maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

convert validate/check functions

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2018-12-20 21:00:39 +01:00
parent 5888927239
commit b0df4e46d6
39 changed files with 952 additions and 1355 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
admin_configfiles.php
View File

@@ -46,7 +46,7 @@ if ($userinfo['change_serversettings'] == '1') {
$nameservers = explode(',', Settings::Get('system.nameservers'));
foreach ($nameservers as $nameserver) {
$nameserver = trim($nameserver);
$nameserver_ips = gethostbynamel6($nameserver);
$nameserver_ips = \Froxlor\PhpHelper::gethostbynamel6($nameserver);
if (is_array($nameserver_ips) && count($nameserver_ips) > 0) {
$ns_ips .= implode(",", $nameserver_ips);
}

4
admin_traffic.php
View File

@@ -114,7 +114,7 @@ if ($page == 'overview' || $page == 'customers') {
Database::pexecute($traffic_list_stmt, array('year' => (date("Y")-$years), 'id' => $customer_name['customerid']));
while ($traffic_month = $traffic_list_stmt->fetch(PDO::FETCH_ASSOC)) {
$virtual_host[$months[(int)$traffic_month['month']]] = size_readable($traffic_month['traffic'], 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
$virtual_host[$months[(int)$traffic_month['month']]] = \Froxlor\PhpHelper::size_readable($traffic_month['traffic'], 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
$totals[$months[(int)$traffic_month['month']]] += $traffic_month['traffic'];
}
eval("\$domain_list .= sprintf(\"%s\", \"" . getTemplate("traffic/index_table_row") . "\");");
@@ -124,7 +124,7 @@ if ($page == 'overview' || $page == 'customers') {
'name' => $lng['traffic']['months']['total'],
);
foreach ($totals as $month => $bytes) {
$virtual_host[$month] = ($bytes == 0 ? '-' : size_readable($bytes, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s'));
$virtual_host[$month] = ($bytes == 0 ? '-' : \Froxlor\PhpHelper::size_readable($bytes, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s'));
}
$customerview = 0;
eval("\$total_list = sprintf(\"%s\", \"" . getTemplate("traffic/index_table_row") . "\");");

4
customer_email.php
View File

@@ -118,7 +118,7 @@ if ($page == 'overview') {
$row['destination'] = substr($row['destination'], 0, 32) . '... (' . $destinations_count . ')';
}
$row['mboxsize'] = size_readable($row['mboxsize'], 'GiB', 'bi', '%01.' . (int)Settings::Get('panel.decimal_places') . 'f %s');
$row['mboxsize'] = \Froxlor\PhpHelper::size_readable($row['mboxsize'], 'GiB', 'bi', '%01.' . (int)Settings::Get('panel.decimal_places') . 'f %s');
$row = htmlentities_array($row);
eval("\$accounts.=\"" . getTemplate("email/emails_email") . "\";");
@@ -294,7 +294,7 @@ if ($page == 'overview') {
redirectTo($filename, array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
} else {
if (checkMailAccDeletionState($result['email_full'])) {
if (\Froxlor\Validate\Validate::checkMailAccDeletionState($result['email_full'])) {
standard_error(array('mailaccistobedeleted'), $result['email_full']);
}

2
customer_mysql.php
View File

@@ -85,7 +85,7 @@ if ($page == 'overview') {
);
Database::pexecute($mbdata_stmt, array("table_schema" => $row['databasename']));
$mbdata = $mbdata_stmt->fetch(PDO::FETCH_ASSOC);
$row['size'] = size_readable($mbdata['MB'], 'GiB', 'bi', '%01.' . (int)Settings::Get('panel.decimal_places') . 'f %s');
$row['size'] = \Froxlor\PhpHelper::size_readable($mbdata['MB'], 'GiB', 'bi', '%01.' . (int)Settings::Get('panel.decimal_places') . 'f %s');
eval("\$mysqls.=\"" . getTemplate('mysql/mysqls_database') . "\";");
$count++;
}

12
customer_traffic.php
View File

@@ -109,9 +109,9 @@ if (!is_null($month) && !is_null($year)) {
$show = $lng['traffic']['months'][intval($row['month'])] . ' ' . $row['year'];
}
$traffic_complete['http'] = size_readable($traffic_complete['http'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
$traffic_complete['ftp'] = size_readable($traffic_complete['ftp'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
$traffic_complete['mail'] = size_readable($traffic_complete['mail'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
$traffic_complete['http'] = \Froxlor\PhpHelper::size_readable($traffic_complete['http'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
$traffic_complete['ftp'] = \Froxlor\PhpHelper::size_readable($traffic_complete['ftp'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
$traffic_complete['mail'] = \Froxlor\PhpHelper::size_readable($traffic_complete['mail'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
eval("echo \"" . getTemplate('traffic/traffic_details') . "\";");
} else {
@@ -160,9 +160,9 @@ if (!is_null($month) && !is_null($year)) {
eval("\$traffic.=\"" . getTemplate('traffic/traffic_traffic') . "\";");
}
$traffic_complete['http'] = size_readable($traffic_complete['http'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
$traffic_complete['ftp'] = size_readable($traffic_complete['ftp'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
$traffic_complete['mail'] = size_readable($traffic_complete['mail'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
$traffic_complete['http'] = \Froxlor\PhpHelper::size_readable($traffic_complete['http'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
$traffic_complete['ftp'] = \Froxlor\PhpHelper::size_readable($traffic_complete['ftp'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
$traffic_complete['mail'] = \Froxlor\PhpHelper::size_readable($traffic_complete['mail'] * 1024, 'GiB', 'bi', '%01.'.(int)Settings::Get('panel.decimal_places').'f %s');
eval("echo \"" . getTemplate('traffic/traffic') . "\";");
}

2
install/updates/froxlor/0.9/update_0.9.inc.php
View File

@@ -297,7 +297,7 @@ if (\Froxlor\Froxlor::isFroxlorVersion('0.9.1')) {
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
if (isset($result['latestguid']) && (int) $result['latestguid'] > 0 && $result['latestguid'] != Settings::Get('system.lastguid')) {
checkLastGuid();
\Froxlor\System\Cronjob::checkLastGuid();
lastStepStatus(1, 'fixed');
} else {
lastStepStatus(0);

2
install/updatesql.php
View File

@@ -44,7 +44,7 @@ if (\Froxlor\Froxlor::isFroxlor()) {
// Check Froxlor - database integrity (only happens after all updates are done, so we know the db-layout is okay)
showUpdateStep("Checking database integrity");
$integrity = new IntegrityCheck();
$integrity = new \Froxlor\Database\IntegrityCheck();
if (! $integrity->checkAll()) {
lastStepStatus(1, 'Monkeys ate the integrity');
showUpdateStep("Trying to remove monkeys, feeding bananas");

2
lib/Froxlor/Api/Commands/EmailAccounts.php
View File

@@ -91,7 +91,7 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
throw new \Exception("Email address '" . $email_full . "' has already an account assigned.", 406);
}
if (checkMailAccDeletionState($email_full)) {
if (\Froxlor\Validate\Validate::checkMailAccDeletionState($email_full)) {
standard_error(array(
'mailaccistobedeleted'
), $email_full, true);

2
lib/Froxlor/Cli/Action/ConfigServicesAction.php
View File

@@ -321,7 +321,7 @@ class ConfigServicesAction extends \Froxlor\Cli\Action
$nameservers = explode(',', Settings::Get('system.nameservers'));
foreach ($nameservers as $nameserver) {
$nameserver = trim($nameserver);
$nameserver_ips = gethostbynamel6($nameserver);
$nameserver_ips = \Froxlor\PhpHelper::gethostbynamel6($nameserver);
if (is_array($nameserver_ips) && count($nameserver_ips) > 0) {
$ns_ips .= implode(",", $nameserver_ips);
}

4
lib/Froxlor/Cron/Dns/DnsBase.php
View File

@@ -47,14 +47,14 @@ abstract class DnsBase
$nameserver = trim($nameserver);
// DNS servers might be multi homed; allow transfer from all ip
// addresses of the DNS server
$nameserver_ips = gethostbynamel6($nameserver);
$nameserver_ips = \Froxlor\PhpHelper::gethostbynamel6($nameserver);
// append dot to hostname
if (substr($nameserver, - 1, 1) != '.') {
$nameserver .= '.';
}
// ignore invalid responses
if (! is_array($nameserver_ips)) {
// act like gethostbynamel6() and return unmodified hostname on error
// act like \Froxlor\PhpHelper::gethostbynamel6() and return unmodified hostname on error
$nameserver_ips = array(
$nameserver
);

