do not allow to enable fcgid/fpm at the same time when both are set to 'yes' simultaneously in settings

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>

admin_admins.php

@@ -372,7 +372,7 @@ if ($page == 'admins'
 
 				$ins_data = array(
 					'loginname' => $loginname,
-					'password' => md5($password),
+					'password' => makeCryptPassword($password),
 					'name' => $name,
 					'email' => $email,
 					'lang' => $def_language,
@@ -637,7 +637,7 @@ if ($page == 'admins'
 				} else {
 					if ($password != '') {
 						$password = validatePassword($password);
-						$password = md5($password);
+						$password = makeCryptPassword($password);
 					} else {
 						$password = $result['password'];
 					}

admin_customers.php

@@ -645,7 +645,7 @@ if ($page == 'customers'
 					$ins_data = array(
 						'adminid' => $userinfo['adminid'],
 						'loginname' => $loginname,
-						'passwd' => md5($password),
+						'passwd' => makeCryptPassword($password),
 						'name' => $name,
 						'firstname' => $firstname,
 						'gender' => $gender,
@@ -1215,7 +1215,7 @@ if ($page == 'customers'
 
 					if ($password != '') {
 						$password = validatePassword($password);
-						$password = md5($password);
+						$password = makeCryptPassword($password);
 					} else {
 						$password = $result['password'];
 					}

admin_index.php

@@ -199,7 +199,7 @@ if ($page == 'overview') {
 	) {
 		$old_password = validate($_POST['old_password'], 'old password');
 
-		if (md5($old_password) != $userinfo['password']) {
+		if (!validatePasswordLogin($userinfo,$old_password,TABLE_PANEL_ADMINS,'adminid')) {
 			standard_error('oldpasswordnotcorrect');
 			exit;
 		}
@@ -219,13 +219,11 @@ if ($page == 'overview') {
 			$chgpwd_stmt = Database::prepare("
 				UPDATE `" . TABLE_PANEL_ADMINS . "`
 				SET `password`= :newpasswd
-				WHERE `adminid`= :adminid
-				AND `password`= :oldpasswd"
+				WHERE `adminid`= :adminid"
 			);
 			Database::pexecute($chgpwd_stmt, array(
-				'newpasswd' => md5($new_password),
-				'adminid' => (int)$userinfo['adminid'],
-				'oldpasswd' => md5($old_password)
+				'newpasswd' => makeCryptPassword($new_password),
+				'adminid' => (int)$userinfo['adminid']
 			));
 			$log->logAction(ADM_ACTION, LOG_NOTICE, 'changed password');
 			redirectTo($filename, Array('s' => $s));

customer_email.php

@@ -451,7 +451,7 @@ if ($page == 'overview') {
 						standard_error('passwordshouldnotbeusername');
 					} else {
 						if ($password == '') {
-							$password = substr(md5(uniqid(microtime(), 1)), 12, 6);
+							$password = generatePassword();
 						}
 
 						$cryptPassword = makeCryptPassword($password);

customer_index.php

@@ -99,7 +99,7 @@ if ($page == 'overview') {
 } elseif ($page == 'change_password') {
 	if (isset($_POST['send']) && $_POST['send'] == 'send') {
 		$old_password = validate($_POST['old_password'], 'old password');
-		if (md5($old_password) != $userinfo['password']) {
+		if (!validatePasswordLogin($userinfo,$old_password,TABLE_PANEL_CUSTOMERS,'customerid')) {
 			standard_error('oldpasswordnotcorrect');
 			exit;
 		}
@@ -119,13 +119,11 @@ if ($page == 'overview') {
 			// Update user password
 			$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
 				SET `password` = :newpassword
-				WHERE `customerid` = :customerid
-				AND `password` = :oldpassword"
+				WHERE `customerid` = :customerid"
 			);
 			$params = array(
-				"newpassword" => md5($new_password),
-				"customerid" => $userinfo['customerid'],
-				"oldpassword" => md5($old_password)
+				"newpassword" => makeCryptPassword($new_password),
+				"customerid" => $userinfo['customerid']
 			);
 			Database::pexecute($stmt, $params);
 			$log->logAction(USR_ACTION, LOG_NOTICE, 'changed password');

index.php

@@ -511,7 +511,7 @@ if ($action == 'resetpwd') {
 								WHERE `customerid` = :userid"
 							);
 						}
-						Database::pexecute($stmt, array("newpassword" => md5($new_password), "userid" => $result['userid']));
+						Database::pexecute($stmt, array("newpassword" => makeCryptPassword($new_password), "userid" => $result['userid']));
 
