From f8236dff7be5b8ece933943442ce5a4adc284387 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Thu, 24 May 2018 14:44:59 +0200 Subject: [PATCH 1/5] fix not quite correctly webserver-log-piping Signed-off-by: Michael Kaufmann --- actions/admin/settings/130.webserver.php | 16 ++++++++++++++-- install/froxlor.sql | 3 ++- install/updates/froxlor/0.9/update_0.9.inc.php | 9 +++++++++ lib/version.inc.php | 2 +- lng/english.lng.php | 4 ++-- lng/german.lng.php | 4 ++-- scripts/jobs/cron_tasks.inc.http.10.apache.php | 9 +++------ 7 files changed, 33 insertions(+), 14 deletions(-) diff --git a/actions/admin/settings/130.webserver.php b/actions/admin/settings/130.webserver.php index 35ac4857..ad56665b 100644 --- a/actions/admin/settings/130.webserver.php +++ b/actions/admin/settings/130.webserver.php @@ -104,14 +104,26 @@ return array( 'save_method' => 'storeSettingField' ), 'system_logfiles_directory' => array( - 'label' => (Settings::Get('system.webserver') != 'apache2') ? $lng['serversettings']['logfiles_directory'] : $lng['serversettings']['logfiles_directory2'], + 'label' => $lng['serversettings']['logfiles_directory'], 'settinggroup' => 'system', 'varname' => 'logfiles_directory', 'type' => 'string', - 'string_type' => (Settings::Get('system.webserver') != 'apache2') ? 'dir' : '', + 'string_type' => 'dir', 'default' => '/var/customers/logs/', 'save_method' => 'storeSettingField' ), + 'system_logfiles_script' => array( + 'label' => $lng['serversettings']['logfiles_script'], + 'settinggroup' => 'system', + 'varname' => 'logfiles_script', + 'type' => 'string', + 'string_type' => '', + 'default' => '', + 'save_method' => 'storeSettingField', + 'websrv_avail' => array( + 'apache2' + ) + ), 'system_logfiles_format' => array( 'label' => $lng['serversettings']['logfiles_format'], 'settinggroup' => 'system', diff --git a/install/froxlor.sql b/install/froxlor.sql index bda0e4d9..f39913fb 100644 --- a/install/froxlor.sql +++ b/install/froxlor.sql @@ -659,6 +659,7 @@ opcache.interned_strings_buffer'), ('system', 'logfiles_format', ''), ('system', 'logfiles_type', '1'), ('system', 'logfiles_piped', '0'), + ('system', 'logfiles_script', ''), ('panel', 'decimal_places', '4'), ('panel', 'adminmail', 'admin@SERVERNAME'), ('panel', 'phpmyadmin_url', ''), @@ -691,7 +692,7 @@ opcache.interned_strings_buffer'), ('panel', 'password_special_char', '!?<>§$%+#=@'), ('panel', 'customer_hide_options', ''), ('panel', 'version', '0.9.39.5'), - ('panel', 'db_version', '201805240'); + ('panel', 'db_version', '201805241'); DROP TABLE IF EXISTS `panel_tasks`; diff --git a/install/updates/froxlor/0.9/update_0.9.inc.php b/install/updates/froxlor/0.9/update_0.9.inc.php index c1a9010e..e5e3c60e 100644 --- a/install/updates/froxlor/0.9/update_0.9.inc.php +++ b/install/updates/froxlor/0.9/update_0.9.inc.php @@ -3959,3 +3959,12 @@ if (isDatabaseVersion('201802250')) { updateToDbVersion('201805240'); } + +if (isDatabaseVersion('201805240')) { + + showUpdateStep("Adding webserver logfile-script settings"); + Settings::AddNew("system.logfiles_script", ''); + lastStepStatus(0); + + updateToDbVersion('201805241'); +} diff --git a/lib/version.inc.php b/lib/version.inc.php index 65278766..3f870d38 100644 --- a/lib/version.inc.php +++ b/lib/version.inc.php @@ -19,7 +19,7 @@ $version = '0.9.39.5'; // Database version (YYYYMMDDC where C is a daily counter) -$dbversion = '201805240'; +$dbversion = '201805241'; // Distribution branding-tag (used for Debian etc.) $branding = ''; diff --git a/lng/english.lng.php b/lng/english.lng.php index 2c068780..6a6ffe92 100644 --- a/lng/english.lng.php +++ b/lng/english.lng.php @@ -337,8 +337,8 @@ $lng['serversettings']['documentroot_prefix']['title'] = 'Home directory'; $lng['serversettings']['documentroot_prefix']['description'] = 'Where should all home directories be stored?'; $lng['serversettings']['logfiles_directory']['title'] = 'Logfiles directory'; $lng['serversettings']['logfiles_directory']['description'] = 'Where should all log files be stored?'; -$lng['serversettings']['logfiles_directory2']['title'] = 'Logfiles directory or custom script'; -$lng['serversettings']['logfiles_directory2']['description'] = 'Where should all log files be stored? Optionally, you can specify a script here and use the placeholders {LOGFILE}, {DOMAIN} and {CUSTOMER} if needed. In case of a custom script you will need to activate the Pipe webserver logfiles option'; +$lng['serversettings']['logfiles_script']['title'] = 'Custom script to pipe log-files to'; +$lng['serversettings']['logfiles_script']['description'] = 'You can specify a script here and use the placeholders {LOGFILE}, {DOMAIN} and {CUSTOMER} if needed. In case you want to use it you will need to activate the Pipe webserver logfiles option too. No prefixed pipe-character is needed.'; $lng['serversettings']['logfiles_format']['title'] = 'Access-log format'; $lng['serversettings']['logfiles_format']['description'] = 'Enter a custom log-format here according to your webservers specifications, leave empty for default'; $lng['serversettings']['logfiles_type']['title'] = 'Access-log type'; diff --git a/lng/german.lng.php b/lng/german.lng.php index 87fd914e..1c2936af 100644 --- a/lng/german.lng.php +++ b/lng/german.lng.php @@ -333,8 +333,8 @@ $lng['serversettings']['documentroot_prefix']['title'] = 'Heimatverzeichnis'; $lng['serversettings']['documentroot_prefix']['description'] = 'Wo sollen die Heimatverzeichnisse der Kunden liegen?'; $lng['serversettings']['logfiles_directory']['title'] = 'Webserver-Logdateien-Verzeichnis'; $lng['serversettings']['logfiles_directory']['description'] = 'Wo sollen die Logdateien des Webservers liegen?'; -$lng['serversettings']['logfiles_directory2']['title'] = 'Webserver-Logdateien-Verzeichnis oder eigenes Script'; -$lng['serversettings']['logfiles_directory2']['description'] = 'Wo sollen die Logdateien des Webservers liegen? Optional kann hier ein Script hinterlegt und die Platzhalter {LOGFILE}, {DOMAIN} und {CUSTOMER} genutzt werden, sofern nötig. Falls ein Script angegeben wird, muss die Option Webserver Logdateien umleiten gesetzt werden'; +$lng['serversettings']['logfiles_script']['title'] = 'Eigenes Script zu dem Log-Files übergeben werden'; +$lng['serversettings']['logfiles_script']['description'] = 'Hier kann ein Script an das die Loginhalte übergeben werden hinterlegt und die Platzhalter {LOGFILE}, {DOMAIN} und {CUSTOMER} genutzt werden, sofern nötig. Falls ein Script angegeben wird, muss die Option Webserver Logdateien umleiten gesetzt werden'; $lng['serversettings']['logfiles_format']['title'] = 'Access-Log Format'; $lng['serversettings']['logfiles_format']['description'] = 'Hier kann ein angepasstes Log-format entsprechend der Webserver-Dokumentation angegeben