2
lib/Froxlor/Cron/MasterCron.php
View File

@@ -116,7 +116,7 @@ class MasterCron extends \Froxlor\Cron\FroxlorCron
* so users in the database don't conflict with system users
*/
$cronlog->logAction(CRON_ACTION, LOG_NOTICE, 'Checking system\'s last guid');
checkLastGuid();
\Froxlor\System\Cronjob::checkLastGuid();
// shutdown cron
include_once \Froxlor\Froxlor::getInstallDir() . '/lib/cron_shutdown.php';

42
lib/Froxlor/Domain/Domain.php
View File

@@ -120,4 +120,46 @@ class Domain
));
}
}
/**
* checks give path for security issues
* and returns a string that can be appended
* to a line for a open_basedir directive
*
* @param string $path
* the path to check and append
* @param boolean $first
* if true, no ':' will be prefixed to the path
*
* @return string
*/
public static function appendOpenBasedirPath($path = '', $first = false)
{
if ($path != '' && $path != '/' && (! preg_match("#^/dev#i", $path) || preg_match("#^/dev/urandom#i", $path)) && ! preg_match("#^/proc#i", $path) && ! preg_match("#^/etc#i", $path) && ! preg_match("#^/sys#i", $path) && ! preg_match("#:#", $path)) {
if (preg_match("#^/dev/urandom#i", $path)) {
$path = \Froxlor\FileDir::makeCorrectFile($path);
} else {
$path = \Froxlor\FileDir::makeCorrectDir($path);
}
// check for php-version that requires the trailing
// slash to be removed as it does not allow the usage
// of the subfolders within the given folder, fixes #797
if ((PHP_MINOR_VERSION == 2 && PHP_VERSION_ID >= 50216) || PHP_VERSION_ID >= 50304) {
// check trailing slash
if (substr($path, - 1, 1) == '/') {
// remove it
$path = substr($path, 0, - 1);
}
}
if ($first) {
return $path;
}
return ':' . $path;
}
return '';
}
}

29
lib/Froxlor/FileDir.php
View File

@@ -131,6 +131,35 @@ class FileDir
return false;
}
/**
* checks a directory against disallowed paths which could
* lead to a damaged system if you use them
*
* @param string $fieldname
* @param array $fielddata
* @param mixed $newfieldvalue
*
* @return boolean|array
*/
public static function checkDisallowedPaths($path = null) {
/*
* disallow base-directories and /
*/
$disallowed_values = array(
"/", "/bin/", "/boot/", "/dev/", "/etc/", "/home/", "/lib/", "/lib32/", "/lib64/",
"/opt/", "/proc/", "/root/", "/run/", "/sbin/", "/sys/", "/tmp/", "/usr/", "/var/"
);
$path = self::makeCorrectDir($path);
// check if it's a disallowed path
if (in_array($path, $disallowed_values)) {
return false;
}
return true;
}
/**
* store the default index-file in a given destination folder
*

80
lib/Froxlor/System/Cronjob.php
View File

@@ -7,6 +7,86 @@ use Froxlor\Database\Database;
class Cronjob
{
/**
* Function checkLastGuid
*
* Checks if the system's last guid is not higher than the one saved
* in froxlor's database. If it's higher, froxlor needs to
* set its last guid to this one to avoid conflicts with libnss-users
*
* @return null
*/
public static function checkLastGuid()
{
$mylog = \Froxlor\FroxlorLogger::getInstanceOf();
$group_lines = array();
$group_guids = array();
$update_to_guid = 0;
$froxlor_guid = 0;
$result_stmt = Database::query("SELECT MAX(`guid`) as `fguid` FROM `" . TABLE_PANEL_CUSTOMERS . "`");
$result = $result_stmt->fetch(\PDO::FETCH_ASSOC);
$froxlor_guid = $result['fguid'];
// possibly no customers yet or f*cked up lastguid settings
if ($froxlor_guid < Settings::Get('system.lastguid')) {
$froxlor_guid = Settings::Get('system.lastguid');
}
$g_file = '/etc/group';
if (file_exists($g_file)) {
if (is_readable($g_file)) {
if (true == ($groups = file_get_contents($g_file))) {
$group_lines = explode("\n", $groups);
foreach ($group_lines as $group) {
$group_guids[] = explode(":", $group);
}
foreach ($group_guids as $group) {
/**
* nogroup | nobody have very high guids
* ignore them
*/
if ($group[0] == 'nogroup' || $group[0] == 'nobody') {
continue;
}
$guid = isset($group[2]) ? (int) $group[2] : 0;
if ($guid > $update_to_guid) {
$update_to_guid = $guid;
}
}
// if it's lower, then froxlor's highest guid is the last
if ($update_to_guid < $froxlor_guid) {
$update_to_guid = $froxlor_guid;
} elseif ($update_to_guid == $froxlor_guid) {
// if it's equal, that means we already have a collision
// to ensure it won't happen again, increase the guid by one
$update_to_guid = (int) $update_to_guid ++;
}
// now check if it differs from our settings
if ($update_to_guid != Settings::Get('system.lastguid')) {
$mylog->logAction(CRON_ACTION, LOG_NOTICE, 'Updating froxlor last guid to ' . $update_to_guid);
Settings::Set('system.lastguid', $update_to_guid);
}
} else {
$mylog->logAction(CRON_ACTION, LOG_NOTICE, 'File /etc/group not readable; cannot check for latest guid');
}
} else {
$mylog->logAction(CRON_ACTION, LOG_NOTICE, 'File /etc/group not readable; cannot check for latest guid');
}
} else {
$mylog->logAction(CRON_ACTION, LOG_NOTICE, 'File /etc/group does not exist; cannot check for latest guid');
}
}
/**
* Inserts a task into the PANEL_TASKS-Table
*

147
lib/Froxlor/System/Crypt.php
View File

@@ -137,4 +137,151 @@ class Crypt
return $available_pwdhashes;
}
/**
* Function validatePassword
*
* if password-min-length is set in settings
* we check against the length, if not matched
* an error message will be output and 'exit' is called
*
* @param string $password the password to validate
*
* @return string either the password or an errormessage+exit
*/
public static function validatePassword($password = null, $json_response = false) {
if (Settings::Get('panel.password_min_length') > 0) {
$password = validate(
$password,
Settings::Get('panel.password_min_length'),
'/^.{'.(int)Settings::Get('panel.password_min_length').',}$/D',
'notrequiredpasswordlength',
array(),
$json_response
);
}
if (Settings::Get('panel.password_regex') != '') {
$password = validate(
$password,
Settings::Get('panel.password_regex'),
Settings::Get('panel.password_regex'),
'notrequiredpasswordcomplexity',
array(),
$json_response
);
} else {
if (Settings::Get('panel.password_alpha_lower')) {
$password = validate(
$password,
'/.*[a-z]+.*/',
'/.*[a-z]+.*/',
'notrequiredpasswordcomplexity',
array(),
$json_response
);
}
if (Settings::Get('panel.password_alpha_upper')) {
$password = validate(
$password,
'/.*[A-Z]+.*/',
'/.*[A-Z]+.*/',
'notrequiredpasswordcomplexity',
array(),
$json_response
);
}
if (Settings::Get('panel.password_numeric')) {
$password = validate(
$password,
'/.*[0-9]+.*/',
'/.*[0-9]+.*/',
'notrequiredpasswordcomplexity',
array(),
$json_response
);
}
if (Settings::Get('panel.password_special_char_required')) {
$password = validate(
$password,
'/.*[' . preg_quote(Settings::Get('panel.password_special_char')) . ']+.*/',
'/.*[' . preg_quote(Settings::Get('panel.password_special_char')) . ']+.*/',
'notrequiredpasswordcomplexity',
array(),
$json_response
);
}
}
return $password;
}
/**
* Function validatePasswordLogin
*
* compare user password-hash with given user-password
* and check if they are the same
* additionally it updates the hash if the system settings changed
* or if the very old md5() sum is used
*
* @param array $userinfo user-data from table
* @param string $password the password to validate
* @param string $table either panel_customers or panel_admins
* @param string $uid user-id-field in $table
*
* @return boolean
*/
public static function validatePasswordLogin($userinfo = null, $password = null, $table = 'panel_customers', $uid = 'customerid') {
$systype = 3; // SHA256
if (Settings::Get('system.passwordcryptfunc') !== null) {
$systype = (int)Settings::Get('system.passwordcryptfunc');
}
$pwd_hash = $userinfo['password'];
$update_hash = false;
// check for good'ole md5
if (strlen($pwd_hash) == 32 && ctype_xdigit($pwd_hash)) {
$pwd_check = md5($password);
$update_hash = true;
} else {
// cut out the salt from the hash
$pwd_salt = str_replace(substr(strrchr($pwd_hash, "$"), 1), "", $pwd_hash);
// create same hash to compare
$pwd_check = crypt($password, $pwd_salt);
// check whether the hash needs to be updated
$hash_type_chk = substr($pwd_hash, 0, 3);
if (($systype == 1 && $hash_type_chk != '$1$') || // MD5
($systype == 2 && $hash_type_chk != '$2$') || // BLOWFISH
($systype == 3 && $hash_type_chk != '$5$') || // SHA256
($systype == 4 && $hash_type_chk != '$6$') // SHA512
) {
$update_hash = true;
}
}
if ($pwd_hash == $pwd_check) {
// check for update of hash (only if our database is ready to handle the bigger string)
$is_ready = (version_compare2("0.9.33", \Froxlor\Froxlor::getVersion()) <= 0 ? true : false);
if ($update_hash && $is_ready) {
$upd_stmt = \Froxlor\Database\Database::prepare("
UPDATE " . $table . " SET `password` = :newpasswd WHERE `" . $uid . "` = :uid
");
$params = array (
'newpasswd' => self::makeCryptPassword($password),
'uid' => $userinfo[$uid]
);
\Froxlor\Database\Database::pexecute($upd_stmt, $params);
}
return true;
}
return false;
}
}

