diff --git a/TODO b/TODO index a100ddda..1ccf836b 100644 --- a/TODO +++ b/TODO @@ -22,9 +22,9 @@ FIXED 0001263 Cosmettic Change WONTFIX 0001056 Need extra payment methods WONTFIX 0001262 Currency type modification. WONTFIX 0001257 Fee is recalculated with current contract data although interval is over - 0001255 Wrong path to usage statistics under domain settings +FIXED 0001255 Wrong path to usage statistics under domain settings 0001261 No e-mail on 90% traffic - 0001260 2x F5 causes bigger fonts +WONTFIX 0001260 2x F5 causes bigger fonts WONTFIX 0001259 contract-changes optional with cron to the end of the interval WONTFIX 0001258 Make invoices immediately 0001120 Missing function to calculate the mail traffic @@ -47,4 +47,77 @@ FIXED 0001246 wrong variable assigned in /templates/admin/customers/custom 0001242 When email qouta is enabled, you cannot add more resources to a client. 0001241 Patch for facilate customizing syscp 0001240 Wrong php.ini for subdomains with fastCGI - 0001239 awstats configs get cluttered up after domain deletion \ No newline at end of file + 0001239 awstats configs get cluttered up after domain deletion + 0001228 Domain deletion fails + 0001233 Display errors when amount of FTP or Mail Traffic is larger than HTTP traffic +WONTFIX 0001227 Error on fixing invoices with credit notes + 0001122 Field members of table ftp_groups not updated correctly when customer deletes ftp user +FIXED 0001215 php.ini: open_basedir error + 0001224 APS installer not installing the aps applications properly, such as WordPress and WebCalender + 0001223 Postfix proposed SQL-query in mysql-virtual_alias_maps.cf: use TRIM() + 0001221 syscp xinet.d - no need to edit /etc/services + 0001217 SysCP Realtime Support + 0001209 APS crashs when installing magento + 0001017 Proftpd - Quota should be added + 0001016 Pureftpd - quota should be added + 0001206 crontabs not terminating + 0001210 Add start- and endtime to autoresponder + 0001212 retain form input + 0001185 Autoreponder - send mails via sendmail to set correct Return-Path header + 0001211 Generated MySQL username too long + 0001208 HTML Tags in Support Tickets + 0001207 FTP Passwörter mit Umlauten + 0001201 Virtualusers conflict with local users when using libnss-mysql + 0001204 php5-suhosin + 0001203 Add check for PHP version and required PHP modules in install script + 0001198 More online help wanted + 0001039 Additional text field for infos in customers "Contact Data" +WONTFIX 0001187 additional Invoices +WONTFIX 0001059 Billing - Create contract - Filename should contain customername +FIXED 0001013 lighttpd - every customer should have his own php.ini + 0001189 Autoresponder: support for multiline "From:" headers + 0001113 realtime functionality broken + 0001186 subdomains and php configuration + 0001112 customers should be able to create custom cronjobs + 0001079 Protected dir only works only after a force-reload on lighttpd + 0001080 host of third level gets overridden by second-level when wwwserveralias is not set on lighttpd + 0001159 serveral errors for lighttpd + 0001181 lighttpd cronjob config for subdomains is empty + 0001034 Cron-Tasks: apache-logfiles directory + 0001136 Configuration of "dead" mail adresses + 0001176 libnss-mysql and conflicting usernames/groups + 0001154 Wrong configuration set with AWstats an fcgi + 0001150 Wrong configuration of awstats + 0001083 awstats.model.conf.syscp should include awstats.conf + 0001152 apache certificate is not generated + 0001151 When cronjob generates new dkim files a mail is sent to root + 0001149 Create a Configuration-Option for SPF Records in Zonefiles + 0001148 Show info for inactive modifications + 0001005 Force user to add POP3 Account before he can add e-mail adresses + 0001142 Default index.html should be placed in a sub-directory of a domain. + 0001140 Replace variables in defaut_vhost config + 0001138 old db-data is lost when mysqldump is not within open_basedir + 0001135 dkim refers to non-existing domainkey entry in DNS zone file. + 0001134 Allow selection of a default apache page / provide access to syscp + 0001133 Default Configuration doesn't allow Exim4 to forward Mails to the outside world + 0001128 More targets for "Write a message" tool + 0001131 Add FreeBSD configuration files to the base tarball. + 0001130 Wrong number format in e.g. traffic display. + 0001129 Allow selection of automatic creation of a webmail.., phpmyadmin. ..., webftp. ... + 0001127 Versioning of configuration templates. + 0001116 Please