maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

fix creating of ssl-redirect without ssl-ip/port, fixes #1303

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2013-11-21 08:01:43 +01:00
parent 254672f2dd
commit b8952259ba
6 changed files with 48 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
admin_domains.php
View File

@@ -544,6 +544,7 @@ if ($page == 'domains'
} }
} }
} else { } else {
$ssl_redirect = 0;
// we need this for the serialize // we need this for the serialize
// if ssl is disabled or no ssl-ip/port exists // if ssl is disabled or no ssl-ip/port exists
$ssl_ipandports[] = -1; $ssl_ipandports[] = -1;
@@ -1299,6 +1300,7 @@ if ($page == 'domains'
} }
} }
} else { } else {
$ssl_redirect = 0;
// we need this for the serialize // we need this for the serialize
// if ssl is disabled or no ssl-ip/port exists // if ssl is disabled or no ssl-ip/port exists
$ssl_ipandports[] = -1; $ssl_ipandports[] = -1;

49
customer_domains.php
View File

@@ -221,8 +221,7 @@ if($page == 'overview') {
AND `email_only` = '0' AND `email_only` = '0'
AND `caneditdomain` = '1'" AND `caneditdomain` = '1'"
); );
Database::pexecute($domain_stmt, array("domain" => $domain, "customerid" => $userinfo['customerid'])); $domain_check = Database::pexecute_first($domain_stmt, array("domain" => $domain, "customerid" => $userinfo['customerid']));
$domain_check = $domain_stmt->fetch(PDO::FETCH_ASSOC);
$completedomain = $subdomain . '.' . $domain; $completedomain = $subdomain . '.' . $domain;
$completedomain_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "` $completedomain_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "`
@@ -231,8 +230,7 @@ if($page == 'overview') {
AND `email_only` = '0' AND `email_only` = '0'
AND `caneditdomain` = '1'" AND `caneditdomain` = '1'"
); );
Database::pexecute($completedomain_stmt, array("domain" => $completedomain, "customerid" => $userinfo['customerid'])); $completedomain_check = Database::pexecute_first($completedomain_stmt, array("domain" => $completedomain, "customerid" => $userinfo['customerid']));
$completedomain_check = $completedomain_stmt->fetch(PDO::FETCH_ASSOC);
$aliasdomain = intval($_POST['alias']); $aliasdomain = intval($_POST['alias']);
$aliasdomain_check = array('id' => 0); $aliasdomain_check = array('id' => 0);
@@ -253,8 +251,7 @@ if($page == 'overview') {
GROUP BY `d`.`domain GROUP BY `d`.`domain
ORDER BY `d`.`domain` ASC;" ORDER BY `d`.`domain` ASC;"
); );
Database::pexecute($aliasdomain_stmt, array("id" => $aliasdomain, "customerid" => $userinfo['customerid'])); $aliasdomain_check = Database::pexecute_first($aliasdomain_stmt, array("id" => $aliasdomain, "customerid" => $userinfo['customerid']));
$aliasdomain_check = $aliasdomain_stmt->fetch(PDO::FETCH_ASSOC);
} }
if(isset($_POST['url']) && $_POST['url'] != '' && validateUrl($idna_convert->encode($_POST['url']))) { if(isset($_POST['url']) && $_POST['url'] != '' && validateUrl($idna_convert->encode($_POST['url']))) {
@@ -279,16 +276,20 @@ if($page == 'overview') {
$_doredirect = true; $_doredirect = true;
} }
if(isset($_POST['openbasedir_path']) && $_POST['openbasedir_path'] == '1') { $openbasedir_path = '0';
if (isset($_POST['openbasedir_path']) && $_POST['openbasedir_path'] == '1') {
$openbasedir_path = '1'; $openbasedir_path = '1';
} else {
$openbasedir_path = '0';
} }
if(isset($_POST['ssl_redirect']) && $_POST['ssl_redirect'] == '1') { $ssl_redirect = '0';
$ssl_redirect = '1'; if (isset($_POST['ssl_redirect']) && $_POST['ssl_redirect'] == '1') {
} else { // a ssl-redirect only works of there actually is a
$ssl_redirect = '0'; // ssl ip/port assigned to the domain
if (domainHasSslIpPort($domain_check['id']) == true) {
$ssl_redirect = '1';
