maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Compare commits

base: maketank:0.9.38.8
Branches Tags
maketank:live maketank:upgrade-2.0 maketank:upgrade-2 maketank:2.1.x maketank:remotes/origin/2.1.x maketank:master
maketank:greylisting-2.0 maketank:2.2.8 maketank:2.2.7 maketank:2.2.6 maketank:2.2.5 maketank:2.2.4 maketank:2.2.3 maketank:2.2.2 maketank:2.2.1 maketank:2.2.0 maketank:2.2.0-rc3 maketank:2.2.0-rc2 maketank:2.2.0-rc1 maketank:2.1.9 maketank:2.1.8 maketank:2.1.7 maketank:2.1.6 maketank:2.1.5 maketank:2.1.4 maketank:2.1.3 maketank:2.1.2 maketank:2.1.1 maketank:2.1.0 maketank:2.1.0-rc3 maketank:2.1.0-rc2 maketank:2.1.0-rc1 maketank:2.1.0-beta2 maketank:2.1.0-beta1 maketank:2.0.24 maketank:2.0.23 maketank:2.0.22 maketank:2.0.21 maketank:2.0.20 maketank:2.0.19 maketank:2.0.18 maketank:2.0.17 maketank:2.0.16 maketank:2.0.15 maketank:2.0.14 maketank:2.0.13 maketank:2.0.12 maketank:2.0.11 maketank:2.0.10 maketank:2.0.9 maketank:2.0.8 maketank:2.0.7 maketank:2.0.6 maketank:2.0.5 maketank:2.0.4 maketank:2.0.3 maketank:2.0.2 maketank:2.0.1 maketank:0.10.38.3 maketank:0.10.38.2 maketank:0.10.38.1 maketank:0.10.38 maketank:0.10.37 maketank:0.10.36 maketank:0.10.35.1 maketank:0.10.35 maketank:0.10.34.1 maketank:0.10.34 maketank:0.10.33 maketank:0.10.32 maketank:0.10.31 maketank:0.10.30 maketank:0.10.29.1 maketank:0.10.29 maketank:0.10.28 maketank:0.10.27 maketank:0.10.26 maketank:0.10.25 maketank:0.10.24 maketank:0.10.23.1 maketank:0.10.23 maketank:0.10.22 maketank:0.10.21 maketank:0.10.20 maketank:0.10.19 maketank:0.10.18 maketank:0.10.17 maketank:0.10.16 maketank:0.10.15 maketank:0.10.14 maketank:0.10.13 maketank:0.10.12 maketank:0.10.11 maketank:0.10.10 maketank:0.10.9 maketank:0.10.8 maketank:0.10.7 maketank:0.10.6 maketank:0.10.5 maketank:0.10.4 maketank:0.10.3 maketank:0.10.2 maketank:0.10.1 maketank:0.10.0 maketank:0.10.0-rc2 maketank:0.10.0-rc1 maketank:0.9.40.1 maketank:0.9.40 maketank:0.9.39.5 maketank:0.9.39.4 maketank:0.9.39.3 maketank:0.9.39.2 maketank:0.9.39.1 maketank:0.9.39 maketank:0.9.38.8 maketank:0.9.38.7 maketank:0.9.38.6 maketank:0.9.38.5 maketank:0.9.38.4 maketank:0.9.38.3 maketank:0.9.38.2 maketank:0.9.38.1 maketank:0.9.38 maketank:0.9.38-rc2 maketank:0.9.38-rc1 maketank:0.9.37 maketank:0.9.37-rc1 maketank:0.9.36 maketank:0.9.35.1 maketank:0.9.35 maketank:0.9.35-rc1 maketank:0.9.34.2 maketank:0.9.34.1 maketank:0.9.34 maketank:0.9.33.2 maketank:0.9.33.1 maketank:0.9.33 maketank:0.9.33-rc3 maketank:0.9.33-rc2 maketank:0.9.33-rc1 maketank:0.9.32 maketank:0.9.32-rc2 maketank:0.9.32-rc1 maketank:0.9.31.2 maketank:0.9.31.1 maketank:0.9.31 maketank:0.9.31-rc2 maketank:0.9.31-rc1 maketank:0.9.30 maketank:0.9.30-rc1 maketank:0.9.29 maketank:0.9.29-rc1 maketank:0.9.28.1 maketank:0.9.28 maketank:0.9.28-rc1 maketank:0.9.27 maketank:0.9.27-rc1 maketank:0.9.26 maketank:0.9.26-rc1 maketank:0.9.25 maketank:0.9.25-rc1 maketank:0.9.24 maketank:0.9.24-rc1 maketank:0.9.23 maketank:0.9.23-rc1 maketank:0.9.22 maketank:0.9.22-rc1 maketank:0.9.21 maketank:0.9.20.1 maketank:0.9.20 maketank:0.9.19 maketank:0.9.18.1 maketank:0.9.18 maketank:0.9.17 maketank:0.9.16 maketank:0.9.15.1 maketank:0.9.15 maketank:0.9.14 maketank:0.9.13.1 maketank:0.9.13 maketank:0.9.12 maketank:0.9.11 maketank:0.9.10 maketank:0.9.9 maketank:0.9.8 maketank:0.9.7 maketank:0.9.6 maketank:0.9.5 maketank:0.9.4 maketank:0.9.3 maketank:0.9.2.1 maketank:0.9.2 maketank:0.9.1 maketank:0.9
..
compare: maketank:0.9.39
Branches Tags
maketank:upgrade-2.0 maketank:live maketank:upgrade-2 maketank:2.1.x maketank:remotes/origin/2.1.x maketank:master
maketank:greylisting-2.0 maketank:2.2.8 maketank:2.2.7 maketank:2.2.6 maketank:2.2.5 maketank:2.2.4 maketank:2.2.3 maketank:2.2.2 maketank:2.2.1 maketank:2.2.0 maketank:2.2.0-rc3 maketank:2.2.0-rc2 maketank:2.2.0-rc1 maketank:2.1.9 maketank:2.1.8 maketank:2.1.7 maketank:2.1.6 maketank:2.1.5 maketank:2.1.4 maketank:2.1.3 maketank:2.1.2 maketank:2.1.1 maketank:2.1.0 maketank:2.1.0-rc3 maketank:2.1.0-rc2 maketank:2.1.0-rc1 maketank:2.1.0-beta2 maketank:2.1.0-beta1 maketank:2.0.24 maketank:2.0.23 maketank:2.0.22 maketank:2.0.21 maketank:2.0.20 maketank:2.0.19 maketank:2.0.18 maketank:2.0.17 maketank:2.0.16 maketank:2.0.15 maketank:2.0.14 maketank:2.0.13 maketank:2.0.12 maketank:2.0.11 maketank:2.0.10 maketank:2.0.9 maketank:2.0.8 maketank:2.0.7 maketank:2.0.6 maketank:2.0.5 maketank:2.0.4 maketank:2.0.3 maketank:2.0.2 maketank:2.0.1 maketank:0.10.38.3 maketank:0.10.38.2 maketank:0.10.38.1 maketank:0.10.38 maketank:0.10.37 maketank:0.10.36 maketank:0.10.35.1 maketank:0.10.35 maketank:0.10.34.1 maketank:0.10.34 maketank:0.10.33 maketank:0.10.32 maketank:0.10.31 maketank:0.10.30 maketank:0.10.29.1 maketank:0.10.29 maketank:0.10.28 maketank:0.10.27 maketank:0.10.26 maketank:0.10.25 maketank:0.10.24 maketank:0.10.23.1 maketank:0.10.23 maketank:0.10.22 maketank:0.10.21 maketank:0.10.20 maketank:0.10.19 maketank:0.10.18 maketank:0.10.17 maketank:0.10.16 maketank:0.10.15 maketank:0.10.14 maketank:0.10.13 maketank:0.10.12 maketank:0.10.11 maketank:0.10.10 maketank:0.10.9 maketank:0.10.8 maketank:0.10.7 maketank:0.10.6 maketank:0.10.5 maketank:0.10.4 maketank:0.10.3 maketank:0.10.2 maketank:0.10.1 maketank:0.10.0 maketank:0.10.0-rc2 maketank:0.10.0-rc1 maketank:0.9.40.1 maketank:0.9.40 maketank:0.9.39.5 maketank:0.9.39.4 maketank:0.9.39.3 maketank:0.9.39.2 maketank:0.9.39.1 maketank:0.9.39 maketank:0.9.38.8 maketank:0.9.38.7 maketank:0.9.38.6 maketank:0.9.38.5 maketank:0.9.38.4 maketank:0.9.38.3 maketank:0.9.38.2 maketank:0.9.38.1 maketank:0.9.38 maketank:0.9.38-rc2 maketank:0.9.38-rc1 maketank:0.9.37 maketank:0.9.37-rc1 maketank:0.9.36 maketank:0.9.35.1 maketank:0.9.35 maketank:0.9.35-rc1 maketank:0.9.34.2 maketank:0.9.34.1 maketank:0.9.34 maketank:0.9.33.2 maketank:0.9.33.1 maketank:0.9.33 maketank:0.9.33-rc3 maketank:0.9.33-rc2 maketank:0.9.33-rc1 maketank:0.9.32 maketank:0.9.32-rc2 maketank:0.9.32-rc1 maketank:0.9.31.2 maketank:0.9.31.1 maketank:0.9.31 maketank:0.9.31-rc2 maketank:0.9.31-rc1 maketank:0.9.30 maketank:0.9.30-rc1 maketank:0.9.29 maketank:0.9.29-rc1 maketank:0.9.28.1 maketank:0.9.28 maketank:0.9.28-rc1 maketank:0.9.27 maketank:0.9.27-rc1 maketank:0.9.26 maketank:0.9.26-rc1 maketank:0.9.25 maketank:0.9.25-rc1 maketank:0.9.24 maketank:0.9.24-rc1 maketank:0.9.23 maketank:0.9.23-rc1 maketank:0.9.22 maketank:0.9.22-rc1 maketank:0.9.21 maketank:0.9.20.1 maketank:0.9.20 maketank:0.9.19 maketank:0.9.18.1 maketank:0.9.18 maketank:0.9.17 maketank:0.9.16 maketank:0.9.15.1 maketank:0.9.15 maketank:0.9.14 maketank:0.9.13.1 maketank:0.9.13 maketank:0.9.12 maketank:0.9.11 maketank:0.9.10 maketank:0.9.9 maketank:0.9.8 maketank:0.9.7 maketank:0.9.6 maketank:0.9.5 maketank:0.9.4 maketank:0.9.3 maketank:0.9.2.1 maketank:0.9.2 maketank:0.9.1 maketank:0.9

59 Commits
0.9.38.8 ... 0.9.39

Author SHA1 Message Date
Michael Kaufmann (d00p)
0aa707ebc9 set version to 0.9.39 for upcoming release 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-02-06 12:19:21 +01:00
Michael Kaufmann (d00p)
f38a0fd8b6 remove unnecessary and out-of-date info from README, fixed variable typo in lib/init.php 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-02-05 08:36:25 +01:00
Michael Kaufmann (d00p)
a6b2daa77d fix typo 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-30 14:41:56 +01:00
Michael Kaufmann (d00p)
7ae31496ac add requirement check for php-json as settings import/export uses json_decode/json_encode 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-30 07:58:24 +01:00
Michael Kaufmann (d00p)
c62dd2ecf4 fix mysql-strict-mode issue (hopefully for good), enhance error-reporting when importing froxlor.sql on installation 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-29 20:04:54 +01:00
Michael Kaufmann (d00p)
840b5ea229 add new feature: import/export of settings 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-28 14:33:00 +01:00
Michael Kaufmann (d00p)
d8a3015303 put le acme version setting right above the CA setting, less confusing 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-27 11:50:34 +01:00
Michael Kaufmann (d00p)
194b7863b8 fix invalid ipv6 value in mysql-access-host setting 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-27 11:37:06 +01:00
Michael Kaufmann (d00p)
f034695290 remove '/etc/postfix/master.cf: line x: using backwards-compatible default setting chroot=y' warning; set correct permission for dkim-public key as it should not be group or other writable 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-27 11:14:22 +01:00
Michael Kaufmann (d00p)
f896fe11a0 do not split dkim-entry content in generateDkimEntries(); re-add braces to enclose TXT record content 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-27 10:09:43 +01:00
Michael Kaufmann (d00p)
2603a9c869 add new setting to specify values for the PATH env-variable for php-fpm 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-26 17:30:20 +01:00
Michael Kaufmann (d00p)
fcd0dddfd5 Update phpMailer to 5.2.26 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-26 17:18:12 +01:00
Michael Kaufmann (d00p)
3fb92259a8 readd starting and ending quotes which got removed with the braces in #503 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-26 17:17:22 +01:00
Michael Kaufmann
54d7b01ac5 Merge pull request #506 from RipClaw2971/http2_fix 
http2 could be set even if http2 is not enabled
 2018-01-22 14:43:10 +01:00
Michael Kaufmann (d00p)
ca0ab1f97a add fixed dovecot/conf.d/10-ssl.conf template for debian stretch; update phpMailer to 5.2.26 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-21 23:37:09 +01:00
Michael Kaufmann (d00p)
f3733ca249 set apache-2.4 as default ON also in froxlor.sql; fix wrong DbManagerMySQL::disableUser, fixes #505 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-18 19:50:28 +01:00
Andreas Grundler
7442bf7347 http2 Konfiguration nur einfügen wenn http2 in den Einstellungen aktiviert ist 2018-01-18 18:30:38 +01:00
Andreas Grundler
6ac3cb2014 Revert "http2 Konfiguration nur einfügen wenn http2 in den Einstellungen aktiviert ist" 
This reverts commit c3fb6f6a1c.
 2018-01-18 18:23:08 +01:00
Andreas Grundler
ca76e572a2 http2 Option darf nur dann zu sehen sein wenn http2 in den Einstellungen aktiv ist 2018-01-18 18:18:30 +01:00
Andreas Grundler
c3fb6f6a1c http2 Konfiguration nur einfügen wenn http2 in den Einstellungen aktiviert ist 2018-01-18 18:16:53 +01:00
Michael Kaufmann
1796a8ff17 Merge pull request #503 from lonesomewalker/patch-1 
Update class.DnsEntry.php
 2018-01-17 07:54:57 +01:00
lonesomewalker
52c7839b9b Update class.DnsEntry.php 
Klammerfehler bei Bind, PowerDNS braucht ja keinen Linesplit.
 2018-01-16 14:57:42 +01:00
Michael Kaufmann (d00p)
d16a7b2089 on installation, set apache-2.4 as default if apache is detected; clearify that apache2 is 2.2; output complete folder where the userdata.inc.php file is to be put when necessary to avoid misunderstanding 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-15 07:45:50 +01:00
Michael Kaufmann (d00p)
9a00a67f71 apache2-suexec => apache2-suexec-pristine for debian stretch 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-13 11:33:20 +01:00
Michael Kaufmann (d00p)
6e651200ca Make php.ini flag/value possibilities dynamic (settings) 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-11 13:04:38 +01:00
Michael Kaufmann (d00p)
29968e6026 add stretch config-templates, testers/feedback welcome 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-11 10:44:42 +01:00
Michael Kaufmann (d00p)
8c61773280 fix usage of extensions from limit_extensions list in apache-cron 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-10 17:01:17 +01:00
Michael Kaufmann (d00p)
29433ce963 escape possible dots in extension (e.g. to allow .php.xml or similar) 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-10 15:49:07 +01:00
Michael Kaufmann (d00p)
eed3a91385 fix (not yet perfect) regex for limit_extension setting 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-10 15:45:21 +01:00
Michael Kaufmann (d00p)
62006d584e fix limit_extensions setting 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-10 15:42:11 +01:00
Michael Kaufmann (d00p)
bba872618a fix ssl-procotols in apache-cron; fix files-match regex in apache-cron 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-10 15:28:48 +01:00
Michael Kaufmann (d00p)
941dd14c72 read limit_extensions value from wrong array 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-10 15:22:22 +01:00
Michael Kaufmann (d00p)
f2a79d4d96 add new security.limit_extensions setting to fpm-daemon settings 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-10 15:20:19 +01:00
Michael Kaufmann (d00p)
281b131c62 ups, forgot to adjust version in lib/version.inc.php 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-10 10:21:02 +01:00
Michael Kaufmann (d00p)
4bcdfc0786 Added option to set the TLS protocol versions to be used in webservers 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-10 10:12:26 +01:00
Michael Kaufmann (d00p)
9312e4967e fix access to idle-timeout setting which moved from global settings to per-fpm-daemon setting, thx to gunnyst for pointing this out 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-10 08:45:20 +01:00
Michael Kaufmann (d00p)
6b44dfe9b2 well, we should also save the new settings :) 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-09 17:22:20 +01:00
Michael Kaufmann (d00p)
ba58991d11 allow per php-config setting of adding '-pass-header Authorization' / 'CGIPassAuth On' to the domains vhosts 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-09 17:14:57 +01:00
Michael Kaufmann (d00p)
84abb33e54 exclude wildcard-domains agains also vor ACMEv2 of LE2 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-09 17:12:55 +01:00
Michael Kaufmann (d00p)
07a4f045f1 do not advertise wildcard-certificates as it might never be possible in froxlor (no http-01 challenge) 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-09 16:08:13 +01:00
Michael Kaufmann (d00p)
f49cb81e49 disable wildcard-usage with Let's Encrypt as ACME-v2 only supports the dns-01 challenge for now (pity) 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-09 15:33:23 +01:00
Michael Kaufmann (d00p)
b2b9d4e31a add missing setting-strings for new acme-version setting; allow using let's encrypt with wildcard-alias when using ACME-v2 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-09 14:56:41 +01:00
Michael Kaufmann (d00p)
d40d1f30b6 make it a setting to switch between ACME v1 and v2 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-09 14:50:52 +01:00
Michael Kaufmann (d00p)
9aaadb1f8b implement lets-encrypt api-v02 (testing only currently; not activated in froxlor, test with 'php froxlor_master_cronjob.php --letsencrypt_v2 --debug' but set api endpoint to staging); no chain is returned currently, seems to be a known bug 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-09 14:40:36 +01:00
Michael Kaufmann (d00p)
3969ef63c5 do not check hide-options 'domains' in customer_tickets, fixes #502 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-09 11:18:03 +01:00
Michael Kaufmann (d00p)
d8abe30c44 create dummy pool-config whenever a fpm-daemons configdir is empty so it still restarts 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-09 09:25:56 +01:00
Michael Kaufmann (d00p)
eaa10ce6a5 add option to update php-configs for all subdomains when editing a domain as admin (default: yes) 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-08 15:31:27 +01:00
Michael Kaufmann (d00p)
c434249616 allow admin to set php-configs that can be used by customers 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-08 14:45:00 +01:00
Michael Kaufmann (d00p)
b849a5f29a preparations for php-config select for customers 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-08 13:59:30 +01:00
Michael Kaufmann (d00p)
3dc6a64252 fix pm select when editing fpmdaemon; fix saving of pm value 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-08 10:22:09 +01:00
Michael Kaufmann (d00p)
ebd636494a fix wrong table constant 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-08 10:11:38 +01:00
Michael Kaufmann (d00p)
07caf55f79 fixes to multi-fpm in cron 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-08 09:16:00 +01:00
Michael Kaufmann (d00p)
73868b7947 soften the file cleaning to reduce risk 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-07 23:31:39 +01:00
Michael Kaufmann (d00p)
af55fe5b82 add possibility to add multiple php-fpm instances 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-07 14:55:25 +01:00
Michael Kaufmann
de408347fc Merge pull request #500 from heavygale/patch-1 
Update preconfig_0.9.inc.php
 2018-01-05 18:26:57 +01:00
heavygale
ea96039128 Update preconfig_0.9.inc.php 
fixed a typo
 2018-01-05 18:11:23 +01:00
Michael Kaufmann
c49539258e Merge pull request #498 from RipClaw2971/fix 
Added "nscd -i passwd" to clear user cache when using libnss-*
 2018-01-01 17:45:23 +01:00
Andreas Grundler
64653a2bb1 nscd -i passwd in froxlor_master_cronjob.php eingefügt 2018-01-01 13:54:32 +01:00
Andreas Grundler
732c6e3a78 Added nscd -i passwd to clear user 2017-12-31 22:40:19 +01:00
67 changed files with 8740 additions and 1657 deletions
Expand all files Collapse all files

19
README.md
View File

@@ -30,7 +30,7 @@ irc://chat.freenode.net/froxlor
### Forum
The community is located on http://forum.froxlor.org
The community is located on https://forum.froxlor.org/
### Wiki
@@ -44,7 +44,7 @@ May be found in COPYING
## Downloads
### Tarball
http://files.froxlor.org/releases/froxlor-latest.tar.gz [MD5](http://files.froxlor.org/releases/froxlor-latest.tar.gz.md5) [SHA1](http://files.froxlor.org/releases/froxlor-latest.tar.gz.sha1)
https://files.froxlor.org/releases/froxlor-latest.tar.gz [MD5](https://files.froxlor.org/releases/froxlor-latest.tar.gz.md5) [SHA1](https://files.froxlor.org/releases/froxlor-latest.tar.gz.sha1)
### Debian repository
@@ -57,20 +57,7 @@ http://files.froxlor.org/releases/froxlor-latest.tar.gz [MD5](http://files.froxl
[HowTo](https://github.com/Froxlor/Froxlor/wiki/Install-froxlor-on-gentoo)
http://files.froxlor.org/gentoo/repositories.xml
## Let's Encrypt support
This version of Froxlor contains a test implementation of support for [Let's Encrypt](https://letsencrypt.org). This is (as Let's Encrypt is in itself)
still a beta version and may break your system. The way it currently works is by creating a (sub-)domain with the default system - certificate,
after which the Let's Encrypt cronjob orders the certificate for this (sub-)domain and inserts the certificates in the database. With the next run
of the default cronjob, the certificates will be updated on the disk and the webserver reloaded.
This has 2 known side-effects at the moment:
* The basic ip/port combinations don't work with the Froxlor - integration of Let's Encrypt, since it needs a certificate for the very first creation
* After creating a domain, it will have the default certificate for a short time (by default 5 minutes until the cronjob runs the next time)
It may be possible to fix these issues, but they are not a priority at the moment
https://files.froxlor.org/gentoo/repositories.xml
## Contributing

36
actions/admin/settings/131.ssl.php
View File

@@ -30,6 +30,20 @@ return array(
'save_method' => 'storeSettingField',
'overview_option' => true
),
'system_ssl_protocols' => array(
'label' => $lng['serversettings']['ssl']['ssl_protocols'],
'settinggroup' => 'system',
'varname' => 'ssl_protocols',
'type' => 'option',
'default' => 'TLSv1,TLSv1.2',
'option_mode' => 'multiple',
'option_options' => array(
'TLSv1' => 'TLSv1',
'TLSv1.1' => 'TLSv1.1',
'TLSv1.2' => 'TLSv1.2'
),
'save_method' => 'storeSettingField'
),
'system_ssl_cipher_list' => array(
'label' => $lng['serversettings']['ssl']['ssl_cipher_list'],
'settinggroup' => 'system',
@@ -87,8 +101,7 @@ return array(
'string_type' => 'string',
'string_emptyallowed' => false,
'default' => 'shmcb:/var/run/apache2/ocsp-stapling.cache(131072)',
'visible' => Settings::Get('system.webserver') == "apache2" &&
Settings::Get('system.apache24') == 1,
'visible' => Settings::Get('system.webserver') == "apache2" && Settings::Get('system.apache24') == 1,
'save_method' => 'storeSettingField'
),
'system_leenabled' => array(
@@ -107,7 +120,20 @@ return array(
'type' => 'string',
'string_type' => 'file',
'default' => '/etc/apache2/conf-enabled/acme.conf',
'save_method' => 'storeSettingField',
'save_method' => 'storeSettingField'
),
'system_leapiversion' => array(
'label' => $lng['serversettings']['leapiversion'],
'settinggroup' => 'system',
'varname' => 'leapiversion',
'type' => 'option',
'default' => '1',
'option_mode' => 'one',
'option_options' => array(
'1' => 'ACME v1',
'2' => 'ACME v2'
),
'save_method' => 'storeSettingField'
),
'system_letsencryptca' => array(
'label' => $lng['serversettings']['letsencryptca'],
@@ -117,8 +143,8 @@ return array(
'default' => 'testing',
'option_mode' => 'one',
'option_options' => array(
'testing' => 'https://acme-staging.api.letsencrypt.org (Test)',
'production' => 'https://acme-v01.api.letsencrypt.org (Live)'
'testing' => 'https://acme-staging' . (Settings::Get('system.leapiversion') == '2' ? '-v02' : '') . '.api.letsencrypt.org (Test)',
'production' => 'https://acme-v0' . Settings::Get('system.leapiversion') . '.api.letsencrypt.org (Live)'
),
'save_method' => 'storeSettingField'
),

120
actions/admin/settings/136.phpfpm.php
View File

@@ -40,15 +40,6 @@ return array(
'option_options_method' => 'getPhpConfigs',
'save_method' => 'storeSettingField'
),
'system_phpfpm_configdir' => array(
'label' => $lng['serversettings']['phpfpm_settings']['configdir'],
'settinggroup' => 'phpfpm',
'varname' => 'configdir',
'type' => 'string',
'string_type' => 'confdir',
'default' => '/etc/php-fpm.d/',
'save_method' => 'storeSettingField'
),
'system_phpfpm_aliasconfigdir' => array(
'label' => $lng['serversettings']['phpfpm_settings']['aliasconfigdir'],
'settinggroup' => 'phpfpm',
@@ -78,6 +69,17 @@ return array(
'default' => '/usr/share/php/:/usr/share/php5/',
'save_method' => 'storeSettingField'
),
'system_phpfpm_envpath' => array(
'label' => $lng['serversettings']['phpfpm_settings']['envpath'],
'settinggroup' => 'phpfpm',
'varname' => 'envpath',
'type' => 'string',
'string_type' => 'dir',
'string_delimiter' => ':',
'string_emptyallowed' => true,
'default' => '/usr/local/bin:/usr/bin:/bin',
'save_method' => 'storeSettingField'
),
'system_phpfpm_fastcgi_ipcdir' => array(
'label' => $lng['serversettings']['phpfpm_settings']['ipcdir'],
'settinggroup' => 'phpfpm',
@@ -87,72 +89,6 @@ return array(
'default' => '/var/lib/apache2/fastcgi/',
'save_method' => 'storeSettingField'
),
'system_phpfpm_reload' => array(
'label' => $lng['serversettings']['phpfpm_settings']['reload'],
'settinggroup' => 'phpfpm',
'varname' => 'reload',
'type' => 'string',
'default' => '/etc/init.d/php-fpm restart',
'save_method' => 'storeSettingField'
),
'system_phpfpm_pm' => array(
'label' => $lng['serversettings']['phpfpm_settings']['pm'],
'settinggroup' => 'phpfpm',
'varname' => 'pm',
'type' => 'option',
'default' => 'static',
'option_mode' => 'one',
'option_options' => array('static' => 'static', 'dynamic' => 'dynamic', 'ondemand' => 'ondemand'),
'save_method' => 'storeSettingField'
),
'system_phpfpm_max_children' => array(
'label' => $lng['serversettings']['phpfpm_settings']['max_children'],
'settinggroup' => 'phpfpm',
'varname' => 'max_children',
'type' => 'int',
'default' => 1,
'save_method' => 'storeSettingField'
),
'system_phpfpm_start_servers' => array(
'label' => $lng['serversettings']['phpfpm_settings']['start_servers'],
'settinggroup' => 'phpfpm',
'varname' => 'start_servers',
'type' => 'int',
'default' => 20,
'save_method' => 'storeSettingField'
),
'system_phpfpm_min_spare_servers' => array(
'label' => $lng['serversettings']['phpfpm_settings']['min_spare_servers'],
'settinggroup' => 'phpfpm',
'varname' => 'min_spare_servers',
'type' => 'int',
'default' => 5,
'save_method' => 'storeSettingField'
),
'system_phpfpm_max_spare_servers' => array(
'label' => $lng['serversettings']['phpfpm_settings']['max_spare_servers'],
'settinggroup' => 'phpfpm',
'varname' => 'max_spare_servers',
'type' => 'int',
'default' => 35,
'save_method' => 'storeSettingField'
),
'system_phpfpm_max_requests' => array(
'label' => $lng['serversettings']['phpfpm_settings']['max_requests'],
'settinggroup' => 'phpfpm',
'varname' => 'max_requests',
'type' => 'int',
'default' => 0,
'save_method' => 'storeSettingField'
),
'system_phpfpm_idle_timeout' => array(
'label' => $lng['serversettings']['phpfpm_settings']['idle_timeout'],
'settinggroup' => 'phpfpm',
'varname' => 'idle_timeout',
'type' => 'int',
'default' => 30,
'save_method' => 'storeSettingField'
),
'system_phpfpm_use_mod_proxy' => array(
'label' => $lng['phpfpm']['use_mod_proxy'],
'settinggroup' => 'phpfpm',
@@ -161,7 +97,39 @@ return array(
'default' => false,
'visible' => Settings::Get('system.apache24'),
'save_method' => 'storeSettingField'
)
),
'system_phpfpm_ini_flags' => array(
'label' => $lng['phpfpm']['ini_flags'],
'settinggroup' => 'phpfpm',
'varname' => 'ini_flags',
'type' => 'text',
'default' => '',
'save_method' => 'storeSettingField'
),
'system_phpfpm_ini_values' => array(
'label' => $lng['phpfpm']['ini_values'],
'settinggroup' => 'phpfpm',
'varname' => 'ini_values',
'type' => 'text',
'default' => '',
'save_method' => 'storeSettingField'
),
'system_phpfpm_ini_admin_flags' => array(
'label' => $lng['phpfpm']['ini_admin_flags'],
'settinggroup' => 'phpfpm',
'varname' => 'ini_admin_flags',
'type' => 'text',
'default' => '',
'save_method' => 'storeSettingField'
),
'system_phpfpm_ini_admin_values' => array(
'label' => $lng['phpfpm']['ini_admin_values'],
'settinggroup' => 'phpfpm',
'varname' => 'ini_admin_values',
'type' => 'text',
'default' => '',
'save_method' => 'storeSettingField'
)
),
),
),

60
admin_customers.php
View File

@@ -532,6 +532,14 @@ if ($page == 'customers'
$phpenabled = intval($_POST['phpenabled']);
}
$allowed_phpconfigs = array();
if (isset($_POST['allowed_phpconfigs']) && is_array($_POST['allowed_phpconfigs'])) {
foreach ($_POST['allowed_phpconfigs'] as $allowed_phpconfig) {
$allowed_phpconfig = intval($allowed_phpconfig);
$allowed_phpconfigs[] = $allowed_phpconfig;
}
}
$perlenabled = 0;
if (isset($_POST['perlenabled'])) {
$perlenabled = intval($_POST['perlenabled']);
@@ -693,6 +701,7 @@ if ($page == 'customers'
'tickets' => $tickets,
'mysqls' => $mysqls,
'phpenabled' => $phpenabled,
'allowed_phpconfigs' => empty($allowed_phpconfigs) ? "" : json_encode($allowed_phpconfigs),
'imap' => $email_imap,
'pop3' => $email_pop3,
'perlenabled' => $perlenabled,
@@ -733,6 +742,7 @@ if ($page == 'customers'
`mysqls` = :mysqls,
`standardsubdomain` = '0',
`phpenabled` = :phpenabled,
`allowed_phpconfigs` = :allowed_phpconfigs,
`imap` = :imap,
`pop3` = :pop3,
`perlenabled` = :perlenabled,
@@ -1043,6 +1053,26 @@ if ($page == 'customers'
$gender_options .= makeoption($lng['gender']['male'], 1, null, true, true);
$gender_options .= makeoption($lng['gender']['female'], 2, null, true, true);
$phpconfigs = array();
$configs = Database::query("
SELECT c.*, fc.description as interpreter
FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
");
while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
if ((int) Settings::Get('phpfpm.enabled') == 1) {
$phpconfigs[] = array(
'label' => $row['description'] . " [".$row['interpreter']."]<br />",
'value' => $row['id']
);
} else {
$phpconfigs[] = array(
'label' => $row['description']."<br />",
'value' => $row['id']
);
}
}
$customer_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/customer/formfield.customer_add.php';
$customer_add_form = htmlform::genHTMLForm($customer_add_data);
@@ -1205,6 +1235,14 @@ if ($page == 'customers'
$phpenabled = intval($_POST['phpenabled']);
}
$allowed_phpconfigs = array();
if (isset($_POST['allowed_phpconfigs']) && is_array($_POST['allowed_phpconfigs'])) {
foreach ($_POST['allowed_phpconfigs'] as $allowed_phpconfig) {
$allowed_phpconfig = intval($allowed_phpconfig);
$allowed_phpconfigs[] = $allowed_phpconfig;
}
}
$perlenabled = 0;
if (isset($_POST['perlenabled'])) {
$perlenabled = intval($_POST['perlenabled']);
@@ -1457,6 +1495,7 @@ if ($page == 'customers'
'mysqls' => $mysqls,
'deactivated' => $deactivated,
'phpenabled' => $phpenabled,
'allowed_phpconfigs' => empty($allowed_phpconfigs) ? "" : json_encode($allowed_phpconfigs),
'imap' => $email_imap,
'pop3' => $email_pop3,
'perlenabled' => $perlenabled,
@@ -1490,6 +1529,7 @@ if ($page == 'customers'
`mysqls` = :mysqls,
`deactivated` = :deactivated,
`phpenabled` = :phpenabled,
`allowed_phpconfigs` = :allowed_phpconfigs,
`email_quota` = :email_quota,
`imap` = :imap,
`pop3` = :pop3,
@@ -1695,6 +1735,26 @@ if ($page == 'customers'
$gender_options .= makeoption($lng['gender']['male'], 1, ($result['gender'] == '1' ? true : false), true, true);
$gender_options .= makeoption($lng['gender']['female'], 2, ($result['gender'] == '2' ? true : false), true, true);
$phpconfigs = array();
$configs = Database::query("
SELECT c.*, fc.description as interpreter
FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
");
while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
if ((int) Settings::Get('phpfpm.enabled') == 1) {
$phpconfigs[] = array(
'label' => $row['description'] . " [".$row['interpreter']."]<br />",
'value' => $row['id']
);
} else {
$phpconfigs[] = array(
'label' => $row['description']."<br />",
'value' => $row['id']
);
}
}
$customer_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/customer/formfield.customer_edit.php';
$customer_edit_form = htmlform::genHTMLForm($customer_edit_data);