add tooltips to adminCP + 0001114 Password query for Awstats statistics + 0001111 add login for e-mail and ftp users to let them change their own settings + 0001109 no mail traffic is shown and calculated without third party module + 0001104 Listen Configuration should contain a warning for debian + 0001101 Default mail qouta - possibillity to set new accounts to amount of webspace +WONTFIX 0001098 Possibillity to dissable "Catchall" for mails + 0001095 lighttpd - redirection - "/" slash is added to end of url + 0001084 Add select box to change special logfile setting on domain edit + 0001051 include_shell issue in lighttpd 1.4.20 + 0001058 Add id/class attributs in tag (left navigation) + 0001043 When creating customer it should also be possible to add domains (merge customer & domain menu) + 0001035 PHP-Error-Log | Adminpanel & CronTask + 0001033 Cron-Tasks: creating of php.ini + 0001010 Send info mail to customer if webspace is exceeded + 0001004 Ressources / Domains - Standard subdomains should be separrated from normal Domains \ No newline at end of file diff --git a/scripts/cron_tasks.inc.http.20.lighttpd.php b/scripts/cron_tasks.inc.http.20.lighttpd.php index c175c6e0..11cec856 100644 --- a/scripts/cron_tasks.inc.http.20.lighttpd.php +++ b/scripts/cron_tasks.inc.http.20.lighttpd.php @@ -21,8 +21,8 @@ */ if(@php_sapi_name() != 'cli' - && @php_sapi_name() != 'cgi' - && @php_sapi_name() != 'cgi-fcgi') +&& @php_sapi_name() != 'cgi' +&& @php_sapi_name() != 'cgi-fcgi') { die('This script only works in the shell.'); } @@ -202,13 +202,13 @@ class lighttpd protected function getVhostContent($domain, $ssl_vhost = false) { if($ssl_vhost === true - && $domain['ssl'] != '1') + && $domain['ssl'] != '1') { return ''; } if($ssl_vhost === true - && $domain['ssl'] == '1') + && $domain['ssl'] == '1') { $query = "SELECT * FROM " . TABLE_PANEL_IPSANDPORTS . " WHERE `id`='" . $domain['ssl_ipandport'] . "'"; } @@ -289,7 +289,7 @@ class lighttpd $path_options = ''; $error_string = ''; - + while($row = $this->db->fetch_array($result)) { if(!empty($row['error404path'])) @@ -331,7 +331,7 @@ class lighttpd while($row_htpasswds = $this->db->fetch_array($result)) { if($auth_backend_loaded[$domain['ipandport']] != 'yes' - && $auth_backend_loaded[$domain['ssl_ipandport']] != 'yes') + && $auth_backend_loaded[$domain['ssl_ipandport']] != 'yes') { $filename = $domain['customerid'] . '.htpasswd'; @@ -454,7 +454,7 @@ class lighttpd $webroot_text = ''; if($domain['deactivated'] == '1' - && $this->settings['system']['deactivateddocroot'] != '') + && $this->settings['system']['deactivateddocroot'] != '') { $webroot_text.= ' # Using docroot for deactivated users...' . "\n"; $webroot_text.= ' server.document-root = "' . $this->settings['system']['deactivateddocroot'] . "\"\n"; @@ -462,7 +462,7 @@ class lighttpd else { if($ssl === false - && $domain['ssl_redirect'] == '1') + && $domain['ssl_redirect'] == '1') { $webroot_text.= ' url.redirect = ( "^/(.*)" => "https://' . $domain['domain'] . '/$1" )' . "\n"; } @@ -557,18 +557,18 @@ class lighttpd $this->logger->logAction(CRON_ACTION, LOG_INFO, "cleaning " . $this->settings['system']['apacheconf_vhost']); if(isConfigDir($this->settings['system']['apacheconf_vhost']) - && file_exists($this->settings['system']['apacheconf_vhost']) - && is_dir($this->settings['system']['apacheconf_vhost'])) + && file_exists($this->settings['system']['apacheconf_vhost']) + && is_dir($this->settings['system']['apacheconf_vhost'])) { $vhost_file_dirhandle = opendir($this->settings['system']['apacheconf_vhost']); while(false !== ($vhost_filename = readdir($vhost_file_dirhandle))) { if($vhost_filename != '.' - && $vhost_filename != '..' - && !in_array($vhost_filename, $this->known_filenames) - && preg_match('/^(10|20|30)_syscp_ipandport_(.+)\.conf$/', $vhost_filename) - && file_exists(makeCorrectFile($this->settings['system']['apacheconf_vhost'] . '/' . $vhost_filename))) + && $vhost_filename != '..' + && !in_array($vhost_filename, $this->known_filenames) + && preg_match('/^(10|20|30)_syscp_ipandport_(.