186
lib/Froxlor/Validate/Form/String.php Normal file
View File

@@ -0,0 +1,186 @@
<?php
namespace Froxlor\Validate\Form;
class String
{
public static function validateFormFieldString($fieldname, $fielddata, $newfieldvalue)
{
if (isset($fielddata['string_delimiter']) && $fielddata['string_delimiter'] != '') {
$newfieldvalues = array_map('trim', explode($fielddata['string_delimiter'], $newfieldvalue));
unset($fielddata['string_delimiter']);
$returnvalue = true;
foreach ($newfieldvalues as $single_newfieldvalue) {
/**
* don't use tabs in value-fields, #81
*/
$single_newfieldvalue = str_replace("\t", " ", $single_newfieldvalue);
$single_returnvalue = self::validateFormFieldString($fieldname, $fielddata, $single_newfieldvalue);
if ($single_returnvalue !== true) {
$returnvalue = $single_returnvalue;
break;
}
}
} else {
$returnvalue = false;
/**
* don't use tabs in value-fields, #81
*/
$newfieldvalue = str_replace("\t", " ", $newfieldvalue);
if (isset($fielddata['string_type']) && $fielddata['string_type'] == 'mail') {
$returnvalue = (filter_var($newfieldvalue, FILTER_VALIDATE_EMAIL) == $newfieldvalue);
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'url') {
$returnvalue = self::validateUrl($newfieldvalue);
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'dir') {
// check for empty value (it might be allowed)
if (trim($newfieldvalue) == '') {
$newfieldvalue = '';
$returnvalue = 'stringmustntbeempty';
} else {
// add trailing slash to validate path if needed
// refs #331
if (substr($newfieldvalue, - 1) != '/') {
$newfieldvalue .= '/';
}
$returnvalue = ($newfieldvalue == \Froxlor\FileDir::makeCorrectDir($newfieldvalue));
}
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'confdir') {
// check for empty value (it might be allowed)
if (trim($newfieldvalue) == '') {
$newfieldvalue = '';
$returnvalue = 'stringmustntbeempty';
} else {
// add trailing slash to validate path if needed
// refs #331
if (substr($newfieldvalue, - 1) != '/') {
$newfieldvalue .= '/';
}
// if this is a configuration directory, check for stupidity of admins :p
if (\Froxlor\FileDir::checkDisallowedPaths($newfieldvalue) !== true) {
$newfieldvalue = '';
$returnvalue = 'givendirnotallowed';
} else {
$returnvalue = ($newfieldvalue == \Froxlor\FileDir::makeCorrectDir($newfieldvalue));
}
}
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'file') {
// check for empty value (it might be allowed)
if (trim($newfieldvalue) == '') {
$newfieldvalue = '';
$returnvalue = 'stringmustntbeempty';
} else {
$returnvalue = ($newfieldvalue == \Froxlor\FileDir::makeCorrectFile($newfieldvalue));
}
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'filedir') {
// check for empty value (it might be allowed)
if (trim($newfieldvalue) == '') {
$newfieldvalue = '';
$returnvalue = 'stringmustntbeempty';
} else {
$returnvalue = (($newfieldvalue == \Froxlor\FileDir::makeCorrectDir($newfieldvalue)) || ($newfieldvalue == \Froxlor\FileDir::makeCorrectFile($newfieldvalue)));
}
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'validate_ip') {
// check for empty value (it might be allowed)
if (trim($newfieldvalue) == '') {
$newfieldvalue = '';
$returnvalue = 'stringmustntbeempty';
} else {
$newfieldvalue = \Froxlor\Validate\Validate::validate_ip2($newfieldvalue, true);
$returnvalue = ($newfieldvalue !== false ? true : 'invalidip');
}
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'validate_ip_incl_private') {
// check for empty value (it might be allowed)
if (trim($newfieldvalue) == '') {
$newfieldvalue = '';
$returnvalue = 'stringmustntbeempty';
} else {
$newfieldvalue = \Froxlor\Validate\Validate::validate_ip2($newfieldvalue, true, 'invalidip', true, true, true);
$returnvalue = ($newfieldvalue !== false ? true : 'invalidip');
}
} elseif (preg_match('/^[^\r\n\t\f\0]*$/D', $newfieldvalue)) {
$returnvalue = true;
}
if (isset($fielddata['string_regexp']) && $fielddata['string_regexp'] != '') {
if (preg_match($fielddata['string_regexp'], $newfieldvalue)) {
$returnvalue = true;
} else {
$returnvalue = false;
}
}
if (isset($fielddata['string_emptyallowed']) && $fielddata['string_emptyallowed'] === true && $newfieldvalue === '') {
$returnvalue = true;
} elseif (isset($fielddata['string_emptyallowed']) && $fielddata['string_emptyallowed'] === false && $newfieldvalue === '') {
$returnvalue = 'stringmustntbeempty';
}
}
if ($returnvalue === true) {
return true;
} elseif ($returnvalue === false) {
return 'stringformaterror';
} else {
return $returnvalue;
}
}
/**
* Returns whether a URL is in a correct format or not
*
* @param string $url
* URL to be tested
* @return bool
* @author Christian Hoffmann
* @author Froxlor team <team@froxlor.org> (2010-)
*
*/
public static function validateUrl($url)
{
if (strtolower(substr($url, 0, 7)) != "http://" && strtolower(substr($url, 0, 8)) != "https://") {
$url = 'http://' . $url;
}
// needs converting
try {
$idna_convert = new \Froxlor\Idna\IdnaWrapper();
$url = $idna_convert->encode($url);
} catch (\Exception $e) {
return false;
}
$pattern = "/^https?:\/\/[a-zA-Z0-9\-\.]+\.[a-zA-Z]{2,4}(\:[0-9]+)?\/?(.+)?$/i";
if (preg_match($pattern, $url)) {
return true;
}
// not an fqdn
if (strtolower(substr($url, 0, 7)) == "http://" || strtolower(substr($url, 0, 8)) == "https://") {
if (strtolower(substr($url, 0, 7)) == "http://") {
$ip = strtolower(substr($url, 7));
}
if (strtolower(substr($url, 0, 8)) == "https://") {
$ip = strtolower(substr($url, 8));
}
$ip = substr($ip, 0, strpos($ip, '/'));
// possible : in IP (when a port is given), #1173
// but only if there actually IS ONE
if (strpos($ip, ':') !== false) {
$ip = substr($ip, 0, strpos($ip, ':'));
}
if (validate_ip($ip, true) !== false) {
return true;
} else {
return false;
}
} else {
return false;
}
}
}

