add logger to dbmanager, thx Sephi

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>

.gitignore

@@ -2,6 +2,7 @@ packages/*
 lib/classes/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer/*/
 temp/*
 templates/*
+logs/*
 install/update.log
 .buildpath
 .project

actions/admin/settings/100.panel.php

@@ -194,6 +194,14 @@ return array(
 					'default' => false,
 					'save_method' => 'storeSettingField',
 					),
+				'admin_show_news_feed' => array(
+					'label' => $lng['admin']['show_news_feed'],
+					'settinggroup' => 'admin',
+					'varname' => 'show_news_feed',
+					'type' => 'bool',
+					'default' => true,
+					'save_method' => 'storeSettingField',
+					),
 				'panel_allow_domain_change_admin' => array(
 					'label' => $lng['serversettings']['panel_allow_domain_change_admin'],
 					'settinggroup' => 'panel',

admin_customers.php

@@ -247,36 +247,20 @@ if ($page == 'customers'
 				Database::needRoot(true);
 				$last_dbserver = 0;
 
+				$dbm = new DbManager($settings, $log);
+
 				while ($row_database = $databases_stmt->fetch(PDO::FETCH_ASSOC)) {
 
 					if ($last_dbserver != $row_database['dbserver']) {
 						Database::needRoot(true, $row_database['dbserver']);
-						Database::query('FLUSH PRIVILEGES;');
+						$dbm->getManager()->flushPrivileges();
 						$last_dbserver = $row_database['dbserver'];
 					}
 
-					if (Database::getAttribute(PDO::ATTR_SERVER_VERSION) < '5.0.2') {
+					$dbm->getManager()->deleteDatabase($row_database['databasename']);
-						// failsafe if user has been deleted manually (requires MySQL 4.1.2+)
-						$stmt = Database::prepare("REVOKE ALL PRIVILEGES, GRANT OPTION FROM `".$row_database['databasename']."`");
-						Database::pexecute($stmt, array(), false);
-					}
-
-					$host_res_stmt = Database::prepare("
-						SELECT `Host` FROM `mysql`.`user`
-						WHERE `User` = :dbname"
-					);
-					Database::pexecute($host_res_stmt, array('dbname' => $row_database['databasename']));
-					while ($host = $host_res_stmt->fetch(PDO::FETCH_ASSOC)) {
-						// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
-						$drop_stmt = Database::prepare("DROP USER :dbname@:host");
-						Database::pexecute($drop_stmt, array(':dbname' => $row_database['databasename'], ':host' => $host['Host']), false);
-					}
-
-					$drop_stmt = Database::prepare("DROP DATABASE IF EXISTS `".$row_database['databasename']."`");
-					Database::pexecute($drop_stmt);
 				}
 
-				Database::query('FLUSH PRIVILEGES;');
+				$dbm->getManager()->flushPrivileges();
 				Database::needRoot(false);
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `customerid` = :id");
 				Database::pexecute($stmt, array('id' => $id));
@@ -289,7 +273,7 @@ if ($page == 'customers'
 				Database::pexecute($stmt, array('id' => $id));
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `customerid` = :id");
 				Database::pexecute($stmt, array('id' => $id));
-				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `customerid` = :id AND `adminsession` = '0'");
+				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_SESSIONS . "` WHERE `userid` = :id AND `adminsession` = '0'");
 				Database::pexecute($stmt, array('id' => $id));
 				$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_TRAFFIC . "` WHERE `customerid` = :id");
 				Database::pexecute($stmt, array('id' => $id));
@@ -917,6 +901,8 @@ if ($page == 'customers'
 					Database::pexecute($ins_stmt, array('name' => $loginname));
 					$log->logAction(ADM_ACTION, LOG_NOTICE, "automatically added ftp-account for user '" . $loginname . "'");
 
+					$_stdsubdomain = '';
+
 					if ($createstdsubdomain == '1') {
 
 						if (isset($settings['system']['stdsubdomain'])
@@ -968,13 +954,28 @@ if ($page == 'customers'
 
 					if ($sendpassword == '1') {
 
+						$srv_hostname = $settings['system']['hostname'];
+						if ($settings['system']['froxlordirectlyviahostname'] == '0') {
+							$srv_hostname .= '/froxlor';
+						}
+
+						$srv_ip_stmt = Database::prepare("
+							SELECT ip, port FROM `".TABLE_PANEL_IPSANDPORTS."`
+							WHERE `id` = :defaultip
+						");
+						$srv_ip = Database::pexecute_first($srv_ip_stmt, array('defaultip' => $settings['system']['defaultip']));
+
 						$replace_arr = array(
 							'FIRSTNAME' => $firstname,
 							'NAME' => $name,
 							'COMPANY' => $company,
 							'SALUTATION' => getCorrectUserSalutation(array('firstname' => $firstname, 'name' => $name, 'company' => $company)),
 							'USERNAME' => $loginname,
-							'PASSWORD' => $password
+							'PASSWORD' => $password,
+							'SERVER_HOSTNAME' => $srv_hostname,
+							'SERVER_IP' => isset($srv_ip['ip']) ? $srv_ip['ip'] : '',
+							'SERVER_PORT' => isset($srv_ip['port']) ? $srv_ip['port'] : '',
+							'DOMAINNAME' => $_stdsubdomain
 						);
 
 						// Get mail templates from database; the ones from 'admin' are fetched for fallback
@@ -1376,11 +1377,14 @@ if ($page == 'customers'
 
 						Database::needRoot(true);
 						$last_dbserver = 0;
+
+						$dbm = new DbManager($settings, $log);
+
 						// For each of them
 						while ($row_database = $databases_stmt->fetch(PDO::FETCH_ASSOC)) {
 
 							if ($last_dbserver != $row_database['dbserver']) {
-								Database::query('FLUSH PRIVILEGES;');
+								$dbm->getManager()->flushPrivileges();
 								Database::needRoot(true, $row_database['dbserver']);
 								$last_dbserver = $row_database['dbserver'];
 							}
@@ -1391,19 +1395,16 @@ if ($page == 'customers'
 								// Prevent access, if deactivated
 								if ($deactivated) {
 									// failsafe if user has been deleted manually (requires MySQL 4.1.2+)
-									$stmt = Database::prepare("REVOKE ALL PRIVILEGES, GRANT OPTION FROM `".$row_database['databasename']."`");
+									$dbm->getManager()->disableUser($row_database['databasename'], $mysql_access_host);
-									Database::pexecute($stmt, array(), false);
-
 								} else {
 									// Otherwise grant access
-									Database::query('GRANT ALL PRIVILEGES ON `' . $row_database['databasename'] .'`.* TO `' . $row_database['databasename'] . '`@`' . $mysql_access_host . '`');
+									$dbm->getManager()->enableUser($row_database['databasename'], $mysql_access_host);
-									Database::query('GRANT ALL PRIVILEGES ON `' . str_replace('_', '\_', $row_database['databasename']) . '` . * TO `' . $row_database['databasename'] . '`@`' . $mysql_access_host . '`');
 								}
 							}
 						}
 
-						/* At last flush the new privileges */
+						// At last flush the new privileges
-						Database::query('FLUSH PRIVILEGES;');
+						$dbm->getManager()->flushPrivileges();
 						Database::needRoot(false);
 
 						$log->logAction(ADM_ACTION, LOG_INFO, "deactivated user '" . $result['loginname'] . "'");

admin_domains.php

@@ -236,7 +236,7 @@ if ($page == 'domains'
 					`domains_used` = `domains_used` - 1
 					WHERE `adminid` = :adminid"
 				);
-				Database::pexecute($upd_stmt, array('adminid' => $userinfo['admind']));
+				Database::pexecute($upd_stmt, array('adminid' => $userinfo['adminid']));
 