54
admin_domains.php
View File

@@ -633,10 +633,15 @@ if ($page == 'domains' || $page == 'overview') {
$ocsp_stapling = 0;
}
// We can't enable let's encrypt for wildcard - domains
if ($serveraliasoption == '0' && $letsencrypt == '1') {
// We can't enable let's encrypt for wildcard - domains if using acme-v1
if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '1') {
standard_error('nowildcardwithletsencrypt');
}
// if using acme-v2 we cannot issue wildcard-certificates
// because they currently only support the dns-01 challenge
if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '2') {
standard_error('nowildcardwithletsencryptv2');
}
// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
if ($ssl_redirect > 0 && $letsencrypt == 1) {
@@ -1077,11 +1082,15 @@ if ($page == 'domains' || $page == 'overview') {
}
$phpconfigs = '';
$configs = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");
$configs = Database::query("
SELECT c.*, fc.description as interpreter
FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
");
while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
if ((int) Settings::Get('phpfpm.enabled') == 1) {
$phpconfigs .= makeoption($row['description'], $row['id'], Settings::Get('phpfpm.defaultini'), true, true);
$phpconfigs .= makeoption($row['description'] . " [".$row['interpreter']."]", $row['id'], Settings::Get('phpfpm.defaultini'), true, true);
} else {
$phpconfigs .= makeoption($row['description'], $row['id'], Settings::Get('system.mod_fcgid_defaultini'), true, true);
}
@@ -1359,6 +1368,7 @@ if ($page == 'domains' || $page == 'overview') {
$phpenabled = isset($_POST['phpenabled']) ? intval($_POST['phpenabled']) : 0;
$openbasedir = isset($_POST['openbasedir']) ? intval($_POST['openbasedir']) : 0;
$phpfs = (isset($_POST['phpsettingsforsubdomains']) && intval($_POST['phpsettingsforsubdomains']) == 1) ? 1 : 0;
if ((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) {
$phpsettingid = (int) $_POST['phpsettingid'];
@@ -1388,6 +1398,7 @@ if ($page == 'domains' || $page == 'overview') {
}
} else {
$phpsettingid = $result['phpsettingid'];
$phpfs = 1;
$mod_fcgid_starter = $result['mod_fcgid_starter'];
$mod_fcgid_maxrequests = $result['mod_fcgid_maxrequests'];
}
@@ -1395,6 +1406,7 @@ if ($page == 'domains' || $page == 'overview') {
$phpenabled = $result['phpenabled'];
$openbasedir = $result['openbasedir'];
$phpsettingid = $result['phpsettingid'];
$phpfs = 1;
$mod_fcgid_starter = $result['mod_fcgid_starter'];
$mod_fcgid_maxrequests = $result['mod_fcgid_maxrequests'];
}
@@ -1504,10 +1516,15 @@ if ($page == 'domains' || $page == 'overview') {
$ocsp_stapling = 0;
}
// We can't enable let's encrypt for wildcard domains
if ($serveraliasoption == '0' && $letsencrypt == '1') {
// We can't enable let's encrypt for wildcard domains when using acme-v1
if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '1') {
standard_error('nowildcardwithletsencrypt');
}
// if using acme-v2 we cannot issue wildcard-certificates
// because they currently only support the dns-01 challenge
if ($serveraliasoption == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '2') {
standard_error('nowildcardwithletsencryptv2');
}
// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
if ($ssl_redirect > 0 && $letsencrypt == 1 && $result['letsencrypt'] != $letsencrypt) {
@@ -1633,6 +1650,7 @@ if ($page == 'domains' || $page == 'overview') {
'phpenabled' => $phpenabled,
'openbasedir' => $openbasedir,
'phpsettingid' => $phpsettingid,
'phpsettingsforsubdomains' => $phpfs,
'mod_fcgid_starter' => $mod_fcgid_starter,
'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests,
'specialsettings' => $specialsettings,
@@ -1888,11 +1906,18 @@ if ($page == 'domains' || $page == 'overview') {
$_update_data['adminid'] = $adminid;
$_update_data['phpenabled'] = $phpenabled;
$_update_data['openbasedir'] = $openbasedir;
$_update_data['phpsettingid'] = $phpsettingid;
$_update_data['mod_fcgid_starter'] = $mod_fcgid_starter;
$_update_data['mod_fcgid_maxrequests'] = $mod_fcgid_maxrequests;
$_update_data['parentdomainid'] = $id;
// if php config is to be set for all subdomains, check here
$update_phpconfig = '';
$phpfs = isset($_POST['phpsettingsforsubdomains']) ? 1 : 0;
if ($phpfs == 1) {
$_update_data['phpsettingid'] = $phpsettingid;
$update_phpconfig = ", `phpsettingid` = :phpsettingid";
}
// if we have no more ssl-ip's for this domain,
// all its subdomains must have "ssl-redirect = 0"
// and disable let's encrypt
@@ -1907,10 +1932,9 @@ if ($page == 'domains' || $page == 'overview') {
`adminid` = :adminid,
`phpenabled` = :phpenabled,
`openbasedir` = :openbasedir,
`phpsettingid` = :phpsettingid,
`mod_fcgid_starter` = :mod_fcgid_starter,
`mod_fcgid_maxrequests` = :mod_fcgid_maxrequests
" . $upd_specialsettings . $updatechildren . $update_sslredirect . "
" . $update_phpconfig . $upd_specialsettings . $updatechildren . $update_sslredirect . "
WHERE `parentdomainid` = :parentdomainid
");
Database::pexecute($_update_stmt, $_update_data);
@@ -2180,10 +2204,18 @@ if ($page == 'domains' || $page == 'overview') {
$result['add_date'] = date('Y-m-d', $result['add_date']);
$phpconfigs = '';
$phpconfigs_result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");
$phpconfigs_result_stmt = Database::query("
SELECT c.*, fc.description as interpreter
FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
");
while ($phpconfigs_row = $phpconfigs_result_stmt->fetch(PDO::FETCH_ASSOC)) {
$phpconfigs .= makeoption($phpconfigs_row['description'], $phpconfigs_row['id'], $result['phpsettingid'], true, true);
if ((int) Settings::Get('phpfpm.enabled') == 1) {
$phpconfigs .= makeoption($phpconfigs_row['description'] . " [".$phpconfigs_row['interpreter']."]", $phpconfigs_row['id'], $result['phpsettingid'], true, true);
} else {
$phpconfigs .= makeoption($phpconfigs_row['description'], $phpconfigs_row['id'], $result['phpsettingid'], true, true);
}
}
$result = htmlentities_array($result);

560
admin_phpsettings.php
View File

@@ -16,7 +16,6 @@
* @package Panel
*
*/
define('AREA', 'admin');
require './lib/init.php';
@@ -27,104 +26,111 @@ if (isset($_POST['id'])) {
}
if ($page == 'overview') {
if ($action == '') {
$tablecontent = '';
$count = 0;
$result = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");
$result = Database::query("
SELECT c.*, fd.description as fpmdesc
FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fd ON fd.id = c.fpmsettingid
ORDER BY c.description ASC
");
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$domainresult = false;
$query_params = array('id' => $row['id']);
$query = "SELECT * FROM `".TABLE_PANEL_DOMAINS."`
$query_params = array(
'id' => $row['id']
);
$query = "SELECT * FROM `" . TABLE_PANEL_DOMAINS . "`
WHERE `phpsettingid` = :id
AND `parentdomainid` = '0'";
if ((int)$userinfo['domains_see_all'] == 0) {
if ((int) $userinfo['domains_see_all'] == 0) {
$query .= " AND `adminid` = :adminid";
$query_params['adminid'] = $userinfo['adminid'];
}
if ((int)Settings::Get('panel.phpconfigs_hidestdsubdomain') == 1) {
if ((int) Settings::Get('panel.phpconfigs_hidestdsubdomain') == 1) {
$ssdids_res = Database::query("
SELECT DISTINCT `standardsubdomain` FROM `".TABLE_PANEL_CUSTOMERS."`
WHERE `standardsubdomain` > 0 ORDER BY `standardsubdomain` ASC;"
);
SELECT DISTINCT `standardsubdomain` FROM `" . TABLE_PANEL_CUSTOMERS . "`
WHERE `standardsubdomain` > 0 ORDER BY `standardsubdomain` ASC;");
$ssdids = array();
while ($ssd = $ssdids_res->fetch(PDO::FETCH_ASSOC)) {
$ssdids[] = $ssd['standardsubdomain'];
}
if (count($ssdids) > 0) {
$query .= " AND `id` NOT IN (".implode(', ', $ssdids).")";
$query .= " AND `id` NOT IN (" . implode(', ', $ssdids) . ")";
}
}
$domainresult_stmt = Database::prepare($query);
Database::pexecute($domainresult_stmt, $query_params);
$domains = '';
if (Database::num_rows() > 0) {
while ($row2 = $domainresult_stmt->fetch(PDO::FETCH_ASSOC)) {
$domains.= $row2['domain'] . '<br/>';
$domains .= $row2['domain'] . '<br/>';
}
}
// check whether we use that config as froxor-vhost config
if (Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $row['id']
|| Settings::Get('phpfpm.vhost_defaultini') == $row['id']
) {
if (Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $row['id'] || Settings::Get('phpfpm.vhost_defaultini') == $row['id']) {
$domains .= Settings::Get('system.hostname');
}
if ($domains == '') {
$domains = $lng['admin']['phpsettings']['notused'];
}
// check whether this is our default config
if ((Settings::Get('system.mod_fcgid') == '1'
&& Settings::Get('system.mod_fcgid_defaultini') == $row['id'])
|| (Settings::Get('phpfpm.enabled') == '1'
&& Settings::Get('phpfpm.defaultini') == $row['id'])
) {
$row['description'] = '<b>'.$row['description'].'</b>';
if ((Settings::Get('system.mod_fcgid') == '1' && Settings::Get('system.mod_fcgid_defaultini') == $row['id']) || (Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.defaultini') == $row['id'])) {
$row['description'] = '<b>' . $row['description'] . '</b>';
}
$count ++;
eval("\$tablecontent.=\"" . getTemplate("phpconfig/overview_overview") . "\";");
}
$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting overview has been viewed by '" . $userinfo['loginname'] . "'");
eval("echo \"" . getTemplate("phpconfig/overview") . "\";");
}
if ($action == 'add') {
if ((int)$userinfo['change_serversettings'] == 1) {
if (isset($_POST['send'])
&& $_POST['send'] == 'send'
) {
if ((int) $userinfo['change_serversettings'] == 1) {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$description = validate($_POST['description'], 'description');
$phpsettings = validate(str_replace("\r\n", "\n", $_POST['phpsettings']), 'phpsettings', '/^[^\0]*$/');
if (Settings::Get('system.mod_fcgid') == 1) {
$binary = makeCorrectFile(validate($_POST['binary'], 'binary'));
$file_extensions = validate($_POST['file_extensions'], 'file_extensions', '/^[a-zA-Z0-9\s]*$/');
$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array(
'-1',
''
));
$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array(
'-1',
''
));
$mod_fcgid_umask = validate($_POST['mod_fcgid_umask'], 'mod_fcgid_umask', '/^[0-9]*$/');
// disable fpm stuff
$fpm_config_id = 1;
$fpm_enableslowlog = 0;
$fpm_reqtermtimeout = 0;
$fpm_reqslowtimeout = 0;
}
elseif (Settings::Get('phpfpm.enabled') == 1) {
$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int)$_POST['phpfpm_enable_slowlog'] : 0;
$fpm_pass_authorizationheader = 0;
} elseif (Settings::Get('phpfpm.enabled') == 1) {
$fpm_config_id = intval($_POST['fpmconfig']);
$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int) $_POST['phpfpm_enable_slowlog'] : 0;
$fpm_reqtermtimeout = validate($_POST['phpfpm_reqtermtimeout'], 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/');
$fpm_reqslowtimeout = validate($_POST['phpfpm_reqslowtimeout'], 'phpfpm_reqslowtimeout', '/^([0-9]+)(|s|m|h|d)$/');
$fpm_pass_authorizationheader = isset($_POST['phpfpm_pass_authorizationheader']) ? (int) $_POST['phpfpm_pass_authorizationheader'] : 0;
// disable fcgid stuff
$binary = '/usr/bin/php-cgi';
$file_extensions = 'php';
@@ -132,13 +138,11 @@ if ($page == 'overview') {
$mod_fcgid_maxrequests = 0;
$mod_fcgid_umask = "022";
}
if (strlen($description) == 0
|| strlen($description) > 50
) {
if (strlen($description) == 0 || strlen($description) > 50) {
standard_error('descriptioninvalid');
}
$ins_stmt = Database::prepare("
INSERT INTO `" . TABLE_PANEL_PHPCONFIGS . "` SET
`description` = :desc,
@@ -150,8 +154,9 @@ if ($page == 'overview') {
`fpm_slowlog` = :fpmslow,
`fpm_reqterm` = :fpmreqterm,
`fpm_reqslow` = :fpmreqslow,
`phpsettings` = :phpsettings"
);
`phpsettings` = :phpsettings,
`fpmsettingid` = :fpmsettingid,
`pass_authorizationheader` = :fpmpassauth");
$ins_data = array(
'desc' => $description,
'binary' => $binary,
@@ -162,123 +167,133 @@ if ($page == 'overview') {
'fpmslow' => $fpm_enableslowlog,
'fpmreqterm' => $fpm_reqtermtimeout,
'fpmreqslow' => $fpm_reqslowtimeout,
'phpsettings' => $phpsettings
'phpsettings' => $phpsettings,
'fpmsettingid' => $fpm_config_id,
'fpmpassauth' => $fpm_pass_authorizationheader
);
Database::pexecute($ins_stmt, $ins_data);
inserttask('1');
$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with description '" . $description . "' has been created by '" . $userinfo['loginname'] . "'");
redirectTo($filename, array('page' => $page, 's' => $s));
redirectTo($filename, array(
'page' => $page,
's' => $s
));
} else {
$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = 1");
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
$phpconfig_add_data = include_once dirname(__FILE__).'/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php';
$fpmconfigs = '';
$configs = Database::query("SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` ORDER BY `description` ASC");
while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
$fpmconfigs .= makeoption($row['description'], $row['id'], 1, true, true);
}
$phpconfig_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php';
$phpconfig_add_form = htmlform::genHTMLForm($phpconfig_add_data);
$title = $phpconfig_add_data['phpconfig_add']['title'];
$image = $phpconfig_add_data['phpconfig_add']['image'];
eval("echo \"" . getTemplate("phpconfig/overview_add") . "\";");
}
} else {
standard_error('nopermissionsorinvalidid');
}
}
if ($action == 'delete') {
$result_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"
);
$result = Database::pexecute_first($result_stmt, array('id' => $id));
if ((Settings::Get('system.mod_fcgid') == '1'
&& Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $id)
|| (Settings::Get('phpfpm.enabled') == '1'
&& Settings::Get('phpfpm.vhost_defaultini') == $id)
) {
SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id");
$result = Database::pexecute_first($result_stmt, array(
'id' => $id
));
if ((Settings::Get('system.mod_fcgid') == '1' && Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $id) || (Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.vhost_defaultini') == $id)) {
standard_error('cannotdeletehostnamephpconfig');
}
if ((Settings::Get('system.mod_fcgid') == '1'
&& Settings::Get('system.mod_fcgid_defaultini') == $id)
|| (Settings::Get('phpfpm.enabled') == '1'
&& Settings::Get('phpfpm.defaultini') == $id)
) {
if ((Settings::Get('system.mod_fcgid') == '1' && Settings::Get('system.mod_fcgid_defaultini') == $id) || (Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.defaultini') == $id)) {
standard_error('cannotdeletedefaultphpconfig');
}
if ($result['id'] != 0
&& $result['id'] == $id
&& (int)$userinfo['change_serversettings'] == 1
&& $id != 1 // cannot delete the default php.config
) {
if (isset($_POST['send'])
&& $_POST['send'] == 'send'
) {
if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['change_serversettings'] == 1 && $id != 1) // cannot delete the default php.config
{
if (isset($_POST['send']) && $_POST['send'] == 'send') {
// set php-config to default for all domains using the
// config that is to be deleted
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
`phpsettingid` = '1' WHERE `phpsettingid` = :id"
);
Database::pexecute($upd_stmt, array('id' => $id));
`phpsettingid` = '1' WHERE `phpsettingid` = :id");
Database::pexecute($upd_stmt, array(
'id' => $id
));
$del_stmt = Database::prepare("
DELETE FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"
);
Database::pexecute($del_stmt, array('id' => $id));
DELETE FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id");
Database::pexecute($del_stmt, array(
'id' => $id
));
inserttask('1');
$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with id #" . (int)$id . " has been deleted by '" . $userinfo['loginname'] . "'");
redirectTo($filename, array('page' => $page, 's' => $s));
$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with id #" . (int) $id . " has been deleted by '" . $userinfo['loginname'] . "'");
redirectTo($filename, array(
'page' => $page,
's' => $s
));
} else {
ask_yesno('phpsetting_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['description']);
ask_yesno('phpsetting_reallydelete', $filename, array(
'id' => $id,
'page' => $page,
'action' => $action
), $result['description']);
}
} else {
standard_error('nopermissionsorinvalidid');
}
}
if ($action == 'edit') {
$result_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"
);
$result = Database::pexecute_first($result_stmt, array('id' => $id));
if ($result['id'] != 0
&& $result['id'] == $id
&& (int)$userinfo['change_serversettings'] == 1
) {
if (isset($_POST['send'])
&& $_POST['send'] == 'send'
) {
SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id");
$result = Database::pexecute_first($result_stmt, array(
'id' => $id
));
if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['change_serversettings'] == 1) {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$description = validate($_POST['description'], 'description');
$phpsettings = validate(str_replace("\r\n", "\n", $_POST['phpsettings']), 'phpsettings', '/^[^\0]*$/');
if (Settings::Get('system.mod_fcgid') == 1) {
$binary = makeCorrectFile(validate($_POST['binary'], 'binary'));
$file_extensions = validate($_POST['file_extensions'], 'file_extensions', '/^[a-zA-Z0-9\s]*$/');
$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array('-1', ''));
$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array('-1', ''));
$mod_fcgid_starter = validate($_POST['mod_fcgid_starter'], 'mod_fcgid_starter', '/^[0-9]*$/', '', array(
'-1',
''
));
$mod_fcgid_maxrequests = validate($_POST['mod_fcgid_maxrequests'], 'mod_fcgid_maxrequests', '/^[0-9]*$/', '', array(
'-1',
''
));
$mod_fcgid_umask = validate($_POST['mod_fcgid_umask'], 'mod_fcgid_umask', '/^[0-9]*$/');
// disable fpm stuff
$fpm_config_id = 1;
$fpm_enableslowlog = 0;
$fpm_reqtermtimeout = 0;
$fpm_reqslowtimeout = 0;
}
elseif (Settings::Get('phpfpm.enabled') == 1) {
$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int)$_POST['phpfpm_enable_slowlog'] : 0;
$fpm_pass_authorizationheader = 0;
} elseif (Settings::Get('phpfpm.enabled') == 1) {
$fpm_config_id = intval($_POST['fpmconfig']);
$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int) $_POST['phpfpm_enable_slowlog'] : 0;
$fpm_reqtermtimeout = validate($_POST['phpfpm_reqtermtimeout'], 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/');
$fpm_reqslowtimeout = validate($_POST['phpfpm_reqslowtimeout'], 'phpfpm_reqslowtimeout', '/^([0-9]+)(|s|m|h|d)$/');
$fpm_pass_authorizationheader = isset($_POST['phpfpm_pass_authorizationheader']) ? (int) $_POST['phpfpm_pass_authorizationheader'] : 0;
// disable fcgid stuff
$binary = '/usr/bin/php-cgi';
$file_extensions = 'php';
@@ -286,13 +301,11 @@ if ($page == 'overview') {
$mod_fcgid_maxrequests = 0;
$mod_fcgid_umask = "022";
}
if (strlen($description) == 0
|| strlen($description) > 50
) {
if (strlen($description) == 0 || strlen($description) > 50) {
standard_error('descriptioninvalid');
}
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_PHPCONFIGS . "` SET
`description` = :desc,
@@ -304,39 +317,292 @@ if ($page == 'overview') {
`fpm_slowlog` = :fpmslow,
`fpm_reqterm` = :fpmreqterm,
`fpm_reqslow` = :fpmreqslow,
`phpsettings` = :phpsettings
WHERE `id` = :id"
);
`phpsettings` = :phpsettings,
`fpmsettingid` = :fpmsettingid,
`pass_authorizationheader` = :fpmpassauth
WHERE `id` = :id");
$upd_data = array(
'desc' => $description,
'binary' => $binary,
'fext' => $file_extensions,
'starter' => $mod_fcgid_starter,
'mreq' => $mod_fcgid_maxrequests,
'umask' => $mod_fcgid_umask,
'fpmslow' => $fpm_enableslowlog,
'fpmreqterm' => $fpm_reqtermtimeout,
'fpmreqslow' => $fpm_reqslowtimeout,
'phpsettings' => $phpsettings,
'id' => $id
'desc' => $description,
'binary' => $binary,
'fext' => $file_extensions,
'starter' => $mod_fcgid_starter,
'mreq' => $mod_fcgid_maxrequests,
'umask' => $mod_fcgid_umask,
'fpmslow' => $fpm_enableslowlog,
'fpmreqterm' => $fpm_reqtermtimeout,
'fpmreqslow' => $fpm_reqslowtimeout,
'phpsettings' => $phpsettings,
'fpmsettingid' => $fpm_config_id,
'fpmpassauth' => $fpm_pass_authorizationheader,
'id' => $id
);
Database::pexecute($upd_stmt, $upd_data);
inserttask('1');
$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with description '" . $description . "' has been changed by '" . $userinfo['loginname'] . "'");
redirectTo($filename, array('page' => $page, 's' => $s));
redirectTo($filename, array(
'page' => $page,
's' => $s
));
} else {
$phpconfig_edit_data = include_once dirname(__FILE__).'/lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php';
$fpmconfigs = '';
$configs = Database::query("SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` ORDER BY `description` ASC");
while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
$fpmconfigs .= makeoption($row['description'], $row['id'], $id, true, true);
}
$phpconfig_edit_data = include_once dirname(__FILE__) . '/lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php';
$phpconfig_edit_form = htmlform::genHTMLForm($phpconfig_edit_data);
$title = $phpconfig_edit_data['phpconfig_edit']['title'];
$image = $phpconfig_edit_data['phpconfig_edit']['image'];
eval("echo \"" . getTemplate("phpconfig/overview_edit") . "\";");
}
} else {
standard_error('nopermissionsorinvalidid');
}
}
} elseif ($page == 'fpmdaemons') {
if ($action == '') {
$tablecontent = '';
$count = 0;
$result = Database::query("SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` ORDER BY `description` ASC");
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$query_params = array(
'id' => $row['id']
);
$query = "SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `fpmsettingid` = :id";
$configresult_stmt = Database::prepare($query);
Database::pexecute($configresult_stmt, $query_params);
$configs = '';
if (Database::num_rows() > 0) {
while ($row2 = $configresult_stmt->fetch(PDO::FETCH_ASSOC)) {
$configs .= $row2['description'] . '<br/>';
}
}
if ($configs == '') {
$configs = $lng['admin']['phpsettings']['notused'];
}
$count ++;
eval("\$tablecontent.=\"" . getTemplate("phpconfig/fpmdaemons_overview") . "\";");
}
$log->logAction(ADM_ACTION, LOG_INFO, "fpm daemons setting overview has been viewed by '" . $userinfo['loginname'] . "'");
eval("echo \"" . getTemplate("phpconfig/fpmdaemons") . "\";");
}
if ($action == 'add') {
if ((int) $userinfo['change_serversettings'] == 1) {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$description = validate($_POST['description'], 'description');
$reload_cmd = validate($_POST['reload_cmd'], 'reload_cmd');
$config_dir = validate($_POST['config_dir'], 'config_dir');
$pm = $_POST['pm'];
$max_children = isset($_POST['max_children']) ? (int) $_POST['max_children'] : 0;
$start_servers = isset($_POST['start_servers']) ? (int) $_POST['start_servers'] : 0;
$min_spare_servers = isset($_POST['min_spare_servers']) ? (int) $_POST['min_spare_servers'] : 0;
$max_spare_servers = isset($_POST['max_spare_servers']) ? (int) $_POST['max_spare_servers'] : 0;
$max_requests = isset($_POST['max_requests']) ? (int) $_POST['max_requests'] : 0;
$idle_timeout = isset($_POST['idle_timeout']) ? (int) $_POST['idle_timeout'] : 0;
$limit_extensions = validate($_POST['limit_extensions'], 'limit_extensions', '/^(\.[a-z]([a-z0-9]+)\ ?)+$/');
if (strlen($description) == 0 || strlen($description) > 50) {
standard_error('descriptioninvalid');
}
$ins_stmt = Database::prepare("
INSERT INTO `" . TABLE_PANEL_FPMDAEMONS . "` SET
`description` = :desc,
`reload_cmd` = :reload_cmd,
`config_dir` = :config_dir,
`pm` = :pm,
`max_children` = :max_children,
`start_servers` = :start_servers,
`min_spare_servers` = :min_spare_servers,
`max_spare_servers` = :max_spare_servers,
`max_requests` = :max_requests,
`idle_timeout` = :idle_timeout,
`limit_extensions` = :limit_extensions
");
$ins_data = array(
'desc' => $description,
'reload_cmd' => $reload_cmd,
'config_dir' => makeCorrectDir($config_dir),
'pm' => $pm,
'max_children' => $max_children,
'start_servers' => $start_servers,
'min_spare_servers' => $min_spare_servers,
'max_spare_servers' => $max_spare_servers,
'max_requests' => $max_requests,
'idle_timeout' => $idle_timeout,
'limit_extensions' => $limit_extensions
);
Database::pexecute($ins_stmt, $ins_data);
inserttask('1');
$log->logAction(ADM_ACTION, LOG_INFO, "fpm-daemon setting with description '" . $description . "' has been created by '" . $userinfo['loginname'] . "'");
redirectTo($filename, array(
'page' => $page,
's' => $s
));
} else {
$pm_select = makeoption('static', 'static', 'static', true, true);
$pm_select.= makeoption('dynamic', 'dynamic', 'static', true, true);
$pm_select.= makeoption('ondemand', 'ondemand', 'static', true, true);
$fpmconfig_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/phpconfig/formfield.fpmconfig_add.php';
$fpmconfig_add_form = htmlform::genHTMLForm($fpmconfig_add_data);
$title = $fpmconfig_add_data['fpmconfig_add']['title'];
$image = $fpmconfig_add_data['fpmconfig_add']['image'];
eval("echo \"" . getTemplate("phpconfig/fpmconfig_add") . "\";");
}
} else {
standard_error('nopermissionsorinvalidid');
}
}
if ($action == 'delete') {
$result_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id");
$result = Database::pexecute_first($result_stmt, array(
'id' => $id
));
if ($id == 1) {
standard_error('cannotdeletedefaultphpconfig');
}
if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['change_serversettings'] == 1 && $id != 1) // cannot delete the default php.config
{
if (isset($_POST['send']) && $_POST['send'] == 'send') {
// set default fpm daemon config for all php-config that use this config that is to be deleted
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_PHPCONFIGS . "` SET
`phpsettingid` = '1' WHERE `phpsettingid` = :id");
Database::pexecute($upd_stmt, array(
'id' => $id
));
$del_stmt = Database::prepare("
DELETE FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id");
Database::pexecute($del_stmt, array(
'id' => $id
));
inserttask('1');
$log->logAction(ADM_ACTION, LOG_INFO, "fpm-daemon setting with id #" . (int) $id . " has been deleted by '" . $userinfo['loginname'] . "'");
redirectTo($filename, array(
'page' => $page,
's' => $s
));
} else {
ask_yesno('fpmsetting_reallydelete', $filename, array(
'id' => $id,
'page' => $page,
'action' => $action
), $result['description']);
}
} else {
standard_error('nopermissionsorinvalidid');
}
}
if ($action == 'edit') {
$result_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id");
$result = Database::pexecute_first($result_stmt, array(
'id' => $id
));
if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['change_serversettings'] == 1) {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$description = validate($_POST['description'], 'description');
$reload_cmd = validate($_POST['reload_cmd'], 'reload_cmd');
$config_dir = validate($_POST['config_dir'], 'config_dir');
$pm = $_POST['pm'];
$max_children = isset($_POST['max_children']) ? (int) $_POST['max_children'] : $result['max_children'];
$start_servers = isset($_POST['start_servers']) ? (int) $_POST['start_servers'] : $result['start_servers'];
$min_spare_servers = isset($_POST['min_spare_servers']) ? (int) $_POST['min_spare_servers'] : $result['min_spare_servers'];
$max_spare_servers = isset($_POST['max_spare_servers']) ? (int) $_POST['max_spare_servers'] : $result['max_spare_servers'];
$max_requests = isset($_POST['max_requests']) ? (int) $_POST['max_requests'] : $result['max_requests'];
$idle_timeout = isset($_POST['idle_timeout']) ? (int) $_POST['idle_timeout'] : $result['idle_timeout'];
$limit_extensions = validate($_POST['limit_extensions'], 'limit_extensions', '/^(\.[a-z]([a-z0-9]+)\ ?)+$/');
if (strlen($description) == 0 || strlen($description) > 50) {
standard_error('descriptioninvalid');
}
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_FPMDAEMONS . "` SET
`description` = :desc,
`reload_cmd` = :reload_cmd,
`config_dir` = :config_dir,
`pm` = :pm,
`max_children` = :max_children,
`start_servers` = :start_servers,
`min_spare_servers` = :min_spare_servers,
`max_spare_servers` = :max_spare_servers,
`max_requests` = :max_requests,
`idle_timeout` = :idle_timeout,
`limit_extensions` = :limit_extensions
WHERE `id` = :id
");
$upd_data = array(
'desc' => $description,
'reload_cmd' => $reload_cmd,
'config_dir' => makeCorrectDir($config_dir),
'pm' => $pm,
'max_children' => $max_children,
'start_servers' => $start_servers,
'min_spare_servers' => $min_spare_servers,
'max_spare_servers' => $max_spare_servers,
'max_requests' => $max_requests,
'idle_timeout' => $idle_timeout,
'limit_extensions' => $limit_extensions,
'id' => $id
);
Database::pexecute($upd_stmt, $upd_data);
inserttask('1');
$log->logAction(ADM_ACTION, LOG_INFO, "fpm-daemon setting with description '" . $description . "' has been changed by '" . $userinfo['loginname'] . "'");
redirectTo($filename, array(
'page' => $page,
's' => $s
));
} else {
$pm_select = makeoption('static', 'static', $result['pm'], true, true);
$pm_select.= makeoption('dynamic', 'dynamic', $result['pm'], true, true);
$pm_select.= makeoption('ondemand', 'ondemand', $result['pm'], true, true);
$fpmconfig_edit_data = include_once dirname(__FILE__) . '/lib/formfields/admin/phpconfig/formfield.fpmconfig_edit.php';
$fpmconfig_edit_form = htmlform::genHTMLForm($fpmconfig_edit_data);
$title = $fpmconfig_edit_data['fpmconfig_edit']['title'];
$image = $fpmconfig_edit_data['fpmconfig_edit']['image'];
eval("echo \"" . getTemplate("phpconfig/fpmconfig_edit") . "\";");
}
} else {
standard_error('nopermissionsorinvalidid');
}

37
admin_settings.php
View File

@@ -290,6 +290,43 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
}
eval("echo \"" . getTemplate("settings/integritycheck") . "\";");
}
elseif ($page == 'importexport' && $userinfo['change_serversettings'] == '1')
{
// check for json-stuff
if (! extension_loaded('json')) {
standard_error('jsonextensionnotfound');
}
if (isset($_GET['action']) && $_GET['action'] == "export") {
// export
try {
$json_export = SImExporter::export();
} catch(Exception $e) {
dynamic_error($e->getMessage());
}
header('Content-disposition: attachment; filename=Froxlor_settings-'.$version.'-'.$dbversion.'_'.date('d.m.Y').'.json');
header('Content-type: application/json');
echo $json_export;
exit;
} elseif (isset($_GET['action']) && $_GET['action'] == "import") {
// import
if (isset($_POST['send']) && $_POST['send'] == 'send') {
// get uploaded file
if (isset($_FILES["import_file"]["tmp_name"])) {
$imp_content = file_get_contents($_FILES["import_file"]["tmp_name"]);
try {
SImExporter::import($imp_content);
} catch(Exception $e) {
dynamic_error($e->getMessage());
}
standard_success('settingsimported', '', array('filename' => 'admin_settings.php'));
}
dynamic_error("Upload failed");
}
} else {
eval("echo \"" . getTemplate("settings/importexport/index") . "\";");
}
}
elseif ($page == 'testmail')
{
if (isset($_POST['send']) && $_POST['send'] == 'send')