} else {
standard_error('sslredirectonlypossiblewithsslipport');
}
} }
if($path == '') { if($path == '') {
@@ -374,7 +375,7 @@ if($page == 'overview') {
// Using nameserver, insert a task which rebuilds the server config // Using nameserver, insert a task which rebuilds the server config
inserttask('4'); inserttask('4');
redirectTo($filename, Array('page' => $page, 's' => $s)); redirectTo($filename, array('page' => $page, 's' => $s));
} }
} else { } else {
$stmt = Database::prepare("SELECT `id`, `domain`, `documentroot`, `ssl_redirect`,`isemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "` $stmt = Database::prepare("SELECT `id`, `domain`, `documentroot`, `ssl_redirect`,`isemaildomain` FROM `" . TABLE_PANEL_DOMAINS . "`
@@ -436,6 +437,7 @@ if($page == 'overview') {
} }
} }
} elseif($action == 'edit' && $id != 0) { } elseif($action == 'edit' && $id != 0) {
$stmt = Database::prepare("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`wwwserveralias`, `d`.`iswildcarddomain`, $stmt = Database::prepare("SELECT `d`.`id`, `d`.`customerid`, `d`.`domain`, `d`.`documentroot`, `d`.`isemaildomain`, `d`.`wwwserveralias`, `d`.`iswildcarddomain`,
`d`.`parentdomainid`, `d`.`ssl_redirect`, `d`.`aliasdomain`, `d`.`openbasedir`, `d`.`openbasedir_path`, `pd`.`subcanemaildomain` `d`.`parentdomainid`, `d`.`ssl_redirect`, `d`.`aliasdomain`, `d`.`openbasedir`, `d`.`openbasedir_path`, `pd`.`subcanemaildomain`
FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_DOMAINS . "` `pd` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_DOMAINS . "` `pd`
@@ -446,12 +448,10 @@ if($page == 'overview') {
OR (`d`.`parentdomainid`='0' OR (`d`.`parentdomainid`='0'
AND `pd`.`id` = `d`.`id`)) AND `pd`.`id` = `d`.`id`))
AND `d`.`caneditdomain`='1'"); AND `d`.`caneditdomain`='1'");
Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id)); $result = Database::pexecute_first($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
$result = $stmt->fetch(PDO::FETCH_ASSOC);
$alias_stmt = Database::prepare("SELECT COUNT(`id`) AS count FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `aliasdomain`= :aliasdomain"); $alias_stmt = Database::prepare("SELECT COUNT(`id`) AS count FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `aliasdomain`= :aliasdomain");
Database::pexecute($alias_stmt, array("aliasdomain" => $result['id'])); $alias_check = Database::pexecute_first($alias_stmt, array("aliasdomain" => $result['id']));
$alias_check = $alias_stmt->fetch(PDO::FETCH_ASSOC);
$alias_check = $alias_check['count']; $alias_check = $alias_check['count'];
$_doredirect = false; $_doredirect = false;
@@ -505,8 +505,7 @@ if($page == 'overview') {
AND `c`.`customerid`= :customerid AND `c`.`customerid`= :customerid
AND `d`.`id`= :id" AND `d`.`id`= :id"
); );
Database::pexecute($aliasdomain_stmt, array("customerid" => $result['customerid'], "id" => $aliasdomain)); $aliasdomain_check = Database::pexecute_first($aliasdomain_stmt, array("customerid" => $result['customerid'], "id" => $aliasdomain));
$aliasdomain_check = $aliasdomain_stmt->fetch(PDO::FETCH_ASSOC);
} }
if($aliasdomain_check['id'] != $aliasdomain) { if($aliasdomain_check['id'] != $aliasdomain) {
@@ -519,8 +518,14 @@ if($page == 'overview') {
$openbasedir_path = '0'; $openbasedir_path = '0';
} }
if(isset($_POST['ssl_redirect']) && $_POST['ssl_redirect'] == '1') { if (isset($_POST['ssl_redirect']) && $_POST['ssl_redirect'] == '1') {
$ssl_redirect = '1'; // a ssl-redirect only works of there actually is a
// ssl ip/port assigned to the domain
if (domainHasSslIpPort($id) == true) {
$ssl_redirect = '1';
} else {
standard_error('sslredirectonlypossiblewithsslipport');
}
} else { } else {
$ssl_redirect = '0'; $ssl_redirect = '0';
} }

