set version to 0.9.40 for upcoming release

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

README.md

@@ -51,7 +51,7 @@ https://files.froxlor.org/releases/froxlor-latest.tar.gz [MD5](https://files.fro
 [HowTo](https://github.com/Froxlor/Froxlor/wiki/Install-froxlor-on-debian)
 
 /etc/apt/sources.list.d/froxlor.list
-> deb http://debian.froxlor.org {wheezy|jessie} main
+> deb http://debian.froxlor.org {wheezy|jessie|stretch} main
 
 ### Gentoo repository
 

actions/admin/settings/100.panel.php

@@ -71,7 +71,7 @@ return array(
 					'settinggroup' => 'panel',
 					'varname' => 'no_robots',
 					'type' => 'bool',
-					'default' => false,
+					'default' => true,
 					'save_method' => 'storeSettingField',
 					),
 				'panel_paging' => array(

actions/admin/settings/122.froxlorvhost.php

@@ -80,19 +80,6 @@ return array(
 					'save_method' => 'storeSettingField',
 					'visible' => Settings::Get('system.use_ssl')
 				),
-				'system_http2_support' => array(
-					'label' => $lng['serversettings']['http2_support'],
-					'settinggroup' => 'system',
-					'varname' => 'http2_support',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					'websrv_avail' => array(
-						'apache2',
-						'nginx'
-					),
-					'visible' => Settings::Get('system.use_ssl')
-				),
 				/**
 				 * FCGID
 				 */

actions/admin/settings/130.webserver.php

@@ -60,6 +60,19 @@ return array(
 						'apache2'
 					)
 				),
+				'system_http2_support' => array(
+					'label' => $lng['serversettings']['http2_support'],
+					'settinggroup' => 'system',
+					'varname' => 'http2_support',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array(
+						'apache2',
+						'nginx'
+					),
+					'visible' => Settings::Get('system.use_ssl')
+				),
 				'system_httpuser' => array(
 					'label' => $lng['admin']['webserver_user'],
 					'settinggroup' => 'system',
@@ -112,6 +125,58 @@ return array(
 					'default' => '/var/customers/logs/',
 					'save_method' => 'storeSettingField'
 				),
+				'system_logfiles_script' => array(
+					'label' => $lng['serversettings']['logfiles_script'],
+					'settinggroup' => 'system',
+					'varname' => 'logfiles_script',
+					'type' => 'string',
+					'string_type' => '',
+					'default' => '',
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array(
+						'apache2'
+					)
+				),
+				'system_logfiles_piped' => array(
+					'label' => $lng['serversettings']['logfiles_piped'],
+					'settinggroup' => 'system',
+					'varname' => 'logfiles_piped',
+					'type' => 'bool',
+					'default' => false,
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array(
+						'apache2'
+					)
+				),
+				'system_logfiles_format' => array(
+					'label' => $lng['serversettings']['logfiles_format'],
+					'settinggroup' => 'system',
+					'varname' => 'logfiles_format',
+					'type' => 'string',
+					'default' => '',
+					'string_emptyallowed' => true,
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array(
+						'apache2',
+						'nginx'
+					)
+				),
+				'system_logfiles_type' => array(
+					'label' => $lng['serversettings']['logfiles_type'],
+					'settinggroup' => 'system',
+					'varname' => 'logfiles_type',
+					'type' => 'option',
+					'default' => '1',
+					'option_mode' => 'one',
+					'option_options' => array(
+						'1' => 'combined',
+						'2' => 'vhost_combined'
+					),
+					'save_method' => 'storeSettingField',
+					'websrv_avail' => array(
+						'apache2'
+					)
+				),
 				'system_customersslpath' => array(
 					'label' => $lng['serversettings']['customerssl_directory'],
 					'settinggroup' => 'system',

actions/admin/settings/131.ssl.php

@@ -40,7 +40,8 @@ return array(
 					'option_options' => array(
 						'TLSv1' => 'TLSv1',
 						'TLSv1.1' => 'TLSv1.1',
-						'TLSv1.2' => 'TLSv1.2'
+						'TLSv1.2' => 'TLSv1.2',
+						'TLSv1.3' => 'TLSv1.3'
 					),
 					'save_method' => 'storeSettingField'
 				),

actions/admin/settings/210.security.php

@@ -35,7 +35,7 @@ return array(
 					'settinggroup' => 'system',
 					'varname' => 'mailpwcleartext',
 					'type' => 'bool',
-					'default' => true,
+					'default' => false,
 					'save_method' => 'storeSettingField',
 					),
 				'system_passwordcryptfunc' => array(

admin_domains.php

@@ -528,7 +528,7 @@ if ($page == 'domains' || $page == 'overview') {
 
 				$ipandports = array();
 				if (isset($_POST['ipandport']) && ! is_array($_POST['ipandport'])) {
-					$_POST['ipandport'] = unserialize($_POST['ipandport']);
+					$_POST['ipandport'] = json_decode($_POST['ipandport'], true);
 				}
 
 				if (isset($_POST['ipandport']) && is_array($_POST['ipandport'])) {
@@ -564,7 +564,7 @@ if ($page == 'domains' || $page == 'overview') {
 
 					$ssl_ipandports = array();
 					if (isset($_POST['ssl_ipandport']) && ! is_array($_POST['ssl_ipandport'])) {
-						$_POST['ssl_ipandport'] = unserialize($_POST['ssl_ipandport']);
+						$_POST['ssl_ipandport'] = json_decode($_POST['ssl_ipandport'], true);
 					}
 
 					// Verify SSL-Ports
@@ -606,7 +606,7 @@ if ($page == 'domains' || $page == 'overview') {
 						$ssl_redirect = 0;
 						$letsencrypt = 0;
 						$http2 = 0;
-						// we need this for the serialize
+						// we need this for the json-encode
 						// if ssl is disabled or no ssl-ip/port exists
 						$ssl_ipandports[] = - 1;
 
@@ -622,7 +622,7 @@ if ($page == 'domains' || $page == 'overview') {
 					$ssl_redirect = 0;
 					$letsencrypt = 0;
 					$http2 = 0;
-					// we need this for the serialize
+					// we need this for the json-encode
 					// if ssl is disabled or no ssl-ip/port exists
 					$ssl_ipandports[] = - 1;
 