67
customer_domains.php
View File

@@ -405,6 +405,10 @@ if ($page == 'overview') {
// assign default config
$phpsid_result['phpsettingid'] = 1;
}
// check whether the customer has chosen its own php-config
if (isset($_POST['phpsettingid']) && intval($_POST['phpsettingid']) != $phpsid_result['phpsettingid']) {
$phpsid_result['phpsettingid'] = intval($_POST['phpsettingid']);
}
$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_DOMAINS . "` SET
`customerid` = :customerid,
@@ -534,6 +538,27 @@ if ($page == 'overview') {
$openbasedir = makeoption($lng['domain']['docroot'], 0, NULL, true) . makeoption($lng['domain']['homedir'], 1, NULL, true);
$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);
$phpconfigs = '';
$has_phpconfigs = false;
if (isset($userinfo['allowed_phpconfigs']) && !empty($userinfo['allowed_phpconfigs']))
{
$has_phpconfigs = true;
$allowed_cfg = json_decode($userinfo['allowed_phpconfigs'], JSON_OBJECT_AS_ARRAY);
$phpconfigs_result_stmt = Database::query("
SELECT c.*, fc.description as interpreter
FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
WHERE c.id IN (".implode(", ", $allowed_cfg).")
");
while ($phpconfigs_row = $phpconfigs_result_stmt->fetch(PDO::FETCH_ASSOC)) {
if ((int) Settings::Get('phpfpm.enabled') == 1) {
$phpconfigs .= makeoption($phpconfigs_row['description'] . " [".$phpconfigs_row['interpreter']."]", $phpconfigs_row['id'], Settings::Get('phpfpm.defaultini'), true, true);
} else {
$phpconfigs .= makeoption($phpconfigs_row['description'], $phpconfigs_row['id'], Settings::Get('system.mod_fcgid_defaultini'), true, true);
}
}
}
$subdomain_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/domains/formfield.domains_add.php';
$subdomain_add_form = htmlform::genHTMLForm($subdomain_add_data);
@@ -624,6 +649,13 @@ if ($page == 'overview') {
$openbasedir_path = '0';
}
// check whether the customer has chosen its own php-config
if (isset($_POST['phpsettingid'])) {
$phpsettingid = intval($_POST['phpsettingid']);
} else {
$phpsettingid = $result['phpsettingid'];
}
if (isset($_POST['ssl_redirect']) && $_POST['ssl_redirect'] == '1') {
// a ssl-redirect only works if there actually is a
// ssl ip/port assigned to the domain
@@ -649,10 +681,15 @@ if ($page == 'overview') {
$letsencrypt = '0';
}
// We can't enable let's encrypt for wildcard - domains
if ($iswildcarddomain == '1' && $letsencrypt == '1') {
// We can't enable let's encrypt for wildcard - domains when using acme-v1
if ($iswildcarddomain == '1' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '1') {
standard_error('nowildcardwithletsencrypt');
}
// if using acme-v2 we cannot issue wildcard-certificates
// because they currently only support the dns-01 challenge
if ($iswildcarddomain == '0' && $letsencrypt == '1' && Settings::Get('system.leapiversion') == '2') {
standard_error('nowildcardwithletsencryptv2');
}
// Temporarily deactivate ssl_redirect until Let's Encrypt certificate was generated
if ($ssl_redirect > 0 && $letsencrypt == 1 && $result['letsencrypt'] != $letsencrypt) {
@@ -692,6 +729,7 @@ if ($page == 'overview') {
|| $hsts_maxage != $result['hsts']
|| $hsts_sub != $result['hsts_sub']
|| $hsts_preload != $result['hsts_preload']
|| $phpsettingid != $result['phpsettingid']
) {
$log->logAction(USR_ACTION, LOG_INFO, "edited domain '" . $idna_convert->decode($result['domain']) . "'");
@@ -706,7 +744,8 @@ if ($page == 'overview') {
`letsencrypt`= :letsencrypt,
`hsts` = :hsts,
`hsts_sub` = :hsts_sub,
`hsts_preload` = :hsts_preload
`hsts_preload` = :hsts_preload,
`phpsettingid` = :phpsettingid
WHERE `customerid`= :customerid
AND `id`= :id"
);
@@ -722,6 +761,7 @@ if ($page == 'overview') {
"hsts" => $hsts_maxage,
"hsts_sub" => $hsts_sub,
"hsts_preload" => $hsts_preload,
"phpsettingid" => $phpsettingid,
"customerid" => $userinfo['customerid'],
"id" => $id
);
@@ -846,6 +886,27 @@ if ($page == 'overview') {
$result_ipandport['ip'] .= $rowip['ip'] . "<br />";
}
$phpconfigs = '';
$has_phpconfigs = false;
if (isset($userinfo['allowed_phpconfigs']) && !empty($userinfo['allowed_phpconfigs']))
{
$has_phpconfigs = true;
$allowed_cfg = json_decode($userinfo['allowed_phpconfigs'], JSON_OBJECT_AS_ARRAY);
$phpconfigs_result_stmt = Database::query("
SELECT c.*, fc.description as interpreter
FROM `" . TABLE_PANEL_PHPCONFIGS . "` c
LEFT JOIN `" . TABLE_PANEL_FPMDAEMONS . "` fc ON fc.id = c.fpmsettingid
WHERE c.id IN (".implode(", ", $allowed_cfg).")
");
while ($phpconfigs_row = $phpconfigs_result_stmt->fetch(PDO::FETCH_ASSOC)) {
if ((int) Settings::Get('phpfpm.enabled') == 1) {
$phpconfigs .= makeoption($phpconfigs_row['description'] . " [".$phpconfigs_row['interpreter']."]", $phpconfigs_row['id'], $result['phpsettingid'], true, true);
} else {
$phpconfigs .= makeoption($phpconfigs_row['description'], $phpconfigs_row['id'], $result['phpsettingid'], true, true);
}
}
}
$domainip = $result_ipandport['ip'];
$result = htmlentities_array($result);

4
customer_tickets.php
View File

@@ -20,10 +20,6 @@
define('AREA', 'customer');
require './lib/init.php';
// redirect if this customer page is hidden via settings
if (Settings::IsInList('panel.customer_hide_options','domains')) {
redirectTo('customer_index.php');
}
if (isset($_POST['id'])) {

140
install/froxlor.sql
View File

@@ -66,7 +66,7 @@ CREATE TABLE `mail_virtual` (
`id` int(11) NOT NULL auto_increment,
`email` varchar(255) NOT NULL default '',
`email_full` varchar(255) NOT NULL default '',
`destination` text NOT NULL default '',
`destination` text,
`domainid` int(11) NOT NULL default '0',
`customerid` int(11) NOT NULL default '0',
`popaccountid` int(11) NOT NULL default '0',
@@ -198,6 +198,7 @@ CREATE TABLE `panel_customers` (
`lepublickey` mediumtext default NULL,
`leprivatekey` mediumtext default NULL,
`leregistered` tinyint(1) NOT NULL default '0',
`allowed_phpconfigs` varchar(500) NOT NULL default '',
PRIMARY KEY (`customerid`),
UNIQUE KEY `loginname` (`loginname`)
) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -413,6 +414,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
('phpfpm', 'max_requests', '0'),
('phpfpm', 'tmpdir', '/var/customers/tmp/'),
('phpfpm', 'peardir', '/usr/share/php/:/usr/share/php5/'),
('phpfpm', 'envpath', '/usr/local/bin:/usr/bin:/bin'),
('phpfpm', 'enabled_ownvhost', '0'),
('phpfpm', 'vhost_httpuser', 'froxlorlocal'),
('phpfpm', 'vhost_httpgroup', 'froxlorlocal'),
@@ -422,6 +424,102 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
('phpfpm', 'vhost_defaultini', '2'),
('phpfpm', 'fastcgi_ipcdir', '/var/lib/apache2/fastcgi/'),
('phpfpm', 'use_mod_proxy', '0'),
('phpfpm', 'ini_flags', 'asp_tags
display_errors
display_startup_errors
html_errors
log_errors
magic_quotes_gpc
magic_quotes_runtime
magic_quotes_sybase
mail.add_x_header
session.cookie_secure
session.use_cookies
short_open_tag
track_errors
xmlrpc_errors
suhosin.simulation
suhosin.session.encrypt
suhosin.session.cryptua
suhosin.session.cryptdocroot
suhosin.cookie.encrypt
suhosin.cookie.cryptua
suhosin.cookie.cryptdocroot
suhosin.executor.disable_eval
mbstring.func_overload'),
('phpfpm', 'ini_values', 'auto_append_file
auto_prepend_file
date.timezone
default_charset
error_reporting
include_path
log_errors_max_len
mail.log
max_execution_time
session.cookie_domain
session.cookie_lifetime
session.cookie_path
session.name
session.serialize_handler
upload_max_filesize
xmlrpc_error_number
session.auto_start
always_populate_raw_post_data
suhosin.session.cryptkey
suhosin.session.cryptraddr
suhosin.session.checkraddr
suhosin.cookie.cryptkey
suhosin.cookie.plainlist
suhosin.cookie.cryptraddr
suhosin.cookie.checkraddr
suhosin.executor.func.blacklist
suhosin.executor.eval.whitelist'),
('phpfpm', 'ini_admin_flags', 'allow_call_time_pass_reference
allow_url_fopen
allow_url_include
auto_detect_line_endings
cgi.fix_pathinfo
cgi.force_redirect
enable_dl
expose_php
file_uploads
ignore_repeated_errors
ignore_repeated_source
log_errors
register_argc_argv
report_memleaks
opcache.enable
opcache.consistency_checks
opcache.dups_fix
opcache.load_comments
opcache.revalidate_path
opcache.save_comments
opcache.use_cwd
opcache.validate_timestamps
opcache.fast_shutdown'),
('phpfpm', 'ini_admin_values', 'cgi.redirect_status_env
date.timezone
disable_classes
disable_functions
error_log
gpc_order
max_input_time
max_input_vars
memory_limit
open_basedir
output_buffering
post_max_size
precision
sendmail_path
session.gc_divisor
session.gc_probability
variables_order
opcache.log_verbosity_level
opcache.restrict_api
opcache.revalidate_freq
opcache.max_accelerated_files
opcache.memory_consumption
opcache.interned_strings_buffer'),
('nginx', 'fastcgiparams', '/etc/nginx/fastcgi_params'),
('system', 'lastaccountnumber', '0'),
('system', 'lastguid', '9999'),
@@ -504,7 +602,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
('system', 'http2_support', '0'),
('system', 'perl_server', 'unix:/var/run/nginx/cgiwrap-dispatch.sock'),
('system', 'phpreload_command', ''),
('system', 'apache24', '0'),
('system', 'apache24', '1'),
('system', 'apache24_ocsp_cache_path', 'shmcb:/var/run/apache2/ocsp-stapling.cache(131072)'),
('system', 'documentroot_use_default_value', '0'),
('system', 'passwordcryptfunc', '3'),
@@ -533,6 +631,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
('system', 'letsencryptkeysize', '4096'),
('system', 'letsencryptreuseold', 0),
('system', 'leenabled', '0'),
('system', 'leapiversion', '1'),
('system', 'backupenabled', '0'),
('system', 'dnsenabled', '0'),
('system', 'dns_server', 'bind'),
@@ -555,6 +654,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
('system', 'leregistered', '0'),
('system', 'nssextrausers', '0'),
('system', 'disable_le_selfcheck', '0'),
('system', 'ssl_protocols', 'TLSv1,TLSv1.2'),
('panel', 'decimal_places', '4'),
('panel', 'adminmail', 'admin@SERVERNAME'),
('panel', 'phpmyadmin_url', ''),
@@ -586,8 +686,8 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
('panel', 'password_special_char_required', '0'),
('panel', 'password_special_char', '!?<>§$%+#=@'),
('panel', 'customer_hide_options', ''),
('panel', 'version', '0.9.38.8'),
('panel', 'db_version', '201712310');
('panel', 'version', '0.9.39'),
('panel', 'db_version', '201801260');
DROP TABLE IF EXISTS `panel_tasks`;
@@ -753,6 +853,33 @@ CREATE TABLE IF NOT EXISTS `panel_syslog` (
) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
DROP TABLE IF EXISTS `panel_fpmdaemons`;
CREATE TABLE `panel_fpmdaemons` (
`id` int(11) unsigned NOT NULL auto_increment,
`description` varchar(50) NOT NULL,
`reload_cmd` varchar(255) NOT NULL,
`config_dir` varchar(255) NOT NULL,
`pm` varchar(15) NOT NULL DEFAULT 'static',
`max_children` int(4) NOT NULL DEFAULT '1',
`start_servers` int(4) NOT NULL DEFAULT '20',
`min_spare_servers` int(4) NOT NULL DEFAULT '5',
`max_spare_servers` int(4) NOT NULL DEFAULT '35',
`max_requests` int(4) NOT NULL DEFAULT '0',
`idle_timeout` int(4) NOT NULL DEFAULT '30',
`limit_extensions` varchar(255) NOT NULL default '.php',
PRIMARY KEY (`id`),
UNIQUE KEY `reload` (`reload_cmd`),
UNIQUE KEY `config` (`config_dir`)
) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
INSERT INTO `panel_fpmdaemons` (`id`, `description`, `reload_cmd`, `config_dir`) VALUES
(1, 'System default', 'service php7.0-fpm restart', '/etc/php/7.0/fpm/pool.d/');
DROP TABLE IF EXISTS `panel_phpconfigs`;
CREATE TABLE `panel_phpconfigs` (
`id` int(11) unsigned NOT NULL auto_increment,
@@ -766,7 +893,10 @@ CREATE TABLE `panel_phpconfigs` (
`fpm_reqterm` varchar(15) NOT NULL default '60s',
`fpm_reqslow` varchar(15) NOT NULL default '5s',
`phpsettings` text NOT NULL,
PRIMARY KEY (`id`)
`fpmsettingid` int(11) NOT NULL DEFAULT '1',
`pass_authorizationheader` tinyint(1) NOT NULL default '0',
PRIMARY KEY (`id`),
KEY `fpmsettingid` (`fpmsettingid`)
) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;

307
install/lib/class.FroxlorInstall.php
View File

@@ -28,7 +28,7 @@
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Install
*
*
*/
class FroxlorInstall
{
@@ -74,10 +74,17 @@ class FroxlorInstall
/**
* currently used language
*
* @var unknown
* @var string
*/
private $_activelng = 'english';
/**
* check whether to abort due to errors
*
* @var bool
*/
private $_abort = false;
/**
* Class constructor
*/
@@ -154,7 +161,7 @@ class FroxlorInstall
$this->_guessServerName();
$this->_guessServerIP();
$this->_guessWebserver();
$this->_getPostField('mysql_host', '127.0.0.1');
$this->_getPostField('mysql_database', 'froxlor');
$this->_getPostField('mysql_unpriv_user', 'froxlor');
@@ -169,22 +176,22 @@ class FroxlorInstall
$this->_getPostField('httpuser', $posixusername['name']);
$posixgroup = posix_getgrgid(posix_getgid());
$this->_getPostField('httpgroup', $posixgroup['name']);
if ($this->_data['mysql_host'] == 'localhost' || $this->_data['mysql_host'] == '127.0.0.1') {
$this->_data['mysql_access_host'] = $this->_data['mysql_host'];
} else {
$this->_data['mysql_access_host'] = $this->_data['serverip'];
}
// check system-hostname to be a FQDN
if ($this->_validate_ip($this->_data['servername']) !== false) {
$this->_data['servername'] = '';
}
if (empty($this->_data['serverip']) || $this->_validate_ip($this->_data['serverip']) == false) {
return false;
}
if (isset($_POST['installstep']) && $_POST['installstep'] == '1' && $this->_data['admin_pass1'] == $this->_data['admin_pass2'] && $this->_data['admin_pass1'] != '' && $this->_data['admin_pass2'] != '' && $this->_data['mysql_unpriv_pass'] != '' && $this->_data['mysql_root_pass'] != '' && $this->_data['servername'] != '' && $this->_data['serverip'] != '' && $this->_data['httpuser'] != '' && $this->_data['httpgroup'] != '' && $this->_data['mysql_unpriv_user'] != $this->_data['mysql_root_user']) {
return true;
}
@@ -199,10 +206,10 @@ class FroxlorInstall
private function _doInstall()
{
$content = "<table class=\"noborder\">";
// check for mysql-root-connection
$content .= $this->_status_message('begin', $this->_lng['install']['testing_mysql']);
$options = array(
'PDO::MYSQL_ATTR_INIT_COMMAND' => 'SET names utf8,sql_mode="NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"'
);
@@ -227,9 +234,9 @@ class FroxlorInstall
$fatal_fail = true;
}
}
if (! $fatal_fail) {
// ok, if we are here, the database connection is up and running
$content .= $this->_status_message('green', "OK");
// check for existing db and create backup if so
@@ -238,36 +245,37 @@ class FroxlorInstall
$content .= $this->_createDatabaseAndUser($db_root);
// importing data to new database
$content .= $this->_importDatabaseData();
// create DB object for new database
$options = array(
'PDO::MYSQL_ATTR_INIT_COMMAND' => 'SET names utf8,sql_mode="NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"'
);
$dsn = "mysql:host=" . $this->_data['mysql_host'] . ";dbname=" . $this->_data['mysql_database'] . ";";
$another_fail = false;
try {
$db = new PDO($dsn, $this->_data['mysql_unpriv_user'], $this->_data['mysql_unpriv_pass'], $options);
} catch (PDOException $e) {
// dafuq? this should have happened in _importDatabaseData()
$content .= $this->_status_message('red', $e->getMessage());
$another_fail = true;
}
;
if (! $this->_abort) {
// create DB object for new database
$options = array(
'PDO::MYSQL_ATTR_INIT_COMMAND' => 'SET names utf8,sql_mode="NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"'
);
$dsn = "mysql:host=" . $this->_data['mysql_host'] . ";dbname=" . $this->_data['mysql_database'] . ";";
$another_fail = false;
try {
$db = new PDO($dsn, $this->_data['mysql_unpriv_user'], $this->_data['mysql_unpriv_pass'], $options);
} catch (PDOException $e) {
// dafuq? this should have happened in _importDatabaseData()
$content .= $this->_status_message('red', $e->getMessage());
$another_fail = true;
}
if (! $another_fail) {
// change settings accordingly
$content .= $this->_doSettings($db);
// create entries
$content .= $this->_doDataEntries($db);
$db = null;
// create config-file
$content .= $this->_createUserdataConf();
if (! $another_fail) {
// change settings accordingly
$content .= $this->_doSettings($db);
// create entries
$content .= $this->_doDataEntries($db);
$db = null;
// create config-file
$content .= $this->_createUserdataConf();
}
}
}
$content .= "</table>";
// check if we have unrecoverable errors
if ($fatal_fail || $another_fail) {
if ($fatal_fail || $another_fail || $this->_abort) {
// D'oh
$navigation = '';
$msgcolor = 'red';
@@ -282,9 +290,9 @@ class FroxlorInstall
$link = '../index.php';
$linktext = $this->_lng['click_here_to_login'];
}
eval("\$navigation .= \"" . $this->_getTemplate("pagebottom") . "\";");
return array(
'pagecontent' => $content,
'pagenavigation' => $navigation
@@ -297,7 +305,7 @@ class FroxlorInstall
private function _createUserdataConf()
{
$content = "";
$content .= $this->_status_message('begin', $this->_lng['install']['creating_configfile']);
$userdata = "<?php\n";
$userdata .= "// automatically generated userdata.inc.php for Froxlor\n";
@@ -312,7 +320,7 @@ class FroxlorInstall
$userdata .= "// enable debugging to browser in case of SQL errors\n";
$userdata .= "\$sql['debug'] = false;\n";
$userdata .= "?>";
// test if we can store the userdata.inc.php in ../lib
if ($fp = @fopen(dirname(dirname(dirname(__FILE__))) . '/lib/userdata.inc.php', 'w')) {
$result = @fputs($fp, $userdata, strlen($userdata));
@@ -329,7 +337,7 @@ class FroxlorInstall
$escpduserdata = nl2br(htmlspecialchars($userdata));
eval("\$content .= \"" . $this->_getTemplate("textarea") . "\";");
}
return $content;
}
@@ -343,9 +351,9 @@ class FroxlorInstall
private function _doDataEntries(&$db)
{
$content = "";
$content .= $this->_status_message('begin', $this->_lng['install']['creating_entries']);
// and lets insert the default ip and port
$stmt = $db->prepare("
INSERT INTO `" . TABLE_PANEL_IPSANDPORTS . "` SET
@@ -359,7 +367,7 @@ class FroxlorInstall
'serverip' => $this->_data['serverip']
));
$defaultip = $db->lastInsertId();
// insert the defaultip
$upd_stmt = $db->prepare("
UPDATE `" . TABLE_PANEL_SETTINGS . "` SET
@@ -369,9 +377,9 @@ class FroxlorInstall
$upd_stmt->execute(array(
'defaultip' => $defaultip
));
$content .= $this->_status_message('green', 'OK');
// last but not least create the main admin
$content .= $this->_status_message('begin', $this->_lng['install']['adding_admin_user']);
$ins_data = array(
@@ -406,11 +414,11 @@ class FroxlorInstall
`subdomains` = -1,
`traffic` = -1048576
");
$ins_stmt->execute($ins_data);
$content .= $this->_status_message('green', 'OK');
return $content;
}
@@ -441,14 +449,14 @@ class FroxlorInstall
private function _doSettings(&$db)
{
$content = "";
$content .= $this->_status_message('begin', $this->_lng['install']['changing_data']);
$upd_stmt = $db->prepare("
UPDATE `" . TABLE_PANEL_SETTINGS . "` SET
`value` = :value
WHERE `settinggroup` = :group AND `varname` = :varname
");
$this->_updateSetting($upd_stmt, 'admin@' . $this->_data['servername'], 'panel', 'adminmail');
$this->_updateSetting($upd_stmt, $this->_data['serverip'], 'system', 'ipaddress');
$this->_updateSetting($upd_stmt, $this->_data['servername'], 'system', 'hostname');
@@ -457,7 +465,7 @@ class FroxlorInstall
$this->_updateSetting($upd_stmt, $this->_data['webserver'], 'system', 'webserver');
$this->_updateSetting($upd_stmt, $this->_data['httpuser'], 'system', 'httpuser');
$this->_updateSetting($upd_stmt, $this->_data['httpgroup'], 'system', 'httpgroup');
// necessary changes for webservers != apache2
if ($this->_data['webserver'] == "apache24") {
$this->_updateSetting($upd_stmt, 'apache2', 'system', 'webserver');
@@ -477,25 +485,25 @@ class FroxlorInstall
$this->_updateSetting($upd_stmt, '/etc/nginx/nginx.pem', 'system', 'ssl_cert_file');
$this->_updateSetting($upd_stmt, '/var/run/', 'phpfpm', 'fastcgi_ipcdir');
}
$this->_updateSetting($upd_stmt, $this->_data['activate_newsfeed'], 'admin', 'show_news_feed');
$this->_updateSetting($upd_stmt, dirname(dirname(dirname(__FILE__))), 'system', 'letsencryptchallengepath');
// insert the lastcronrun to be the installation date
$this->_updateSetting($upd_stmt, time(), 'system', 'lastcronrun');
// set specific times for some crons (traffic only at night, etc.)
$ts = mktime(0, 0, 0, date('m', time()), date('d', time()), date('Y', time()));
$db->query("UPDATE `" . TABLE_PANEL_CRONRUNS . "` SET `lastrun` = '" . $ts . "' WHERE `cronfile` ='cron_traffic.php';");
$ts = mktime(1, 0, 0, date('m', time()), date('d', time()), date('Y', time()));
$db->query("UPDATE `" . TABLE_PANEL_CRONRUNS . "` SET `lastrun` = '" . $ts . "' WHERE `cronfile` ='cron_used_tickets_reset.php';");
$db->query("UPDATE `" . TABLE_PANEL_CRONRUNS . "` SET `lastrun` = '" . $ts . "' WHERE `cronfile` ='cron_ticketarchive.php';");
// insert task 99 to generate a correct cron.d-file automatically
$db->query("INSERT INTO `" . TABLE_PANEL_TASKS . "` SET `type` = '99';");
$content .= $this->_status_message('green', 'OK');
return $content;
}
@@ -517,16 +525,22 @@ class FroxlorInstall
$fatal_fail = false;
try {
$db = new PDO($dsn, $this->_data['mysql_unpriv_user'], $this->_data['mysql_unpriv_pass'], $options);
$attributes = array(
'ATTR_ERRMODE' => 'ERRMODE_EXCEPTION'
);
// set attributes
foreach ($attributes as $k => $v) {
$db->setAttribute(constant("PDO::" . $k), constant("PDO::" . $v));
}
} catch (PDOException $e) {
$content .= $this->_status_message('red', $e->getMessage());
$fatal_fail = true;
}
;
if (! $fatal_fail) {
$content .= $this->_status_message('green', 'OK');
$content .= $this->_status_message('begin', $this->_lng['install']['importing_data']);
$db_schema = dirname(dirname(__FILE__)) . '/froxlor.sql';
$sql_query = @file_get_contents($db_schema);
@@ -534,14 +548,23 @@ class FroxlorInstall
$sql_query = $this->_split_sql_file($sql_query, ';');
for ($i = 0; $i < sizeof($sql_query); $i ++) {
if (trim($sql_query[$i]) != '') {
$result = $db->query($sql_query[$i]);
try {
$result = $db->query($sql_query[$i]);
} catch (\PDOException $e) {
$content .= $this->_status_message('red', $e->getMessage());
$fatal_fail = true;
$this->_abort = true;
break;
}
}
}
if (! $fatal_fail) {
$content .= $this->_status_message('green', 'OK');
}
$db = null;
$content .= $this->_status_message('green', 'OK');
}
return $content;
}
@@ -555,56 +578,56 @@ class FroxlorInstall
private function _createDatabaseAndUser(&$db_root)
{
$content = "";
// so first we have to delete the database and
// the user given for the unpriv-user if they exit
$content .= $this->_status_message('begin', $this->_lng['install']['prepare_db']);
$del_stmt = $db_root->prepare("DELETE FROM `mysql`.`user` WHERE `User` = :user AND `Host` = :accesshost");
$del_stmt->execute(array(
'user' => $this->_data['mysql_unpriv_user'],
'accesshost' => $this->_data['mysql_access_host']
));
$del_stmt = $db_root->prepare("DELETE FROM `mysql`.`db` WHERE `User` = :user AND `Host` = :accesshost");
$del_stmt->execute(array(
'user' => $this->_data['mysql_unpriv_user'],
'accesshost' => $this->_data['mysql_access_host']
));
$del_stmt = $db_root->prepare("DELETE FROM `mysql`.`tables_priv` WHERE `User` = :user AND `Host` =:accesshost");
$del_stmt->execute(array(
'user' => $this->_data['mysql_unpriv_user'],
'accesshost' => $this->_data['mysql_access_host']
));
$del_stmt = $db_root->prepare("DELETE FROM `mysql`.`columns_priv` WHERE `User` = :user AND `Host` = :accesshost");
$del_stmt->execute(array(
'user' => $this->_data['mysql_unpriv_user'],
'accesshost' => $this->_data['mysql_access_host']
));
$del_stmt = $db_root->prepare("DROP DATABASE IF EXISTS `" . str_replace('`', '', $this->_data['mysql_database']) . "`;");
$del_stmt->execute();
$db_root->query("FLUSH PRIVILEGES;");
$content .= $this->_status_message('green', 'OK');
// we have to create a new user and database for the froxlor unprivileged mysql access
$content .= $this->_status_message('begin', $this->_lng['install']['create_mysqluser_and_db']);
$ins_stmt = $db_root->prepare("CREATE DATABASE `" . str_replace('`', '', $this->_data['mysql_database']) . "` CHARACTER SET=utf8 COLLATE=utf8_general_ci");
$ins_stmt->execute();
$mysql_access_host_array = array_map('trim', explode(',', $this->_data['mysql_access_host']));
if (in_array('127.0.0.1', $mysql_access_host_array) && ! in_array('localhost', $mysql_access_host_array)) {
$mysql_access_host_array[] = 'localhost';
}
if (! in_array('127.0.0.1', $mysql_access_host_array) && in_array('localhost', $mysql_access_host_array)) {
$mysql_access_host_array[] = '127.0.0.1';
}
$mysql_access_host_array[] = $this->_data['serverip'];
foreach ($mysql_access_host_array as $mysql_access_host) {
$_db = str_replace('`', '', $this->_data['mysql_database']);
@@ -623,11 +646,11 @@ class FroxlorInstall
"password" => $this->_data['mysql_unpriv_pass']
));
}
$db_root->query("FLUSH PRIVILEGES;");
$this->_data['mysql_access_host'] = implode(',', $mysql_access_host_array);
$content .= $this->_status_message('green', 'OK');
return $content;
}
@@ -641,7 +664,7 @@ class FroxlorInstall
private function _backupExistingDatabase(&$db_root)
{
$content = "";
// check for existing of former database
$tables_exist = false;
$sql = "SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME = :database";
@@ -650,19 +673,19 @@ class FroxlorInstall
'database' => $this->_data['mysql_database']
));
$rows = $db_root->query("SELECT FOUND_ROWS()")->fetchColumn();
// check result
if ($result_stmt !== false && $rows > 0) {
$tables_exist = true;
}
if ($tables_exist) {
// tell whats going on
$content .= $this->_status_message('begin', $this->_lng['install']['backup_old_db']);
// create temporary backup-filename
$filename = "/tmp/froxlor_backup_" . date('YmdHi') . ".sql";
// look for mysqldump
$do_backup = false;
if (file_exists("/usr/bin/mysqldump")) {
@@ -672,7 +695,7 @@ class FroxlorInstall
$do_backup = true;
$mysql_dump = '/usr/local/bin/mysqldump';
}
if ($do_backup) {
$command = $mysql_dump . " " . $this->_data['mysql_database'] . " -u " . $this->_data['mysql_root_user'] . " --password='" . $this->_data['mysql_root_pass'] . "' --result-file=" . $filename;
$output = exec($command);
@@ -685,7 +708,7 @@ class FroxlorInstall
$content .= $this->_status_message('red', $this->_lng['install']['backup_binary_missing']);
}
}
return $content;
}
@@ -707,7 +730,7 @@ class FroxlorInstall
}
// get language-form-template
eval("\$content .= \"" . $this->_getTemplate("lngform") . "\";");
// form-data
$formdata = "";
/**
@@ -747,7 +770,7 @@ class FroxlorInstall
$style = '';
}
$formdata .= $this->_getSectionItemString('mysql_root_pass', true, $style, 'password');
/**
* admin data
*/
@@ -771,7 +794,7 @@ class FroxlorInstall
$formdata .= $this->_getSectionItemString('admin_pass2', true, $style, 'password');
// activate newsfeed?
$formdata .= $this->_getSectionItemYesNo('activate_newsfeed', true);
/**
* Server data
*/
@@ -818,11 +841,11 @@ class FroxlorInstall
$style = '';
}
$formdata .= $this->_getSectionItemString('httpgroup', true, $style);
// get data-form-template
$language = htmlspecialchars($this->_activelng);
eval("\$content .= \"" . $this->_getTemplate("dataform2") . "\";");
$navigation = '';
return array(
'pagecontent' => $content,
@@ -839,7 +862,7 @@ class FroxlorInstall
* optional css
* @param string $type
* optional type of input-box (default: text)
*
*
* @return string
*/
private function _getSectionItemString($fieldname = null, $required = false, $style = "", $type = 'text')
@@ -899,26 +922,26 @@ class FroxlorInstall
*/
private function _requirementCheck()
{
// indicator whether we need to abort or not
$_die = false;
$content = "<table class=\"noborder\">";
// check for correct php version
$content .= $this->_status_message('begin', $this->_lng['requirements']['phpversion']);
if (version_compare("5.3.0", PHP_VERSION, ">=")) {
$content .= $this->_status_message('red', $this->_lng['requirements']['notfound'] . ' (' . PHP_VERSION . ')');
$_die = true;
} else {
if (version_compare("5.6.0", PHP_VERSION, ">=")) {
$content .= $this->_status_message('orange', $this->_lng['requirements']['newerphpprefered'] . ' (' .PHP_VERSION . ')');
$content .= $this->_status_message('orange', $this->_lng['requirements']['newerphpprefered'] . ' (' . PHP_VERSION . ')');
} else {
$content .= $this->_status_message('green', PHP_VERSION);
}
}
// Check if magic_quotes_runtime is active | get_magic_quotes_runtime() is always FALSE since 5.4
if (version_compare(PHP_VERSION, "5.4.0", "<")) {
$content .= $this->_status_message('begin', $this->_lng['requirements']['phpmagic_quotes_runtime']);
@@ -930,85 +953,94 @@ class FroxlorInstall
$content .= $this->_status_message('green', 'off');
}
}
// check for php_pdo and pdo_mysql
$content .= $this->_status_message('begin', $this->_lng['requirements']['phppdo']);
if (! extension_loaded('pdo') || in_array("mysql", PDO::getAvailableDrivers()) == false) {
$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
$_die = true;
} else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
}
// check for xml-extension
$content .= $this->_status_message('begin', $this->_lng['requirements']['phpxml']);
if (! extension_loaded('xml')) {
$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
$_die = true;
} else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
}
// check for filter-extension
$content .= $this->_status_message('begin', $this->_lng['requirements']['phpfilter']);
if (! extension_loaded('filter')) {
$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
$_die = true;
} else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
}
// check for posix-extension
$content .= $this->_status_message('begin', $this->_lng['requirements']['phpposix']);
if (! extension_loaded('posix')) {
$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
$_die = true;
} else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
}
// check for bstring-extension
$content .= $this->_status_message('begin', $this->_lng['requirements']['phpmbstring']);
if (! extension_loaded('mbstring')) {
$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
$_die = true;
} else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
}
// check for curl extension
$content .= $this->_status_message('begin', $this->_lng['requirements']['phpcurl']);
if (! extension_loaded('curl')) {
$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
$_die = true;
} else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
}
// check for bcmath extension
$content .= $this->_status_message('begin', $this->_lng['requirements']['phpbcmath']);
if (! extension_loaded('bcmath')) {
$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements']['bcmathdescription']);
} else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
}
// check for zip extension
$content .= $this->_status_message('begin', $this->_lng['requirements']['phpzip']);
if (! extension_loaded('zip')) {
$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements']['zipdescription']);
} else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
}
// check for json extension
$content .= $this->_status_message('begin', $this->_lng['requirements']['phpjson']);
if (! extension_loaded('json')) {
$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements']['jsondescription']);
} else {
$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
}
// check for open_basedir
$content .= $this->_status_message('begin', $this->_lng['requirements']['openbasedir']);
$php_ob = @ini_get("open_basedir");
@@ -1018,7 +1050,7 @@ class FroxlorInstall
$content .= $this->_status_message('green', 'off');
}
$content .= "</table>";
// check if we have unrecoverable errors
$navigation = '';
if ($_die) {
@@ -1033,7 +1065,7 @@ class FroxlorInstall
$linktext = $this->_lng['click_here_to_continue'];
}
eval("\$navigation .= \"" . $this->_getTemplate("pagebottom") . "\";");
return array(
'pagecontent' => $content,
'pagenavigation' => $navigation
@@ -1050,7 +1082,7 @@ class FroxlorInstall
header("Pragma: no-cache");
header('Last-Modified: ' . gmdate('D, d M Y H:i:s \G\M\T', time()));
header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time()));
// ensure that default timezone is set
if (function_exists("date_default_timezone_set") && function_exists("date_default_timezone_get")) {
@date_default_timezone_set(@date_default_timezone_get());
@@ -1068,7 +1100,7 @@ class FroxlorInstall
// includes the usersettings (MySQL-Username/Passwort)
// to test if Froxlor is already installed
require $this->_basepath . '/lib/userdata.inc.php';
if (isset($sql) && is_array($sql)) {
// use sparkle theme for the notice
$installed_hint = file_get_contents($this->_basepath . '/templates/Sparkle/misc/alreadyinstalledhint.tpl');
@@ -1085,7 +1117,7 @@ class FroxlorInstall
{
// set default
$standardlanguage = 'english';
// check either _GET or _POST
if (isset($_GET['language']) && isset($this->_languages[$_GET['language']])) {
$this->_activelng = $_GET['language'];
@@ -1106,7 +1138,7 @@ class FroxlorInstall
break;
}
}
$lngfile = $this->_basepath . '/install/lng/' . $this->_activelng . '.lng.php';
if (file_exists($lngfile)) {
// includes file /lng/$language.lng.php if it exists
@@ -1120,7 +1152,7 @@ class FroxlorInstall
*
* @param string $template
* name of the template including subdirectory
*
*
* @return string
*/
private function _getTemplate($template = null)
@@ -1137,7 +1169,7 @@ class FroxlorInstall
} else {
$templatefile = 'TEMPLATE NOT FOUND: ' . $filename;
}
return $templatefile;
}
@@ -1168,14 +1200,13 @@ class FroxlorInstall
$this->_data['servername'] = $_POST['servername'];
return;
// from $_SERVER
} else
if (! empty($_SERVER['SERVER_NAME'])) {
// no ips
if ($this->_validate_ip($_SERVER['SERVER_NAME']) == false) {
$this->_data['servername'] = $_SERVER['SERVER_NAME'];
return;
}
} else if (! empty($_SERVER['SERVER_NAME'])) {
// no ips
if ($this->_validate_ip($_SERVER['SERVER_NAME']) == false) {
$this->_data['servername'] = $_SERVER['SERVER_NAME'];
return;
}
}
// empty
$this->_data['servername'] = '';
}
@@ -1208,7 +1239,7 @@ class FroxlorInstall
$this->_data['webserver'] = $_POST['webserver'];
} else {
if (strtoupper(@php_sapi_name()) == "APACHE2HANDLER" || stristr($_SERVER['SERVER_SOFTWARE'], "apache/2")) {
$this->_data['webserver'] = 'apache2';
$this->_data['webserver'] = 'apache24';
} elseif (substr(strtoupper(@php_sapi_name()), 0, 8) == "LIGHTTPD" || stristr($_SERVER['SERVER_SOFTWARE'], "lighttpd")) {
$this->_data['webserver'] = 'lighttpd';
} elseif (substr(strtoupper(@php_sapi_name()), 0, 8) == "NGINX" || stristr($_SERVER['SERVER_SOFTWARE'], "nginx")) {
@@ -1294,17 +1325,17 @@ class FroxlorInstall
*/
private function _split_sql_file($sql, $delimiter)
{
// Split up our string into "possible" SQL statements.
$tokens = explode($delimiter, $sql);
// try to save mem.
$sql = "";
$output = array();
// we don't actually care about the matches preg gives us.
$matches = array();
// this is faster than calling count($tokens) every time through the loop.
$token_count = count($tokens);
for ($i = 0; $i < $token_count; $i ++) {
@@ -1312,12 +1343,12 @@ class FroxlorInstall
if (($i != ($token_count - 1)) || (strlen($tokens[$i] > 0))) {
// This is the total number of single quotes in the token.
$total_quotes = preg_match_all("/'/", $tokens[$i], $matches);
// Counts single quotes that are preceded by an odd number of backslashes,
// which means they're escaped quotes.
$escaped_quotes = preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/", $tokens[$i], $matches);
$unescaped_quotes = $total_quotes - $escaped_quotes;
// If the number of unescaped quotes is even, then the delimiter
// did NOT occur inside a string literal.
if (($unescaped_quotes % 2) == 0) {
@@ -1340,7 +1371,7 @@ class FroxlorInstall
// which means they're escaped quotes.
$escaped_quotes = preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/", $tokens[$j], $matches);
$unescaped_quotes = $total_quotes - $escaped_quotes;
if (($unescaped_quotes % 2) == 1) {
// odd number of unescaped quotes. In combination with the previous incomplete
// statement(s), we now have a complete statement. (2 odds always make an even)