+)\.conf$/', $vhost_filename) + && file_exists(makeCorrectFile($this->settings['system']['apacheconf_vhost'] . '/' . $vhost_filename))) { fwrite($this->debugHandler, ' apache::wipeOutOldConfigs: unlinking ' . $vhost_filename . "\n"); $this->logger->logAction(CRON_ACTION, LOG_NOTICE, 'unlinking ' . $vhost_filename); diff --git a/scripts/cron_tasks.inc.http.25.lighttpd_fcgid.php b/scripts/cron_tasks.inc.http.25.lighttpd_fcgid.php new file mode 100644 index 00000000..37000117 --- /dev/null +++ b/scripts/cron_tasks.inc.http.25.lighttpd_fcgid.php @@ -0,0 +1,802 @@ + + * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt + * @package System + * @version $Id: $ + */ + +/* + * This script creates the php.ini's used by mod_suPHP+php-cgi + */ + +if(@php_sapi_name() != 'cli' +&& @php_sapi_name() != 'cgi' +&& @php_sapi_name() != 'cgi-fcgi') +{ + die('This script only works in the shell.'); +} + +class lighttpd_fcgid extends lighttpd +{ + private $db = false; + private $logger = false; + private $debugHandler = false; + private $settings = array(); + + // protected + + public $needed_htpasswds = array(); + public $auth_backend_loaded = false; + public $htpasswd_files = array(); + public $mod_accesslog_loaded = "0"; + protected $lighttpd_data = array(); + + function __construct($db, $logger, $debugHandler, $settings) + { + $this->db = $db; + $this->logger = $logger; + $this->debugHandler = $debugHandler; + $this->settings = $settings; + } + + public function reload() + { + fwrite($this->debugHandler, ' lighttpd::reload: reloading lighttpd' . "\n"); + $this->logger->logAction(CRON_ACTION, LOG_INFO, 'reloading apache'); + safe_exec($this->settings['system']['apachereload_command']); + } + + public function createIpPort() + { + $query = "SELECT `id`, `ip`, `port`, `listen_statement`, `namevirtualhost_statement`, `vhostcontainer`, " . " `vhostcontainer_servername_statement`, `specialsettings`, `ssl`, `ssl_cert_file` " . " FROM `" . TABLE_PANEL_IPSANDPORTS . "` ORDER BY `ip` ASC, `port` ASC"; + $result_ipsandports = $this->db->query($query); + + while($row_ipsandports = $this->db->fetch_array($result_ipsandports)) + { + if(filter_var($row_ipsandports['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) + { + $ip = '[' . $row_ipsandports['ip'] . ']'; + $port = $row_ipsandports['port']; + } + else + { + $ip = $row_ipsandports['ip']; + $port = $row_ipsandports['port']; + } + + fwrite($this->debugHandler, ' lighttpd::createIpPort: creating ip/port settings for ' . $ip . ":" . $port . "\n"); + $this->logger->logAction(CRON_ACTION, LOG_INFO, 'creating ip/port settings for ' . $ip . ":" . $port); + $vhost_filename = makeCorrectFile($this->settings['system']['apacheconf_vhost'] . '/10_syscp_ipandport_' . trim(str_replace(':', '.', $row_ipsandports['ip']), '.') . '.' . $row_ipsandports['port'] . '.conf'); + $this->lighttpd_data[$vhost_filename].= '$SERVER["socket"] == "' . $ip . ':' . $port . '" {' . "\n"; + + if($row_ipsandports['listen_statement'] == '1') + { + $this->lighttpd_data[$vhost_filename].= 'server.port = ' . $port . "\n"; + $this->lighttpd_data[$vhost_filename].= 'server.bind = "' . $ip . '"' . "\n"; + } + + if($row_ipsandports['ssl'] == '1') + { + $this->lighttpd_data[$vhost_filename].= 'ssl.engine = "enable"' . "\n"; + $this->lighttpd_data[$vhost_filename].= 'ssl.pemfile = "' . $row_ipsandports['ssl_cert_file'] . '"' . "\n"; + } + + $this->createLighttpdHosts($row_ipsandports['ip'], $row_ipsandports['port'], $row_ipsandports['ssl'], $vhost_filename); + $this->lighttpd_data[$vhost_filename].= $this->needed_htpasswds[$row_ipsandports['id']] . "\n"; + $this->lighttpd_data[$vhost_filename].= '}' . "\n"; + } + } + + protected function create_htaccess($domain) + { + $needed_htpasswds = array(); + $htpasswd_query = "SELECT * FROM " . TABLE_PANEL_HTPASSWDS . " WHERE `path` LIKE '" . $domain['documentroot'] . "%'"; + $result_htpasswds = $this->db->query($htpasswd_query); + + while($row_htpasswds = $this->db->fetch_array($result_htpasswds)) + { + $filename = $row_htpasswds['customerid'] . '-' . md5($row_htpasswds['path']) . '.htpasswd'; + + if(!in_array($row_htpasswds['path'], $needed_htpasswds)) + { + if(empty($needed_htpasswds)) + { + $auth_backend_loaded[$domain['ipandport']] = 'yes'; + + if(!$this->auth_backend_loaded) + { + $htaccess_text.= ' auth.backend = "htpasswd"' . "\n"; + } + + $htaccess_text.= ' auth.backend.htpasswd.userfile = "' . makeCorrectFile($this->settings['system']['apacheconf_htpasswddir'] . '/' . $filename) . '"' . "\n"; + $htaccess_text.= ' auth.require = ( ' . "\n"; + } + else + { + $htaccess_text.= ' ,' . "\n"; + } + + if(!strstr($this->needed_htpasswds[$filename], $row_htpasswds['username'] . ':' . $row_htpasswds['password'])) + { + $this->needed_htpasswds[$filename].= $row_htpasswds['username'] . ':' . $row_htpasswds['password'] . "\n"; + } + + $needed_htpasswds[] = $row_htpasswds['path']; + $htaccess_path = substr($row_htpasswds['path'], strlen($domain['documentroot']) - 1); + $htaccess_text.