 				$upd_stmt = Database::prepare("
 					UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET

admin_ipsandports.php

@@ -153,7 +153,7 @@ if ($page == 'ipsandports'
 			$docroot = validate($_POST['docroot'], 'docroot');
 
 			if ((int)$settings['system']['use_ssl'] == 1) {
-				$ssl = intval($_POST['ssl']);
+				$ssl = isset($_POST['ssl']) ? intval($_POST['ssl']) : 0;
 				$ssl_cert_file = validate($_POST['ssl_cert_file'], 'ssl_cert_file');
 				$ssl_key_file = validate($_POST['ssl_key_file'], 'ssl_key_file');
 				$ssl_ca_file = validate($_POST['ssl_ca_file'], 'ssl_ca_file');

customer_mysql.php

@@ -109,28 +109,9 @@ if ($page == 'overview') {
 			if (isset($_POST['send']) && $_POST['send'] == 'send') {
 				// Begin root-session
 				Database::needRoot(true, $result['dbserver']);
+				$dbm = new DbManager($settings, $log);
+				$dbm->getManager()->deleteDatabase($result['databasename']);
 				$log->logAction(USR_ACTION, LOG_INFO, "deleted database '" . $result['databasename'] . "'");
-				if (Database::getAttribute(PDO::ATTR_SERVER_VERSION) < '5.0.2') {
-					// Revoke privileges (only required for MySQL 4.1.2 - 5.0.1)
-					$stmt = Database::prepare("REVOKE ALL PRIVILEGES, GRANT OPTION FROM :databasename");
-					Database::pexecute($stmt, array("databasename" => $result['databasename']));
-				}
-
-				$host_res_stmt = Database::prepare("SELECT `Host` FROM `mysql`.`user`
-					WHERE `User`= :databasename"
-				);
-				Database::pexecute($host_res_stmt, array("databasename" => $result['databasename']));
-
-				while ($host = $host_res_stmt->fetch(PDO::FETCH_ASSOC)) {
-					// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
-					$stmt = Database::prepare("DROP USER :databasename@:host");
-					Database::pexecute($stmt, array("databasename" => $result['databasename'], "host" => $host['Host']));
-				}
-
-				$stmt = Database::prepare("DROP DATABASE IF EXISTS `" . $result['databasename'] . "`");
-				Database::pexecute($stmt, array(), false);
-				$stmt = Database::prepare("FLUSH PRIVILEGES");
-				Database::pexecute($stmt);
 				Database::needRoot(false);
 				// End root-session
 
@@ -189,40 +170,13 @@ if ($page == 'overview') {
 					// validate description before actual adding the database, #1052
 					$databasedescription = validate(trim($_POST['description']), 'description');
 
-					// Begin root-session
+					// create database, user, set permissions, etc.pp.
-					Database::needRoot(true);
+					$dbm = new DbManager($settings, $log);
-					if (strtoupper($settings['customer']['mysqlprefix']) == 'RANDOM') {
+					$username = $dbm->createDatabase(
-						$result_stmt = Database::prepare('SELECT `User` FROM mysql.user');
+						$userinfo['loginname'],
-						Database::pexecute($result_stmt);
+						$password,
-						while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+						$userinfo['mysql_lastaccountnumber']
-							$allsqlusers[] = $row[User];
+					);
-						}
-						$username = $userinfo['loginname'] . '-' . substr(md5(uniqid(microtime(), 1)), 20, 3);
-						while (in_array($username , $allsqlusers)) {
-							$username = $userinfo['loginname'] . '-' . substr(md5(uniqid(microtime(), 1)), 20, 3);
-						}
-					} else {
-						$username = $userinfo['loginname'] . $settings['customer']['mysqlprefix'] . (intval($userinfo['mysql_lastaccountnumber']) + 1);
-					}
-
-					$stmt = Database::prepare("CREATE DATABASE `" . $username . "`");
-					Database::pexecute($stmt);
-					$log->logAction(USR_ACTION, LOG_INFO, "created database '" . $username . "'");
-					foreach (array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host) {
-						$stmt = Database::prepare("GRANT ALL PRIVILEGES ON `" . $username . "`.*
-							TO :username@:host
-							IDENTIFIED BY 'password'"
-						);
-						Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host));
-						$stmt = Database::prepare("SET PASSWORD FOR :username@:host = PASSWORD(:password)");
-						Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host, "password" => $password));
-						$log->logAction(USR_ACTION, LOG_NOTICE, "grant all privileges for '" . $username . "'@'" . $mysql_access_host . "'");
-					}
-
-					$stmt = Database::prepare("FLUSH PRIVILEGES");
-					Database::pexecute($stmt);
-					Database::needRoot(false);
-					// End root-session
 
 					// Statement modified for Database description -- PH 2004-11-29
 					$stmt = Database::prepare('INSERT INTO `' . TABLE_PANEL_DATABASES . '`

install/froxlor.sql

@@ -376,6 +376,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('dkim', 'dkimrestart_command', '/etc/init.d/dkim-filter restart'),
 	('autoresponder', 'autoresponder_active', '0'),
 	('autoresponder', 'last_autoresponder_run', '0'),
+	('admin', 'show_news_feed', '1'),
 	('admin', 'show_version_login', '0'),
 	('admin', 'show_version_footer', '0'),
 	('aps', 'items_per_page', '20'),
@@ -552,7 +553,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('panel', 'phpconfigs_hidestdsubdomain', '0'),
 	('panel', 'allow_theme_change_admin', '1'),
 	('panel', 'allow_theme_change_customer', '1'),
-	('panel', 'version', '0.9.31-rc1');
+	('panel', 'version', '0.9.31-rc2');
 
 
 DROP TABLE IF EXISTS `panel_tasks`;

install/lng/english.lng.php

@@ -37,7 +37,7 @@ $lng['requirements']['openbasedirenabled'] = 'Froxlor will not work properly wit
 $lng['requirements']['diedbecauseofrequirements'] = 'Cannot install Froxlor without these requirements! Try to fix them and retry.';
 $lng['requirements']['froxlor_succ_checks'] = 'All requirements are satisfied';
 
-$lng['install']['title'] = 'Froxlor install - chose language';
+$lng['install']['lngtitle'] = 'Froxlor install - choose language';
 $lng['install']['language'] = 'Installation language';
 $lng['install']['lngbtn_go'] = 'Change language';
 $lng['install']['title'] = 'Froxlor install - setup';

install/updates/froxlor/0.9/update_0.9.inc.php

@@ -2519,3 +2519,18 @@ if (isFroxlorVersion('0.9.31-dev6')) {
 	lastStepStatus(0);
 	updateToVersion('0.9.31-rc1');
 }
+
+if (isFroxlorVersion('0.9.31-rc1')) {
+	showUpdateStep("Updating from 0.9.31-rc1 to 0.9.31-rc2");
+	lastStepStatus(0);
+
+	$update_admin_news_feed = isset($_POST['update_admin_news_feed']) ? (int)$_POST['update_admin_news_feed'] : '1';
+	showUpdateStep("Adding new news-feed option");
+	$ins_stmt = Database::prepare("
+		INSERT INTO `".TABLE_PANEL_SETTINGS."` SET `settinggroup` = 'admin', `varname` = 'show_news_feed', `value` = :value
+	");
+	Database::pexecute($ins_stmt, array('value' => $update_admin_news_feed));
+	lastStepStatus(0);
+
+	updateToVersion('0.9.31-rc2');
+}

install/updates/preconfig/0.9/preconfig_0.9.inc.php

@@ -594,11 +594,20 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version)
 
 	if (versionInUpdate($current_version, '0.9.31-dev5')) {
 		$has_preconfig = true;
-		$description  = 'You can enbable/disable error-reporting for admins and customers!<br /><br />';
+		$description  = 'You can enable/disable error-reporting for admins and customers!<br /><br />';
 		$question = '<strong>Do you want to enable error-reporting for admins? (default: yes):</strong>&nbsp;';
 		$question.= makeyesno('update_error_report_admin', '1', '0', '1').'<br />';
 		$question.= '<strong>Do you want to enable error-reporting for customers? (default: no):</strong>&nbsp;';
 		$question.= makeyesno('update_error_report_customer', '1', '0', '0');
 		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
 	}
+
+	if (versionInUpdate($current_version, '0.9.31-rc2')) {
+		$has_preconfig = true;
+		$description  = 'You can enable/disable the display/usage of the news-feed for admins<br /><br />';
+		$question = '<strong>Do you want to enable the news-feed for admins? (default: yes):</strong>&nbsp;';
+		$question.= makeyesno('update_admin_news_feed', '1', '0', '1').'<br />';
+		eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");
+	}
+
 }

lib/ajax.php

@@ -15,7 +15,7 @@
  * @package    AJAX
  *
  */
- 
+
 if(isset($_POST['action'])) {
 	$action = $_POST['action'];
 } elseif(isset($_GET['action'])) {
@@ -25,22 +25,27 @@ if(isset($_POST['action'])) {
 }
 
 if ($action == "newsfeed") {
-	$feed = "http://forum.froxlor.org/index.php/rss/forums/1-froxlor-announcements/";
+	$feed = "http://inside.froxlor.org/news/";
 
 	if (function_exists("simplexml_load_file") == false) {
 		die();
 	}
 
-	if (ini_get('allow_url_fopen')) {
+	// get version
-		$news = simplexml_load_file($feed, null, LIBXML_NOCDATA);
+	require './tables.inc.php';
+
+	if (function_exists('curl_version')) {
+		$ch = curl_init();
+		curl_setopt($ch, CURLOPT_URL, $feed);
+		curl_setopt($ch, CURLOPT_USERAGENT, 'Froxlor/'.$version);
+		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+		$output = curl_exec($ch);
+		curl_close($ch);
+		$news = simplexml_load_string(trim($output));
 	} else {
-		if (function_exists('curl_version')) {
+		if (ini_get('allow_url_fopen')) {
-			$ch = curl_init();
+			ini_set('user_agent', 'Froxlor/'.$version);
-			curl_setopt($ch, CURLOPT_URL, $feed);
+			$news = simplexml_load_file($feed, null, LIBXML_NOCDATA);
-			curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
-			$output = curl_exec($ch);
-			curl_close($ch);
-			$news = simplexml_load_string(trim($output));
 		} else {
 			$news = false;
 		}
@@ -52,9 +57,10 @@ if ($action == "newsfeed") {
 
