added TODO-file;

fixed syscp-bug #1246;
fixed syscp-bug #1279;
fixed syscp-bug #1283;

TODO

@@ -0,0 +1,50 @@
+ 	 	 	0001282 		Homedirs von Dovecot identisch
+ 	 	 	0001274 		Option to mark a Domain as Subdomain possible or not
+FIXED	 	 	0001283 		SysCP creating broken lighttpd config files
+ 	 	 	0001213 		APS class_apsinstaller.php on line 510 - error installing different apps
+ 	 	 	0001272 		Default Config for libnss incomplete (debian/lenny)
+FIXED	 	 	0001281 		Wrong open_basedir directive
+ 	 	 	0001280 		deb packet 1.4.2.1-2 fu*ked
+FIXED	 	 	0001279 		incorrect usage of escapeshellcmd
+ 	 	 	0001269 		AWStats RewriteRule is wrong
+ 	 	 	0001278 		Customer and domain directories are not created
+ 	 	 	0001277 		Apache Redirect => permanent 301
+ 	 	 	0001276 		Bind Zones Not Updated on Nameserver Change
+ 	 	 	0001275 		Setting up Traffic limit is limited to 999 GB
+ 	 	 	0001273 		APS-Installer
+ 	 	 	0001271 		cant install the package magento
+ 	 	 	0001270 		xinet reltime update mistake
+ 	 	 	0001268 		SysCP Funktion: aktualisierung in Real-Time
+ 	 	 	0001041 		Customer should have access to his webserver logs.
+ 	 	 	0001267 		Domain-Aliases also create a HOST-entry
+ 	 	 	0001266 		Lighttpd has a internal limit of regex-hits which limits max amount of domain-aliases
+ 	 	 	0001263 		Cosmettic Change
+WONTFIX 	 	0001056 	 	Need extra payment methods
+WONTFIX 	 	0001262 		Currency type modification.
+WONTFIX 	 	0001257 		Fee is recalculated with current contract data although interval is over
+ 	 	 	0001255 		Wrong path to usage statistics under domain settings
+ 	 	 	0001261 		No e-mail on 90% traffic
+ 	 	 	0001260 		2x F5 causes bigger fonts
+WONTFIX  	 	0001259 		contract-changes optional with cron to the end of the interval
+WONTFIX  	 	0001258 		Make invoices immediately
+ 	 	 	0001120 		Missing function to calculate the mail traffic
+ 	 	 	0001236 		the cron doesnt delete user directories
+ 	 	 	0001244 		customer view too wide for 1024x768 resolutions
+ 	 	 	0001229 		subdomains and Own vHost-Settings
+ 	 	 	0001254 		Installation no next button
+FIXED	 	 	0001253 		admin_customers.php line 803 / 804 contain the same
+ 	 	 	0001252 		Backup Cronjob for Customers
+ 	 	 	0001250 		Apache redirect to Umlautdomains does not work
+ 	 	 	0001251 		possibility to manage WebDAV config in SysCP
+ 	 	 	0001249 		SysCP SVN(!) settings loader doesn't load some settings
+WONTFIX 	 	0001248 		blog.syscp.org
+ 	 	 	0001042 		Webalizer dir should not be deletable
+ 	 	 	0001247 		tab order problems at email forward mask
+FIXED	 	 	0001246 		wrong variable assigned in /templates/admin/customers/customers_add.tpl
+ 	 	 	0001245 		Password Protect /awstats/ when using awstats and fcgid
+ 	 	 	0001156 		Repairing use of awstats and awstats-icons with fcgi
+ 	 	 	0001243 		Wrong uid and gid for php-fcgi-starter
+ 	 	 	0001242 		When email qouta is enabled, you cannot add more resources to a client.
+ 	 	 	0001241 		Patch for facilate customizing syscp
+ 	 	 	0001240 		Wrong php.ini for subdomains with fastCGI
+ 	 	 	0001239 		awstats configs get cluttered up after domain deletion