449
lib/Froxlor/Validate/Validate.php Normal file
View File

@@ -0,0 +1,449 @@
<?php
namespace Froxlor\Validate;
use Froxlor\Settings;
class Validate
{
/**
* Validates the given string by matching against the pattern, prints an error on failure and exits
*
* @param string $str
* the string to be tested (user input)
* @param
* string the $fieldname to be used in error messages
* @param string $pattern
* the regular expression to be used for testing
* @param
* string language id for the error
* @return string the clean string
*
* If the default pattern is used and the string does not match, we try to replace the
* 'bad' values and log the action.
*
*/
public static function validate($str, $fieldname, $pattern = '', $lng = '', $emptydefault = array(), $throw_exception = false)
{
global $log;
if (! is_array($emptydefault)) {
$emptydefault_array = array(
$emptydefault
);
unset($emptydefault);
$emptydefault = $emptydefault_array;
unset($emptydefault_array);
}
// Check if the $str is one of the values which represent the default for an 'empty' value
if (is_array($emptydefault) && ! empty($emptydefault) && in_array($str, $emptydefault) && isset($emptydefault[0])) {
return $emptydefault[0];
}
if ($pattern == '') {
$pattern = '/^[^\r\n\t\f\0]*$/D';
if (! preg_match($pattern, $str)) {
// Allows letters a-z, digits, space (\\040), hyphen (\\-), underscore (\\_) and backslash (\\\\),
// everything else is removed from the string.
$allowed = "/[^a-z0-9\\040\\.\\-\\_\\\\]/i";
$str = preg_replace($allowed, "", $str);
$log->logAction(USR_ACTION, LOG_WARNING, "cleaned bad formatted string (" . $str . ")");
}
}
if (preg_match($pattern, $str)) {
return $str;
}
if ($lng == '') {
$lng = 'stringformaterror';
}
standard_error($lng, $fieldname, $throw_exception);
exit();
}
/**
* Checks whether it is a valid ip
*
* @param string $ip
* ip-address to check
* @param bool $return_bool
* whether to return bool or call standard_error()
* @param string $lng
* index for error-message (if $return_bool is false)
* @param bool $allow_localhost
* whether to allow 127.0.0.1
* @param bool $allow_priv
* whether to allow private network addresses
* @param bool $allow_cidr
* whether to allow CIDR values e.g. 10.10.10.10/16
*
* @return string|bool ip address on success, false on failure
*/
public static function validate_ip2($ip, $return_bool = false, $lng = 'invalidip', $allow_localhost = false, $allow_priv = false, $allow_cidr = false, $throw_exception = false)
{
$cidr = "";
if ($allow_cidr) {
$org_ip = $ip;
$ip_cidr = explode("/", $ip);
if (count($ip_cidr) == 2) {
$ip = $ip_cidr[0];
$cidr = "/" . $ip_cidr[1];
} else {
$ip = $org_ip;
}
} elseif (strpos($ip, "/") !== false) {
if ($return_bool) {
return false;
} else {
standard_error($lng, $ip, $throw_exception);
exit();
}
}
$filter_lan = $allow_priv ? FILTER_FLAG_NO_RES_RANGE : (FILTER_FLAG_NO_RES_RANGE | FILTER_FLAG_NO_PRIV_RANGE);
if ((filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) || filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) && filter_var($ip, FILTER_VALIDATE_IP, $filter_lan)) {
return $ip . $cidr;
}
// special case where localhost ip is allowed (mysql-access-hosts for example)
if ($allow_localhost && $ip == '127.0.0.1') {
return $ip . $cidr;
}
if ($return_bool) {
return false;
} else {
standard_error($lng, $ip, $throw_exception);
exit();
}
}
/**
* Check if the submitted string is a valid domainname
*
* @param string $domainname
* The domainname which should be checked.
* @param bool $allow_underscore
* optional if true, allowes the underscore character in a domain label (DKIM etc.)
*
* @return string|boolean the domain-name if the domain is valid, false otherwise
*/
public static function validateDomain($domainname, $allow_underscore = false)
{
if (is_string($domainname)) {
$char_validation = '([a-z\d](-*[a-z\d])*)(\.?([a-z\d](-*[a-z\d])*))*\.([a-z\d])+';
if ($allow_underscore) {
$char_validation = '([a-z\d\_](-*[a-z\d\_])*)(\.([a-z\d\_](-*[a-z\d])*))*(\.?([a-z\d](-*[a-z\d])*))+\.([a-z\d])+';
}
if (preg_match("/^" . $char_validation . "$/i", $domainname) && // valid chars check
preg_match("/^.{1,253}$/", $domainname) && // overall length check
preg_match("/^[^\.]{1,63}(\.[^\.]{1,63})*$/", $domainname)) // length of each label
{
return $domainname;
}
}
return false;
}
public static function checkHostname($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues)
{
if (0 == strlen(trim($newfieldvalue)) || self::validateDomain($newfieldvalue) === false) {
return array(
FORMFIELDS_PLAUSIBILITY_CHECK_ERROR,
'invalidhostname'
);
} else {
return array(
FORMFIELDS_PLAUSIBILITY_CHECK_OK
);
}
}
/**
* validate a local-hostname by regex
*
* @param string $hostname
*
* @return string|boolean hostname on success, else false
*/
public static function validateLocalHostname($hostname)
{
$pattern = '/^([a-zA-Z0-9\-])+$/i';
if (preg_match($pattern, $hostname)) {
return $hostname;
}
return false;
}
/**
* check whether an email account is to be deleted
* reference: #1519
*
* @return bool true if the domain is to be deleted, false otherwise
*
*/
public static function checkMailAccDeletionState($email_addr = null)
{
// example data of task 7: a:2:{s:9:"loginname";s:4:"webX";s:5:"email";s:20:"deleteme@example.tld";}
// check for task
$result_tasks_stmt = \Froxlor\Database\Database::prepare("
SELECT * FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '7' AND `data` LIKE :emailaddr
");
\Froxlor\Database\Database::pexecute($result_tasks_stmt, array(
'emailaddr' => "%" . $email_addr . "%"
));
$num_results = \Froxlor\Database\Database::num_rows();
// is there a task for deleting this email account?
if ($num_results > 0) {
return true;
}
return false;
}
/**
* Returns if an emailaddress is in correct format or not
*
* @param string $email
* The email address to check
* @return bool Correct or not
*/
public static function validateEmail($email)
{
$email = strtolower($email);
return filter_var($email, FILTER_VALIDATE_EMAIL);
}
public static function checkUsername($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues)
{
if (! isset($allnewfieldvalues['customer_mysqlprefix'])) {
$allnewfieldvalues['customer_mysqlprefix'] = Settings::Get('customer.mysqlprefix');
}
$returnvalue = array();
if (validateUsername($newfieldvalue, Settings::Get('panel.unix_names'), 14 - strlen($allnewfieldvalues['customer_mysqlprefix'])) === true) {
$returnvalue = array(
FORMFIELDS_PLAUSIBILITY_CHECK_OK
);
} else {
$errmsg = 'accountprefixiswrong';
if ($fieldname == 'customer_mysqlprefix') {
$errmsg = 'mysqlprefixiswrong';
}
$returnvalue = array(
FORMFIELDS_PLAUSIBILITY_CHECK_ERROR,
$errmsg
);
}
return $returnvalue;
}
/**
* Returns if an username is in correct format or not.
*
* @param
* string The username to check
* @return bool Correct or not
* @author Michael Duergner <michael@duergner.com>
*
*/
public static function validateUsername($username, $unix_names = 1, $mysql_max = '')
{
if ($unix_names == 0) {
if (strpos($username, '--') === false) {
return (preg_match('/^[a-z][a-z0-9\-_]{0,' . (int) ($mysql_max - 1) . '}[a-z0-9]{1}$/Di', $username) != false);
} else {
return false;
}
} else {
return (preg_match('/^[a-z][a-z0-9]{0,' . $mysql_max . '}$/Di', $username) != false);
}
}
/**
* validates a given regex
*
* @param string $regex
* regex to validate
*
* @return boolean
*/
public static function checkValidRegEx($regex = null)
{
if ($regex == null || $regex == '') {
return true;
}
}
public static function checkPathConflicts($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues)
{
if ((int) Settings::Get('system.mod_fcgid') == 1) {
// fcgid-configdir has changed -> check against customer-doc-prefix
if ($fieldname == "system_mod_fcgid_configdir") {
$newdir = \Froxlor\FileDir::makeCorrectDir($newfieldvalue);
$cdir = \Froxlor\FileDir::makeCorrectDir(Settings::Get('system.documentroot_prefix'));
} // customer-doc-prefix has changed -> check against fcgid-configdir
elseif ($fieldname == "system_documentroot_prefix") {
$newdir = \Froxlor\FileDir::makeCorrectDir($newfieldvalue);
$cdir = \Froxlor\FileDir::makeCorrectDir(Settings::Get('system.mod_fcgid_configdir'));
}
// neither dir can be within the other nor can they be equal
if (substr($newdir, 0, strlen($cdir)) == $cdir || substr($cdir, 0, strlen($newdir)) == $newdir || $newdir == $cdir) {
$returnvalue = array(
FORMFIELDS_PLAUSIBILITY_CHECK_ERROR,
'fcgidpathcannotbeincustomerdoc'
);
} else {
$returnvalue = array(
FORMFIELDS_PLAUSIBILITY_CHECK_OK
);
}
} else {
$returnvalue = array(
FORMFIELDS_PLAUSIBILITY_CHECK_OK
);
}
return $returnvalue;
}
public static function checkPhpInterfaceSetting($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues)
{
$returnvalue = array(
FORMFIELDS_PLAUSIBILITY_CHECK_OK
);
if ((int) Settings::Get('system.mod_fcgid') == 1) {
// fcgid only works for apache and lighttpd
if (strtolower($newfieldvalue) != 'apache2' && strtolower($newfieldvalue) != 'lighttpd') {
$returnvalue = array(
FORMFIELDS_PLAUSIBILITY_CHECK_ERROR,
'fcgidstillenableddeadlock'
);
}
}
return $returnvalue;
}
public static function checkFcgidPhpFpm($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues)
{
$returnvalue = array(
FORMFIELDS_PLAUSIBILITY_CHECK_OK
);
$check_array = array(
'system_mod_fcgid_enabled' => array(
'other_post_field' => 'system_phpfpm_enabled',
'other_enabled' => 'phpfpm.enabled',
'other_enabled_lng' => 'phpfpmstillenabled',
'deactivate' => array(
'phpfpm.enabled_ownvhost' => 0
)
),
'system_phpfpm_enabled' => array(
'other_post_field' => 'system_mod_fcgid_enabled',
'other_enabled' => 'system.mod_fcgid',
'other_enabled_lng' => 'fcgidstillenabled',
'deactivate' => array(
'system.mod_fcgid_ownvhost' => 0
)
)
);
// interface is to be enabled
if ((int) $newfieldvalue == 1) {
// check for POST value of the other field == 1 (active)
if (isset($_POST[$check_array[$fieldname]['other_post_field']]) && (int) $_POST[$check_array[$fieldname]['other_post_field']] == 1) {
// the other interface is activated already and STAYS activated
if ((int) Settings::Get($check_array[$fieldname]['other_enabled']) == 1) {
$returnvalue = array(
FORMFIELDS_PLAUSIBILITY_CHECK_ERROR,
$check_array[$fieldname]['other_enabled_lng']
);
} else {
// fcgid is being validated before fpm -> "ask" fpm about its state
if ($fieldname == 'system_mod_fcgid_enabled') {
$returnvalue = checkFcgidPhpFpm('system_phpfpm_enabled', null, $check_array[$fieldname]['other_post_field'], null);
} else {
// not, bot are nogo
$returnvalue = $returnvalue = array(
FORMFIELDS_PLAUSIBILITY_CHECK_ERROR,
'fcgidandphpfpmnogoodtogether'
);
}
}
}
if (in_array(FORMFIELDS_PLAUSIBILITY_CHECK_OK, $returnvalue)) {
// be sure to deactivate the other one for the froxlor-vhost
// to avoid having a settings-deadlock
foreach ($check_array[$fieldname]['deactivate'] as $setting => $value) {
Settings::Set($setting, $value, true);
}
}
}
return $returnvalue;
}
public function checkMysqlAccessHost($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues)
{
$mysql_access_host_array = array_map('trim', explode(',', $newfieldvalue));
foreach ($mysql_access_host_array as $host_entry) {
if (self::validate_ip2($host_entry, true, 'invalidip', true, true) == false && self::validateDomain($host_entry) == false && self::validateLocalHostname($host_entry) == false && $host_entry != '%') {
return array(
FORMFIELDS_PLAUSIBILITY_CHECK_ERROR,
'invalidmysqlhost',
$host_entry
);
}
}
return array(
FORMFIELDS_PLAUSIBILITY_CHECK_OK
);
}
public static function validateSqlInterval($interval = null)
{
if (! $interval === null || $interval != '') {
if (strstr($interval, ' ') !== false) {
/*
* [0] = ([0-9]+)
* [1] = valid SQL-Interval expression
*/
$valid_expr = array(
'SECOND',
'MINUTE',
'HOUR',
'DAY',
'WEEK',
'MONTH',
'YEAR'
);
$interval_parts = explode(' ', $interval);
if (is_array($interval_parts) && isset($interval_parts[0]) && isset($interval_parts[1])) {
if (preg_match('/([0-9]+)/i', $interval_parts[0])) {
if (in_array(strtoupper($interval_parts[1]), $valid_expr)) {
return true;
}
}
}
}
}
return false;
}
}