werden, leer lassen für Standard'; $lng['serversettings']['logfiles_type']['title'] = 'Access-Log Typ'; diff --git a/scripts/jobs/cron_tasks.inc.http.10.apache.php b/scripts/jobs/cron_tasks.inc.http.10.apache.php index 9dab54a5..4294ecf5 100644 --- a/scripts/jobs/cron_tasks.inc.http.10.apache.php +++ b/scripts/jobs/cron_tasks.inc.http.10.apache.php @@ -733,19 +733,16 @@ class apache extends HttpConfigBase $logtype = 'vhost_combined'; } - if (Settings::Get('system.logfiles_piped') == '1') { - // don't use custom-script as path for logfile-names - $error_log = makeCorrectFile($domain['loginname'] . $speciallogfile . '-error.log'); - $access_log = makeCorrectFile($domain['loginname'] . $speciallogfile . '-access.log'); + if (Settings::Get('system.logfiles_piped') == '1' && Settings::Get('system.logfiles_script') != '') { // replace for error_log - $command = replace_variables(Settings::Get('system.logfiles_directory'), array( + $command = replace_variables(Settings::Get('system.logfiles_script'), array( 'LOGFILE' => $error_log, 'DOMAIN' => $domain['domain'], 'CUSTOMER' => $domain['loginname'] )); $logfiles_text .= ' ErrorLog "| ' . $command . "\"\n"; // replace for access_log - $command = replace_variables(Settings::Get('system.logfiles_directory'), array( + $command = replace_variables(Settings::Get('system.logfiles_script'), array( 'LOGFILE' => $access_log, 'DOMAIN' => $domain['domain'], 'CUSTOMER' => $domain['loginname'] From 18fb422a699254e350bea40ca44a0fee93ca5641 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Thu, 24 May 2018 14:50:52 +0200 Subject: [PATCH 2/5] correct order of settings Signed-off-by: Michael Kaufmann --- actions/admin/settings/130.webserver.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/actions/admin/settings/130.webserver.php b/actions/admin/settings/130.webserver.php index ad56665b..4caa875f 100644 --- a/actions/admin/settings/130.webserver.php +++ b/actions/admin/settings/130.webserver.php @@ -124,6 +124,17 @@ return array( 'apache2' ) ), + 'system_logfiles_piped' => array( + 'label' => $lng['serversettings']['logfiles_piped'], + 'settinggroup' => 'system', + 'varname' => 'logfiles_piped', + 'type' => 'bool', + 'default' => false, + 'save_method' => 'storeSettingField', + 'websrv_avail' => array( + 'apache2' + ) + ), 'system_logfiles_format' => array( 'label' => $lng['serversettings']['logfiles_format'], 'settinggroup' => 'system', @@ -153,17 +164,6 @@ return array( 'apache2' ) ), - 'system_logfiles_piped' => array( - 'label' => $lng['serversettings']['logfiles_piped'], - 'settinggroup' => 'system', - 'varname' => 'logfiles_piped', - 'type' => 'bool', - 'default' => false, - 'save_method' => 'storeSettingField', - 'websrv_avail' => array( - 'apache2' - ) - ), 'system_customersslpath' => array( 'label' => $lng['serversettings']['customerssl_directory'], 'settinggroup' => 'system', From 10330f8a7ab99fe56d022eb5d14964199fe7658e Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Thu, 24 May 2018 17:44:36 +0200 Subject: [PATCH 3/5] fix fallback redirect code when customredirect is enabled and default is selected Signed-off-by: Michael Kaufmann --- lib/functions/output/function.RedirectCode.