 			$title = (string)$item->title;
 			$link = (string)$item->link;
+			$date = date("Y-m-d G:i", strtotime($item->pubDate));
 			$content = preg_replace("/[\r\n]+/", "", strip_tags($item->description));
 
-			echo "<div class=\"newsitem\"><a href=\"" . $link . "\" target=\"_blank\"><b>" . $title . "</b><br />" . $content . "</a></div>";
+			echo "<div class=\"newsitem\"><small>" . $date . "</small><br /><a href=\"" . $link . "\" target=\"_blank\"><b>" . $title . "</b><br />" . $content . "</a></div>";
 		}
 	} else {
 		echo "";

lib/classes/database/class.DbManager.php

@@ -0,0 +1,130 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Michael Kaufmann <mkaufmann@nutime.de>
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Classes
+ *
+ * @since      0.9.31
+ *
+ */
+
+/**
+ * Class DbManager
+ *
+ * Wrapper-class for database-management like creating
+ * and removing databases, users and permissions
+ *
+ * @copyright  (c) the authors
+ * @author     Michael Kaufmann <mkaufmann@nutime.de>
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Classes
+ */
+class DbManager {
+
+	/**
+	 * Settings array
+	 * @var array
+	 */
+	private $_settings = null;
+
+	/**
+	 * FroxlorLogger object
+	 * @var object
+	 */
+	private $_log = null;
+
+	/**
+	 * Manager object
+	 * @var object
+	 */
+	private $_manager = null;
+
+	/**
+	 * main constructor
+	 *
+	 * @param array $settings
+	 * @param FroxlorLogger $log
+	 */
+	public function __construct($settings, &$log = null) {
+		$this->_settings = $settings;
+		$this->_log = $log;
+		$this->_setManager();
+	}
+
+	/**
+	 * creates a new database and a user with the
+	 * same name with all privileges granted on the db.
+	 * DB-name and user-name are being generated and
+	 * the password for the user will be set
+	 *
+	 * @param string $loginname
+	 * @param string $password
+	 * @param int $last_accnumber
+	 *
+	 * @return string $username
+	 */
+	public function createDatabase($loginname = null, $password = null, $last_accnumber = 0) {
+
+		Database::needRoot(true);
+
+		// check whether we shall create a random username
+		if (strtoupper($this->_settings['customer']['mysqlprefix']) == 'RANDOM') {
+			// get all usernames from db-manager
+			$allsqlusers = $this->getManager()->getAllSqlUsers();
+			// generate random username
+			$username = $loginname . '-' . substr(md5(uniqid(microtime(), 1)), 20, 3);
+			// check whether it exists on the DBMS
+			while (in_array($username , $allsqlusers)) {
+				$username = $loginname . '-' . substr(md5(uniqid(microtime(), 1)), 20, 3);
+			}
+		} else {
+			$username = $loginname . $this->_settings['customer']['mysqlprefix'] . (intval($last_accnumber) + 1);
+		}
+
+		// now create the database itself
+		$this->getManager()->createDatabase($username);
+		$this->_log->logAction(USR_ACTION, LOG_INFO, "created database '" . $username . "'");
+
+		// and give permission to the user on every access-host we have
+		foreach (array_map('trim', explode(',', $this->_settings['system']['mysql_access_host'])) as $mysql_access_host) {
+			$this->getManager()->grantPrivilegesTo($username, $password, $mysql_access_host);
+			$this->_log->logAction(USR_ACTION, LOG_NOTICE, "grant all privileges for '" . $username . "'@'" . $mysql_access_host . "'");
+		}
+
+		$this->getManager()->flushPrivileges();
+
+		Database::needRoot(false);
+
+		return $username;
+	}
+
+	/**
+	 * returns the manager-object
+	 * from where we can control it
+	 */
+	public function getManager() {
+		return $this->_manager;
+	}
+
+	/**
+	 * set manager-object by type of
+	 * dbms: mysql only for now
+	 *
+	 * sets private $_manager variable
+	 */
+	private function _setManager() {
+		// TODO read different dbms from settings later
+		$this->_manager = new DbManagerMySQL($this->_settings, $this->_log);
+	}
+}

lib/classes/database/manager/class.DbManagerMySQL.php

@@ -0,0 +1,196 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Michael Kaufmann <mkaufmann@nutime.de>
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Classes
+ *
+ * @since      0.9.31
+ *
+ */
+
+/**
+ * Class DbManagerMySQL
+ *
+ * Explicit class for database-management like creating
+ * and removing databases, users and permissions for MySQL
+ *
+ * @copyright  (c) the authors
+ * @author     Michael Kaufmann <mkaufmann@nutime.de>
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Classes
+ */
+class DbManagerMySQL {
+
+	/**
+	 * Settings array
+	 * @var array
+	 */
+	private $_settings = null;
+
+	/**
+	 * FroxlorLogger object
+	 * @var object
+	 */
+	private $_log = null;
+
+	/**
+	 * main constructor
+	 *
+	 * @param array $settings
+	 * @param FroxlorLogger $log
+	 */
+	public function __construct($settings, &$log = null) {
+		$this->_settings = $settings;
+		$this->_log = $log;
+	}
+
+	/**
+	 * creates a database
+	 *
+	 * @param string $dbname
+	 */
+	public function createDatabase($dbname = null) {
+		Database::query("CREATE DATABASE `" . $dbname . "`");
+	}
+
+	/**
+	 * grants access privileges on a database with the same
+	 * username and sets the password for that user the given access_host
+	 *
+	 * @param string $username
+	 * @param string $password
+	 * @param string $access_host
+	 */
+	public function grantPrivilegesTo($username = null, $password = null, $access_host = null) {
+		// grant privileges
+		$stmt = Database::prepare("
+				GRANT ALL PRIVILEGES ON `" . $username . "`.*
+				TO :username@:host IDENTIFIED BY 'password'
+				");
+		Database::pexecute($stmt, array("username" => $username, "host" => $access_host));
+		// set passoword
+		$stmt = Database::prepare("SET PASSWORD FOR :username@:host = PASSWORD(:password)");
+		Database::pexecute($stmt, array("username" => $username, "host" => $access_host, "password" => $password));
+	}
+
+	/**
+	 * removes the given database from the dbms and also
+	 * takes away any privileges from a user to that db
+	 *
+	 * @param string $dbname
+	 */
+	public function deleteDatabase($dbname = null) {
+
+		if (Database::getAttribute(PDO::ATTR_SERVER_VERSION) < '5.0.2') {
+			// failsafe if user has been deleted manually (requires MySQL 4.1.2+)
+			$stmt = Database::prepare("REVOKE ALL PRIVILEGES, GRANT OPTION FROM `".$dbname."`");
+			Database::pexecute($stmt, array(), false);
+		}
+
+		$host_res_stmt = Database::prepare("
+			SELECT `Host` FROM `mysql`.`user` WHERE `User` = :dbname"
+		);
+		Database::pexecute($host_res_stmt, array('dbname' => $dbname));
+
+		while ($host = $host_res_stmt->fetch(PDO::FETCH_ASSOC)) {
+			// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
+			$drop_stmt = Database::prepare("DROP USER :dbname@:host");
+			Database::pexecute($drop_stmt, array(':dbname' => $dbname, ':host' => $host['Host']), false);
+		}
+
+		$drop_stmt = Database::prepare("DROP DATABASE IF EXISTS `".$dbname."`");
+		Database::pexecute($drop_stmt);
+	}
+
+	/**
+	 * removes a user from the dbms and revokes all privileges
+	 *
+	 * @param string $username
+	 * @param string $host
+	 */
+	public function deleteUser($username = null, $host = null) {
+		if (Database::getAttribute(PDO::ATTR_SERVER_VERSION) < '5.0.2') {
+			// Revoke privileges (only required for MySQL 4.1.2 - 5.0.1)
+			$stmt = Database::prepare("REVOKE ALL PRIVILEGES ON * . * FROM `". $username . "`@`".$host."`");
+			Database::pexecute($stmt);
+		}
+		// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
+		$stmt = Database::prepare("DROP USER :username@:host");
+		Database::pexecute($stmt, array("username" => $username, "host" => $host));
+	}
+
+	/**
+	 * removes permissions from a user
+	 *
+	 * @param string $username
+	 * @param string $host (unused in mysql)
+	 */
+	public function disableUser($username = null, $host = null) {
+		$stmt = Database::prepare("REVOKE ALL PRIVILEGES, GRANT OPTION FROM `".$row_database['databasename']."`");
+		Database::pexecute($stmt, array(), false);
+	}
+
+	/**
+	 * re-grant permissions to a user
+	 *
+	 * @param string $username
+	 * @param string $host
+	 */
+	public function enableUser($username = null, $host = null) {
+		Database::query('GRANT ALL PRIVILEGES ON `' . $username .'`.* TO `' . $username . '`@`' . $host . '`');
+		Database::query('GRANT ALL PRIVILEGES ON `' . str_replace('_', '\_', $username) . '` . * TO `' . $username . '`@`' . $host . '`');
+	}
+
+	/**
+	 * flushes the privileges...pretty obvious eh?
+	 */
+	public function flushPrivileges() {
+		Database::query("FLUSH PRIVILEGES");
+	}
+
+	/**
+	 * return an array of all usernames used in that DBMS
+	 *
+	 * @param bool $user_only if false, * will be selected from mysql.user and slightly different array will be generated
+	 *
+	 * @return array
+	 */
+	public function getAllSqlUsers($user_only = true) {
+
+		if ($user_only == false) {
+			$result_stmt = Database::prepare('SELECT * FROM mysql.user');
+		} else {
+			$result_stmt = Database::prepare('SELECT `User` FROM mysql.user');
+		}
+		Database::pexecute($result_stmt);
+		$allsqlusers = array();
+		while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
+			if ($user_only == false) {
+				if (!isset($allsqlusers[$row['User']])
+						|| !is_array($allsqlusers[$row['User']])
+				) {
+					$allsqlusers[$row['User']] = array(
+							'password' => $row['Password'],
+							'hosts' => array()
+					);
+				}
+				$allsqlusers[$row['User']]['hosts'][] = $row['Host'];
+			} else {
+				$allsqlusers[] = $row['User'];
+			}
+		}
+		return $allsqlusers;
+	}
+
+}