8
install/lng/english.lng.php
View File

@@ -35,8 +35,10 @@ $lng['requirements']['phpbcmath'] = 'PHP bcmath-extension...';
$lng['requirements']['phpcurl'] = 'PHP curl-extension...';
$lng['requirements']['phpmbstring'] = 'PHP mbstring-extension...';
$lng['requirements']['phpzip'] = 'PHP zip-extension...';
$lng['requirements']['phpjson'] = 'PHP json-extension...';
$lng['requirements']['bcmathdescription'] = 'Traffic-calculation related functions will not work correctly!';
$lng['requirements']['zipdescription'] = 'The auto-update feature requires the zip extension.';
$lng['requirements']['jsondescription'] = 'The settings import/export feature requires the json extension.';
$lng['requirements']['openbasedir'] = 'open_basedir...';
$lng['requirements']['openbasedirenabled'] = 'Froxlor will not work properly with open_basedir enabled. Please disable open_basedir for Froxlor in the coresponding php.ini';
$lng['requirements']['diedbecauseofrequirements'] = 'Cannot install Froxlor without these requirements! Try to fix them and retry.';
@@ -63,7 +65,7 @@ $lng['install']['serversettings'] = 'Server settings';
$lng['install']['servername'] = 'Server name (FQDN, no ip-address)';
$lng['install']['serverip'] = 'Server IP';
$lng['install']['webserver'] = 'Webserver';
$lng['install']['apache2'] = 'Apache 2';
$lng['install']['apache2'] = 'Apache 2.2';
$lng['install']['apache24'] = 'Apache 2.4';
$lng['install']['lighttpd'] = 'LigHTTPd';
$lng['install']['nginx'] = 'NGINX';
@@ -83,8 +85,8 @@ $lng['install']['changing_data'] = 'Adjusting settings...';
$lng['install']['creating_entries'] = 'Inserting new values...';
$lng['install']['adding_admin_user'] = 'Creating admin-account...';
$lng['install']['creating_configfile'] = 'Creating configfile...';
$lng['install']['creating_configfile_temp'] = 'File was saved in /tmp/userdata.inc.php, please move to lib/.';
$lng['install']['creating_configfile_failed'] = 'Could not create lib/userdata.inc.php, please create it manually with the following content:';
$lng['install']['creating_configfile_temp'] = 'File was saved in /tmp/userdata.inc.php, please move to '.dirname(dirname(__DIR__)).'/lib/.';
$lng['install']['creating_configfile_failed'] = 'Could not create '.dirname(dirname(__DIR__)).'/lib/userdata.inc.php, please create it manually with the following content:';
$lng['install']['froxlor_succ_installed'] = 'Froxlor was installed successfully.';
$lng['click_here_to_refresh'] = 'Click here to check again';

4
install/lng/french.lng.php
View File

@@ -79,8 +79,8 @@ $lng['install']['changing_data'] = 'Ajustement des paramètres...';
$lng['install']['creating_entries'] = 'Insertion des nouvelles valeurs...';
$lng['install']['adding_admin_user'] = 'Création du compte administrateur...';
$lng['install']['creating_configfile'] = 'Création du fichier de configuration...';
$lng['install']['creating_configfile_temp'] = 'Le fichier a été enregistré dans /tmp/userdata.inc.php, merci de le déplacer dans lib/.';
$lng['install']['creating_configfile_failed'] = 'Impossible de créer lib/userdata.inc.php, merci de le créer manuellement avec le contenu suivant:';
$lng['install']['creating_configfile_temp'] = 'Le fichier a été enregistré dans /tmp/userdata.inc.php, merci de le déplacer dans '.dirname(dirname(__DIR__)).'/lib/.';
$lng['install']['creating_configfile_failed'] = 'Impossible de créer '.dirname(dirname(__DIR__)).'/lib/userdata.inc.php, merci de le créer manuellement avec le contenu suivant:';
$lng['install']['froxlor_succ_installed'] = 'Froxlor a été installé avec succès.';
$lng['click_here_to_refresh'] = 'Cliquez ici pour vérifier à nouveau';

6
install/lng/german.lng.php
View File

@@ -35,8 +35,10 @@ $lng['requirements']['phpbcmath'] = 'PHP bcmath-Erweiterung...';
$lng['requirements']['phpcurl'] = 'PHP curl-Erweiterung...';
$lng['requirements']['phpmbstring'] = 'PHP mbstring-Erweiterung...';
$lng['requirements']['phpzip'] = 'PHP zip-Erweiterung...';
$lng['requirements']['phpjson'] = 'PHP json-Erweiterung...';
$lng['requirements']['bcmathdescription'] = 'Traffic-Berechnungs bezogene Funktionen stehen nicht vollständig zur Verfügung!';
$lng['requirements']['zipdescription'] = 'Die Auto-Update Funktion benötigt die zip Erweiterung.';
$lng['requirements']['jsondescription'] = 'Die Einstellungen Import/Export Funktion benötigt die json Erweiterung.';
$lng['requirements']['openbasedir'] = 'open_basedir genutzt wird...';
$lng['requirements']['openbasedirenabled'] = 'Froxlor wird mit aktiviertem open_basedir nicht vollständig funktionieren. Bitte deaktivieren Sie open_basedir für Froxlor in der entsprechenden php.ini';
$lng['requirements']['diedbecauseofrequirements'] = 'Kann Froxlor ohne diese Voraussetzungen nicht installieren! Beheben Sie die angezeigten Probleme und versuchen Sie es erneut.';
@@ -83,8 +85,8 @@ $lng['install']['changing_data'] = 'Einstellungen anpassen...';
$lng['install']['creating_entries'] = 'Trage neue Werte ein...';
$lng['install']['adding_admin_user'] = 'Erstelle Admin-Benutzer...';
$lng['install']['creating_configfile'] = 'Erstelle Konfigurationsdatei...';
$lng['install']['creating_configfile_temp'] = 'Datei wurde in /tmp/userdata.inc.php gespeichert, bitte nach lib/ verschieben.';
$lng['install']['creating_configfile_failed'] = 'Konnte lib/userdata.inc.php nicht erstellen, bitte manuell mit folgendem Inhalt anlegen:';
$lng['install']['creating_configfile_temp'] = 'Datei wurde in /tmp/userdata.inc.php gespeichert, bitte nach '.dirname(dirname(__DIR__)).'/lib/ verschieben.';
$lng['install']['creating_configfile_failed'] = 'Konnte '.dirname(dirname(__DIR__)).'/lib/userdata.inc.php nicht erstellen, bitte manuell mit folgendem Inhalt anlegen:';
$lng['install']['froxlor_succ_installed'] = 'Froxlor wurde erfolgreich installiert.';
$lng['click_here_to_refresh'] = 'Hier klicken, um erneut zu prüfen';

234
install/updates/froxlor/0.9/update_0.9.inc.php
View File

@@ -3646,3 +3646,237 @@ if (isDatabaseVersion('201708240')) {
showUpdateStep("Updating from 0.9.38.7 to 0.9.38.8", false);
updateToVersion('0.9.38.8');
}
if (isDatabaseVersion('201712310')) {
showUpdateStep("Adding field for fpm-daemon configs");
Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `fpmsettingid` int(11) NOT NULL DEFAULT '1';");
lastStepStatus(0);
showUpdateStep("Adding new fpm-daemons table");
Database::query("DROP TABLE IF EXISTS `panel_fpmdaemons`;");
$sql = "CREATE TABLE `panel_fpmdaemons` (
`id` int(11) unsigned NOT NULL auto_increment,
`description` varchar(50) NOT NULL,
`reload_cmd` varchar(255) NOT NULL,
`config_dir` varchar(255) NOT NULL,
`pm` varchar(15) NOT NULL DEFAULT 'static',
`max_children` int(4) NOT NULL DEFAULT '1',
`start_servers` int(4) NOT NULL DEFAULT '20',
`min_spare_servers` int(4) NOT NULL DEFAULT '5',
`max_spare_servers` int(4) NOT NULL DEFAULT '35',
`max_requests` int(4) NOT NULL DEFAULT '0',
`idle_timeout` int(4) NOT NULL DEFAULT '30',
PRIMARY KEY (`id`),
UNIQUE KEY `reload` (`reload_cmd`),
UNIQUE KEY `config` (`config_dir`)
) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;";
Database::query($sql);
lastStepStatus(0);
showUpdateStep("Converting php-fpm settings to new layout");
$ins_stmt = Database::prepare("
INSERT INTO `panel_fpmdaemons` SET
`id` = 1,
`description` = 'System default',
`reload_cmd` = :reloadcmd,
`config_dir` = :confdir,
`pm` = :pm,
`max_children` = :maxc,
`start_servers` = :starts,
`min_spare_servers` = :minss,
`max_spare_servers` = :maxss,
`max_requests` = :maxr,
`idle_timeout` = :it
");
Database::pexecute($ins_stmt, array(
'reloadcmd' => Settings::Get('phpfpm.reload'),
'confdir' => Settings::Get('phpfpm.configdir'),
'pm' => Settings::Get('phpfpm.pm'),
'maxc' => Settings::Get('phpfpm.max_children'),
'starts' => Settings::Get('phpfpm.start_servers'),
'minss' => Settings::Get('phpfpm.min_spare_servers'),
'maxss' => Settings::Get('phpfpm.max_spare_servers'),
'maxr' => Settings::Get('phpfpm.max_requests'),
'it' => Settings::Get('phpfpm.idle_timeout')
));
lastStepStatus(0);
showUpdateStep("Deleting unneeded settings");
Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'reload'");
Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'configdir'");
Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'pm'");
Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'max_children'");
Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'start_servers'");
Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'min_spare_servers'");
Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'max_spare_servers'");
Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'max_requests'");
Database::query("DELETE FROM `".TABLE_PANEL_SETTINGS."` WHERE `settinggroup` = 'phpfpm' AND `varname` = 'idle_timeout'");
lastStepStatus(0);
updateToDbVersion('201801070');
}
if (isDatabaseVersion('201801070')) {
showUpdateStep("Adding field allowed_phpconfigs for customers");
Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` ADD `allowed_phpconfigs` varchar(500) NOT NULL default '';");
lastStepStatus(0);
updateToDbVersion('201801080');
}
if (isDatabaseVersion('201801080')) {
showUpdateStep("Adding new setting for Let's Encrypt ACME version");
Settings::AddNew('system.leapiversion', '1');
lastStepStatus(0);
updateToDbVersion('201801090');
}
if (isDatabaseVersion('201801090')) {
showUpdateStep("Adding field pass_authorizationheader for php-configs");
Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `pass_authorizationheader` tinyint(1) NOT NULL default '0';");
lastStepStatus(0);
updateToDbVersion('201801091');
}
if (isDatabaseVersion('201801091')) {
showUpdateStep("Adding new setting for SSL protocols");
Settings::AddNew('system.ssl_protocols', 'TLSv1,TLSv1.2');
lastStepStatus(0);
updateToDbVersion('201801100');
}
if (isDatabaseVersion('201801100')) {
showUpdateStep("Adding field for security.limit_extensions fpm-setting");
Database::query("ALTER TABLE `" . TABLE_PANEL_FPMDAEMONS . "` ADD `limit_extensions` varchar(255) NOT NULL default '.php';");
lastStepStatus(0);
updateToDbVersion('201801101');
}
if (isDatabaseVersion('201801101')) {
showUpdateStep("Adding dynamic php-fpm php.ini settings");
Settings::AddNew('phpfpm.ini_flags', 'asp_tags
display_errors
display_startup_errors
html_errors
log_errors
magic_quotes_gpc
magic_quotes_runtime
magic_quotes_sybase
mail.add_x_header
session.cookie_secure
session.use_cookies
short_open_tag
track_errors
xmlrpc_errors
suhosin.simulation
suhosin.session.encrypt
suhosin.session.cryptua
suhosin.session.cryptdocroot
suhosin.cookie.encrypt
suhosin.cookie.cryptua
suhosin.cookie.cryptdocroot
suhosin.executor.disable_eval
mbstring.func_overload');
Settings::AddNew('phpfpm.ini_values', 'auto_append_file
auto_prepend_file
date.timezone
default_charset
error_reporting
include_path
log_errors_max_len
mail.log
max_execution_time
session.cookie_domain
session.cookie_lifetime
session.cookie_path
session.name
session.serialize_handler
upload_max_filesize
xmlrpc_error_number
session.auto_start
always_populate_raw_post_data
suhosin.session.cryptkey
suhosin.session.cryptraddr
suhosin.session.checkraddr
suhosin.cookie.cryptkey
suhosin.cookie.plainlist
suhosin.cookie.cryptraddr
suhosin.cookie.checkraddr
suhosin.executor.func.blacklist
suhosin.executor.eval.whitelist');
Settings::AddNew('phpfpm.ini_admin_flags', 'allow_call_time_pass_reference
allow_url_fopen
allow_url_include
auto_detect_line_endings
cgi.fix_pathinfo
cgi.force_redirect
enable_dl
expose_php
file_uploads
ignore_repeated_errors
ignore_repeated_source
log_errors
register_argc_argv
report_memleaks
opcache.enable
opcache.consistency_checks
opcache.dups_fix
opcache.load_comments
opcache.revalidate_path
opcache.save_comments
opcache.use_cwd
opcache.validate_timestamps
opcache.fast_shutdown');
Settings::AddNew('phpfpm.ini_admin_values', 'cgi.redirect_status_env
date.timezone
disable_classes
disable_functions
error_log
gpc_order
max_input_time
max_input_vars
memory_limit
open_basedir
output_buffering
post_max_size
precision
sendmail_path
session.gc_divisor
session.gc_probability
variables_order
opcache.log_verbosity_level
opcache.restrict_api
opcache.revalidate_freq
opcache.max_accelerated_files
opcache.memory_consumption
opcache.interned_strings_buffer');
lastStepStatus(0);
updateToDbVersion('201801110');
}
if (isDatabaseVersion('201801110')) {
showUpdateStep("Adding php-fpm php PATH setting for envrironment");
Settings::AddNew("phpfpm.envpath", '/usr/local/bin:/usr/bin:/bin');
lastStepStatus(0);
updateToDbVersion('201801260');
}
if (isFroxlorVersion('0.9.38.8')) {
showUpdateStep("Updating from 0.9.38.8 to 0.9.39 final", false);
updateToVersion('0.9.39');
}

2
install/updates/preconfig/0.9/preconfig_0.9.inc.php
View File

@@ -721,7 +721,7 @@ function parseAndOutputPreconfig(&$has_preconfig, &$return, $current_version, $c
if (versionInUpdate($current_db_version, '201712310')) {
if (Settings::Get('system.leenabled') == 1) {
$has_preconfig = true;
$description = 'Chose whether you want to disable the Let\'s Encrypt selfcheck as it causes false positives for some onfigurations.<br /><br />';
$description = 'Chose whether you want to disable the Let\'s Encrypt selfcheck as it causes false positives for some configurations.<br /><br />';
$question = '<strong>Disable Let\'s Encrypt self-check?</strong><br />';
$question .= makeyesno('system_disable_le_selfcheck', '1', '0', '0') . '<br />';
eval("\$return.=\"" . getTemplate("update/preconfigitem") . "\";");

2
lib/classes/database/manager/class.DbManagerMySQL.php
View File

@@ -134,7 +134,7 @@ class DbManagerMySQL {
* @param string $host (unused in mysql)
*/
public function disableUser($username = null, $host = null) {
$stmt = Database::prepare("REVOKE ALL PRIVILEGES, GRANT OPTION FROM `".$row_database['databasename']."`");
$stmt = Database::prepare('REVOKE ALL PRIVILEGES, GRANT OPTION FROM `' . $username . '`@`' . $host . '`');
Database::pexecute($stmt, array(), false);
}

8
lib/classes/dns/class.DnsEntry.php
View File

@@ -52,18 +52,18 @@ class DnsEntry
if (substr($_l, 0, 1) == '"') {
$_l = substr($_l, 1);
}
$_content = '( "' . $_l . '"' . PHP_EOL;
$_content = '("' . $_l . '"' . PHP_EOL;
$_l = array_pop($_contentlines);
// check for ending quote
if (substr($_l, -1) == '"') {
$_l = substr($_l, 0, -1);
if (substr($_l, - 1) == '"') {
$_l = substr($_l, 0, - 1);
}
foreach ($_contentlines as $_cl) {
// lines in between
$_content .= "\t\t\t\t" . '"' . $_cl . '"' . PHP_EOL;
}
// last line
$_content .= "\t\t\t\t" . '"'.$_l.'" )';
$_content .= "\t\t\t\t" . '"' . $_l . '")';
}
$result = $this->record . "\t" . $this->ttl . "\t" . $this->class . "\t" . $this->type . "\t" . (($this->priority >= 0 && ($this->type == 'MX' || $this->type == 'SRV')) ? $this->priority . "\t" : "") . $_content . PHP_EOL;
return $result;

6
lib/classes/phpinterface/class.phpinterface.php
View File

@@ -91,6 +91,12 @@ class phpinterface {
SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"
);
$this->_php_configs_cache[$php_config_id] = Database::pexecute_first($stmt, array('id' => $php_config_id));
if ((int)Settings::Get('phpfpm.enabled') == 1) {
$stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id"
);
$this->_php_configs_cache[$php_config_id]['fpm_settings'] = Database::pexecute_first($stmt, array('id' => $this->_php_configs_cache[$php_config_id]['fpmsettingid']));
}
}
return $this->_php_configs_cache[$php_config_id];

430
lib/classes/phpinterface/class.phpinterface_fpm.php
View File

@@ -18,19 +18,28 @@
* @since 0.9.16
*
*/
class phpinterface_fpm {
class phpinterface_fpm
{
/**
* Domain-Data array
*
* @var array
*/
*/
private $_domain = array();
/**
* Admin-Date cache array
* fpm config
*
* @var array
*/
*/
private $_fpm_cfg = array();
/**
* Admin-Date cache array
*
* @var array
*/
private $_admin_cache = array();
/**
@@ -38,119 +47,38 @@ class phpinterface_fpm {
* Mostly taken from http://php.net/manual/en/ini.list.php
*
* @var array
*/
private $_ini = array(
'php_value' => array(
'auto_append_file',
'auto_prepend_file',
'date.timezone',
'default_charset',
'error_reporting',
'include_path',
'log_errors_max_len',
'mail.log',
'max_execution_time',
'session.cookie_domain',
'session.cookie_lifetime',
'session.cookie_path',
'session.name',
'session.serialize_handler',
'upload_max_filesize',
'xmlrpc_error_number',
'session.auto_start',
'always_populate_raw_post_data',
'suhosin.session.cryptkey',
'suhosin.session.cryptraddr',
'suhosin.session.checkraddr',
'suhosin.cookie.cryptkey',
'suhosin.cookie.plainlist',
'suhosin.cookie.cryptraddr',
'suhosin.cookie.checkraddr',
'suhosin.executor.func.blacklist',
'suhosin.executor.eval.whitelist'
),
'php_flag' => array(
'asp_tags',
'display_errors',
'display_startup_errors',
'html_errors',
'log_errors',
'magic_quotes_gpc',
'magic_quotes_runtime',
'magic_quotes_sybase',
'mail.add_x_header',
'session.cookie_secure',
'session.use_cookies',
'short_open_tag',
'track_errors',
'xmlrpc_errors',
'suhosin.simulation',
'suhosin.session.encrypt',
'suhosin.session.cryptua',
'suhosin.session.cryptdocroot',
'suhosin.cookie.encrypt',
'suhosin.cookie.cryptua',
'suhosin.cookie.cryptdocroot',
'suhosin.executor.disable_eval',
'mbstring.func_overload'
),
'php_admin_value' => array(
'cgi.redirect_status_env',
'date.timezone',
'disable_classes',
'disable_functions',
'error_log',
'gpc_order',
'max_input_time',
'max_input_vars',
'memory_limit',
'open_basedir',
'output_buffering',
'post_max_size',
'precision',
'sendmail_path',
'session.gc_divisor',
'session.gc_probability',
'variables_order',
'opcache.log_verbosity_level',
'opcache.restrict_api',
'opcache.revalidate_freq',
'opcache.max_accelerated_files',
'opcache.memory_consumption',
'opcache.interned_strings_buffer'
),
'php_admin_flag' => array(
'allow_call_time_pass_reference',
'allow_url_fopen',
'allow_url_include',
'auto_detect_line_endings',
'cgi.fix_pathinfo',
'cgi.force_redirect',
'enable_dl',
'expose_php',
'file_uploads',
'ignore_repeated_errors',
'ignore_repeated_source',
'log_errors',
'register_argc_argv',
'report_memleaks',
'opcache.enable',
'opcache.consistency_checks',
'opcache.dups_fix',
'opcache.load_comments',
'opcache.revalidate_path',
'opcache.save_comments',
'opcache.use_cwd',
'opcache.validate_timestamps',
'opcache.fast_shutdown'
)
);
*/
private $_ini = array();
/**
* main constructor
*/
public function __construct($domain) {
*/
public function __construct($domain)
{
if (!isset($domain['fpm_config_id']) || empty($domain['fpm_config_id'])) {
$domain['fpm_config_id'] = 1;
}
$this->_domain = $domain;
$this->_readFpmConfig($domain['fpm_config_id']);
$this->_buildIniMapping();
}
private function _buildIniMapping()
{
$this->_ini = array(
'php_flag' => explode("\n", Settings::Get('phpfpm.ini_flags')),
'php_value' => explode("\n", Settings::Get('phpfpm.ini_values')),
'php_admin_flag' => explode("\n", Settings::Get('phpfpm.ini_admin_flags')),
'php_admin_value' => explode("\n", Settings::Get('phpfpm.ini_admin_values'))
);
}
private function _readFpmConfig($fpm_config_id)
{
$stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id");
$this->_fpm_cfg = Database::pexecute_first($stmt, array(
'id' => $fpm_config_id
));
}
/**
@@ -158,47 +86,48 @@ class phpinterface_fpm {
*
* @param array $phpconfig
*/
public function createConfig($phpconfig) {
public function createConfig($phpconfig)
{
$fh = @fopen($this->getConfigFile(), 'w');
if ($fh) {
$fpm_pm = Settings::Get('phpfpm.pm');
$fpm_children = (int)Settings::Get('phpfpm.max_children');
$fpm_start_servers = (int)Settings::Get('phpfpm.start_servers');
$fpm_min_spare_servers = (int)Settings::Get('phpfpm.min_spare_servers');
$fpm_max_spare_servers = (int)Settings::Get('phpfpm.max_spare_servers');
$fpm_requests = (int)Settings::Get('phpfpm.max_requests');
$fpm_process_idle_timeout = (int)Settings::Get('phpfpm.idle_timeout');
$fpm_pm = $this->_fpm_cfg['pm'];
$fpm_children = (int) $this->_fpm_cfg['max_children'];
$fpm_start_servers = (int) $this->_fpm_cfg['start_servers'];
$fpm_min_spare_servers = (int) $this->_fpm_cfg['min_spare_servers'];
$fpm_max_spare_servers = (int) $this->_fpm_cfg['max_spare_servers'];
$fpm_requests = (int) $this->_fpm_cfg['max_requests'];
$fpm_process_idle_timeout = (int) $this->_fpm_cfg['idle_timeout'];
$fpm_limit_extensions = $this->_fpm_cfg['limit_extensions'];
if ($fpm_children == 0) {
$fpm_children = 1;
}
$fpm_config = ';PHP-FPM configuration for "'.$this->_domain['domain'].'" created on ' . date("Y.m.d H:i:s") . "\n";
$fpm_config.= '['.$this->_domain['domain'].']'."\n";
$fpm_config.= 'listen = '.$this->getSocketFile()."\n";
$fpm_config = ';PHP-FPM configuration for "' . $this->_domain['domain'] . '" created on ' . date("Y.m.d H:i:s") . "\n";
$fpm_config .= '[' . $this->_domain['domain'] . ']' . "\n";
$fpm_config .= 'listen = ' . $this->getSocketFile() . "\n";
if ($this->_domain['loginname'] == 'froxlor.panel') {
$fpm_config.= 'listen.owner = '.$this->_domain['guid']."\n";
$fpm_config.= 'listen.group = '.$this->_domain['guid']."\n";
$fpm_config .= 'listen.owner = ' . $this->_domain['guid'] . "\n";
$fpm_config .= 'listen.group = ' . $this->_domain['guid'] . "\n";
} else {
$fpm_config.= 'listen.owner = '.$this->_domain['loginname']."\n";
$fpm_config.= 'listen.group = '.$this->_domain['loginname']."\n";
$fpm_config .= 'listen.owner = ' . $this->_domain['loginname'] . "\n";
$fpm_config .= 'listen.group = ' . $this->_domain['loginname'] . "\n";
}
// see #1418 why this is 0660
$fpm_config.= 'listen.mode = 0660'."\n";
$fpm_config .= 'listen.mode = 0660' . "\n";
if ($this->_domain['loginname'] == 'froxlor.panel') {
$fpm_config.= 'user = '.$this->_domain['guid']."\n";
$fpm_config.= 'group = '.$this->_domain['guid']."\n";
$fpm_config .= 'user = ' . $this->_domain['guid'] . "\n";
$fpm_config .= 'group = ' . $this->_domain['guid'] . "\n";
} else {
$fpm_config.= 'user = '.$this->_domain['loginname']."\n";
$fpm_config.= 'group = '.$this->_domain['loginname']."\n";
$fpm_config .= 'user = ' . $this->_domain['loginname'] . "\n";
$fpm_config .= 'group = ' . $this->_domain['loginname'] . "\n";
}
$fpm_config.= 'pm = '.$fpm_pm."\n";
$fpm_config.= 'pm.max_children = '.$fpm_children."\n";
$fpm_config .= 'pm = ' . $fpm_pm . "\n";
$fpm_config .= 'pm.max_children = ' . $fpm_children . "\n";
if ($fpm_pm == 'dynamic') {
// honor max_children
if ($fpm_children < $fpm_min_spare_servers) {
@@ -214,35 +143,40 @@ class phpinterface_fpm {
if ($fpm_start_servers > $fpm_max_spare_servers) {
$fpm_start_servers = $fpm_max_spare_servers;
}
$fpm_config.= 'pm.start_servers = '.$fpm_start_servers."\n";
$fpm_config.= 'pm.min_spare_servers = '.$fpm_min_spare_servers."\n";
$fpm_config.= 'pm.max_spare_servers = '.$fpm_max_spare_servers."\n";
$fpm_config .= 'pm.start_servers = ' . $fpm_start_servers . "\n";
$fpm_config .= 'pm.min_spare_servers = ' . $fpm_min_spare_servers . "\n";
$fpm_config .= 'pm.max_spare_servers = ' . $fpm_max_spare_servers . "\n";
} elseif ($fpm_pm == 'ondemand') {
$fpm_config.= 'pm.process_idle_timeout = '.$fpm_process_idle_timeout."\n";
$fpm_config .= 'pm.process_idle_timeout = ' . $fpm_process_idle_timeout . "\n";
}
$fpm_config.= 'pm.max_requests = '.$fpm_requests."\n";
$fpm_config .= 'pm.max_requests = ' . $fpm_requests . "\n";
// possible slowlog configs
if ($phpconfig['fpm_slowlog'] == '1') {
$fpm_config.= 'request_terminate_timeout = ' . $phpconfig['fpm_reqterm'] . "\n";
$fpm_config.= 'request_slowlog_timeout = ' . $phpconfig['fpm_reqslow'] . "\n";
$fpm_config .= 'request_terminate_timeout = ' . $phpconfig['fpm_reqterm'] . "\n";
$fpm_config .= 'request_slowlog_timeout = ' . $phpconfig['fpm_reqslow'] . "\n";
$slowlog = makeCorrectFile(Settings::Get('system.logfiles_directory') . '/' . $this->_domain['loginname'] . '-php-slow.log');
$fpm_config.= 'slowlog = ' . $slowlog . "\n";
$fpm_config.= 'catch_workers_output = yes' . "\n";
$fpm_config .= 'slowlog = ' . $slowlog . "\n";
$fpm_config .= 'catch_workers_output = yes' . "\n";
}
$fpm_config.= ';chroot = '.makeCorrectDir($this->_domain['documentroot'])."\n";
$fpm_config .= ';chroot = ' . makeCorrectDir($this->_domain['documentroot']) . "\n";
$fpm_config .= 'security.limit_extensions = '.$fpm_limit_extensions . "\n";
$tmpdir = makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/');
if (!is_dir($tmpdir)) {
if (! is_dir($tmpdir)) {
$this->getTempDir();
}
$fpm_config.= 'env[TMP] = '.$tmpdir."\n";
$fpm_config.= 'env[TMPDIR] = '.$tmpdir."\n";
$fpm_config.= 'env[TEMP] = '.$tmpdir."\n";
$env_path = Settings::Get('phpfpm.envpath');
if (!empty($env_path)) {
$fpm_config .= 'env[PATH] = ' . $env_path . "\n";
}
$fpm_config .= 'env[TMP] = ' . $tmpdir . "\n";
$fpm_config .= 'env[TMPDIR] = ' . $tmpdir . "\n";
$fpm_config .= 'env[TEMP] = ' . $tmpdir . "\n";
$openbasedir = '';
if ($this->_domain['loginname'] != 'froxlor.panel') {
if ($this->_domain['openbasedir'] == '1') {
@@ -251,47 +185,45 @@ class phpinterface_fpm {
foreach ($_custom_openbasedir as $cobd) {
$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
}
$_custom_openbasedir = explode(':', Settings::Get('system.phpappendopenbasedir'));
foreach ($_custom_openbasedir as $cobd) {
$_phpappendopenbasedir .= appendOpenBasedirPath($cobd);
}
if ($this->_domain['openbasedir_path'] == '0'
&& strstr($this->_domain['documentroot'], ":") === false
) {
if ($this->_domain['openbasedir_path'] == '0' && strstr($this->_domain['documentroot'], ":") === false) {
$openbasedir = appendOpenBasedirPath($this->_domain['documentroot'], true);
} else {
$openbasedir = appendOpenBasedirPath($this->_domain['customerroot'], true);
}
$openbasedir .= appendOpenBasedirPath($this->getTempDir());
$openbasedir .= $_phpappendopenbasedir;
}
}
$fpm_config.= 'php_admin_value[session.save_path] = ' . makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/') . "\n";
$fpm_config.= 'php_admin_value[upload_tmp_dir] = ' . makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/') . "\n";
$fpm_config .= 'php_admin_value[session.save_path] = ' . makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/') . "\n";
$fpm_config .= 'php_admin_value[upload_tmp_dir] = ' . makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/') . "\n";
$admin = $this->_getAdminData($this->_domain['adminid']);
$php_ini_variables = array(
'SAFE_MODE' => 'Off', // keep this for compatibility, just in case
'PEAR_DIR' => Settings::Get('phpfpm.peardir'),
'TMP_DIR' => $this->getTempDir(),
'CUSTOMER_EMAIL' => $this->_domain['email'],
'ADMIN_EMAIL' => $admin['email'],
'DOMAIN' => $this->_domain['domain'],
'CUSTOMER' => $this->_domain['loginname'],
'ADMIN' => $admin['loginname'],
'OPEN_BASEDIR' => $openbasedir,
'OPEN_BASEDIR_C' => '',
'OPEN_BASEDIR_GLOBAL' => Settings::Get('system.phpappendopenbasedir'),
'DOCUMENT_ROOT' => makeCorrectDir($this->_domain['documentroot'])
'SAFE_MODE' => 'Off', // keep this for compatibility, just in case
'PEAR_DIR' => Settings::Get('phpfpm.peardir'),
'TMP_DIR' => $this->getTempDir(),
'CUSTOMER_EMAIL' => $this->_domain['email'],
'ADMIN_EMAIL' => $admin['email'],
'DOMAIN' => $this->_domain['domain'],
'CUSTOMER' => $this->_domain['loginname'],
'ADMIN' => $admin['loginname'],
'OPEN_BASEDIR' => $openbasedir,
'OPEN_BASEDIR_C' => '',
'OPEN_BASEDIR_GLOBAL' => Settings::Get('system.phpappendopenbasedir'),
'DOCUMENT_ROOT' => makeCorrectDir($this->_domain['documentroot'])
);
$phpini = replace_variables($phpconfig['phpsettings'], $php_ini_variables);
$phpini_array = explode("\n", $phpini);
$fpm_config.= "\n\n";
$fpm_config .= "\n\n";
foreach ($phpini_array as $inisection) {
$is = explode("=", $inisection);
foreach ($this->_ini as $sec => $possibles) {
@@ -300,17 +232,17 @@ class phpinterface_fpm {
if (trim($is[0]) == 'open_basedir' && $openbasedir == '') {
continue;
}
$fpm_config.= $sec.'['.trim($is[0]).'] = ' . trim($is[1]) . "\n";
$fpm_config .= $sec . '[' . trim($is[0]) . '] = ' . trim($is[1]) . "\n";
}
}
}
// now check if 'sendmail_path' has not beed set in the custom-php.ini
// if not we use our fallback-default as usual
if (strpos($fpm_config, 'php_admin_value[sendmail_path]') === false) {
$fpm_config.= 'php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f '.$this->_domain['email']."\n";
$fpm_config .= 'php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f ' . $this->_domain['email'] . "\n";
}
fwrite($fh, $fpm_config, strlen($fpm_config));
fclose($fh);
}
@@ -322,108 +254,138 @@ class phpinterface_fpm {
*
* @param string $phpconfig
*/
public function createIniFile($phpconfig) {
public function createIniFile($phpconfig)
{
return;
}
/**
* fpm-config file
*
* @param boolean $createifnotexists create the directory if it does not exist
*
* @param boolean $createifnotexists
* create the directory if it does not exist
*
* @return string the full path to the file
*/
public function getConfigFile($createifnotexists = true) {
$configdir = makeCorrectDir(Settings::Get('phpfpm.configdir'));
$config = makeCorrectFile($configdir.'/'.$this->_domain['domain'].'.conf');
if (!is_dir($configdir) && $createifnotexists) {
public function getConfigFile($createifnotexists = true)
{
$configdir = $this->_fpm_cfg['config_dir'];
$config = makeCorrectFile($configdir . '/' . $this->_domain['domain'] . '.conf');
if (! is_dir($configdir) && $createifnotexists) {
safe_exec('mkdir -p ' . escapeshellarg($configdir));
}
return $config;
}
/**
* return path of fpm-socket file
*
* @param boolean $createifnotexists create the directory if it does not exist
*
* @param boolean $createifnotexists
* create the directory if it does not exist
*
* @return string the full path to the socket
*/
public function getSocketFile($createifnotexists = true) {
public function getSocketFile($createifnotexists = true)
{
$socketdir = makeCorrectDir(Settings::Get('phpfpm.fastcgi_ipcdir'));
$socket = strtolower(makeCorrectFile($socketdir.'/'.$this->_domain['loginname'].'-'.$this->_domain['domain'].'-php-fpm.socket'));
if (!is_dir($socketdir) && $createifnotexists) {
safe_exec('mkdir -p '.escapeshellarg($socketdir));
safe_exec('chown -R '.Settings::Get('system.httpuser').':'.Settings::Get('system.httpgroup').' '.escapeshellarg($socketdir));
// add fpm-config-id to filename so it's unique for the fpm-daemon and doesn't interfere with running configs when reuilding
$socket = strtolower(makeCorrectFile($socketdir . '/' . $this->_domain['fpm_config_id'] . '-' . $this->_domain['loginname'] . '-' . $this->_domain['domain'] . '-php-fpm.socket'));
if (! is_dir($socketdir) && $createifnotexists) {
safe_exec('mkdir -p ' . escapeshellarg($socketdir));
safe_exec('chown -R ' . Settings::Get('system.httpuser') . ':' . Settings::Get('system.httpgroup') . ' ' . escapeshellarg($socketdir));
}
return $socket;
}
/**
* fpm-temp directory
*
* @param boolean $createifnotexists create the directory if it does not exist
*
* @param boolean $createifnotexists
* create the directory if it does not exist
*
* @return string the directory
*/
public function getTempDir($createifnotexists = true) {
public function getTempDir($createifnotexists = true)
{
$tmpdir = makeCorrectDir(Settings::Get('phpfpm.tmpdir') . '/' . $this->_domain['loginname'] . '/');
if (!is_dir($tmpdir) && $createifnotexists) {
if (! is_dir($tmpdir) && $createifnotexists) {
safe_exec('mkdir -p ' . escapeshellarg($tmpdir));
safe_exec('chown -R ' . $this->_domain['guid'] . ':' . $this->_domain['guid'] . ' ' . escapeshellarg($tmpdir));
safe_exec('chmod 0750 ' . escapeshellarg($tmpdir));
}
return $tmpdir;
}
/**
* fastcgi-fakedirectory directory
*
* @param boolean $createifnotexists create the directory if it does not exist
*
* @param boolean $createifnotexists
* create the directory if it does not exist
*
* @return string the directory
*/
public function getAliasConfigDir($createifnotexists = true) {
public function getAliasConfigDir($createifnotexists = true)
{
// ensure default...
if (Settings::Get('phpfpm.aliasconfigdir') == null) {
Settings::Set('phpfpm.aliasconfigdir', '/var/www/php-fpm');
}
$configdir = makeCorrectDir(Settings::Get('phpfpm.aliasconfigdir') . '/' . $this->_domain['loginname'] . '/' . $this->_domain['domain'] . '/');
if (!is_dir($configdir) && $createifnotexists) {
if (! is_dir($configdir) && $createifnotexists) {
safe_exec('mkdir -p ' . escapeshellarg($configdir));
safe_exec('chown ' . $this->_domain['guid'] . ':' . $this->_domain['guid'] . ' ' . escapeshellarg($configdir));
}
return $configdir;
}
/**
* create a dummy fpm pool config with minimal configuration
* (this is used whenever a config directory is empty but needs at least one pool to startup/restart)
*
* @param string $configdir
*/
public static function createDummyPool($configdir)
{
if (! is_dir($configdir)) {
safe_exec('mkdir -p ' . escapeshellarg($configdir));
}
$config = makeCorrectFile($configdir . '/dummy.conf');
$dummy = "[dummy]
user = ".Settings::Get('system.httpuser')."
listen = /run/" . base64_encode($configdir) . "-fpm.sock
pm = static
pm.max_children = 1
";
file_put_contents($config, $dummy);
}
/**
* return the admin-data of a specific admin
*
* @param int $adminid id of the admin-user
*
* @param int $adminid
* id of the admin-user
*
* @return array
*/
private function _getAdminData($adminid) {
private function _getAdminData($adminid)
{
$adminid = intval($adminid);
if (!isset($this->_admin_cache[$adminid])) {
if (! isset($this->_admin_cache[$adminid])) {
$stmt = Database::prepare("
SELECT `email`, `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :id"
);
$this->_admin_cache[$adminid] = Database::pexecute_first($stmt, array('id' => $adminid));
SELECT `email`, `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :id");
$this->_admin_cache[$adminid] = Database::pexecute_first($stmt, array(
'id' => $adminid
));
}
return $this->_admin_cache[$adminid];
}