156
lib/functions/formfields/string/function.validateFormFieldString.php
View File

@@ -1,156 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function validateFormFieldString($fieldname, $fielddata, $newfieldvalue)
{
if(isset($fielddata['string_delimiter']) && $fielddata['string_delimiter'] != '')
{
$newfieldvalues = array_map('trim', explode($fielddata['string_delimiter'], $newfieldvalue));
unset($fielddata['string_delimiter']);
$returnvalue = true;
foreach($newfieldvalues as $single_newfieldvalue)
{
/**
* don't use tabs in value-fields, #81
*/
$single_newfieldvalue = str_replace("\t", " ", $single_newfieldvalue);
$single_returnvalue = validateFormFieldString($fieldname, $fielddata, $single_newfieldvalue);
if($single_returnvalue !== true)
{
$returnvalue = $single_returnvalue;
break;
}
}
}
else
{
$returnvalue = false;
/**
* don't use tabs in value-fields, #81
*/
$newfieldvalue = str_replace("\t", " ", $newfieldvalue);
if (isset($fielddata['string_type']) && $fielddata['string_type'] == 'mail') {
$returnvalue = (filter_var($newfieldvalue, FILTER_VALIDATE_EMAIL) == $newfieldvalue);
}
elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'url') {
$returnvalue = validateUrl($newfieldvalue);
}
elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'dir') {
// check for empty value (it might be allowed)
if (trim($newfieldvalue) == '') {
$newfieldvalue = '';
$returnvalue = 'stringmustntbeempty';
} else {
// add trailing slash to validate path if needed
// refs #331
if (substr($newfieldvalue, -1) != '/') {
$newfieldvalue.= '/';
}
$returnvalue = ($newfieldvalue == \Froxlor\FileDir::makeCorrectDir($newfieldvalue));
}
}
elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'confdir') {
// check for empty value (it might be allowed)
if (trim($newfieldvalue) == '') {
$newfieldvalue = '';
$returnvalue = 'stringmustntbeempty';
} else {
// add trailing slash to validate path if needed
// refs #331
if (substr($newfieldvalue, -1) != '/') {
$newfieldvalue.= '/';
}
// if this is a configuration directory, check for stupidity of admins :p
if (checkDisallowedPaths($newfieldvalue) !== true) {
$newfieldvalue = '';
$returnvalue = 'givendirnotallowed';
} else {
$returnvalue = ($newfieldvalue == \Froxlor\FileDir::makeCorrectDir($newfieldvalue));
}
}
}
elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'file') {
// check for empty value (it might be allowed)
if (trim($newfieldvalue) == '') {
$newfieldvalue = '';
$returnvalue = 'stringmustntbeempty';
} else {
$returnvalue = ($newfieldvalue == \Froxlor\FileDir::makeCorrectFile($newfieldvalue));
}
}
elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'filedir') {
// check for empty value (it might be allowed)
if (trim($newfieldvalue) == '') {
$newfieldvalue = '';
$returnvalue = 'stringmustntbeempty';
} else {
$returnvalue = (($newfieldvalue == \Froxlor\FileDir::makeCorrectDir($newfieldvalue)) || ($newfieldvalue == \Froxlor\FileDir::makeCorrectFile($newfieldvalue)));
}
}
elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'validate_ip') {
// check for empty value (it might be allowed)
if (trim($newfieldvalue) == '') {
$newfieldvalue = '';
$returnvalue = 'stringmustntbeempty';
} else {
$newfieldvalue = validate_ip2($newfieldvalue, true);
$returnvalue = ($newfieldvalue !== false ? true : 'invalidip');
}
}
elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'validate_ip_incl_private') {
// check for empty value (it might be allowed)
if (trim($newfieldvalue) == '') {
$newfieldvalue = '';
$returnvalue = 'stringmustntbeempty';
} else {
$newfieldvalue = validate_ip2($newfieldvalue, true, 'invalidip', true, true, true);
$returnvalue = ($newfieldvalue !== false ? true : 'invalidip');
}
}
elseif (preg_match('/^[^\r\n\t\f\0]*$/D', $newfieldvalue)) {
$returnvalue = true;
}
if (isset($fielddata['string_regexp']) && $fielddata['string_regexp'] != '') {
if (preg_match($fielddata['string_regexp'], $newfieldvalue)) {
$returnvalue = true;
} else {
$returnvalue = false;
}
}
if (isset($fielddata['string_emptyallowed']) && $fielddata['string_emptyallowed'] === true && $newfieldvalue === '') {
$returnvalue = true;
} elseif (isset($fielddata['string_emptyallowed']) && $fielddata['string_emptyallowed'] === false && $newfieldvalue === '') {
$returnvalue = 'stringmustntbeempty';
}
}
if ($returnvalue === true) {
return true;
} elseif ($returnvalue === false) {
return 'stringformaterror';
} else {
return $returnvalue;
}
}