lib/classes/output/class.paging.php

@@ -175,7 +175,7 @@ class paging {
 			&& (preg_match('/[-_@\p{L}\p{N}*.]+$/u', $_REQUEST['searchtext'])
 			|| $_REQUEST['searchtext'] === '')
 		) {
-			$this->searchtext = $_REQUEST['searchtext'];
+			$this->searchtext = trim($_REQUEST['searchtext']);
 		} else {
 			if ($checklastpaging
 				&& isset($this->userinfo['lastpaging']['searchtext'])
@@ -279,8 +279,27 @@ class paging {
 			}
 
 			$searchfield = implode('.', $searchfield);
-			$searchtext = str_replace('*', '%', $this->searchtext);
+			// check for logical operators and whether searchtext is a number
-			$condition.= $searchfield . " LIKE " . Database::quote($searchtext);
+			// in any other case the logical-operators would make no sense
+			$ops = array('<', '>', '=');
+			if (in_array(substr($this->searchtext, 0, 1), $ops) && is_numeric(substr($this->searchtext, 1))) {
+				// if we're checking on traffic or diskspace, we need to adjust the search-value
+				if (strpos($searchfield, 'diskspace') > 0) {
+					// anything with diskspace is *1024
+					$searchtext = ((int)substr($this->searchtext, 1))*1024;
+				} elseif (strpos($searchfield, 'traffic') > 0) {
+					// anything with traffic is *1024*1024
+					$searchtext = ((int)substr($this->searchtext, 1))*1024*1024;
+				} else {
+					// any other field
+					$searchtext = substr($this->searchtext, 1);
+				}
+				// now as we use >, < or = we use the given operator and not LIKE
+				$condition.= $searchfield . " ".substr($this->searchtext, 0, 1)." " . Database::quote($searchtext);
+			} else {
+				$searchtext = str_replace('*', '%', $this->searchtext);
+				$condition.= $searchfield . " LIKE " . Database::quote($searchtext);
+			}
 		} else {
 			$condition = '';
 		}

lib/classes/webserver/class.WebserverBase.php

@@ -0,0 +1,85 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Michael Kaufmann <mkaufmann@nutime.de>
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Cron
+ *
+ * @since      0.9.31
+ *
+ */
+
+class WebserverBase {
+
+	/**
+	 * returns an array with all entries required for all
+	 * webserver-vhost-configs
+	 *
+	 * @return array
+	 */
+	public static function getVhostsToCreate() {
+
+		$query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`,
+				`d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`,
+				`c`.`documentroot` AS `customerroot`, `c`.`deactivated`,
+				`c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`,
+				`d`.`mod_fcgid_maxrequests`
+				FROM `".TABLE_PANEL_DOMAINS."` `d`
+
+				LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`)
+				LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`)
+
+				WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1'
+				ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;
+		";
+
+		$result_domains_stmt = Database::query($query);
+
+		$domains = array();
+		while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
+
+			// set whole domain
+			$domains[$domain['domain']] = $domain;
+			// set empty-defaults for non-ssl
+			$domains[$domain['domain']]['ssl'] = '';
+			$domains[$domain['domain']]['ssl_cert_file'] = '';
+			$domains[$domain['domain']]['ssl_key_file'] = '';
+			$domains[$domain['domain']]['ssl_ca_file'] = '';
+			$domains[$domain['domain']]['ssl_cert_chainfile'] = '';
+
+			// now, if the domain has an ssl ip/port assigned, get
+			// the corresponding information from the db
+			if (domainHasSslIpPort($domain['id'])) {
+
+				$ip_stmt = Database::prepare("
+						SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile`
+						FROM `".TABLE_DOMAINTOIP."` `di`, `".TABLE_PANEL_IPSANDPORTS."` `p`
+						WHERE `p`.`id` = `di`.`id_ipandports`
+						AND `di`.`id_domain` = :domainid
+						AND `p`.`ssl` = '1'
+						");
+				$ssl_ip = Database::pexecute_first($ip_stmt, array('domainid' => $domain['id']));
+
+				// set ssl info for domain
+				$domains[$domain['domain']]['ssl'] = '1';
+				$domains[$domain['domain']]['ssl_cert_file'] = $ssl_ip['ssl_cert_file'];
+				$domains[$domain['domain']]['ssl_key_file'] = $ssl_ip['ssl_key_file'];
+				$domains[$domain['domain']]['ssl_ca_file'] = $ssl_ip['ssl_ca_file'];
+				$domains[$domain['domain']]['ssl_cert_chainfile'] = $ssl_ip['ssl_cert_chainfile'];
+
+			}
+		}
+
+		return $domains;
+	}
+
+}

lib/functions/database/function.correctMysqlUsers.php

@@ -19,7 +19,7 @@
 
 function correctMysqlUsers($mysql_access_host_array) {
 
-	global $settings;
+	global $settings, $log;
 
 	// get sql-root access data
 	Database::needRoot(true);
@@ -27,24 +27,17 @@ function correctMysqlUsers($mysql_access_host_array) {
 	$sql_root = Database::getSqlData();
 	Database::needRoot(false);
 
-	foreach ($sql_root as $mysql_server => $mysql_server_details) {
+	$dbservers_stmt = Database::query("SELECT DISTINCT `dbserver` FROM `".TABLE_PANEL_DATABASES."`");
+	$mysql_servers = '';
 
-		Database::needRoot(true);
+	while ($dbserver = $dbservers_stmt->fetch(PDO::FETCH_ASSOC)) {
 
-		$users = array();
+		Database::needRoot(true, $dbserver['dbserver']);
-		$users_result_stmt = Database::query("SELECT * FROM `mysql`.`user`");
+		Database::needSqlData();
+		$sql_root = Database::getSqlData();
 
-		while ($users_row = $users_result_stmt->fetch(PDO::FETCH_ASSOC)) {
+		$dbm = new DbManager($settings, $log);
-			if (!isset($users[$users_row['User']])
+		$users = $dbm->getManager()->getAllSqlUsers(false);
-					|| !is_array($users[$users_row['User']])
-			) {
-				$users[$users_row['User']] = array(
-						'password' => $users_row['Password'],
-						'hosts' => array()
-				);
-			}
-			$users[$users_row['User']]['hosts'][] = $users_row['Host'];
-		}
 
