maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

added Subdomains.add; minor fixes and enhancements

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2018-02-27 15:54:07 +01:00
parent 6318e5514b
commit a038e35e45
8 changed files with 421 additions and 313 deletions
Download Patch File Download Diff File Expand all files Collapse all files

227
customer_domains.php
View File

@@ -205,229 +205,12 @@ if ($page == 'overview') {
} elseif ($action == 'add') {
if ($userinfo['subdomains_used'] < $userinfo['subdomains'] || $userinfo['subdomains'] == '-1') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
if (substr($_POST['subdomain'], 0, 4) == 'xn--') {
standard_error('domain_nopunycode');
}
$subdomain = $idna_convert->encode(preg_replace(array('/\:(\d)+$/', '/^https?\:\/\//'), '', validate($_POST['subdomain'], 'subdomain', '', 'subdomainiswrong')));
$domain = $_POST['domain'];
$domain_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "`
WHERE `domain` = :domain
AND `customerid` = :customerid
AND `parentdomainid` = '0'
AND `email_only` = '0'
AND `caneditdomain` = '1'"
);
$domain_check = Database::pexecute_first($domain_stmt, array("domain" => $domain, "customerid" => $userinfo['customerid']));
$completedomain = $subdomain . '.' . $domain;
if (Settings::Get('system.validate_domain') && ! validateDomain($completedomain)) {
standard_error(array(
'stringiswrong',
'mydomain'
));
}
if ($completedomain == Settings::Get('system.hostname')) {
standard_error('admin_domain_emailsystemhostname');
}
$completedomain_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "`
WHERE `domain` = :domain
AND `customerid` = :customerid
AND `email_only` = '0'
AND `caneditdomain` = '1'"
);
$completedomain_check = Database::pexecute_first($completedomain_stmt, array("domain" => $completedomain, "customerid" => $userinfo['customerid']));
$aliasdomain = intval($_POST['alias']);
$aliasdomain_check = array('id' => 0);
$_doredirect = false;
if ($aliasdomain != 0) {
// also check ip/port combination to be the same, #176
$aliasdomain_stmt = Database::prepare("SELECT `d`.`id` FROM `" . TABLE_PANEL_DOMAINS . "` `d` , `" . TABLE_PANEL_CUSTOMERS . "` `c` , `".TABLE_DOMAINTOIP."` `dip`
WHERE `d`.`aliasdomain` IS NULL
AND `d`.`id` = :id
AND `c`.`standardsubdomain` <> `d`.`id`
AND `d`.`customerid` = :customerid
AND `c`.`customerid` = `d`.`customerid`
AND `d`.`id` = `dip`.`id_domain`
AND `dip`.`id_ipandports`
IN (SELECT `id_ipandports` FROM `".TABLE_DOMAINTOIP."`
WHERE `id_domain` = :id )
GROUP BY `d`.`domain`
ORDER BY `d`.`domain` ASC;"
);
$aliasdomain_check = Database::pexecute_first($aliasdomain_stmt, array("id" => $aliasdomain, "customerid" => $userinfo['customerid']));
triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $log);
}
if (isset($_POST['url']) && $_POST['url'] != '' && validateUrl($_POST['url'])) {
$path = $_POST['url'];
$_doredirect = true;
} else {
$path = validate($_POST['path'], 'path');
}
if (!preg_match('/^https?\:\/\//', $path) || !validateUrl($path)) {
if (strstr($path, ":") !== FALSE) {
standard_error('pathmaynotcontaincolon');
}
// If path is empty or '/' and 'Use domain name as default value for DocumentRoot path' is enabled in settings,
// set default path to subdomain or domain name
if ((($path == '') || ($path == '/')) && Settings::Get('system.documentroot_use_default_value') == 1) {
$path = makeCorrectDir($userinfo['documentroot'] . '/' . $completedomain);
} else {
$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
}
} else {
$_doredirect = true;
}
$openbasedir_path = '0';
if (isset($_POST['openbasedir_path']) && $_POST['openbasedir_path'] == '1') {
$openbasedir_path = '1';
}
$ssl_redirect = '0';
if (isset($_POST['ssl_redirect']) && $_POST['ssl_redirect'] == '1') {
// a ssl-redirect only works if there actually is a
// ssl ip/port assigned to the domain
if (domainHasSslIpPort($domain_check['id']) == true) {
$ssl_redirect = '1';
$_doredirect = true;
} else {
standard_error('sslredirectonlypossiblewithsslipport');
}
}
$letsencrypt = '0';
if (isset($_POST['letsencrypt']) && $_POST['letsencrypt'] == '1') {
// let's encrypt only works if there actually is a
// ssl ip/port assigned to the domain
if (domainHasSslIpPort($domain_check['id']) == true) {
$letsencrypt = '1';
} else {
standard_error('letsencryptonlypossiblewithsslipport');
}
}
// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
if ($ssl_redirect > 0 && $letsencrypt == 1) {