lib/classes/aps/class.ApsInstaller.php

@@ -135,7 +135,7 @@ class ApsInstaller extends ApsParser
 			chdir($this->RealPath . $this->DomainPath . '/install_scripts/');
 			$Return = array();
 			$ReturnStatus = 0;
-			$Return = safe_exec('php ' . escapeshellcmd($this->RealPath . $this->DomainPath . '/install_scripts/configure install'), $ReturnStatus);
+			$Return = safe_exec('php ' . escapeshellarg($this->RealPath . $this->DomainPath . '/install_scripts/configure install'), $ReturnStatus);
 
 			if($ReturnStatus != 0)
 			{

scripts/cron_tasks.inc.dns.10.bind.php

@@ -290,13 +290,13 @@ class bind
 					$max_dkim_id = $this->db->query_first("SELECT MAX(`dkim_id`) as `max_dkim_id` FROM `" . TABLE_PANEL_DOMAINS . "`");
 					$domain['dkim_id'] = (int)$max_dkim_id['max_dkim_id'] + 1;
 					$privkey_filename = makeCorrectFile($this->settings['dkim']['dkim_prefix'] . '/dkim_' . $domain['dkim_id'] . '.private');
-					safe_exec('openssl genrsa -out ' . escapeshellcmd($privkey_filename) . ' 1024');
+					safe_exec('openssl genrsa -out ' . escapeshellarg($privkey_filename) . ' 1024');
 					$domain['dkim_privkey'] = file_get_contents($privkey_filename);
-					safe_exec("chmod 0640 " . escapeshellcmd($privkey_filename));
+					safe_exec("chmod 0640 " . escapeshellarg($privkey_filename));
 					$pubkey_filename = makeCorrectFile($this->settings['dkim']['dkim_prefix'] . '/dkim_' . $domain['dkim_id'] . '.public');
-					safe_exec('openssl rsa -in ' . escapeshellcmd($privkey_filename) . ' -pubout -outform pem -out ' . escapeshellcmd($pubkey_filename));
+					safe_exec('openssl rsa -in ' . escapeshellarg($privkey_filename) . ' -pubout -outform pem -out ' . escapeshellarg($pubkey_filename));
 					$domain['dkim_pubkey'] = file_get_contents($pubkey_filename);
-					safe_exec("chmod 0664 " . escapeshellcmd($pubkey_filename));
+					safe_exec("chmod 0664 " . escapeshellarg($pubkey_filename));
 					$this->db->query("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `dkim_id` = '" . $domain['dkim_id'] . "', `dkim_privkey` = '" . $domain['dkim_privkey'] . "', `dkim_pubkey` = '" . $domain['dkim_pubkey'] . "' WHERE `id` = '" . $domain['id'] . "'");
 				}
 
@@ -306,7 +306,7 @@ class bind
 					$privkey_file_handler = fopen($privkey_filename, "w");
 					fwrite($privkey_file_handler, $domain['dkim_privkey']);
 					fclose($privkey_file_handler);
-					safe_exec("chmod 0640 " . escapeshellcmd($privkey_filename));
+					safe_exec("chmod 0640 " . escapeshellarg($privkey_filename));
 				}
 
 				if(!file_exists($pubkey_filename)
@@ -315,7 +315,7 @@ class bind
 					$pubkey_file_handler = fopen($pubkey_filename, "w");
 					fwrite($pubkey_file_handler, $domain['dkim_pubkey']);
 					fclose($pubkey_file_handler);
-					safe_exec("chmod 0664 " . escapeshellcmd($pubkey_filename));
+					safe_exec("chmod 0664 " . escapeshellarg($pubkey_filename));
 				}
 
 				$dkimdomains.= $domain['domain'] . "\n";

scripts/cron_tasks.inc.http.20.lighttpd.php

@@ -287,6 +287,9 @@ class lighttpd
 		$query = "SELECT * FROM " . TABLE_PANEL_HTACCESS . " WHERE `path` LIKE '" . $domain['documentroot'] . "%'";
 		$result = $this->db->query($query);
 