 		$databases = array(
 				$sql_root['db']
@@ -53,7 +46,7 @@ function correctMysqlUsers($mysql_access_host_array) {
 			SELECT * FROM `" . TABLE_PANEL_DATABASES . "`
 			WHERE `dbserver` = :mysqlserver
 		");
-		Database::pexecute($databases_result_stmt, array('mysqlserver' => $mysql_server));
+		Database::pexecute($databases_result_stmt, array('mysqlserver' => $dbserver['dbserver']));
 
 		while ($databases_row = $databases_result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			$databases[] = $databases_row['databasename'];
@@ -74,34 +67,20 @@ function correctMysqlUsers($mysql_access_host_array) {
 					$mysql_access_host = trim($mysql_access_host);
 
 					if (!in_array($mysql_access_host, $users[$username]['hosts'])) {
-						$stmt = Database::prepare("GRANT ALL PRIVILEGES ON `" . $username . "`.*
+						$dbm->getManager()->grantPrivilegesTo($username, $password, $mysql_access_host);
-							TO :username@:host
-							IDENTIFIED BY 'password'"
-						);
-						Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host));
-						$stmt = Database::prepare("SET PASSWORD FOR :username@:host = :password");
-						Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host, "password" => $password));
 					}
 				}
 
 				foreach ($users[$username]['hosts'] as $mysql_access_host) {
 
 					if (!in_array($mysql_access_host, $mysql_access_host_array)) {
-
+						$dbm->getManager()->deleteUser($username, $mysql_access_host);
-						if (Database::getAttribute(PDO::ATTR_SERVER_VERSION) < '5.0.2') {
-							// Revoke privileges (only required for MySQL 4.1.2 - 5.0.1)
-							$stmt = Database::prepare("REVOKE ALL PRIVILEGES ON * . * FROM `". $username . "`@`".$mysql_access_host."`");
-							Database::pexecute($stmt);
-						}
-						// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
-						$stmt = Database::prepare("DROP USER :username@:host");
-						Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host));
 					}
 				}
 			}
 		}
 
-		Database::query('FLUSH PRIVILEGES');
+		$dbm->flushPrivileges();
 		Database::needRoot(false);
 	}
 }

lib/functions/filedir/function.makeSecurePath.php

@@ -26,12 +26,12 @@
  */
 function makeSecurePath($path) {
 
-	$search = Array(
+	$search = array(
 		'#/+#',
 		'#\.+#',
 		'#\0+#'
 	);
-	$replace = Array(
+	$replace = array(
 		'/',
 		'.',
 		''
@@ -41,5 +41,14 @@ function makeSecurePath($path) {
 	// it might be escaped already
 	$path = str_replace("\ ", " ", $path);
 	$path = str_replace(" ", "\ ", $path);
+
+	// check for bad characters, some are allowed with escaping
+	// but we generally don't want them in our directory-names,
+	// thx to aaronmueller for this snipped
+	$badchars = array(':', ';', '|', '&', '>', '<', '`', '$', '~', '?');
+	foreach ($badchars as $bc) {
+		str_replace($bc, "", $path);
+	}
+
 	return $path;
 }

lib/functions/froxlor/function.generatePassword.php

@@ -19,5 +19,9 @@
  * Generates a random password
  */
 function generatePassword() {
-	return substr(md5(uniqid(microtime(), 1)), 24, 10);
+	global $settings;
+	return substr(
+		base64_encode(sha1(md5(uniqid(microtime(), 1))).md5(uniqid(microtime(), 1)).sha1(md5(uniqid(microtime(), 1)))),
+		rand(5, 50), ($settings['panel']['password_min_length'] > 0 ? $settings['panel']['password_min_length'] : 10)
+	);
 }

lib/functions/validate/function.validateUsername.php

@@ -35,6 +35,6 @@ function validateUsername($username, $unix_names = 1, $mysql_max = '') {
 			return false;
 		}
 	} else {
-		return (preg_match('/^[a-z][a-z0-9]{1,' . (int)$mysql_max . '}$/Di', $username) != false);
+		return (preg_match('/^[a-z][a-z0-9]{1,' . $mysql_max . '}$/Di', $username) != false);
 	}
 }

lib/init.php

@@ -61,7 +61,7 @@ unset($_);
 unset($value);
 unset($key);
 
-$filename = basename($_SERVER['PHP_SELF']);
+$filename = htmlentities(basename($_SERVER['PHP_SELF']));
 
 // define default theme for configurehint, etc.
 $_deftheme = 'Sparkle';

lib/tables.inc.php

@@ -72,6 +72,6 @@ define('PACKAGE_LOCKED', 1);
 define('PACKAGE_ENABLED', 2);
 
 // VERSION INFO
-$version = '0.9.31-rc1';
+$version = '0.9.31-rc2';
 $dbversion = '2';
 $branding = '';

lng/dutch.lng.php

@@ -1340,7 +1340,7 @@ $lng['serversettings']['froxlordirectlyviahostname'] = 'Froxlor is direct toegan
 
 // ADDED IN FROXLOR 0.9.11-svn1
 $lng['serversettings']['panel_password_regex']['title'] = 'Reguliere expressie voor wachtwoorden';
-$lng['serversettings']['panel_password_regex']['description'] = 'Hier kunt u een reguliere expressie opgeven voor de complexiteit van wachtwoorden.<br />Leeg betekent geen speciale complexiteit<br />(<a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/En-password-regex-examples">regex hulp/voorbeelden</a>)';
+$lng['serversettings']['panel_password_regex']['description'] = 'Hier kunt u een reguliere expressie opgeven voor de complexiteit van wachtwoorden.<br />Leeg betekent geen speciale complexiteit';
 $lng['error']['notrequiredpasswordcomplexity'] = 'Er is niet voldaan aan de complexiteit voor het wachtwoord (regex: %s)';
 
 // ADDED IN FROXLOR 0.9.11-svn2
@@ -1354,7 +1354,7 @@ $lng['serversettings']['perl_path']['description'] = 'Alleen relevant voor light
 // ADDED IN FROXLOR 0.9.12-svn1
 $lng['admin']['fcgid_settings'] = 'FCGID';
 $lng['serversettings']['mod_fcgid_ownvhost']['title'] = 'FCGID inschakelen voor de VHost voor Froxlor';
-$lng['serversettings']['mod_fcgid_ownvhost']['description'] = 'Indien ingeschakeld wordt Froxlor ook uitgevoerd onder een lokale gebruiker<br /><strong>Let op:</strong>Dit vereist handmatige configuratie, zie <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/FCGID_-_handbook">FCGID - handbook</a>';
+$lng['serversettings']['mod_fcgid_ownvhost']['description'] = 'Indien ingeschakeld wordt Froxlor ook uitgevoerd onder een lokale gebruiker<br /><strong>Let op:</strong>Dit vereist handmatige configuratie, zie <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_fcgid">FCGID - handbook</a>';
 $lng['admin']['mod_fcgid_user'] = 'Lokale gebruiker voor FCGID (Froxlor vhost)';
 $lng['admin']['mod_fcgid_group'] = 'Lokale groep voor FCGID (Froxlor vhost)';
 

lng/english.lng.php

@@ -537,7 +537,7 @@ $lng['panel']['back'] = 'Back';
 // ADDED IN 1.2.16-svn12
 
 $lng['serversettings']['mod_fcgid']['title'] = 'Enable FCGID';
-$lng['serversettings']['mod_fcgid']['description'] = 'Use this to run PHP with the corresponding useraccount.<br /><br /><b>This needs a special webserver configuration for Apache, see <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/FCGID_-_handbook">FCGI - handbook</a></b>';
+$lng['serversettings']['mod_fcgid']['description'] = 'Use this to run PHP with the corresponding useraccount.<br /><br /><b>This needs a special webserver configuration for Apache, see <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_fcgid">FCGID - handbook</a></b>';
 $lng['serversettings']['sendalternativemail']['title'] = 'Use alternative email-address';
 $lng['serversettings']['sendalternativemail']['description'] = 'Send the password-email to a different address during email-account-creation';
 $lng['emails']['alternative_emailaddress'] = 'Alternative e-mail-address';
@@ -1418,7 +1418,7 @@ $lng['serversettings']['froxlordirectlyviahostname'] = 'Access Froxlor directly
 
 // ADDED IN FROXLOR 0.9.11-svn1
 $lng['serversettings']['panel_password_regex']['title'] = 'Regular expression for passwords';
-$lng['serversettings']['panel_password_regex']['description'] = 'Here you can set a regular expression for passwords-complexity.<br />Empty = no specific requirement<br />(<a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/En-password-regex-examples">regex help/examples</a>)';
+$lng['serversettings']['panel_password_regex']['description'] = 'Here you can set a regular expression for passwords-complexity.<br />Empty = no specific requirement';
 $lng['error']['notrequiredpasswordcomplexity'] = 'The specified password-complexity was not satisfied.<br />Please contact your administrator if you have any questions about the complexity-specification';
 