@@ -692,7 +692,7 @@ if ($page == 'domains' || $page == 'overview') {
 					}
 
 					if (count($ssl_ipandports) == 0) {
-						// we need this for the serialize
+						// we need this for the json-encode
 						// if ssl is disabled or no ssl-ip/port exists
 						$ssl_ipandports[] = - 1;
 					}
@@ -794,9 +794,9 @@ if ($page == 'domains' || $page == 'overview') {
 						'dkim' => $dkim,
 						'speciallogfile' => $speciallogfile,
 						'selectserveralias' => $serveraliasoption,
-						'ipandport' => serialize($ipandports),
+						'ipandport' => json_encode($ipandports),
 						'ssl_redirect' => $ssl_redirect,
-						'ssl_ipandport' => serialize($ssl_ipandports),
+						'ssl_ipandport' => json_encode($ssl_ipandports),
 						'phpenabled' => $phpenabled,
 						'openbasedir' => $openbasedir,
 						'phpsettingid' => $phpsettingid,
@@ -1124,7 +1124,6 @@ if ($page == 'domains' || $page == 'overview') {
 			}
 		}
 	} elseif ($action == 'edit' && $id != 0) {
-
 		$result_stmt = Database::prepare("
 			SELECT `d`.*, `c`.`customerid`
 			FROM `" . TABLE_PANEL_DOMAINS . "` `d`
@@ -1420,7 +1419,7 @@ if ($page == 'domains' || $page == 'overview') {
 
 				$ipandports = array();
 				if (isset($_POST['ipandport']) && ! is_array($_POST['ipandport'])) {
-					$_POST['ipandport'] = unserialize($_POST['ipandport']);
+					$_POST['ipandport'] = json_decode($_POST['ipandport'], true);
 				}
 				if (isset($_POST['ipandport']) && is_array($_POST['ipandport'])) {
 
@@ -1466,7 +1465,7 @@ if ($page == 'domains' || $page == 'overview') {
 
 					$ssl_ipandports = array();
 					if (isset($_POST['ssl_ipandport']) && ! is_array($_POST['ssl_ipandport'])) {
-						$_POST['ssl_ipandport'] = unserialize($_POST['ssl_ipandport']);
+						$_POST['ssl_ipandport'] = json_decode($_POST['ssl_ipandport'], true);
 					}
 					if (isset($_POST['ssl_ipandport']) && is_array($_POST['ssl_ipandport'])) {
 
@@ -1494,7 +1493,7 @@ if ($page == 'domains' || $page == 'overview') {
 						$ssl_redirect = 0;
 						$letsencrypt = 0;
 						$http2 = 0;
-						// we need this for the serialize
+						// we need this for the json-encode
 						// if ssl is disabled or no ssl-ip/port exists
 						$ssl_ipandports[] = - 1;
 
@@ -1510,7 +1509,7 @@ if ($page == 'domains' || $page == 'overview') {
 					$ssl_redirect = 0;
 					$letsencrypt = 0;
 					$http2 = 0;
-					// we need this for the serialize
+					// we need this for the json-encode
 					// if ssl is disabled or no ssl-ip/port exists
 					$ssl_ipandports[] = - 1;
 
@@ -1603,7 +1602,7 @@ if ($page == 'domains' || $page == 'overview') {
 					}
 
 					if (count($ssl_ipandports) == 0) {
-						// we need this for the serialize
+						// we need this for the json-encode
 						// if ssl is disabled or no ssl-ip/port exists
 						$ssl_ipandports[] = - 1;
 					}
@@ -1668,8 +1667,8 @@ if ($page == 'domains' || $page == 'overview') {
 					'issubof' => $issubof,
 					'speciallogfile' => $speciallogfile,
 					'speciallogverified' => $speciallogverified,
-					'ipandport' => serialize($ipandports),
-					'ssl_ipandport' => serialize($ssl_ipandports),
+					'ipandport' => json_encode($ipandports),
+					'ssl_ipandport' => json_encode($ssl_ipandports),
 					'letsencrypt' => $letsencrypt,
 					'http2' => $http2,
 					'hsts_maxage' => $hsts_maxage,
@@ -2028,7 +2027,15 @@ if ($page == 'domains' || $page == 'overview') {
 				} else
 					if ($result['wwwserveralias'] != $wwwserveralias || $result['letsencrypt'] != $letsencrypt) {
 						// or when wwwserveralias or letsencrypt was changed
+
 						triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $log);
+
+						if ($aliasdomain === 0) {
+							// in case the wwwserveralias is set on a main domain, $aliasdomain is 0
+							// --> the call just above to triggerLetsEncryptCSRForAliasDestinationDomain
+							//     is a noop...let's repeat it with the domain id of the main domain
+							triggerLetsEncryptCSRForAliasDestinationDomain($id, $log);
+						}
 					}
 
 				$log->logAction(ADM_ACTION, LOG_INFO, "edited domain #" . $id);
@@ -2250,12 +2257,12 @@ if ($page == 'domains' || $page == 'overview') {
 			}
 		}
 	} elseif ($action == 'jqGetCustomerPHPConfigs') {
-		
+
 		$customerid = intval($_POST['customerid']);
 		$allowed_phpconfigs = getCustomerDetail($customerid, 'allowed_phpconfigs');
 		echo !empty($allowed_phpconfigs) ? $allowed_phpconfigs : json_encode(array());
 		exit;
-		
+
 	} elseif ($action == 'import') {
 
 		if (isset($_POST['send']) && $_POST['send'] == 'send') {

admin_index.php

@@ -85,35 +85,42 @@ if ($page == 'overview') {
 	if ((isset($_GET['lookfornewversion']) && $_GET['lookfornewversion'] == 'yes')
 		|| (isset($lookfornewversion) && $lookfornewversion == 'yes')
 	) {
-		$update_check_uri = 'http://version.froxlor.org/Froxlor/legacy/' . $version;
-		$latestversion = HttpClient::urlGet($update_check_uri);
-		$latestversion = explode('|', $latestversion);
+		if (function_exists('curl_version')) {
+			$update_check_uri = 'http://version.froxlor.org/Froxlor/legacy/' . $version;
+			$latestversion = HttpClient::urlGet($update_check_uri);
+			$latestversion = explode('|', $latestversion);
 
