maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

escape directories/files correctly - TODO: store the user-inputs in the database correctly (source of the data), checking in the cronjob is only just-in-case, refs #717

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2013-03-06 17:56:42 +01:00
parent debdbf5d41
commit cb6db7385a
4 changed files with 38 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php
View File

@@ -39,9 +39,9 @@ class apache_fcgid extends apache
{
$php_options_text.= ' SuexecUserGroup "' . $domain['loginname'] . '" "' . $domain['loginname'] . '"' . "\n";
if ($domain['ssl'] == 1 && $ssl_vhost) {
$php_options_text.= ' FastCgiExternalServer ' . makeCorrectDir($php->getInterface()->getAliasConfigDir()) . 'ssl-fpm.external -socket ' . $php->getInterface()->getSocketFile() . ' -user ' . $domain['loginname'] . ' -group ' . $domain['loginname'] . " -idle-timeout " . $this->settings['phpfpm']['idle_timeout'] . "\n";
$php_options_text.= ' FastCgiExternalServer ' . $php->getInterface()->getAliasConfigDir() . 'ssl-fpm.external -socket ' . $php->getInterface()->getSocketFile() . ' -user ' . $domain['loginname'] . ' -group ' . $domain['loginname'] . " -idle-timeout " . $this->settings['phpfpm']['idle_timeout'] . "\n";
} else {
$php_options_text.= ' FastCgiExternalServer ' . makeCorrectDir($php->getInterface()->getAliasConfigDir()) . 'fpm.external -socket ' . $php->getInterface()->getSocketFile() . ' -user ' . $domain['loginname'] . ' -group ' . $domain['loginname'] . " -idle-timeout " . $this->settings['phpfpm']['idle_timeout'] . "\n";
$php_options_text.= ' FastCgiExternalServer ' . $php->getInterface()->getAliasConfigDir() . 'fpm.external -socket ' . $php->getInterface()->getSocketFile() . ' -user ' . $domain['loginname'] . ' -group ' . $domain['loginname'] . " -idle-timeout " . $this->settings['phpfpm']['idle_timeout'] . "\n";
}
$php_options_text.= ' <Directory "' . makeCorrectDir($domain['documentroot']) . '">' . "\n";
$php_options_text.= ' <FilesMatch "\.php$">' . "\n";
@@ -58,9 +58,9 @@ class apache_fcgid extends apache
}
$php_options_text.= ' </Directory>' . "\n";
if ($domain['ssl'] == 1 && $ssl_vhost) {
$php_options_text.= ' Alias /fastcgiphp ' . makeCorrectDir($php->getInterface()->getAliasConfigDir()) . 'ssl-fpm.external' . "\n";
$php_options_text.= ' Alias /fastcgiphp ' . $php->getInterface()->getAliasConfigDir() . 'ssl-fpm.external' . "\n";
} else {
$php_options_text.= ' Alias /fastcgiphp ' . makeCorrectDir($php->getInterface()->getAliasConfigDir()) . 'fpm.external' . "\n";
$php_options_text.= ' Alias /fastcgiphp ' . $php->getInterface()->getAliasConfigDir() . 'fpm.external' . "\n";
}
}
else
@@ -74,7 +74,7 @@ class apache_fcgid extends apache
else
{
$php_options_text.= ' SuexecUserGroup "' . $domain['loginname'] . '" "' . $domain['loginname'] . '"' . "\n";
$php_options_text.= ' <Directory "' . $domain['documentroot'] . '">' . "\n";
$php_options_text.= ' <Directory "' . makeCorrectDir($domain['documentroot']) . '">' . "\n";
$file_extensions = explode(' ', $phpconfig['file_extensions']);
$php_options_text.= ' <FilesMatch "\.(' . implode('|', $file_extensions) . ')$">' . "\n";
$php_options_text.= ' SetHandler fcgid-script' . "\n";