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/functions/output/function.RedirectCode.php b/lib/functions/output/function.RedirectCode.php index 5a8cd57d..79c7528c 100644 --- a/lib/functions/output/function.RedirectCode.php +++ b/lib/functions/output/function.RedirectCode.php @@ -72,7 +72,8 @@ function getDomainRedirectCode($domainid = 0) { $default = '301'; if (Settings::Get('customredirect.enabled') == '1') { $all_codes = getRedirectCodes(false); - $default = $all_codes[Settings::Get('customredirect.default')]; + $_default = $all_codes[Settings::Get('customredirect.default')]; + $default = ($_default == '---') ? $default : $_default; } $code = $default; if ($domainid > 0) { From c1e62e6be719affc003774a639de5c952ffd8ffc Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Tue, 29 May 2018 15:47:41 +0200 Subject: [PATCH 4/5] get rid of serialization completely to avoid possible code execution, fixes #555 Signed-off-by: Michael Kaufmann --- admin_domains.php | 28 ++++++++--------- customer_extras.php | 4 +-- dns_editor.php | 8 ++--- install/froxlor.sql | 2 +- install/lib/class.FroxlorInstall.php | 19 ++++++------ install/lng/english.lng.php | 1 - install/lng/german.lng.php | 1 - .../updates/froxlor/0.9/update_0.9.inc.php | 30 +++++++++++++++++++ lib/classes/output/class.paging.php | 4 +-- .../froxlor/function.CronjobFunctions.php | 2 +- lib/functions/froxlor/function.inserttask.php | 10 +++---- scripts/jobs/cron_backup.php | 2 +- scripts/jobs/cron_tasks.php | 2 +- 13 files changed, 71 insertions(+), 42 deletions(-) diff --git a/admin_domains.php b/admin_domains.php index f731d59c..c2804a16 100644 --- a/admin_domains.php +++ b/admin_domains.php @@ -528,7 +528,7 @@ if ($page == 'domains' || $page == 'overview') { $ipandports = array(); if (isset($_POST['ipandport']) && ! is_array($_POST['ipandport'])) { - $_POST['ipandport'] = unserialize($_POST['ipandport']); + $_POST['ipandport'] = json_decode($_POST['ipandport'], true); } if (isset($_POST['ipandport']) && is_array($_POST['ipandport'])) { @@ -564,7 +564,7 @@ if ($page == 'domains' || $page == 'overview') { $ssl_ipandports = array(); if (isset($_POST['ssl_ipandport']) && ! is_array($_POST['ssl_ipandport'])) { - $_POST['ssl_ipandport'] = unserialize($_POST['ssl_ipandport']); + $_POST['ssl_ipandport'] = json_decode($_POST['ssl_ipandport'], true); } // Verify SSL-Ports @@ -606,7 +606,7 @@ if ($page == 'domains' || $page == 'overview') { $ssl_redirect = 0; $letsencrypt = 0; $http2 = 0; - // we need this for the serialize + // we need this for the json-encode // if ssl is disabled or no ssl-ip/port exists $ssl_ipandports[] = - 1; @@ -622,7 +622,7 @@ if ($page == 'domains' || $page == 'overview') { $ssl_redirect = 0; $letsencrypt = 0; $http2 = 0; - // we need this for the serialize + // we need this for the json-encode // if ssl is disabled or no ssl-ip/port exists $ssl_ipandports[] = - 1; @@ -692,7 +692,7 @@ if ($page == 'domains' || $page == 'overview') { } if (count($ssl_ipandports) == 0) { - // we need this for the serialize + // we need this for the json-encode // if ssl is disabled or no ssl-ip/port exists $ssl_ipandports[] = - 1; } @@ -794,9 +794,9 @@ if ($page == 'domains' || $page == 'overview') { 'dkim' => $dkim, 'speciallogfile' => $speciallogfile, 'selectserveralias' => $serveraliasoption, - 'ipandport' => serialize($ipandports), + 'ipandport' => json_encode($ipandports), 'ssl_redirect' => $ssl_redirect, - 'ssl_ipandport' => serialize($ssl_ipandports), + 'ssl_ipandport' => json_encode($ssl_ipandports), 'phpenabled' => $phpenabled, 'openbasedir' => $openbasedir, 