= ' "' . makeCorrectDir($htaccess_path) . '" =>' . "\n"; + $htaccess_text.= ' (' . "\n"; + $htaccess_text.= ' "method" => "basic",' . "\n"; + $htaccess_text.= ' "realm" => "Restricted Area",' . "\n"; + $htaccess_text.= ' "require" => "user=' . $row_htpasswds[username] . '"' . "\n"; + $htaccess_text.= ' )' . "\n"; + } + } + + if(strlen(trim($htaccess_text)) > 0) + { + $htaccess_text.= ' )' . "\n"; + } + + return $htaccess_text; + } + + function createVirtualHosts() + { + } + + function createFileDirOptions() + { + } + + protected function createLighttpdHosts($ip, $port, $ssl, $vhost_filename) + { + $query = "SELECT * FROM " . TABLE_PANEL_IPSANDPORTS . " WHERE `ip`='" . $ip . "' AND `port`='" . $port . "'"; + $ipandport = $this->db->query_first($query); + + if($ssl == '0') + { + $query2 = "SELECT `d`.`id`, `d`.`domain`, `d`.`customerid`, `d`.`documentroot`, `d`.`ssl`, " . "`d`.`parentdomainid`, `d`.`ipandport`, `d`.`ssl_ipandport`, `d`.`ssl_redirect`, " . "`d`.`isemaildomain`, `d`.`iswildcarddomain`, `d`.`wwwserveralias`, `d`.`openbasedir`, `d`.`openbasedir_path`, " . "`d`.`safemode`, `d`.`speciallogfile`, `d`.`specialsettings`, `pd`.`domain` AS `parentdomain`, `c`.`loginname`, " . "`c`.`guid`, `c`.`email`, `c`.`documentroot` AS `customerroot`, `c`.`deactivated`, `c`.`phpenabled` AS `phpenabled` " . "FROM `" . TABLE_PANEL_DOMAINS . "` `d` LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) " . "LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `pd` ON (`pd`.`id` = `d`.`parentdomainid`) " . "WHERE `d`.`ipandport`='" . $ipandport['id'] . "' " . "ORDER BY `d`.`iswildcarddomain`, `d`.`domain` ASC"; + } + else + { + $query2.= "SELECT `d`.`id`, `d`.`domain`, `d`.`customerid`, `d`.`documentroot`, `d`.`ssl`, " . "`d`.`parentdomainid`, `d`.`ipandport`, `d`.`ssl_ipandport`, `d`.`ssl_redirect`, " . "`d`.`isemaildomain`, `d`.`iswildcarddomain`, `d`.`wwwserveralias`, `d`.`openbasedir`, `d`.`openbasedir_path`, " . "`d`.`safemode`, `d`.`speciallogfile`, `d`.`specialsettings`, `pd`.`domain` AS `parentdomain`, `c`.`loginname`, " . "`c`.`guid`, `c`.`email`, `c`.`documentroot` AS `customerroot`, `c`.`deactivated`, `c`.`phpenabled` AS `phpenabled` " . "FROM `" . TABLE_PANEL_DOMAINS . "` `d` LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) " . "LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `pd` ON (`pd`.`id` = `d`.`parentdomainid`) " . "WHERE `d`.`ssl_ipandport`='" . $ipandport['id'] . "' " . "ORDER BY `d`.`iswildcarddomain`, `d`.`domain` ASC"; + } + + $result_domains = $this->db->query($query2); + + while($domain = $this->db->fetch_array($result_domains)) + { + $query = "SELECT * FROM " . TABLE_PANEL_IPSANDPORTS . " WHERE `id`='" . $domain['ipandport'] . "'"; + $ipandport = $this->db->query_first($query); + $domain['ip'] = $ipandport['ip']; + $domain['port'] = $ipandport['port']; + $domain['ssl_cert_file'] = $ipandport['ssl_cert_file']; + + if(!empty($this->lighttpd_data[$vhost_filename])) + { + if($ssl == '1') + { + $ssl_vhost = true; + } + else + { + $ssl_vhost = false; + } + + $this->lighttpd_data[$vhost_filename].= $this->getVhostContent($domain, $ssl_vhost); + } + } + } + + protected function getVhostContent($domain, $ssl_vhost = false) + { + if($ssl_vhost === true + && $domain['ssl'] != '1') + { + return ''; + } + + if($ssl_vhost === true + && $domain['ssl'] == '1') + { + $query = "SELECT * FROM " . TABLE_PANEL_IPSANDPORTS . " WHERE `id`='" . $domain['ssl_ipandport'] . "'"; + } + else + { + $query = "SELECT * FROM " . TABLE_PANEL_IPSANDPORTS . " WHERE `id`='" . $domain['ipandport'] . "'"; + } + + $ipandport = $this->db->query_first($query); + $domain['ip'] = $ipandport['ip']; + $domain['port'] = $ipandport['port']; + $domain['ssl_cert_file'] = $ipandport['ssl_cert_file']; + + if(filter_var($domain['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) + { + $ipport = '[' . $domain['ip'] . ']:' . $domain['port']; + } + else + { + $ipport = $domain['ip'] . ':' . $domain['port']; + } + + $vhost_content.= $this->getServerNames($domain) . " {\n"; + $vhost_content.= $this->getWebroot($domain, $ssl_vhost); + $vhost_content.= $this->create_htaccess($domain); + $vhost_content.= $this->create_pathOptions($domain); + $vhost_content.= $this->create_Fcgid($domain); + $vhost_content.= $this->getLogFiles($domain); + $vhost_content.