 // ADDED IN FROXLOR 0.9.11-svn2
@@ -1503,7 +1503,8 @@ $lng['serversettings']['phpreload_command']['description'] = 'this is used to re
 $lng['error']['intvaluetoolow'] = 'The given number is too low (field %s)';
 $lng['error']['intvaluetoohigh'] = 'The given number is too high (field %s)';
 $lng['admin']['phpfpm_settings'] = 'PHP-FPM';
-$lng['serversettings']['phpfpm'] = 'Enable php-fpm';
+$lng['serversettings']['phpfpm']['title'] = 'Enable php-fpm';
+$lng['serversettings']['phpfpm']['description'] = '<b>This needs a special webserver configuration see FPM-handbook for <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_phpfpm">Apache2</a> or <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookNginx_phpfpm">nginx</a></b>';
 $lng['serversettings']['phpfpm_settings']['configdir'] = 'Configuration directory of php-fpm';
 $lng['serversettings']['phpfpm_settings']['aliasconfigdir'] = 'Configuration Alias-directory of php-fpm';
 $lng['serversettings']['phpfpm_settings']['reload'] = 'php-fpm restart command';
@@ -1996,3 +1997,8 @@ $lng['serversettings']['allow_error_report_customer']['description'] = 'Please n
 $lng['admin']['phpsettings']['enable_slowlog'] = 'Enable slowlog (per domain)';
 $lng['admin']['phpsettings']['request_terminate_timeout'] = 'Request terminate-timeout';
 $lng['admin']['phpsettings']['request_slowlog_timeout'] = 'Request slowlog-timeout';
+$lng['admin']['templates']['SERVER_HOSTNAME'] = 'Replaces the system-hostname (URL to froxlor)';
+$lng['admin']['templates']['SERVER_IP'] = 'Replaces the default server ip-address';
+$lng['admin']['templates']['SERVER_PORT'] = 'Replaces the default server port';
+$lng['admin']['templates']['DOMAINNAME'] = 'Replaces the customers standard-subdomain (can be empty if none is generated)';
+$lng['admin']['show_news_feed'] = 'Show news-feed on admin-dashboard';

lng/german.lng.php

@@ -536,7 +536,7 @@ $lng['panel']['back'] = 'Zurück';
 // ADDED IN 1.2.16-svn12
 
 $lng['serversettings']['mod_fcgid']['title'] = 'PHP über mod_fcgid/suexec einbinden';
-$lng['serversettings']['mod_fcgid']['description'] = 'PHP unter dem jeweiligen Useraccount laufen lassen.<br /><br /><b>Dies benötigt eine spezielle Webserver-Konfiguration für Apache, siehe <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/FCGID_-_Handbuch">FCGID-Handbuch</a>.</b>';
+$lng['serversettings']['mod_fcgid']['description'] = 'PHP wird unter dem Benutzer des Kunden ausgeführt.<br /><br /><b>Dies benötigt eine spezielle Webserver-Konfiguration für Apache, siehe <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_fcgid">FCGID-Handbuch</a>.</b>';
 $lng['serversettings']['sendalternativemail']['title'] = 'Alternative E-Mail-Adresse benutzen';
 $lng['serversettings']['sendalternativemail']['description'] = 'Während des Erstellens eines Accounts das Passwort an eine andere E-Mail-Adresse senden';
 $lng['emails']['alternative_emailaddress'] = 'Alternative E-Mail-Adresse';
@@ -1396,7 +1396,7 @@ $lng['serversettings']['froxlordirectlyviahostname'] = 'Froxlor direkt über den
 
 // ADDED IN FROXLOR 0.9.11-svn1
 $lng['serversettings']['panel_password_regex']['title'] = 'Regulärer Ausdruck für Passwörter';
-$lng['serversettings']['panel_password_regex']['description'] = 'Hier können Sie einen regulären Ausdruck für Passwort-Komplexität festlegen.<br />Leer = keine bestimmten Anforderungen<br />(<a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/En-password-regex-examples">RegEx Hilfe/Beispiele</a>)';
+$lng['serversettings']['panel_password_regex']['description'] = 'Hier können Sie einen regulären Ausdruck für Passwort-Komplexität festlegen.<br />Leer = keine bestimmten Anforderungen';
 $lng['error']['notrequiredpasswordcomplexity'] = 'Die vorgegebene Passwort-Komplexität wurde nicht erfüllt.<br />Bitte kontaktieren Sie Ihren Administrator, wenn Sie Fragen zur Komplexitäts-Vorgabe haben.';
 
 // ADDED IN FROXLOR 0.9.11-svn2
@@ -1481,7 +1481,8 @@ $lng['serversettings']['phpreload_command']['description'] = 'Dieser wird benöt
 $lng['error']['intvaluetoolow'] = 'Die angegebene Zahl ist zu klein (Feld "%s")';
 $lng['error']['intvaluetoohigh'] = 'Die angegebene Zahl ist zu groß (Feld "%s")';
 $lng['admin']['phpfpm_settings'] = 'PHP-FPM';
-$lng['serversettings']['phpfpm'] = 'Aktiviere php-fpm';
+$lng['serversettings']['phpfpm']['title'] = 'Aktiviere PHP-FPM';
+$lng['serversettings']['phpfpm']['description'] = '<b>Dies benötigt eine spezielle Webserver-Konfiguration, siehe FPM-Handbuch für <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_phpfpm">Apache2</a> oder <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookNginx_phpfpm">nginx</a></b>';
 $lng['serversettings']['phpfpm_settings']['configdir'] = 'Pfad zu php-fpm-Konfigurationen';
 $lng['serversettings']['phpfpm_settings']['aliasconfigdir'] = 'Alias-Ordner der php-fpm Konfiguration';
 $lng['serversettings']['phpfpm_settings']['reload'] = 'Kommando zum Neustarten von php-fpm';
@@ -1722,3 +1723,8 @@ $lng['serversettings']['allow_error_report_customer']['description'] = 'Bitte be
 $lng['admin']['phpsettings']['enable_slowlog'] = 'FPM slowlog pro Domain aktivieren';
 $lng['admin']['phpsettings']['request_terminate_timeout'] = 'Request terminate-timeout';
 $lng['admin']['phpsettings']['request_slowlog_timeout'] = 'Request slowlog-timeout';
+$lng['admin']['templates']['SERVER_HOSTNAME'] = 'Wird mit dem System-Hostname (URL zu froxlor) ersetzt';
+$lng['admin']['templates']['SERVER_IP'] = 'Wird mit der standard System IP-Adresse ersetzt';
+$lng['admin']['templates']['SERVER_PORT'] = 'Wird mit dem standard Port ersetzt';
+$lng['admin']['templates']['DOMAINNAME'] = 'Wird mit der Standardsubdomain des Kunden ersetzt (kann leer sein, wenn keine erstellt werden soll)';
+$lng['admin']['show_news_feed'] = 'Zeige News-Feed im Admin-Dashboard';

lng/italian.lng.php

@@ -1382,7 +1382,7 @@ $lng['serversettings']['froxlordirectlyviahostname'] = 'Accedi direttamente a Fr
 
 // ADDED IN FROXLOR 0.9.11-svn1
 $lng['serversettings']['panel_password_regex']['title'] = 'Espressione per le password';
-$lng['serversettings']['panel_password_regex']['description'] = 'Qui è possibile impostare una espressione regolare per la complessità delle password.<br />Vuoto = nessun requisito specificato<br />(<a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/En-password-regex-examples">aiuto/esempi regex</a>)';
+$lng['serversettings']['panel_password_regex']['description'] = 'Qui è possibile impostare una espressione regolare per la complessità delle password.<br />Vuoto = nessun requisito specificato';
 $lng['error']['notrequiredpasswordcomplexity'] = 'La complessita della password specificata non è soddisfacente.<br />Si prega di contattare l\'amministratore se avete domande sulla complessità della password';
 