-		if (is_array($latestversion)
-			&& count($latestversion) >= 1
-		) {
-			$_version = $latestversion[0];
-			$_message = isset($latestversion[1]) ? $latestversion[1] : '';
-			$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
+			if (is_array($latestversion)
+				&& count($latestversion) >= 1
+			) {
+				$_version = $latestversion[0];
+				$_message = isset($latestversion[1]) ? $latestversion[1] : '';
+				$_link = isset($latestversion[2]) ? $latestversion[2] : htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
 
-			// add the branding so debian guys are not gettings confused
-			// about their version-number
-			$lookfornewversion_lable = $_version.$branding;
-			$lookfornewversion_link = $_link;
-			$lookfornewversion_addinfo = $_message;
+				// add the branding so debian guys are not gettings confused
+				// about their version-number
+				$lookfornewversion_lable = $_version.$branding;
+				$lookfornewversion_link = $_link;
+				$lookfornewversion_addinfo = $_message;
 
-			// not numeric -> error-message
-			if (!preg_match('/^((\d+\\.)(\d+\\.)(\d+\\.)?(\d+)?(\-(svn|dev|rc)(\d+))?)$/', $_version)) {
-				// check for customized version to not output
-				// "There is a newer version of froxlor" besides the error-message
-				$isnewerversion = 2;
-			} elseif (version_compare2($version, $_version) == -1) {
-				$isnewerversion = 1;
+				// not numeric -> error-message
+				if (!preg_match('/^((\d+\\.)(\d+\\.)(\d+\\.)?(\d+)?(\-(svn|dev|rc)(\d+))?)$/', $_version)) {
+					// check for customized version to not output
+					// "There is a newer version of froxlor" besides the error-message
+					$isnewerversion = 2;
+				} elseif (version_compare2($version, $_version) == -1) {
+					$isnewerversion = 1;
+				} else {
+					$isnewerversion = 0;
+				}
 			} else {
-				$isnewerversion = 0;
+				redirectTo($update_check_uri.'/pretty', NULL, false);
 			}
 		} else {
-			redirectTo($update_check_uri.'/pretty', NULL, false);
+			$lookfornewversion_lable = "Version-check not available due to missing php-curl extension";
+			$lookfornewversion_link = htmlspecialchars($filename . '?s=' . urlencode($s) . '&page=' . urlencode($page) . '&lookfornewversion=yes');
+			$lookfornewversion_addinfo = '';
+			$isnewerversion = 0;
 		}
 	} else {
 		$lookfornewversion_lable = $lng['admin']['lookfornewversion']['clickhere'];

admin_phpsettings.php

@@ -125,12 +125,35 @@ if ($page == 'overview') {
 					$fpm_reqtermtimeout = 0;
 					$fpm_reqslowtimeout = 0;
 					$fpm_pass_authorizationheader = 0;
+					$override_fpmconfig = 0;
+					$stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id");
+					$def_fpmconfig = Database::pexecute_first($stmt, array(
+						'id' => $fpm_config_id
+					));
+					$pm = $def_fpmconfig['pm'];
+					$max_children = $def_fpmconfig['max_children'];
+					$start_servers = $def_fpmconfig['start_servers'];
+					$min_spare_servers = $def_fpmconfig['min_spare_servers'];
+					$max_spare_servers = $def_fpmconfig['max_spare_servers'];
+					$max_requests = $def_fpmconfig['max_requests'];
+					$idle_timeout = $def_fpmconfig['idle_timeout'];
+					$limit_extensions = $def_fpmconfig['limit_extensions'];
+
 				} elseif (Settings::Get('phpfpm.enabled') == 1) {
 					$fpm_config_id = intval($_POST['fpmconfig']);
 					$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int) $_POST['phpfpm_enable_slowlog'] : 0;
 					$fpm_reqtermtimeout = validate($_POST['phpfpm_reqtermtimeout'], 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/');
 					$fpm_reqslowtimeout = validate($_POST['phpfpm_reqslowtimeout'], 'phpfpm_reqslowtimeout', '/^([0-9]+)(|s|m|h|d)$/');
 					$fpm_pass_authorizationheader = isset($_POST['phpfpm_pass_authorizationheader']) ? (int) $_POST['phpfpm_pass_authorizationheader'] : 0;
+					$override_fpmconfig = isset($_POST['override_fpmconfig']) ? (int) $_POST['override_fpmconfig'] : 0;
+					$pm = $_POST['pm'];
+					$max_children = isset($_POST['max_children']) ? (int) $_POST['max_children'] : 0;
+					$start_servers = isset($_POST['start_servers']) ? (int) $_POST['start_servers'] : 0;
+					$min_spare_servers = isset($_POST['min_spare_servers']) ? (int) $_POST['min_spare_servers'] : 0;
+					$max_spare_servers = isset($_POST['max_spare_servers']) ? (int) $_POST['max_spare_servers'] : 0;
+					$max_requests = isset($_POST['max_requests']) ? (int) $_POST['max_requests'] : 0;
+					$idle_timeout = isset($_POST['idle_timeout']) ? (int) $_POST['idle_timeout'] : 0;
+					$limit_extensions = validate($_POST['limit_extensions'], 'limit_extensions', '/^(\.[a-z]([a-z0-9]+)\ ?)+$/');
 					// disable fcgid stuff
 					$binary = '/usr/bin/php-cgi';
 					$file_extensions = 'php';
@@ -156,7 +179,16 @@ if ($page == 'overview') {
 						`fpm_reqslow` = :fpmreqslow,
 						`phpsettings` = :phpsettings,
 						`fpmsettingid` = :fpmsettingid,
-						`pass_authorizationheader` = :fpmpassauth");
+						`pass_authorizationheader` = :fpmpassauth,
+						`override_fpmconfig` = :ofc,
+						`pm` = :pm,
+						`max_children` = :max_children,
+						`start_servers` = :start_servers,
+						`min_spare_servers` = :min_spare_servers,
+						`max_spare_servers` = :max_spare_servers,
+						`max_requests` = :max_requests,
+						`idle_timeout` = :idle_timeout,
+						`limit_extensions` = :limit_extensions");
 				$ins_data = array(
 					'desc' => $description,
 					'binary' => $binary,
@@ -169,7 +201,16 @@ if ($page == 'overview') {
 					'fpmreqslow' => $fpm_reqslowtimeout,
 					'phpsettings' => $phpsettings,
 					'fpmsettingid' => $fpm_config_id,
-					'fpmpassauth' => $fpm_pass_authorizationheader
+					'fpmpassauth' => $fpm_pass_authorizationheader,
+					'ofc' => $override_fpmconfig,
+					'pm' => $pm,
+					'max_children' => $max_children,
+					'start_servers' => $start_servers,
+					'min_spare_servers' => $min_spare_servers,
+					'max_spare_servers' => $max_spare_servers,
+					'max_requests' => $max_requests,
+					'idle_timeout' => $idle_timeout,
+					'limit_extensions' => $limit_extensions
 				);
 				Database::pexecute($ins_stmt, $ins_data);
 				