 						$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'password_reset'));
 						$rstlog->logAction(USR_ACTION, LOG_NOTICE, "changed password using password reset.");

install/froxlor.sql

@@ -538,7 +538,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('panel', 'password_numeric', '0'),
 	('panel', 'password_special_char_required', '0'),
 	('panel', 'password_special_char', '!?<>§$%+#=@'),
-	('panel', 'version', '0.9.33-rc2');
+	('panel', 'version', '0.9.33-rc3');
 
 
 DROP TABLE IF EXISTS `panel_tasks`;

install/lib/class.FroxlorInstall.php

@@ -372,7 +372,8 @@ class FroxlorInstall {
 		$content .= $this->_status_message('begin', $this->_lng['install']['adding_admin_user']);
 		$ins_data = array(
 				'loginname' => $this->_data['admin_user'],
-				'password' => md5($this->_data['admin_pass1']),
+				/* use SHA256 default crypt */
+				'password' => crypt($this->_data['admin_pass1'], '$5$'. md5(uniqid(microtime(), 1)) . md5(uniqid(microtime(), 1))),
 				'email' => 'admin@' . $this->_data['servername'],
 				'deflang' => $this->_languages[$this->_activelng]
 		);

install/updates/froxlor/0.9/update_0.9.inc.php

@@ -2876,3 +2876,11 @@ if (isFroxlorVersion('0.9.33-rc1')) {
 
 	updateToVersion('0.9.33-rc2');
 }
+
+if (isFroxlorVersion('0.9.33-rc2')) {
+
+	showUpdateStep("Updating from 0.9.33-rc2 to 0.9.33-rc3");
+	lastStepStatus(0);
+	updateToVersion('0.9.33-rc3');
+
+}

lib/functions/validate/function.checkFcgidPhpFpm.php

@@ -14,25 +14,49 @@
  * @package    Functions
  *
  */
-
-function checkFcgidPhpFpm($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues) {
-
-	$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_OK);
-
-	// check whether fcgid should be enabled but php-fpm is
-	if($fieldname == 'system_mod_fcgid_enabled'
-		&& (int)$newfieldvalue == 1
-		&& (int)Settings::Get('phpfpm.enabled') == 1
-	) {
-		$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_ERROR, 'phpfpmstillenabled');
-	}
-	// check whether php-fpm should be enabled but fcgid is
-	elseif($fieldname == 'system_phpfpm_enabled'
-		&& (int)$newfieldvalue == 1
-		&& (int)Settings::Get('system.mod_fcgid') == 1
-	) {
-		$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_ERROR, 'fcgidstillenabled');
-	}
-
-	return $returnvalue;
+function checkFcgidPhpFpm($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues)
+{
+    $returnvalue = array(
+        FORMFIELDS_PLAUSIBILITY_CHECK_OK
+    );
+    
+    $check_array = array(
+        'system_mod_fcgid_enabled' => array(
+            'other_post_field' => 'system_phpfpm_enabled',
+            'other_enabled' => 'phpfpm.enabled',
+            'other_enabled_lng' => 'phpfpmstillenabled'
+        ),
+        'system_phpfpm_enabled' => array(
+            'other_post_field' => 'system_mod_fcgid_enabled',
+            'other_enabled' => 'system.mod_fcgid',
+            'other_enabled_lng' => 'fcgidstillenabled'
+        )
+    );
+    
+    // interface is to be enabled
+    if ((int) $newfieldvalue == 1) {
+        // check for POST value of the other field == 1 (active)
+        if (isset($_POST[$check_array[$fieldname]['other_post_field']]) && (int) $_POST[$check_array[$fieldname]['other_post_field']] == 1) {
+            // the other interface is activated already and STAYS activated
+            if ((int) Settings::Get($check_array[$fieldname]['other_enabled']) == 1) {
+                $returnvalue = array(
+                    FORMFIELDS_PLAUSIBILITY_CHECK_ERROR,
+                    $check_array[$fieldname]['other_enabled_lng']
+                );
+            } else {
+                // fcgid is being validated before fpm -> "ask" fpm about its state
+                if ($fieldname == 'system_mod_fcgid_enabled') {
+                    $returnvalue = checkFcgidPhpFpm('system_phpfpm_enabled', null, $check_array[$fieldname]['other_post_field'], null);
+                } else {
+                    // not, bot are nogo
+                    $returnvalue = $returnvalue = array(
+                        FORMFIELDS_PLAUSIBILITY_CHECK_ERROR,
+                        'fcgidandphpfpmnogoodtogether'
+                    );
+                }
+            }
+        }
+    }
+    
+    return $returnvalue;
 }

lib/functions/validate/function.validatePasswordLogin.php

@@ -60,19 +60,20 @@ function validatePasswordLogin($userinfo = null, $password = null, $table = 'pan
 		}
 	}
 
