" . ' 8H ; refresh' . "\n" . ' 2H ; retry' . "\n" . ' 1W ; expiry' . "\n" . ' 11h) ; minimum' . "\n"; + // FIXME What is this? there is no $ip_a_record at this stage + /* if(count($this->nameservers) == 0) { $zonefile.= '@ IN NS ns' . "\n" . 'ns IN ' . $ip_a_record . "\n"; } else { + */ foreach($this->nameservers as $nameserver) { $zonefile.= '@ IN NS ' . trim($nameserver['hostname']) . "\n"; } - } + //} if(count($this->mxservers) == 0) { diff --git a/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php b/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php index 7faafab6..032b6317 100644 --- a/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php +++ b/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php @@ -198,7 +198,7 @@ class lighttpd * if $this->settings['system']['apacheconf_vhost'] is a folder * refs #70 */ - $vhosts = $this->createLighttpdHosts($row_ipsandports['ip'], $row_ipsandports['port'], $row_ipsandports['ssl'], $vhost_filename); + $vhosts = $this->createLighttpdHosts($row_ipsandports['id'], $row_ipsandports['ssl'], $vhost_filename); if ($vhosts !== null && is_array($vhosts) && isset($vhosts[0])) { // sort vhosts by number (subdomains first!) sort($vhosts); @@ -300,19 +300,35 @@ class lighttpd { } - protected function createLighttpdHosts($ip, $port, $ssl, $vhost_filename) + protected function createLighttpdHosts($ipid, $ssl, $vhost_filename) { - $query = "SELECT * FROM " . TABLE_PANEL_IPSANDPORTS . " WHERE `ip`='" . $ip . "' AND `port`='" . $port . "'"; - $ipandport = $this->db->query_first($query); + $query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`, + `d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`, + `c`.`documentroot` AS `customerroot`, `c`.`deactivated`, + `c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`, + `d`.`mod_fcgid_maxrequests`, `p`.`ssl` AS `ssl`, + `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` + FROM `".TABLE_PANEL_DOMAINS."` `d` - if ($ssl == '0') { - $query2 = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`, `c`.`guid`, `c`.`email`, `c`.`documentroot` AS `customerroot`, `c`.`deactivated`, `c`.`phpenabled` AS `phpenabled` FROM `" . TABLE_PANEL_DOMAINS . "` `d` LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `pd` ON (`pd`.`id` = `d`.`parentdomainid`) WHERE `d`.`ipandport`='" . $ipandport['id'] . "' AND `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> 1 ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC"; - } else { - $query2 = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`, `c`.`guid`, `c`.`email`, `c`.`documentroot` AS `customerroot`, `c`.`deactivated`, `c`.`phpenabled` AS `phpenabled` FROM `" . TABLE_PANEL_DOMAINS . "` `d` LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `pd` ON (`pd`.`id` = `d`.`parentdomainid`) WHERE `d`.`ssl_ipandport`='" . $ipandport['id'] . "' AND `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> 1 ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC"; - } + LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`) + LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`) + + INNER JOIN ( + SELECT * FROM ( + SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` + FROM `".TABLE_DOMAINTOIP."` `di` , `".TABLE_PANEL_IPSANDPORTS."` `p` + WHERE `p`.`id` = `di`.`id_ipandports` + AND `p`.`id` = '".(int)$ipid."' + ORDER BY `p`.`ssl` DESC + ) AS my_table_tmp + GROUP BY `id_domain` + ) AS p ON p.`id_domain` = `d`.`id` + + WHERE `d`.`aliasdomain` IS NULL + ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;"; $included_vhosts = array(); - $result_domains = $this->db->query($query2); + $result_domains = $this->db->query($query); while ($domain = $this->db->fetch_array($result_domains)) { if (is_dir($this->settings['system']['apacheconf_vhost'])) { safe_exec('mkdir -p '.escapeshellarg(makeCorrectDir($this->settings['system']['apacheconf_vhost'].'/vhosts/'))); @@ -368,39 +384,25 @@ class lighttpd $ips_and_ports_index = 'ipandport'; } - $this->lighttpd_data[$vhost_filename].= $this->getVhostContent($domain, $ssl_vhost); - $this->lighttpd_data[$vhost_filename].