@@ -190,6 +231,10 @@ if ($page == 'overview') {
 					$fpmconfigs .= makeoption($row['description'], $row['id'], 1, true, true);
 				}
 				
+				$pm_select = makeoption('static', 'static', 'static', true, true);
+				$pm_select.= makeoption('dynamic', 'dynamic', 'static', true, true);
+				$pm_select.= makeoption('ondemand', 'ondemand', 'static', true, true);
+				
 				$phpconfig_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php';
 				$phpconfig_add_form = htmlform::genHTMLForm($phpconfig_add_data);
 				
@@ -288,12 +333,35 @@ if ($page == 'overview') {
 					$fpm_reqtermtimeout = 0;
 					$fpm_reqslowtimeout = 0;
 					$fpm_pass_authorizationheader = 0;
+					$override_fpmconfig = 0;
+					$stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_FPMDAEMONS . "` WHERE `id` = :id");
+					$def_fpmconfig = Database::pexecute_first($stmt, array(
+						'id' => $fpm_config_id
+					));
+					$pm = $def_fpmconfig['pm'];
+					$max_children = $def_fpmconfig['max_children'];
+					$start_servers = $def_fpmconfig['start_servers'];
+					$min_spare_servers = $def_fpmconfig['min_spare_servers'];
+					$max_spare_servers = $def_fpmconfig['max_spare_servers'];
+					$max_requests = $def_fpmconfig['max_requests'];
+					$idle_timeout = $def_fpmconfig['idle_timeout'];
+					$limit_extensions = $def_fpmconfig['limit_extensions'];
+
 				} elseif (Settings::Get('phpfpm.enabled') == 1) {
 					$fpm_config_id = intval($_POST['fpmconfig']);
 					$fpm_enableslowlog = isset($_POST['phpfpm_enable_slowlog']) ? (int) $_POST['phpfpm_enable_slowlog'] : 0;
 					$fpm_reqtermtimeout = validate($_POST['phpfpm_reqtermtimeout'], 'phpfpm_reqtermtimeout', '/^([0-9]+)(|s|m|h|d)$/');
 					$fpm_reqslowtimeout = validate($_POST['phpfpm_reqslowtimeout'], 'phpfpm_reqslowtimeout', '/^([0-9]+)(|s|m|h|d)$/');
 					$fpm_pass_authorizationheader = isset($_POST['phpfpm_pass_authorizationheader']) ? (int) $_POST['phpfpm_pass_authorizationheader'] : 0;
+					$override_fpmconfig = isset($_POST['override_fpmconfig']) ? (int) $_POST['override_fpmconfig'] : $result['override_fpmconfig'];
+					$pm = $_POST['pm'];
+					$max_children = isset($_POST['max_children']) ? (int) $_POST['max_children'] : $result['max_children'];
+					$start_servers = isset($_POST['start_servers']) ? (int) $_POST['start_servers'] : $result['start_servers'];
+					$min_spare_servers = isset($_POST['min_spare_servers']) ? (int) $_POST['min_spare_servers'] : $result['min_spare_servers'];
+					$max_spare_servers = isset($_POST['max_spare_servers']) ? (int) $_POST['max_spare_servers'] : $result['max_spare_servers'];
+					$max_requests = isset($_POST['max_requests']) ? (int) $_POST['max_requests'] : $result['max_requests'];
+					$idle_timeout = isset($_POST['idle_timeout']) ? (int) $_POST['idle_timeout'] : $result['idle_timeout'];
+					$limit_extensions = validate($_POST['limit_extensions'], 'limit_extensions', '/^(\.[a-z]([a-z0-9]+)\ ?)+$/');
 					// disable fcgid stuff
 					$binary = '/usr/bin/php-cgi';
 					$file_extensions = 'php';
@@ -319,7 +387,16 @@ if ($page == 'overview') {
 						`fpm_reqslow` = :fpmreqslow,
 						`phpsettings` = :phpsettings,
 						`fpmsettingid` = :fpmsettingid,
-						`pass_authorizationheader` = :fpmpassauth
+						`pass_authorizationheader` = :fpmpassauth,
+						`override_fpmconfig` = :ofc,
+						`pm` = :pm,
+						`max_children` = :max_children,
+						`start_servers` = :start_servers,
+						`min_spare_servers` = :min_spare_servers,
+						`max_spare_servers` = :max_spare_servers,
+						`max_requests` = :max_requests,
+						`idle_timeout` = :idle_timeout,
+						`limit_extensions` = :limit_extensions
 					WHERE `id` = :id");
 				$upd_data = array(
 					'desc' => $description,
@@ -334,6 +411,15 @@ if ($page == 'overview') {
 					'phpsettings' => $phpsettings,
 					'fpmsettingid' => $fpm_config_id,
 					'fpmpassauth' => $fpm_pass_authorizationheader,
+					'ofc' => $override_fpmconfig,
+					'pm' => $pm,
+					'max_children' => $max_children,
+					'start_servers' => $start_servers,
+					'min_spare_servers' => $min_spare_servers,
+					'max_spare_servers' => $max_spare_servers,
+					'max_requests' => $max_requests,
+					'idle_timeout' => $idle_timeout,
+					'limit_extensions' => $limit_extensions,
 					'id' => $id
 				);
 				Database::pexecute($upd_stmt, $upd_data);
@@ -351,6 +437,10 @@ if ($page == 'overview') {
 				while ($row = $configs->fetch(PDO::FETCH_ASSOC)) {
 					$fpmconfigs .= makeoption($row['description'], $row['id'], $result['fpmsettingid'], true, true);
 				}
+				
+				$pm_select = makeoption('static', 'static', $result['pm'], true, true);
+				$pm_select.= makeoption('dynamic', 'dynamic', $result['pm'], true, true);
+				$pm_select.= makeoption('ondemand', 'ondemand', $result['pm'], true, true);
 