805
lib/classes/phpmailer/class.PHPMailer.php
View File

File diff suppressed because it is too large Load Diff

329
lib/classes/phpmailer/class.SMTP.php
View File

@@ -1,88 +1,88 @@
<?php
/**
* PHPMailer RFC821 SMTP email transport class.
* PHP Version 5
* @package PHPMailer
* @link https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project
* @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
* @author Jim Jagielski (jimjag) <jimjag@gmail.com>
* @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
* @author Brent R. Matzelle (original founder)
* @copyright 2014 Marcus Bointon
* @copyright 2010 - 2012 Jim Jagielski
* @copyright 2004 - 2009 Andy Prevost
* @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
* @note This program is distributed in the hope that it will be useful - WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE.
*/
* PHP Version 5
* @package PHPMailer
* @link https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project
* @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
* @author Jim Jagielski (jimjag) <jimjag@gmail.com>
* @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
* @author Brent R. Matzelle (original founder)
* @copyright 2014 Marcus Bointon
* @copyright 2010 - 2012 Jim Jagielski
* @copyright 2004 - 2009 Andy Prevost
* @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
* @note This program is distributed in the hope that it will be useful - WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE.
*/
/**
* PHPMailer RFC821 SMTP email transport class.
* Implements RFC 821 SMTP commands and provides some utility methods for sending mail to an SMTP server.
* @package PHPMailer
* @author Chris Ryan
* @author Marcus Bointon <phpmailer@synchromedia.co.uk>
*/
* Implements RFC 821 SMTP commands and provides some utility methods for sending mail to an SMTP server.
* @package PHPMailer
* @author Chris Ryan
* @author Marcus Bointon <phpmailer@synchromedia.co.uk>
*/
class SMTP
{
/**
* The PHPMailer SMTP version number.
* @var string
*/
const VERSION = '5.2.21';
const VERSION = '5.2.26';
/**
* SMTP line break constant.
* @var string
*/
const CRLF = "\r\n";
/**
* The SMTP port to use if one is not specified.
* @var integer
*/
const DEFAULT_SMTP_PORT = 25;
/**
* The maximum line length allowed by RFC 2822 section 2.1.1
* @var integer
*/
const MAX_LINE_LENGTH = 998;
/**
* Debug level for no output
*/
const DEBUG_OFF = 0;
/**
* Debug level to show client -> server messages
*/
const DEBUG_CLIENT = 1;
/**
* Debug level to show client -> server and server -> client messages
*/
const DEBUG_SERVER = 2;
/**
* Debug level to show connection status, client -> server and server -> client messages
*/
const DEBUG_CONNECTION = 3;
/**
* Debug level to show all messages
*/
const DEBUG_LOWLEVEL = 4;
/**
* The PHPMailer SMTP Version number.
* @var string
* @deprecated Use the `VERSION` constant instead
* @see SMTP::VERSION
*/
public $Version = '5.2.21';
public $Version = '5.2.26';
/**
* SMTP server port number.
* @var integer
@@ -90,7 +90,7 @@ class SMTP
* @see SMTP::DEFAULT_SMTP_PORT
*/
public $SMTP_PORT = 25;
/**
* SMTP reply line ending.
* @var string
@@ -98,7 +98,7 @@ class SMTP
* @see SMTP::CRLF
*/
public $CRLF = "\r\n";
/**
* Debug output level.
* Options:
@@ -110,7 +110,7 @@ class SMTP
* @var integer
*/
public $do_debug = self::DEBUG_OFF;
/**
* How to handle debug output.
* Options:
@@ -125,7 +125,7 @@ class SMTP
* @var string|callable
*/
public $Debugoutput = 'echo';
/**
* Whether to use VERP.
* @link http://en.wikipedia.org/wiki/Variable_envelope_return_path
@@ -133,7 +133,7 @@ class SMTP
* @var boolean
*/
public $do_verp = false;
/**
* The timeout value for connection, in seconds.
* Default of 5 minutes (300sec) is from RFC2821 section 4.5.3.2
@@ -142,31 +142,36 @@ class SMTP
* @var integer
*/
public $Timeout = 300;
/**
* How long to wait for commands to complete, in seconds.
* Default of 5 minutes (300sec) is from RFC2821 section 4.5.3.2
* @var integer
*/
public $Timelimit = 300;
/**
* @var array patterns to extract smtp transaction id from smtp reply
* Only first capture group will be use, use non-capturing group to deal with it
* Extend this class to override this property to fulfil your needs.
* @var array Patterns to extract an SMTP transaction id from reply to a DATA command.
* The first capture group in each regex will be used as the ID.
*/
protected $smtp_transaction_id_patterns = array(
'exim' => '/[0-9]{3} OK id=(.*)/',
'sendmail' => '/[0-9]{3} 2.0.0 (.*) Message/',
'postfix' => '/[0-9]{3} 2.0.0 Ok: queued as (.*)/'
);
/**
* @var string The last transaction ID issued in response to a DATA command,
* if one was detected
*/
protected $last_smtp_transaction_id;
/**
* The socket for the server connection.
* @var resource
*/
protected $smtp_conn;
/**
* Error information, if any, for the last SMTP command.
* @var array
@@ -177,14 +182,14 @@ class SMTP
'smtp_code' => '',
'smtp_code_ex' => ''
);
/**
* The reply the server sent to us for HELO.
* If null, no HELO string has yet been received.
* @var string|null
*/
protected $helo_rply = null;
/**
* The set of SMTP extensions sent in reply to EHLO command.
* Indexes of the array are extension names.
@@ -195,13 +200,13 @@ class SMTP
* @var array|null
*/
protected $server_caps = null;
/**
* The most recent reply received from the server.
* @var string
*/
protected $last_reply = '';
/**
* Output debugging info via a user-selected method.
* @see SMTP::$Debugoutput
@@ -227,12 +232,11 @@ class SMTP
break;
case 'html':
//Cleans up output a bit for a better looking, HTML-safe output
echo htmlentities(
echo gmdate('Y-m-d H:i:s') . ' ' . htmlentities(
preg_replace('/[\r\n]+/', '', $str),
ENT_QUOTES,
'UTF-8'
)
. "<br>\n";
) . "<br>\n";
break;
case 'echo':
default:
@@ -242,10 +246,10 @@ class SMTP
"\n",
"\n \t ",
trim($str)
)."\n";
) . "\n";
}
}
/**
* Connect to an SMTP server.
* @param string $host SMTP server IP or host name
@@ -276,7 +280,8 @@ class SMTP
}
// Connect to the SMTP server
$this->edebug(
"Connection: opening to $host:$port, timeout=$timeout, options=".var_export($options, true),
"Connection: opening to $host:$port, timeout=$timeout, options=" .
var_export($options, true),
self::DEBUG_CONNECTION
);
$errno = 0;
@@ -339,7 +344,7 @@ class SMTP
$this->edebug('SERVER -> CLIENT: ' . $announce, self::DEBUG_SERVER);
return true;
}
/**
* Initiate a TLS (encrypted) session.
* @access public
@@ -350,28 +355,28 @@ class SMTP
if (!$this->sendCommand('STARTTLS', 'STARTTLS', 220)) {
return false;
}
//Allow the best TLS version(s) we can
$crypto_method = STREAM_CRYPTO_METHOD_TLS_CLIENT;
//PHP 5.6.7 dropped inclusion of TLS 1.1 and 1.2 in STREAM_CRYPTO_METHOD_TLS_CLIENT
//so add them back in manually if we can
if (defined('STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT')) {
$crypto_method |= STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT;
$crypto_method |= STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT;
}
// Begin encrypted connection
if (!stream_socket_enable_crypto(
set_error_handler(array($this, 'errorHandler'));
$crypto_ok = stream_socket_enable_crypto(
$this->smtp_conn,
true,
$crypto_method
)) {
return false;
}
return true;
);
restore_error_handler();
return $crypto_ok;
}
/**
* Perform SMTP authentication.
* Must be run after hello().
@@ -396,23 +401,22 @@ class SMTP
$this->setError('Authentication is not allowed before HELO/EHLO');
return false;
}
if (array_key_exists('EHLO', $this->server_caps)) {
// SMTP extensions are available. Let's try to find a proper authentication method
// SMTP extensions are available; try to find a proper authentication method
if (!array_key_exists('AUTH', $this->server_caps)) {
$this->setError('Authentication is not allowed at this stage');
// 'at this stage' means that auth may be allowed after the stage changes
// e.g. after STARTTLS
return false;
}
self::edebug('Auth method requested: ' . ($authtype ? $authtype : 'UNKNOWN'), self::DEBUG_LOWLEVEL);
self::edebug(
'Auth methods available on the server: ' . implode(',', $this->server_caps['AUTH']),
self::DEBUG_LOWLEVEL
);
if (empty($authtype)) {
foreach (array('CRAM-MD5', 'LOGIN', 'PLAIN', 'NTLM', 'XOAUTH2') as $method) {
if (in_array($method, $this->server_caps['AUTH'])) {
@@ -424,9 +428,9 @@ class SMTP
$this->setError('No supported authentication methods found');
return false;
}
self::edebug('Auth method selected: '.$authtype, self::DEBUG_LOWLEVEL);
self::edebug('Auth method selected: ' . $authtype, self::DEBUG_LOWLEVEL);
}
if (!in_array($authtype, $this->server_caps['AUTH'])) {
$this->setError("The requested authentication method \"$authtype\" is not supported by the server");
return false;
@@ -469,7 +473,7 @@ class SMTP
return false;
}
$oauth = $OAuth->getOauth64();
// Start authentication
if (!$this->sendCommand('AUTH', 'AUTH XOAUTH2 ' . $oauth, 235)) {
return false;
@@ -499,7 +503,7 @@ class SMTP
}
//msg1
$msg1 = $ntlm_client->typeMsg1($realm, $workstation); //msg1
if (!$this->sendCommand(
'AUTH NTLM',
'AUTH NTLM ' . base64_encode($msg1),
@@ -532,10 +536,10 @@ class SMTP
}
// Get the challenge
$challenge = base64_decode(substr($this->last_reply, 4));
// Build the response
$response = $username . ' ' . $this->hmac($challenge, $password);
// send encoded credentials
return $this->sendCommand('Username', base64_encode($response), 235);
default:
@@ -544,13 +548,13 @@ class SMTP
}
return true;
}
/**
* Calculate an MD5 HMAC hash.
* Works like hash_hmac('md5', $data, $key)
* in case that function is not available
* @param string $data The data to hash
* @param string $key The key to hash with
* @param string $key The key to hash with
* @access protected
* @return string
*/
@@ -559,15 +563,15 @@ class SMTP
if (function_exists('hash_hmac')) {
return hash_hmac('md5', $data, $key);
}
// The following borrowed from
// http://php.net/manual/en/function.mhash.php#27225
// RFC 2104 HMAC implementation for php.
// Creates an md5 HMAC.
// Eliminates the need to install mhash to compute a HMAC
// by Lance Rushing
$bytelen = 64; // byte length for md5
if (strlen($key) > $bytelen) {
$key = pack('H*', md5($key));
@@ -577,10 +581,10 @@ class SMTP
$opad = str_pad('', $bytelen, chr(0x5c));
$k_ipad = $key ^ $ipad;
$k_opad = $key ^ $opad;
return md5($k_opad . pack('H*', md5($k_ipad . $data)));
}
/**
* Check connection state.
* @access public
@@ -603,7 +607,7 @@ class SMTP
}
return false;
}
/**
* Close the socket and clean up the state of the class.
* Don't use this function without first trying to use QUIT.
@@ -623,7 +627,7 @@ class SMTP
$this->edebug('Connection: closed', self::DEBUG_CONNECTION);
}
}
/**
* Send an SMTP DATA command.
* Issues a data command and sends the msg_data to the server,
@@ -642,7 +646,7 @@ class SMTP
if (!$this->sendCommand('DATA', 'DATA', 354)) {
return false;
}
/* The server is ready to accept data!
* According to rfc821 we should not send more than 1000 characters on a single line (including the CRLF)
* so we will break the data up into lines by \r and/or \n then if needed we will break each of those into
@@ -650,21 +654,21 @@ class SMTP
* We will also look for lines that start with a '.' and prepend an additional '.'.
* NOTE: this does not count towards line-length limit.
*/
// Normalize line breaks before exploding
$lines = explode("\n", str_replace(array("\r\n", "\r"), "\n", $msg_data));
/* To distinguish between a complete RFC822 message and a plain message body, we check if the first field
* of the first line (':' separated) does not contain a space then it _should_ be a header and we will
* process all lines before a blank line as headers.
*/
$field = substr($lines[0], 0, strpos($lines[0], ':'));
$in_headers = false;
if (!empty($field) && strpos($field, ' ') === false) {
$in_headers = true;
}
foreach ($lines as $line) {
$lines_out = array();
if ($in_headers and $line == '') {
@@ -694,7 +698,7 @@ class SMTP
}
}
$lines_out[] = $line;
//Send the lines to the server
foreach ($lines_out as $line_out) {
//RFC2821 section 4.5.2
@@ -704,17 +708,18 @@ class SMTP
$this->client_send($line_out . self::CRLF);
}
}
//Message data has been sent, complete the command
//Increase timelimit for end of DATA command
$savetimelimit = $this->Timelimit;
$this->Timelimit = $this->Timelimit * 2;
$result = $this->sendCommand('DATA END', '.', 250);
$this->recordLastTransactionID();
//Restore timelimit
$this->Timelimit = $savetimelimit;
return $result;
}
/**
* Send an SMTP HELO or EHLO command.
* Used to identify the sending server to the receiving server.
@@ -730,7 +735,7 @@ class SMTP
//Try extended hello first (RFC 2821)
return (boolean)($this->sendHello('EHLO', $host) or $this->sendHello('HELO', $host));
}
/**
* Send an SMTP HELO or EHLO command.
* Low-level implementation used by hello()
@@ -751,7 +756,7 @@ class SMTP
}
return $noerror;
}
/**
* Parse a reply to HELO/EHLO command to discover server extensions.
* In case of HELO, the only parameter that can be discovered is a server name.
@@ -762,7 +767,7 @@ class SMTP
{
$this->server_caps = array();
$lines = explode("\n", $this->helo_rply);
foreach ($lines as $n => $s) {
//First 4 chars contain response code followed by - or space
$s = trim(substr($s, 4));
@@ -793,7 +798,7 @@ class SMTP
}
}
}
/**
* Send an SMTP MAIL command.
* Starts a mail transaction from the email address specified in
@@ -814,7 +819,7 @@ class SMTP
250
);
}
/**
* Send an SMTP QUIT command.
* Closes the socket if there is no error or the $close_on_error argument is true.
@@ -833,7 +838,7 @@ class SMTP
}
return $noerror;
}
/**
* Send an SMTP RCPT command.
* Sets the TO argument to $toaddr.
@@ -851,7 +856,7 @@ class SMTP
array(250, 251)
);
}
/**
* Send an SMTP RSET command.
* Abort any transaction that is currently in progress.
@@ -863,7 +868,7 @@ class SMTP
{
return $this->sendCommand('RSET', 'RSET', 250);
}
/**
* Send a command to an SMTP server and check its return code.
* @param string $command The command name - not sent to the server
@@ -884,7 +889,7 @@ class SMTP
return false;
}
$this->client_send($commandstring . self::CRLF);
$this->last_reply = $this->get_lines();
// Fetch SMTP code and possible error code explanation
$matches = array();
@@ -893,7 +898,8 @@ class SMTP
$code_ex = (count($matches) > 2 ? $matches[2] : null);
// Cut off error code from each response line
$detail = preg_replace(
"/{$code}[ -]".($code_ex ? str_replace('.', '\\.', $code_ex).' ' : '')."/m",
"/{$code}[ -]" .
($code_ex ? str_replace('.', '\\.', $code_ex) . ' ' : '') . "/m",
'',
$this->last_reply
);
@@ -903,9 +909,9 @@ class SMTP
$code_ex = null;
$detail = substr($this->last_reply, 4);
}
$this->edebug('SERVER -> CLIENT: ' . $this->last_reply, self::DEBUG_SERVER);
if (!in_array($code, (array)$expect)) {
$this->setError(
"$command command failed",
@@ -919,11 +925,11 @@ class SMTP
);
return false;
}
$this->setError('');
return true;
}
/**
* Send an SMTP SAML command.
* Starts a mail transaction from the email address specified in $from.
@@ -941,7 +947,7 @@ class SMTP
{
return $this->sendCommand('SAML', "SAML FROM:$from", 250);
}
/**
* Send an SMTP VRFY command.
* @param string $name The name to verify
@@ -952,7 +958,7 @@ class SMTP
{
return $this->sendCommand('VRFY', "VRFY $name", array(250, 251));
}
/**
* Send an SMTP NOOP command.
* Used to keep keep-alives alive, doesn't actually do anything
@@ -963,7 +969,7 @@ class SMTP
{
return $this->sendCommand('NOOP', 'NOOP', 250);
}
/**
* Send an SMTP TURN command.
* This is an optional command for SMTP that this class does not support.
@@ -979,7 +985,7 @@ class SMTP
$this->edebug('SMTP NOTICE: ' . $this->error['error'], self::DEBUG_CLIENT);
return false;
}
/**
* Send raw data to the server.
* @param string $data The data to send
@@ -989,9 +995,12 @@ class SMTP
public function client_send($data)
{
$this->edebug("CLIENT -> SERVER: $data", self::DEBUG_CLIENT);
return fwrite($this->smtp_conn, $data);
set_error_handler(array($this, 'errorHandler'));
$result = fwrite($this->smtp_conn, $data);
restore_error_handler();
return $result;
}
/**
* Get the latest error.
* @access public
@@ -1001,7 +1010,7 @@ class SMTP
{
return $this->error;
}
/**
* Get SMTP extensions available on the server
* @access public
@@ -1011,7 +1020,7 @@ class SMTP
{
return $this->server_caps;
}
/**
* A multipurpose method
* The method works in three ways, dependent on argument value and current state
@@ -1037,7 +1046,7 @@ class SMTP
$this->setError('No HELO/EHLO was sent');
return null;
}
// the tight logic knot ;)
if (!array_key_exists($name, $this->server_caps)) {
if ($name == 'HELO') {
@@ -1049,10 +1058,10 @@ class SMTP
$this->setError('HELO handshake was used. Client knows nothing about server extensions');
return null;
}
return $this->server_caps[$name];
}
/**
* Get the last reply from the server.
* @access public
@@ -1062,7 +1071,7 @@ class SMTP
{
return $this->last_reply;
}
/**
* Read the SMTP server's response.
* Either before eof or socket timeout occurs on the operation.
@@ -1089,8 +1098,10 @@ class SMTP
$this->edebug("SMTP -> get_lines(): \$data is \"$data\"", self::DEBUG_LOWLEVEL);
$this->edebug("SMTP -> get_lines(): \$str is \"$str\"", self::DEBUG_LOWLEVEL);
$data .= $str;
// If 4th character is a space, we are done reading, break the loop, micro-optimisation over strlen
if ((isset($str[3]) and $str[3] == ' ')) {
// If response is only 3 chars (not valid, but RFC5321 S4.2 says it must be handled),
// or 4th character is a space, we are done reading, break the loop,
// string array access is a micro-optimisation over strlen
if (!isset($str[3]) or (isset($str[3]) and $str[3] == ' ')) {
break;
}
// Timed-out? Log and break
@@ -1105,7 +1116,7 @@ class SMTP
// Now check if reads took too long
if ($endtime and time() > $endtime) {
$this->edebug(
'SMTP -> get_lines(): timelimit reached ('.
'SMTP -> get_lines(): timelimit reached (' .
$this->Timelimit . ' sec)',
self::DEBUG_LOWLEVEL
);
@@ -1114,7 +1125,7 @@ class SMTP
}
return $data;
}
/**
* Enable or disable VERP address generation.
* @param boolean $enabled
@@ -1123,7 +1134,7 @@ class SMTP
{
$this->do_verp = $enabled;
}
/**
* Get VERP address generation mode.
* @return boolean
@@ -1132,7 +1143,7 @@ class SMTP
{
return $this->do_verp;
}
/**
* Set error messages and codes.
* @param string $message The error message
@@ -1149,7 +1160,7 @@ class SMTP
'smtp_code_ex' => $smtp_code_ex
);
}
/**
* Set debug output method.
* @param string|callable $method The name of the mechanism to use for debugging output, or a callable to handle it.
@@ -1158,7 +1169,7 @@ class SMTP
{
$this->Debugoutput = $method;
}
/**
* Get debug output method.
* @return string
@@ -1167,7 +1178,7 @@ class SMTP
{
return $this->Debugoutput;
}
/**
* Set debug output level.
* @param integer $level
@@ -1176,7 +1187,7 @@ class SMTP
{
$this->do_debug = $level;
}
/**
* Get debug output level.
* @return integer
@@ -1185,7 +1196,7 @@ class SMTP
{
return $this->do_debug;
}
/**
* Set SMTP timeout.
* @param integer $timeout
@@ -1194,7 +1205,7 @@ class SMTP
{
$this->Timeout = $timeout;
}
/**
* Get SMTP timeout.
* @return integer
@@ -1203,47 +1214,63 @@ class SMTP
{
return $this->Timeout;
}
/**
* Reports an error number and string.
* @param integer $errno The error number returned by PHP.
* @param string $errmsg The error message returned by PHP.
* @param string $errfile The file the error occurred in
* @param integer $errline The line number the error occurred on
*/
protected function errorHandler($errno, $errmsg)
protected function errorHandler($errno, $errmsg, $errfile = '', $errline = 0)
{
$notice = 'Connection: Failed to connect to server.';
$notice = 'Connection failed.';
$this->setError(
$notice,
$errno,
$errmsg
);
$this->edebug(
$notice . ' Error number ' . $errno . '. "Error notice: ' . $errmsg,
$notice . ' Error #' . $errno . ': ' . $errmsg . " [$errfile line $errline]",
self::DEBUG_CONNECTION
);
}
/**
* Will return the ID of the last smtp transaction based on a list of patterns provided
* in SMTP::$smtp_transaction_id_patterns.
* Extract and return the ID of the last SMTP transaction based on
* a list of patterns provided in SMTP::$smtp_transaction_id_patterns.
* Relies on the host providing the ID in response to a DATA command.
* If no reply has been received yet, it will return null.
* If no pattern has been matched, it will return false.
* If no pattern was matched, it will return false.
* @return bool|null|string
*/
protected function recordLastTransactionID()
{
$reply = $this->getLastReply();
if (empty($reply)) {
$this->last_smtp_transaction_id = null;
} else {
$this->last_smtp_transaction_id = false;
foreach ($this->smtp_transaction_id_patterns as $smtp_transaction_id_pattern) {
if (preg_match($smtp_transaction_id_pattern, $reply, $matches)) {
$this->last_smtp_transaction_id = $matches[1];
}
}
}
return $this->last_smtp_transaction_id;
}
/**
* Get the queue/transaction ID of the last SMTP transaction
* If no reply has been received yet, it will return null.
* If no pattern was matched, it will return false.
* @return bool|null|string
* @see recordLastTransactionID()
*/
public function getLastTransactionID()
{
$reply = $this->getLastReply();
if (empty($reply)) {
return null;
}
foreach($this->smtp_transaction_id_patterns as $smtp_transaction_id_pattern) {
if(preg_match($smtp_transaction_id_pattern, $reply, $matches)) {
return $matches[1];
}
}
return false;
return $this->last_smtp_transaction_id;
}
}

114
lib/classes/settings/class.SImExporter.php Normal file
View File

@@ -0,0 +1,114 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2018 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Michael Kaufmann <d00p@froxlor.org>
* @author Froxlor team <team@froxlor.org> (2018-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Classes
*
* @since 0.9.39
*
*/
/**
* Class SImExporter
*
* Import/Export settings to JSON
*
* @copyright (c) the authors
* @author Michael Kaufmann <d00p@froxlor.org>
* @author Froxlor team <team@froxlor.org> (2018-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Classes
*/
class SImExporter
{
/**
* settings which are not being exported
*
* @var array
*/
private static $_no_export = [
'panel.adminmail',
'admin.show_news_feed',
'system.lastaccountnumber',
'system.lastguid',
'system.ipaddress',
'system.last_traffic_run',
'system.hostname',
'system.mysql_access_host',
'system.lastcronrun',
'system.defaultip',
'system.last_tasks_run',
'system.last_archive_run',
'system.leprivatekey',
'system.lepublickey'
];
public static function export()
{
$result_stmt = Database::query("
SELECT * FROM `" . TABLE_PANEL_SETTINGS . "` ORDER BY `settingid` ASC
");
$_data = array();
while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
$index = $row['settinggroup'] . "." . $row['varname'];
if (! in_array($index, self::$_no_export)) {
$_data[$index] = $row['value'];
}
}
// add checksum for validation
$_data['_sha'] = sha1(var_export($_data, true));
$_export = json_encode($_data, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES);
if (! $_export) {
throw new Exception("Error exporting settings: " . json_last_error_msg());
}
return $_export;
}
public static function import($json_str = null)
{
// decode data
$_data = json_decode($json_str, true);
if ($_data) {
// get validity check data
$_sha = isset($_data['_sha']) ? $_data['_sha'] : false;
$_version = isset($_data['panel.version']) ? $_data['panel.version'] : false;
$_dbversion = isset($_data['panel.db_version']) ? $_data['panel.db_version'] : false;
// check if we have everything we need
if (! $_sha || ! $_version || ! $_dbversion) {
throw new Exception("Invalid froxlor settings data. Unable to import.");
}
// validate import file
unset($_data['_sha']);
// compare
if ($_sha != sha1(var_export($_data, true))) {
throw new Exception("SHA check of import data failed. Unable to import.");
}
// do not import version info - but we need that to possibily update settings
// when there were changes in the variable-name or similar
unset($_data['panel.version']);
unset($_data['panel.db_version']);
/*
// store new data
foreach ($_data as $index => $value) {
Settings::Set($index, $value);
}
// save to DB
Settings::Flush();
*/
// all good
return true;
}
throw new Exception("Invalid JSON data: " . json_last_error_msg());
}
}

75
lib/classes/ssl/class.lescript.php
View File

@@ -30,7 +30,6 @@ class lescript
{
// https://letsencrypt.org/repository/
public $license;
private $logger;
@@ -111,19 +110,7 @@ class lescript
}
$accountUrl=$this->client->getLastLocation();
$this->log('Accepting lets encrypt Terms of Service');
$this->license = $this->client->getAgreementURL();
// Terms of Service are optional according to ACME specs; if no ToS are presented, no need to update registration
if (!empty($this->license)) {
$response = $this->postRegAgreement(parse_url($accountUrl, PHP_URL_PATH));
if ($this->client->getLastCode() != 202) {
throw new \RuntimeException("Terms of Service not accepted. Whole response: " . json_encode($response));
}
}
$leregistered=1;
$leregistered = 1;
$this->setLeRegisteredState($leregistered); // Account registered
$this->log('Lets encrypt Terms of Service accepted');
}
@@ -373,21 +360,16 @@ class lescript
private function postNewReg()
{
$this->log('Getting last terms of service URL');
$directory = $this->client->get('/directory');
if (!isset($directory['meta']) || !isset($directory['meta']['terms-of-service'])) {
throw new \RuntimeException("No terms of service link available!");
}
$this->log('Sending registration to letsencrypt server');
return $this->signedRequest('/acme/new-reg', array(
'resource' => 'new-reg',
'agreement' => $this->license
));
}
private function postRegAgreement($uri)
{
$this->log('Accepting agreement at URL: ' . $this->license);
return $this->signedRequest($uri, array(
'resource' => 'reg',
'agreement' => $this->license
'agreement' => $directory['meta']['terms-of-service']
));
}
@@ -592,49 +574,6 @@ class Client
preg_match_all('~Link: <(.+)>;rel="up"~', $this->lastHeader, $matches);
return $matches[1];
}
public function getAgreementURLFromLastResponse()
{
if (preg_match_all('~Link: <(.+)>;rel="terms-of-service"~', $this->lastHeader, $matches)) {
return $matches[1][0];
}
return "";
}
public function getAgreementURLFromDirectory()
{
// FIXME: Current license should be found in /directory but LE does not implement this yet
// $this->curl('GET', '/directory');
return "";
}
public function getAgreementURLFromTermsUrl()
{
$this->curl('GET', '/terms');
if (preg_match_all('~Location: (.+)~', $this->lastHeader, $matches)) {
return trim($matches[1][0]);
}
return "";
}
public function getAgreementURL()
{
// 1. check the header of the last response
$license=$this->getAgreementURLFromLastResponse();
if (!empty($license)) return $license;
// 2. query directory for license
$license=$this->getAgreementURLFromDirectory();
if (!empty($license)) return $license;
// 3. query /terms endpoint (not ACME standard but implemented by let's enrypt)
$license=$this->getAgreementURLFromTermsUrl();
if (!empty($license)) return $license;
// Fallback: use latest known license. This is only valid for let's encrypt and should be removed as soon as there is an official
// ACME-endpoint to get the current ToS
return "https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf";
// return "";
}
}
class Base64UrlSafeEncoder