= isset($this->needed_htpasswds[$domain[$ips_and_ports_index]]) ? $this->needed_htpasswds[$domain[$ips_and_ports_index]] . "\n" : ''; + // FIXME we get duplicate entries of a vhost if it has assigned more than one IP + // checking if the lightt_data for that filename is empty *might* be correct + if ($this->lighttpd_data[$vhost_filename] == '') { + $this->lighttpd_data[$vhost_filename] .= $this->getVhostContent($domain, $ssl_vhost, $ipid); + } + // FIXME did this ever work? + //$this->lighttpd_data[$vhost_filename].= isset($this->needed_htpasswds[$domain[$ips_and_ports_index]]) ? $this->needed_htpasswds[$domain[$ips_and_ports_index]] . "\n" : ''; } } return $included_vhosts; } - protected function getVhostContent($domain, $ssl_vhost = false) + protected function getVhostContent($domain, $ssl_vhost = false, $ipid) { if($ssl_vhost === true - && $domain['ssl'] != '1') - { - return ''; - } - - if ($ssl_vhost === true - && $domain['ssl'] == '1' + && $domain['ssl'] != '1' + && $domain['ssl_redirect'] != '1' ) { - $query = "SELECT * FROM " . TABLE_PANEL_IPSANDPORTS . " WHERE `id`='" . $domain['ssl_ipandport'] . "'"; - } else { - $query = "SELECT * FROM " . TABLE_PANEL_IPSANDPORTS . " WHERE `id`='" . $domain['ipandport'] . "'"; - } - - $ipandport = $this->db->query_first($query); - $domain['ip'] = $ipandport['ip']; - $domain['port'] = $ipandport['port']; - $domain['ssl_cert_file'] = $ipandport['ssl_cert_file']; - $domain['ssl_ca_file'] = $ipandport['ssl_ca_file']; - - if (filter_var($domain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { - $ipport = '[' . $domain['ip'] . ']:' . $domain['port']; - } else { - $ipport = $domain['ip'] . ':' . $domain['port']; + return ''; } $vhost_content = ''; @@ -440,6 +442,8 @@ class lighttpd $vhost_content.= $domain['specialsettings'] . "\n"; } + $query = "SELECT `default_vhostconf_domain` FROM `".TABLE_PANEL_IPSANDPORTS."` WHERE `id`='".$ipid."';"; + $ipandport = $this->db->query_first($query); if ($ipandport['default_vhostconf_domain'] != '') { $vhost_content.= $ipandport['default_vhostconf_domain'] . "\n"; } From 4825c77e2e88e969b89a051de585f9bdf27741a1 Mon Sep 17 00:00:00 2001 From: "Michael Kaufmann (d00p)" Date: Thu, 2 May 2013 13:02:40 +0200 Subject: [PATCH 08/11] don't create one giant vhost for all IP's but separate ones for each ip Signed-off-by: Michael Kaufmann (d00p) --- .../jobs/cron_tasks.inc.http.10.apache.php | 191 +++++++++--------- 1 file changed, 97 insertions(+), 94 deletions(-) diff --git a/scripts/jobs/cron_tasks.inc.http.10.apache.php b/scripts/jobs/cron_tasks.inc.http.10.apache.php index 3dfadf53..843d2174 100644 --- a/scripts/jobs/cron_tasks.inc.http.10.apache.php +++ b/scripts/jobs/cron_tasks.inc.http.10.apache.php @@ -589,133 +589,136 @@ class apache } $query = "SELECT * FROM `".TABLE_PANEL_IPSANDPORTS."` `i`, `".TABLE_DOMAINTOIP."` `dip` - WHERE dip.id_domain = '".$domain[id]."' AND i.id = dip.id_ipandports "; + WHERE dip.id_domain = '".$domain['id']."' AND i.id = dip.id_ipandports "; if ($ssl_vhost === true && ($domain['ssl'] == '1' || $domain['ssl_redirect'] == '1') ) { - $query .= "AND i.ssl = 1 ORDER BY i.ssl_cert_file ASC;"; // by ordering by cert-file the row with filled out SSL-Fields will be shown last, thus it is enough to fill out 1 set of SSL-Fields + // by ordering by cert-file the row with filled out SSL-Fields will be shown last, thus it is enough to fill out 1 set of SSL-Fields + $query .= "AND i.ssl = 1 ORDER BY i.ssl_cert_file ASC;"; } else { $query .= "AND i.ssl = '0';"; } - $ipport = ''; + $vhost_content = ''; $result = $this->db->query($query); while ($ipandport = $this->db->fetch_array($result)) { + $ipport = ''; $domain['ip'] = $ipandport['ip']; $domain['port'] = $ipandport['port']; if (filter_var($domain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { - $ipport .= '['.$domain[ip].']:'.$domain[port]. ' '; + $ipport = '['.$domain['ip'].']:'.$domain['port']. ' '; } else { - $ipport .= $domain[ip].':'.$domain[port].' '; - } - } - - $domain['ssl_cert_file'] = $ipandport['ssl_cert_file']; // save last delivered ssl settings - $domain['ssl_key_file'] = $ipandport['ssl_key_file']; - $domain['ssl_ca_file'] = $ipandport['ssl_ca_file']; - // #418 - $domain['ssl_cert_chainfile'] = $ipandport['ssl_cert_chainfile']; - - $vhost_content = '' . "\n"; - - $vhost_content.