43
lib/functions/froxlor/function.checkMailAccDeletionState.php
View File

@@ -1,43 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2016 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
/**
* check whether an email account is to be deleted
* reference: #1519
*
* @return bool true if the domain is to be deleted, false otherwise
*
*/
function checkMailAccDeletionState($email_addr = null)
{
// example data of task 7: a:2:{s:9:"loginname";s:4:"webX";s:5:"email";s:20:"deleteme@example.tld";}
// check for task
$result_tasks_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '7' AND `data` LIKE :emailaddr
");
Database::pexecute($result_tasks_stmt, array(
'emailaddr' => "%" . $email_addr . "%"
));
$num_results = Database::num_rows();
// is there a task for deleting this email account?
if ($num_results > 0) {
return true;
}
return false;
}

107
lib/functions/system/function.checklastguid.php
View File

@@ -1,107 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
/**
* Function checkLastGuid
*
* Checks if the system's last guid is not higher than the one saved
* in froxlor's database. If it's higher, froxlor needs to
* set its last guid to this one to avoid conflicts with libnss-users
*
* @param int guid (from froxlor database)
*
* @return null
*/
function checkLastGuid() {
global $log, $cronlog;
$mylog = null;
if (isset($cronlog) && $cronlog instanceof FroxlorLogger) {
$mylog = $cronlog;
} else {
$mylog = $log;
}
$group_lines = array();
$group_guids = array();
$update_to_guid = 0;
$froxlor_guid = 0;
$result_stmt = Database::query("SELECT MAX(`guid`) as `fguid` FROM `".TABLE_PANEL_CUSTOMERS."`");
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
$froxlor_guid = $result['fguid'];
// possibly no customers yet or f*cked up lastguid settings
if ($froxlor_guid < Settings::Get('system.lastguid')) {
$froxlor_guid = Settings::Get('system.lastguid');
}
$g_file = '/etc/group';
if (file_exists($g_file)) {
if (is_readable($g_file)) {
if (true == ($groups = file_get_contents($g_file))) {
$group_lines = explode("\n", $groups);
foreach ($group_lines as $group) {
$group_guids[] = explode(":", $group);
}
foreach ($group_guids as $idx => $group) {
/**
* nogroup | nobody have very high guids
* ignore them
*/
if ($group[0] == 'nogroup'
|| $group[0] == 'nobody'
) {
continue;
}
$guid = isset($group[2]) ? (int)$group[2] : 0;
if ($guid > $update_to_guid) {
$update_to_guid = $guid;
}
}
// if it's lower, then froxlor's highest guid is the last
if ($update_to_guid < $froxlor_guid) {
$update_to_guid = $froxlor_guid;
} elseif ($update_to_guid == $froxlor_guid) {
// if it's equal, that means we already have a collision
// to ensure it won't happen again, increase the guid by one
$update_to_guid = (int)$update_to_guid++;
}
// now check if it differs from our settings
if ($update_to_guid != Settings::Get('system.lastguid')) {
$mylog->logAction(CRON_ACTION, LOG_NOTICE, 'Updating froxlor last guid to '.$update_to_guid);
Settings::Set('system.lastguid', $update_to_guid);
}
} else {
$mylog->logAction(CRON_ACTION, LOG_NOTICE, 'File /etc/group not readable; cannot check for latest guid');
}
} else {
$mylog->logAction(CRON_ACTION, LOG_NOTICE, 'File /etc/group not readable; cannot check for latest guid');
}
} else {
$cronlog->logAction(CRON_ACTION, LOG_NOTICE, 'File /etc/group does not exist; cannot check for latest guid');
}
}

17
lib/functions/system/function.randomStr.php
View File

@@ -1,17 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2016-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/

63
lib/functions/validate/function.appendOpenbasedirPath.php
View File

@@ -1,63 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
/**
* checks give path for security issues
* and returns a string that can be appended
* to a line for a open_basedir directive
*
* @param string $path
* the path to check and append
* @param boolean $first
* if true, no ':' will be prefixed to the path
*
* @return string
*/
function appendOpenBasedirPath($path = '', $first = false)
{
if ($path != '' && $path != '/' &&
(! preg_match("#^/dev#i", $path) || preg_match("#^/dev/urandom#i", $path))
&& ! preg_match("#^/proc#i", $path)
&& ! preg_match("#^/etc#i", $path)
&& ! preg_match("#^/sys#i", $path)
&& ! preg_match("#:#", $path)) {
if (preg_match("#^/dev/urandom#i", $path)) {
$path = \Froxlor\FileDir::makeCorrectFile($path);
} else {
$path = \Froxlor\FileDir::makeCorrectDir($path);
}
// check for php-version that requires the trailing
// slash to be removed as it does not allow the usage
// of the subfolders within the given folder, fixes #797
if ((PHP_MINOR_VERSION == 2 && PHP_VERSION_ID >= 50216) || PHP_VERSION_ID >= 50304) {
// check trailing slash
if (substr($path, - 1, 1) == '/') {
// remove it
$path = substr($path, 0, - 1);
}
}
if ($first) {
return $path;
}
return ':' . $path;
}
return '';
}

48
lib/functions/validate/function.checkDisallowedPaths.php
View File

@@ -1,48 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2013 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Michael Kaufmann <mkaufmann@nutime.de>
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
* @since 0.9.30
*
*/
/**
* checks a directory against disallowed paths which could
* lead to a damaged system if you use them
*
* @param string $fieldname
* @param array $fielddata
* @param mixed $newfieldvalue
*
* @return boolean|array
*/
function checkDisallowedPaths($path = null) {
/*
* disallow base-directories and /
*/
$disallowed_values = array(
"/", "/bin/", "/boot/", "/dev/", "/etc/", "/home/", "/lib/", "/lib32/", "/lib64/",
"/opt/", "/proc/", "/root/", "/run/", "/sbin/", "/sys/", "/tmp/", "/usr/", "/var/"
);
$path = \Froxlor\FileDir::makeCorrectDir($path);
// check if it's a disallowed path
if (in_array($path, $disallowed_values)) {
return false;
}
return true;
}

71
lib/functions/validate/function.checkFcgidPhpFpm.php
View File

@@ -1,71 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function checkFcgidPhpFpm($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues)
{
$returnvalue = array(
FORMFIELDS_PLAUSIBILITY_CHECK_OK
);
$check_array = array(
'system_mod_fcgid_enabled' => array(
'other_post_field' => 'system_phpfpm_enabled',
'other_enabled' => 'phpfpm.enabled',
'other_enabled_lng' => 'phpfpmstillenabled',
'deactivate' => array('phpfpm.enabled_ownvhost' => 0)
),
'system_phpfpm_enabled' => array(
'other_post_field' => 'system_mod_fcgid_enabled',
'other_enabled' => 'system.mod_fcgid',
'other_enabled_lng' => 'fcgidstillenabled',
'deactivate' => array('system.mod_fcgid_ownvhost' => 0)
)
);
// interface is to be enabled
if ((int) $newfieldvalue == 1) {
// check for POST value of the other field == 1 (active)
if (isset($_POST[$check_array[$fieldname]['other_post_field']]) && (int) $_POST[$check_array[$fieldname]['other_post_field']] == 1) {
// the other interface is activated already and STAYS activated
if ((int) Settings::Get($check_array[$fieldname]['other_enabled']) == 1) {
$returnvalue = array(
FORMFIELDS_PLAUSIBILITY_CHECK_ERROR,
$check_array[$fieldname]['other_enabled_lng']
);
} else {
// fcgid is being validated before fpm -> "ask" fpm about its state
if ($fieldname == 'system_mod_fcgid_enabled') {
$returnvalue = checkFcgidPhpFpm('system_phpfpm_enabled', null, $check_array[$fieldname]['other_post_field'], null);
} else {
// not, bot are nogo
$returnvalue = $returnvalue = array(
FORMFIELDS_PLAUSIBILITY_CHECK_ERROR,
'fcgidandphpfpmnogoodtogether'
);
}
}
}
if (in_array(FORMFIELDS_PLAUSIBILITY_CHECK_OK, $returnvalue)) {
// be sure to deactivate the other one for the froxlor-vhost
// to avoid having a settings-deadlock
foreach ($check_array[$fieldname]['deactivate'] as $setting => $value) {
Settings::Set($setting, $value, true);
}
}
}
return $returnvalue;
}

