set version to 0.9.31 for upcoming release

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>

.gitignore

@@ -2,6 +2,7 @@ packages/*
 lib/classes/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer/*/
 temp/*
 templates/*
+logs/*
 install/update.log
 .buildpath
 .project

actions/admin/settings/100.panel.php

@@ -194,6 +194,14 @@ return array(
 					'default' => false,
 					'save_method' => 'storeSettingField',
 					),
+				'admin_show_news_feed' => array(
+					'label' => $lng['admin']['show_news_feed'],
+					'settinggroup' => 'admin',
+					'varname' => 'show_news_feed',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
 				'panel_allow_domain_change_admin' => array(
 					'label' => $lng['serversettings']['panel_allow_domain_change_admin'],
 					'settinggroup' => 'panel',

actions/admin/settings/135.fcgid.php

@@ -129,7 +129,7 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'mod_fcgid_defaultini_ownvhost',
 					'type' => 'option',
-					'default' => '1',
+					'default' => '2',
 					'option_mode' => 'one',
 					'option_options_method' => 'getPhpConfigs',
 					'save_method' => 'storeSettingField',

actions/admin/settings/136.phpfpm.php

@@ -69,7 +69,7 @@ return array(
 					'settinggroup' => 'phpfpm',
 					'varname' => 'vhost_defaultini',
 					'type' => 'option',
-					'default' => '1',
+					'default' => '2',
 					'option_mode' => 'one',
 					'option_options_method' => 'getPhpConfigs',
 					'save_method' => 'storeSettingField'

admin_cronjobs.php

@@ -35,11 +35,8 @@ if ($page == 'cronjobs' || $page == 'overview') {
 		);
 		$paging = new paging($userinfo, TABLE_PANEL_CRONRUNS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
 
-		/*
-		 * @TODO Fix sorting
-		 */
 		$crons = '';
-		$result_stmt = Database::prepare("SELECT `c`.* FROM `" . TABLE_PANEL_CRONRUNS . "` `c` ORDER BY `cronfile` ASC");
+		$result_stmt = Database::prepare("SELECT `c`.* FROM `" . TABLE_PANEL_CRONRUNS . "` `c` ORDER BY `module` ASC, `cronfile` ASC");
 		Database::pexecute($result_stmt);
 		$paging->setEntries(Database::num_rows());
 		$sortcode = $paging->getHtmlSortCode($lng);
@@ -49,8 +46,14 @@ if ($page == 'cronjobs' || $page == 'overview') {
 
 		$i = 0;
 		$count = 0;
+		$cmod = '';
 
 		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+			if ($cmod != $row['module']) {
+				$module = ucfirst(explode("/", $row['module'])[1]);
+				eval("\$crons.=\"" . getTemplate('cronjobs/cronjobs_cronjobmodule') . "\";");
+				$cmod = $row['module'];
+			}
 			if ($paging->checkDisplay($i)) {
 				$row = htmlentities_array($row);
 

admin_customers.php

@@ -247,36 +247,20 @@ if ($page == 'customers'
 				Database::needRoot(true);
 				$last_dbserver = 0;
 
+				$dbm = new DbManager($settings, $log);
+
 				while ($row_database = $databases_stmt->fetch(PDO::FETCH_ASSOC)) {
 
 					if ($last_dbserver != $row_database['dbserver']) {
 						Database::needRoot(true, $row_database['dbserver']);
-						Database::query('FLUSH PRIVILEGES;');
+						$dbm->getManager()->flushPrivileges();
 						$last_dbserver = $row_database['dbserver'];
 					}
 
-					if (Database::getAttribute(PDO::ATTR_SERVER_VERSION) < '5.0.2') {
-						// failsafe if user has been deleted manually (requires MySQL 4.1.2+)
-						$stmt = Database::prepare("REVOKE ALL PRIVILEGES, GRANT OPTION FROM `".$row_database['databasename']."`");
-						Database::pexecute($stmt, array(), false);
-					}
-
-					$host_res_stmt = Database::prepare("
-						SELECT `Host` FROM `mysql`.`user`
-						WHERE `User` = :dbname"
-					);
-					Database::pexecute($host_res_stmt, array('dbname' => $row_database['databasename']));
-					while ($host = $host_res_stmt->fetch(PDO::FETCH_ASSOC)) {
-						// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
-						$drop_stmt = Database::prepare("DROP USER :dbname@:host");
-						Database::pexecute($drop_stmt, array(':dbname' => $row_database['databasename'], ':host' => $host['Host']), false);
-					}
-
-					$drop_stmt = Database::prepare("DROP DATABASE IF EXISTS `".$row_database['databasename']."`");
-					Database::pexecute($drop_stmt);
+					$dbm->getManager()->deleteDatabase($row_database['databasename']);
 				}
 
-				Database::query('FLUSH PRIVILEGES;');
+				$dbm->getManager()->flushPrivileges();
 				Database::needRoot(false);
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `customerid` = :id");
 				Database::pexecute($stmt, array('id' => $id));
@@ -289,7 +273,7 @@ if ($page == 'customers'
 				Database::pexecute($stmt, array('id' => $id));
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `customerid` = :id");
 				Database::pexecute($stmt, array('id' => $id));
-				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `customerid` = :id AND `adminsession` = '0'");
+				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid` = :id AND `adminsession` = '0'");
 				Database::pexecute($stmt, array('id' => $id));
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_TRAFFIC . "` WHERE `customerid` = :id");
 				Database::pexecute($stmt, array('id' => $id));
@@ -316,7 +300,7 @@ if ($page == 'customers'
 					DELETE FROM `" . TABLE_PANEL_TASKS . "`
 					WHERE `type` = '2' AND `data` LIKE :loginname"
 				);
-				Database::pexecute($del_stmt, array(':loginname' => "%:{$result['loginname']};%"));
+				Database::pexecute($del_stmt, array('loginname' => "%:{$result['loginname']};%"));
 
 				// remove everything APS-related, #216
 				$apsresult_stmt = Database::prepare("SELECT `ID` FROM `".TABLE_APS_INSTANCES."` WHERE `CustomerID` = :id");
@@ -331,7 +315,7 @@ if ($page == 'customers'
 					Database::pexecute($del_stmt, array('iid' => $apsrow['ID']));
 				}
 				// now remove all user instances
-				$stmt = Database::prepare("DELETE FROM `".TABLE_APS_INSTANCES."` WHERE `CustomerID` = :id'");
+				$stmt = Database::prepare("DELETE FROM `".TABLE_APS_INSTANCES."` WHERE `CustomerID` = :id");
 				Database::pexecute($stmt, array('id' => $id));
 				// eventually some temp-setting-leftovers
 				$stmt = Database::prepare("DELETE FROM `".TABLE_APS_TEMP_SETTINGS."` WHERE `CustomerID` = :id");
@@ -917,6 +901,8 @@ if ($page == 'customers'
 					Database::pexecute($ins_stmt, array('name' => $loginname));
 					$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added ftp-account for user '" . $loginname . "'");
 
+					$_stdsubdomain = '';
+
 					if ($createstdsubdomain == '1') {
 
 						if (isset($settings['system']['stdsubdomain'])
@@ -968,13 +954,28 @@ if ($page == 'customers'
 
 					if ($sendpassword == '1') {
 
+						$srv_hostname = $settings['system']['hostname'];
+						if ($settings['system']['froxlordirectlyviahostname'] == '0') {
+							$srv_hostname .= '/froxlor';
+						}
+
+						$srv_ip_stmt = Database::prepare("
+							SELECT ip, port FROM `".TABLE_PANEL_IPSANDPORTS."`
+							WHERE `id` = :defaultip
+						");
+						$srv_ip = Database::pexecute_first($srv_ip_stmt, array('defaultip' => $settings['system']['defaultip']));
+
 						$replace_arr = array(
 							'FIRSTNAME' => $firstname,
 							'NAME' => $name,
 							'COMPANY' => $company,
 							'SALUTATION' => getCorrectUserSalutation(array('firstname' => $firstname, 'name' => $name, 'company' => $company)),
 							'USERNAME' => $loginname,
-							'PASSWORD' => $password
+							'PASSWORD' => $password,
+							'SERVER_HOSTNAME' => $srv_hostname,
+							'SERVER_IP' => isset($srv_ip['ip']) ? $srv_ip['ip'] : '',
+							'SERVER_PORT' => isset($srv_ip['port']) ? $srv_ip['port'] : '',
+							'DOMAINNAME' => $_stdsubdomain
 						);
 
 						// Get mail templates from database; the ones from 'admin' are fetched for fallback
@@ -1304,7 +1305,7 @@ if ($page == 'customers'
 
 						// set ip <-> domain connection
 						$ins_stmt = Database::prepare("
-							INSERT INTO `".TABLE_DOMAINTOIP."` SET `id_domain` = :domainid, `id_ipandports` = :ipid'"
+							INSERT INTO `".TABLE_DOMAINTOIP."` SET `id_domain` = :domainid, `id_ipandports` = :ipid"
 						);
 						Database::pexecute($ins_stmt, array('domainid' => $domainid, 'ipid' => $settings['system']['defaultip']));
 
@@ -1376,11 +1377,14 @@ if ($page == 'customers'
 
 						Database::needRoot(true);
 						$last_dbserver = 0;
+
+						$dbm = new DbManager($settings, $log);
+
 						// For each of them
 						while ($row_database = $databases_stmt->fetch(PDO::FETCH_ASSOC)) {
 
 							if ($last_dbserver != $row_database['dbserver']) {
-								Database::query('FLUSH PRIVILEGES;');
+								$dbm->getManager()->flushPrivileges();
 								Database::needRoot(true, $row_database['dbserver']);
 								$last_dbserver = $row_database['dbserver'];
 							}
@@ -1391,19 +1395,16 @@ if ($page == 'customers'
 								// Prevent access, if deactivated
 								if ($deactivated) {
 									// failsafe if user has been deleted manually (requires MySQL 4.1.2+)
-									$stmt = Database::prepare("REVOKE ALL PRIVILEGES, GRANT OPTION FROM `".$row_database['databasename']."`");
-									Database::pexecute($stmt, array(), false);
-
+									$dbm->getManager()->disableUser($row_database['databasename'], $mysql_access_host);
 								} else {
 									// Otherwise grant access
-									Database::query('GRANT ALL PRIVILEGES ON `' . $row_database['databasename'] .'`.* TO `' . $row_database['databasename'] . '`@`' . $mysql_access_host . '`');
-									Database::query('GRANT ALL PRIVILEGES ON `' . str_replace('_', '\_', $row_database['databasename']) . '` . * TO `' . $row_database['databasename'] . '`@`' . $mysql_access_host . '`');
+									$dbm->getManager()->enableUser($row_database['databasename'], $mysql_access_host);
 								}
 							}
 						}
 
-						/* At last flush the new privileges */
-						Database::query('FLUSH PRIVILEGES;');
+						// At last flush the new privileges
+						$dbm->getManager()->flushPrivileges();
 						Database::needRoot(false);
 
 						$log->logAction(ADM_ACTION, LOG_INFO, "deactivated user '" . $result['loginname'] . "'");

admin_domains.php

@@ -236,7 +236,7 @@ if ($page == 'domains'
 					`domains_used` = `domains_used` - 1
 					WHERE `adminid` = :adminid"
 				);
-				Database::pexecute($upd_stmt, array('adminid' => $userinfo['admind']));
+				Database::pexecute($upd_stmt, array('adminid' => $userinfo['adminid']));
 
 				$upd_stmt = Database::prepare("
 					UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET

admin_index.php

@@ -108,7 +108,12 @@ if ($page == 'overview') {
 					$lookfornewversion_link = $_link;
 					$lookfornewversion_addinfo = $_message;
 
-					if (version_compare2($version, $_version) == -1) {
+					// not numeric -> error-message
+					if (!is_numeric($_version)) {
+						// check for customized version to not output
+						// "There is a newer version of froxlor" besides the error-message
+						$isnewerversion = 2;
+					} elseif (version_compare2($version, $_version) == -1) {
 						$isnewerversion = 1;
 					} else {
 						$isnewerversion = 0;
@@ -359,7 +364,7 @@ if ($page == 'overview') {
 			$mail_body .= "-------------------------------------------------------------\n\n";
 			$mail_body .= "Froxlor-version: ".$version."\n\n";
 			$mail_body .= "End of report";
-			$mail_html = str_replace("\n", "<br />", $mail_body);
+			$mail_html = nl2br($mail_body);
 
 			// send actual report to dev-team
 			if (isset($_POST['send'])

admin_ipsandports.php

@@ -153,7 +153,7 @@ if ($page == 'ipsandports'
 			$docroot = validate($_POST['docroot'], 'docroot');
 
 			if ((int)$settings['system']['use_ssl'] == 1) {
-				$ssl = intval($_POST['ssl']);
+				$ssl = isset($_POST['ssl']) ? intval($_POST['ssl']) : 0;
 				$ssl_cert_file = validate($_POST['ssl_cert_file'], 'ssl_cert_file');
 				$ssl_key_file = validate($_POST['ssl_key_file'], 'ssl_key_file');
 				$ssl_ca_file = validate($_POST['ssl_ca_file'], 'ssl_ca_file');

admin_settings.php

@@ -26,9 +26,7 @@ Database::needSqlData();
 $sql_root = Database::getSqlData();
 Database::needRoot(false);
 