= $this->getServerNames($domain); - - if(($ssl_vhost == false - && $domain['ssl'] == '1' - && $domain['ssl_redirect'] == '1') - ) { - $domain['documentroot'] = 'https://' . $domain['domain'] . '/'; - } - - if ($ssl_vhost === true - && $domain['ssl'] == '1' - && $this->settings['system']['use_ssl'] == '1' - ) { - if ($domain['ssl_cert_file'] == '') { - $domain['ssl_cert_file'] = $this->settings['system']['ssl_cert_file']; - } - - if ($domain['ssl_key_file'] == '') { - $domain['ssl_key_file'] = $this->settings['system']['ssl_key_file']; - } - - if ($domain['ssl_ca_file'] == '') { - $domain['ssl_ca_file'] = $this->settings['system']['ssl_ca_file']; + $ipport = $domain['ip'].':'.$domain['port'].' '; } + $domain['ssl_cert_file'] = $ipandport['ssl_cert_file']; // save last delivered ssl settings + $domain['ssl_key_file'] = $ipandport['ssl_key_file']; + $domain['ssl_ca_file'] = $ipandport['ssl_ca_file']; // #418 - if ($domain['ssl_cert_chainfile'] == '') { - $domain['ssl_cert_chainfile'] = $this->settings['system']['ssl_cert_chainfile']; + $domain['ssl_cert_chainfile'] = $ipandport['ssl_cert_chainfile']; + + $vhost_content .= '' . "\n"; + + $vhost_content.= $this->getServerNames($domain); + + if(($ssl_vhost == false + && $domain['ssl'] == '1' + && $domain['ssl_redirect'] == '1') + ) { + $domain['documentroot'] = 'https://' . $domain['domain'] . '/'; } - if ($domain['ssl_cert_file'] != '') { - $vhost_content .= ' SSLEngine On' . "\n"; - $vhost_content .= ' SSLCertificateFile ' . makeCorrectFile($domain['ssl_cert_file']) . "\n"; - - if ($domain['ssl_key_file'] != '') { - $vhost_content .= ' SSLCertificateKeyFile ' . makeCorrectFile($domain['ssl_key_file']) . "\n"; + if ($ssl_vhost === true + && $domain['ssl'] == '1' + && $this->settings['system']['use_ssl'] == '1' + ) { + if ($domain['ssl_cert_file'] == '') { + $domain['ssl_cert_file'] = $this->settings['system']['ssl_cert_file']; } - if ($domain['ssl_ca_file'] != '') { - $vhost_content .= ' SSLCACertificateFile ' . makeCorrectFile($domain['ssl_ca_file']) . "\n"; + if ($domain['ssl_key_file'] == '') { + $domain['ssl_key_file'] = $this->settings['system']['ssl_key_file']; + } + + if ($domain['ssl_ca_file'] == '') { + $domain['ssl_ca_file'] = $this->settings['system']['ssl_ca_file']; } // #418 - if ($domain['ssl_cert_chainfile'] != '') { - $vhost_content .= ' SSLCertificateChainFile ' . makeCorrectFile($domain['ssl_cert_chainfile']) . "\n"; + if ($domain['ssl_cert_chainfile'] == '') { + $domain['ssl_cert_chainfile'] = $this->settings['system']['ssl_cert_chainfile']; + } + + if ($domain['ssl_cert_file'] != '') { + $vhost_content .= ' SSLEngine On' . "\n"; + $vhost_content .= ' SSLCertificateFile ' . makeCorrectFile($domain['ssl_cert_file']) . "\n"; + + if ($domain['ssl_key_file'] != '') { + $vhost_content .= ' SSLCertificateKeyFile ' . makeCorrectFile($domain['ssl_key_file']) . "\n"; + } + + if ($domain['ssl_ca_file'] != '') { + $vhost_content .= ' SSLCACertificateFile ' . makeCorrectFile($domain['ssl_ca_file']) . "\n"; + } + + // #418 + if ($domain['ssl_cert_chainfile'] != '') { + $vhost_content .= ' SSLCertificateChainFile ' . makeCorrectFile($domain['ssl_cert_chainfile']) . "\n"; + } } } - } - if (preg_match('/^https?\:\/\//', $domain['documentroot'])) { - $corrected_docroot = $this->idnaConvert->encode($domain['documentroot']); - if (substr($corrected_docroot, -1) == '/') { - $corrected_docroot = substr($corrected_docroot, 0, -1); + if (preg_match('/^https?\:\/\//', $domain['documentroot'])) { + $corrected_docroot = $this->idnaConvert->encode($domain['documentroot']); + if (substr($corrected_docroot, -1) == '/') { + $corrected_docroot = substr($corrected_docroot, 0, -1); + } + + /* Get domain's redirect code */ + $code = getDomainRedirectCode($domain['id']); + $modrew_red = ''; + if ($code != '') { + $modrew_red = '[R='. $code . ';L]'; + } + + // redirect everything, not only root-directory, #541 + $vhost_content .= ' '."\n"; + $vhost_content .= ' RewriteEngine On' . "\n"; + $vhost_content .= ' RewriteCond %{HTTPS} off' . "\n"; + $vhost_content .= ' RewriteRule (.*) '. $corrected_docroot.'%{REQUEST_URI} ' . $modrew_red . "\n"; + $vhost_content .= ' ' . "\n"; + + $code = getDomainRedirectCode($domain['id']); + $vhost_content .= ' Redirect '.