 				$phpconfig_edit_data = include_once dirname(__FILE__) . '/lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php';
 				$phpconfig_edit_form = htmlform::genHTMLForm($phpconfig_edit_data);

admin_settings.php

@@ -319,6 +319,12 @@ elseif ($page == 'importexport' && $userinfo['change_serversettings'] == '1')
 				} catch(Exception $e) {
 					dynamic_error($e->getMessage());
 				}
+				inserttask('1');
+				inserttask('10');
+				// Using nameserver, insert a task which rebuilds the server config
+				inserttask('4');
+				// cron.d file
+				inserttask('99');
 				standard_success('settingsimported', '', array('filename' => 'admin_settings.php'));
 			}
 			dynamic_error("Upload failed");

customer_domains.php

@@ -773,7 +773,15 @@ if ($page == 'overview') {
 							triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $log);
 						} elseif ($result['wwwserveralias'] != $wwwserveralias || $result['letsencrypt'] != $letsencrypt) {
 							// or when wwwserveralias or letsencrypt was changed
+
 							triggerLetsEncryptCSRForAliasDestinationDomain($aliasdomain, $log);
+
+							if ($aliasdomain === 0) {
+								// in case the wwwserveralias is set on a main domain, $aliasdomain is 0
+								// --> the call just above to triggerLetsEncryptCSRForAliasDestinationDomain
+								//     is a noop...let's repeat it with the domain id of the main domain
+								triggerLetsEncryptCSRForAliasDestinationDomain($id, $log);
+							}
 						}
 
 						// check whether LE has been disabled, so we remove the certificate

customer_extras.php

@@ -563,7 +563,7 @@ if ($page == 'overview') {
 			$existing_backupJob = null;
 			while ($entry = $sel_stmt->fetch())
 			{
-				$data = unserialize($entry['data']);
+				$data = json_decode($entry['data'], true);
 				if ($data['customerid'] == $userinfo['customerid']) {
 					$existing_backupJob = $entry;
 					break;
@@ -579,6 +579,11 @@ if ($page == 'overview') {
 				$path = makeCorrectDir(validate($_POST['path'], 'path'));
 				$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
 
+				// path cannot be the customers docroot
+				if ($path == makeCorrectDir($userinfo['documentroot'])) {
+					standar_error('backupfoldercannotbedocroot');
+				}
+
 				$backup_dbs = isset($_POST['backup_dbs']) ? intval($_POST['backup_dbs']) : 0;
 				$backup_mail = isset($_POST['backup_mail']) ? intval($_POST['backup_mail']) : 0;
 				$backup_web = isset($_POST['backup_web']) ? intval($_POST['backup_web']) : 0;
@@ -613,7 +618,7 @@ if ($page == 'overview') {
 
 				if (!empty($existing_backupJob)) {
 					$action = "abort";
-					$row = unserialize($entry['data']);
+					$row = json_decode($entry['data'], true);
 					$row['path'] = makeCorrectDir(str_replace($userinfo['documentroot'], "/", $row['destdir']));
 					$row['backup_web'] = ($row['backup_web'] == '1') ? $lng['panel']['yes'] : $lng['panel']['no'];
 					$row['backup_mail'] = ($row['backup_mail'] == '1') ? $lng['panel']['yes'] : $lng['panel']['no'];

customer_tickets.php

@@ -238,7 +238,11 @@ if ($page == 'overview') {
 		}
 	} elseif ($action == 'answer' && $id != 0) {
 		if (isset($_POST['send']) && $_POST['send'] == 'send') {
-			$replyticket = ticket::getInstanceOf($userinfo, -1);
+			try {
+				$replyticket = ticket::getInstanceOf($userinfo, -1);
+			} catch(Exception $e) {
+				standard_error($e->getMessage());
+			}
 			$replyticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
 			$replyticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
 			$replyticket->Set('message', validate(str_replace("\r\n", "\n", $_POST['message']), 'message', '/^[^\0]*$/'), true, false);
@@ -246,6 +250,11 @@ if ($page == 'overview') {
 			if ($replyticket->Get('message') == null) {
 				standard_error(array('stringisempty', 'mymessage'));
 			} else {
+				try {
+					$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
+				} catch(Exception $e) {
+					standard_error($e->getMessage());
+				}
 				$now = time();
 				$replyticket->Set('customer', (int)$userinfo['customerid'], true, true);
 				$replyticket->Set('lastchange', $now, true, true);
@@ -256,8 +265,6 @@ if ($page == 'overview') {
 				$replyticket->Insert();
 
 				// Update priority if changed
-				$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
-
 				if ($replyticket->Get('priority') != $mainticket->Get('priority')) {
 					$mainticket->Set('priority', $replyticket->Get('priority'), true);
 				}
@@ -272,7 +279,11 @@ if ($page == 'overview') {
 			}
 		} else {
 			$ticket_replies = '';
-			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
+			try {
+				$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
+			} catch(Exception $e) {
+				standard_error($e->getMessage());
+			}
 			$dt = date("d.m.Y H:i\h", $mainticket->Get('dt'));
 			$status = ticket::getStatusText($lng, $mainticket->Get('status'));
 
@@ -351,7 +362,11 @@ if ($page == 'overview') {
 	} elseif ($action == 'close' && $id != 0) {
 		if (isset($_POST['send']) && $_POST['send'] == 'send') {
 			$now = time();
-			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
+			try {
+				$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
+			} catch(Exception $e) {
+				standard_error($e->getMessage());
+			}
 			$mainticket->Set('lastchange', $now, true, true);
 			$mainticket->Set('lastreplier', '0', true, true);
 			$mainticket->Set('status', '3', true, true);
@@ -359,7 +374,11 @@ if ($page == 'overview') {
 			$log->logAction(USR_ACTION, LOG_NOTICE, "closed support-ticket '" . $mainticket->Get('subject') . "'");
 			redirectTo($filename, array('page' => $page, 's' => $s));
 		} else {
-			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
+			try {
+				$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
+			} catch(Exception $e) {
+				standard_error($e->getMessage());
+			}
 			ask_yesno('ticket_reallyclose', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
 		}
 	} elseif ($action == 'reopen' && $id != 0) {
@@ -377,7 +396,11 @@ if ($page == 'overview') {
 		}
 