-if (($page == 'settings' || $page == 'overview')
-	&& $userinfo['change_serversettings'] == '1'
-) {
+if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
 	$settings_data = loadConfigArrayDir('./actions/admin/settings/');
 	$settings = loadSettings($settings_data);
 

admin_tickets.php

@@ -63,15 +63,11 @@ if ($page == 'tickets'
 		$log->logAction(ADM_ACTION, LOG_NOTICE, "viewed admin_tickets");
 		$fields = array(
 			'status' => $lng['ticket']['status'],
-			'priority' => $lng['ticket']['priority'],
 			'lastchange' => $lng['ticket']['lastchange'],
-			'ticket_answers' => $lng['ticket']['ticket_answers'],
 			'subject' => $lng['ticket']['subject'],
 			'lastreplier' => $lng['ticket']['lastreplier']
 		);
 		$paging = new paging($userinfo, TABLE_PANEL_TICKETS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$paging->sortfield = 'lastchange';
-		$paging->sortorder = 'desc';
 		$result_stmt = Database::prepare("
 			SELECT `main`.`id`, `main`.`customerid`, (
 				SELECT COUNT(`sub`.`id`)
@@ -170,8 +166,8 @@ if ($page == 'tickets'
 					$count++;
 					$_cid = $row['customerid'];
 				}
+				$i++;
 			}
-			$i++;
 		}
 		eval("echo \"" . getTemplate("tickets/tickets") . "\";");
 
@@ -380,7 +376,7 @@ if ($page == 'tickets'
 			$priorities = makeoption($lng['ticket']['high'], '1', $mainticket->Get('priority'), true, true);
 			$priorities.= makeoption($lng['ticket']['normal'], '2', $mainticket->Get('priority'), true, true);
 			$priorities.= makeoption($lng['ticket']['low'], '3', $mainticket->Get('priority'), true, true);
-			$subject = $mainticket->Get('subject');
+			$subject = htmlentities($mainticket->Get('subject'));
 			$ticket_replies_count = $numrows_andere + 1;
 
 			// don't forget the main-ticket!
@@ -815,8 +811,22 @@ if ($page == 'tickets'
 				WHERE `customerid` = :cid'
 			);
 			$usr = Database::pexecute_first($usr_stmt, array('cid' => $cid));
-			$by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $cid)).'" rel="external">';
-			$by .= getCorrectFullUserDetails($usr).'</a>';
+
+			if (isset($usr['loginname'])) {
+				$customer = getCorrectFullUserDetails($usr);
+				$customerloginname = ' ('.$usr['loginname'].')';
+				$customerid = $usr['customerid'];
+			} else {
+				$customer = $lng['ticket']['nonexistingcustomer'];
+				$customerid = 0;
+				$customerloginname = '';
+			}
+			if ($customerid != 0) {
+				$by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $customerid)).'" rel="external">';
+				$by .= $customer.$customerloginname.'</a>';
+			} else {
+				$by = $customer;
+			}
 		}
 
 		$subject = $mainticket->Get('subject');
@@ -849,8 +859,22 @@ if ($page == 'tickets'
 					WHERE `customerid` = :cid'
 				);
 				$usr = Database::pexecute_first($usr_stmt, array('cid' => $cid));
-				$by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $cid)).'" rel="external">';
-				$by .= getCorrectFullUserDetails($usr).'</a>';
+
+				if (isset($usr['loginname'])) {
+					$customer = getCorrectFullUserDetails($usr);
+					$customerloginname = ' ('.$usr['loginname'].')';
+					$customerid = $usr['customerid'];
+				} else {
+					$customer = $lng['ticket']['nonexistingcustomer'];
+					$customerid = 0;
+					$customerloginname = '';
+				}
+				if ($customerid != 0) {
+					$by = '<a href="'.$linker->getLink(array('section' => 'customers', 'page' => 'customers', 'action' => 'su', 'id' => $customerid)).'" rel="external">';
+					$by .= $customer.$customerloginname.'</a>';
+				} else {
+					$by = $customer;
+				}
 			}
 
 			$subject = $subticket->Get('subject');

customer_email.php

@@ -379,7 +379,7 @@ if ($page == 'overview') {
 						standard_error('youhavealreadyacatchallforthisdomain');
 						exit;
 					} else {
-						$stmt = Database::pexecute("UPDATE `" . TABLE_MAIL_VIRTUAL . "`
+						$stmt = Database::prepare("UPDATE `" . TABLE_MAIL_VIRTUAL . "`
 							SET `email` = :email , `iscatchall` = '1'
 							WHERE `customerid`= :cid
 							AND `id`= :id"

customer_mysql.php

@@ -109,28 +109,9 @@ if ($page == 'overview') {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				// Begin root-session
 				Database::needRoot(true, $result['dbserver']);
+				$dbm = new DbManager($settings, $log);
+				$dbm->getManager()->deleteDatabase($result['databasename']);
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted database '" . $result['databasename'] . "'");
-				if (Database::getAttribute(PDO::ATTR_SERVER_VERSION) < '5.0.2') {
-					// Revoke privileges (only required for MySQL 4.1.2 - 5.0.1)
-					$stmt = Database::prepare("REVOKE ALL PRIVILEGES, GRANT OPTION FROM :databasename");
-					Database::pexecute($stmt, array("databasename" => $result['databasename']));
-				}
-
-				$host_res_stmt = Database::prepare("SELECT `Host` FROM `mysql`.`user`
-					WHERE `User`= :databasename"
-				);
-				Database::pexecute($host_res_stmt, array("databasename" => $result['databasename']));
-
-				while ($host = $host_res_stmt->fetch(PDO::FETCH_ASSOC)) {
-					// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
-					$stmt = Database::prepare("DROP USER :databasename@:host");
-					Database::pexecute($stmt, array("databasename" => $result['databasename'], "host" => $host['Host']));
-				}
-
-				$stmt = Database::prepare("DROP DATABASE IF EXISTS `" . $result['databasename'] . "`");
-				Database::pexecute($stmt, array(), false);
-				$stmt = Database::prepare("FLUSH PRIVILEGES");
-				Database::pexecute($stmt);
 				Database::needRoot(false);
 				// End root-session
 
@@ -189,40 +170,13 @@ if ($page == 'overview') {
 					// validate description before actual adding the database, #1052
 					$databasedescription = validate(trim($_POST['description']), 'description');
 
-					// Begin root-session
-					Database::needRoot(true);
-					if (strtoupper($settings['customer']['mysqlprefix']) == 'RANDOM') {
-						$result_stmt = Database::prepare('SELECT `User` FROM mysql.user');
-						Database::pexecute($result_stmt);
-						while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-							$allsqlusers[] = $row[User];
-						}
-						$username = $userinfo['loginname'] . '-' . substr(md5(uniqid(microtime(), 1)), 20, 3);
-						while (in_array($username , $allsqlusers)) {
-							$username = $userinfo['loginname'] . '-' . substr(md5(uniqid(microtime(), 1)), 20, 3);
-						}
-					} else {
-						$username = $userinfo['loginname'] . $settings['customer']['mysqlprefix'] . (intval($userinfo['mysql_lastaccountnumber']) + 1);
-					}
-
-					$stmt = Database::prepare("CREATE DATABASE `" . $username . "`");
-					Database::pexecute($stmt);
-					$log->logAction(USR_ACTION, LOG_INFO, "created database '" . $username . "'");
-					foreach (array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host) {
-						$stmt = Database::prepare("GRANT ALL PRIVILEGES ON `" . $username . "`.*
-							TO :username@:host
-							IDENTIFIED BY 'password'"
-						);
-						Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host));
-						$stmt = Database::prepare("SET PASSWORD FOR :username@:host = PASSWORD(:password)");
-						Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host, "password" => $password));
-						$log->logAction(USR_ACTION, LOG_NOTICE, "grant all privileges for '" . $username . "'@'" . $mysql_access_host . "'");
-					}
-
-					$stmt = Database::prepare("FLUSH PRIVILEGES");
-					Database::pexecute($stmt);
-					Database::needRoot(false);
-					// End root-session
+					// create database, user, set permissions, etc.pp.
+					$dbm = new DbManager($settings, $log);
+					$username = $dbm->createDatabase(
+						$userinfo['loginname'],
+						$password,
+						$userinfo['mysql_lastaccountnumber']
+					);
 
 					// Statement modified for Database description -- PH 2004-11-29
 					$stmt = Database::prepare('INSERT INTO `' . TABLE_PANEL_DATABASES . '`

customer_tickets.php

@@ -23,7 +23,7 @@ require './lib/init.php';
 if (isset($_POST['id'])) {
 
 	$id = intval($_POST['id']);
-	
+
 	//Check if the current user is allowed to see the current ticket.
 	$stmt = Database::prepare("SELECT `id` FROM `panel_tickets` WHERE `id` = :id AND `customerid` = :customerid");
 	$result = Database::pexecute_first($stmt, array("id" => $id, "customerid" => $userinfo['customerid']));
@@ -44,15 +44,11 @@ if($page == 'overview') {
 		$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_tickets::tickets");
 		$fields = array(
 			'status' => $lng['ticket']['status'],
-			'priority' => $lng['ticket']['priority'],
 			'lastchange' => $lng['ticket']['lastchange'],
-			'ticket_answers' => $lng['ticket']['ticket_answers'],
 			'subject' => $lng['ticket']['subject'],
 			'lastreplier' => $lng['ticket']['lastreplier']
 		);
 		$paging = new paging($userinfo, TABLE_PANEL_TICKETS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
-		$paging->sortfield = 'lastchange';
-		$paging->sortorder = 'desc';
 		$stmt = Database::prepare('SELECT `main`.`id`, (SELECT COUNT(`sub`.`id`) FROM `' . TABLE_PANEL_TICKETS . '` `sub`
 			WHERE `sub`.`answerto` = `main`.`id`) AS `ticket_answers`, `main`.`lastchange`, `main`.`subject`, `main`.`status`, `main`.`lastreplier`, `main`.`priority`
 			FROM `' . TABLE_PANEL_TICKETS . '` as `main`
@@ -61,7 +57,7 @@ if($page == 'overview') {
 			AND `customerid`= :customerid ' . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()
 		);
 		Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
-		
+
 		$paging->setEntries(Database::num_rows());
 		$sortcode = $paging->getHtmlSortCode($lng);
 		$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
@@ -171,7 +167,7 @@ if($page == 'overview') {
 					$newticket->Set('by', '0', true, true);
 					$newticket->Insert();
 					$log->logAction(USR_ACTION, LOG_NOTICE, "opened support-ticket '" . $newticket->Get('subject') . "'");
-					
+
 					$stmt = Database::prepare('UPDATE `' . TABLE_PANEL_CUSTOMERS . '`
 						SET `tickets_used`=`tickets_used` + 1
 						WHERE `customerid`= :customerid'
@@ -192,7 +188,7 @@ if($page == 'overview') {
 					ORDER BY `logicalorder`, `name` ASC'
 				);
 				$result = Database::pexecute_first($result_stmt, array("adminid" => $userinfo['adminid']));
-				
+
 				if (isset($result['name']) && $result['name'] != '') {
 					$result2_stmt = Database::prepare('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
 						WHERE `adminid` = :adminid
@@ -304,7 +300,7 @@ if($page == 'overview') {
 				WHERE `id`= :id '
 			);
 			$row = Database::pexecute_first($result_stmt, array("id" => $mainticket->Get('category')));
-			
+
 			$andere_stmt = Database::prepare('SELECT * FROM `' . TABLE_PANEL_TICKETS . '`
 				WHERE `answerto`= :answerto
 				ORDER BY `lastchange` ASC'
@@ -330,7 +326,7 @@ if($page == 'overview') {
 			$priorities = makeoption($lng['ticket']['high'], '1', $mainticket->Get('priority'), true, true);
 			$priorities.= makeoption($lng['ticket']['normal'], '2', $mainticket->Get('priority'), true, true);
 			$priorities.= makeoption($lng['ticket']['low'], '3', $mainticket->Get('priority'), true, true);
-			$subject = $mainticket->Get('subject');
+			$subject = htmlentities($mainticket->Get('subject'));
 			$ticket_replies_count = $numrows_andere + 1;
 
 			// don't forget the main-ticket!

install/froxlor.sql

@@ -376,6 +376,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('dkim', 'dkimrestart_command', '/etc/init.d/dkim-filter restart'),
 	('autoresponder', 'autoresponder_active', '0'),
 	('autoresponder', 'last_autoresponder_run', '0'),
+	('admin', 'show_news_feed', '1'),
 	('admin', 'show_version_login', '0'),
 	('admin', 'show_version_footer', '0'),
 	('aps', 'items_per_page', '20'),
@@ -452,8 +453,8 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('system', 'nameservers', ''),
 	('system', 'mxservers', ''),
 	('system', 'mod_fcgid', '0'),
-	('system', 'apacheconf_vhost', '/etc/apache2/vhosts.conf'),
-	('system', 'apacheconf_diroptions', '/etc/apache2/diroptions.conf'),
+	('system', 'apacheconf_vhost', '/etc/apache2/sites-enabled/'),
+	('system', 'apacheconf_diroptions', '/etc/apache2/sites-enabled/'),
 	('system', 'apacheconf_htpasswddir', '/etc/apache2/htpasswd/'),
 	('system', 'webalizer_quiet', '2'),
 	('system', 'last_archive_run', '000000'),
@@ -552,7 +553,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('panel', 'phpconfigs_hidestdsubdomain', '0'),
 	('panel', 'allow_theme_change_admin', '1'),
 	('panel', 'allow_theme_change_customer', '1'),
-	('panel', 'version', '0.9.31-rc1');
+	('panel', 'version', '0.9.31');
 
 
 DROP TABLE IF EXISTS `panel_tasks`;
@@ -763,6 +764,7 @@ CREATE TABLE `panel_phpconfigs` (
 
 INSERT INTO `panel_phpconfigs` (`id`, `description`, `binary`, `file_extensions`, `mod_fcgid_starter`, `mod_fcgid_maxrequests`, `phpsettings`) VALUES
 	(1, 'Default Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = Off\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_exec,curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 30\r\nmax_input_time = 60\r\nmemory_limit = 16M\r\n{OPEN_BASEDIR_C}open_basedir = "{OPEN_BASEDIR}"\r\noutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n');
+(2, 'Froxlor Vhost Config', '/usr/bin/php-cgi', 'php', '-1', '-1', 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = On\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = "GPC"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = ".:{PEAR_DIR}"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 60\r\nmax_input_time = 60\r\nmemory_limit = 16M\r\nnoutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = "/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = "{TMP_DIR}"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = "{TMP_DIR}"\r\nvariables_order = "GPCS"\r\n');
 