$code.' / ' . $this->idnaConvert->encode($domain['documentroot']) . "\n"; + } else { + mkDirWithCorrectOwnership($domain['customerroot'], $domain['documentroot'], $domain['guid'], $domain['guid'], true, true); + $vhost_content .= $this->getWebroot($domain); + if ($this->_deactivated == false) { + $vhost_content .= $this->composePhpOptions($domain,$ssl_vhost); + $vhost_content .= $this->getStats($domain); + } + $vhost_content .= $this->getLogfiles($domain); + + if ($domain['specialsettings'] != '') { + $vhost_content .= $domain['specialsettings'] . "\n"; + } + + if ($ipandport['default_vhostconf_domain'] != '') { + $vhost_content .= $ipandport['default_vhostconf_domain'] . "\n"; + } + + if ($this->settings['system']['default_vhostconf'] != '') { + $vhost_content .= $this->settings['system']['default_vhostconf'] . "\n"; + } } - /* Get domain's redirect code */ - $code = getDomainRedirectCode($domain['id']); - $modrew_red = ''; - if ($code != '') { - $modrew_red = '[R='. $code . ';L]'; - } + $vhost_content .= '' . "\n"; - // redirect everything, not only root-directory, #541 - $vhost_content .= ' '."\n"; - $vhost_content .= ' RewriteEngine On' . "\n"; - $vhost_content .= ' RewriteCond %{HTTPS} off' . "\n"; - $vhost_content .= ' RewriteRule (.*) '. $corrected_docroot.'%{REQUEST_URI} ' . $modrew_red . "\n"; - $vhost_content .= ' ' . "\n"; - - $code = getDomainRedirectCode($domain['id']); - $vhost_content .= ' Redirect '.$code.' / ' . $this->idnaConvert->encode($domain['documentroot']) . "\n"; - } else { - mkDirWithCorrectOwnership($domain['customerroot'], $domain['documentroot'], $domain['guid'], $domain['guid'], true, true); - $vhost_content .= $this->getWebroot($domain); - if ($this->_deactivated == false) { - $vhost_content .= $this->composePhpOptions($domain,$ssl_vhost); - $vhost_content .= $this->getStats($domain); - } - $vhost_content .= $this->getLogfiles($domain); - - if ($domain['specialsettings'] != '') { - $vhost_content .= $domain['specialsettings'] . "\n"; - } - - if ($ipandport['default_vhostconf_domain'] != '') { - $vhost_content .= $ipandport['default_vhostconf_domain'] . "\n"; - } - - if ($this->settings['system']['default_vhostconf'] != '') { - $vhost_content .= $this->settings['system']['default_vhostconf'] . "\n"; - } - } - - $vhost_content .= '' . "\n"; + } // while ip's return $vhost_content; } From e0db240a3f865c7cae67295792a990481ce1279c Mon Sep 17 00:00:00 2001 From: "Michael Kaufmann (d00p)" Date: Fri, 3 May 2013 09:50:07 +0200 Subject: [PATCH 09/11] tiny fixes in nginx-cronjob; clean up unused code from lighttpd cronjob Signed-off-by: Michael Kaufmann (d00p) --- .../jobs/cron_tasks.inc.http.20.lighttpd.php | 54 ------ scripts/jobs/cron_tasks.inc.http.30.nginx.php | 160 +++++++++--------- 2 files changed, 81 insertions(+), 133 deletions(-) diff --git a/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php b/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php index 032b6317..26cfda68 100644 --- a/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php +++ b/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php @@ -17,10 +17,6 @@ * */ -/* - * This script creates the php.ini's used by mod_suPHP+php-cgi - */ - if(@php_sapi_name() != 'cli' && @php_sapi_name() != 'cgi' && @php_sapi_name() != 'cgi-fcgi') @@ -389,8 +385,6 @@ class lighttpd if ($this->lighttpd_data[$vhost_filename] == '') { $this->lighttpd_data[$vhost_filename] .= $this->getVhostContent($domain, $ssl_vhost, $ipid); } - // FIXME did this ever work? - //$this->lighttpd_data[$vhost_filename].= isset($this->needed_htpasswds[$domain[$ips_and_ports_index]]) ? $this->needed_htpasswds[$domain[$ips_and_ports_index]] . "\n" : ''; } } return $included_vhosts; @@ -620,53 +614,6 @@ class lighttpd return $path_options; } - protected function getDirOptions($domain) - { - $query = "SELECT * FROM " . TABLE_PANEL_HTPASSWDS . " WHERE `customerid`='" . $domain['customerid'] . "'"; - $result = $this->db->query($query); - - while ($row_htpasswds = $this->db->fetch_array($result)) { - if ($auth_backend_loaded[$domain['ipandport']] != 'yes' - && $auth_backend_loaded[$domain['ssl_ipandport']] != 'yes' - ) { - $filename = $domain['customerid'] . '.htpasswd'; - - if ($this->auth_backend_loaded[$domain['ipandport']] != 'yes') { - $auth_backend_loaded[$domain['ipandport']] = 'yes'; - $diroption_text.