3
lib/formfields/customer/domains/formfield.domains_add.php
View File

@@ -62,7 +62,8 @@ return array(
), ),
'ssl_redirect' => array( 'ssl_redirect' => array(
'visible' => ($settings['system']['use_ssl'] == '1' ? ($ssl_ipsandports != '' ? true : false) : false), 'visible' => ($settings['system']['use_ssl'] == '1' ? ($ssl_ipsandports != '' ? true : false) : false),
'label' => 'SSL Redirect', 'label' => $lng['domains']['ssl_redirect']['title'],
'desc' => $lng['domains']['ssl_redirect']['description'],
'type' => 'checkbox', 'type' => 'checkbox',
'values' => array( 'values' => array(
array ('label' => $lng['panel']['yes'], 'value' => '1') array ('label' => $lng['panel']['yes'], 'value' => '1')

5
lib/formfields/customer/domains/formfield.domains_edit.php
View File

@@ -77,8 +77,9 @@ return array(
'value' => array($result['isemaildomain']) 'value' => array($result['isemaildomain'])
), ),
'ssl_redirect' => array( 'ssl_redirect' => array(
'visible' => ($settings['system']['use_ssl'] == '1' ? ($ssl_ipsandports != '' ? true : false) : false), 'visible' => ($settings['system']['use_ssl'] == '1' ? ($ssl_ipsandports != '' ? (domainHasSslIpPort($result['id']) ? true : false) : false) : false),
'label' => 'SSL Redirect', 'label' => $lng['domains']['ssl_redirect']['title'],
'desc' => $lng['domains']['ssl_redirect']['description'],
'type' => 'checkbox', 'type' => 'checkbox',
'values' => array( 'values' => array(
array ('label' => $lng['panel']['yes'], 'value' => '1') array ('label' => $lng['panel']['yes'], 'value' => '1')

13
lng/english.lng.php
View File

@@ -1969,11 +1969,12 @@ $lng['serversettings']['ssl']['ssl_cipher_list']['title'] = 'Configure the allow
$lng['serversettings']['ssl']['ssl_cipher_list']['description'] = 'This is a list of ciphers that you want (or don\'t want) to use when talking SSL. For a list of ciphers and how to include/exclude them, see sections "CIPHER LIST FORMAT" and "CIPHER STRINGS" on <a href="http://openssl.org/docs/apps/ciphers.html">the man-page for ciphers</a>.<br /><br /><b>Default value is:</b><pre>ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH</pre>'; $lng['serversettings']['ssl']['ssl_cipher_list']['description'] = 'This is a list of ciphers that you want (or don\'t want) to use when talking SSL. For a list of ciphers and how to include/exclude them, see sections "CIPHER LIST FORMAT" and "CIPHER STRINGS" on <a href="http://openssl.org/docs/apps/ciphers.html">the man-page for ciphers</a>.<br /><br /><b>Default value is:</b><pre>ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH</pre>';
// Added in Froxlor 0.9.31 // Added in Froxlor 0.9.31
$lng['panel']['dashboard'] = "Dashboard"; $lng['panel']['dashboard'] = 'Dashboard';
$lng['panel']['used'] = "used"; $lng['panel']['used'] = 'used';
$lng['panel']['assigned'] = "assigned"; $lng['panel']['assigned'] = 'assigned';
$lng['panel']['available'] = "available"; $lng['panel']['available'] = 'available';
$lng['customer']['services'] = "Services"; $lng['customer']['services'] = 'Services';
$lng['serversettings']['phpfpm_settings']['ipcdir']['title'] = 'FastCGI IPC directory'; $lng['serversettings']['phpfpm_settings']['ipcdir']['title'] = 'FastCGI IPC directory';
$lng['serversettings']['phpfpm_settings']['ipcdir']['description'] = 'The directory where the php-fpm sockets will be stored by the webserver.<br />This directory has to be readable for the webserver'; $lng['serversettings']['phpfpm_settings']['ipcdir']['description'] = 'The directory where the php-fpm sockets will be stored by the webserver.<br />This directory has to be readable for the webserver';
$lng['panel']['news'] = "News"; $lng['panel']['news'] = 'News';
$lng['error']['sslredirectonlypossiblewithsslipport'] = 'Using the SSL redirect is only possible when the domain has at least one ssl-enabled IP/port combination assigned.';