 // ADDED IN FROXLOR 0.9.11-svn2
@@ -1396,7 +1396,7 @@ $lng['serversettings']['perl_path']['description'] = 'Rilevante solo se si utili
 // ADDED IN FROXLOR 0.9.12-svn1
 $lng['admin']['fcgid_settings'] = 'FCGID';
 $lng['serversettings']['mod_fcgid_ownvhost']['title'] = 'Abilita FCGID per i vhost Froxlor';
-$lng['serversettings']['mod_fcgid_ownvhost']['description'] = 'Se attivato, Froxlor verrà eseguito con un utente locale<br /><strong>ATTENZIONE:</strong>Questo richiede una configurazione manuale, vedi <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/FCGID_-_handbook">FCGID - handbook</a>';
+$lng['serversettings']['mod_fcgid_ownvhost']['description'] = 'Se attivato, Froxlor verrà eseguito con un utente locale<br /><strong>ATTENZIONE:</strong>Questo richiede una configurazione manuale, vedi <a target="blank" href="http://redmine.froxlor.org/projects/froxlor/wiki/HandbookApache2_fcgid">FCGID - handbook</a>';
 $lng['admin']['mod_fcgid_user'] = 'Utente locale per FCGID (Froxlor vhost)';
 $lng['admin']['mod_fcgid_group'] = 'Gruppo locale per FCGID (Froxlor vhost)';
 

scripts/jobs/cron_tasks.inc.dns.10.bind.php

@@ -257,6 +257,9 @@ class bind
 				/*&& $domain['spf'] == '1' */
 		) {
 			$zonefile.= $this->settings['spf']['spf_entry'] . "\n";
+			if (in_array('mail', $records)) {
+				$zonefile.= str_replace('@', 'mail', $this->settings['spf']['spf_entry']) . "\n";
+			}
 		}
 
 		/**

scripts/jobs/cron_tasks.inc.http.10.apache.php

@@ -782,34 +782,11 @@ class apache
 	/**
 	 *	We compose the virtualhost entries for the domains
 	 */
-	public function createVirtualHosts()
+	public function createVirtualHosts() {
-	{
+
-		$query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`,
+		$domains = WebserverBase::getVhostsToCreate();
-			`d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`, 
+		foreach ($domains as $domain) {
-			`c`.`documentroot` AS `customerroot`, `c`.`deactivated`,
-			`c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`, 
-			`d`.`mod_fcgid_maxrequests`, `p`.`ssl` AS `ssl`,
-			`p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` 
-			  FROM `".TABLE_PANEL_DOMAINS."` `d`
-      
-			  LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`) 
-			  LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`)
-			  
-			  INNER JOIN (
-			    SELECT * FROM ( 
-			      SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` 
-			      FROM `".TABLE_DOMAINTOIP."` `di` , `".TABLE_PANEL_IPSANDPORTS."` `p` 
-			      WHERE `p`.`id` = `di`.`id_ipandports` 
-			      ORDER BY `p`.`ssl` DESC 
-			    ) AS my_table_tmp
-			    GROUP BY `id_domain`
-			  ) AS p ON p.`id_domain` = `d`.`id`
-			  
-			  WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1'
-			  ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;";
 
-		$result_domains_stmt = Database::query($query);
-		while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
 			fwrite($this->debugHandler, '  apache::createVirtualHosts: creating vhost container for domain ' . $domain['id'] . ', customer ' . $domain['loginname'] . "\n");
 			$this->logger->logAction(CRON_ACTION, LOG_INFO, 'creating vhost container for domain ' . $domain['id'] . ', customer ' . $domain['loginname']);
 			$vhosts_filename = $this->getVhostFilename($domain);

scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php

@@ -34,6 +34,11 @@ class apache_fcgid extends apache
 				if ($domain['ssl'] == 1 && $ssl_vhost) {
 					$srvName = 'ssl-fpm.external';
 				}
+				// #1317 - perl is executed via apache and therefore, when using fpm, does not know the user
+				// which perl is supposed to run as, hence the need for Suexec need
+				if (customerHasPerlEnabled($domain['customerid'])) {
+					$php_options_text.= '  SuexecUserGroup "' . $domain['loginname'] . '" "' . $domain['loginname'] . '"' . "\n";
+				}
 				$php_options_text.= '  FastCgiExternalServer ' . $php->getInterface()->getAliasConfigDir() . $srvName . ' -socket ' . $php->getInterface()->getSocketFile()  . ' -idle-timeout ' . $this->settings['phpfpm']['idle_timeout'] . "\n";
 				$php_options_text.= '  <Directory "' . makeCorrectDir($domain['documentroot']) . '">' . "\n";
 				$php_options_text.= '    <FilesMatch "\.php$">' . "\n";

scripts/jobs/cron_tasks.inc.http.20.lighttpd.php

@@ -287,36 +287,10 @@ class lighttpd
 	{
 	}
 
-	protected function createLighttpdHosts($ipid, $ssl, $vhost_filename)
+	protected function createLighttpdHosts($ipid, $ssl, $vhost_filename) {
-	{
-		$query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`,
-			`d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`,
-			`c`.`documentroot` AS `customerroot`, `c`.`deactivated`,
-			`c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`,
-			`d`.`mod_fcgid_maxrequests`, `p`.`ssl` AS `ssl`,
-			`p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile`
-			  FROM `".TABLE_PANEL_DOMAINS."` `d`
 
-			  LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`)
+		$domains = WebserverBase::getVhostsToCreate();
-			  LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`)
+		foreach ($domains as $domain) {
-
-			  INNER JOIN (
-			    SELECT * FROM (
-			      SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile`
-			      FROM `".TABLE_DOMAINTOIP."` `di` , `".TABLE_PANEL_IPSANDPORTS."` `p`
-			      WHERE `p`.`id` = `di`.`id_ipandports`
-			      AND `p`.`id` = '".(int)$ipid."'
-			      ORDER BY `p`.`ssl` DESC
-			    ) AS my_table_tmp
-			    GROUP BY `id_domain`
-			  ) AS p ON p.`id_domain` = `d`.`id`
-
-			  WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1'
-			  ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;";
-
-		$included_vhosts = array();
-		$result_domains_stmt = Database::query($query);
-		while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
 
 			if (is_dir($this->settings['system']['apacheconf_vhost'])) {
 				safe_exec('mkdir -p '.escapeshellarg(makeCorrectDir($this->settings['system']['apacheconf_vhost'].'/vhosts/')));

scripts/jobs/cron_tasks.inc.http.30.nginx.php

@@ -247,34 +247,13 @@ class nginx
 		$this->_createStandardErrorHandler();
 	}
 
-	protected function createNginxHosts()
+	/**
-	{
+	 * create vhosts
-		$query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`,
+	 */
-			`d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`, 
+	protected function createNginxHosts() {
-			`c`.`documentroot` AS `customerroot`, `c`.`deactivated`,
-			`c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`, 
-			`d`.`mod_fcgid_maxrequests`, `p`.`ssl` AS `ssl`,
-			`p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` 
-			  FROM `".TABLE_PANEL_DOMAINS."` `d`
-      
-			  LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`) 
-			  LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`)
-			  
-			  INNER JOIN (
-			    SELECT * FROM ( 
-			      SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` 
-			      FROM `".TABLE_DOMAINTOIP."` `di` , `".TABLE_PANEL_IPSANDPORTS."` `p` 
-			      WHERE `p`.`id` = `di`.`id_ipandports` 
-			      ORDER BY `p`.`ssl` DESC 
-			    ) AS my_table_tmp
-			    GROUP BY `id_domain`
-			  ) AS p ON p.`id_domain` = `d`.`id`
-			  
-			  WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1'
-			  ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;";
 
-		$result_domains_stmt = Database::query($query);
+		$domains = WebserverBase::getVhostsToCreate();
-		while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
+		foreach ($domains as $domain) {
 
 			if (is_dir($this->settings['system']['apacheconf_vhost'])) {
 				safe_exec('mkdir -p '.escapeshellarg(makeCorrectDir($this->settings['system']['apacheconf_vhost'])));

templates/Froxlor/admin/templates/templates_add_2.tpl

@@ -77,6 +77,22 @@ $header
 					<td><em>{PASSWORD}</em></td>
 					<td>{$lng['admin']['templates']['PASSWORD']}</td>
 				</tr>
+				<tr>
+					<td><em>{SERVER_HOSTNAME}</em></td>
+					<td>{$lng['admin']['templates']['SERVER_HOSTNAME']}</td>
+				</tr>
+				<tr>
+					<td><em>{SERVER_IP}</em></td>
+					<td>{$lng['admin']['templates']['SERVER_IP']}</td>
+				</tr>
+				<tr>
+					<td><em>{SERVER_PORT}</em></td>
+					<td>{$lng['admin']['templates']['SERVER_PORT']}</td>
+				</tr>
+				<tr>
+					<td><em>{DOMAINNAME}</em></td>
+					<td>{$lng['admin']['templates']['DOMAINNAME']}</td>
+				</tr>
 				<tr>
 					<td colspan="2">
 						<strong>{$lng['admin']['templates']['pop_success']}</strong>