 		$now = time();
-		$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
+		try {
+			$mainticket = ticket::getInstanceOf($userinfo, (int)$id);
+		} catch(Exception $e) {
+			standard_error($e->getMessage());
+		}
 		$mainticket->Set('lastchange', $now, true, true);
 		$mainticket->Set('lastreplier', '0', true, true);
 		$mainticket->Set('status', '0', true, true);

dns_editor.php

@@ -208,7 +208,7 @@ if ($action == 'add_record' && ! empty($_POST)) {
 
 	// check for duplicate
 	foreach ($dom_entries as $existing_entry) {
-		// compare serialized string of array
+		// compare json-encoded string of array
 		$check_entry = $existing_entry;
 		// new entry has no ID yet
 		unset($check_entry['id']);
@@ -218,9 +218,9 @@ if ($action == 'add_record' && ! empty($_POST)) {
 		$check_entry['prio'] = (int) $check_entry['prio'];
 		$check_entry['ttl'] = (int) $check_entry['ttl'];
 		$check_entry['domain_id'] = (int) $check_entry['domain_id'];
-		// serialize both
-		$check_entry = serialize($check_entry);
-		$new = serialize($new_entry);
+		// encode both
+		$check_entry = json_encode($check_entry);
+		$new = json_encode($new_entry);
 		// compare
 		if ($check_entry === $new) {
 			$errors[] = $lng['error']['dns_duplicate_entry'];

install/froxlor.sql

@@ -198,6 +198,7 @@ CREATE TABLE `panel_customers` (
   `lepublickey` mediumtext default NULL,
   `leprivatekey` mediumtext default NULL,
   `leregistered` tinyint(1) NOT NULL default '0',
+  `leaccount` varchar(255) default '',
   `allowed_phpconfigs` varchar(500) NOT NULL default '',
    PRIMARY KEY  (`customerid`),
    UNIQUE KEY `loginname` (`loginname`)
@@ -280,11 +281,11 @@ CREATE TABLE `panel_ipsandports` (
   `vhostcontainer_servername_statement` tinyint(1) NOT NULL default '0',
   `specialsettings` text,
   `ssl` tinyint(4) NOT NULL default '0',
-  `ssl_cert_file` varchar(255) NOT NULL,
-  `ssl_key_file` varchar(255) NOT NULL,
-  `ssl_ca_file` varchar(255) NOT NULL,
+  `ssl_cert_file` varchar(255) NOT NULL default '',
+  `ssl_key_file` varchar(255) NOT NULL default '',
+  `ssl_ca_file` varchar(255) NOT NULL default '',
   `default_vhostconf_domain` text,
-  `ssl_cert_chainfile` varchar(255) NOT NULL,
+  `ssl_cert_chainfile` varchar(255) NOT NULL default '',
   `docroot` varchar(255) NOT NULL default '',
   PRIMARY KEY  (`id`),
   UNIQUE KEY `ip_port` (`ip`,`port`)
@@ -405,21 +406,12 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
 	('login', 'maxloginattempts', '3'),
 	('login', 'deactivatetime', '900'),
 	('phpfpm', 'enabled', '0'),
-	('phpfpm', 'configdir', '/etc/php-fpm.d/'),
-	('phpfpm', 'reload', '/etc/init.d/php-fpm restart'),
-	('phpfpm', 'pm', 'static'),
-	('phpfpm', 'max_children', '1'),
-	('phpfpm', 'start_servers', '20'),
-	('phpfpm', 'min_spare_servers', '5'),
-	('phpfpm', 'max_spare_servers', '35'),
-	('phpfpm', 'max_requests', '0'),
 	('phpfpm', 'tmpdir', '/var/customers/tmp/'),
 	('phpfpm', 'peardir', '/usr/share/php/:/usr/share/php5/'),
 	('phpfpm', 'envpath', '/usr/local/bin:/usr/bin:/bin'),
 	('phpfpm', 'enabled_ownvhost', '0'),
 	('phpfpm', 'vhost_httpuser', 'froxlorlocal'),
 	('phpfpm', 'vhost_httpgroup', 'froxlorlocal'),
-	('phpfpm', 'idle_timeout', '30'),
 	('phpfpm', 'aliasconfigdir', '/var/www/php-fpm/'),
 	('phpfpm', 'defaultini', '1'),
 	('phpfpm', 'vhost_defaultini', '2'),
@@ -542,7 +534,7 @@ opcache.interned_strings_buffer'),
 	('system', 'defaultip', '1'),
 	('system', 'phpappendopenbasedir', '/tmp/'),
 	('system', 'deactivateddocroot', ''),
-	('system', 'mailpwcleartext', '1'),
+	('system', 'mailpwcleartext', '0'),
 	('system', 'last_tasks_run', '000000'),
 	('system', 'nameservers', ''),
 	('system', 'mxservers', ''),
@@ -653,9 +645,14 @@ opcache.interned_strings_buffer'),
 	('system', 'hsts_incsub', '0'),
 	('system', 'hsts_preload', '0'),
 	('system', 'leregistered', '0'),
+  ('system', 'leaccount', ''),
 	('system', 'nssextrausers', '0'),
 	('system', 'disable_le_selfcheck', '0'),
 	('system', 'ssl_protocols', 'TLSv1,TLSv1.2'),
+	('system', 'logfiles_format', ''),
+	('system', 'logfiles_type', '1'),
+	('system', 'logfiles_piped', '0'),
+	('system', 'logfiles_script', ''),
 	('panel', 'decimal_places', '4'),
 	('panel', 'adminmail', 'admin@SERVERNAME'),
 	('panel', 'phpmyadmin_url', ''),
@@ -687,8 +684,8 @@ opcache.interned_strings_buffer'),
 	('panel', 'password_special_char_required', '0'),
 	('panel', 'password_special_char', '!?<>§$%+#=@'),
 	('panel', 'customer_hide_options', ''),
-	('panel', 'version', '0.9.39.5'),
-	('panel', 'db_version', '201802130');
+	('panel', 'version', '0.9.40'),
+	('panel', 'db_version', '201809280');
 