 
 DROP TABLE IF EXISTS `aps_instances`;

install/lng/english.lng.php

@@ -37,7 +37,7 @@ $lng['requirements']['openbasedirenabled'] = 'Froxlor will not work properly wit
 $lng['requirements']['diedbecauseofrequirements'] = 'Cannot install Froxlor without these requirements! Try to fix them and retry.';
 $lng['requirements']['froxlor_succ_checks'] = 'All requirements are satisfied';
 
-$lng['install']['title'] = 'Froxlor install - chose language';
+$lng['install']['lngtitle'] = 'Froxlor install - choose language';
 $lng['install']['language'] = 'Installation language';
 $lng['install']['lngbtn_go'] = 'Change language';
 $lng['install']['title'] = 'Froxlor install - setup';

install/updates/froxlor/0.9/update_0.9.inc.php

@@ -2519,3 +2519,54 @@ if (isFroxlorVersion('0.9.31-dev6')) {
 	lastStepStatus(0);
 	updateToVersion('0.9.31-rc1');
 }
+
+if (isFroxlorVersion('0.9.31-rc1')) {
+	showUpdateStep("Updating from 0.9.31-rc1 to 0.9.31-rc2");
+	lastStepStatus(0);
+
+	$update_admin_news_feed = isset($_POST['update_admin_news_feed']) ? (int)$_POST['update_admin_news_feed'] : '1';
+	showUpdateStep("Adding new news-feed option");
+	$ins_stmt = Database::prepare("
+		INSERT INTO `".TABLE_PANEL_SETTINGS."` SET `settinggroup` = 'admin', `varname` = 'show_news_feed', `value` = :value
+	");
+	Database::pexecute($ins_stmt, array('value' => $update_admin_news_feed));
+	lastStepStatus(0);
+
+	updateToVersion('0.9.31-rc2');
+}
+
+if (isFroxlorVersion('0.9.31-rc2')) {
+	showUpdateStep("Updating from 0.9.31-rc2 to 0.9.31-rc3");
+	lastStepStatus(0);
+
+	showUpdateStep("Adding new php-config for froxlor-vhost");
+	Database::query("
+		INSERT INTO `panel_phpconfigs` SET
+			`description` = 'Froxlor Vhost Config', `binary` = '/usr/bin/php-cgi',
+			`file_extensions` = 'php', `mod_fcgid_starter` = '-1', `mod_fcgid_maxrequests` = '-1',
+			`phpsettings` = 'allow_call_time_pass_reference = Off\r\nallow_url_fopen = On\r\nasp_tags = Off\r\ndisable_classes =\r\ndisable_functions = curl_multi_exec,exec,parse_ini_file,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,show_source,system\r\ndisplay_errors = Off\r\ndisplay_startup_errors = Off\r\nenable_dl = Off\r\nerror_reporting = E_ALL & ~E_NOTICE\r\nexpose_php = Off\r\nfile_uploads = On\r\ncgi.force_redirect = 1\r\ngpc_order = \"GPC\"\r\nhtml_errors = Off\r\nignore_repeated_errors = Off\r\nignore_repeated_source = Off\r\ninclude_path = \".:{PEAR_DIR}\"\r\nlog_errors = On\r\nlog_errors_max_len = 1024\r\nmagic_quotes_gpc = Off\r\nmagic_quotes_runtime = Off\r\nmagic_quotes_sybase = Off\r\nmax_execution_time = 60\r\nmax_input_time = 60\r\nmemory_limit = 16M\r\nnoutput_buffering = 4096\r\npost_max_size = 16M\r\nprecision = 14\r\nregister_argc_argv = Off\r\nregister_globals = Off\r\nreport_memleaks = On\r\nsendmail_path = \"/usr/sbin/sendmail -t -i -f {CUSTOMER_EMAIL}\"\r\nsession.auto_start = 0\r\nsession.bug_compat_42 = 0\r\nsession.bug_compat_warn = 1\r\nsession.cache_expire = 180\r\nsession.cache_limiter = nocache\r\nsession.cookie_domain =\r\nsession.cookie_lifetime = 0\r\nsession.cookie_path = /\r\nsession.entropy_file = /dev/urandom\r\nsession.entropy_length = 16\r\nsession.gc_divisor = 1000\r\nsession.gc_maxlifetime = 1440\r\nsession.gc_probability = 1\r\nsession.name = PHPSESSID\r\nsession.referer_check =\r\nsession.save_handler = files\r\nsession.save_path = \"{TMP_DIR}\"\r\nsession.serialize_handler = php\r\nsession.use_cookies = 1\r\nsession.use_trans_sid = 0\r\nshort_open_tag = On\r\nsuhosin.mail.protect = 1\r\nsuhosin.simulation = Off\r\ntrack_errors = Off\r\nupload_max_filesize = 32M\r\nupload_tmp_dir = \"{TMP_DIR}\"\r\nvariables_order = \"GPCS\"\r\n'
+	");
+	$frxvhostconfid = Database::lastInsertId();
+	// update default vhosts-config for froxlor if they are on the system-default
+	if ($settings['system']['mod_fcgid_defaultini_ownvhost'] == '1') {
+		$upd_stmt = Database::prepare("
+			UPDATE `".TABLE_PANEL_SETTINGS."` SET `value` = :value WHERE `settinggroup` = 'system' AND `varname` = 'mod_fcgid_defaultini_ownvhost'
+		");
+		Database::pexecute($upd_stmt, array('value' => $frxvhostconfid));
+	}
+	if ($settings['phpfpm']['vhost_defaultini'] == '1') {
+		$upd_stmt = Database::prepare("
+			UPDATE `".TABLE_PANEL_SETTINGS."` SET `value` = :value WHERE `settinggroup` = 'phpfpm' AND `varname` = 'vhost_defaultini'
+		");
+		Database::pexecute($upd_stmt, array('value' => $frxvhostconfid));
+	}
+	lastStepStatus(0);
+
+	updateToVersion('0.9.31-rc3');
+}
+
+if (isFroxlorVersion('0.9.31-rc3')) {
+	showUpdateStep("Updating from 0.9.31-rc3 to 0.9.31 final", true);
+	lastStepStatus(0);
+	updateToVersion('0.9.31');
+}

install/updates/preconfig/0.9/preconfig_0.9.inc.php

@@ -594,11 +594,20 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 
 	if (versionInUpdate($current_version, '0.9.31-dev5')) {
 		$has_preconfig = true;
-		$description  = 'You can enbable/disable error-reporting for admins and customers!<br /><br />';
+		$description  = 'You can enable/disable error-reporting for admins and customers!<br /><br />';
 		$question = '<strong>Do you want to enable error-reporting for admins? (default: yes):</strong>&nbsp;';
 		$question.= makeyesno('update_error_report_admin', '1', '0', '1').'<br />';
 		$question.= '<strong>Do you want to enable error-reporting for customers? (default: no):</strong>&nbsp;';
 		$question.= makeyesno('update_error_report_customer', '1', '0', '0');
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}
+
+	if (versionInUpdate($current_version, '0.9.31-rc2')) {
+		$has_preconfig = true;
+		$description  = 'You can enable/disable the display/usage of the news-feed for admins<br /><br />';
+		$question = '<strong>Do you want to enable the news-feed for admins? (default: yes):</strong>&nbsp;';
+		$question.= makeyesno('update_admin_news_feed', '1', '0', '1').'<br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
 }

lib/ajax.php

@@ -15,7 +15,7 @@
  * @package    AJAX
  *
  */
- 
+
 if(isset($_POST['action'])) {
 	$action = $_POST['action'];
 } elseif(isset($_GET['action'])) {
@@ -25,22 +25,27 @@ if(isset($_POST['action'])) {
 }
 
 if ($action == "newsfeed") {
-	$feed = "http://forum.froxlor.org/index.php/rss/forums/1-froxlor-announcements/";
+	$feed = "http://inside.froxlor.org/news/";
 
 	if (function_exists("simplexml_load_file") == false) {
 		die();
 	}
 
-	if (ini_get('allow_url_fopen')) {
-		$news = simplexml_load_file($feed, null, LIBXML_NOCDATA);
+	// get version
+	require './tables.inc.php';
+
+	if (function_exists('curl_version')) {
+		$ch = curl_init();
+		curl_setopt($ch, CURLOPT_URL, $feed);
+		curl_setopt($ch, CURLOPT_USERAGENT, 'Froxlor/'.$version);
+		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+		$output = curl_exec($ch);
+		curl_close($ch);
+		$news = simplexml_load_string(trim($output));
 	} else {
-		if (function_exists('curl_version')) {
-			$ch = curl_init();
-			curl_setopt($ch, CURLOPT_URL, $feed);
-			curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
-			$output = curl_exec($ch);
-			curl_close($ch);
-			$news = simplexml_load_string(trim($output));
+		if (ini_get('allow_url_fopen')) {
+			ini_set('user_agent', 'Froxlor/'.$version);
+			$news = simplexml_load_file($feed, null, LIBXML_NOCDATA);
 		} else {
 			$news = false;
 		}
@@ -52,9 +57,10 @@ if ($action == "newsfeed") {
 
 			$title = (string)$item->title;
 			$link = (string)$item->link;
+			$date = date("Y-m-d G:i", strtotime($item->pubDate));
 			$content = preg_replace("/[\r\n]+/", "", strip_tags($item->description));
 
-			echo "<div class=\"newsitem\"><a href=\"" . $link . "\" target=\"_blank\"><b>" . $title . "</b><br />" . $content . "</a></div>";
+			echo "<div class=\"newsitem\"><small>" . $date . "</small><br /><a href=\"" . $link . "\" target=\"_blank\"><b>" . $title . "</b><br />" . $content . "</a></div>";
 		}
 	} else {
 		echo "";

lib/classes/database/class.DbManager.php

@@ -0,0 +1,130 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Michael Kaufmann <mkaufmann@nutime.de>
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Classes
+ *
+ * @since      0.9.31
+ *
+ */
+
+/**
+ * Class DbManager
+ *
+ * Wrapper-class for database-management like creating
+ * and removing databases, users and permissions
+ *
+ * @copyright  (c) the authors
+ * @author     Michael Kaufmann <mkaufmann@nutime.de>
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Classes
+ */
+class DbManager {
+
+	/**
+	 * Settings array
+	 * @var array
+	 */
+	private $_settings = null;
+
+	/**
+	 * FroxlorLogger object
+	 * @var object
+	 */
+	private $_log = null;
+
+	/**
+	 * Manager object
+	 * @var object
+	 */
+	private $_manager = null;
+
+	/**
+	 * main constructor
+	 *
+	 * @param array $settings
+	 * @param FroxlorLogger $log
+	 */
+	public function __construct($settings, &$log = null) {
+		$this->_settings = $settings;
+		$this->_log = $log;
+		$this->_setManager();
+	}
+
+	/**
+	 * creates a new database and a user with the
+	 * same name with all privileges granted on the db.
+	 * DB-name and user-name are being generated and
+	 * the password for the user will be set
+	 *
+	 * @param string $loginname
+	 * @param string $password
+	 * @param int $last_accnumber
+	 *
+	 * @return string $username
+	 */
+	public function createDatabase($loginname = null, $password = null, $last_accnumber = 0) {
+
+		Database::needRoot(true);
+
+		// check whether we shall create a random username
+		if (strtoupper($this->_settings['customer']['mysqlprefix']) == 'RANDOM') {
+			// get all usernames from db-manager
+			$allsqlusers = $this->getManager()->getAllSqlUsers();
+			// generate random username
+			$username = $loginname . '-' . substr(md5(uniqid(microtime(), 1)), 20, 3);
+			// check whether it exists on the DBMS
+			while (in_array($username , $allsqlusers)) {
+				$username = $loginname . '-' . substr(md5(uniqid(microtime(), 1)), 20, 3);
+			}
+		} else {
+			$username = $loginname . $this->_settings['customer']['mysqlprefix'] . (intval($last_accnumber) + 1);
+		}
+
+		// now create the database itself
+		$this->getManager()->createDatabase($username);
+		$this->_log->logAction(USR_ACTION, LOG_INFO, "created database '" . $username . "'");
+
+		// and give permission to the user on every access-host we have
+		foreach (array_map('trim', explode(',', $this->_settings['system']['mysql_access_host'])) as $mysql_access_host) {
+			$this->getManager()->grantPrivilegesTo($username, $password, $mysql_access_host);
+			$this->_log->logAction(USR_ACTION, LOG_NOTICE, "grant all privileges for '" . $username . "'@'" . $mysql_access_host . "'");
+		}
+
+		$this->getManager()->flushPrivileges();
+
+		Database::needRoot(false);
+
+		return $username;
+	}
+
+	/**
+	 * returns the manager-object
+	 * from where we can control it
+	 */
+	public function getManager() {
+		return $this->_manager;
+	}
+
+	/**
+	 * set manager-object by type of
+	 * dbms: mysql only for now
+	 *
+	 * sets private $_manager variable
+	 */
+	private function _setManager() {
+		// TODO read different dbms from settings later
+		$this->_manager = new DbManagerMySQL($this->_settings, $this->_log);
+	}
+}