'phpsettingid' => $phpsettingid, @@ -1420,7 +1420,7 @@ if ($page == 'domains' || $page == 'overview') { $ipandports = array(); if (isset($_POST['ipandport']) && ! is_array($_POST['ipandport'])) { - $_POST['ipandport'] = unserialize($_POST['ipandport']); + $_POST['ipandport'] = json_decode($_POST['ipandport'], true); } if (isset($_POST['ipandport']) && is_array($_POST['ipandport'])) { @@ -1466,7 +1466,7 @@ if ($page == 'domains' || $page == 'overview') { $ssl_ipandports = array(); if (isset($_POST['ssl_ipandport']) && ! is_array($_POST['ssl_ipandport'])) { - $_POST['ssl_ipandport'] = unserialize($_POST['ssl_ipandport']); + $_POST['ssl_ipandport'] = json_decode($_POST['ssl_ipandport'], true); } if (isset($_POST['ssl_ipandport']) && is_array($_POST['ssl_ipandport'])) { @@ -1494,7 +1494,7 @@ if ($page == 'domains' || $page == 'overview') { $ssl_redirect = 0; $letsencrypt = 0; $http2 = 0; - // we need this for the serialize + // we need this for the json-encode // if ssl is disabled or no ssl-ip/port exists $ssl_ipandports[] = - 1; @@ -1510,7 +1510,7 @@ if ($page == 'domains' || $page == 'overview') { $ssl_redirect = 0; $letsencrypt = 0; $http2 = 0; - // we need this for the serialize + // we need this for the json-encode // if ssl is disabled or no ssl-ip/port exists $ssl_ipandports[] = - 1; @@ -1603,7 +1603,7 @@ if ($page == 'domains' || $page == 'overview') { } if (count($ssl_ipandports) == 0) { - // we need this for the serialize + // we need this for the json-encode // if ssl is disabled or no ssl-ip/port exists $ssl_ipandports[] = - 1; } @@ -1668,8 +1668,8 @@ if ($page == 'domains' || $page == 'overview') { 'issubof' => $issubof, 'speciallogfile' => $speciallogfile, 'speciallogverified' => $speciallogverified, - 'ipandport' => serialize($ipandports), - 'ssl_ipandport' => serialize($ssl_ipandports), + 'ipandport' => json_encode($ipandports), + 'ssl_ipandport' => json_encode($ssl_ipandports), 'letsencrypt' => $letsencrypt, 'http2' => $http2, 'hsts_maxage' => $hsts_maxage, diff --git a/customer_extras.php b/customer_extras.php index 5800805d..5ef3cb61 100644 --- a/customer_extras.php +++ b/customer_extras.php @@ -563,7 +563,7 @@ if ($page == 'overview') { $existing_backupJob = null; while ($entry = $sel_stmt->fetch()) { - $data = unserialize($entry['data']); + $data = json_decode($entry['data'], true); if ($data['customerid'] == $userinfo['customerid']) { $existing_backupJob = $entry; break; @@ -613,7 +613,7 @@ if ($page == 'overview') { if (!empty($existing_backupJob)) { $action = "abort"; - $row = unserialize($entry['data']); + $row = json_decode($entry['data'], true); $row['path'] = makeCorrectDir(str_replace($userinfo['documentroot'], "/", $row['destdir'])); $row['backup_web'] = ($row['backup_web'] == '1') ? $lng['panel']['yes'] : $lng['panel']['no']; $row['backup_mail'] = ($row['backup_mail'] == '1') ? $lng['panel']['yes'] : $lng['panel']['no']; diff --git a/dns_editor.php b/dns_editor.php index 98a4d683..75b5978e 100644 --- a/dns_editor.php +++ b/dns_editor.php @@ -208,7 +208,7 @@ if ($action == 'add_record' && ! empty($_POST)) { // check for duplicate foreach ($dom_entries as $existing_entry) { - // compare serialized string of array + // compare json-encoded string of array $check_entry = $existing_entry; // new entry has no ID yet unset($check_entry['id']); @@ -218,9 +218,9 @@ if ($action == 