= 'auth.backend = "htpasswd"' . "\n"; - $diroption_text.= 'auth.backend.htpasswd.userfile = "' . makeCorrectFile($this->settings['system']['apacheconf_htpasswddir'] . '/' . $filename) . '"' . "\n"; - $this->needed_htpasswds[$filename] = $row_htpasswds['username'] . ':' . $row_htpasswds['password'] . "\n"; - $diroption_text.= 'auth.require = ( ' . "\n"; - $previous_domain_id = '1'; - } elseif($this->auth_backend_loaded[$domain['ssl_ipandport']] != 'yes') { - $auth_backend_loaded[$domain['ssl_ipandport']] = 'yes'; - $diroption_text.= 'auth.backend= "htpasswd"' . "\n"; - $diroption_text.= 'auth.backend.htpasswd.userfile = "' . makeCorrectFile($this->settings['system']['apacheconf_htpasswddir'] . '/' . $filename) . '"' . "\n"; - $this->needed_htpasswds[$filename] = $row_htpasswds['username'] . ':' . $row_htpasswds['password'] . "\n"; - $diroption_text.= 'auth.require = ( ' . "\n"; - $previous_domain_id = '1'; - } - } - - $diroption_text.= '"' . makeCorrectDir($row_htpasswds['path']) . '" =>' . "\n"; - $diroption_text.= '(' . "\n"; - $diroption_text.= ' "method" => "basic",' . "\n"; - $diroption_text.= ' "realm" => "'.$row_htpasswds['authname'].'",' . "\n"; - $diroption_text.= ' "require" => "valid-user"' . "\n"; - $diroption_text.= ')' . "\n"; - - if ($this->auth_backend_loaded[$domain['ssl_ipandport']] == 'yes') { - $this->needed_htpasswds[$domain['ssl_ipandport']].= $diroption_text; - } - - if ($this->auth_backend_loaded[$domain['ipandport']] != 'yes') { - $this->needed_htpasswds[$domain['ipandport']].= $diroption_text; - } - } - - return ' auth.backend.htpasswd.userfile = "' . makeCorrectFile($this->settings['system']['apacheconf_htpasswddir'] . '/' . $filename) . '"' . "\n"; - } - protected function getServerNames($domain) { $server_string = array(); @@ -857,7 +804,6 @@ class lighttpd } // Write the diroptions - if (isConfigDir($this->settings['system']['apacheconf_htpasswddir'])) { foreach ($this->needed_htpasswds as $key => $data) { if (!is_dir($this->settings['system']['apacheconf_htpasswddir'])) { diff --git a/scripts/jobs/cron_tasks.inc.http.30.nginx.php b/scripts/jobs/cron_tasks.inc.http.30.nginx.php index d11c8f3c..a19bc942 100644 --- a/scripts/jobs/cron_tasks.inc.http.30.nginx.php +++ b/scripts/jobs/cron_tasks.inc.http.30.nginx.php @@ -251,7 +251,6 @@ class nginx $this->nginx_data[$vhost_filename] .= '}' . "\n\n"; // End of Froxlor server{}-part } - $this->createNginxHosts($row_ipsandports['ip'], $row_ipsandports['port'], $row_ipsandports['ssl'], $vhost_filename); } $this->createNginxHosts(); @@ -353,9 +352,8 @@ class nginx } $vhost_content = ''; - $vhost_content.= 'server { ' . "\n"; - $query = "SELECT * FROM `".TABLE_PANEL_IPSANDPORTS."` `i`, `".TABLE_DOMAINTOIP."` `dip` WHERE dip.id_domain = '$domain[id]' AND i.id = dip.id_ipandports "; + $query = "SELECT * FROM `".TABLE_PANEL_IPSANDPORTS."` `i`, `".TABLE_DOMAINTOIP."` `dip` WHERE dip.id_domain = '".$domain['id']."' AND i.id = dip.id_ipandports "; if ($ssl_vhost === true && ($domain['ssl'] == '1' || $domain['ssl_redirect'] == '1') ) { @@ -369,84 +367,85 @@ class nginx $result = $this->db->query($query); while ($ipandport = $this->db->fetch_array($result)) { - $domain['ip'] = $ipandport['ip']; - $domain['port'] = $ipandport['port']; + $domain['ip'] = $ipandport['ip']; + $domain['port'] = $ipandport['port']; - if (filter_var($domain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { - $ipport = '[' . $domain['ip'] . ']:' . $domain['port']; - } else { - $ipport = $domain['ip'] . ':' . $domain['port']; - } - - $vhost_content.= "\t" . 'listen ' . $ipport . ($ssl_vhost == true ? ' ssl' : '') . ';' . "\n"; - } - $domain['ssl_cert_file'] = $ipandport['ssl_cert_file']; // save latest delivered ssl settings - $domain['ssl_key_file'] = $ipandport['ssl_key_file']; - $domain['ssl_ca_file'] = $ipandport['ssl_ca_file']; - // #418 - $domain['ssl_cert_chainfile'] = $ipandport['ssl_cert_chainfile']; - - // get all server-names - $vhost_content .= $this->getServerNames($domain); - - // respect ssl_redirect settings, #542 - if ($ssl_vhost == false - && $domain['ssl'] == '1' - && $domain['ssl_redirect'] == '1') - { - $domain['documentroot'] = 'https://' . $domain['domain'] . '/'; - } - - // if the documentroot is an URL we just redirect - if (preg_match('/^https?