lib/classes/database/manager/class.DbManagerMySQL.php

@@ -0,0 +1,196 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Michael Kaufmann <mkaufmann@nutime.de>
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Classes
+ *
+ * @since      0.9.31
+ *
+ */
+
+/**
+ * Class DbManagerMySQL
+ *
+ * Explicit class for database-management like creating
+ * and removing databases, users and permissions for MySQL
+ *
+ * @copyright  (c) the authors
+ * @author     Michael Kaufmann <mkaufmann@nutime.de>
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Classes
+ */
+class DbManagerMySQL {
+
+	/**
+	 * Settings array
+	 * @var array
+	 */
+	private $_settings = null;
+
+	/**
+	 * FroxlorLogger object
+	 * @var object
+	 */
+	private $_log = null;
+
+	/**
+	 * main constructor
+	 *
+	 * @param array $settings
+	 * @param FroxlorLogger $log
+	 */
+	public function __construct($settings, &$log = null) {
+		$this->_settings = $settings;
+		$this->_log = $log;
+	}
+
+	/**
+	 * creates a database
+	 *
+	 * @param string $dbname
+	 */
+	public function createDatabase($dbname = null) {
+		Database::query("CREATE DATABASE `" . $dbname . "`");
+	}
+
+	/**
+	 * grants access privileges on a database with the same
+	 * username and sets the password for that user the given access_host
+	 *
+	 * @param string $username
+	 * @param string $password
+	 * @param string $access_host
+	 */
+	public function grantPrivilegesTo($username = null, $password = null, $access_host = null) {
+		// grant privileges
+		$stmt = Database::prepare("
+				GRANT ALL PRIVILEGES ON `" . $username . "`.*
+				TO :username@:host IDENTIFIED BY 'password'
+				");
+		Database::pexecute($stmt, array("username" => $username, "host" => $access_host));
+		// set passoword
+		$stmt = Database::prepare("SET PASSWORD FOR :username@:host = PASSWORD(:password)");
+		Database::pexecute($stmt, array("username" => $username, "host" => $access_host, "password" => $password));
+	}
+
+	/**
+	 * removes the given database from the dbms and also
+	 * takes away any privileges from a user to that db
+	 *
+	 * @param string $dbname
+	 */
+	public function deleteDatabase($dbname = null) {
+
+		if (Database::getAttribute(PDO::ATTR_SERVER_VERSION) < '5.0.2') {
+			// failsafe if user has been deleted manually (requires MySQL 4.1.2+)
+			$stmt = Database::prepare("REVOKE ALL PRIVILEGES, GRANT OPTION FROM `".$dbname."`");
+			Database::pexecute($stmt, array(), false);
+		}
+
+		$host_res_stmt = Database::prepare("
+			SELECT `Host` FROM `mysql`.`user` WHERE `User` = :dbname"
+		);
+		Database::pexecute($host_res_stmt, array('dbname' => $dbname));
+
+		while ($host = $host_res_stmt->fetch(PDO::FETCH_ASSOC)) {
+			// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
+			$drop_stmt = Database::prepare("DROP USER :dbname@:host");
+			Database::pexecute($drop_stmt, array('dbname' => $dbname, 'host' => $host['Host']), false);
+		}
+
+		$drop_stmt = Database::prepare("DROP DATABASE IF EXISTS `".$dbname."`");
+		Database::pexecute($drop_stmt);
+	}
+
+	/**
+	 * removes a user from the dbms and revokes all privileges
+	 *
+	 * @param string $username
+	 * @param string $host
+	 */
+	public function deleteUser($username = null, $host = null) {
+		if (Database::getAttribute(PDO::ATTR_SERVER_VERSION) < '5.0.2') {
+			// Revoke privileges (only required for MySQL 4.1.2 - 5.0.1)
+			$stmt = Database::prepare("REVOKE ALL PRIVILEGES ON * . * FROM `". $username . "`@`".$host."`");
+			Database::pexecute($stmt);
+		}
+		// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
+		$stmt = Database::prepare("DROP USER :username@:host");
+		Database::pexecute($stmt, array("username" => $username, "host" => $host));
+	}
+
+	/**
+	 * removes permissions from a user
+	 *
+	 * @param string $username
+	 * @param string $host (unused in mysql)
+	 */
+	public function disableUser($username = null, $host = null) {
+		$stmt = Database::prepare("REVOKE ALL PRIVILEGES, GRANT OPTION FROM `".$row_database['databasename']."`");
+		Database::pexecute($stmt, array(), false);
+	}
+
+	/**
+	 * re-grant permissions to a user
+	 *
+	 * @param string $username
+	 * @param string $host
+	 */
+	public function enableUser($username = null, $host = null) {
+		Database::query('GRANT ALL PRIVILEGES ON `' . $username .'`.* TO `' . $username . '`@`' . $host . '`');
+		Database::query('GRANT ALL PRIVILEGES ON `' . str_replace('_', '\_', $username) . '` . * TO `' . $username . '`@`' . $host . '`');
+	}
+
+	/**
+	 * flushes the privileges...pretty obvious eh?
+	 */
+	public function flushPrivileges() {
+		Database::query("FLUSH PRIVILEGES");
+	}
+
+	/**
+	 * return an array of all usernames used in that DBMS
+	 *
+	 * @param bool $user_only if false, * will be selected from mysql.user and slightly different array will be generated
+	 *
+	 * @return array
+	 */
+	public function getAllSqlUsers($user_only = true) {
+
+		if ($user_only == false) {
+			$result_stmt = Database::prepare('SELECT * FROM mysql.user');
+		} else {
+			$result_stmt = Database::prepare('SELECT `User` FROM mysql.user');
+		}
+		Database::pexecute($result_stmt);
+		$allsqlusers = array();
+		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+			if ($user_only == false) {
+				if (!isset($allsqlusers[$row['User']])
+						|| !is_array($allsqlusers[$row['User']])
+				) {
+					$allsqlusers[$row['User']] = array(
+							'password' => $row['Password'],
+							'hosts' => array()
+					);
+				}
+				$allsqlusers[$row['User']]['hosts'][] = $row['Host'];
+			} else {
+				$allsqlusers[] = $row['User'];
+			}
+		}
+		return $allsqlusers;
+	}
+
+}

lib/classes/output/class.paging.php

@@ -175,7 +175,7 @@ class paging {
 			&& (preg_match('/[-_@\p{L}\p{N}*.]+$/u', $_REQUEST['searchtext'])
 			|| $_REQUEST['searchtext'] === '')
 		) {
-			$this->searchtext = $_REQUEST['searchtext'];
+			$this->searchtext = trim($_REQUEST['searchtext']);
 		} else {
 			if ($checklastpaging
 				&& isset($this->userinfo['lastpaging']['searchtext'])
@@ -279,8 +279,40 @@ class paging {
 			}
 
 			$searchfield = implode('.', $searchfield);
-			$searchtext = str_replace('*', '%', $this->searchtext);
-			$condition.= $searchfield . " LIKE " . Database::quote($searchtext);
+			
+			$ops = array('<', '>', '=');
+			
+			// check if we use an operator or not
+			$useOper = 0;
+			$oper = "=";
+			if (in_array(substr($this->searchtext, 0, 1), $ops)) {
+				$useOper = 1;
+				$oper = substr($this->searchtext, 0, 1);
+			}
+			
+			// check for diskspace and whether searchtext is a number
+			// in any other case the logical-operators would make no sense
+			if (strpos($searchfield, 'diskspace') > 0 && is_numeric(substr($this->searchtext, $useOper))) {
+				// anything with diskspace is *1024
+				$searchtext = ((int)substr($this->searchtext, $useOper))*1024;
+				$useOper = 1;
+			} elseif (strpos($searchfield, 'traffic') > 0 && is_numeric(substr($this->searchtext, $useOper))) {
+				// anything with traffic is *1024*1024
+				$searchtext = ((int)substr($this->searchtext, $useOper))*1024*1024;
+				$useOper = 1;
+			} else {
+				// any other field
+				$searchtext = substr($this->searchtext, $useOper);
+			}
+			
+			if ($useOper == 1 && is_numeric(substr($this->searchtext, $useOper))) {
+				// now as we use >, < or = we use the given operator and not LIKE
+				$condition.= $searchfield . " ".$oper." " . Database::quote($searchtext);
+			} else {
+				$searchtext = str_replace('*', '%', $this->searchtext);
+				$condition.= $searchfield . " LIKE " . Database::quote($searchtext);
+			}
+			
 		} else {
 			$condition = '';
 		}

lib/classes/phpinterface/class.phpinterface_fpm.php

@@ -74,6 +74,7 @@ class phpinterface_fpm {
 					'variables_order',
 					'gpc_order',
 					'date.timezone',
+					'sendmail_path',
 					'session.gc_divisor',
 					'session.gc_probability'
 			),
@@ -178,14 +179,11 @@ class phpinterface_fpm {
 			if (!is_dir($tmpdir)) {
 				$this->getTempDir();
 			}
-			//$slowlog = makeCorrectFile($this->_settings['system']['logfiles_directory'] . $this->_domain['loginname'] . '/php-fpm_slow.log');
 
 			$fpm_config.= 'env[TMP] = '.$tmpdir."\n";
 			$fpm_config.= 'env[TMPDIR] = '.$tmpdir."\n";
 			$fpm_config.= 'env[TEMP] = '.$tmpdir."\n";
 
-			$fpm_config.= 'php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f '.$this->_domain['email']."\n";
-
 			$openbasedir = '';
 			if ($this->_domain['loginname'] != 'froxlor.panel') {
 				if ($this->_domain['openbasedir'] == '1') {
@@ -256,6 +254,12 @@ class phpinterface_fpm {
 				}
 			}
 
+			// now check if 'sendmail_path' has not beed set in the custom-php.ini
+			// if not we use our fallback-default as usual
+			if (strpos($fpm_config, 'php_admin_value[sendmail_path]') === false) {
+				$fpm_config.= 'php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f '.$this->_domain['email']."\n";
+			}
+
 			fwrite($fh, $fpm_config, strlen($fpm_config));
 			fclose($fh);
 		}

lib/classes/ticket/class.ticket.php

@@ -407,11 +407,11 @@ class ticket {
 			}
 
 			$upd_stmt = Database::prepare("
-				UPDATE `' . TABLE_PANEL_TICKET_CATS . '` SET
+				UPDATE `" . TABLE_PANEL_TICKET_CATS . "` SET
 					`name` = :name,
 					`logicalorder` = :lo
-                  WHERE `id` = :id"
-			);
+                  WHERE `id` = :id
+			");
 			Database::pexecute($upd_stmt, array('name' => $_category, 'lo' => $_order, 'id' => $_id));
 			return true;
 		}

lib/classes/webserver/class.WebserverBase.php

@@ -0,0 +1,85 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Michael Kaufmann <mkaufmann@nutime.de>
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Cron
+ *
+ * @since      0.9.31
+ *
+ */
+
+class WebserverBase {
+
+	/**
+	 * returns an array with all entries required for all
+	 * webserver-vhost-configs
+	 *
+	 * @return array
+	 */
+	public static function getVhostsToCreate() {
+
+		$query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`,
+				`d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`,
+				`c`.`documentroot` AS `customerroot`, `c`.`deactivated`,
+				`c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`,
+				`d`.`mod_fcgid_maxrequests`
+				FROM `".TABLE_PANEL_DOMAINS."` `d`
+
+				LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`)
+				LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`)
+
+				WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1'
+				ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;
+		";
+
+		$result_domains_stmt = Database::query($query);
+
+		$domains = array();
+		while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
+
+			// set whole domain
+			$domains[$domain['domain']] = $domain;
+			// set empty-defaults for non-ssl
+			$domains[$domain['domain']]['ssl'] = '';
+			$domains[$domain['domain']]['ssl_cert_file'] = '';
+			$domains[$domain['domain']]['ssl_key_file'] = '';
+			$domains[$domain['domain']]['ssl_ca_file'] = '';
+			$domains[$domain['domain']]['ssl_cert_chainfile'] = '';
+
+			// now, if the domain has an ssl ip/port assigned, get
+			// the corresponding information from the db
+			if (domainHasSslIpPort($domain['id'])) {
+
+				$ip_stmt = Database::prepare("
+						SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile`
+						FROM `".TABLE_DOMAINTOIP."` `di`, `".TABLE_PANEL_IPSANDPORTS."` `p`
+						WHERE `p`.`id` = `di`.`id_ipandports`
+						AND `di`.`id_domain` = :domainid
+						AND `p`.`ssl` = '1'
+						");
+				$ssl_ip = Database::pexecute_first($ip_stmt, array('domainid' => $domain['id']));
+
+				// set ssl info for domain
+				$domains[$domain['domain']]['ssl'] = '1';
+				$domains[$domain['domain']]['ssl_cert_file'] = $ssl_ip['ssl_cert_file'];
+				$domains[$domain['domain']]['ssl_key_file'] = $ssl_ip['ssl_key_file'];
+				$domains[$domain['domain']]['ssl_ca_file'] = $ssl_ip['ssl_ca_file'];
+				$domains[$domain['domain']]['ssl_cert_chainfile'] = $ssl_ip['ssl_cert_chainfile'];
+
+			}
+		}
+
+		return $domains;
+	}
+
+}

lib/functions/database/function.correctMysqlUsers.php

@@ -19,7 +19,7 @@
 
 function correctMysqlUsers($mysql_access_host_array) {
 
-	global $settings;
+	global $settings, $log;
 
 	// get sql-root access data
 	Database::needRoot(true);
@@ -27,24 +27,17 @@ function correctMysqlUsers($mysql_access_host_array) {
 	$sql_root = Database::getSqlData();
 	Database::needRoot(false);
 
-	foreach ($sql_root as $mysql_server => $mysql_server_details) {
+	$dbservers_stmt = Database::query("SELECT DISTINCT `dbserver` FROM `".TABLE_PANEL_DATABASES."`");
+	$mysql_servers = '';
 
-		Database::needRoot(true);
+	while ($dbserver = $dbservers_stmt->fetch(PDO::FETCH_ASSOC)) {
 
-		$users = array();
-		$users_result_stmt = Database::query("SELECT * FROM `mysql`.`user`");
+		Database::needRoot(true, $dbserver['dbserver']);
+		Database::needSqlData();
+		$sql_root = Database::getSqlData();
 
-		while ($users_row = $users_result_stmt->fetch(PDO::FETCH_ASSOC)) {
-			if (!isset($users[$users_row['User']])
-					|| !is_array($users[$users_row['User']])
-			) {
-				$users[$users_row['User']] = array(
-						'password' => $users_row['Password'],
-						'hosts' => array()
-				);
-			}
-			$users[$users_row['User']]['hosts'][] = $users_row['Host'];
-		}
+		$dbm = new DbManager($settings, $log);
+		$users = $dbm->getManager()->getAllSqlUsers(false);
 