= '}' . "\n"; + return $vhost_content; + } + + protected function getLogFiles($domain) + { + $logfiles_text = ''; + + if($this->settings['system']['mod_log_sql'] == 1) + { + // We are using mod_log_sql (http://www.outoforder.cc/projects/apache/mod_log_sql/) + // TODO: See how we are able emulate the error_log + } + else + { + // The normal access/error - logging is enabled + + $filename = $this->settings['system']['logfiles_directory'] . $domain['loginname'] . $speciallogfile . '-error.log'; + + if(!is_file($filename)) + { + $ourFileHandle = fopen($filename, 'w') or die("can't open file"); + fclose($ourFileHandle); + } + + chown($filename, $this->settings[system]['httpuser']); + chgrp($filename, $this->settings[system]['httpgroup']); + + //access log + + $filename = $this->settings['system']['logfiles_directory'] . $domain['loginname'] . $speciallogfile . '-access.log'; + + if(!is_file($filename)) + { + $ourFileHandle = fopen($filename, 'w') or die("can't open file"); + fclose($ourFileHandle); + } + + $logfiles_text.= ' accesslog.filename = "' . $filename . '"' . "\n"; + chown($filename, $this->settings[system]['httpuser']); + chgrp($filename, $this->settings[system]['httpgroup']); + } + + return $logfiles_text; + } + + protected function create_Fcgid($domain) + { + $php_options_text = ''; + + if($domain['phpenabled'] == '1') + { + // This vHost has PHP enabled and we are using mod_fcgid + //create basic variables for config + + $configdir = makeCorrectDir($this->settings['system']['mod_fcgid_configdir'] . '/' . $domain['loginname'] . '/' . $domain['domain'] . '/'); + $starter_filename = makeCorrectFile($configdir . '/php-fcgi-starter'); + $phpini_filename = makeCorrectFile($configdir . '/php.ini'); + $tmpdir = makeCorrectDir($this->settings['system']['mod_fcgid_tmpdir'] . '/' . $domain['loginname'] . '/'); + + // create config dir if necessary + + if(!is_dir($configdir)) + { + safe_exec('mkdir -p ' . escapeshellarg($configdir)); + safe_exec('chown ' . $domain['guid'] . ':' . $domain['guid'] . ' ' . escapeshellarg($configdir)); + } + + // create tmp dir if necessary + + if(!is_dir($tmpdir)) + { + safe_exec('mkdir -p ' . escapeshellarg($tmpdir)); + safe_exec('chown -R ' . $domain['guid'] . ':' . $domain['guid'] . ' ' . escapeshellarg($tmpdir)); + safe_exec('chmod 0750 ' . escapeshellarg($tmpdir)); + } + + // Load php config + + $phpconfig = $this->getPhpConfig((int)$domain['phpsettingid']); + + $php_options_text = 'fastcgi.server = ( '."\n"; + $file_extensions = explode(' ', $phpconfig['file_extensions']); + foreach($file_extensions as $f_extension) + { + $php_options_text.= "\t".'".'.$f_extension.'" => ('."\n"; + $php_options_text.= "\t\t".'"localhost" => ('."\n"; + $php_options_text.= "\t\t".'"socket" => "/var/run/lighttpd/'.$domain['loginname'].'-php.socket",'."\n"; + $php_options_text.= "\t\t".'"bin-path" => "'.$phpconfig['binary'].' -c '.$phpini_filename.'",'."\n"; + $php_options_text.= "\t\t".'"bin-environment" => ('."\n"; + if((int)$domain['mod_fcgid_starter'] != - 1) + { + $php_options_text.= "\t\t\t".'"PHP_FCGI_CHILDREN" => "' . (int)$domain['mod_fcgid_starter'] . '"'."\n"; + } + else + { + if((int)$phpconfig['mod_fcgid_starter'] != - 1) + { + $php_options_text.= "\t\t\t".'"PHP_FCGI_CHILDREN" => "' . (int)$phpconfig['mod_fcgid_starter'] . '"'."\n"; + } + else + { + $php_options_text.= "\t\t\t".'"PHP_FCGI_CHILDREN" => "' . (int)$this->settings['system']['mod_fcgid_starter'] . '"'."\n"; + } + } + + if((int)$domain['mod_fcgid_maxrequests'] != - 1) + { + $php_options_text.= "\t\t\t".'"PHP_FCGI_MAX_REQUESTS" => "' . (int)$domain['mod_fcgid_maxrequests'] . '"'."\n"; + } + else + { + if((int)$phpconfig['mod_fcgid_maxrequests'] != - 1) + { + $php_options_text.= "\t\t\t".'"PHP_FCGI_MAX_REQUESTS" => "' . (int)$phpconfig['mod_fcgid_maxrequests'] . '"'."\n"; + } + else + { + $php_options_text.= "\t\t\t".'"PHP_FCGI_MAX_REQUESTS" => "' . (int)$this->settings['system']['mod_fcgid_maxrequests'] . '"'."\n"; + } + } + + $php_options_text.= "\t\t".')'."\n"; + $php_options_text.= "\t".')'."\n"; + $php_options_text.= "".')'."\n"; + + } // foreach extension + $php_options_text.= "".')'."\n"; + + // create starter + + $starter_file = "#!/bin/sh\n\n"; + $starter_file.= "#\n"; + $starter_file.= "# starter created/changed on " . date("Y.m.d H:i:s") . " for domain '" . $domain['domain'] . "' with id #" . $domain['id'] . " from php template '" . $phpconfig['description'] . "' with id #" . $phpconfig['id'] . "\n"; + $starter_file.= "# Do not change anything in this file, it will be overwritten by the SysCP Cronjob!\n"; + $starter_file.= "#\n\n"; + $starter_file.= "PHPRC=" . escapeshellarg($configdir) . "\n"; + $starter_file.