'add_record' && ! empty($_POST)) { $check_entry['prio'] = (int) $check_entry['prio']; $check_entry['ttl'] = (int) $check_entry['ttl']; $check_entry['domain_id'] = (int) $check_entry['domain_id']; - // serialize both - $check_entry = serialize($check_entry); - $new = serialize($new_entry); + // encode both + $check_entry = json_encode($check_entry); + $new = json_encode($new_entry); // compare if ($check_entry === $new) { $errors[] = $lng['error']['dns_duplicate_entry']; diff --git a/install/froxlor.sql b/install/froxlor.sql index f39913fb..f445a0e9 100644 --- a/install/froxlor.sql +++ b/install/froxlor.sql @@ -692,7 +692,7 @@ opcache.interned_strings_buffer'), ('panel', 'password_special_char', '!?<>§$%+#=@'), ('panel', 'customer_hide_options', ''), ('panel', 'version', '0.9.39.5'), - ('panel', 'db_version', '201805241'); + ('panel', 'db_version', '201805290'); DROP TABLE IF EXISTS `panel_tasks`; diff --git a/install/lib/class.FroxlorInstall.php b/install/lib/class.FroxlorInstall.php index 1cbbd7ca..598bf66a 100644 --- a/install/lib/class.FroxlorInstall.php +++ b/install/lib/class.FroxlorInstall.php @@ -1015,6 +1015,16 @@ class FroxlorInstall $content .= $this->_status_message('green', $this->_lng['requirements']['installed']); } + // check for json extension + $content .= $this->_status_message('begin', $this->_lng['requirements']['phpjson']); + + if (! extension_loaded('json')) { + $content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']); + $_die = true; + } else { + $content .= $this->_status_message('green', $this->_lng['requirements']['installed']); + } + // check for bcmath extension $content .= $this->_status_message('begin', $this->_lng['requirements']['phpbcmath']); @@ -1033,15 +1043,6 @@ class FroxlorInstall $content .= $this->_status_message('green', $this->_lng['requirements']['installed']); } - // check for json extension - $content .= $this->_status_message('begin', $this->_lng['requirements']['phpjson']); - - if (! extension_loaded('json')) { - $content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "
" . $this->_lng['requirements']['jsondescription']); - } else { - $content .= $this->_status_message('green', $this->_lng['requirements']['installed']); - } - // check for open_basedir $content .= $this->_status_message('begin', $this->_lng['requirements']['openbasedir']); $php_ob = @ini_get("open_basedir"); diff --git a/install/lng/english.lng.php b/install/lng/english.lng.php index 8651bb83..a4cea2dc 100644 --- a/install/lng/english.lng.php +++ b/install/lng/english.lng.php @@ -38,7 +38,6 @@ $lng['requirements']['phpzip'] = 'PHP zip-extension...'; $lng['requirements']['phpjson'] = 'PHP json-extension...'; $lng['requirements']['bcmathdescription'] = 'Traffic-calculation related functions will not work correctly!'; $lng['requirements']['zipdescription'] = 'The auto-update feature requires the zip extension.'; -$lng['requirements']['jsondescription'] = 'The settings import/export feature requires the json extension.'; $lng['requirements']['openbasedir'] = 'open_basedir...'; $lng['requirements']['openbasedirenabled'] = 'Froxlor will not work properly with open_basedir enabled. Please disable open_basedir for Froxlor in the coresponding php.ini'; $lng['requirements']['diedbecauseofrequirements'] = 'Cannot install Froxlor without these requirements! Try to fix them and retry.'; diff --git