 		$databases = array(
 				$sql_root['db']
@@ -53,7 +46,7 @@ function correctMysqlUsers($mysql_access_host_array) {
 			SELECT * FROM `" . TABLE_PANEL_DATABASES . "`
 			WHERE `dbserver` = :mysqlserver
 		");
-		Database::pexecute($databases_result_stmt, array('mysqlserver' => $mysql_server));
+		Database::pexecute($databases_result_stmt, array('mysqlserver' => $dbserver['dbserver']));
 
 		while ($databases_row = $databases_result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			$databases[] = $databases_row['databasename'];
@@ -74,34 +67,20 @@ function correctMysqlUsers($mysql_access_host_array) {
 					$mysql_access_host = trim($mysql_access_host);
 
 					if (!in_array($mysql_access_host, $users[$username]['hosts'])) {
-						$stmt = Database::prepare("GRANT ALL PRIVILEGES ON `" . $username . "`.*
-							TO :username@:host
-							IDENTIFIED BY 'password'"
-						);
-						Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host));
-						$stmt = Database::prepare("SET PASSWORD FOR :username@:host = :password");
-						Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host, "password" => $password));
+						$dbm->getManager()->grantPrivilegesTo($username, $password, $mysql_access_host);
 					}
 				}
 
 				foreach ($users[$username]['hosts'] as $mysql_access_host) {
 
 					if (!in_array($mysql_access_host, $mysql_access_host_array)) {
-
-						if (Database::getAttribute(PDO::ATTR_SERVER_VERSION) < '5.0.2') {
-							// Revoke privileges (only required for MySQL 4.1.2 - 5.0.1)
-							$stmt = Database::prepare("REVOKE ALL PRIVILEGES ON * . * FROM `". $username . "`@`".$mysql_access_host."`");
-							Database::pexecute($stmt);
-						}
-						// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
-						$stmt = Database::prepare("DROP USER :username@:host");
-						Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host));
+						$dbm->getManager()->deleteUser($username, $mysql_access_host);
 					}
 				}
 			}
 		}
 
-		Database::query('FLUSH PRIVILEGES');
+		$dbm->flushPrivileges();
 		Database::needRoot(false);
 	}
 }

lib/functions/filedir/function.makePathfield.php

@@ -23,18 +23,16 @@
  * @param string  path      The path to start searching in
  * @param integer uid       The uid which must match the found directories
  * @param integer gid       The gid which must match the found direcotries
- * @param string  fieldType Either "Manual" or "Dropdown"
  * @param string  value     the value for the input-field
- * 
+ *
  * @return string   The html tag for the choosen $fieldType
  *
  * @author Martin Burchert  <martin.burchert@syscp.de>
  * @author Manuel Bernhardt <manuel.bernhardt@syscp.de>
  */
+function makePathfield($path, $uid, $gid, $value = '', $dom = false) {
 
-function makePathfield($path, $uid, $gid, $fieldType, $value = '', $dom = false)
-{
-	global $lng;
+	global $lng, $settings;
 
 	$value = str_replace($path, '', $value);
 	$field = array();
@@ -47,41 +45,34 @@ function makePathfield($path, $uid, $gid, $fieldType, $value = '', $dom = false)
 		$value = '/'.$value;
 	}
 
-	if($fieldType == 'Manual')
-	{
+	$fieldType = $settings['panel']['pathedit'];
+
+	if ($fieldType == 'Manual') {
+
 		$field = array(
 			'type' => 'text',
 			'value' => htmlspecialchars($value)
 		);
-		
-	}
-	elseif($fieldType == 'Dropdown')
-	{
+
+	} elseif($fieldType == 'Dropdown') {
+
 		$dirList = findDirs($path, $uid, $gid);
-		
 		natcasesort($dirList);
 
-		if(sizeof($dirList) > 0)
-		{
-			if(sizeof($dirList) <= 100)
-			{
+		if (sizeof($dirList) > 0) {
+			if (sizeof($dirList) <= 100) {
 				$_field = '';
-				foreach($dirList as $key => $dir)
-				{
-					if(strpos($dir, $path) === 0)
-					{
+				foreach ($dirList as $key => $dir) {
+					if (strpos($dir, $path) === 0) {
 						$dir = makeCorrectDir(substr($dir, strlen($path)));
 					}
-	
 					$_field.= makeoption($dir, $dir, $value);
 				}
 				$field = array(
 					'type' => 'select',
 					'value' => $_field
 				);
-			}
-			else
-			{
+			} else {
 				// remove starting slash we added
 				// for the Dropdown, #225
 				$value = substr($value, 1);
@@ -92,9 +83,7 @@ function makePathfield($path, $uid, $gid, $fieldType, $value = '', $dom = false)
 					'note' => $lng['panel']['toomanydirs']
 				);
 			}
-		}
-		else
-		{
+		} else {
 			//$field = $lng['panel']['dirsmissing'];
 			//$field = '<input type="hidden" name="path" value="/" />';
 			$field = array(

lib/functions/filedir/function.makeSecurePath.php

@@ -26,12 +26,12 @@
  */
 function makeSecurePath($path) {
 
-	$search = Array(
+	$search = array(
 		'#/+#',
 		'#\.+#',
 		'#\0+#'
 	);
-	$replace = Array(
+	$replace = array(
 		'/',
 		'.',
 		''
@@ -41,5 +41,14 @@ function makeSecurePath($path) {
 	// it might be escaped already
 	$path = str_replace("\ ", " ", $path);
 	$path = str_replace(" ", "\ ", $path);
+
+	// check for bad characters, some are allowed with escaping
+	// but we generally don't want them in our directory-names,
+	// thx to aaronmueller for this snipped
+	$badchars = array(':', ';', '|', '&', '>', '<', '`', '$', '~', '?');
+	foreach ($badchars as $bc) {
+		str_replace($bc, "", $path);
+	}
+
 	return $path;
 }

lib/functions/froxlor/function.generatePassword.php

@@ -19,5 +19,9 @@
  * Generates a random password
  */
 function generatePassword() {
-	return substr(md5(uniqid(microtime(), 1)), 24, 10);
+	global $settings;
+	return substr(
+		base64_encode(sha1(md5(uniqid(microtime(), 1))).md5(uniqid(microtime(), 1)).sha1(md5(uniqid(microtime(), 1)))),
+		rand(5, 50), ($settings['panel']['password_min_length'] > 0 ? $settings['panel']['password_min_length'] : 10)
+	);
 }

lib/functions/froxlor/function.loadConfigArrayDir.php

@@ -17,8 +17,8 @@
  *
  */
 
-function loadConfigArrayDir()
-{
+function loadConfigArrayDir() {
+
 	// Workaround until we use gettext
 	global $lng, $theme;
 
@@ -26,7 +26,9 @@ function loadConfigArrayDir()
 	// so we can read from more than one directory
 	// and still be valid for old calls
 	$numargs = func_num_args();
-	if($numargs <= 0) { return null; }
+	if($numargs <= 0) {
+		return null;
+	}
 
 	// variable that holds all dirs that will
 	// be parsed for inclusion
@@ -48,28 +50,25 @@ function loadConfigArrayDir()
 	$data_files = array();
 	$has_data = false;
 
-	foreach($configdirs as $data_dirname)
-	{
-		if(is_dir($data_dirname))
-		{
+	foreach ($configdirs as $data_dirname) {
+		if (is_dir($data_dirname)) {
 			$data_dirhandle = opendir($data_dirname);
-			while(false !== ($data_filename = readdir($data_dirhandle)))
-			{
-				if($data_filename != '.' && $data_filename != '..' && $data_filename != '' && substr($data_filename, -4 ) == '.php')
-				{
+			while (false !== ($data_filename = readdir($data_dirhandle))) {
+				if ($data_filename != '.'
+						&& $data_filename != '..'
+						&& $data_filename != ''
+						&& substr($data_filename, -4 ) == '.php'
+				) {
 					$data_files[] = $data_dirname . $data_filename;
 				}
 			}
 			$has_data = true;
 		}
 	}
-	
-	if($has_data)
-	{
-		sort($data_files);
 
-		foreach($data_files as $data_filename)
-		{
+	if ($has_data) {
+		sort($data_files);
+		foreach ($data_files as $data_filename) {
 			$data = array_merge_recursive($data, include($data_filename));
 		}
 	}
@@ -78,15 +77,14 @@ function loadConfigArrayDir()
 	// to select, we'll handle this here
 	// (this is for multiserver-client settings)
 	$_data = array();
-	if($selection != null
-		&& is_array($selection)
-		&& isset($selection[0])
+	if ($selection != null
+			&& is_array($selection)
+			&& isset($selection[0])
 	) {
 		$_data['groups'] = array();
-		foreach($data['groups'] as $group => $data)
-		{
-			if(in_array($group, $selection)) {
-				$_data['groups'][$group] = $data;  
+		foreach ($data['groups'] as $group => $data) {
+			if (in_array($group, $selection)) {
+				$_data['groups'][$group] = $data;
 			}
 		}
 		$data = $_data;

lib/functions/output/function.buildNavigation.php

@@ -26,99 +26,79 @@
  * @author Florian Lippert <flo@syscp.org>
  */
 
-function buildNavigation($navigation, $userinfo)
-{
+function buildNavigation($navigation, $userinfo) {
 	global $theme;
 
 	$returnvalue = '';
-	
-	foreach($navigation as $box)
-	{
-		if((!isset($box['show_element']) || $box['show_element'] === true) &&
-			(!isset($box['required_resources']) || $box['required_resources'] == '' || (isset($userinfo[$box['required_resources']]) && ((int)$userinfo[$box['required_resources']] > 0 || $userinfo[$box['required_resources']] == '-1'))))
-		{
+
+	foreach($navigation as $box) {
+		if ((!isset($box['show_element']) || $box['show_element'] === true) &&
+			(!isset($box['required_resources']) || $box['required_resources'] == '' || (isset($userinfo[$box['required_resources']]) && ((int)$userinfo[$box['required_resources']] > 0 || $userinfo[$box['required_resources']] == '-1')))) {
 			$navigation_links = '';
-			foreach($box['elements'] as $element_id => $element)
-			{
-				if((!isset($element['show_element']) || $element['show_element'] === true) &&
-					(!isset($element['required_resources']) || $element['required_resources'] == '' || (isset($userinfo[$element['required_resources']]) && ((int)$userinfo[$element['required_resources']] > 0 || $userinfo[$element['required_resources']] == '-1'))))
-				{
-					if(isset($element['url']) && trim($element['url']) != '')
-					{
+			foreach ($box['elements'] as $element_id => $element) {
+				if ((!isset($element['show_element']) || $element['show_element'] === true) &&
+					(!isset($element['required_resources']) || $element['required_resources'] == '' || (isset($userinfo[$element['required_resources']]) && ((int)$userinfo[$element['required_resources']] > 0 || $userinfo[$element['required_resources']] == '-1')))) {
+					if (isset($element['url']) && trim($element['url']) != '') {
 						// append sid only to local
-				
-						if(!preg_match('/^https?\:\/\//', $element['url'])
-						   && (isset($userinfo['hash']) && $userinfo['hash'] != ''))
-						{
+
+						if (!preg_match('/^https?\:\/\//', $element['url'])
+						   && (isset($userinfo['hash']) && $userinfo['hash'] != '')) {
 							// generate sid with ? oder &
-				
-							if(strpos($element['url'], '?') !== false)
-							{
+
+							if (strpos($element['url'], '?') !== false) {
 								$element['url'].= '&s=' . $userinfo['hash'];
-							}
-							else
-							{
+							} else {
 								$element['url'].= '?s=' . $userinfo['hash'];
 							}
 						}
-				
+
 						$target = '';
-				
-						if(isset($element['new_window']) && $element['new_window'] == true)
-						{
+						if (isset($element['new_window']) && $element['new_window'] == true) {
 							$target = ' target="_blank"';
 						}
-				
-						$completeLink = '<a href="' . htmlspecialchars($element['url']) . '"' . $target . ' class="menu">' . $element['label'] . '</a>';
-					}
-					else
-					{
+
+						$active = '';
+						if (isset($_GET['page']) && substr_count($element['url'], "page=" . $_GET['page']) > 0 && substr_count($element['url'], basename($_SERVER["SCRIPT_FILENAME"])) > 0) {
+							$active = ' active';
+						}
+
+						$completeLink = '<a href="' . htmlspecialchars($element['url']) . '"' . $target . ' class="menu' . $active . '">' . $element['label'] . '</a>';
+					} else {
 						$completeLink = $element['label'];
 					}
-				
+
 					eval("\$navigation_links .= \"" . getTemplate("navigation_link", 1) . "\";");
 				}
 			}
-	
-			if($navigation_links != '')
-			{
-				if(isset($box['url']) && trim($box['url']) != '')
-				{
+
+			if ($navigation_links != '') {
+				if (isset($box['url']) && trim($box['url']) != '') {
 					// append sid only to local
-			
-					if(!preg_match('/^https?\:\/\//', $box['url'])
-					   && (isset($userinfo['hash']) && $userinfo['hash'] != ''))
-					{
+
+					if (!preg_match('/^https?\:\/\//', $box['url']) && (isset($userinfo['hash']) && $userinfo['hash'] != '')) {
 						// generate sid with ? oder &
-			
-						if(strpos($box['url'], '?') !== false)
-						{
+
+						if (strpos($box['url'], '?') !== false) {
 							$box['url'].= '&s=' . $userinfo['hash'];
-						}
-						else
-						{
+						} else {
 							$box['url'].= '?s=' . $userinfo['hash'];
 						}
 					}
-			
+
 					$target = '';
-			
-					if(isset($box['new_window']) && $box['new_window'] == true)
-					{
+					if (isset($box['new_window']) && $box['new_window'] == true) {
 						$target = ' target="_blank"';
 					}
-			
+
 					$completeLink = '<a href="' . htmlspecialchars($box['url']) . '"' . $target . ' class="menu">' . $box['label'] . '</a>';
-				}
-				else
-				{
+				} else {
 					$completeLink = $box['label'];
 				}
-			
+
 				eval("\$returnvalue .= \"" . getTemplate("navigation_element", 1) . "\";");
 			}
 		}
 	}
-	
+
 	return $returnvalue;
 }

lib/functions/validate/function.validateUsername.php

@@ -35,6 +35,6 @@ function validateUsername($username, $unix_names = 1, $mysql_max = '') {
 			return false;
 		}
 	} else {
-		return (preg_match('/^[a-z][a-z0-9]{1,' . (int)$mysql_max . '}$/Di', $username) != false);
+		return (preg_match('/^[a-z][a-z0-9]{1,' . $mysql_max . '}$/Di', $username) != false);
 	}
 }

lib/init.php

@@ -61,7 +61,7 @@ unset($_);
 unset($value);
 unset($key);
 