27
lib/functions/validate/function.checkHostname.php
View File

@@ -1,27 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function checkHostname($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues)
{
if (0 == strlen(trim($newfieldvalue))
|| validateDomain($newfieldvalue) === false
) {
return array(FORMFIELDS_PLAUSIBILITY_CHECK_ERROR, 'invalidhostname');
} else {
return array(FORMFIELDS_PLAUSIBILITY_CHECK_OK);
}
}

36
lib/functions/validate/function.checkMysqlAccessHost.php
View File

@@ -1,36 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function checkMysqlAccessHost($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues) {
$mysql_access_host_array = array_map('trim', explode(',', $newfieldvalue));
foreach ($mysql_access_host_array as $host_entry) {
if (validate_ip2($host_entry, true, 'invalidip', true, true) == false
&& validateDomain($host_entry) == false
&& validateLocalHostname($host_entry) == false
&& $host_entry != '%'
) {
return array(FORMFIELDS_PLAUSIBILITY_CHECK_ERROR, 'invalidmysqlhost', $host_entry);
}
}
return array(FORMFIELDS_PLAUSIBILITY_CHECK_OK);
}

46
lib/functions/validate/function.checkPathConflicts.php
View File

@@ -1,46 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function checkPathConflicts($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues) {
if((int)Settings::Get('system.mod_fcgid') == 1) {
// fcgid-configdir has changed -> check against customer-doc-prefix
if ($fieldname == "system_mod_fcgid_configdir") {
$newdir = \Froxlor\FileDir::makeCorrectDir($newfieldvalue);
$cdir = \Froxlor\FileDir::makeCorrectDir(Settings::Get('system.documentroot_prefix'));
}
// customer-doc-prefix has changed -> check against fcgid-configdir
elseif ($fieldname == "system_documentroot_prefix") {
$newdir = \Froxlor\FileDir::makeCorrectDir($newfieldvalue);
$cdir = \Froxlor\FileDir::makeCorrectDir(Settings::Get('system.mod_fcgid_configdir'));
}
// neither dir can be within the other nor can they be equal
if (substr($newdir, 0, strlen($cdir)) == $cdir
|| substr($cdir, 0, strlen($newdir)) == $newdir
|| $newdir == $cdir
) {
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_ERROR, 'fcgidpathcannotbeincustomerdoc');
} else {
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_OK);
}
} else {
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_OK);
}
return $returnvalue;
}

31
lib/functions/validate/function.checkPhpInterfaceSetting.php
View File

@@ -1,31 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2013 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Michael Kaufmann <d00p@froxlor.org>
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package AJAX
*
*/
function checkPhpInterfaceSetting($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues) {
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_OK);
if ((int)Settings::Get('system.mod_fcgid') == 1) {
// fcgid only works for apache and lighttpd
if (strtolower($newfieldvalue) != 'apache2' && strtolower($newfieldvalue) != 'lighttpd') {
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_ERROR, 'fcgidstillenableddeadlock');
}
}
return $returnvalue;
}

41
lib/functions/validate/function.checkUsername.php
View File

@@ -1,41 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function checkUsername($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues) {
if (!isset($allnewfieldvalues['customer_mysqlprefix'])) {
$allnewfieldvalues['customer_mysqlprefix'] = Settings::Get('customer.mysqlprefix');
}
$returnvalue = array();
if (validateUsername(
$newfieldvalue,
Settings::Get('panel.unix_names'),
14 - strlen($allnewfieldvalues['customer_mysqlprefix'])) === true
) {
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_OK);
} else {
$errmsg = 'accountprefixiswrong';
if ($fieldname == 'customer_mysqlprefix') {
$errmsg = 'mysqlprefixiswrong';
}
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_ERROR, $errmsg);
}
return $returnvalue;
}

32
lib/functions/validate/function.checkValidRegEx.php
View File

@@ -1,32 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
/**
* validates a given regex
*
* @param string $regex regex to validate
*
* @return boolean
*/
function checkValidRegEx($regex = null)
{
if($regex == null || $regex == '') {
return true;
}
}

79
lib/functions/validate/function.validate.php
View File

@@ -1,79 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
/**
* Validates the given string by matching against the pattern, prints an error on failure and exits
*
* @param string $str the string to be tested (user input)
* @param string the $fieldname to be used in error messages
* @param string $pattern the regular expression to be used for testing
* @param string language id for the error
* @return string the clean string
*
* If the default pattern is used and the string does not match, we try to replace the
* 'bad' values and log the action.
*
*/
function validate($str, $fieldname, $pattern = '', $lng = '', $emptydefault = array(), $throw_exception = false) {
global $log, $theme;
if (!is_array($emptydefault)) {
$emptydefault_array = array(
$emptydefault
);
unset($emptydefault);
$emptydefault = $emptydefault_array;
unset($emptydefault_array);
}
// Check if the $str is one of the values which represent the default for an 'empty' value
if (is_array($emptydefault)
&& !empty($emptydefault)
&& in_array($str, $emptydefault)
&& isset($emptydefault[0])
) {
return $emptydefault[0];
}
if ($pattern == '') {
$pattern = '/^[^\r\n\t\f\0]*$/D';
if (!preg_match($pattern, $str)) {
// Allows letters a-z, digits, space (\\040), hyphen (\\-), underscore (\\_) and backslash (\\\\),
// everything else is removed from the string.
$allowed = "/[^a-z0-9\\040\\.\\-\\_\\\\]/i";
$str = preg_replace($allowed, "", $str);
$log->logAction(USR_ACTION, LOG_WARNING, "cleaned bad formatted string (" . $str . ")");
}
}
if (preg_match($pattern, $str)) {
return $str;
}
if ($lng == '') {
$lng = 'stringformaterror';
}
standard_error($lng, $fieldname, $throw_exception);
exit;
}

60
lib/functions/validate/function.validateDomain.php
View File

@@ -1,60 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
/**
* Check if the submitted string is a valid domainname
*
* @param string $domainname
* The domainname which should be checked.
* @param bool $allow_underscore
* optional if true, allowes the underscore character in a domain label (DKIM etc.)
*
* @return string|boolean the domain-name if the domain is valid, false otherwise
*/
function validateDomain($domainname, $allow_underscore = false)
{
if (is_string($domainname)) {
$char_validation = '([a-z\d](-*[a-z\d])*)(\.?([a-z\d](-*[a-z\d])*))*\.([a-z\d])+';
if ($allow_underscore) {
$char_validation = '([a-z\d\_](-*[a-z\d\_])*)(\.([a-z\d\_](-*[a-z\d])*))*(\.?([a-z\d](-*[a-z\d])*))+\.([a-z\d])+';
}
if (preg_match("/^" . $char_validation . "$/i", $domainname) && // valid chars check
preg_match("/^.{1,253}$/", $domainname) && // overall length check
preg_match("/^[^\.]{1,63}(\.[^\.]{1,63})*$/", $domainname)) // length of each label
{
return $domainname;
}
}
return false;
}
/**
* validate a local-hostname by regex
*
* @param string $hostname
*
* @return string|boolean hostname on success, else false
*/
function validateLocalHostname($hostname)
{
$pattern = '/^([a-zA-Z0-9\-])+$/i';
if (preg_match($pattern, $hostname)) {
return $hostname;
}
return false;
}

34
lib/functions/validate/function.validateEmail.php
View File

@@ -1,34 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
/**
* Returns if an emailaddress is in correct format or not
*
* @param string The email address to check
* @return bool Correct or not
* @author Florian Lippert <flo@syscp.org>
*
* @changes Backported regex from SysCP 1.3 (lib/classes/Syscp/Handler/Validation.class.php)
*/
function validateEmail($email)
{
$email = strtolower($email);
return filter_var($email, FILTER_VALIDATE_EMAIL);
}