599
lib/classes/ssl/class.lescript_v2.php Normal file
View File

@@ -0,0 +1,599 @@
<?php
// Copyright (c) 2015, Stanislav Humplik <sh@analogic.cz>
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are met:
// * Redistributions of source code must retain the above copyright
// notice, this list of conditions and the following disclaimer.
// * Redistributions in binary form must reproduce the above copyright
// notice, this list of conditions and the following disclaimer in the
// documentation and/or other materials provided with the distribution.
// * Neither the name of the <organization> nor the
// names of its contributors may be used to endorse or promote products
// derived from this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
// DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
// DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// This file is copied from https://github.com/analogic/lescript
// and modified to work without files and integrate in Froxlor
class lescript_v2
{
// https://letsencrypt.org/repository/
private $logger;
private $client;
private $accountKey;
private $customerid;
private $isFroxlorVhost;
private $isLeProduction;
private $version;
private $_req_uris = array();
private $_acc_location = null;
public function __construct($logger, $version = '2')
{
$this->logger = $logger;
$this->version = $version;
if (Settings::Get('system.letsencryptca') == 'production') {
$ca = 'https://acme-v02.api.letsencrypt.org';
} else {
$ca = 'https://acme-staging-v02.api.letsencrypt.org';
}
$this->client = new Client($ca);
$this->log("Using '$ca' to generate certificate");
// get request-uris from /directory
$response = $this->client->get('/directory');
$this->_req_uris['newAccount'] = $response['newAccount'];
$this->_req_uris['newOrder'] = $response['newOrder'];
$this->_req_uris['newNonce'] = $response['newNonce'];
$this->_req_uris['revokeCert'] = $response['revokeCert'];
}
public function initAccount($certrow, $isFroxlorVhost = false)
{
// Let's see if we have the private accountkey
$this->accountKey = $certrow['leprivatekey'];
$this->customerId = (! $isFroxlorVhost ? $certrow['customerid'] : null);
$this->isFroxlorVhost = $isFroxlorVhost;
$this->isLeProduction = (Settings::Get('system.letsencryptca') == 'production');
$leregistered = $certrow['leregistered'];
if (! $this->accountKey || $this->accountKey == 'unset' || ! $this->isLeProduction) {
// generate and save new private key for account
// ---------------------------------------------
$this->log('Creating new account key');
$keys = $this->generateKey();
// Only store the accountkey in production, in staging always generate a new key
if ($this->isLeProduction) {
if ($isFroxlorVhost) {
Settings::Set('system.lepublickey', $keys['public']);
Settings::Set('system.leprivatekey', $keys['private']);
Settings::Set('system.leregistered', 0); // key is not registered
} else {
$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `lepublickey` = :public, `leprivatekey` = :private, `leregistered` = :registered " . "WHERE `customerid` = :customerid;");
Database::pexecute($upd_stmt, array(
'public' => $keys['public'],
'private' => $keys['private'],
'registered' => 0,
'customerid' => $this->customerId
));
}
}
$leregistered = 0;
$this->accountKey = $keys['private'];
} else {
$this->log('Using existing account key');
}
if ($leregistered == 0) { // Account not registered
$this->log('Starting new account registration');
$response = $this->postNewReg();
if ($this->client->getLastCode() == 409) {
$this->log('The key was already registered. Using existing account.');
} else if ($this->client->getLastCode() == 201) {
$this->log('New account registered.');
} else {
throw new \RuntimeException("Account not initialized, probably due to rate limiting. Whole response: " . json_encode($response));
}
$this->_acc_location = $this->client->getLastLocation();
$leregistered = 1;
$this->setLeRegisteredState($leregistered);
}
}
/**
*
* @param array $domains
* @param string $domainkey
* @param string $csr
* optional, same behavior as $reuseCsr from the original class, but we're passing the content of the csr already
*
* @throws \RuntimeException
* @return string[]
*/
public function signDomains(array $domains, $domainkey = null, $csr = null)
{
if (! $this->accountKey) {
throw new \RuntimeException("Account not initialized");
}
$this->log('Starting certificate generation process for domains');
$privateAccountKey = openssl_pkey_get_private($this->accountKey);
$accountKeyDetails = openssl_pkey_get_details($privateAccountKey);
// start domains authentication
// ----------------------------
foreach ($domains as $domain) {
// 1. getting available authentication options
// -------------------------------------------
$this->log("Requesting challenge for $domain");
$response = $this->signedRequest($this->_req_uris['newOrder'], array(
"identifiers" => array(
array(
"type" => "dns",
"value" => $domain
)
)
), false);
if ($this->client->getLastCode() == 403) {
$this->log("Got status 403 - setting LE status to unregistered.");
$this->setLeRegisteredState(0);
throw new RuntimeException("Got 'unauthorized' response - we need to re-register at next run. Whole response: " . json_encode($response));
}
// if response is not an array but a string, it's most likely a server-error, e.g.
// <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>An error occurred while processing your request.
// <p>Reference&#32;&#35;179&#46;d8be1402&#46;1458059103&#46;3613c4db</BODY></HTML>
if (! is_array($response)) {
throw new RuntimeException("Invalid response from LE for domain $domain. Whole response: " . json_encode($response));
}
if (! array_key_exists('authorizations', $response)) {
throw new RuntimeException("No authorizations received for $domain. Whole response: " . json_encode($response));
}
// get authorization
$auth_response = $this->client->get($response['authorizations'][0]);
if (! array_key_exists('challenges', $auth_response)) {
throw new RuntimeException("No challenges received for $domain. Whole response: " . json_encode($auth_response));
}
// choose http-01 challenge only
$challenge = array_reduce($auth_response['challenges'], function ($v, $w) {
return $v ? $v : ($w['type'] == 'http-01' ? $w : false);
});
if (! $challenge) {
throw new RuntimeException("HTTP Challenge for $domain is not available. Whole response: " . json_encode($response));
}
$this->log("Got challenge token for $domain");
$location = $challenge['url'];
$finalizeLink = $response['finalize'];
// 2. saving authentication token for web verification
// ---------------------------------------------------
$directory = Settings::Get('system.letsencryptchallengepath') . '/.well-known/acme-challenge';
$tokenPath = $directory . '/' . $challenge['token'];
if (! file_exists($directory) && ! @mkdir($directory, 0755, true)) {
throw new \RuntimeException("Couldn't create directory to expose challenge: ${tokenPath}");
}
$header = array(
// need to be in precise order!
"e" => Base64UrlSafeEncoder::encode($accountKeyDetails["rsa"]["e"]),
"kty" => "RSA",
"n" => Base64UrlSafeEncoder::encode($accountKeyDetails["rsa"]["n"])
);
$payload = $challenge['token'] . '.' . Base64UrlSafeEncoder::encode(hash('sha256', json_encode($header), true));
file_put_contents($tokenPath, $payload);
chmod($tokenPath, 0644);
// 3. verification process itself
// -------------------------------
$uri = "http://${domain}/.well-known/acme-challenge/${challenge['token']}";
$this->log("Token for $domain saved at $tokenPath and should be available at $uri");
// simple self check
if (Settings::Get('system.disable_le_selfcheck') == '0') {
$selfcheckContextOptions = array(
'http' => array(
'header' => "User-Agent: Froxlor/" . $this->version
)
);
$selfcheckContext = stream_context_create($selfcheckContextOptions);
if ($payload !== trim(@file_get_contents($uri, false, $selfcheckContext))) {
$errmsg = json_encode(error_get_last());
if ($errmsg != "null") {
$errmsg = "; PHP error: " . $errmsg;
} else {
$errmsg = "";
}
$this->logger->logAction(CRON_ACTION, LOG_WARNING, "[Lets Encrypt self-check] Please check $uri - token seems to be not available. This is just a simple self-check, it might be wrong but consider using this information when Let's Encrypt fails to issue a certificate" . $errmsg);
}
}
$this->log("Sending request to challenge");
// send request to challenge
$result = $this->signedRequest($challenge['url'], array(
"type" => "http-01",
"keyAuthorization" => $payload,
"token" => $challenge['token']
), false);
// waiting loop
// we wait for a maximum of 30 seconds to avoid endless loops
$count = 0;
do {
if (empty($result['status']) || $result['status'] == "invalid") {
@unlink($tokenPath);
throw new \RuntimeException("Verification ended with error: " . json_encode($result));
}
$ended = ! ($result['status'] === "pending" || $result['status'] === "processing");
if (! $ended) {
$this->log("Verification " . $result['status'] . ", sleeping 1s");
sleep(1);
$count ++;
}
$result = $this->client->get($location);
} while (! $ended && $count < 30);
$this->log("Verification ended with status: ${result['status']}");
@unlink($tokenPath);
}
// requesting certificate
// ----------------------
// generate private key for domain if not exist
if (empty($domainkey) || Settings::Get('system.letsencryptreuseold') == 0) {
$keys = $this->generateKey();
$domainkey = $keys['private'];
}
// load domain key
$privateDomainKey = openssl_pkey_get_private($domainkey);
if (empty($csr)) {
$csr = $this->generateCSR($privateDomainKey, $domains);
}
// request certificates creation
$result = $this->signedRequest($finalizeLink, array(
'csr' => $csr
), false);
if ($this->client->getLastCode() !== 200) {
throw new \RuntimeException("Invalid response code: " . $this->client->getLastCode() . ", " . json_encode($result));
}
if (! isset($result['certificate'])) {
throw new \RuntimeException("No certificate URL specified in result");
}
$certificates = array();
$certdata = $this->client->get($result['certificate']);
$this->log("Got certificate! YAY!");
$certificates[] = $certdata;
foreach ($this->client->getLastLinks() as $link) {
$this->log("Requesting chained cert at $link");
$result = $this->client->get($link);
$certificates[] = $result;
}
if (empty($certificates))
throw new \RuntimeException('No certificates generated');
$fullchain = implode("\n", $certificates);
$crt = array_shift($certificates);
$chain = implode("\n", $certificates);
$this->log("Done, returning new certificates and key");
return array(
'fullchain' => $fullchain,
'crt' => $crt,
'chain' => $chain,
'key' => $domainkey,
'csr' => $csr
);
}
private function setLeRegisteredState($state)
{
if ($this->isLeProduction) {
if ($this->isFroxlorVhost) {
Settings::Set('system.leregistered', $state);
} else {
$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered " . "WHERE `customerid` = :customerid;");
Database::pexecute($upd_stmt, array(
'registered' => $state,
'customerid' => $this->customerId
));
}
}
}
private function parsePemFromBody($body)
{
$pem = chunk_split(base64_encode($body), 64, "\n");
return "-----BEGIN CERTIFICATE-----\n" . $pem . "-----END CERTIFICATE-----\n";
}
private function postNewReg()
{
$this->log('Getting last terms of service URL');
$directory = $this->client->get('/directory');
if (! isset($directory['meta']) || ! isset($directory['meta']['termsOfService'])) {
throw new \RuntimeException("No terms of service link available!");
}
$this->log('Sending registration to letsencrypt server');
return $this->signedRequest($this->_req_uris['newAccount'], array(
'termsOfServiceAgreed' => true
));
}
private function generateCSR($privateKey, array $domains)
{
$domain = reset($domains);
$san = implode(",", array_map(function ($dns) {
return "DNS:" . $dns;
}, $domains));
$tmpConf = tmpfile();
$tmpConfMeta = stream_get_meta_data($tmpConf);
$tmpConfPath = $tmpConfMeta["uri"];
// workaround to get SAN working
fwrite($tmpConf, 'HOME = .
RANDFILE = $ENV::HOME/.rnd
[ req ]
default_bits = ' . Settings::Get('system.letsencryptkeysize') . '
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
req_extensions = v3_req
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
[ v3_req ]
basicConstraints = CA:FALSE
subjectAltName = ' . $san . '
keyUsage = nonRepudiation, digitalSignature, keyEncipherment');
$csr = openssl_csr_new(array(
"CN" => $domain,
"ST" => Settings::Get('system.letsencryptstate'),
"C" => Settings::Get('system.letsencryptcountrycode'),
"O" => "Unknown"
), $privateKey, array(
"config" => $tmpConfPath,
"digest_alg" => "sha256"
));
if (! $csr)
throw new \RuntimeException("CSR couldn't be generated! " . openssl_error_string());
openssl_csr_export($csr, $csr);
fclose($tmpConf);
preg_match('~REQUEST-----(.*)-----END~s', $csr, $matches);
return trim(Base64UrlSafeEncoder::encode(base64_decode($matches[1])));
}
private function generateKey()
{
$res = openssl_pkey_new(array(
"private_key_type" => OPENSSL_KEYTYPE_RSA,
"private_key_bits" => (int) Settings::Get('system.letsencryptkeysize')
));
if (! openssl_pkey_export($res, $privateKey)) {
throw new \RuntimeException("Key export failed!");
}
$details = openssl_pkey_get_details($res);
return array(
'private' => $privateKey,
'public' => $details['key']
);
}
private function signedRequest($uri, array $payload, $needs_jwk = true)
{
$privateKey = openssl_pkey_get_private($this->accountKey);
$details = openssl_pkey_get_details($privateKey);
$header = array(
"alg" => "RS256"
);
if ($needs_jwk) {
$header["jwk"] = array(
"kty" => "RSA",
"n" => Base64UrlSafeEncoder::encode($details["rsa"]["n"]),
"e" => Base64UrlSafeEncoder::encode($details["rsa"]["e"])
);
} else {
// need account-url
$header["kid"] = $this->_acc_location;
}
$protected = $header;
$protected["nonce"] = $this->client->getLastNonce();
$protected["url"] = $uri;
$payload64 = Base64UrlSafeEncoder::encode(json_encode($payload, JSON_UNESCAPED_SLASHES));
$protected64 = Base64UrlSafeEncoder::encode(json_encode($protected));
openssl_sign($protected64 . '.' . $payload64, $signed, $privateKey, "SHA256");
$signed64 = Base64UrlSafeEncoder::encode($signed);
$data = array(
'protected' => $protected64,
'payload' => $payload64,
'signature' => $signed64
);
$this->log("Sending signed request to $uri");
return $this->client->post($uri, json_encode($data));
}
protected function log($message)
{
$this->logger->logAction(CRON_ACTION, LOG_INFO, "letsencrypt-v2 " . $message);
}
}
class Client
{
private $lastCode;
public $lastHeader;
private $base;
public function __construct($base)
{
$this->base = $base;
}
private function curl($method, $url, $data = null)
{
$headers = array(
'Accept: application/json',
'Content-Type: application/json'
);
$handle = curl_init();
curl_setopt($handle, CURLOPT_URL, preg_match('~^http~', $url) ? $url : $this->base . $url);
curl_setopt($handle, CURLOPT_HTTPHEADER, $headers);
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
curl_setopt($handle, CURLOPT_HEADER, true);
// DO NOT DO THAT!
// curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, false);
// curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, false);
switch ($method) {
case 'GET':
break;
case 'POST':
curl_setopt($handle, CURLOPT_POST, true);
curl_setopt($handle, CURLOPT_POSTFIELDS, $data);
break;
}
$response = curl_exec($handle);
if (curl_errno($handle)) {
throw new \RuntimeException('Curl: ' . curl_error($handle));
}
$header_size = curl_getinfo($handle, CURLINFO_HEADER_SIZE);
$header = substr($response, 0, $header_size);
$body = substr($response, $header_size);
$this->lastHeader = $header;
$this->lastCode = curl_getinfo($handle, CURLINFO_HTTP_CODE);
$data = json_decode($body, true);
return $data === null ? $body : $data;
}
public function post($url, $data)
{
return $this->curl('POST', $url, $data);
}
public function get($url)
{
return $this->curl('GET', $url);
}
public function getLastNonce()
{
if (preg_match('~Replay\-Nonce: (.+)~i', $this->lastHeader, $matches)) {
return trim($matches[1]);
}
$this->curl('GET', '/directory');
return $this->getLastNonce();
}
public function getLastLocation()
{
if (preg_match('~Location: (.+)~i', $this->lastHeader, $matches)) {
return trim($matches[1]);
}
return null;
}
public function getLastCode()
{
return $this->lastCode;
}
public function getLastLinks()
{
preg_match_all('~Link: <(.+)>;rel="up"~', $this->lastHeader, $matches);
return $matches[1];
}
}
class Base64UrlSafeEncoder
{
public static function encode($input)
{
return str_replace('=', '', strtr(base64_encode($input), '+/', '-_'));
}
public static function decode($input)
{
$remainder = strlen($input) % 4;
if ($remainder) {
$padlen = 4 - $remainder;
$input .= str_repeat('=', $padlen);
}
return base64_decode(strtr($input, '-_', '+/'));
}
}

205
lib/classes/webserver/class.ConfigIO.php
View File

@@ -17,13 +17,14 @@
* @since 0.9.29
*
*/
class ConfigIO {
class ConfigIO
{
/**
* constructor
*/
public function __construct() {}
public function __construct()
{}
/**
* clean up former created configs, including (if enabled)
@@ -32,39 +33,40 @@ class ConfigIO {
*
* @return null
*/
public function cleanUp() {
public function cleanUp()
{
// old error logs
$this->_cleanErrLogs();
// awstats files
$this->_cleanAwstatsFiles();
// fcgid files
$this->_cleanFcgidFiles();
// php-fpm files
$this->_cleanFpmFiles();
// clean webserver-configs
$this->_cleanWebserverConfigs();
// old htpasswd files
$this->_cleanHtpasswdFiles();
// customer-specified ssl-certificates
$this->_cleanCustomerSslCerts();
}
private function _cleanErrLogs() {
$err_dir = makeCorrectDir(FROXLOR_INSTALL_DIR."/logs/");
if (@is_dir($err_dir)) {
// now get rid of old stuff
//(but append /*.log so we don't delete the directory)
$err_dir.='/*.log';
safe_exec('rm -rf '. makeCorrectFile($err_dir));
}
private function _cleanErrLogs()
{
$err_dir = makeCorrectDir(FROXLOR_INSTALL_DIR . "/logs/");
if (@is_dir($err_dir)) {
// now get rid of old stuff
// (but append /*.log so we don't delete the directory)
$err_dir .= '/*.log';
safe_exec('rm -f ' . makeCorrectFile($err_dir));
}
}
/**
@@ -73,8 +75,9 @@ class ConfigIO {
*
* @return null
*/
private function _cleanCustomerSslCerts() {
private function _cleanCustomerSslCerts()
{
/*
* only clean up if we're actually using SSL
*/
@@ -82,14 +85,14 @@ class ConfigIO {
// get correct directory
$configdir = $this->_getFile('system', 'customer_ssl_path');
if ($configdir !== false) {
$configdir = makeCorrectDir($configdir);
if (@is_dir($configdir)) {
// now get rid of old stuff
//(but append /* so we don't delete the directory)
$configdir.='/*';
safe_exec('rm -rf '. makeCorrectFile($configdir));
// (but append /* so we don't delete the directory)
$configdir .= '/*';
safe_exec('rm -f ' . makeCorrectFile($configdir));
}
}
}
@@ -100,39 +103,38 @@ class ConfigIO {
*
* @return null
*/
private function _cleanWebserverConfigs() {
private function _cleanWebserverConfigs()
{
// get directories
$configdirs = array();
$dir = $this->_getFile('system', 'apacheconf_vhost');
if ($dir !== false)
$configdirs[] = makeCorrectDir($dir);
$dir = $this->_getFile('system', 'apacheconf_diroptions');
if ($dir !== false)
$configdirs[] = makeCorrectDir($dir);
// file pattern
$pattern = "/^([0-9]){2}_(froxlor|syscp)_(.+)\.conf$/";
// check ALL the folders
foreach ($configdirs as $config_dir) {
// check directory
if (@is_dir($config_dir)) {
// create directory iterator
$its = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($config_dir)
);
$its = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($config_dir));
// iterate through all subdirs,
// look for vhost/diroption files
// and delete them
foreach ($its as $fullFileName => $it ) {
foreach ($its as $fullFileName => $it) {
if ($it->isFile() && preg_match($pattern, $it->getFilename())) {
// remove file
safe_exec('rm -f '. escapeshellarg(makeCorrectFile($its->getPathname())));
safe_exec('rm -f ' . escapeshellarg(makeCorrectFile($its->getPathname())));
}
}
}
@@ -144,19 +146,20 @@ class ConfigIO {
*
* @return null
*/
private function _cleanHtpasswdFiles() {
private function _cleanHtpasswdFiles()
{
// get correct directory
$configdir = $this->_getFile('system', 'apacheconf_htpasswddir');
if ($configdir !== false) {
$configdir = makeCorrectDir($configdir);
if (@is_dir($configdir)) {
// now get rid of old stuff
//(but append /* so we don't delete the directory)
$configdir.='/*';
safe_exec('rm -rf '. makeCorrectFile($configdir));
// (but append /* so we don't delete the directory)
$configdir .= '/*';
safe_exec('rm -f ' . makeCorrectFile($configdir));
}
}
}
@@ -166,37 +169,36 @@ class ConfigIO {
*
* @return null
*/
private function _cleanAwstatsFiles() {
private function _cleanAwstatsFiles()
{
if (Settings::Get('system.awstats_enabled') == '0') {
return;
}
//dhr: cleanout froxlor-generated awstats configs prior to re-creation
// dhr: cleanout froxlor-generated awstats configs prior to re-creation
$awstatsclean['header'] = "## GENERATED BY FROXLOR\n";
$awstatsclean['headerold'] = "## GENERATED BY SYSCP\n";
$awstatsclean['path'] = $this->_getFile('system', 'awstats_conf');
/**
* don't do anything if the directory does not exist
* (e.g. awstats not installed yet or whatever)
* (e.g.
* awstats not installed yet or whatever)
* fixes #45
*/
*/
if ($awstatsclean['path'] !== false && is_dir($awstatsclean['path'])) {
$awstatsclean['dir'] = dir($awstatsclean['path']);
while ($awstatsclean['entry'] = $awstatsclean['dir']->read()) {
$awstatsclean['fullentry'] = makeCorrectFile($awstatsclean['path'].'/'.$awstatsclean['entry']);
$awstatsclean['fullentry'] = makeCorrectFile($awstatsclean['path'] . '/' . $awstatsclean['entry']);
/**
* don't do anything if the file does not exist
*/
*/
if (@file_exists($awstatsclean['fullentry'])) {
$awstatsclean['fh'] = fopen($awstatsclean['fullentry'], 'r');
$awstatsclean['headerRead'] = fgets($awstatsclean['fh'], strlen($awstatsclean['header'])+1);
$awstatsclean['headerRead'] = fgets($awstatsclean['fh'], strlen($awstatsclean['header']) + 1);
fclose($awstatsclean['fh']);
if ($awstatsclean['headerRead'] == $awstatsclean['header']
|| $awstatsclean['headerRead'] == $awstatsclean['headerold']
) {
if ($awstatsclean['headerRead'] == $awstatsclean['header'] || $awstatsclean['headerRead'] == $awstatsclean['headerold']) {
$awstats_conf_file = makeCorrectFile($awstatsclean['fullentry']);
@unlink($awstats_conf_file);
}
@@ -204,7 +206,7 @@ class ConfigIO {
}
}
unset($awstatsclean);
//end dhr
// end dhr
}
/**
@@ -212,39 +214,37 @@ class ConfigIO {
*
* @return null
*/
private function _cleanFcgidFiles() {
private function _cleanFcgidFiles()
{
if (Settings::Get('system.mod_fcgid') == '0') {
return;
}
// get correct directory
$configdir = $this->_getFile('system', 'mod_fcgid_configdir');
if ($configdir !== false) {
$configdir = makeCorrectDir($configdir);
if (@is_dir($configdir)) {
// create directory iterator
$its = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($configdir)
);
$its = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($configdir));
// iterate through all subdirs,
// look for php-fcgi-starter files
// and take immutable-flag away from them
// so we can delete them :)
foreach ($its as $fullFileName => $it ) {
foreach ($its as $fullFileName => $it) {
if ($it->isFile() && $it->getFilename() == 'php-fcgi-starter') {
// set chattr -i
removeImmutable($its->getPathname());
}
}
// now get rid of old stuff
//(but append /* so we don't delete the directory)
$configdir.='/*';
safe_exec('rm -rf '. makeCorrectFile($configdir));
// (but append /* so we don't delete the directory)
$configdir .= '/*';
safe_exec('rm -rf ' . makeCorrectFile($configdir));
}
}
}
@@ -254,33 +254,36 @@ class ConfigIO {
*
* @return null
*/
private function _cleanFpmFiles() {
private function _cleanFpmFiles()
{
if (Settings::Get('phpfpm.enabled') == '0') {
return;
}
// get correct directory
$configdir = $this->_getFile('phpfpm', 'configdir');
if ($configdir !== false) {
$configdir = makeCorrectDir($configdir);
// get all fpm config paths
$fpmconf_sel = Database::prepare("SELECT config_dir FROM `" . TABLE_PANEL_FPMDAEMONS . "`");
Database::pexecute($fpmconf_sel);
$fpmconf_paths = $fpmconf_sel->fetchAll(PDO::FETCH_ASSOC);
// clean all php-fpm config-dirs
foreach ($fpmconf_paths as $configdir) {
$configdir = makeCorrectDir($configdir['config_dir']);
if (@is_dir($configdir)) {
// now get rid of old stuff
//(but append /* so we don't delete the directory)
$configdir.='/*';
safe_exec('rm -rf '. makeCorrectFile($configdir));
// (but append /*.conf so we don't delete the directory)
$configdir .= '/*.conf';
safe_exec('rm -f ' . makeCorrectFile($configdir));
} else {
safe_exec('mkdir -p ' . $configdir);
}
}
// also remove aliasconfigdir #1273
$aliasconfigdir = $this->_getFile('phpfpm', 'aliasconfigdir');
if ($aliasconfigdir !== false) {
$aliasconfigdir = makeCorrectDir($aliasconfigdir);
if (@is_dir($aliasconfigdir)) {
$aliasconfigdir.='/*';
safe_exec('rm -rf '. makeCorrectFile($aliasconfigdir));
$aliasconfigdir .= '/*';
safe_exec('rm -rf ' . makeCorrectFile($aliasconfigdir));
}
}
}
@@ -288,17 +291,21 @@ class ConfigIO {
/**
* returns a file/direcotry from the settings and checks whether it exists
*
* @param string $group settings-group
* @param string $varname var-name
* @param boolean $check_exists check if the file exists
*
* @param string $group
* settings-group
* @param string $varname
* var-name
* @param boolean $check_exists
* check if the file exists
*
* @return string|boolean complete path including filename if any or false on error
*/
private function _getFile($group, $varname, $check_exists = true) {
private function _getFile($group, $varname, $check_exists = true)
{
// read from settings
$file = Settings::Get($group.'.'.$varname);
$file = Settings::Get($group . '.' . $varname);
// check whether it exists
if ($check_exists && @file_exists($file) == false) {
return false;

67
lib/classes/webserver/class.WebserverBase.php
View File

@@ -17,8 +17,8 @@
* @since 0.9.31
*
*/
class WebserverBase {
class WebserverBase
{
/**
* returns an array with all entries required for all
@@ -26,8 +26,8 @@ class WebserverBase {
*
* @return array
*/
public static function getVhostsToCreate() {
public static function getVhostsToCreate()
{
$query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`,
`d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`,
`c`.`documentroot` AS `customerroot`, `c`.`deactivated`,
@@ -35,20 +35,36 @@ class WebserverBase {
`d`.`phpenabled` AS `phpenabled_vhost`,
`d`.`mod_fcgid_starter`,`d`.`mod_fcgid_maxrequests`,
`d`.`ocsp_stapling`
FROM `".TABLE_PANEL_DOMAINS."` `d`
FROM `" . TABLE_PANEL_DOMAINS . "` `d`
LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`)
LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`)
LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`)
LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `pd` ON (`pd`.`id` = `d`.`parentdomainid`)
WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1'
ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;
";
$result_domains_stmt = Database::query($query);
// prepare IP statement
$ip_stmt = Database::prepare("
SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile`
FROM `" . TABLE_DOMAINTOIP . "` `di`, `" . TABLE_PANEL_IPSANDPORTS . "` `p`
WHERE `p`.`id` = `di`.`id_ipandports`
AND `di`.`id_domain` = :domainid
AND `p`.`ssl` = '1'
");
// prepare fpm-config select query
$fpm_sel_stmt = Database::prepare("
SELECT f.id FROM `" . TABLE_PANEL_FPMDAEMONS . "` f
LEFT JOIN `" . TABLE_PANEL_PHPCONFIGS . "` p ON p.fpmsettingid = f.id
WHERE p.id = :phpconfigid
");
$domains = array();
while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
// set whole domain
$domains[$domain['domain']] = $domain;
// set empty-defaults for non-ssl
@@ -57,31 +73,38 @@ class WebserverBase {
$domains[$domain['domain']]['ssl_key_file'] = '';
$domains[$domain['domain']]['ssl_ca_file'] = '';
$domains[$domain['domain']]['ssl_cert_chainfile'] = '';
// now, if the domain has an ssl ip/port assigned, get
// the corresponding information from the db
if (domainHasSslIpPort($domain['id'])) {
$ip_stmt = Database::prepare("
SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile`
FROM `".TABLE_DOMAINTOIP."` `di`, `".TABLE_PANEL_IPSANDPORTS."` `p`
WHERE `p`.`id` = `di`.`id_ipandports`
AND `di`.`id_domain` = :domainid
AND `p`.`ssl` = '1'
");
$ssl_ip = Database::pexecute_first($ip_stmt, array('domainid' => $domain['id']));
$ssl_ip = Database::pexecute_first($ip_stmt, array(
'domainid' => $domain['id']
));
// set ssl info for domain
$domains[$domain['domain']]['ssl'] = '1';
$domains[$domain['domain']]['ssl_cert_file'] = $ssl_ip['ssl_cert_file'];
$domains[$domain['domain']]['ssl_key_file'] = $ssl_ip['ssl_key_file'];
$domains[$domain['domain']]['ssl_ca_file'] = $ssl_ip['ssl_ca_file'];
$domains[$domain['domain']]['ssl_cert_chainfile'] = $ssl_ip['ssl_cert_chainfile'];
}
// read fpm-config-id if using fpm
if ((int) Settings::Get('phpfpm.enabled') == 1) {
$fpm_config = Database::pexecute_first($fpm_sel_stmt, array(
'phpconfigid' => $domain['phpsettingid']
));
if ($fpm_config) {
$domains[$domain['domain']]['fpm_config_id'] = $fpm_config['id'];
} else {
// fallback
$domains[$domain['domain']]['fpm_config_id'] = 1;
}
}
}
return $domains;
}
}

4650
lib/configfiles/stretch.xml Normal file
View File

File diff suppressed because it is too large Load Diff

2
lib/configfiles/wheezy.xml
View File

@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<froxlor>
<distribution name="Debian" codename="Wheezy" version="7.x" defaulteditor="/usr/bin/nano">
<distribution name="Debian" codename="Wheezy" version="7.x" defaulteditor="/usr/bin/nano" deprecated="true">
<services>
<!-- HTTP -->
<service type="http" title="{{lng.admin.configfiles.http}}">

112
lib/formfields/admin/customer/formfield.customer_add.php
View File

@@ -14,7 +14,6 @@
* @package Formfields
*
*/
return array(
'customer_add' => array(
'title' => $lng['admin']['customer_add'],
@@ -29,20 +28,30 @@ return array(
'type' => 'text'
),
'createstdsubdomain' => array(
'label' => $lng['admin']['stdsubdomain_add'].'?',
'label' => $lng['admin']['stdsubdomain_add'] . '?',
'type' => 'checkbox',
'values' => array(
array ('label' => $lng['panel']['yes'], 'value' => '1')
),
'value' => array('1')
array(
'label' => $lng['panel']['yes'],
'value' => '1'
)
),
'value' => array(
'1'
)
),
'store_defaultindex' => array(
'label' => $lng['admin']['store_defaultindex'].'?',
'label' => $lng['admin']['store_defaultindex'] . '?',
'type' => 'checkbox',
'values' => array(
array ('label' => $lng['panel']['yes'], 'value' => '1')
),
'value' => array('1')
array(
'label' => $lng['panel']['yes'],
'value' => '1'
)
),
'value' => array(
'1'
)
),
'new_customer_password' => array(
'label' => $lng['login']['password'],
@@ -53,15 +62,20 @@ return array(
'label' => $lng['customer']['generated_pwd'],
'type' => 'text',
'visible' => (Settings::Get('panel.password_regex') == ''),
'value' => generatePassword(),
'value' => generatePassword()
),
'sendpassword' => array(
'label' => $lng['admin']['sendpassword'],
'type' => 'checkbox',
'values' => array(
array ('label' => $lng['panel']['yes'], 'value' => '1')
),
'value' => array('1')
array(
'label' => $lng['panel']['yes'],
'value' => '1'
)
),
'value' => array(
'1'
)
),
'def_language' => array(
'label' => $lng['login']['language'],
@@ -135,7 +149,10 @@ return array(
'label' => $lng['usersettings']['custom_notes']['show'],
'type' => 'checkbox',
'values' => array(
array ('label' => $lng['panel']['yes'], 'value' => '1')
array(
'label' => $lng['panel']['yes'],
'value' => '1'
)
),
'value' => array()
)
@@ -206,18 +223,28 @@ return array(
'label' => $lng['customer']['email_imap'],
'type' => 'checkbox',
'values' => array(
array ('label' => $lng['panel']['yes'], 'value' => '1')
),
'value' => array('1'),
array(
'label' => $lng['panel']['yes'],
'value' => '1'
)
),
'value' => array(
'1'
),
'mandatory' => true
),
'email_pop3' => array(
'label' => $lng['customer']['email_pop3'],
'type' => 'checkbox',
'values' => array(
array ('label' => $lng['panel']['yes'], 'value' => '1')
),
'value' => array('1'),
array(
'label' => $lng['panel']['yes'],
'value' => '1'
)
),
'value' => array(
'1'
),
'mandatory' => true
),
'ftps' => array(
@@ -244,28 +271,51 @@ return array(
'ul_field' => $mysqls_ul
),
'phpenabled' => array(
'label' => $lng['admin']['phpenabled'].'?',
'label' => $lng['admin']['phpenabled'] . '?',
'type' => 'checkbox',
'values' => array(
array ('label' => $lng['panel']['yes'], 'value' => '1')
),
'value' => array('1')
array(
'label' => $lng['panel']['yes'],
'value' => '1'
)
),
'value' => array(
'1'
)
),
'allowed_phpconfigs' => array(
'visible' => (((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) ? true : false),
'label' => $lng['admin']['phpsettings']['title'],
'type' => 'checkbox',
'values' => $phpconfigs,
'value' => ((int) Settings::Get('system.mod_fcgid') == 1 ? array(
Settings::Get('system.mod_fcgid_defaultini')
) : (int) Settings::Get('phpfpm.enabled') == 1) ? array(
Settings::Get('phpfpm.defaultini')
) : array(),
'is_array' => 1
),
'perlenabled' => array(
'label' => $lng['admin']['perlenabled'].'?',
'label' => $lng['admin']['perlenabled'] . '?',
'type' => 'checkbox',
'values' => array(
array ('label' => $lng['panel']['yes'], 'value' => '1')
)
array(
'label' => $lng['panel']['yes'],
'value' => '1'
)
)
),
'dnsenabled' => array(
'label' => $lng['admin']['dnsenabled'].'?',
'label' => $lng['admin']['dnsenabled'] . '?',
'type' => 'checkbox',
'values' => array(
array ('label' => $lng['panel']['yes'], 'value' => '1')
),
array(
'label' => $lng['panel']['yes'],
'value' => '1'
)
),
'visible' => (Settings::Get('system.dnsenabled') == '1' ? true : false)
),
)
)
)
)