templates/Froxlor/admin/templates/templates_edit.tpl

@@ -78,6 +78,22 @@ $header
 					<td><em>{PASSWORD}</em></td>
 					<td>{$lng['admin']['templates']['PASSWORD']}</td>
 				</tr>
+				<tr>
+					<td><em>{SERVER_HOSTNAME}</em></td>
+					<td>{$lng['admin']['templates']['SERVER_HOSTNAME']}</td>
+				</tr>
+				<tr>
+					<td><em>{SERVER_IP}</em></td>
+					<td>{$lng['admin']['templates']['SERVER_IP']}</td>
+				</tr>
+				<tr>
+					<td><em>{SERVER_PORT}</em></td>
+					<td>{$lng['admin']['templates']['SERVER_PORT']}</td>
+				</tr>
+				<tr>
+					<td><em>{DOMAINNAME}</em></td>
+					<td>{$lng['admin']['templates']['DOMAINNAME']}</td>
+				</tr>
 				<tr>
 					<td colspan="2">
 						<strong>{$lng['admin']['templates']['pop_success']}</strong>

templates/Sparkle/admin/index/index.tpl

@@ -195,7 +195,8 @@ $header
 			
 		</section>
 		
-		
+
+		<if $settings['admin']['show_news_feed'] == '1'>
 		<section class="dboarditem bradius" id="newsfeed" style="display: none">
 			<table>
 				<tr>
@@ -204,7 +205,8 @@ $header
 			</table>
 			<div id="newsfeeditems"></div>
 		</section>
-		
+		</if>
+
 		<section class="dboarditem bradius">
 		<table>
 		<tr>

templates/Sparkle/admin/settings/phpinfo.tpl

@@ -7,7 +7,7 @@ $header
 			</h2>
 		</header>
 
-		<section class="dboarditemfull bradius">
+		<section class="dboarditemfull bradius" style="overflow: scroll;">
 			<table width="100%">
 				{$phpinfo}
 			</table>

templates/Sparkle/admin/templates/templates.tpl

@@ -31,6 +31,8 @@ $header
 
 	</article>
 	<br />
+	<br />
+	<br />
 	<article>
 		<header>
 			<h2>

templates/Sparkle/admin/templates/templates_add_1.tpl

@@ -10,18 +10,23 @@ $header
 		<section class="tinyform bradius">
 			<form method="post" action="{$linker->getLink(array('section' => 'templates'))}" enctype="application/x-www-form-urlencoded">
 				<fieldset>
-				<legend>Froxlor&nbsp;-&nbsp;{$lng['menue']['main']['changelanguage']}</legend>
+					<legend>Froxlor&nbsp;-&nbsp;{$lng['menue']['main']['changelanguage']}</legend>
-				<p>
-					<label for="language">{$lng['login']['language']}:</label>&nbsp;
-					<select id="language" name="language">$language_options</select>
-				</p>
-				<p class="submit">
 					<input type="hidden" name="s" value="$s" />
 					<input type="hidden" name="page" value="$page" />
 					<input type="hidden" name="action" value="$action" />
 					<input type="hidden" name="prepare" value="prepare" />
-					<input type="submit" value="{$lng['panel']['next']}" />
+						
-				</p>
+					<table class="formtable tinyform">
+						<tr>
+							<td><label for="language">{$lng['login']['language']}:</label></td>
+							<td><select id="language" name="language">$language_options</select></td>
+						</tr>
+						<tfoot>
+							<tr>
+								<td colspan="2" align="center"><input type="submit" value="{$lng['panel']['next']}" /></td>
+							</tr>
+						</tfoot>
+					</table>
 				</fieldset>
 			</form>
 		</section>

templates/Sparkle/assets/css/main.css

@@ -22,6 +22,10 @@ body {
 	padding:0;
 }
 
+strong {
+	font-weight: 600;
+}
+
 .content {
 	background-color: #f7f8fa;
 	margin-top: 53px;
@@ -953,8 +957,8 @@ label.nobr {
 .newsitem {
 	border-bottom: 1px solid #f1f2f3;
 	padding: 6px 5px 8px 5px;
-	height: 36px;
+	height: 52px;
-	line-height: 20px;
+	line-height: 18px;
 	margin: 0 5px;
 	overflow: hidden; 
 	text-overflow: ellipsis;
@@ -962,6 +966,7 @@ label.nobr {
 }
 .newsitem a {
 	color: #333;
+	line-height: 12px;
 }
 .newsitem a:hover {
 	text-decoration: none;
@@ -972,3 +977,7 @@ label.nobr {
 .newsitem b {
 	margin-right: 15px;
 }
+.newsitem small {
+	font-size: 8px;
+	color: gray;
+}

templates/Sparkle/assets/js/main.js

@@ -38,7 +38,7 @@ $(document).ready(function() {
 	var snheight = $('#sidenavigation').height();
 	var mainheight = $('#maincontent').height();
 	if (snheight > mainheight) {
-		$('#maincontent').height(snheight - 60);
+		$('#maincontent').height(snheight);
 	}
 
 	// this is necessary for the special setting feature (ref #1010)

templates/misc/configfiles/debian_squeeze/dovecot/etc_dovecot_dovecot.conf

@@ -1,4 +1,4 @@
-protocols = imap pop3 <SSLPROTOCOLS>
+#protocols = imap pop3 <SSLPROTOCOLS>
 listen = *
 mail_access_groups = vmail
 mail_debug = no
@@ -25,8 +25,8 @@ protocol pop3 {
     
 }
 protocol lda {
-	# postmaster is the one in charge of the mail system. MUST be set to a valid address!
+    # postmaster is the one in charge of the mail system. MUST be set to a valid address!
-    postmaster_address = <postmaster-address>
+    postmaster_address = postmaster@<SERVERNAME>
     auth_socket_path = /var/run/dovecot/auth-master
     mail_plugins = quota
     sendmail_path = /usr/sbin/sendmail

templates/misc/configfiles/debian_wheezy/dovecot/etc_dovecot_conf.d_15-lda.conf

@@ -4,7 +4,7 @@
 
 # Address to use when sending rejection mails.
 # Default is postmaster@<your domain>.
-#postmaster_address = <postmaster-address>
+#postmaster_address = postmaster@<SERVERNAME>
 
 # Hostname to use in various parts of sent mails, eg. in Message-Id.
 # Default is the system's real hostname.

templates/misc/configfiles/freebsd/dovecot2/usr_local_etc_dovecot_dovecot.conf

@@ -133,6 +133,6 @@ protocol imap {
 protocol lmtp {
 
 	mail_plugins = $mail_plugins
-	postmaster_address = postmaster@example.net
+	postmaster_address = postmaster@<SERVERNAME>
 
 }

templates/misc/configfiles/gentoo/dovecot/etc_dovecot_dovecot.conf

@@ -59,7 +59,7 @@ protocol lda {
 	auth_socket_path = /var/run/dovecot/auth-master
 	mail_plugins = quota
 	# postmaster is the one in charge of the mail system. MUST be set to a valid address!
-	postmaster_address = admin@<SERVERNAME>
+	postmaster_address = postmaster@<SERVERNAME>
 	sendmail_path = /usr/sbin/sendmail
 	lda_mailbox_autocreate = 1
 }

templates/misc/configfiles/opensuse_11_x/dovecot/etc_dovecot_dovecot.conf

@@ -25,8 +25,8 @@ protocol pop3 {
     
 }
 protocol lda {
-	# postmaster is the one in charge of the mail system. MUST be set to a valid address!
+    # postmaster is the one in charge of the mail system. MUST be set to a valid address!
-    postmaster_address = <postmaster-address>
+    postmaster_address = postmaster@<SERVERNAME>
     auth_socket_path = /var/run/dovecot/auth-master
     mail_plugins = quota
     sendmail_path = /usr/sbin/sendmail

templates/misc/configfiles/ubuntu_lucid/dovecot/etc_dovecot_conf.d_01-dovecot-postfix.conf

@@ -28,7 +28,7 @@ protocol pop3 {
 # LDA configuration
 protocol lda {
         # postmaster is the one in charge of the mail system. MUST be set to a valid address!
-        postmaster_address = <postmaster-address>
+        postmaster_address = postmaster@<SERVERNAME>
         mail_plugins = quota
         deliver_log_format = msgid=%m: %$
         rejection_reason = Your message to <%t> was automatically rejected:%n%r

templates/misc/configfiles/ubuntu_precise/dovecot/etc_dovecot_conf.d_01_mail_stack_delivery.conf

@@ -25,7 +25,7 @@ protocol pop3 {
 
 # LDA configuration
 protocol lda {
-        postmaster_address = postmaster
+        postmaster_address = postmaster@<SERVERNAME>
 	mail_plugins = sieve quota
         quota_full_tempfail = yes
         deliver_log_format = msgid=%m: %$