13
lng/german.lng.php
View File

@@ -1695,11 +1695,12 @@ $lng['serversettings']['ssl']['ssl_cipher_list']['title'] = 'Erlaubte SSL Cipher
$lng['serversettings']['ssl']['ssl_cipher_list']['description'] = 'Dies ist eine Liste von Ciphers die genutzt werden sollen (oder auch nicht genutzt werden sollen) wenn eine SSL Verbindung besteht. Eine Liste aller Ciphers und wie diese hinzugefügt/ausgeschlossen werden ist in den Abschnitten "CIPHER LIST FORMAT" und "CIPHER STRINGS" in <a href="http://openssl.org/docs/apps/ciphers.html">der man-page für Ciphers</a> zu finden.<br /><br /><b>Standard-Wert ist:</b><pre>ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH</pre>'; $lng['serversettings']['ssl']['ssl_cipher_list']['description'] = 'Dies ist eine Liste von Ciphers die genutzt werden sollen (oder auch nicht genutzt werden sollen) wenn eine SSL Verbindung besteht. Eine Liste aller Ciphers und wie diese hinzugefügt/ausgeschlossen werden ist in den Abschnitten "CIPHER LIST FORMAT" und "CIPHER STRINGS" in <a href="http://openssl.org/docs/apps/ciphers.html">der man-page für Ciphers</a> zu finden.<br /><br /><b>Standard-Wert ist:</b><pre>ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH</pre>';
// Added in Froxlor 0.9.31 // Added in Froxlor 0.9.31
$lng['panel']['dashboard'] = "Dashboard"; $lng['panel']['dashboard'] = 'Dashboard';
$lng['panel']['used'] = "genutzt"; $lng['panel']['used'] = 'genutzt';
$lng['panel']['assigned'] = "zugewiesen"; $lng['panel']['assigned'] = 'zugewiesen';
$lng['panel']['available'] = "verfügbar"; $lng['panel']['available'] = 'verfügbar';
$lng['customer']['services'] = "Dienste"; $lng['customer']['services'] = 'Dienste';
$lng['serversettings']['phpfpm_settings']['ipcdir']['title'] = 'FastCGI IPC Verzeichnis'; $lng['serversettings']['phpfpm_settings']['ipcdir']['title'] = 'FastCGI IPC Verzeichnis';
$lng['serversettings']['phpfpm_settings']['ipcdir']['description'] = 'In dieses Verzeichnis werden die php-fpm Sockets vom Webserver abgelegt.<br />Das Verzeichnis muss für den Webserver lesbar sein.'; $lng['serversettings']['phpfpm_settings']['ipcdir']['description'] = 'In dieses Verzeichnis werden die php-fpm Sockets vom Webserver abgelegt.<br />Das Verzeichnis muss für den Webserver lesbar sein.';
$lng['panel']['news'] = "Neuigkeiten"; $lng['panel']['news'] = 'Neuigkeiten';
$lng['error']['sslredirectonlypossiblewithsslipport'] = 'Eine SSL-Weiterleitung ist nur möglich, wenn der Domain mindestens eine IP/Port Kombination zugewiesen wurde, bei der SSL aktiviert ist.';