8
lib/formfields/admin/customer/formfield.customer_edit.php
View File

@@ -260,6 +260,14 @@ return array(
),
'value' => array($result['phpenabled'])
),
'allowed_phpconfigs' => array(
'visible' => (((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) ? true : false),
'label' => $lng['admin']['phpsettings']['title'],
'type' => 'checkbox',
'values' => $phpconfigs,
'value' => isset($result['allowed_phpconfigs']) && !empty($result['allowed_phpconfigs']) ? json_decode($result['allowed_phpconfigs'], JSON_OBJECT_AS_ARRAY) : array(),
'is_array' => 1
),
'perlenabled' => array(
'label' => $lng['admin']['perlenabled'].'?',
'type' => 'checkbox',

2
lib/formfields/admin/domains/formfield.domains_add.php
View File

@@ -174,7 +174,7 @@ return array(
'value' => array()
),
'http2' => array(
'visible' => ($ssl_ipsandports != '' ? true : false) && Settings::Get('system.webserver') != 'lighttpd',
'visible' => ($ssl_ipsandports != '' ? true : false) && Settings::Get('system.webserver') != 'lighttpd' && Settings::Get('system.http2_support') == '1',
'label' => $lng['admin']['domain_http2']['title'],
'desc' => $lng['admin']['domain_http2']['description'],
'type' => 'checkbox',

17
lib/formfields/admin/domains/formfield.domains_edit.php
View File

@@ -208,7 +208,7 @@ return array(
)
),
'http2' => array(
'visible' => ($ssl_ipsandports != '' ? true : false) && Settings::Get('system.webserver') != 'lighttpd',
'visible' => ($ssl_ipsandports != '' ? true : false) && Settings::Get('system.webserver') != 'lighttpd' && Settings::Get('system.http2_support') == '1',
'label' => $lng['admin']['domain_http2']['title'],
'desc' => $lng['admin']['domain_http2']['description'],
'type' => 'checkbox',
@@ -325,6 +325,21 @@ return array(
'type' => 'select',
'select_var' => $phpconfigs
),
'phpsettingsforsubdomains' => array(
'visible' => ($userinfo['change_serversettings'] == '1' ? true : false),
'label' => $lng['admin']['phpsettingsforsubdomains'],
'desc' => $lng['serversettings']['phpsettingsforsubdomains']['description'],
'type' => 'checkbox',
'values' => array(
array(
'label' => $lng['panel']['yes'],
'value' => '1'
)
),
'value' => array(
'1'
)
),
'mod_fcgid_starter' => array(
'visible' => ((int) Settings::Get('system.mod_fcgid') == 1 ? true : false),
'label' => $lng['admin']['mod_fcgid_starter']['title'],

95
lib/formfields/admin/phpconfig/formfield.fpmconfig_add.php Normal file
View File

@@ -0,0 +1,95 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Formfields
*
*/
return array(
'fpmconfig_add' => array(
'title' => $lng['admin']['phpsettings']['addsettings'],
'image' => 'icons/phpsettings_add.png',
'sections' => array(
'section_a' => array(
'title' => $lng['admin']['phpsettings']['addsettings'],
'image' => 'icons/phpsettings_add.png',
'fields' => array(
'description' => array(
'label' => $lng['admin']['phpsettings']['description'],
'type' => 'text',
'maxlength' => 50
),
'reload_cmd' => array(
'label' => $lng['serversettings']['phpfpm_settings']['reload'],
'type' => 'text',
'maxlength' => 255,
'value' => 'service php7.0-fpm restart'
),
'config_dir' => array(
'label' => $lng['serversettings']['phpfpm_settings']['configdir'],
'type' => 'text',
'maxlength' => 255,
'value' => '/etc/php/7.0/fpm/pool.d/'
),
'pm' => array(
'label' => $lng['serversettings']['phpfpm_settings']['pm'],
'type' => 'select',
'select_var' => $pm_select
),
'max_children' => array(
'label' => $lng['serversettings']['phpfpm_settings']['max_children']['title'],
'desc' => $lng['serversettings']['phpfpm_settings']['max_children']['description'],
'type' => 'int',
'value' => 1
),
'start_servers' => array(
'label' => $lng['serversettings']['phpfpm_settings']['start_servers']['title'],
'desc' => $lng['serversettings']['phpfpm_settings']['start_servers']['description'],
'type' => 'int',
'value' => 20
),
'min_spare_servers' => array(
'label' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['title'],
'desc' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['description'],
'type' => 'int',
'value' => 5
),
'max_spare_servers' => array(
'label' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['title'],
'desc' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['description'],
'type' => 'int',
'value' => 35
),
'max_requests' => array(
'label' => $lng['serversettings']['phpfpm_settings']['max_requests']['title'],
'desc' => $lng['serversettings']['phpfpm_settings']['max_requests']['description'],
'type' => 'int',
'value' => 0
),
'idle_timeout' => array(
'label' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['title'],
'desc' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['description'],
'type' => 'int',
'value' => 30
),
'limit_extensions' => array(
'label' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['title'],
'desc' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['description'],
'type' => 'text',
'value' => '.php'
)
)
)
)
)
);

96
lib/formfields/admin/phpconfig/formfield.fpmconfig_edit.php Normal file
View File

@@ -0,0 +1,96 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Formfields
*
*/
return array(
'fpmconfig_edit' => array(
'title' => $lng['admin']['phpsettings']['editsettings'],
'image' => 'icons/phpsettings_edit.png',
'sections' => array(
'section_a' => array(
'title' => $lng['admin']['phpsettings']['editsettings'],
'image' => 'icons/phpsettings_edit.png',
'fields' => array(
'description' => array(
'label' => $lng['admin']['phpsettings']['description'],
'type' => 'text',
'maxlength' => 50,
'value' => $result['description']
),
'reload_cmd' => array(
'label' => $lng['serversettings']['phpfpm_settings']['reload'],
'type' => 'text',
'maxlength' => 255,
'value' => $result['reload_cmd']
),
'config_dir' => array(
'label' => $lng['serversettings']['phpfpm_settings']['configdir'],
'type' => 'text',
'maxlength' => 255,
'value' => $result['config_dir']
),
'pm' => array(
'label' => $lng['serversettings']['phpfpm_settings']['pm'],
'type' => 'select',
'select_var' => $pm_select
),
'max_children' => array(
'label' => $lng['serversettings']['phpfpm_settings']['max_children']['title'],
'desc' => $lng['serversettings']['phpfpm_settings']['max_children']['description'],
'type' => 'int',
'value' => $result['max_children']
),
'start_servers' => array(
'label' => $lng['serversettings']['phpfpm_settings']['start_servers']['title'],
'desc' => $lng['serversettings']['phpfpm_settings']['start_servers']['description'],
'type' => 'int',
'value' => $result['start_servers']
),
'min_spare_servers' => array(
'label' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['title'],
'desc' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['description'],
'type' => 'int',
'value' => $result['min_spare_servers']
),
'max_spare_servers' => array(
'label' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['title'],
'desc' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['description'],
'type' => 'int',
'value' => $result['max_spare_servers']
),
'max_requests' => array(
'label' => $lng['serversettings']['phpfpm_settings']['max_requests']['title'],
'desc' => $lng['serversettings']['phpfpm_settings']['max_requests']['description'],
'type' => 'int',
'value' => $result['max_requests']
),
'idle_timeout' => array(
'label' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['title'],
'desc' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['description'],
'type' => 'int',
'value' => $result['idle_timeout']
),
'limit_extensions' => array(
'label' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['title'],
'desc' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['description'],
'type' => 'text',
'value' => $result['limit_extensions']
)
)
)
)
)
);

15
lib/formfields/admin/phpconfig/formfield.phpconfig_add.php
View File

@@ -36,6 +36,12 @@ return array(
'maxlength' => 255,
'value' => '/usr/bin/php-cgi'
),
'fpmconfig' => array(
'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
'label' => $lng['admin']['phpsettings']['fpmdesc'],
'type' => 'select',
'select_var' => $fpmconfigs
),
'file_extensions' => array(
'visible' => (Settings::Get('system.mod_fcgid') == 1 ? true : false),
'label' => $lng['admin']['phpsettings']['file_extensions'],
@@ -84,6 +90,15 @@ return array(
'maxlength' => 10,
'value' => '5s'
),
'phpfpm_pass_authorizationheader' => array(
'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
'label' => $lng['admin']['phpsettings']['pass_authorizationheader'],
'type' => 'checkbox',
'values' => array(
array ('label' => $lng['panel']['yes'], 'value' => '1')
),
'value' => array()
),
'phpsettings' => array(
'style' => 'align-top',
'label' => $lng['admin']['phpsettings']['phpinisettings'],

15
lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php
View File

@@ -37,6 +37,12 @@ return array(
'maxlength' => 255,
'value' => $result['binary']
),
'fpmconfig' => array(
'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
'label' => $lng['admin']['phpsettings']['fpmdesc'],
'type' => 'select',
'select_var' => $fpmconfigs
),
'file_extensions' => array(
'visible' => (Settings::Get('system.mod_fcgid') == 1 ? true : false),
'label' => $lng['admin']['phpsettings']['file_extensions'],
@@ -87,6 +93,15 @@ return array(
'maxlength' => 10,
'value' => $result['fpm_reqslow']
),
'phpfpm_pass_authorizationheader' => array(
'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
'label' => $lng['admin']['phpsettings']['pass_authorizationheader'],
'type' => 'checkbox',
'values' => array(
array ('label' => $lng['panel']['yes'], 'value' => '1')
),
'value' => array($result['pass_authorizationheader'])
),
'phpsettings' => array(
'style' => 'align-top',
'label' => $lng['admin']['phpsettings']['phpinisettings'],

6
lib/formfields/customer/domains/formfield.domains_add.php
View File

@@ -70,6 +70,12 @@ return array(
'label' => $lng['domain']['openbasedirpath'],
'type' => 'select',
'select_var' => $openbasedir
),
'phpsettingid' => array(
'visible' => (((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) && $has_phpconfigs ? true : false),
'label' => $lng['admin']['phpsettings']['title'],
'type' => 'select',
'select_var' => $phpconfigs
)
)
),

6
lib/formfields/customer/domains/formfield.domains_edit.php
View File

@@ -81,6 +81,12 @@ return array(
'label' => $lng['domain']['openbasedirpath'],
'type' => 'select',
'select_var' => $openbasedir
),
'phpsettingid' => array(
'visible' => (((int) Settings::Get('system.mod_fcgid') == 1 || (int) Settings::Get('phpfpm.enabled') == 1) && $has_phpconfigs ? true : false),
'label' => $lng['admin']['phpsettings']['title'],
'type' => 'select',
'select_var' => $phpconfigs
)
)
),

14
lib/functions/dns/function.generateDkimEntries.php
View File

@@ -54,20 +54,8 @@ function generateDkimEntries($domain)
// end-part
$dkim_txt .= 't=s';
if (Settings::Get('system.dns_server') == 'pdns') {
// PowerDNS does not need/want splitted content
$txt_record_split = $dkim_txt;
} else {
// split if necessary
$txt_record_split = '';
$lbr = 50;
for ($pos = 0; $pos <= strlen($dkim_txt) - 1; $pos += $lbr) {
$txt_record_split .= (($pos == 0) ? '("' : "\t\t\t\t\t \"") . substr($dkim_txt, $pos, $lbr) . (($pos >= strlen($dkim_txt) - $lbr) ? '")' : '"') . "\n";
}
}
// dkim-entry
$zone_dkim[] = $txt_record_split;
$zone_dkim[] = $dkim_txt;
// adsp-entry
if (Settings::Get('dkim.dkim_add_adsp') == "1") {

12
lib/functions/output/function.standard_error.php
View File

@@ -63,3 +63,15 @@ function standard_error($errors = '', $replacer = '') {
eval("echo \"" . getTemplate('misc/error', '1') . "\";");
exit;
}
function dynamic_error($message) {
global $userinfo, $s, $header, $footer, $lng, $theme;
$_SESSION['requestData'] = $_POST;
$link = '';
if (isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST']) !== false) {
$link = '<a href="'.htmlentities($_SERVER['HTTP_REFERER']).'">'.$lng['panel']['back'].'</a>';
}
$error = $message;
eval("echo \"" . getTemplate('misc/error', '1') . "\";");
exit;
}

25
lib/functions/settings/function.storeSettingMysqlAccessHost.php
View File

@@ -16,33 +16,36 @@
* @package Functions
*
*/
function storeSettingMysqlAccessHost($fieldname, $fielddata, $newfieldvalue)
{
$returnvalue = storeSettingField($fieldname, $fielddata, $newfieldvalue);
if($returnvalue !== false && is_array($fielddata) && isset($fielddata['settinggroup']) && $fielddata['settinggroup'] == 'system' && isset($fielddata['varname']) && $fielddata['varname'] == 'mysql_access_host')
{
if ($returnvalue !== false && is_array($fielddata) && isset($fielddata['settinggroup']) && $fielddata['settinggroup'] == 'system' && isset($fielddata['varname']) && $fielddata['varname'] == 'mysql_access_host') {
$mysql_access_host_array = array_map('trim', explode(',', $newfieldvalue));
if(in_array('127.0.0.1', $mysql_access_host_array)
&& !in_array('localhost', $mysql_access_host_array))
{
if (in_array('127.0.0.1', $mysql_access_host_array) && ! in_array('localhost', $mysql_access_host_array)) {
$mysql_access_host_array[] = 'localhost';
}
if(!in_array('127.0.0.1', $mysql_access_host_array)
&& in_array('localhost', $mysql_access_host_array))
{
if (! in_array('127.0.0.1', $mysql_access_host_array) && in_array('localhost', $mysql_access_host_array)) {
$mysql_access_host_array[] = '127.0.0.1';
}
// be aware that ipv6 addresses are enclosed in [ ] when passed here
$mysql_access_host_array = array_map('cleanMySQLAccessHost', $mysql_access_host_array);
$mysql_access_host_array = array_unique(array_trim($mysql_access_host_array));
$newfieldvalue = implode(',', $mysql_access_host_array);
correctMysqlUsers($mysql_access_host_array);
}
return $returnvalue;
}
?>
function cleanMySQLAccessHost($value)
{
if (substr($value, 0, 1) == '[' && substr($value, - 1) == ']') {
return substr($value, 1, - 1);
}
return $value;
}

2
lib/init.php
View File

@@ -157,7 +157,7 @@ if (version_compare(PHP_VERSION, "5.4.0", "<")) {
$in = array(&$_GET, &$_POST, &$_COOKIE);
$_in = $in;
foreach ($in as $k => $v) {
foreach ($_in as $k => $v) {
foreach ($v as $key => $val) {
if (!is_array($val)) {
$in[$k][$key] = stripslashes($val);

6
lib/navigation/00.froxlor.main.php
View File

@@ -279,6 +279,12 @@ return array(
'label' => $lng['menue']['phpsettings']['maintitle'],
'show_element' => (Settings::Get('system.mod_fcgid') == true || Settings::Get('phpfpm.enabled') == true)
),
array(
'url' => 'admin_phpsettings.php?page=fpmdaemons',
'label' => $lng['menue']['phpsettings']['fpmdaemons'],
'required_resources' => 'change_serversettings',
'show_element' => Settings::Get('phpfpm.enabled') == true
),
array(
'url' => 'admin_settings.php?page=phpinfo',
'label' => $lng['admin']['phpinfo'],

1
lib/tables.inc.php
View File

@@ -51,5 +51,6 @@ define('TABLE_PANEL_DOMAINREDIRECTS', 'domain_redirect_codes');
define('TABLE_PANEL_DOMAIN_SSL_SETTINGS', 'domain_ssl_settings');
define('TABLE_DOMAINTOIP', 'panel_domaintoip');
define('TABLE_DOMAIN_DNS', 'domain_dns_entries');
define('TABLE_PANEL_FPMDAEMONS', 'panel_fpmdaemons');
require dirname(__FILE__).'/version.inc.php';

4
lib/version.inc.php
View File

@@ -16,10 +16,10 @@
*/
// Main version variable
$version = '0.9.38.8';
$version = '0.9.39';
// Database version (YYYYMMDDC where C is a daily counter)
$dbversion = '201712310';
$dbversion = '201801260';
// Distribution branding-tag (used for Debian etc.)
$branding = '';

32
lng/english.lng.php
View File

@@ -940,6 +940,7 @@ $lng['admin']['phpsettings']['phpinisettings'] = 'php.ini settings';
$lng['error']['nopermissionsorinvalidid'] = 'You don\'t have enough permissions to change these settings or an invalid id was given.';
$lng['panel']['view'] = 'view';
$lng['question']['phpsetting_reallydelete'] = 'Do you really want to delete these settings? All domains which use these settings currently will be changed to the default config.';
$lng['question']['fpmsetting_reallydelete'] = 'Do you really want to delete these php-fpm settings? All php configurations which use these settings currently will be changed to the default config.';
$lng['admin']['phpsettings']['addnew'] = 'Create new settings';
$lng['error']['phpsettingidwrong'] = 'A PHP Configuration with this id doesn\'t exist';
$lng['error']['descriptioninvalid'] = 'The description is too short, too long or contains illegal characters.';
@@ -1001,6 +1002,7 @@ $lng['error']['ipportdoesntexist'] = 'The ip/port combination you have chosen do
$lng['admin']['phpserversettings'] = 'PHP Settings';
$lng['admin']['phpsettings']['binary'] = 'PHP Binary';
$lng['admin']['phpsettings']['fpmdesc'] = 'PHP-FPM config';
$lng['admin']['phpsettings']['file_extensions'] = 'File extensions';
$lng['admin']['phpsettings']['file_extensions_note'] = '(without dot, separated by spaces)';
$lng['admin']['mod_fcgid_maxrequests']['title'] = 'Maximum php requests for this domain (empty for default value)';
@@ -1656,7 +1658,7 @@ $lng['traffic']['mail'] = 'Mail (MiB)';
$lng['serversettings']['mod_fcgid']['idle_timeout']['title'] = 'Idle Timeout';
$lng['serversettings']['mod_fcgid']['idle_timeout']['description'] = 'Timeout setting for Mod FastCGI.';
$lng['serversettings']['phpfpm_settings']['idle_timeout']['title'] = 'Idle Timeout';
$lng['serversettings']['phpfpm_settings']['idle_timeout']['description'] = 'Timeout setting for PHP5 FPM FastCGI.';
$lng['serversettings']['phpfpm_settings']['idle_timeout']['description'] = 'Timeout setting for PHP FPM FastCGI.';
// ADDED IN 0.9.27-svn2
$lng['panel']['cancel'] = 'Cancel';
@@ -1826,7 +1828,7 @@ $lng['serversettings']['panel_password_special_char_required']['description'] =
$lng['serversettings']['panel_password_special_char']['title'] = 'Special characters list';
$lng['serversettings']['panel_password_special_char']['description'] = 'One of these characters is required if the above option is set.';
$lng['phpfpm']['use_mod_proxy']['title'] = 'Use mod_proxy / mod_proxy_fcgi';
$lng['phpfpm']['use_mod_proxy']['description'] = 'Activate to use php-fpm via mod_proxy_fcgi. Requires at least apache-2.4.9';
$lng['phpfpm']['use_mod_proxy']['description'] = '<strong class="red">Must be enabled when using Debian 9.x (Stretch)</strong>. Activate to use php-fpm via mod_proxy_fcgi. Requires at least apache-2.4.9';
$lng['error']['no_phpinfo'] = 'Sorry, unable to read phpinfo()';
$lng['admin']['movetoadmin'] = 'Move customer';
@@ -1847,9 +1849,9 @@ $lng['usersettings']['custom_notes']['show'] = 'Show your notes on the dashboard
$lng['error']['fcgidandphpfpmnogoodtogether'] = 'FCGID and PHP-FPM cannot be activated at the same time';
// Added in Froxlor 0.9.34
$lng['admin']['configfiles']['legend'] = 'You are about to configure a service/daemon. The following legend explains the nomenclature.';
$lng['admin']['configfiles']['legend'] = '<h3>You are about to configure a service/daemon</h3>';
$lng['admin']['configfiles']['commands'] = '<span class="red">Commands:</span> These commands are to be executed line by line as root-user in a shell. It is safe to copy the whole block and paste it into the shell.';
$lng['admin']['configfiles']['files'] = '<span class="red">Configfiles:</span> This is an example of the contents of a configuration file. The commands before these textfields should open an editor with the target file. Just copy and paste the contents into the editor and save the file.<br><br><span class="red">Please note:</span> The MySQL-password has not been replaced for security reasons. Please replace "FROXLOR_MYSQL_PASSWORD" on your own. If you forgot your MySQL-password you\'ll find it in "lib/userdata.inc.php"';
$lng['admin']['configfiles']['files'] = '<span class="red">Configfiles:</span> The commands before the textfields should open an editor with the target file. Just copy and paste the contents into the editor and save the file.<br><span class="red">Please note:</span> The MySQL-password has not been replaced for security reasons. Please replace "FROXLOR_MYSQL_PASSWORD" on your own or use the javascript form below to replace it on-site. If you forgot your MySQL-password you\'ll find it in "lib/userdata.inc.php"';
$lng['serversettings']['apache_itksupport']['title'] = 'Use modifications for Apache ITK-MPM';
$lng['serversettings']['apache_itksupport']['description'] = '<strong class="red">ATTENTION:</strong> use only if you acutally have apache itk-mpm enabled<br />otherwise your webserver will not be able to start';
$lng['integrity_check']['DatabaseCharset'] = 'Characterset of database (should be UTF-8)';
@@ -1938,7 +1940,7 @@ $lng['admin']['letsencrypt']['description'] = 'Get a free certificate from <a hr
$lng['customer']['letsencrypt']['title'] = 'Use Let\'s Encrypt';
$lng['customer']['letsencrypt']['description'] = 'Get a free certificate from <a href="https://letsencrypt.org">Let\'s Encrypt</a>. The certificate will be created and renewed automatically.<br><strong class="red">ATTENTION:</strong> This feature is still in beta.';
$lng['error']['sslredirectonlypossiblewithsslipport'] = 'Using Let\'s Encrypt is only possible when the domain has at least one ssl-enabled IP/port combination assigned.';
$lng['error']['nowildcardwithletsencrypt'] = 'Let\'s Encrypt cannot (yet) handle wildcard-domains. Please set the ServerAlias to WWW or disable it completely';
$lng['error']['nowildcardwithletsencrypt'] = 'Let\'s Encrypt cannot handle wildcard-domains using ACME v1. Please set the ServerAlias to WWW or disable it completely';
$lng['panel']['letsencrypt'] = 'Using Let\'s encrypt';
$lng['crondesc']['cron_letsencrypt'] = 'updating Let\'s Encrypt certificates';
$lng['serversettings']['letsencryptca']['title'] = "Let's Encrypt environment";
@@ -2082,3 +2084,23 @@ $lng['admin']['testmail'] = 'SMTP test';
$lng['success']['testmailsent'] = 'Test mail sent successfully';
$lng['serversettings']['disable_le_selfcheck']['title'] = "Disable Let's Encrypt local self-check";
$lng['serversettings']['disable_le_selfcheck']['description'] = "If activated, froxlor will <strong>not</strong> perform its self-check for token accessability. Needed for NATed IP's or similar.";
$lng['menue']['phpsettings']['fpmdaemons'] = 'PHP-FPM versions';
$lng['admin']['phpsettings']['activephpconfigs'] = 'In use for php-config(s)';
$lng['admin']['phpsettingsforsubdomains'] = 'Apply php-config to all subdomains:';
$lng['serversettings']['phpsettingsforsubdomains']['description'] = 'If yes the chosen php-config will be updated to all subdomains';
$lng['serversettings']['leapiversion']['title'] = "Chose Let's Encrypt ACME implementation";
$lng['serversettings']['leapiversion']['description'] = "Chose between ACME v1 and ACME v2 implementation for Let's Encrypt.";
$lng['error']['nowildcardwithletsencryptv2'] = 'Let\'s Encrypt can only validate wildcard-domains by DNS with ACME v2, sorry. Please set the ServerAlias to WWW or disable it completely';
$lng['admin']['phpsettings']['pass_authorizationheader'] = 'Add "-pass-header Authorization" / "CGIPassAuth On" to vhosts';
$lng['serversettings']['ssl']['ssl_protocols']['title'] = 'Configure the TLS protocol version';
$lng['serversettings']['ssl']['ssl_protocols']['description'] = 'This is a list of ssl protocols that you want (or don\'t want) to use when using SSL. <b>Notice:</b> Some older browsers may not support the newest protcol versions.<br /><br /><b>Default value is:</b><pre>TLSv1, TLSv1.2</pre>';
$lng['serversettings']['phpfpm_settings']['limit_extensions']['title'] = 'Allowed extensions';
$lng['serversettings']['phpfpm_settings']['limit_extensions']['description'] = 'Limits the extensions of the main script FPM will allow to parse. This can prevent configuration mistakes on the web server side. You should only limit FPM to .php extensions to prevent malicious users to use other extensions to execute php code. Default value: .php';
$lng['phpfpm']['ini_flags'] = 'Enter possible <strong>php_flag</strong>s for php.ini. One entry per line';
$lng['phpfpm']['ini_values'] = 'Enter possible <strong>php_value</strong>s for php.ini. One entry per line';
$lng['phpfpm']['ini_admin_flags'] = 'Enter possible <strong>php_admin_flag</strong>s for php.ini. One entry per line';
$lng['phpfpm']['ini_admin_values'] = 'Enter possible <strong>php_admin_value</strong>s for php.ini. One entry per line';
$lng['serversettings']['phpfpm_settings']['envpath'] = 'Paths to add to the PATH environment. Leave empty for no PATH environment variable';
$lng['admin']['configfiles']['importexport'] = 'Import/Export';
$lng['success']['settingsimported'] = 'Settings imported successfully';
$lng['error']['jsonextensionnotfound'] = 'This feature requires the php json-extension.';

31
lng/german.lng.php
View File

@@ -934,6 +934,7 @@ $lng['admin']['phpsettings']['phpinisettings'] = 'php.ini-Einstellungen';
$lng['error']['nopermissionsorinvalidid'] = 'Entweder fehlen Ihnen die nötigen Rechte diese Einstellung zu ändern oder es wurde eine ungültige ID übergeben';
$lng['panel']['view'] = 'ansehen';
$lng['question']['phpsetting_reallydelete'] = 'Wollen Sie diese PHP-Einstellungen wirklich löschen? Alle Domains die diese Einstellungen bis jetzt verwendet haben, werden dann auf die Standardeinstellungen umgestellt.';
$lng['question']['fpmsetting_reallydelete'] = 'Wollen Sie diese PHP-FPM Einstellungen wirklich löschen? Alle PHP Konfigurationen die diese Einstellungen bis jetzt verwendet haben, werden dann auf die Standardeinstellungen umgestellt.';
$lng['admin']['phpsettings']['addnew'] = 'Neue Konfiguration erstellen';
$lng['error']['phpsettingidwrong'] = 'Eine PHP-Konfiguration mit dieser ID existiert nicht';
$lng['error']['descriptioninvalid'] = 'Der Beschreibungstext ist zu kurz, zu lang oder enthält ungültige Zeichen';
@@ -997,6 +998,7 @@ $lng['error']['ipportdoesntexist'] = 'Die gewählte IP/Port-Kombination existier
$lng['admin']['phpserversettings'] = 'PHP-Einstellungen';
$lng['admin']['phpsettings']['binary'] = 'PHP-Binary';
$lng['admin']['phpsettings']['fpmdesc'] = 'PHP-FPM Config';
$lng['admin']['phpsettings']['file_extensions'] = 'Dateiendungen';
$lng['admin']['phpsettings']['file_extensions_note'] = '(ohne Punkt, durch Leerzeichen getrennt)';
$lng['admin']['mod_fcgid_maxrequests']['title'] = 'Maximale PHP-Requests für diese Domain (leer für Standardwert)';
@@ -1383,7 +1385,7 @@ $lng['traffic']['mail'] = 'Mail (MiB)';
$lng['serversettings']['mod_fcgid']['idle_timeout']['title'] = 'Idle-Timeout';
$lng['serversettings']['mod_fcgid']['idle_timeout']['description'] = 'Timeout-Einstellung für mod_FastCGI.';
$lng['serversettings']['phpfpm_settings']['idle_timeout']['title'] = 'Idle-Timeout';
$lng['serversettings']['phpfpm_settings']['idle_timeout']['description'] = 'Timeout-Einstellung für PHP5-FPM FastCGI.';
$lng['serversettings']['phpfpm_settings']['idle_timeout']['description'] = 'Timeout-Einstellung für PHP-FPM FastCGI.';
// ADDED IN 0.9.27-svn2
$lng['admin']['delete_statistics'] = 'Statistiken Löschen';
@@ -1551,7 +1553,7 @@ $lng['serversettings']['panel_password_special_char_required']['description'] =
$lng['serversettings']['panel_password_special_char']['title'] = 'Sonderzeichen-Liste';
$lng['serversettings']['panel_password_special_char']['description'] = 'Mindestens eines dieser Sonderzeichen muss in dem Passwort vorkommen, sofern die Sonderzeichen-Option aktiviert ist.';
$lng['phpfpm']['use_mod_proxy']['title'] = 'Verwende mod_proxy / mod_proxy_fcgi';
$lng['phpfpm']['use_mod_proxy']['description'] = 'Diese Option kann aktiviert werden, um php-fpm via mod_proxy_fcgi einzubinden. Dies setzt mindestens apache-2.4.9 voraus';
$lng['phpfpm']['use_mod_proxy']['description'] = '<strong class="red">Muss gesetzt sein bei Debian 9.x (Stretch)</strong>. Diese Option kann aktiviert werden, um php-fpm via mod_proxy_fcgi einzubinden. Dies setzt mindestens apache-2.4.9 voraus';
$lng['error']['no_phpinfo'] = 'Entschuldigung, es ist nicht möglich die phpinfo() auszulesen.';
$lng['admin']['movetoadmin'] = 'Kunde verschieben';
@@ -1572,9 +1574,9 @@ $lng['usersettings']['custom_notes']['show'] = 'Zeige die Notizen auf dem Dashbo
$lng['error']['fcgidandphpfpmnogoodtogether'] = 'FCGID und PHP-FPM können nicht gleichzeitig aktiviert werden.';
// Added in Froxlor 0.9.34
$lng['admin']['configfiles']['legend'] = 'Du konfigurierst nun einen Service/Daemon. Die folgende Legende zeigt unsere Nomenklatur.';
$lng['admin']['configfiles']['legend'] = '<h3>Du konfigurierst nun einen Service/Daemon.</h3>';
$lng['admin']['configfiles']['commands'] = '<span class="red">Kommandos:</span> Die angezeigten Befehle müssen als Benutzer root in einer Shell ausgeführt werden. Es kann auch problemlos der ganze Block kopiert und in die Shell eingefügt werden.';
$lng['admin']['configfiles']['files'] = '<span class="red">Konfigurationsdateien:</span> Dies ist der Inhalt einer Konfigurationsdatei. Der Befehl direkt vor dem Textfeld sollte einen Editor mit der Zieldatei öffnen. Der Inhalt kann nun einfach kopiert und in den Editor eingefügt und die Datei gespeichert werden.<br><br><span class="red">Beachten Sie:</span> Das MySQL-Passwort wurde aus Sicherheitsgründen nicht ersetzt. Bitte ersetzen Sie "FROXLOR_MYSQL_PASSWORD" manuell durch das entsprechende Passwort. Falls Sie es vergessen haben sollten, finden Sie es in der Datei "lib/userdata.inc.php".';
$lng['admin']['configfiles']['files'] = '<span class="red">Konfigurationsdateien:</span> Der Befehl direkt vor dem Textfeld sollte einen Editor mit der Zieldatei öffnen. Der Inhalt kann nun einfach kopiert und in den Editor eingefügt und die Datei gespeichert werden.<br><span class="red">Bitte beachten:</span> Das MySQL-Passwort wurde aus Sicherheitsgründen nicht ersetzt. Bitte ersetze "FROXLOR_MYSQL_PASSWORD" manuell oder nutze das folgende Formular, um es temporär auf dieser Seite zu setzen. Falls das Passwort vergessen wurde, findet es sich in der Datei "lib/userdata.inc.php".';
$lng['serversettings']['apache_itksupport']['title'] = 'Anpassungen für Apache ITK-MPM verwenden';
$lng['serversettings']['apache_itksupport']['description'] = '<div class="red">Achtung: Bitte nur verwenden, wenn wirklich Apache itk-mpm verwendet wird, ansonsten wird der Webserver nicht starten.</div>';
$lng['integrity_check']['DatabaseCharset'] = 'Characterset der Datenbank (sollte UTF-8 sein)';
@@ -1591,7 +1593,7 @@ $lng['admin']['letsencrypt']['description'] = 'Holt ein kostenloses Zertifikat v
$lng['customer']['letsencrypt']['title'] = 'Benutze Let\'s Encrypt';
$lng['customer']['letsencrypt']['description'] = 'Holt ein kostenloses Zertifikat von <a href="https://letsencrypt.org">Let\'s Encrypt</a>. Das Zertifikat wird automatisch erstellt und verlängert.<br><strong class="red">ACHTUNG:</strong> Dieses Feature befindet sich noch im Test.';
$lng['error']['sslredirectonlypossiblewithsslipport'] = 'Die Nutzung von Let\'s Encrypt ist nur möglich, wenn die Domain mindestens eine IP/Port - Kombination mit aktiviertem SSL zugewiesen hat.';
$lng['error']['nowildcardwithletsencrypt'] = 'Let\'s Encrypt kann (noch) nicht mit Wildcard-Domains umgehen. Bitte den ServerAlias auf WWW setzen oder deaktivieren';
$lng['error']['nowildcardwithletsencrypt'] = 'Let\'s Encrypt kann in ACME v1 nicht mit Wildcard-Domains umgehen. Bitte den ServerAlias auf WWW setzen oder deaktivieren';
$lng['panel']['letsencrypt'] = 'Benutzt Let\'s encrypt';
$lng['crondesc']['cron_letsencrypt'] = 'aktualisiert Let\'s Encrypt Zertifikate';
$lng['serversettings']['letsencryptca']['title'] = "Let's Encrypt Umgebung";
@@ -1733,3 +1735,22 @@ $lng['admin']['testmail'] = 'SMTP Test';
$lng['success']['testmailsent'] = 'Test E-Mail erfolgreich gesendet';
$lng['serversettings']['disable_le_selfcheck']['title'] = "Deaktiviere Let's Encrypt lokale Selbstprüfung";
$lng['serversettings']['disable_le_selfcheck']['description'] = "Wenn aktiviert wird Froxlor <strong>keine</strong> Erreichbarkeitsprüfung des Tokens vornehmen. Nötig bei ge-NAT-eten IP's oder Ähnlichem";
$lng['menue']['phpsettings']['fpmdaemons'] = 'PHP-FPM Versionen';
$lng['admin']['phpsettings']['activephpconfigs'] = 'In Verwendung für PHP-Konfiguration(en)';
$lng['admin']['phpsettingsforsubdomains'] = 'PHP-Config für alle Subdomains übernehmen:';
$lng['serversettings']['phpsettingsforsubdomains']['description'] = 'Wenn ja, wird die gewählte PHP-Config für alle Subdomains übernommen';
$lng['serversettings']['leapiversion']['title'] = "Wähle Let's Encrypt ACME Implementierung";
$lng['serversettings']['leapiversion']['description'] = "Wähle zwischen ACME v1 und ACME v2 Implementierung von Let's Encrypt.";
$lng['error']['nowildcardwithletsencryptv2'] = 'Let\'s Encrypt kann in ACME v2 Wildcard-Domains nur via DNS validieren, sorry. Bitte den ServerAlias auf WWW setzen oder deaktivieren';
$lng['admin']['phpsettings']['pass_authorizationheader'] = 'Füge "-pass-header Authorization" / "CGIPassAuth On" in Vhosts ein';
$lng['serversettings']['ssl']['ssl_protocols']['title'] = 'SSL Protokollversion festlegen';
$lng['serversettings']['ssl']['ssl_protocols']['description'] = 'Dies ist eine Liste von SSL/TLS Protokollversionen die genutzt werden sollen (oder auch nicht genutzt werden sollen), wenn SSL verwendet wird. <b>Hinweis:</b> Ältere Browser sind möglicherweise nicht vollständig zum neusten Protokoll kompatibel.<br /><br /><b>Standard-Wert ist:</b><pre>TLSv1, TLSv1.2</pre>';
$lng['serversettings']['phpfpm_settings']['limit_extensions']['title'] = 'Erlaubte Dateiendungen';
$lng['serversettings']['phpfpm_settings']['limit_extensions']['description'] = 'Beschränkt die Dateierweiterungen des Haupt-Skripts, das FPM zu parsen erlaubt. Dies kann Konfigurationsfehler auf der Webserverseite verhindern. Sie sollten FPM nur auf .php Erweiterungen beschränken, um zu verhindern, dass bösartige Nutzter andere Erweiterungen verwenden, um PHP Code auszuführen. Standardwert: .php';
$lng['phpfpm']['ini_flags'] = 'Mögliche <strong>php_flag</strong>s für die php.ini. Pro Zeile eine Direktive';
$lng['phpfpm']['ini_values'] = 'Mögliche <strong>php_value</strong>s für die php.ini. Pro Zeile eine Direktive';
$lng['phpfpm']['ini_admin_flags'] = 'Mögliche <strong>php_admin_flag</strong>s für die php.ini. Pro Zeile eine Direktive';
$lng['phpfpm']['ini_admin_values'] = 'Mögliche <strong>php_admin_value</strong>s für die php.ini. Pro Zeile eine Direktive';
$lng['serversettings']['phpfpm_settings']['envpath'] = 'Pfade für die PATH Umgebungsvariable. Leerlassen, um keine PATH Umgebungsvariable zu setzen.';
$lng['success']['settingsimported'] = 'Einstellungnen erfolgreich importiert';
$lng['error']['jsonextensionnotfound'] = 'Diese Funktion benötigt die PHP json-Erweiterung.';