\:\/\//', $domain['documentroot'])) { - $vhost_content .= "\t".'rewrite ^(.*) '.$this->idnaConvert->encode($domain['documentroot']).'$1 permanent;'."\n"; - } else { - mkDirWithCorrectOwnership($domain['customerroot'], $domain['documentroot'], $domain['guid'], $domain['guid'], true); - - $vhost_content .= $this->getLogFiles($domain); - $vhost_content .= $this->getWebroot($domain, $ssl_vhost); - - if ($this->_deactivated == false) { - - if ($ssl_vhost === true - && $domain['ssl'] == '1' - && $this->settings['system']['use_ssl'] == '1' - ) { - $vhost_content.= $this->composeSslSettings($domain); - } - $vhost_content.= $this->create_pathOptions($domain); - $vhost_content.= $this->composePhpOptions($domain, $ssl_vhost); - - $vhost_content.= isset($this->needed_htpasswds[$domain['id']]) ? $this->needed_htpasswds[$domain['id']] . "\n" : ''; - - if ($domain['specialsettings'] != "") { - $vhost_content .= $domain['specialsettings'] . "\n"; - } - - if ($ipandport['default_vhostconf_domain'] != '') { - $vhost_content .= $ipandport['default_vhostconf_domain'] . "\n"; - } - - if ($this->settings['system']['default_vhostconf'] != '') { - $vhost_content .= $this->settings['system']['default_vhostconf'] . "\n"; - } + if (filter_var($domain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { + $ipport = '[' . $domain['ip'] . ']:' . $domain['port']; + } else { + $ipport = $domain['ip'] . ':' . $domain['port']; } - // merge duplicate / sections, #1193 - $l_regex1 = "/(location\ \/\ \{)(.*)(\})/smU"; - $l_regex2 = "/(location\ \/\ \{.*\})/smU"; - $replace_by = ''; - $replacements = preg_match_all($l_regex1,$vhost_content,$out); - if ($replacements > 1) { - foreach ($out[2] as $val) { - $replace_by .= $val."\n"; - } - $vhost_content = preg_replace($l_regex2, "", $vhost_content, $replacements-1); - $vhost_content = preg_replace($l_regex2, "location / {\n\t\t". $replace_by ."\t}\n", $vhost_content); - } - } - $vhost_content .= '}' . "\n\n"; + $domain['ssl_cert_file'] = $ipandport['ssl_cert_file']; // save latest delivered ssl settings + $domain['ssl_key_file'] = $ipandport['ssl_key_file']; + $domain['ssl_ca_file'] = $ipandport['ssl_ca_file']; + // #418 + $domain['ssl_cert_chainfile'] = $ipandport['ssl_cert_chainfile']; + $vhost_content.= 'server { ' . "\n"; + $vhost_content.= "\t" . 'listen ' . $ipport . ($ssl_vhost == true ? ' ssl' : '') . ';' . "\n"; + + // get all server-names + $vhost_content .= $this->getServerNames($domain); + + // respect ssl_redirect settings, #542 + if ($ssl_vhost == false + && $domain['ssl'] == '1' + && $domain['ssl_redirect'] == '1') + { + $domain['documentroot'] = 'https://' . $domain['domain'] . '/'; + } + + // if the documentroot is an URL we just redirect + if (preg_match('/^https?\:\/\//', $domain['documentroot'])) { + $vhost_content .= "\t".'rewrite ^(.*) '.$this->idnaConvert->encode($domain['documentroot']).'$1 permanent;'."\n"; + } else { + mkDirWithCorrectOwnership($domain['customerroot'], $domain['documentroot'], $domain['guid'], $domain['guid'], true); + + $vhost_content .= $this->getLogFiles($domain); + $vhost_content .= $this->getWebroot($domain, $ssl_vhost); + + if ($this->_deactivated == false) { + + if ($ssl_vhost === true + && $domain['ssl'] == '1' + && $this->settings['system']['use_ssl'] == '1' + ) { + $vhost_content.= $this->composeSslSettings($domain); + } + $vhost_content.= $this->create_pathOptions($domain); + $vhost_content.= $this->composePhpOptions($domain, $ssl_vhost); + + $vhost_content.= isset($this->needed_htpasswds[$domain['id']]) ? $this->needed_htpasswds[$domain['id']] . "\n" : ''; + + if ($domain['specialsettings'] != "") { + $vhost_content .= $domain['specialsettings'] . "\n"; + } + + if ($ipandport['default_vhostconf_domain'] != '') { + $vhost_content .= $ipandport['default_vhostconf_domain'] . "\n"; + } + + if ($this->settings['system']['default_vhostconf'] != '') { + $vhost_content .= $this->settings['system']['default_vhostconf'] . "\n"; + } + } + + // merge duplicate / sections, #1193 + $l_regex1 = "/(location\ \/\ \{)(.*)(\})/smU"; + $l_regex2 = "/(location\ \/\ \{.