= "export PHPRC\n"; + + // set number of processes for one domain + + if((int)$domain['mod_fcgid_starter'] != - 1) + { + $starter_file.= "PHP_FCGI_CHILDREN=" . (int)$domain['mod_fcgid_starter'] . "\n"; + } + else + { + if((int)$phpconfig['mod_fcgid_starter'] != - 1) + { + $starter_file.= "PHP_FCGI_CHILDREN=" . (int)$phpconfig['mod_fcgid_starter'] . "\n"; + } + else + { + $starter_file.= "PHP_FCGI_CHILDREN=" . (int)$this->settings['system']['mod_fcgid_starter'] . "\n"; + } + } + + $starter_file.= "export PHP_FCGI_CHILDREN\n"; + + // set number of maximum requests for one domain + + if((int)$domain['mod_fcgid_maxrequests'] != - 1) + { + $starter_file.= "PHP_FCGI_MAX_REQUESTS=" . (int)$domain['mod_fcgid_maxrequests'] . "\n"; + } + else + { + if((int)$phpconfig['mod_fcgid_maxrequests'] != - 1) + { + $starter_file.= "PHP_FCGI_MAX_REQUESTS=" . (int)$phpconfig['mod_fcgid_maxrequests'] . "\n"; + } + else + { + $starter_file.= "PHP_FCGI_MAX_REQUESTS=" . (int)$this->settings['system']['mod_fcgid_maxrequests'] . "\n"; + } + } + + $starter_file.= "export PHP_FCGI_MAX_REQUESTS\n"; + + // Set Binary + + $starter_file.= "exec " . $phpconfig['binary'] . " -c " . escapeshellarg($configdir) . "\n"; + + //remove +i attibute, so starter can be overwritten + + if(file_exists($starter_filename)) + { + safe_exec('chattr -i ' . escapeshellarg($starter_filename)); + } + + $starter_file_handler = fopen($starter_filename, 'w'); + fwrite($starter_file_handler, $starter_file); + fclose($starter_file_handler); + safe_exec('chmod 750 ' . escapeshellarg($starter_filename)); + safe_exec('chown ' . $domain['guid'] . ':' . $domain['guid'] . ' ' . escapeshellarg($starter_filename)); + safe_exec('chattr +i ' . escapeshellarg($starter_filename)); + + // define the php.ini + + $openbasedir = ''; + $openbasedirc = ';'; + + if($domain['openbasedir'] == '1') + { + $openbasedirc = ''; + if($domain['openbasedir_path'] == '0') + { + $openbasedir = $domain['documentroot'] . ':' . $tmpdir . ':' . $this->settings['system']['mod_fcgid_peardir'] . ':' . $this->settings['system']['phpappendopenbasedir']; + } + else + { + $openbasedir = $domain['customerroot'] . ':' . $tmpdir . ':' . $this->settings['system']['mod_fcgid_peardir'] . ':' . $this->settings['system']['phpappendopenbasedir']; + } + + $openbasedir = explode(':', $openbasedir); + foreach($openbasedir as $number => $path) + { + $openbasedir[$number] = makeCorrectDir($path); + } + + $openbasedir = implode(':', $openbasedir); + } + else + { + $openbasedir = 'none'; + $openbasedirc = ';'; + } + + $admin = $this->getAdminData($domain['adminid']); + $php_ini_variables = array( + 'SAFE_MODE' => ($domain['safemode'] == '0' ? 'Off' : 'On'), + 'PEAR_DIR' => $this->settings['system']['mod_fcgid_peardir'], + 'OPEN_BASEDIR' => $openbasedir, + 'OPEN_BASEDIR_C' => $openbasedirc, + 'OPEN_BASEDIR_GLOBAL' => $this->settings['system']['phpappendopenbasedir'], + 'TMP_DIR' => $tmpdir, + 'CUSTOMER_EMAIL' => $domain['email'], + 'ADMIN_EMAIL' => $admin['email'], + 'DOMAIN' => $domain['domain'], + 'CUSTOMER' => $domain['loginname'], + 'ADMIN' => $admin['loginname'] + ); + + //insert a small header for the file + + $phpini_file = ";\n"; + $phpini_file.= "; php.ini created/changed on " . date("Y.m.d H:i:s") . " for domain '" . $domain['domain'] . "' with id #" . $domain['id'] . " from php template '" . $phpconfig['description'] . "' with id #" . $phpconfig['id'] . "\n"; + $phpini_file.= "; Do not change anything in this file, it will be overwritten by the SysCP Cronjob!\n"; + $phpini_file.= ";\n\n"; + $phpini_file.= replace_variables($phpconfig['phpsettings'], $php_ini_variables); + $phpini_file = str_replace('"none"', 'none', $phpini_file); + $phpini_file = preg_replace('/\"+/', '"', $phpini_file); + $phpini_file_handler = fopen($phpini_filename, 'w'); + fwrite($phpini_file_handler, $phpini_file); + fclose($phpini_file_handler); + safe_exec('chown root:0 ' . escapeshellarg($phpini_filename)); + safe_exec('chmod 0644 ' . escapeshellarg($phpini_filename)); + } + else + { + $php_options_text.= ' # PHP is disabled for this vHost' . "\n"; + } + + return $php_options_text; + } + + protected function create_pathOptions($domain) + { + $query = "SELECT * FROM " . TABLE_PANEL_HTACCESS . " WHERE `path` LIKE '" . $domain['documentroot'] . "%'"; + $result = $this->db->query($query); + + $path_options = ''; + $error_string = ''; + + while($row = $this->db->fetch_array($result)) + { + if(!empty($row['error404path'])) + { + $error_string.