2
scripts/classes/class.DnsBase.php
View File

@@ -233,7 +233,7 @@ abstract class DnsBase
$pubkey_file_handler = fopen($pubkey_filename, "w");
fwrite($pubkey_file_handler, $domain['dkim_pubkey']);
fclose($pubkey_file_handler);
safe_exec("chmod 0664 " . escapeshellarg($pubkey_filename));
safe_exec("chmod 0644 " . escapeshellarg($pubkey_filename));
}
$dkimdomains .= $domain['domain'] . "\n";

1
scripts/froxlor_master_cronjob.php
View File

@@ -91,6 +91,7 @@ if (count($jobs_to_run) > 0) {
// clear NSCD cache if using fcgid or fpm, #1570
if (Settings::Get('system.mod_fcgid') == 1 || (int)Settings::Get('phpfpm.enabled') == 1) {
$false_val = false;
safe_exec('nscd -i passwd 1> /dev/null', $false_val, array('>'));
safe_exec('nscd -i group 1> /dev/null', $false_val, array('>'));
}
}

6
scripts/jobs/cron_letsencrypt.php
View File

@@ -20,6 +20,12 @@ if (! defined('MASTER_CRONJOB'))
*
*/
if (Settings::Get('system.leapiversion') == '2') {
// use ACME v2 is specified
require_once __DIR__ . '/cron_letsencrypt_v2.php';
exit;
}
$cronlog->logAction(CRON_ACTION, LOG_INFO, "Updating Let's Encrypt certificates");
if (! extension_loaded('curl')) {

294
scripts/jobs/cron_letsencrypt_v2.php Normal file
View File

@@ -0,0 +1,294 @@
<?php
if (! defined('MASTER_CRONJOB'))
die('You cannot access this file directly!');
/**
* This file is part of the Froxlor project.
* Copyright (c) 2016 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Aders <kontakt-froxlor@neteraser.de>
* @author Froxlor team <team@froxlor.org> (2016-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Cron
*
* @since 0.9.35
*
*/
$cronlog->logAction(CRON_ACTION, LOG_INFO, "Updating Let's Encrypt certificates");
if (! extension_loaded('curl')) {
$cronlog->logAction(CRON_ACTION, LOG_ERR, "Let's Encrypt requires the php cURL extension to be installed.");
exit();
}
$certificates_stmt = Database::query("
SELECT
domssl.`id`,
domssl.`domainid`,
domssl.expirationdate,
domssl.`ssl_cert_file`,
domssl.`ssl_key_file`,
domssl.`ssl_ca_file`,
domssl.`ssl_csr_file`,
dom.`domain`,
dom.`wwwserveralias`,
dom.`iswildcarddomain`,
dom.`documentroot`,
dom.`id` AS 'domainid',
dom.`ssl_redirect`,
cust.`leprivatekey`,
cust.`lepublickey`,
cust.`leregistered`,
cust.`customerid`,
cust.`loginname`
FROM
`" . TABLE_PANEL_CUSTOMERS . "` AS cust,
`" . TABLE_PANEL_DOMAINS . "` AS dom
LEFT JOIN
`" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` AS domssl ON
dom.`id` = domssl.`domainid`
WHERE
dom.`customerid` = cust.`customerid`
AND dom.`letsencrypt` = 1
AND dom.`aliasdomain` IS NULL
AND dom.`iswildcarddomain` = 0
AND (
domssl.`expirationdate` < DATE_ADD(NOW(), INTERVAL 30 DAY)
OR domssl.`expirationdate` IS NULL
)
");
$aliasdomains_stmt = Database::prepare("
SELECT
dom.`id` as domainid,
dom.`domain`,
dom.`wwwserveralias`,
dom.`iswildcarddomain`
FROM `" . TABLE_PANEL_DOMAINS . "` AS dom
WHERE
dom.`aliasdomain` = :id
AND dom.`letsencrypt` = 1
AND dom.`iswildcarddomain` = 0
");
$updcert_stmt = Database::prepare("
REPLACE INTO
`" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
SET
`id` = :id,
`domainid` = :domainid,
`ssl_cert_file` = :crt,
`ssl_key_file` = :key,
`ssl_ca_file` = :ca,
`ssl_cert_chainfile` = :chain,
`ssl_csr_file` = :csr,
`expirationdate` = :expirationdate
");
$upddom_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `ssl_redirect` = '1' WHERE `id` = :domainid");
// flag for re-generation of vhost files
$changedetected = 0;
// first - generate LE for system-vhost if enabled
if (Settings::Get('system.le_froxlor_enabled') == '1') {
$certrow = array(
'loginname' => 'froxlor.panel',
'domain' => Settings::Get('system.hostname'),
'domainid' => 0,
'documentroot' => FROXLOR_INSTALL_DIR,
'leprivatekey' => Settings::Get('system.leprivatekey'),
'lepublickey' => Settings::Get('system.lepublickey'),
'leregistered' => Settings::Get('system.leregistered'),
'ssl_redirect' => Settings::Get('system.le_froxlor_redirect'),
'expirationdate' => null,
'ssl_cert_file' => null,
'ssl_key_file' => null,
'ssl_ca_file' => null,
'ssl_csr_file' => null,
'id' => null
);
$froxlor_ssl_settings_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`
WHERE `domainid` = '0' AND
(`expirationdate` < DATE_ADD(NOW(), INTERVAL 30 DAY) OR `expirationdate` IS NULL)
");
$froxlor_ssl = Database::pexecute_first($froxlor_ssl_settings_stmt);
$insert_or_update_required = true;
if ($froxlor_ssl) {
$certrow['id'] = $froxlor_ssl['id'];
$certrow['expirationdate'] = $froxlor_ssl['expirationdate'];
$certrow['ssl_cert_file'] = $froxlor_ssl['ssl_cert_file'];
$certrow['ssl_key_file'] = $froxlor_ssl['ssl_key_file'];
$certrow['ssl_ca_file'] = $froxlor_ssl['ssl_ca_file'];
$certrow['ssl_csr_file'] = $froxlor_ssl['ssl_csr_file'];
} else {
// check whether we have an entry with valid certificates which just does not need
// updating yet, so we need to skip this here
$froxlor_ssl_settings_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` = '0'
");
$froxlor_ssl = Database::pexecute_first($froxlor_ssl_settings_stmt);
if ($froxlor_ssl && ! empty($froxlor_ssl['ssl_cert_file'])) {
$insert_or_update_required = false;
}
}
if ($insert_or_update_required) {
$domains = array(
$certrow['domain']
);
// Only renew let's encrypt certificate if no broken ssl_redirect is enabled
// - this temp. deactivation of the ssl-redirect is handled by the webserver-cronjob
$cronlog->logAction(CRON_ACTION, LOG_INFO, "Updating " . $certrow['domain']);
$cronlog = FroxlorLogger::getInstanceOf(array(
'loginname' => $certrow['loginname']
));
try {
// Initialize Lescript with documentroot
$le = new lescript_v2($cronlog, $version);
// Initialize Lescript
$le->initAccount($certrow, true);
// Request the new certificate (old key may be used)
$return = $le->signDomains($domains, $certrow['ssl_key_file']);
// We are interessted in the expirationdate
$newcert = openssl_x509_parse($return['crt']);
// Store the new data
Database::pexecute($updcert_stmt, array(
'id' => $certrow['id'],
'domainid' => $certrow['domainid'],
'crt' => $return['crt'],
'key' => $return['key'],
'ca' => $return['chain'],
'chain' => $return['chain'],
'csr' => $return['csr'],
'expirationdate' => date('Y-m-d H:i:s', $newcert['validTo_time_t'])
));
if ($certrow['ssl_redirect'] == 3) {
Settings::Set('system.le_froxlor_redirect', '1');
}
$cronlog->logAction(CRON_ACTION, LOG_INFO, "Updated Let's Encrypt certificate for " . $certrow['domain']);
$changedetected = 1;
} catch (Exception $e) {
$cronlog->logAction(CRON_ACTION, LOG_ERR, "Could not get Let's Encrypt certificate for " . $certrow['domain'] . ": " . $e->getMessage());
}
}
}
// customer domains
$certrows = $certificates_stmt->fetchAll(PDO::FETCH_ASSOC);
foreach ($certrows as $certrow) {
// set logger to corresponding loginname for the log to appear in the users system-log
$cronlog = FroxlorLogger::getInstanceOf(array(
'loginname' => $certrow['loginname']
));
// Only renew let's encrypt certificate if no broken ssl_redirect is enabled
if ($certrow['ssl_redirect'] != 2) {
$cronlog->logAction(CRON_ACTION, LOG_INFO, "Updating " . $certrow['domain']);
$cronlog->logAction(CRON_ACTION, LOG_INFO, "Adding SAN entry: " . $certrow['domain']);
$domains = array(
$certrow['domain']
);
if ($certrow['iswildcarddomain'] == 1) {
$cronlog->logAction(CRON_ACTION, LOG_INFO, "Adding SAN entry: *." . $certrow['domain']);
$domains[] = '*.' . $certrow['domain'];
}
elseif ($certrow['wwwserveralias'] == 1) {
// add www.<domain> to SAN list
$cronlog->logAction(CRON_ACTION, LOG_INFO, "Adding SAN entry: www." . $certrow['domain']);
$domains[] = 'www.' . $certrow['domain'];
}
// add alias domains (and possibly www.<aliasdomain>) to SAN list
Database::pexecute($aliasdomains_stmt, array(
'id' => $certrow['domainid']
));
$aliasdomains = $aliasdomains_stmt->fetchAll(PDO::FETCH_ASSOC);
foreach ($aliasdomains as $aliasdomain) {
$cronlog->logAction(CRON_ACTION, LOG_INFO, "Adding SAN entry: " . $aliasdomain['domain']);
$domains[] = $aliasdomain['domain'];
if ($aliasdomain['iswildcarddomain'] == 1) {
$cronlog->logAction(CRON_ACTION, LOG_INFO, "Adding SAN entry: *." . $aliasdomain['domain']);
$domains[] = '*.' . $aliasdomain['domain'];
}
elseif ($aliasdomain['wwwserveralias'] == 1) {
$cronlog->logAction(CRON_ACTION, LOG_INFO, "Adding SAN entry: www." . $aliasdomain['domain']);
$domains[] = 'www.' . $aliasdomain['domain'];
}
}
try {
// Initialize Lescript with documentroot
$le = new lescript_v2($cronlog, $version);
// Initialize Lescript
$le->initAccount($certrow);
// Request the new certificate (old key may be used)
$return = $le->signDomains($domains, $certrow['ssl_key_file']);
// We are interessted in the expirationdate
$newcert = openssl_x509_parse($return['crt']);
// Store the new data
Database::pexecute($updcert_stmt, array(
'id' => $certrow['id'],
'domainid' => $certrow['domainid'],
'crt' => $return['crt'],
'key' => $return['key'],
'ca' => $return['chain'],
'chain' => $return['chain'],
'csr' => $return['csr'],
'expirationdate' => date('Y-m-d H:i:s', $newcert['validTo_time_t'])
));
if ($certrow['ssl_redirect'] == 3) {
Database::pexecute($upddom_stmt, array(
'domainid' => $certrow['domainid']
));
}
$cronlog->logAction(CRON_ACTION, LOG_INFO, "Updated Let's Encrypt certificate for " . $certrow['domain']);
$changedetected = 1;
} catch (Exception $e) {
$cronlog->logAction(CRON_ACTION, LOG_ERR, "Could not get Let's Encrypt certificate for " . $certrow['domain'] . ": " . $e->getMessage());
}
} else {
$cronlog->logAction(CRON_ACTION, LOG_WARNING, "Skipping Let's Encrypt generation for " . $certrow['domain'] . " due to an enabled ssl_redirect");
}
}
// If we have a change in a certificate, we need to update the webserver - configs
// This is easiest done by just creating a new task ;)
if ($changedetected) {
inserttask(1);
}
// reset logger
$cronlog = FroxlorLogger::getInstanceOf(array(
'loginname' => 'cronjob'
));
$cronlog->logAction(CRON_ACTION, LOG_INFO, "Let's Encrypt certificates have been updated");

387
scripts/jobs/cron_tasks.inc.http.10.apache.php
View File

File diff suppressed because it is too large Load Diff

47
scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php
View File

@@ -44,7 +44,15 @@ class apache_fcgid extends apache
if (Settings::Get('system.apache24') == '1'
&& Settings::Get('phpfpm.use_mod_proxy') == '1'
) {
$php_options_text.= ' <FilesMatch \.php$>'. "\n";
$filesmatch = $phpconfig['fpm_settings']['limit_extensions'];
$extensions = explode(" ", $filesmatch);
$filesmatch = "";
foreach ($extensions as $ext) {
$filesmatch .= substr($ext, 1).'|';
}
// start block, cut off last pipe and close block
$filesmatch = '('.str_replace(".", "\.", substr($filesmatch, 0, -1)).')';
$php_options_text.= ' <FilesMatch \.'.$filesmatch.'$>'. "\n";
$php_options_text.= ' SetHandler proxy:unix:' . $php->getInterface()->getSocketFile() . '|fcgi://localhost'. "\n";
$php_options_text.= ' </FilesMatch>' . "\n";
@@ -54,15 +62,35 @@ class apache_fcgid extends apache
// for this path, as this would be the first require and therefore grant all access
if ($mypath_dir->isUserProtected() == false) {
$php_options_text.= ' <Directory "' . makeCorrectDir($domain['documentroot']) . '">' . "\n";
if ($phpconfig['pass_authorizationheader'] == '1') {
$php_options_text.= ' CGIPassAuth On' . "\n";
}
$php_options_text.= ' Require all granted' . "\n";
$php_options_text.= ' AllowOverride All' . "\n";
$php_options_text.= ' </Directory>' . "\n";
} elseif ($phpconfig['pass_authorizationheader'] == '1') {
// allow Pass of Authorization header
$php_options_text.= ' <Directory "' . makeCorrectDir($domain['documentroot']) . '">' . "\n";
$php_options_text.= ' CGIPassAuth On' . "\n";
$php_options_text.= ' </Directory>' . "\n";
}
} else {
$php_options_text.= ' FastCgiExternalServer ' . $php->getInterface()->getAliasConfigDir() . $srvName . ' -socket ' . $php->getInterface()->getSocketFile() . ' -idle-timeout ' . Settings::Get('phpfpm.idle_timeout') . "\n";
$addheader = "";
if ($phpconfig['pass_authorizationheader'] == '1') {
$addheader = " -pass-header Authorization";
}
$php_options_text.= ' FastCgiExternalServer ' . $php->getInterface()->getAliasConfigDir() . $srvName . ' -socket ' . $php->getInterface()->getSocketFile() . ' -idle-timeout ' . $phpconfig['fpm_settings']['idle_timeout'] . $addheader . "\n";
$php_options_text.= ' <Directory "' . makeCorrectDir($domain['documentroot']) . '">' . "\n";
$php_options_text.= ' <FilesMatch "\.php$">' . "\n";
$filesmatch = $phpconfig['fpm_settings']['limit_extensions'];
$extensions = explode(" ", $filesmatch);
$filesmatch = "";
foreach ($extensions as $ext) {
$filesmatch .= substr($ext, 1).'|';
}
// start block, cut off last pipe and close block
$filesmatch = '('.str_replace(".", "\.", substr($filesmatch, 0, -1)).')';
$php_options_text.= ' <FilesMatch \.'.$filesmatch.'$>'. "\n";
$php_options_text.= ' SetHandler php5-fastcgi'. "\n";
$php_options_text.= ' Action php5-fastcgi /fastcgiphp' . "\n";
$php_options_text.= ' Options +ExecCGI' . "\n";
@@ -155,6 +183,16 @@ class apache_fcgid extends apache
) {
$user = Settings::Get('phpfpm.vhost_httpuser');
$group = Settings::Get('phpfpm.vhost_httpgroup');
// get fpm config
$fpm_sel_stmt = Database::prepare("
SELECT f.id FROM `" . TABLE_PANEL_FPMDAEMONS . "` f
LEFT JOIN `" . TABLE_PANEL_PHPCONFIGS . "` p ON p.fpmsettingid = f.id
WHERE p.id = :phpconfigid
");
$fpm_config = Database::pexecute_first($fpm_sel_stmt, array(
'phpconfigid' => Settings::Get('phpfpm.vhost_defaultini')
));
}
$domain = array(
@@ -167,7 +205,8 @@ class apache_fcgid extends apache
'openbasedir' => 0,
'email' => Settings::Get('panel.adminmail'),
'loginname' => 'froxlor.panel',
'documentroot' => $mypath
'documentroot' => $mypath,
'fpm_config_id' => isset($fpm_config['id']) ? $fpm_config['id'] : 1
);
// all the files and folders have to belong to the local user

18
scripts/jobs/cron_tasks.inc.http.20.lighttpd.php
View File

@@ -58,8 +58,22 @@ class lighttpd extends HttpConfigBase
public function reload()
{
if ((int) Settings::Get('phpfpm.enabled') == 1) {
$this->logger->logAction(CRON_ACTION, LOG_INFO, 'lighttpd::reload: reloading php-fpm');
safe_exec(escapeshellcmd(Settings::Get('phpfpm.reload')));
// get all start/stop commands
$startstop_sel = Database::prepare("SELECT reload_cmd, config_dir FROM `" . TABLE_PANEL_FPMDAEMONS . "`");
Database::pexecute($startstop_sel);
$restart_cmds = $startstop_sel->fetchAll(PDO::FETCH_ASSOC);
// restart all php-fpm instances
foreach ($restart_cmds as $restart_cmd) {
// check whether the config dir is empty (no domains uses this daemon)
// so we need to create a dummy
$isDirEmpty = !(new \FilesystemIterator($restart_cmd['config_dir']))->valid();
if ($isDirEmpty) {
$this->logger->logAction(CRON_ACTION, LOG_INFO, 'lighttpd::reload: fpm config directory "' . $restart_cmd['config_dir'] . '" is empty. Creating dummy.');
phpinterface_fpm::createDummyPool($restart_cmd['config_dir']);
}
$this->logger->logAction(CRON_ACTION, LOG_INFO, 'lighttpd::reload: running ' . $restart_cmd['reload_cmd']);
safe_exec(escapeshellcmd($restart_cmd['reload_cmd']));
}
}
$this->logger->logAction(CRON_ACTION, LOG_INFO, 'lighttpd::reload: reloading lighttpd');
safe_exec(escapeshellcmd(Settings::Get('system.apachereload_command')));

22
scripts/jobs/cron_tasks.inc.http.30.nginx.php
View File

@@ -73,8 +73,22 @@ class nginx extends HttpConfigBase
$this->logger->logAction(CRON_ACTION, LOG_INFO, 'nginx::reload: restarting php processes');
safe_exec(Settings::Get('system.phpreload_command'));
} elseif ((int) Settings::Get('phpfpm.enabled') == 1) {
$this->logger->logAction(CRON_ACTION, LOG_INFO, 'nginx::reload: reloading php-fpm');
safe_exec(escapeshellcmd(Settings::Get('phpfpm.reload')));
// get all start/stop commands
$startstop_sel = Database::prepare("SELECT reload_cmd, config_dir FROM `" . TABLE_PANEL_FPMDAEMONS . "`");
Database::pexecute($startstop_sel);
$restart_cmds = $startstop_sel->fetchAll(PDO::FETCH_ASSOC);
// restart all php-fpm instances
foreach ($restart_cmds as $restart_cmd) {
// check whether the config dir is empty (no domains uses this daemon)
// so we need to create a dummy
$isDirEmpty = !(new \FilesystemIterator($restart_cmd['config_dir']))->valid();
if ($isDirEmpty) {
$this->logger->logAction(CRON_ACTION, LOG_INFO, 'nginx::reload: fpm config directory "' . $restart_cmd['config_dir'] . '" is empty. Creating dummy.');
phpinterface_fpm::createDummyPool($restart_cmd['config_dir']);
}
$this->logger->logAction(CRON_ACTION, LOG_INFO, 'nginx::reload: running ' . $restart_cmd['reload_cmd']);
safe_exec(escapeshellcmd($restart_cmd['reload_cmd']));
}
}
}
@@ -418,7 +432,7 @@ class nginx extends HttpConfigBase
$_vhost_content .= $this->processSpecialConfigTemplate($ipandport['default_vhostconf_domain'], $domain, $domain['ip'], $domain['port'], $ssl_vhost) . "\n";
}
$http2 = $ssl_vhost == true && (isset($domain['http2']) && $domain['http2'] == '1');
$http2 = $ssl_vhost == true && (isset($domain['http2']) && $domain['http2'] == '1' && Settings::Get('system.http2_support') == '1');
$vhost_content .= "\t" . 'listen ' . $ipport . ($ssl_vhost == true ? ' ssl' : '') . ($http2 == true ? ' http2' : '') . ';' . "\n";
}
@@ -609,7 +623,7 @@ class nginx extends HttpConfigBase
} else {
// obsolete: ssl on now belongs to the listen block as 'ssl' at the end
// $sslsettings .= "\t" . 'ssl on;' . "\n";
$sslsettings .= "\t" . 'ssl_protocols TLSv1 TLSv1.2;' . "\n";
$sslsettings .= "\t" . 'ssl_protocols ' . str_replace(",", " ", Settings::Get('system.ssl_protocols')) . ';' . "\n";
$sslsettings .= "\t" . 'ssl_ciphers ' . Settings::Get('system.ssl_cipher_list') . ';' . "\n";
$sslsettings .= "\t" . 'ssl_ecdh_curve secp384r1;' . "\n";
$sslsettings .= "\t" . 'ssl_prefer_server_ciphers on;' . "\n";

1
scripts/jobs/cron_tasks.php
View File

@@ -178,6 +178,7 @@ while ($row = $result_tasks_stmt->fetch(PDO::FETCH_ASSOC)) {
// clear NSCD cache if using fcgid or fpm, #1570
if (Settings::Get('system.mod_fcgid') == 1 || (int)Settings::Get('phpfpm.enabled') == 1) {
$false_val = false;
safe_exec('nscd -i passwd 1> /dev/null', $false_val, array('>'));
safe_exec('nscd -i group 1> /dev/null', $false_val, array('>'));
}
}

18
templates/Sparkle/admin/configfiles/configfiles.tpl vendored
View File

@@ -11,25 +11,15 @@ $header
<section>
<div class="info">
<p>{$lng['admin']['configfiles']['legend']}</p><br />
<p>{$lng['admin']['configfiles']['legend']}</p>
<p>{$lng['admin']['configfiles']['commands']}</p>
<p>{$lng['admin']['configfiles']['files']}</p>
<p>
{$lng['admin']['configfiles']['commands']}<br />
<textarea class="shell" rows="2" readonly>
chmod u+x example-script.sh
./example-script.sh</textarea>
</p><br />
<p>
{$lng['admin']['configfiles']['files']}<br />
<textarea class="filecontent" rows="5">Lorem ipsum dolor sit amet,
consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt
ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero
eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren,
no sea takimata sanctus est Lorem ipsum dolor sit amet.</textarea>
</p>
<form id="configfiles_setmysqlpw" action="#">
FROXLOR_MYSQL_PASSWORD: <input type="text" class="text" id="configfiles_mysqlpw" name="configfiles_mysqlpw" value="" />
<input type="submit" value="{$lng['panel']['set']}" />
</form>
</p>
</div>
</section>

24
templates/Sparkle/admin/phpconfig/fpmconfig_add.tpl vendored Normal file
View File

@@ -0,0 +1,24 @@
$header
<article>
<header>
<h2>
<img src="templates/{$theme}/assets/img/icons/phpsettings_add_big.png" alt="{$title}" />&nbsp;
{$title}
</h2>
</header>
<section>
<form action="{$linker->getLink(array('section' => 'phpsettings'))}" method="post" enctype="application/x-www-form-urlencoded">
<input type="hidden" name="s" value="$s" />
<input type="hidden" name="page" value="$page" />
<input type="hidden" name="action" value="$action" />
<input type="hidden" name="send" value="send" />
<table class="full">
{$fpmconfig_add_form}
</table>
</form>
</section>
</article>
$footer

25
templates/Sparkle/admin/phpconfig/fpmconfig_edit.tpl vendored Normal file
View File

@@ -0,0 +1,25 @@
$header
<article>
<header>
<h2>
<img src="templates/{$theme}/assets/img/icons/phpsettings_edit_big.png" alt="{$title}" />&nbsp;
{$title}
</h2>
</header>
<section>
<form action="{$linker->getLink(array('section' => 'phpsettings'))}" method="post" enctype="application/x-www-form-urlencoded">
<input type="hidden" name="s" value="$s"/>
<input type="hidden" name="page" value="$page"/>
<input type="hidden" name="action" value="edit"/>
<input type="hidden" name="id" value="$id"/>
<input type="hidden" name="send" value="send" />
<table class="full">
{$fpmconfig_edit_form}
</table>
</form>
</section>
</article>
$footer

42
templates/Sparkle/admin/phpconfig/fpmdaemons.tpl vendored Normal file
View File

@@ -0,0 +1,42 @@
$header
<article>
<header>
<h2>
<img src="templates/{$theme}/assets/img/icons/phpsettings_big.png" alt="" />&nbsp;
{$lng['menue']['phpsettings']['maintitle']}
</h2>
</header>
<section>
<div class="overviewadd">
<img src="templates/{$theme}/assets/img/icons/add.png" alt="" />&nbsp;
<a href="{$linker->getLink(array('section' => 'phpsettings', 'page' => $page, 'action' => 'add'))}">{$lng['admin']['phpsettings']['addnew']}</a>
</div>
<table class="full hl">
<thead>
<tr>
<th>{$lng['admin']['phpsettings']['description']}</th>
<th>{$lng['admin']['phpsettings']['activephpconfigs']}</th>
<th>{$lng['serversettings']['phpfpm_settings']['reload']}</th>
<th>{$lng['serversettings']['phpfpm_settings']['configdir']}</th>
<th>{$lng['serversettings']['phpfpm_settings']['pm']}</th>
<th>{$lng['panel']['options']}</th>
</thead>
<tbody>
$tablecontent
</tbody>
</table>
<if 15 < $count>
<div class="overviewadd">
<img src="templates/{$theme}/assets/img/icons/add.png" alt="" />&nbsp;
<a href="{$linker->getLink(array('section' => 'phpsettings', 'page' => $page, 'action' => 'add'))}">{$lng['admin']['phpsettings']['addnew']}</a>
</div>
</if>
</section>
</article>
$footer

17
templates/Sparkle/admin/phpconfig/fpmdaemons_overview.tpl vendored Normal file
View File

@@ -0,0 +1,17 @@
<tr class="top">
<td><strong>{$row['description']}</strong></td>
<td>{$configs}</td>
<td>{$row['reload_cmd']}</td>
<td>{$row['config_dir']}</td>
<td>{$row['pm']}</td>
<td>
<a href="{$linker->getLink(array('section' => 'phpsettings', 'page' => $page, 'action' => 'edit', 'id' => $row['id']))}">
<img src="templates/{$theme}/assets/img/icons/edit.png" alt="{$lng['panel']['edit']}" title="{$lng['panel']['edit']}" />
</a>
<if $row['id'] != 1>
&nbsp;<a href="{$linker->getLink(array('section' => 'phpsettings', 'page' => $page, 'action' => 'delete', 'id' => $row['id']))}">
<img src="templates/{$theme}/assets/img/icons/delete.png" alt="{$lng['panel']['delete']}" title="{$lng['panel']['delete']}" />
</a>
</if>
</td>
</tr>

6
templates/Sparkle/admin/phpconfig/overview.tpl vendored
View File

@@ -19,7 +19,11 @@ $header
<tr>
<th>{$lng['admin']['phpsettings']['description']}</th>
<th>{$lng['admin']['phpsettings']['activedomains']}</th>
<th>{$lng['admin']['phpsettings']['binary']}</th>
<if Settings::Get('phpfpm.enabled') == '1'>
<th>{$lng['admin']['phpsettings']['fpmdesc']}</th>
<else>
<th>{$lng['admin']['phpsettings']['binary']}</th>
</if>
<th>{$lng['admin']['phpsettings']['file_extensions']}</th>
<th>{$lng['panel']['options']}</th>
</thead>

6
templates/Sparkle/admin/phpconfig/overview_overview.tpl vendored
View File

@@ -1,7 +1,11 @@
<tr class="top">
<td><strong>{$row['description']}</strong></td>
<td>{$domains}</td>
<td>{$row['binary']}</td>
<if Settings::Get('phpfpm.enabled') == '1'>
<td>{$row['fpmdesc']}</td>
<else>
<td>{$row['binary']}</td>
</if>
<td>{$row['file_extensions']}</td>
<td>
<a href="{$linker->getLink(array('section' => 'phpsettings', 'page' => $page, 'action' => 'edit', 'id' => $row['id']))}">

26
templates/Sparkle/admin/settings/importexport/index.tpl vendored Normal file
View File

@@ -0,0 +1,26 @@
$header
<article>
<header>
<h2>
<img src="templates/{$theme}/assets/img/icons/settings_big.png" alt="" />&nbsp;
{$lng['admin']['configfiles']['importexport']}
</h2>
</header>
<section>
<a href="{$linker->getLink(array('section' => 'settings', 'page' => $page, 'action' => 'export'))}">
<input class="yesbutton" type="button" value="Download/Export {$lng['admin']['serversettings']}" />
</a>
</section>
<br><br>
<section>
<form action="{$linker->getLink(array('section' => 'settings', 'page' => $page, 'action' => 'import'))}" method="post" enctype="multipart/form-data">
<input type="hidden" name="s" value="$s" />
<input type="hidden" name="send" value="send" />
<input type="file" name="import_file" id="import_file" placeholder="Chose file for import" />
<input type="submit" value="Import">
</form>
</section>
</article>
$footer

3
templates/Sparkle/admin/settings/settings.tpl vendored
View File

@@ -3,7 +3,8 @@
<h2>
<img src="templates/{$theme}/assets/img/icons/settings_big.png" alt="" />&nbsp;
{$lng['admin']['serversettings']} &nbsp;
[<a href="$filename?page=overview&amp;part=&amp;s=$s">{$lng['admin']['configfiles']['compactoverview']}</a>]
[<a href="$filename?page=overview&amp;part=&amp;s=$s">{$lng['admin']['configfiles']['compactoverview']}</a>] &nbsp;
[<a href="$filename?page=importexport&amp;s=$s">{$lng['admin']['configfiles']['importexport']}</a>]
</h2>
</header>

3
templates/Sparkle/admin/settings/settings_overview.tpl vendored
View File

@@ -3,7 +3,8 @@
<h2>
<img src="templates/{$theme}/assets/img/icons/settings_big.png" alt="" />&nbsp;
{$lng['admin']['serversettings']} &nbsp;
[<a href="$filename?page=overview&amp;part=all&amp;s=$s">{$lng['admin']['configfiles']['overview']}</a>]
[<a href="$filename?page=overview&amp;part=all&amp;s=$s">{$lng['admin']['configfiles']['overview']}</a>] &nbsp;
[<a href="$filename?page=importexport&amp;s=$s">{$lng['admin']['configfiles']['importexport']}</a>]
</h2>
</header>