$ssl_redirect = 2;
}
// HSTS
$hsts_maxage = isset($_POST['hsts_maxage']) ? (int)$_POST['hsts_maxage'] : 0;
$hsts_sub = isset($_POST['hsts_sub']) && (int)$_POST['hsts_sub'] == 1 ? 1 : 0;
$hsts_preload = isset($_POST['hsts_preload']) && (int)$_POST['hsts_preload'] == 1 ? 1 : 0;
if ($path == '') {
standard_error('patherror');
} elseif ($subdomain == '') {
standard_error(array('stringisempty', 'domainname'));
} elseif ($subdomain == 'www' && $domain_check['wwwserveralias'] == '1') {
standard_error('wwwnotallowed');
} elseif ($domain == '') {
standard_error('domaincantbeempty');
} elseif (strtolower($completedomain_check['domain']) == strtolower($completedomain)) {
standard_error('domainexistalready', $completedomain);
} elseif (strtolower($domain_check['domain']) != strtolower($domain)) {
standard_error('maindomainnonexist', $domain);
} elseif ($aliasdomain_check['id'] != $aliasdomain) {
standard_error('domainisaliasorothercustomer');
} else {
// get the phpsettingid from parentdomain, #107
$phpsid_stmt = Database::prepare("SELECT `phpsettingid` FROM `".TABLE_PANEL_DOMAINS."`
WHERE `id` = :id"
);
Database::pexecute($phpsid_stmt, array("id" => $domain_check['id']));
$phpsid_result = $phpsid_stmt->fetch(PDO::FETCH_ASSOC);
if (!isset($phpsid_result['phpsettingid']) || (int)$phpsid_result['phpsettingid'] <= 0) {
// assign default config
$phpsid_result['phpsettingid'] = 1;
}
// check whether the customer has chosen its own php-config
if (isset($_POST['phpsettingid']) && intval($_POST['phpsettingid']) != $phpsid_result['phpsettingid']) {
$phpsid_result['phpsettingid'] = intval($_POST['phpsettingid']);
}
$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
`customerid` = :customerid,
`domain` = :domain,
`documentroot` = :documentroot,
`aliasdomain` = :aliasdomain,
`parentdomainid` = :parentdomainid,
`wwwserveralias` = :wwwserveralias,
`isemaildomain` = :isemaildomain,
`iswildcarddomain` = :iswildcarddomain,
`phpenabled` = :phpenabled,
`openbasedir` = :openbasedir,
`openbasedir_path` = :openbasedir_path,
`speciallogfile` = :speciallogfile,
`specialsettings` = :specialsettings,
`ssl_redirect` = :ssl_redirect,
`phpsettingid` = :phpsettingid,
`letsencrypt` = :letsencrypt,
`hsts` = :hsts,
`hsts_sub` = :hsts_sub,
`hsts_preload` = :hsts_preload"
);
$params = array(
"customerid" => $userinfo['customerid'],
"domain" => $completedomain,
"documentroot" => $path,
"aliasdomain" => $aliasdomain != 0 ? $aliasdomain : null,
"parentdomainid" => $domain_check['id'],
"wwwserveralias" => $domain_check['wwwserveralias'] == '1' ? '1' : '0',
"iswildcarddomain" => $domain_check['iswildcarddomain'] == '1' ? '1' : '0',
"isemaildomain" => $domain_check['subcanemaildomain'] == '3' ? '1' : '0',
"openbasedir" => $domain_check['openbasedir'],
"openbasedir_path" => $openbasedir_path,
"phpenabled" => $domain_check['phpenabled'],
"speciallogfile" => $domain_check['speciallogfile'],
"specialsettings" => $domain_check['specialsettings'],
"ssl_redirect" => $ssl_redirect,
"phpsettingid" => $phpsid_result['phpsettingid'],
"letsencrypt" => $letsencrypt,
"hsts" => $hsts_maxage,
"hsts_sub" => $hsts_sub,
"hsts_preload" => $hsts_preload
);
Database::pexecute($stmt, $params);
if ($_doredirect) {
$did = Database::lastInsertId();
$redirect = isset($_POST['redirectcode']) ? (int)$_POST['redirectcode'] : Settings::Get('customredirect.default');
addRedirectToDomain($did, $redirect);
}
$stmt = Database::prepare("INSERT INTO `".TABLE_DOMAINTOIP."`
(`id_domain`, `id_ipandports`)
SELECT LAST_INSERT_ID(), `id_ipandports`
FROM `".TABLE_DOMAINTOIP."`
WHERE `id_domain` = :id_domain"
);
Database::pexecute($stmt, array("id_domain" => $domain_check['id']));
$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
SET `subdomains_used` = `subdomains_used` + 1
WHERE `customerid` = :customerid"
);
Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
$log->logAction(USR_ACTION, LOG_INFO, "added subdomain '" . $completedomain . "'");
inserttask('1');
// Using nameserver, insert a task which rebuilds the server config
inserttask('4');
redirectTo($filename, array('page' => $page, 's' => $s));
try {
SubDomains::getLocal($userinfo, $_POST)->add();
} catch (Exception $e) {
dynamic_error($e->getMessage());
}
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
$stmt = Database::prepare("SELECT `id`, `domain`, `documentroot`, `ssl_redirect`,`isemaildomain`,`letsencrypt` FROM `" . TABLE_PANEL_DOMAINS . "`
WHERE `customerid` = :customerid