-	// check for update of hash
-	if ($update_hash) {
-		$upd_stmt = Database::prepare("
-			UPDATE " . $table . " SET `password` = :newpasswd WHERE `" . $uid . "` = :uid
-		");
-		$params = array (
+	if ($pwd_hash == $pwd_check) {
+
+		// check for update of hash
+		if ($update_hash) {
+			$upd_stmt = Database::prepare("
+				UPDATE " . $table . " SET `password` = :newpasswd WHERE `" . $uid . "` = :uid
+			");
+			$params = array (
 				'newpasswd' => makeCryptPassword($password),
 				'uid' => $userinfo[$uid]
-		);
-		Database::pexecute($upd_stmt, $params);
-	}
+			);
+			Database::pexecute($upd_stmt, $params);
+		}
 
-	if ($pwd_hash == $pwd_check) {
 		return true;
 	}
 	return false;

lib/tables.inc.php

@@ -51,6 +51,6 @@ define('TABLE_PANEL_DOMAIN_SSL_SETTINGS', 'domain_ssl_settings');
 define('TABLE_DOMAINTOIP', 'panel_domaintoip');
 
 // VERSION INFO
-$version = '0.9.33-rc2';
+$version = '0.9.33-rc3';
 $dbversion = '2';
 $branding = '';

lng/english.lng.php

@@ -1838,3 +1838,4 @@ $lng['usersettings']['custom_notes']['description'] = 'Feel free to put any note
 $lng['usersettings']['custom_notes']['show'] = 'Show your notes on the dashboard of the user';
 $lng['serversettings']['system_send_cron_errors']['title'] = 'Send cron-errors to froxlor-admin via e-mail';
 $lng['serversettings']['system_send_cron_errors']['description'] = 'Chose whether you want to receive an e-mail on cronjob errors. Keep in mind that this can lead to an e-mail being sent every 5 minutes depending on the error and your cronjob settings.';
+$lng['error']['fcgidandphpfpmnogoodtogether'] = 'FCGID and PHP-FPM cannot be activated at the same time';

lng/german.lng.php

@@ -1565,3 +1565,4 @@ $lng['usersettings']['custom_notes']['description'] = 'Hier können Notizen je n
 $lng['usersettings']['custom_notes']['show'] = 'Zeige die Notizen auf dem Dashboard des Benutzers';
 $lng['serversettings']['system_send_cron_errors']['title'] = 'Sende Cron-Fehler via E-Mail an den Froxlor-Admin';
 $lng['serversettings']['system_send_cron_errors']['description'] = 'Gib an, ob bei einem Cron-Fehler eine E-Mail versendet werden soll. Beachte das es je nach Fehler und Cronjob-Einstellungen dazu kommen kann, dass diese E-Mail alle 5 Minuten gesendet wird.';
+$lng['error']['fcgidandphpfpmnogoodtogether'] = 'FCGID und PHP-FPM können nicht gleichzeitig aktiviert werden.';

templates/misc/configfiles/ubuntu_precise/postfix_dovecot/etc_postfix_main.cf

@@ -50,6 +50,7 @@ smtpd_sasl_local_domain = $myhostname
 broken_sasl_auth_clients = yes
 ## Dovecot Settings for deliver, SASL Auth and virtual transport
 smtpd_sasl_type = dovecot
+virtual_transport = dovecot
 dovecot_destination_recipient_limit = 1
 smtpd_sasl_path = private/dovecot-auth
 

templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_main.cf

@@ -50,6 +50,7 @@ smtpd_sasl_local_domain = $myhostname
 broken_sasl_auth_clients = yes
 ## Dovecot Settings for deliver, SASL Auth and virtual transport
 smtpd_sasl_type = dovecot
+virtual_transport = dovecot
 dovecot_destination_recipient_limit = 1
 smtpd_sasl_path = private/dovecot-auth