 
 DROP TABLE IF EXISTS `panel_tasks`;
@@ -896,6 +893,15 @@ CREATE TABLE `panel_phpconfigs` (
   `phpsettings` text NOT NULL,
   `fpmsettingid` int(11) NOT NULL DEFAULT '1',
   `pass_authorizationheader` tinyint(1) NOT NULL default '0',
+  `override_fpmconfig` tinyint(1) NOT NULL DEFAULT '0',
+  `pm` varchar(15) NOT NULL DEFAULT 'static',
+  `max_children` int(4) NOT NULL DEFAULT '1',
+  `start_servers` int(4) NOT NULL DEFAULT '20',
+  `min_spare_servers` int(4) NOT NULL DEFAULT '5',
+  `max_spare_servers` int(4) NOT NULL DEFAULT '35',
+  `max_requests` int(4) NOT NULL DEFAULT '0',
+  `idle_timeout` int(4) NOT NULL DEFAULT '30',
+  `limit_extensions` varchar(255) NOT NULL default '.php',
   PRIMARY KEY  (`id`),
   KEY `fpmsettingid` (`fpmsettingid`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;
@@ -999,11 +1005,12 @@ DROP TABLE IF EXISTS `domain_ssl_settings`;
 CREATE TABLE IF NOT EXISTS `domain_ssl_settings` (
   `id` int(5) NOT NULL auto_increment,
   `domainid` int(11) NOT NULL,
-  `ssl_cert_file` mediumtext NOT NULL,
-  `ssl_key_file` mediumtext NOT NULL,
+  `ssl_cert_file` mediumtext,
+  `ssl_key_file` mediumtext,
   `ssl_ca_file` mediumtext,
   `ssl_cert_chainfile` mediumtext,
   `ssl_csr_file` mediumtext,
+  `ssl_fullchain_file` mediumtext,
   `expirationdate` datetime DEFAULT NULL,
   PRIMARY KEY  (`id`)
 ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci;

install/lib/class.FroxlorInstall.php

@@ -322,11 +322,12 @@ class FroxlorInstall
 		$userdata .= "?>";
 		
 		// test if we can store the userdata.inc.php in ../lib
-		if ($fp = @fopen(dirname(dirname(dirname(__FILE__))) . '/lib/userdata.inc.php', 'w')) {
+		$userdata_file = dirname(dirname(dirname(__FILE__))) . '/lib/userdata.inc.php';
+		if ($fp = @fopen($userdata_file, 'w')) {
 			$result = @fputs($fp, $userdata, strlen($userdata));
 			@fclose($fp);
 			$content .= $this->_status_message('green', 'OK');
-			chmod('../lib/userdata.inc.php', 0440);
+			chmod($userdata_file, 0440);
 		} elseif ($fp = @fopen('/tmp/userdata.inc.php', 'w')) {
 			$result = @fputs($fp, $userdata, strlen($userdata));
 			@fclose($fp);
@@ -963,83 +964,39 @@ class FroxlorInstall
 		} else {
 			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
 		}
-		
+
+		// check for session-extension
+		$this->_requirementCheckFor($content, $_die, 'session', false, 'phpsession');
+
+		// check for ctype-extension
+		$this->_requirementCheckFor($content, $_die, 'ctype', false, 'phpctype');
+
+		// check for SimpleXML-extension
+		$this->_requirementCheckFor($content, $_die, 'simplexml', false, 'phpsimplexml');
+
 		// check for xml-extension
-		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpxml']);
-		
-		if (! extension_loaded('xml')) {
-			$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
-			$_die = true;
-		} else {
-			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
-		}
+		$this->_requirementCheckFor($content, $_die, 'xml', false, 'phpxml');
 		
 		// check for filter-extension
-		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpfilter']);
-		
-		if (! extension_loaded('filter')) {
-			$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
-			$_die = true;
-		} else {
-			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
-		}
+		$this->_requirementCheckFor($content, $_die, 'filter', false, 'phpfilter');
 		
 		// check for posix-extension
-		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpposix']);
-		
-		if (! extension_loaded('posix')) {
-			$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
-			$_die = true;
-		} else {
-			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
-		}
-		
-		// check for bstring-extension
-		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpmbstring']);
-		
-		if (! extension_loaded('mbstring')) {
-			$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
-			$_die = true;
-		} else {
-			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
-		}
+		$this->_requirementCheckFor($content, $_die, 'posix', false, 'phpposix');
+
+		// check for mbstring-extension
+		$this->_requirementCheckFor($content, $_die, 'mbstring', false, 'phpmbstring');
 		
 		// check for curl extension
-		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpcurl']);
-		
-		if (! extension_loaded('curl')) {
-			$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
-			$_die = true;
-		} else {
-			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
-		}
-		
-		// check for bcmath extension
-		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpbcmath']);
-		
-		if (! extension_loaded('bcmath')) {
-			$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements']['bcmathdescription']);
-		} else {
-			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
-		}
-		
-		// check for zip extension
-		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpzip']);
-		
-		if (! extension_loaded('zip')) {
-			$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements']['zipdescription']);
-		} else {
-			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
-		}
+		$this->_requirementCheckFor($content, $_die, 'curl', false, 'phpcurl');
 
 		// check for json extension
-		$content .= $this->_status_message('begin', $this->_lng['requirements']['phpjson']);
+		$this->_requirementCheckFor($content, $_die, 'json', false, 'phpjson');
+
+		// check for bcmath extension
+		$this->_requirementCheckFor($content, $_die, 'bcmath', true, 'phpbcmath', 'bcmathdescription');
 		
-		if (! extension_loaded('json')) {
-			$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements']['jsondescription']);
-		} else {
-			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
-		}
+		// check for zip extension
+		$this->_requirementCheckFor($content, $_die, 'zip', true, 'phpzip', 'zipdescription');
 
 		// check for open_basedir
 		$content .= $this->_status_message('begin', $this->_lng['requirements']['openbasedir']);
@@ -1049,6 +1006,16 @@ class FroxlorInstall
 		} else {
 			$content .= $this->_status_message('green', 'off');
 		}
+		
+		// check for mysqldump binary in order to backup existing database
+		$content .= $this->_status_message('begin', $this->_lng['requirements']['mysqldump']);
+
+		if (file_exists("/usr/bin/mysqldump") || file_exists("/usr/local/bin/mysqldump")) {
+			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
+		} else {
+			$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements']['mysqldumpmissing']);
+		}
+		
 		$content .= "</table>";
 		