*\})/smU"; + $replace_by = ''; + $replacements = preg_match_all($l_regex1,$vhost_content,$out); + if ($replacements > 1) { + foreach ($out[2] as $val) { + $replace_by .= $val."\n"; + } + $vhost_content = preg_replace($l_regex2, "", $vhost_content, $replacements-1); + $vhost_content = preg_replace($l_regex2, "location / {\n\t\t". $replace_by ."\t}\n", $vhost_content); + } + } + $vhost_content .= '}' . "\n\n"; + } return $vhost_content; } @@ -475,8 +474,11 @@ class nginx // FIXME ssl on now belongs to the listen block as 'ssl' at the end $sslsettings .= "\t" . 'ssl on;' . "\n"; $sslsettings .= "\t" . 'ssl_certificate ' . makeCorrectFile($domain['ssl_cert_file']) . ';' . "\n"; - $sslsettings .= "\t" . 'ssl_certificate_key ' .makeCorrectFile($domain['ssl_key_file']) . ';' . "\n"; - + + if ($domain['ssl_key_file'] != '') { + $sslsettings .= "\t" . 'ssl_certificate_key ' .makeCorrectFile($domain['ssl_key_file']) . ';' . "\n"; + } + if ($domain['ssl_ca_file'] != '') { $sslsettings.= 'ssl_client_certificate ' . makeCorrectFile($domain['ssl_ca_file']) . ';' . "\n"; } From 55312a6df4f103f4a302ca2615b60d0f62785e6d Mon Sep 17 00:00:00 2001 From: "Michael Kaufmann (d00p)" Date: Fri, 3 May 2013 10:45:27 +0200 Subject: [PATCH 10/11] fix zonefile nameserver-entries when there are no nameservers given (use A/AAAA entries then) Signed-off-by: Michael Kaufmann (d00p) --- scripts/jobs/cron_tasks.inc.dns.10.bind.php | 56 +++++++++------------ 1 file changed, 23 insertions(+), 33 deletions(-) diff --git a/scripts/jobs/cron_tasks.inc.dns.10.bind.php b/scripts/jobs/cron_tasks.inc.dns.10.bind.php index 4086b79a..306f3ea2 100644 --- a/scripts/jobs/cron_tasks.inc.dns.10.bind.php +++ b/scripts/jobs/cron_tasks.inc.dns.10.bind.php @@ -186,10 +186,10 @@ class bind while ($ip = $this->db->fetch_array($result_ip)) { if (filter_var($ip['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { - $ip_a_records[] = "A $ip[ip]"; + $ip_a_records[] = "A\t\t" . $ip['ip']; } elseif (filter_var($ip['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { - $ip_a_records[] = "AAAA $ip[ip]"; + $ip_a_records[] = "AAAA\t\t" . $ip['ip']; } else { return ";Error in at least one IP Adress (".$ip['ip']."), could not create zonefile!"; @@ -198,7 +198,7 @@ class bind $date = date('Ymd'); $bindserial = (preg_match('/^' . $date . '/', $domain['bindserial']) ? $domain['bindserial'] + 1 : $date . '00'); - $this->db->query('UPDATE `' . TABLE_PANEL_DOMAINS . '` SET `bindserial`=\'' . $bindserial . '\' WHERE `id`=\'' . $domain['id'] . '\''); + $this->db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `bindserial`='" . $bindserial . "' WHERE `id`='" . $domain['id'] . "'"); $zonefile = '$TTL ' . (int)$this->settings['system']['defaultttl'] . "\n"; if(count($this->nameservers) == 0) @@ -212,44 +212,34 @@ class bind $zonefile.= ' ' . $bindserial . ' ; serial' . "\n" . ' 8H ; refresh' . "\n" . ' 2H ; retry' . "\n" . ' 1W ; expiry' . "\n" . ' 11h) ; minimum' . "\n"; - // FIXME What is this? there is no $ip_a_record at this stage - /* - if(count($this->nameservers) == 0) - { - $zonefile.= '@ IN NS ns' . "\n" . 'ns IN ' . $ip_a_record . "\n"; - } - else - { - */ - foreach($this->nameservers as $nameserver) - { - $zonefile.= '@ IN NS ' . trim($nameserver['hostname']) . "\n"; + // no nameservers given, use all if the A/AAAA entries + if (count($this->nameservers) == 0) { + $zonefile .= '@ IN NS ns' . "\n"; + foreach ($ip_a_records as $ip_a_record) { + $zonefile .= 'ns IN ' . $ip_a_record . "\n"; } - //} + } else { + foreach ($this->nameservers as $nameserver) { + $zonefile.= '@ IN NS ' . trim($nameserver['hostname']) . "\n"; + } + } - if(count($this->mxservers) == 0) - { + if (count($this->mxservers) == 0) { $zonefile.= '@ IN MX 10 mail' . "\n"; $records[] = 'mail'; - if($domain['iswildcarddomain'] != '1') - { + if ($domain['iswildcarddomain'] != '1') { $records[] = 'imap'; $records[] = 'smtp'; $records[] = 'pop3'; } - } - else - { - foreach($this->mxservers as $mxserver) - { - $zonefile.= '@ IN MX ' . trim($mxserver) . "\n"; + } else { + foreach ($this->mxservers as $mxserver) { + $zonefile.