= ' server.error-handler-404 = "' . makeCorrectFile($row['documentroot'] . '/' . $row['error404path']) . '"' . "\n"; + } + + if($row['options_indexes'] != '0') + { + $path = makeCorrectDir(substr($row['path'], strlen($domain['documentroot']) - 1)); + + // We need to remove the last slash, otherwise the regex wouldn't work + + $path = substr($path, 0, -1); + $path_options.= '$HTTP["url"] =~ "^' . $path . '($|/)" {' . "\n"; + $path_options.= "\t" . 'dir-listing.activate = "enable"' . "\n"; + if(!empty($error_string)) + { + $path_options.= $error_string; + // reset $error_string here to prevent duplicate entries + $error_string = ''; + } + $path_options.= '}' . "\n"; + } + else + { + $path_options = $error_string; + } + } + + return $path_options; + } + + protected function getDirOptions($domain) + { + $query = "SELECT * FROM " . TABLE_PANEL_HTPASSWDS . " WHERE `customerid`='" . $domain[customerid] . "'"; + $result = $this->db->query($query); + + while($row_htpasswds = $this->db->fetch_array($result)) + { + if($auth_backend_loaded[$domain['ipandport']] != 'yes' + && $auth_backend_loaded[$domain['ssl_ipandport']] != 'yes') + { + $filename = $domain['customerid'] . '.htpasswd'; + + if($this->auth_backend_loaded[$domain['ipandport']] != 'yes') + { + $auth_backend_loaded[$domain['ipandport']] = 'yes'; + $diroption_text.= 'auth.backend = "htpasswd"' . "\n"; + $diroption_text.= 'auth.backend.htpasswd.userfile = "' . makeCorrectFile($this->settings['system']['apacheconf_htpasswddir'] . '/' . $filename) . '"' . "\n"; + $this->needed_htpasswds[$filename] = $row_htpasswds['username'] . ':' . $row_htpasswds['password'] . "\n"; + $diroption_text.= 'auth.require = ( ' . "\n"; + $previous_domain_id = '1'; + } + elseif($this->auth_backend_loaded[$domain['ssl_ipandport']] != 'yes') + { + $auth_backend_loaded[$domain['ssl_ipandport']] = 'yes'; + $diroption_text.= 'auth.backend= "htpasswd"' . "\n"; + $diroption_text.= 'auth.backend.htpasswd.userfile = "' . makeCorrectFile($this->settings['system']['apacheconf_htpasswddir'] . '/' . $filename) . '"' . "\n"; + $this->needed_htpasswds[$filename] = $row_htpasswds['username'] . ':' . $row_htpasswds['password'] . "\n"; + $diroption_text.= 'auth.require = ( ' . "\n"; + $previous_domain_id = '1'; + } + } + + $diroption_text.= '"' . $row_htpasswds['path'] . '" =>' . "\n"; + $diroption_text.= '(' . "\n"; + $diroption_text.= ' "method" => "basic",' . "\n"; + $diroption_text.= ' "realm" => "Restricted Area",' . "\n"; + $diroption_text.= ' "require" => "user=' . $row_htpasswds['username'] . '"' . "\n"; + $diroption_text.= ')' . "\n"; + + if($this->auth_backend_loaded[$domain['ssl_ipandport']] == 'yes') + { + $this->needed_htpasswds[$domain['ssl_ipandport']].= $diroption_text; + } + + if($this->auth_backend_loaded[$domain['ipandport']] != 'yes') + { + $this->needed_htpasswds[$domain['ipandport']].= $diroption_text; + } + } + + return ' auth.backend.htpasswd.userfile = "' . makeCorrectFile($this->settings['system']['apacheconf_htpasswddir'] . '/' . $filename) . '"' . "\n"; + } + + protected function getServerNames($domain) + { + $server_string = array(); + $domain_name = ereg_replace('\.', '\.', $domain['domain']); + + if($domain['iswildcarddomain'] == '1') + { + $server_string[] = '(^|\.)' . $domain_name . '$'; + } + else + { + if($domain['wwwserveralias'] == '1') + { + $server_string[] = '^(www\.|)' . $domain_name . '$'; + } + else + { + } + } + + $alias_domains = $this->db->query('SELECT `domain`, `iswildcarddomain`, `wwwserveralias` FROM `' . TABLE_PANEL_DOMAINS . '` WHERE `aliasdomain`=\'' . $domain['id'] . '\''); + + while(($alias_domain = $this->db->fetch_array($alias_domains)) !== false) + { + $alias_domain_name = ereg_replace('\.', '\.', $alias_domain['domain']); + + if($alias_domain['iswildcarddomain'] == '1') + { + $server_string[] = '(^|\.)' . $alias_domain_name . '$'; + } + else + { + if($alias_domain['wwwserveralias'] == '1') + { + $server_string[] = '^(www.)?' . $alias_domain_name; + } + else + { + $server_string[] = $alias_domain_name; + } + } + } + + for ($i = 0;$i < sizeof($server_string);$i++) + { + $data = $server_string[$i]; + + if(sizeof($server_string) > 1) + { + if($i == 0) + { + $servernames_text = '(' . $data . '|'; + } + elseif(sizeof($server_string) - 1 == $i) + { + $servernames_text.= $data . ')'; + } + else + { + $servernames_text.= $data . '|'; + } + } + else + { + $servernames_text = $data; + } + } + + unset($data); + $servernames_text = '$HTTP["host"] =~ "' . $servernames_text . '"'; + return $servernames_text; + } + + protected function getWebroot($domain, $ssl) + { + $webroot_text = ''; + + if($domain['deactivated'] == '1' + && $this->settings['system']['deactivateddocroot'] != '') + { + $webroot_text.