-$filename = basename($_SERVER['PHP_SELF']);
+$filename = htmlentities(basename($_SERVER['PHP_SELF']));
 
 // define default theme for configurehint, etc.
 $_deftheme = 'Sparkle';

lib/navigation/00.froxlor.main.php

@@ -217,7 +217,7 @@ return array (
 					'required_resources' => 'change_serversettings',
 				),
 				array (
-					'url' => 'admin_settings.php?page=settings',
+					'url' => 'admin_settings.php?page=overview',
 					'label' => $lng['admin']['serversettings'],
 					'required_resources' => 'change_serversettings',
 				),

lib/tables.inc.php

@@ -72,6 +72,6 @@ define('PACKAGE_LOCKED', 1);
 define('PACKAGE_ENABLED', 2);
 
 // VERSION INFO
-$version = '0.9.31-rc1';
+$version = '0.9.31';
 $dbversion = '2';
 $branding = '';

lng/dutch.lng.php

@@ -1340,7 +1340,7 @@ $lng['serversettings']['froxlordirectlyviahostname'] = 'Froxlor is direct toegan
 
 // ADDED IN FROXLOR 0.9.11-svn1
 $lng['serversettings']['panel_password_regex']['title'] = 'Reguliere expressie voor wachtwoorden';
-$lng['serversettings']['panel_password_regex']['description'] = 'Hier kunt u een reguliere expressie opgeven voor de complexiteit van wachtwoorden.<br />Leeg betekent geen speciale complexiteit<br />(<a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/En-password-regex-examples">regex hulp/voorbeelden</a>)';
+$lng['serversettings']['panel_password_regex']['description'] = 'Hier kunt u een reguliere expressie opgeven voor de complexiteit van wachtwoorden.<br />Leeg betekent geen speciale complexiteit';
 $lng['error']['notrequiredpasswordcomplexity'] = 'Er is niet voldaan aan de complexiteit voor het wachtwoord (regex: %s)';
 
 // ADDED IN FROXLOR 0.9.11-svn2
@@ -1354,7 +1354,7 @@ $lng['serversettings']['perl_path']['description'] = 'Alleen relevant voor light
 // ADDED IN FROXLOR 0.9.12-svn1
 $lng['admin']['fcgid_settings'] = 'FCGID';
 $lng['serversettings']['mod_fcgid_ownvhost']['title'] = 'FCGID inschakelen voor de VHost voor Froxlor';
-$lng['serversettings']['mod_fcgid_ownvhost']['description'] = 'Indien ingeschakeld wordt Froxlor ook uitgevoerd onder een lokale gebruiker<br /><strong>Let op:</strong>Dit vereist handmatige configuratie, zie <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/FCGID_-_handbook">FCGID - handbook</a>';
+$lng['serversettings']['mod_fcgid_ownvhost']['description'] = 'Indien ingeschakeld wordt Froxlor ook uitgevoerd onder een lokale gebruiker<br /><strong>Let op:</strong>Dit vereist handmatige configuratie, zie <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_fcgid">FCGID - handbook</a>';
 $lng['admin']['mod_fcgid_user'] = 'Lokale gebruiker voor FCGID (Froxlor vhost)';
 $lng['admin']['mod_fcgid_group'] = 'Lokale groep voor FCGID (Froxlor vhost)';
 

lng/english.lng.php

@@ -537,7 +537,7 @@ $lng['panel']['back'] = 'Back';
 // ADDED IN 1.2.16-svn12
 
 $lng['serversettings']['mod_fcgid']['title'] = 'Enable FCGID';
-$lng['serversettings']['mod_fcgid']['description'] = 'Use this to run PHP with the corresponding useraccount.<br /><br /><b>This needs a special webserver configuration for Apache, see <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/FCGID_-_handbook">FCGI - handbook</a></b>';
+$lng['serversettings']['mod_fcgid']['description'] = 'Use this to run PHP with the corresponding useraccount.<br /><br /><b>This needs a special webserver configuration for Apache, see <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_fcgid">FCGID - handbook</a></b>';
 $lng['serversettings']['sendalternativemail']['title'] = 'Use alternative email-address';
 $lng['serversettings']['sendalternativemail']['description'] = 'Send the password-email to a different address during email-account-creation';
 $lng['emails']['alternative_emailaddress'] = 'Alternative e-mail-address';
@@ -1418,7 +1418,7 @@ $lng['serversettings']['froxlordirectlyviahostname'] = 'Access Froxlor directly
 
 // ADDED IN FROXLOR 0.9.11-svn1
 $lng['serversettings']['panel_password_regex']['title'] = 'Regular expression for passwords';
-$lng['serversettings']['panel_password_regex']['description'] = 'Here you can set a regular expression for passwords-complexity.<br />Empty = no specific requirement<br />(<a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/En-password-regex-examples">regex help/examples</a>)';
+$lng['serversettings']['panel_password_regex']['description'] = 'Here you can set a regular expression for passwords-complexity.<br />Empty = no specific requirement';
 $lng['error']['notrequiredpasswordcomplexity'] = 'The specified password-complexity was not satisfied.<br />Please contact your administrator if you have any questions about the complexity-specification';
 
 // ADDED IN FROXLOR 0.9.11-svn2
@@ -1503,7 +1503,8 @@ $lng['serversettings']['phpreload_command']['description'] = 'this is used to re
 $lng['error']['intvaluetoolow'] = 'The given number is too low (field %s)';
 $lng['error']['intvaluetoohigh'] = 'The given number is too high (field %s)';
 $lng['admin']['phpfpm_settings'] = 'PHP-FPM';
-$lng['serversettings']['phpfpm'] = 'Enable php-fpm';
+$lng['serversettings']['phpfpm']['title'] = 'Enable php-fpm';
+$lng['serversettings']['phpfpm']['description'] = '<b>This needs a special webserver configuration see FPM-handbook for <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_phpfpm">Apache2</a> or <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookNginx_phpfpm">nginx</a></b>';
 $lng['serversettings']['phpfpm_settings']['configdir'] = 'Configuration directory of php-fpm';
 $lng['serversettings']['phpfpm_settings']['aliasconfigdir'] = 'Configuration Alias-directory of php-fpm';
 $lng['serversettings']['phpfpm_settings']['reload'] = 'php-fpm restart command';
@@ -1996,3 +1997,8 @@ $lng['serversettings']['allow_error_report_customer']['description'] = 'Please n
 $lng['admin']['phpsettings']['enable_slowlog'] = 'Enable slowlog (per domain)';
 $lng['admin']['phpsettings']['request_terminate_timeout'] = 'Request terminate-timeout';
 $lng['admin']['phpsettings']['request_slowlog_timeout'] = 'Request slowlog-timeout';
+$lng['admin']['templates']['SERVER_HOSTNAME'] = 'Replaces the system-hostname (URL to froxlor)';
+$lng['admin']['templates']['SERVER_IP'] = 'Replaces the default server ip-address';
+$lng['admin']['templates']['SERVER_PORT'] = 'Replaces the default server port';
+$lng['admin']['templates']['DOMAINNAME'] = 'Replaces the customers standard-subdomain (can be empty if none is generated)';
+$lng['admin']['show_news_feed'] = 'Show news-feed on admin-dashboard';

lng/german.lng.php

@@ -536,7 +536,7 @@ $lng['panel']['back'] = 'Zurück';
 // ADDED IN 1.2.16-svn12
 
 $lng['serversettings']['mod_fcgid']['title'] = 'PHP über mod_fcgid/suexec einbinden';
-$lng['serversettings']['mod_fcgid']['description'] = 'PHP unter dem jeweiligen Useraccount laufen lassen.<br /><br /><b>Dies benötigt eine spezielle Webserver-Konfiguration für Apache, siehe <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/FCGID_-_Handbuch">FCGID-Handbuch</a>.</b>';
+$lng['serversettings']['mod_fcgid']['description'] = 'PHP wird unter dem Benutzer des Kunden ausgeführt.<br /><br /><b>Dies benötigt eine spezielle Webserver-Konfiguration für Apache, siehe <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_fcgid">FCGID-Handbuch</a>.</b>';
 $lng['serversettings']['sendalternativemail']['title'] = 'Alternative E-Mail-Adresse benutzen';
 $lng['serversettings']['sendalternativemail']['description'] = 'Während des Erstellens eines Accounts das Passwort an eine andere E-Mail-Adresse senden';
 $lng['emails']['alternative_emailaddress'] = 'Alternative E-Mail-Adresse';
@@ -807,7 +807,7 @@ $lng['admin']['allips'] = 'Alle IP\'s';
 $lng['panel']['nosslipsavailable'] = 'Für diesen Server wurden noch keine SSL IP/Port Kombinationen eingetragen';
 $lng['ticket']['by'] = 'von';
 $lng['dkim']['use_dkim']['title'] = 'DKIM Support aktivieren?';
-$lng['dkim']['use_dkim']['description'] = 'Wollen Sie das Domain Keys (DKIM) System benutzen?<br/><em style="color:red;font-weight:bold;">Hinweis: Der Zeit wird DKIM nur via dkim-filter unterstützt, nicht opendkim</em>';
+$lng['dkim']['use_dkim']['description'] = 'Wollen Sie das Domain Keys (DKIM) System benutzen?<br/><em style="color:red;font-weight:bold;">Hinweis: Derzeit wird DKIM nur via dkim-filter unterstützt, nicht opendkim</em>';
 $lng['error']['invalidmysqlhost'] = 'Ungültige MySQL Host Adresse: "%s"';
 $lng['error']['cannotuseawstatsandwebalizeratonetime'] = 'Webalizer und AWstats können nicht zur gleichen Zeit aktiviert werden, bitte wählen Sie eines aus';
 $lng['serversettings']['webalizer_enabled'] = 'Nutze Webalizer Statistiken';
@@ -1396,7 +1396,7 @@ $lng['serversettings']['froxlordirectlyviahostname'] = 'Froxlor direkt über den
 
 // ADDED IN FROXLOR 0.9.11-svn1
 $lng['serversettings']['panel_password_regex']['title'] = 'Regulärer Ausdruck für Passwörter';
-$lng['serversettings']['panel_password_regex']['description'] = 'Hier können Sie einen regulären Ausdruck für Passwort-Komplexität festlegen.<br />Leer = keine bestimmten Anforderungen<br />(<a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/En-password-regex-examples">RegEx Hilfe/Beispiele</a>)';
+$lng['serversettings']['panel_password_regex']['description'] = 'Hier können Sie einen regulären Ausdruck für Passwort-Komplexität festlegen.<br />Leer = keine bestimmten Anforderungen';
 $lng['error']['notrequiredpasswordcomplexity'] = 'Die vorgegebene Passwort-Komplexität wurde nicht erfüllt.<br />Bitte kontaktieren Sie Ihren Administrator, wenn Sie Fragen zur Komplexitäts-Vorgabe haben.';
 
 // ADDED IN FROXLOR 0.9.11-svn2
@@ -1481,7 +1481,8 @@ $lng['serversettings']['phpreload_command']['description'] = 'Dieser wird benöt
 $lng['error']['intvaluetoolow'] = 'Die angegebene Zahl ist zu klein (Feld "%s")';
 $lng['error']['intvaluetoohigh'] = 'Die angegebene Zahl ist zu groß (Feld "%s")';
 $lng['admin']['phpfpm_settings'] = 'PHP-FPM';
-$lng['serversettings']['phpfpm'] = 'Aktiviere php-fpm';
+$lng['serversettings']['phpfpm']['title'] = 'Aktiviere PHP-FPM';
+$lng['serversettings']['phpfpm']['description'] = '<b>Dies benötigt eine spezielle Webserver-Konfiguration, siehe FPM-Handbuch für <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_phpfpm">Apache2</a> oder <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookNginx_phpfpm">nginx</a></b>';
 $lng['serversettings']['phpfpm_settings']['configdir'] = 'Pfad zu php-fpm-Konfigurationen';
 $lng['serversettings']['phpfpm_settings']['aliasconfigdir'] = 'Alias-Ordner der php-fpm Konfiguration';
 $lng['serversettings']['phpfpm_settings']['reload'] = 'Kommando zum Neustarten von php-fpm';
@@ -1538,10 +1539,10 @@ $lng['serversettings']['validate_domain'] = 'Validiere Domainnamen';
 $lng['login']['combination_not_found'] = 'Kombination aus Benutzername und E-Mail Adresse stimmen nicht überein.';
 $lng['customer']['generated_pwd'] = 'Passwortvorschlag';
 $lng['customer']['usedmax'] = 'Benutzt / Max.';
-$lng['admin']['traffic'] = 'Datentransfer';
+$lng['admin']['traffic'] = 'Traffic';
 $lng['admin']['customertraffic'] = 'Kunden';
 $lng['traffic']['customer'] = 'Kunde';
-$lng['traffic']['trafficoverview'] = 'Übersicht Datentransfervolumen je';
+$lng['traffic']['trafficoverview'] = 'Übersicht Traffic je';
 $lng['traffic']['months']['jan'] = 'Jan';
 $lng['traffic']['months']['feb'] = 'Feb';
 $lng['traffic']['months']['mar'] = 'Mär';
@@ -1722,3 +1723,8 @@ $lng['serversettings']['allow_error_report_customer']['description'] = 'Bitte be
 $lng['admin']['phpsettings']['enable_slowlog'] = 'FPM slowlog pro Domain aktivieren';
 $lng['admin']['phpsettings']['request_terminate_timeout'] = 'Request terminate-timeout';
 $lng['admin']['phpsettings']['request_slowlog_timeout'] = 'Request slowlog-timeout';
+$lng['admin']['templates']['SERVER_HOSTNAME'] = 'Wird mit dem System-Hostname (URL zu froxlor) ersetzt';
+$lng['admin']['templates']['SERVER_IP'] = 'Wird mit der standard System IP-Adresse ersetzt';
+$lng['admin']['templates']['SERVER_PORT'] = 'Wird mit dem standard Port ersetzt';
+$lng['admin']['templates']['DOMAINNAME'] = 'Wird mit der Standardsubdomain des Kunden ersetzt (kann leer sein, wenn keine erstellt werden soll)';
+$lng['admin']['show_news_feed'] = 'Zeige News-Feed im Admin-Dashboard';

lng/italian.lng.php

@@ -1382,7 +1382,7 @@ $lng['serversettings']['froxlordirectlyviahostname'] = 'Accedi direttamente a Fr
 