= '@ IN MX ' . trim($mxserver) . "\n"; } - if($this->settings['system']['dns_createmailentry'] == '1') - { + if ($this->settings['system']['dns_createmailentry'] == '1') { $records[] = 'mail'; - if($domain['iswildcarddomain'] != '1') - { + if ($domain['iswildcarddomain'] != '1') { $records[] = 'imap'; $records[] = 'smtp'; $records[] = 'pop3'; @@ -260,9 +250,9 @@ class bind /* * @TODO domain-based spf-settings */ - if($this->settings['spf']['use_spf'] == '1' - /*&& $domain['spf'] == '1' */) - { + if ($this->settings['spf']['use_spf'] == '1' + /*&& $domain['spf'] == '1' */ + ) { $zonefile.= $this->settings['spf']['spf_entry'] . "\n"; } From b5fc0ad5329c5428abbcfd1df5e2403d8e6ea5aa Mon Sep 17 00:00:00 2001 From: "Michael Kaufmann (d00p)" Date: Wed, 8 May 2013 16:34:04 +0200 Subject: [PATCH 11/11] fix error when security question is being asked when adding a domain as admin, thx to Sephi Signed-off-by: Michael Kaufmann (d00p) --- admin_domains.php | 38 +++++++++++---------------- lib/classes/output/class.htmlform.php | 17 ++++++------ 2 files changed, 24 insertions(+), 31 deletions(-) diff --git a/admin_domains.php b/admin_domains.php index 727147fa..51084c33 100644 --- a/admin_domains.php +++ b/admin_domains.php @@ -392,41 +392,35 @@ if($page == 'domains' } $ipandports = array(); - if (isset($_POST['ipandport']) && !is_array($_POST['ipandport'])) - { + if (isset($_POST['ipandport']) && !is_array($_POST['ipandport'])) { $_POST['ipandport'] = unserialize($_POST['ipandport']); } - if (isset($_POST['ipandport']) && is_array($_POST['ipandport'])) - { - foreach($_POST['ipandport'] as $ipandport) - { - $ipandport = intval($ipandport); - $ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ipandport) . "' " . $additional_ip_condition); - if(!isset($ipandport_check['id']) - || $ipandport_check['id'] == '0' - || $ipandport_check['id'] != $ipandport) - { + if (isset($_POST['ipandport']) && is_array($_POST['ipandport'])) { + foreach($_POST['ipandport'] as $ipandport) { + $ipandport = intval($ipandport); + $ipandport_check = $db->query_first("SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = '" . $db->escape($ipandport) . "' " . $additional_ip_condition); + if(!isset($ipandport_check['id']) + || $ipandport_check['id'] == '0' + || $ipandport_check['id'] != $ipandport + ) { standard_error('ipportdoesntexist'); - } - else - { + } else { $ipandports[] = $ipandport; } } } - if($settings['system']['use_ssl'] == "1" - && isset($_POST['ssl_ipandport'])) - { + if ($settings['system']['use_ssl'] == "1" + && isset($_POST['ssl_ipandport']) + ) { $ssl_redirect = 0; if (isset($_POST['ssl_redirect'])) { $ssl_redirect = (int)$_POST['ssl_redirect']; } $ssl_ipandports = array(); - if (isset($_POST['ssl_ipandport']) && !is_array($_POST['ssl_ipandport'])) - { + if (isset($_POST['ssl_ipandport']) && !is_array($_POST['ssl_ipandport'])) { $_POST['ssl_ipandport'] = unserialize($_POST['ssl_ipandport']); } @@ -592,9 +586,9 @@ if($page == 'domains' 'dkim' => $dkim, 'speciallogfile' => $speciallogfile, 'wwwserveralias' => $wwwserveralias, - 'ipandport' => $ipandport, + 'ipandport' => serialize($ipandports), 'ssl_redirect' => $ssl_redirect, - 'ssl_ipandport' => $ssl_ipandport, + 'ssl_ipandport' => serialize($ssl_ipandports), 'openbasedir' => $openbasedir, 'phpsettingid' => $phpsettingid, 'mod_fcgid_starter' => $mod_fcgid_starter, diff --git a/lib/classes/output/class.htmlform.php b/lib/classes/output/class.htmlform.php index a6106547..e6e71781 100644 --- a/lib/classes/output/class.htmlform.php +++ b/lib/classes/output/class.htmlform.php @@ -249,17 +249,15 @@ class htmlform */ public static function _checkbox($fieldname = '', $data = array()) { // $data['value'] contains checked items + + $checked = array(); if (isset($data['value'])) { $checked = $data['value']; - } else { - $checked = array(); } if (isset($_SESSION['requestData'])) { if(isset($_SESSION['requestData'][$fieldname])) { $checked = array($_SESSION['requestData'][$fieldname]); - } else { - $checked = array(); } } @@ -276,13 +274,14 @@ class htmlform $key = $val['label']; // is this box checked? $isChecked = ''; - foreach($checked as $tmp) { - if ($tmp == $val['value']) { - $isChecked = ' checked="checked" '; - break; + if (is_array($checked) && count($checked) > 0) { + foreach($checked as $tmp) { + if ($tmp == $val['value']) { + $isChecked = ' checked="checked" '; + break; + } } } - $output .= ''; }