+		$path_options = '';
+		$error_string = '';
+		
 		while($row = $this->db->fetch_array($result))
 		{
 			if(!empty($row['error404path']))
@@ -301,13 +304,21 @@ class lighttpd
 				// We need to remove the last slash, otherwise the regex wouldn't work
 
 				$path = substr($path, 0, -1);
-				$error_string.= '$HTTP["url"] =~ "^' . $path . '($|/)" {' . "\n";
-				$error_string.= "\t" . 'dir-listing.activate = "enable"' . "\n";
-				$error_string.= '}' . "\n";
+				$path_options.= '$HTTP["url"] =~ "^' . $path . '($|/)" {' . "\n";
+				$path_options.= "\t" . 'dir-listing.activate = "enable"' . "\n";
+				if(!empty($error_string))
+				{
+					$path_options.= $error_string;
+				}
+				$path_options.= '}' . "\n";
+			}
+			else
+			{
+				$path_options = $error_string;
 			}
 		}
 
-		return $error_string;
+		return $path_options;
 	}
 
 	protected function getDirOptions($domain)

templates/admin/customers/customers_add.tpl

@@ -119,7 +119,7 @@ $header
 			<if $settings['system']['mail_quota_enabled'] == 1>
 			<tr>
 				<td class="main_field_name">{$lng['customer']['email_quota']}: *</td>
-				<td class="main_field_display" nowrap="nowrap"><input type="text" class="textul" name="email_quota" value="" maxlength="9" />&nbsp;{$diskspace_ul}</td>
+				<td class="main_field_display" nowrap="nowrap"><input type="text" class="textul" name="email_quota" value="" maxlength="9" />&nbsp;{$email_quota_ul}</td>
 			</tr>
 			</if>
 			<tr>

templates/footer.tpl

@@ -4,11 +4,11 @@
 		<table cellspacing="0" cellpadding="0" border="0" width="100%">
 			<tr>
 				<td width="100%" class="footer">
-					<br />SysCP
+					<br />Froxlor
 					<if ($settings['admin']['show_version_login'] == '1' && $filename == 'index.php') || ($filename != 'index.php' && $settings['admin']['show_version_footer'] == '1')>
-						 {$version} ({$dbversion})
+						 {$version}
 					</if>
-					<a style="text-decoration:none;" href="index.php?page=easter&amp;action=egg">&copy;</a> 2003-2009 by <a href="http://www.syscp.org/" target="_blank">the SysCP Team</a>
+					&copy; 2009-2010 by <a href="http://www.froxlor.org/" target="_blank">the Froxlor Team</a>
 					<br />Theme: Luca Piona and Luca Longinotti
 					<if $lng['translator'] != ''>
 					<br />{$lng['panel']['translator']}: {$lng['translator']}

templates/header.tpl

@@ -11,14 +11,14 @@
 </head>
 <body style="margin: 0; padding: 0;"<if !isset($userinfo['loginname']) && !(isset($userinfo['loginname']) && $userinfo['loginname'] == '')> onload="document.loginform.loginname.focus()"</if>>
 <!--
-    We request you retain the full copyright notice below including the link to www.syscp.org.
+    We request you retain the full copyright notice below including the link to www.froxlor.org.
     This not only gives respect to the large amount of time given freely by the developers
-    but also helps build interest, traffic and use of SysCP. If you refuse
+    but also helps build interest, traffic and use of Froxlor. If you refuse
     to include even this then support on our forums may be affected.
-    The SysCP Team : 2003-2007
+    The Froxlor Team : 2009-2010
 // -->
 <!--
-	Templates by Luca Piona (info@havanastudio.ch) and Luca Longinotti (chtekk@gentoo.org)
+	Templates based on work by Luca Piona (info@havanastudio.ch) and Luca Longinotti (chtekk@gentoo.org)
 // -->
 <table cellspacing="0" cellpadding="0" border="0" width="100%">
 	<tr>