= ' # Using docroot for deactivated users...' . "\n"; + $webroot_text.= ' server.document-root = "' . $this->settings['system']['deactivateddocroot'] . "\"\n"; + } + else + { + if($ssl === false + && $domain['ssl_redirect'] == '1') + { + $webroot_text.= ' url.redirect = ( "^/(.*)" => "https://' . $domain['domain'] . '/$1" )' . "\n"; + } + elseif(preg_match("#^https?://#i", $domain['documentroot'])) + { + $webroot_text.= ' url.redirect = ( "^/(.*)" => "' . $domain['documentroot'] . '/$1" )' . "\n"; + } + else + { + $webroot_text.= ' server.document-root = "' . makeCorrectDir($domain['documentroot']) . "\"\n"; + } + } + + return $webroot_text; + } + + public function writeConfigs() + { + fwrite($this->debugHandler, ' lighttpd::writeConfigs: rebuilding ' . $this->settings['system']['apacheconf_vhost'] . "\n"); + $this->logger->logAction(CRON_ACTION, LOG_INFO, "rebuilding " . $this->settings['system']['apacheconf_vhost']); + + if(!isConfigDir($this->settings['system']['apacheconf_vhost'])) + { + // Save one big file + + foreach($this->lighttpd_data as $vhosts_filename => $vhost_content) + { + $vhosts_file.= $vhost_content . "\n\n"; + } + + $vhosts_filename = $this->settings['system']['apacheconf_vhost']; + + // Apply header + + $vhosts_file = '# ' . basename($vhosts_filename) . "\n" . '# Created ' . date('d.m.Y H:i') . "\n" . '# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.' . "\n" . "\n" . $vhosts_file; + $vhosts_file_handler = fopen($vhosts_filename, 'w'); + fwrite($vhosts_file_handler, $vhosts_file); + fclose($vhosts_file_handler); + } + else + { + if(!file_exists($this->settings['system']['apacheconf_vhost'])) + { + fwrite($this->debugHandler, ' lighttpd::writeConfigs: mkdir ' . escapeshellarg(makeCorrectDir($this->settings['system']['apacheconf_vhost'])) . "\n"); + $this->logger->logAction(CRON_ACTION, LOG_NOTICE, 'mkdir ' . escapeshellarg(makeCorrectDir($this->settings['system']['apacheconf_vhost']))); + safe_exec('mkdir ' . escapeshellarg(makeCorrectDir($this->settings['system']['apacheconf_vhost']))); + } + + // Write a single file for every vhost + + foreach($this->lighttpd_data as $vhosts_filename => $vhosts_file) + { + $this->known_filenames[] = basename($vhosts_filename); + + // Apply header + + $vhosts_file = '# ' . basename($vhosts_filename) . "\n" . '# Created ' . date('d.m.Y H:i') . "\n" . '# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.' . "\n" . "\n" . $vhosts_file; + + if(!empty($vhosts_filename)) + { + $vhosts_file_handler = fopen($vhosts_filename, 'w'); + fwrite($vhosts_file_handler, $vhosts_file); + fclose($vhosts_file_handler); + } + } + + $this->wipeOutOldConfigs(); + } + + // Write the diroptions + + if(isConfigDir($this->settings['system']['apacheconf_htpasswddir'])) + { + foreach($this->needed_htpasswds as $key => $data) + { + if(!is_dir($this->settings['system']['apacheconf_htpasswddir'])) + { + mkdir($this->settings['system']['apacheconf_htpasswddir']); + } + + $filename = $this->settings['system']['apacheconf_htpasswddir'] . '/' . $key; + $htpasswd_handler = fopen($filename, 'w'); + fwrite($htpasswd_handler, $data); + fclose($htpasswd_handler); + } + } + } + + private function wipeOutOldConfigs() + { + fwrite($this->debugHandler, ' apache::wipeOutOldConfigs: cleaning ' . $this->settings['system']['apacheconf_vhost'] . "\n"); + $this->logger->logAction(CRON_ACTION, LOG_INFO, "cleaning " . $this->settings['system']['apacheconf_vhost']); + + if(isConfigDir($this->settings['system']['apacheconf_vhost']) + && file_exists($this->settings['system']['apacheconf_vhost']) + && is_dir($this->settings['system']['apacheconf_vhost'])) + { + $vhost_file_dirhandle = opendir($this->settings['system']['apacheconf_vhost']); + + while(false !== ($vhost_filename = readdir($vhost_file_dirhandle))) + { + if($vhost_filename != '.' + && $vhost_filename != '..' + && !in_array($vhost_filename, $this->known_filenames) + && preg_match('/^(10|20|30)_syscp_ipandport_(.+)\.conf$/', $vhost_filename) + && file_exists(makeCorrectFile($this->settings['system']['apacheconf_vhost'] . '/' . $vhost_filename))) + { + fwrite($this->debugHandler, ' apache::wipeOutOldConfigs: unlinking ' . $vhost_filename . "\n"); + $this->logger->logAction(CRON_ACTION, LOG_NOTICE, 'unlinking ' . $vhost_filename); + unlink(makeCorrectFile($this->settings['system']['apacheconf_vhost'] . '/' . $vhost_filename)); + } + } + } + } +} + +?>