 // ADDED IN FROXLOR 0.9.11-svn1
 $lng['serversettings']['panel_password_regex']['title'] = 'Espressione per le password';
-$lng['serversettings']['panel_password_regex']['description'] = 'Qui è possibile impostare una espressione regolare per la complessità delle password.<br />Vuoto = nessun requisito specificato<br />(<a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/En-password-regex-examples">aiuto/esempi regex</a>)';
+$lng['serversettings']['panel_password_regex']['description'] = 'Qui è possibile impostare una espressione regolare per la complessità delle password.<br />Vuoto = nessun requisito specificato';
 $lng['error']['notrequiredpasswordcomplexity'] = 'La complessita della password specificata non è soddisfacente.<br />Si prega di contattare l\'amministratore se avete domande sulla complessità della password';
 
 // ADDED IN FROXLOR 0.9.11-svn2
@@ -1396,7 +1396,7 @@ $lng['serversettings']['perl_path']['description'] = 'Rilevante solo se si utili
 // ADDED IN FROXLOR 0.9.12-svn1
 $lng['admin']['fcgid_settings'] = 'FCGID';
 $lng['serversettings']['mod_fcgid_ownvhost']['title'] = 'Abilita FCGID per i vhost Froxlor';
-$lng['serversettings']['mod_fcgid_ownvhost']['description'] = 'Se attivato, Froxlor verrà eseguito con un utente locale<br /><strong>ATTENZIONE:</strong>Questo richiede una configurazione manuale, vedi <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/FCGID_-_handbook">FCGID - handbook</a>';
+$lng['serversettings']['mod_fcgid_ownvhost']['description'] = 'Se attivato, Froxlor verrà eseguito con un utente locale<br /><strong>ATTENZIONE:</strong>Questo richiede una configurazione manuale, vedi <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_fcgid">FCGID - handbook</a>';
 $lng['admin']['mod_fcgid_user'] = 'Utente locale per FCGID (Froxlor vhost)';
 $lng['admin']['mod_fcgid_group'] = 'Gruppo locale per FCGID (Froxlor vhost)';
 

scripts/jobs/cron_mailboxsize.php

@@ -35,11 +35,16 @@ while ($maildir = $maildirs_stmt->fetch(PDO::FETCH_ASSOC)) {
 	if (file_exists($_maildir) 
 		&& is_dir($_maildir)
 	) {
-		$back = safe_exec('du -sb ' . escapeshellarg($_maildir) . '');
+		$back = safe_exec('du -sk ' . escapeshellarg($_maildir) . '');
 		foreach ($back as $backrow) {
 			$emailusage = explode(' ', $backrow);
 		}
 		$emailusage = floatval($emailusage['0']);
+
+		// as freebsd does not have the -b flag for 'du' which gives
+		// the size in bytes, we use "-sk" for all and calculate from KiB
+		$emailusage *= 1024;
+
 		unset($back);
 		Database::pexecute($upd_stmt, array('size' => $emailusage, 'id' => $maildir['id']));
 	} else {

scripts/jobs/cron_tasks.inc.dns.10.bind.php

@@ -257,6 +257,9 @@ class bind
 				/*&& $domain['spf'] == '1' */
 		) {
 			$zonefile.= $this->settings['spf']['spf_entry'] . "\n";
+			if (in_array('mail', $records)) {
+				$zonefile.= str_replace('@', 'mail', $this->settings['spf']['spf_entry']) . "\n";
+			}
 		}
 
 		/**
@@ -306,7 +309,7 @@ class bind
 
 			// Check whether to add a www.-prefix 
 			if ($domain['wwwserveralias'] == '1') {
-				$records[] = str_replace('.' . $domain['domain'], '', $subdomain['domain']);
+				$records[] = 'www.'.str_replace('.' . $domain['domain'], '', $subdomain['domain']);
 			}
 		}
 

scripts/jobs/cron_tasks.inc.http.10.apache.php

@@ -782,34 +782,11 @@ class apache
 	/**
 	 *	We compose the virtualhost entries for the domains
 	 */
-	public function createVirtualHosts()
-	{
-		$query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`,
-			`d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`, 
-			`c`.`documentroot` AS `customerroot`, `c`.`deactivated`,
-			`c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`, 
-			`d`.`mod_fcgid_maxrequests`, `p`.`ssl` AS `ssl`,
-			`p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` 
-			  FROM `".TABLE_PANEL_DOMAINS."` `d`
-      
-			  LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`) 
-			  LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`)
-			  
-			  INNER JOIN (
-			    SELECT * FROM ( 
-			      SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` 
-			      FROM `".TABLE_DOMAINTOIP."` `di` , `".TABLE_PANEL_IPSANDPORTS."` `p` 
-			      WHERE `p`.`id` = `di`.`id_ipandports` 
-			      ORDER BY `p`.`ssl` DESC 
-			    ) AS my_table_tmp
-			    GROUP BY `id_domain`
-			  ) AS p ON p.`id_domain` = `d`.`id`
-			  
-			  WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1'
-			  ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;";
+	public function createVirtualHosts() {
+
+		$domains = WebserverBase::getVhostsToCreate();
+		foreach ($domains as $domain) {
 
-		$result_domains_stmt = Database::query($query);
-		while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
 			fwrite($this->debugHandler, '  apache::createVirtualHosts: creating vhost container for domain ' . $domain['id'] . ', customer ' . $domain['loginname'] . "\n");
 			$this->logger->logAction(CRON_ACTION, LOG_INFO, 'creating vhost container for domain ' . $domain['id'] . ', customer ' . $domain['loginname']);
 			$vhosts_filename = $this->getVhostFilename($domain);

scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php

@@ -34,6 +34,11 @@ class apache_fcgid extends apache
 				if ($domain['ssl'] == 1 && $ssl_vhost) {
 					$srvName = 'ssl-fpm.external';
 				}
+				// #1317 - perl is executed via apache and therefore, when using fpm, does not know the user
+				// which perl is supposed to run as, hence the need for Suexec need
+				if (customerHasPerlEnabled($domain['customerid'])) {
+					$php_options_text.= '  SuexecUserGroup "' . $domain['loginname'] . '" "' . $domain['loginname'] . '"' . "\n";
+				}
 				$php_options_text.= '  FastCgiExternalServer ' . $php->getInterface()->getAliasConfigDir() . $srvName . ' -socket ' . $php->getInterface()->getSocketFile()  . ' -idle-timeout ' . $this->settings['phpfpm']['idle_timeout'] . "\n";
 				$php_options_text.= '  <Directory "' . makeCorrectDir($domain['documentroot']) . '">' . "\n";
 				$php_options_text.= '    <FilesMatch "\.php$">' . "\n";

scripts/jobs/cron_tasks.inc.http.20.lighttpd.php

@@ -287,36 +287,10 @@ class lighttpd
 	{
 	}
 
-	protected function createLighttpdHosts($ipid, $ssl, $vhost_filename)
-	{
-		$query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`,
-			`d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`,
-			`c`.`documentroot` AS `customerroot`, `c`.`deactivated`,
-			`c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`,
-			`d`.`mod_fcgid_maxrequests`, `p`.`ssl` AS `ssl`,
-			`p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile`
-			  FROM `".TABLE_PANEL_DOMAINS."` `d`
+	protected function createLighttpdHosts($ipid, $ssl, $vhost_filename) {
 
-			  LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`)
-			  LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`)
-
-			  INNER JOIN (
-			    SELECT * FROM (
-			      SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile`
-			      FROM `".TABLE_DOMAINTOIP."` `di` , `".TABLE_PANEL_IPSANDPORTS."` `p`
-			      WHERE `p`.`id` = `di`.`id_ipandports`
-			      AND `p`.`id` = '".(int)$ipid."'
-			      ORDER BY `p`.`ssl` DESC
-			    ) AS my_table_tmp
-			    GROUP BY `id_domain`
-			  ) AS p ON p.`id_domain` = `d`.`id`
-
-			  WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1'
-			  ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;";
-
-		$included_vhosts = array();
-		$result_domains_stmt = Database::query($query);
-		while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
+		$domains = WebserverBase::getVhostsToCreate();
+		foreach ($domains as $domain) {
 
 			if (is_dir($this->settings['system']['apacheconf_vhost'])) {
 				safe_exec('mkdir -p '.escapeshellarg(makeCorrectDir($this->settings['system']['apacheconf_vhost'].'/vhosts/')));

scripts/jobs/cron_tasks.inc.http.30.nginx.php

@@ -247,34 +247,13 @@ class nginx
 		$this->_createStandardErrorHandler();
 	}
 
-	protected function createNginxHosts()
-	{
-		$query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`,
-			`d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`, 
-			`c`.`documentroot` AS `customerroot`, `c`.`deactivated`,
-			`c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`, 
-			`d`.`mod_fcgid_maxrequests`, `p`.`ssl` AS `ssl`,
-			`p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` 
-			  FROM `".TABLE_PANEL_DOMAINS."` `d`
-      
-			  LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`) 
-			  LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`)
-			  
-			  INNER JOIN (
-			    SELECT * FROM ( 
-			      SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` 
-			      FROM `".TABLE_DOMAINTOIP."` `di` , `".TABLE_PANEL_IPSANDPORTS."` `p` 
-			      WHERE `p`.`id` = `di`.`id_ipandports` 
-			      ORDER BY `p`.`ssl` DESC 
-			    ) AS my_table_tmp
-			    GROUP BY `id_domain`
-			  ) AS p ON p.`id_domain` = `d`.`id`
-			  
-			  WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1'
-			  ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;";
+	/**
+	 * create vhosts
+	 */
+	protected function createNginxHosts() {
 
-		$result_domains_stmt = Database::query($query);
-		while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
+		$domains = WebserverBase::getVhostsToCreate();
+		foreach ($domains as $domain) {
 
 			if (is_dir($this->settings['system']['apacheconf_vhost'])) {
 				safe_exec('mkdir -p '.escapeshellarg(makeCorrectDir($this->settings['system']['apacheconf_vhost'])));

templates/Froxlor/admin/cronjobs/cronjobs_cronjobmodule.tpl

@@ -0,0 +1,3 @@
+<tr>
+	<td colspan="5"><b>{$module}</b></td>
+</tr>

templates/Froxlor/admin/index/index.tpl

@@ -141,7 +141,7 @@ $header
 				<td><a href="$lookfornewversion_link">$lookfornewversion_lable</a></td>
 			</if>
 		</tr>
-		<if $isnewerversion != 0 >
+		<if $isnewerversion == 1 >
 		<tr>
 			<td colspan="2"><strong>{$lng['admin']['newerversionavailable']}</strong></td>
 		</tr>

templates/Froxlor/admin/templates/templates_add_2.tpl

@@ -77,6 +77,22 @@ $header
 					<td><em>{PASSWORD}</em></td>
 					<td>{$lng['admin']['templates']['PASSWORD']}</td>
 				</tr>
+				<tr>
+					<td><em>{SERVER_HOSTNAME}</em></td>
+					<td>{$lng['admin']['templates']['SERVER_HOSTNAME']}</td>
+				</tr>
+				<tr>
+					<td><em>{SERVER_IP}</em></td>
+					<td>{$lng['admin']['templates']['SERVER_IP']}</td>
+				</tr>
+				<tr>
+					<td><em>{SERVER_PORT}</em></td>
+					<td>{$lng['admin']['templates']['SERVER_PORT']}</td>
+				</tr>
+				<tr>
+					<td><em>{DOMAINNAME}</em></td>
+					<td>{$lng['admin']['templates']['DOMAINNAME']}</td>
+				</tr>
 				<tr>
 					<td colspan="2">
 						<strong>{$lng['admin']['templates']['pop_success']}</strong>

templates/Froxlor/admin/templates/templates_edit.tpl

@@ -78,6 +78,22 @@ $header
 					<td><em>{PASSWORD}</em></td>
 					<td>{$lng['admin']['templates']['PASSWORD']}</td>
 				</tr>
+				<tr>
+					<td><em>{SERVER_HOSTNAME}</em></td>
+					<td>{$lng['admin']['templates']['SERVER_HOSTNAME']}</td>
+				</tr>
+				<tr>
+					<td><em>{SERVER_IP}</em></td>
+					<td>{$lng['admin']['templates']['SERVER_IP']}</td>
+				</tr>
+				<tr>
+					<td><em>{SERVER_PORT}</em></td>
+					<td>{$lng['admin']['templates']['SERVER_PORT']}</td>
+				</tr>
+				<tr>
+					<td><em>{DOMAINNAME}</em></td>
+					<td>{$lng['admin']['templates']['DOMAINNAME']}</td>
+				</tr>
 				<tr>
 					<td colspan="2">
 						<strong>{$lng['admin']['templates']['pop_success']}</strong>