a/install/lng/german.lng.php b/install/lng/german.lng.php index d18e94c0..4e4638db 100644 --- a/install/lng/german.lng.php +++ b/install/lng/german.lng.php @@ -38,7 +38,6 @@ $lng['requirements']['phpzip'] = 'PHP zip-Erweiterung...'; $lng['requirements']['phpjson'] = 'PHP json-Erweiterung...'; $lng['requirements']['bcmathdescription'] = 'Traffic-Berechnungs bezogene Funktionen stehen nicht vollständig zur Verfügung!'; $lng['requirements']['zipdescription'] = 'Die Auto-Update Funktion benötigt die zip Erweiterung.'; -$lng['requirements']['jsondescription'] = 'Die Einstellungen Import/Export Funktion benötigt die json Erweiterung.'; $lng['requirements']['openbasedir'] = 'open_basedir genutzt wird...'; $lng['requirements']['openbasedirenabled'] = 'Froxlor wird mit aktiviertem open_basedir nicht vollständig funktionieren. Bitte deaktivieren Sie open_basedir für Froxlor in der entsprechenden php.ini'; $lng['requirements']['diedbecauseofrequirements'] = 'Kann Froxlor ohne diese Voraussetzungen nicht installieren! Beheben Sie die angezeigten Probleme und versuchen Sie es erneut.'; diff --git a/install/updates/froxlor/0.9/update_0.9.inc.php b/install/updates/froxlor/0.9/update_0.9.inc.php index e5e3c60e..17432b94 100644 --- a/install/updates/froxlor/0.9/update_0.9.inc.php +++ b/install/updates/froxlor/0.9/update_0.9.inc.php @@ -3968,3 +3968,33 @@ if (isDatabaseVersion('201805240')) { updateToDbVersion('201805241'); } + +if (isDatabaseVersion('201805241')) { + + $do_update = true; + showUpdateStep("Checking for required PHP json-extension"); + if (! extension_loaded('json')) { + $do_update = false; + lastStepStatus(2, 'not installed'); + } else { + lastStepStatus(0); + + showUpdateStep("Checking for current cronjobs that need converting"); + $result_tasks_stmt = Database::query(" + SELECT * FROM `" . TABLE_PANEL_TASKS . "` ORDER BY `id` ASC + "); + $upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_TASKS . "` SET `data` = :data WHERE `id` = :taskid"); + while ($row = $result_tasks_stmt->fetch(PDO::FETCH_ASSOC)) { + if (! empty($row['data'])) { + $data = unserialize($row['data']); + Database::pexecute($upd_stmt, array( + 'data' => json_encode($data), + 'taskid' => $row['id'] + )); + } + } + lastStepStatus(0); + + updateToDbVersion('201805290'); + } +} diff --git a/lib/classes/output/class.paging.php b/lib/classes/output/class.paging.php index 8ee2bc25..64643b7d 100644 --- a/lib/classes/output/class.paging.php +++ b/lib/classes/output/class.paging.php @@ -114,7 +114,7 @@ class paging { $this->userinfo = $userinfo; if (!is_array($this->userinfo['lastpaging'])) { - $this->userinfo['lastpaging'] = unserialize($this->userinfo['lastpaging']); + $this->userinfo['lastpaging'] = json_decode($this->userinfo['lastpaging'], true); } $this->table = $table; @@ -224,7 +224,7 @@ class paging { AND `adminsession` = :adminsession "); $upd_data = array( - 'lastpaging' => serialize($this->userinfo['lastpaging']), + 'lastpaging' => json_encode($this->userinfo['lastpaging']), 'hash' => $userinfo['hash'], 'userid' => $userinfo['userid'], 'ipaddr' => $userinfo['ipaddress'], diff --git a/lib/functions/froxlor/function.CronjobFunctions.php b/lib/functions/froxlor/function.CronjobFunctions.php index a2c09785..0b5f80ff 100644 --- a/lib/functions/froxlor/function.CronjobFunctions.php +++ b/lib/functions/froxlor/function.CronjobFunctions.php @@ -63,7 +63,7 @@ function