95
lib/functions/validate/function.validatePassword.php
View File

@@ -1,95 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
/**
* Function validatePassword
*
* if password-min-length is set in settings
* we check against the length, if not matched
* an error message will be output and 'exit' is called
*
* @param string $password the password to validate
*
* @return string either the password or an errormessage+exit
*/
function validatePassword($password = null, $json_response = false) {
if (Settings::Get('panel.password_min_length') > 0) {
$password = validate(
$password,
Settings::Get('panel.password_min_length'),
'/^.{'.(int)Settings::Get('panel.password_min_length').',}$/D',
'notrequiredpasswordlength',
array(),
$json_response
);
}
if (Settings::Get('panel.password_regex') != '') {
$password = validate(
$password,
Settings::Get('panel.password_regex'),
Settings::Get('panel.password_regex'),
'notrequiredpasswordcomplexity',
array(),
$json_response
);
} else {
if (Settings::Get('panel.password_alpha_lower')) {
$password = validate(
$password,
'/.*[a-z]+.*/',
'/.*[a-z]+.*/',
'notrequiredpasswordcomplexity',
array(),
$json_response
);
}
if (Settings::Get('panel.password_alpha_upper')) {
$password = validate(
$password,
'/.*[A-Z]+.*/',
'/.*[A-Z]+.*/',
'notrequiredpasswordcomplexity',
array(),
$json_response
);
}
if (Settings::Get('panel.password_numeric')) {
$password = validate(
$password,
'/.*[0-9]+.*/',
'/.*[0-9]+.*/',
'notrequiredpasswordcomplexity',
array(),
$json_response
);
}
if (Settings::Get('panel.password_special_char_required')) {
$password = validate(
$password,
'/.*[' . preg_quote(Settings::Get('panel.password_special_char')) . ']+.*/',
'/.*[' . preg_quote(Settings::Get('panel.password_special_char')) . ']+.*/',
'notrequiredpasswordcomplexity',
array(),
$json_response
);
}
}
return $password;
}

84
lib/functions/validate/function.validatePasswordLogin.php
View File

@@ -1,84 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
/**
* Function validatePasswordLogin
*
* compare user password-hash with given user-password
* and check if they are the same
* additionally it updates the hash if the system settings changed
* or if the very old md5() sum is used
*
* @param array $userinfo user-data from table
* @param string $password the password to validate
* @param string $table either panel_customers or panel_admins
* @param string $uid user-id-field in $table
*
* @return boolean
*/
function validatePasswordLogin($userinfo = null, $password = null, $table = 'panel_customers', $uid = 'customerid') {
global $version;
$systype = 3; // SHA256
if (Settings::Get('system.passwordcryptfunc') !== null) {
$systype = (int)Settings::Get('system.passwordcryptfunc');
}
$pwd_hash = $userinfo['password'];
$update_hash = false;
// check for good'ole md5
if (strlen($pwd_hash) == 32 && ctype_xdigit($pwd_hash)) {
$pwd_check = md5($password);
$update_hash = true;
} else {
// cut out the salt from the hash
$pwd_salt = str_replace(substr(strrchr($pwd_hash, "$"), 1), "", $pwd_hash);
// create same hash to compare
$pwd_check = crypt($password, $pwd_salt);
// check whether the hash needs to be updated
$hash_type_chk = substr($pwd_hash, 0, 3);
if (($systype == 1 && $hash_type_chk != '$1$') || // MD5
($systype == 2 && $hash_type_chk != '$2$') || // BLOWFISH
($systype == 3 && $hash_type_chk != '$5$') || // SHA256
($systype == 4 && $hash_type_chk != '$6$') // SHA512
) {
$update_hash = true;
}
}
if ($pwd_hash == $pwd_check) {
// check for update of hash (only if our database is ready to handle the bigger string)
$is_ready = (version_compare2("0.9.33", $version) <= 0 ? true : false);
if ($update_hash && $is_ready) {
$upd_stmt = Database::prepare("
UPDATE " . $table . " SET `password` = :newpasswd WHERE `" . $uid . "` = :uid
");
$params = array (
'newpasswd' => \Froxlor\System\Crypt::makeCryptPassword($password),
'uid' => $userinfo[$uid]
);
Database::pexecute($upd_stmt, $params);
}
return true;
}
return false;
}

55
lib/functions/validate/function.validateSqlInterval.php
View File

@@ -1,55 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function validateSqlInterval($interval = null)
{
if(!$interval === null || $interval != '')
{
if(strstr($interval, ' ') !== false)
{
/*
* [0] = ([0-9]+)
* [1] = valid SQL-Interval expression
*/
$valid_expr = array(
'SECOND',
'MINUTE',
'HOUR',
'DAY',
'WEEK',
'MONTH',
'YEAR'
);
$interval_parts = explode(' ', $interval);
if(is_array($interval_parts)
&& isset($interval_parts[0])
&& isset($interval_parts[1]))
{
if(preg_match('/([0-9]+)/i', $interval_parts[0]))
{
if(in_array(strtoupper($interval_parts[1]), $valid_expr))
{
return true;
}
}
}
}
}
return false;
}

74
lib/functions/validate/function.validateUrl.php
View File

@@ -1,74 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
/**
* Returns whether a URL is in a correct format or not
*
* @param
* string URL to be tested
* @return bool
* @author Christian Hoffmann
* @author Froxlor team <team@froxlor.org> (2010-)
*
*/
function validateUrl($url)
{
if (strtolower(substr($url, 0, 7)) != "http://" && strtolower(substr($url, 0, 8)) != "https://") {
$url = 'http://' . $url;
}
// needs converting
try {
$idna_convert = new idna_convert_wrapper();
$url = $idna_convert->encode($url);
} catch (Exception $e) {
return false;
}
$pattern = "/^https?:\/\/[a-zA-Z0-9\-\.]+\.[a-zA-Z]{2,4}(\:[0-9]+)?\/?(.+)?$/i";
if (preg_match($pattern, $url)) {
return true;
}
// not an fqdn
if (strtolower(substr($url, 0, 7)) == "http://" || strtolower(substr($url, 0, 8)) == "https://") {
if (strtolower(substr($url, 0, 7)) == "http://") {
$ip = strtolower(substr($url, 7));
}
if (strtolower(substr($url, 0, 8)) == "https://") {
$ip = strtolower(substr($url, 8));
}
$ip = substr($ip, 0, strpos($ip, '/'));
// possible : in IP (when a port is given), #1173
// but only if there actually IS ONE
if (strpos($ip, ':') !== false) {
$ip = substr($ip, 0, strpos($ip, ':'));
}
if (validate_ip($ip, true) !== false) {
return true;
} else {
return false;
}
} else {
return false;
}
}

40
lib/functions/validate/function.validateUsername.php
View File

@@ -1,40 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
/**
* Returns if an username is in correct format or not.
*
* @param string The username to check
* @return bool Correct or not
* @author Michael Duergner <michael@duergner.com>
*
*/
function validateUsername($username, $unix_names = 1, $mysql_max = '') {
if ($unix_names == 0) {
if (strpos($username, '--') === false) {
return (preg_match('/^[a-z][a-z0-9\-_]{0,' . (int)($mysql_max - 1) . '}[a-z0-9]{1}$/Di', $username) != false);
} else {
return false;
}
} else {
return (preg_match('/^[a-z][a-z0-9]{0,' . $mysql_max . '}$/Di', $username) != false);
}
}

97
lib/functions/validate/function.validate_ip.php
View File

@@ -1,97 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
/**
* Checks whether it is a valid ip
*
* @return mixed ip address on success, standard_error on failure
* @deprecated use validate_ip2
*/
function validate_ip($ip, $return_bool = false, $lng = 'invalidip', $throw_exception = false) {
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false
&& filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === false
&& filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE) === false
) {
if ($return_bool) {
return false;
} else {
standard_error($lng, $ip, $throw_exception);
exit();
}
} else {
return $ip;
}
}
/**
* Checks whether it is a valid ip
*
* @param string $ip ip-address to check
* @param bool $return_bool whether to return bool or call standard_error()
* @param string $lng index for error-message (if $return_bool is false)
* @param bool $allow_localhost whether to allow 127.0.0.1
* @param bool $allow_priv whether to allow private network addresses
* @param bool $allow_cidr whether to allow CIDR values e.g. 10.10.10.10/16
*
* @return string|bool ip address on success, false on failure
*/
function validate_ip2($ip, $return_bool = false, $lng = 'invalidip', $allow_localhost = false, $allow_priv = false, $allow_cidr = false, $throw_exception = false) {
$cidr = "";
if ($allow_cidr) {
$org_ip = $ip;
$ip_cidr = explode("/", $ip);
if (count($ip_cidr) == 2) {
$ip = $ip_cidr[0];
$cidr = "/".$ip_cidr[1];
} else {
$ip = $org_ip;
}
} elseif (strpos($ip, "/") !== false) {
if ($return_bool) {
return false;
} else {
standard_error($lng, $ip, $throw_exception);
exit();
}
}
$filter_lan = $allow_priv ? FILTER_FLAG_NO_RES_RANGE : (FILTER_FLAG_NO_RES_RANGE | FILTER_FLAG_NO_PRIV_RANGE);
if ((filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)
|| filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4))
&& filter_var($ip, FILTER_VALIDATE_IP, $filter_lan)
) {
return $ip.$cidr;
}
// special case where localhost ip is allowed (mysql-access-hosts for example)
if ($allow_localhost && $ip == '127.0.0.1') {
return $ip.$cidr;
}
if ($return_bool) {
return false;
} else {
standard_error($lng, $ip, $throw_exception);
exit();
}
}