templates/Froxlor/admin/tickets/tickets.tpl

@@ -26,11 +26,11 @@ $header
 			<thead>
 				<tr>
 					<th>{$lng['ticket']['lastchange']}&nbsp;{$arrowcode['lastchange']}</th>
-					<th>{$lng['ticket']['ticket_answers']}&nbsp;{$arrowcode['ticket_answers']}</th>
+					<th>{$lng['ticket']['ticket_answers']}</th>
 					<th>{$lng['ticket']['subject']}&nbsp;{$arrowcode['subject']}</th>
 					<th>{$lng['ticket']['status']}&nbsp;{$arrowcode['status']}</th>
 					<th>{$lng['ticket']['lastreplier']}&nbsp;{$arrowcode['lastreplier']}</th>
-					<th>{$lng['ticket']['priority']}&nbsp;{$arrowcode['priority']}</th>
+					<th>{$lng['ticket']['priority']}</th>
 					<th>{$lng['panel']['options']}</th>
 				</tr>
 			</thead>

templates/Froxlor/assets/css/main.css

@@ -395,6 +395,10 @@ a:hover {
 	text-decoration: underline;
 }
 
+a.active {
+	font-weight: bold;
+}
+
 .infotext {
 	font-size: 11px;
 }

templates/Froxlor/customer/tickets/tickets.tpl

@@ -39,11 +39,11 @@ $header
 			<thead>
 				<tr>
 					<th>{$lng['ticket']['lastchange']}&nbsp;{$arrowcode['lastchange']}</th>
-					<th>{$lng['ticket']['ticket_answers']}&nbsp;{$arrowcode['ticket_answers']}</th>
+					<th>{$lng['ticket']['ticket_answers']}</th>
 					<th>{$lng['ticket']['subject']}&nbsp;{$arrowcode['subject']}</th>
 					<th>{$lng['ticket']['status']}&nbsp;{$arrowcode['status']}</th>
 					<th>{$lng['ticket']['lastreplier']}&nbsp;{$arrowcode['lastreplier']}</th>
-					<th>{$lng['ticket']['priority']}&nbsp;{$arrowcode['priority']}</th>
+					<th>{$lng['ticket']['priority']}</th>
 					<th>{$lng['panel']['options']}</th>
 				</tr>
 			</thead>

templates/Sparkle/admin/cronjobs/cronjobs_cronjobmodule.tpl

@@ -0,0 +1,3 @@
+<tr>
+	<td colspan="5"><b>{$module}</b></td>
+</tr>

templates/Sparkle/admin/index/index.tpl

@@ -195,7 +195,8 @@ $header
 			
 		</section>
 		
-		
+
+		<if $settings['admin']['show_news_feed'] == '1'>
 		<section class="dboarditem bradius" id="newsfeed" style="display: none">
 			<table>
 				<tr>
@@ -204,7 +205,8 @@ $header
 			</table>
 			<div id="newsfeeditems"></div>
 		</section>
-		
+		</if>
+
 		<section class="dboarditem bradius">
 		<table>
 		<tr>
@@ -263,7 +265,7 @@ $header
 				<td><a href="$lookfornewversion_link">$lookfornewversion_lable</a></td>
 			</if>
 		</tr>
-		<if $isnewerversion != 0 >
+		<if $isnewerversion == 1 >
 		<tr>
 			<td colspan="2"><strong>{$lng['admin']['newerversionavailable']}</strong></td>
 		</tr>

templates/Sparkle/admin/settings/phpinfo.tpl

@@ -7,7 +7,7 @@ $header
 			</h2>
 		</header>
 
-		<section class="dboarditemfull bradius">
+		<section class="dboarditemfull bradius" style="overflow: scroll;">
 			<table width="100%">
 				{$phpinfo}
 			</table>

templates/Sparkle/admin/templates/templates.tpl

@@ -31,6 +31,8 @@ $header
 
 	</article>
 	<br />
+	<br />
+	<br />
 	<article>
 		<header>
 			<h2>

templates/Sparkle/admin/templates/templates_add_1.tpl

@@ -10,18 +10,23 @@ $header
 		<section class="tinyform bradius">
 			<form method="post" action="{$linker->getLink(array('section' => 'templates'))}" enctype="application/x-www-form-urlencoded">
 				<fieldset>
-				<legend>Froxlor&nbsp;-&nbsp;{$lng['menue']['main']['changelanguage']}</legend>
-				<p>
-					<label for="language">{$lng['login']['language']}:</label>&nbsp;
-					<select id="language" name="language">$language_options</select>
-				</p>
-				<p class="submit">
+					<legend>Froxlor&nbsp;-&nbsp;{$lng['menue']['main']['changelanguage']}</legend>
 					<input type="hidden" name="s" value="$s" />
 					<input type="hidden" name="page" value="$page" />
 					<input type="hidden" name="action" value="$action" />
 					<input type="hidden" name="prepare" value="prepare" />
-					<input type="submit" value="{$lng['panel']['next']}" />
-				</p>
+						
+					<table class="formtable tinyform">
+						<tr>
+							<td><label for="language">{$lng['login']['language']}:</label></td>
+							<td><select id="language" name="language">$language_options</select></td>
+						</tr>
+						<tfoot>
+							<tr>
+								<td colspan="2" align="center"><input type="submit" value="{$lng['panel']['next']}" /></td>
+							</tr>
+						</tfoot>
+					</table>
 				</fieldset>
 			</form>
 		</section>

templates/Sparkle/admin/tickets/tickets.tpl

@@ -26,11 +26,11 @@ $header
 			<thead>
 				<tr>
 					<th>{$lng['ticket']['lastchange']}&nbsp;{$arrowcode['lastchange']}</th>
-					<th>{$lng['ticket']['ticket_answers']}&nbsp;{$arrowcode['ticket_answers']}</th>
+					<th>{$lng['ticket']['ticket_answers']}</th>
 					<th>{$lng['ticket']['subject']}&nbsp;{$arrowcode['subject']}</th>
 					<th>{$lng['ticket']['status']}&nbsp;{$arrowcode['status']}</th>
 					<th>{$lng['ticket']['lastreplier']}&nbsp;{$arrowcode['lastreplier']}</th>
-					<th>{$lng['ticket']['priority']}&nbsp;{$arrowcode['priority']}</th>
+					<th>{$lng['ticket']['priority']}</th>
 					<th>{$lng['panel']['options']}</th>
 				</tr>
 			</thead>

templates/Sparkle/assets/css/main.css

@@ -22,6 +22,10 @@ body {
 	padding:0;
 }
 
+strong {
+	font-weight: 600;
+}
+
 .content {
 	background-color: #f7f8fa;
 	margin-top: 53px;
@@ -484,6 +488,10 @@ a:hover {
 	text-decoration:underline;
 }
 
+a.active {
+	font-weight: bold;
+}
+
 .infotext {
 	font-size:11px;
 }
@@ -953,8 +961,8 @@ label.nobr {
 .newsitem {
 	border-bottom: 1px solid #f1f2f3;
 	padding: 6px 5px 8px 5px;
-	height: 36px;
-	line-height: 20px;
+	height: 52px;
+	line-height: 18px;
 	margin: 0 5px;
 	overflow: hidden; 
 	text-overflow: ellipsis;
@@ -962,6 +970,7 @@ label.nobr {
 }
 .newsitem a {
 	color: #333;
+	line-height: 12px;
 }
 .newsitem a:hover {
 	text-decoration: none;
@@ -972,3 +981,7 @@ label.nobr {
 .newsitem b {
 	margin-right: 15px;
 }
+.newsitem small {
+	font-size: 8px;
+	color: gray;
+}

templates/Sparkle/assets/js/main.js

@@ -38,7 +38,7 @@ $(document).ready(function() {
 	var snheight = $('#sidenavigation').height();
 	var mainheight = $('#maincontent').height();
 	if (snheight > mainheight) {
-		$('#maincontent').height(snheight - 60);
+		$('#maincontent').height(snheight);
 	}
 
 	// this is necessary for the special setting feature (ref #1010)

templates/Sparkle/assets/js/traffic.js

@@ -60,37 +60,50 @@ $(document).ready(function(){
 	//alert(ftp);
 	var plot2 = $.jqplot('chartdiv', [ftp, http, mail], {
 		series: [
+			
 			{
 				lineWidth:1,
 				color: '#019522',
 				label: 'FTP',
-				showMarker: false
+				markerOptions: { style:"circle", size: 5, shadow: false },
+				rendererOptions: { smooth: true },
+				pointLabels: { show:true, formatString: "%#.2f" }
 			},
 			{
 				lineWidth:1,
 				color: '#0000FF',
 				label: 'HTTP',
-				showMarker: false
+				markerOptions: { style:"circle", size: 5, shadow: false },
+				rendererOptions: { smooth: true },
+				pointLabels: { show:true, formatString: "%#.2f" }
 			},
 			{
 				lineWidth:1,
 				color: '#800000',
 				label: 'Mail',
-				showMarker: false
+				markerOptions: { style: "circle", size: 5, shadow: false },
+				rendererOptions: { smooth: true },
+				pointLabels: { show:true, formatString: "%#.2f" }
 			}	
 		],
 		axes: {
 			yaxis: {
 				min: 0,
-				numberTicks: 10
+				numberTicks: 5,
+				rendererOptions: {drawBaseline: false}
 			},
 			xaxis: {
+				tickOptions:{
+					showGridline: false
+				},
 				pad: 0,
 				ticks: aticks
 			},
 		},
 		grid: {
+			show: false,
 			background: '#fff',
+			gridLineColor: '#e2e4e6',
 			borderWidth: 0,
 			shadow: false
 		}

templates/Sparkle/customer/tickets/tickets.tpl

@@ -39,11 +39,11 @@ $header
 			<thead>
 				<tr>
 					<th>{$lng['ticket']['lastchange']}&nbsp;{$arrowcode['lastchange']}</th>
-					<th>{$lng['ticket']['ticket_answers']}&nbsp;{$arrowcode['ticket_answers']}</th>
+					<th>{$lng['ticket']['ticket_answers']}</th>
 					<th>{$lng['ticket']['subject']}&nbsp;{$arrowcode['subject']}</th>
 					<th>{$lng['ticket']['status']}&nbsp;{$arrowcode['status']}</th>
 					<th>{$lng['ticket']['lastreplier']}&nbsp;{$arrowcode['lastreplier']}</th>
-					<th>{$lng['ticket']['priority']}&nbsp;{$arrowcode['priority']}</th>
+					<th>{$lng['ticket']['priority']}</th>
 					<th>{$lng['panel']['options']}</th>
 				</tr>
 			</thead>

templates/misc/configfiles/debian_squeeze/dovecot/etc_dovecot_dovecot.conf

@@ -1,4 +1,4 @@
-protocols = imap pop3 <SSLPROTOCOLS>
+#protocols = imap pop3 <SSLPROTOCOLS>
 listen = *
 mail_access_groups = vmail
 mail_debug = no
@@ -25,8 +25,8 @@ protocol pop3 {
     
 }
 protocol lda {
-	# postmaster is the one in charge of the mail system. MUST be set to a valid address!
-    postmaster_address = <postmaster-address>
+    # postmaster is the one in charge of the mail system. MUST be set to a valid address!
+    postmaster_address = postmaster@<SERVERNAME>
     auth_socket_path = /var/run/dovecot/auth-master
     mail_plugins = quota
     sendmail_path = /usr/sbin/sendmail

templates/misc/configfiles/debian_wheezy/dovecot/etc_dovecot_conf.d_15-lda.conf

@@ -4,7 +4,7 @@
 
 # Address to use when sending rejection mails.
 # Default is postmaster@<your domain>.
-#postmaster_address = <postmaster-address>
+#postmaster_address = postmaster@<SERVERNAME>
 
 # Hostname to use in various parts of sent mails, eg. in Message-Id.
 # Default is the system's real hostname.

templates/misc/configfiles/freebsd/dovecot2/usr_local_etc_dovecot_dovecot.conf

@@ -133,6 +133,6 @@ protocol imap {
 protocol lmtp {
 
 	mail_plugins = $mail_plugins
-	postmaster_address = postmaster@example.net
+	postmaster_address = postmaster@<SERVERNAME>
 
 }

templates/misc/configfiles/gentoo/dovecot/etc_dovecot_dovecot.conf

@@ -59,7 +59,7 @@ protocol lda {
 	auth_socket_path = /var/run/dovecot/auth-master
 	mail_plugins = quota
 	# postmaster is the one in charge of the mail system. MUST be set to a valid address!
-	postmaster_address = admin@<SERVERNAME>
+	postmaster_address = postmaster@<SERVERNAME>
 	sendmail_path = /usr/sbin/sendmail
 	lda_mailbox_autocreate = 1
 }

templates/misc/configfiles/opensuse_11_x/dovecot/etc_dovecot_dovecot.conf

@@ -25,8 +25,8 @@ protocol pop3 {
     
 }
 protocol lda {
-	# postmaster is the one in charge of the mail system. MUST be set to a valid address!
-    postmaster_address = <postmaster-address>
+    # postmaster is the one in charge of the mail system. MUST be set to a valid address!
+    postmaster_address = postmaster@<SERVERNAME>
     auth_socket_path = /var/run/dovecot/auth-master
     mail_plugins = quota
     sendmail_path = /usr/sbin/sendmail

templates/misc/configfiles/ubuntu_lucid/dovecot/etc_dovecot_conf.d_01-dovecot-postfix.conf

@@ -28,7 +28,7 @@ protocol pop3 {
 # LDA configuration
 protocol lda {
         # postmaster is the one in charge of the mail system. MUST be set to a valid address!
-        postmaster_address = <postmaster-address>
+        postmaster_address = postmaster@<SERVERNAME>
         mail_plugins = quota
         deliver_log_format = msgid=%m: %$
         rejection_reason = Your message to <%t> was automatically rejected:%n%r

templates/misc/configfiles/ubuntu_precise/dovecot/etc_dovecot_conf.d_01_mail_stack_delivery.conf

@@ -25,7 +25,7 @@ protocol pop3 {
 
 # LDA configuration
 protocol lda {
-        postmaster_address = postmaster
+        postmaster_address = postmaster@<SERVERNAME>
 	mail_plugins = sieve quota
         quota_full_tempfail = yes
         deliver_log_format = msgid=%m: %$