getOutstandingTasks() { while ($row = $result->fetch(PDO::FETCH_ASSOC)) { if ($row['data'] != '') { - $row['data'] = unserialize($row['data']); + $row['data'] = json_decode($row['data'], true); } // rebuilding webserver-configuration diff --git a/lib/functions/froxlor/function.inserttask.php b/lib/functions/froxlor/function.inserttask.php index 3f2cdbde..705bf77e 100644 --- a/lib/functions/froxlor/function.inserttask.php +++ b/lib/functions/froxlor/function.inserttask.php @@ -70,7 +70,7 @@ function inserttask($type, $param1 = '', $param2 = '', $param3 = '', $param4 = ' $data['uid'] = $param2; $data['gid'] = $param3; $data['store_defaultindex'] = $param4; - $data = serialize($data); + $data = json_encode($data); Database::pexecute($ins_stmt, array('type' => '2', 'data' => $data)); } elseif ($type == '6' @@ -78,7 +78,7 @@ function inserttask($type, $param1 = '', $param2 = '', $param3 = '', $param4 = ' ) { $data = array(); $data['loginname'] = $param1; - $data = serialize($data); + $data = json_encode($data); Database::pexecute($ins_stmt, array('type' => '6', 'data' => $data)); } elseif ($type == '7' @@ -88,7 +88,7 @@ function inserttask($type, $param1 = '', $param2 = '', $param3 = '', $param4 = ' $data = array(); $data['loginname'] = $param1; $data['email'] = $param2; - $data = serialize($data); + $data = json_encode($data); Database::pexecute($ins_stmt, array('type' => '7', 'data' => $data)); } elseif ($type == '8' @@ -98,13 +98,13 @@ function inserttask($type, $param1 = '', $param2 = '', $param3 = '', $param4 = ' $data = array(); $data['loginname'] = $param1; $data['homedir'] = $param2; - $data = serialize($data); + $data = json_encode($data); Database::pexecute($ins_stmt, array('type' => '8', 'data' => $data)); } elseif ($type == '20' && is_array($param1) ) { - $data = serialize($param1); + $data = json_encode($param1); Database::pexecute($ins_stmt, array('type' => '20', 'data' => $data)); } } diff --git a/scripts/jobs/cron_backup.php b/scripts/jobs/cron_backup.php index b01fe1ed..131a2004 100644 --- a/scripts/jobs/cron_backup.php +++ b/scripts/jobs/cron_backup.php @@ -79,7 +79,7 @@ $all_jobs = $result_tasks_stmt->fetchAll(); foreach ($all_jobs as $row) { if ($row['data'] != '') { - $row['data'] = unserialize($row['data']); + $row['data'] = json_decode($row['data'], true); } if (is_array($row['data'])) { diff --git a/scripts/jobs/cron_tasks.php b/scripts/jobs/cron_tasks.php index b7176a53..48cbbb66 100644 --- a/scripts/jobs/cron_tasks.php +++ b/scripts/jobs/cron_tasks.php @@ -43,7 +43,7 @@ while ($row = $result_tasks_stmt->fetch(PDO::FETCH_ASSOC)) { $resultIDs[] = $row['id']; if ($row['data'] != '') { - $row['data'] = unserialize($row['data']); + $row['data'] = json_decode($row['data'], true); } /** From b80bdcbc4fe6149cb696944e25433a8479ca13d4 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Tue, 29 May 2018 15:54:44 +0200 Subject: [PATCH 5/5] forgot to add version file Signed-off-by: Michael Kaufmann --- lib/version.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/version.inc.php b/lib/version.inc.php index 3f870d38..eb1a527a 100644 --- a/lib/version.inc.php +++ b/lib/version.inc.php @@ -19,7 +19,7 @@ $version = '0.9.39.5'; // Database version (YYYYMMDDC where C is a daily counter) -$dbversion = '201805241'; +$dbversion = '201805290'; // Distribution branding-tag (used for Debian etc.) $branding = '';