 		// check if we have unrecoverable errors
@@ -1071,6 +1038,22 @@ class FroxlorInstall
 			'pagenavigation' => $navigation
 		);
 	}
+	
+	private function _requirementCheckFor(&$content, &$_die, $ext = '', $optional = false, $lng_txt = "", $lng_desc = "")
+	{
+		$content .= $this->_status_message('begin', $this->_lng['requirements'][$lng_txt]);
+		
+		if (! extension_loaded($ext)) {
+			if (!$optional) {
+				$content .= $this->_status_message('red', $this->_lng['requirements']['notinstalled']);
+				$_die = true;
+			} else {
+				$content .= $this->_status_message('orange', $this->_lng['requirements']['notinstalled'] . "<br />" . $this->_lng['requirements'][$lng_desc]);
+			}
+		} else {
+			$content .= $this->_status_message('green', $this->_lng['requirements']['installed']);
+		}
+	}
 
 	/**
 	 * send no-caching headers and set the default timezone
@@ -1139,12 +1122,24 @@ class FroxlorInstall
 			}
 		}
 		
-		$lngfile = $this->_basepath . '/install/lng/' . $this->_activelng . '.lng.php';
+		// require english base language as fallback
+		$lngfile = $this->_basepath . '/install/lng/' . $standardlanguage . '.lng.php';
 		if (file_exists($lngfile)) {
 			// includes file /lng/$language.lng.php if it exists
 			require $lngfile;
 			$this->_lng = $lng;
 		}
+		
+		// require chosen language if not english
+		if ($this->_activelng != $standardlanguage)
+		{
+			$lngfile = $this->_basepath . '/install/lng/' . $this->_activelng . '.lng.php';
+			if (file_exists($lngfile)) {
+				// includes file /lng/$language.lng.php if it exists
+				require $lngfile;
+				$this->_lng = $lng;
+			}
+		}
 	}
 
 	/**

install/lng/english.lng.php

@@ -28,6 +28,9 @@ $lng['requirements']['newerphpprefered'] = 'Good, but php-5.6 is prefered.';
 $lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime...';
 $lng['requirements']['phpmagic_quotes_runtime_description'] = 'PHP setting "magic_quotes_runtime" must be set to "Off". We have disabled it temporary for now please fix the coresponding php.ini.';
 $lng['requirements']['phppdo'] = 'PHP PDO extension and PDO-MySQL driver...';
+$lng['requirements']['phpsession'] = 'PHP session-extension...';
+$lng['requirements']['phpctype'] = 'PHP ctype-extension...';
+$lng['requirements']['phpsimplexml'] = 'PHP SimpleXML-extension...';
 $lng['requirements']['phpxml'] = 'PHP XML-extension...';
 $lng['requirements']['phpfilter'] = 'PHP filter-extension...';
 $lng['requirements']['phpposix'] = 'PHP posix-extension...';
@@ -38,9 +41,10 @@ $lng['requirements']['phpzip'] = 'PHP zip-extension...';
 $lng['requirements']['phpjson'] = 'PHP json-extension...';
 $lng['requirements']['bcmathdescription'] = 'Traffic-calculation related functions will not work correctly!';
 $lng['requirements']['zipdescription'] = 'The auto-update feature requires the zip extension.';
-$lng['requirements']['jsondescription'] = 'The settings import/export feature requires the json extension.';
 $lng['requirements']['openbasedir'] = 'open_basedir...';
 $lng['requirements']['openbasedirenabled'] = 'Froxlor will not work properly with open_basedir enabled. Please disable open_basedir for Froxlor in the coresponding php.ini';
+$lng['requirements']['mysqldump'] = 'MySQL dump tool';
+$lng['requirements']['mysqldumpmissing'] = 'Automatic backup of possible existing database is not possible. Please install mysql-client tools';
 $lng['requirements']['diedbecauseofrequirements'] = 'Cannot install Froxlor without these requirements! Try to fix them and retry.';
 $lng['requirements']['froxlor_succ_checks'] = 'All requirements are satisfied';
 

install/lng/german.lng.php

@@ -28,6 +28,9 @@ $lng['requirements']['newerphpprefered'] = 'Passt, aber php-5.6 wird bevorzugt.'
 $lng['requirements']['phpmagic_quotes_runtime'] = 'magic_quotes_runtime';
 $lng['requirements']['phpmagic_quotes_runtime_description'] = 'Die PHP Einstellung "magic_quotes_runtime" muss deaktiviert sein ("Off"). Die Einstellung wurde temporär deaktiviert, bitte ändern Sie diese in der entsprechenden php.ini.';
 $lng['requirements']['phppdo'] = 'PHP PDO Erweiterung und PDO-MySQL Treiber...';
+$lng['requirements']['phpsession'] = 'PHP session-Erweiterung...';
+$lng['requirements']['phpctype'] = 'PHP ctype-Erweiterung...';
+$lng['requirements']['phpsimplexml'] = 'PHP SimpleXML-Erweiterung...';
 $lng['requirements']['phpxml'] = 'PHP XML-Erweiterung...';
 $lng['requirements']['phpfilter'] = 'PHP filter-Erweiterung...';
 $lng['requirements']['phpposix'] = 'PHP posix-Erweiterung...';
@@ -38,9 +41,10 @@ $lng['requirements']['phpzip'] = 'PHP zip-Erweiterung...';
 $lng['requirements']['phpjson'] = 'PHP json-Erweiterung...';
 $lng['requirements']['bcmathdescription'] = 'Traffic-Berechnungs bezogene Funktionen stehen nicht vollständig zur Verfügung!';
 $lng['requirements']['zipdescription'] = 'Die Auto-Update Funktion benötigt die zip Erweiterung.';
-$lng['requirements']['jsondescription'] = 'Die Einstellungen Import/Export Funktion benötigt die json Erweiterung.';
 $lng['requirements']['openbasedir'] = 'open_basedir genutzt wird...';
 $lng['requirements']['openbasedirenabled'] = 'Froxlor wird mit aktiviertem open_basedir nicht vollständig funktionieren. Bitte deaktivieren Sie open_basedir für Froxlor in der entsprechenden php.ini';
+$lng['requirements']['mysqldump'] = 'MySQL dump Tool';
+$lng['requirements']['mysqldumpmissing'] = 'Ein automatisches Backup einer möglicherweise schon existierenden Datenbank nicht möglich. Bitte mysql-client installieren';
 $lng['requirements']['diedbecauseofrequirements'] = 'Kann Froxlor ohne diese Voraussetzungen nicht installieren! Beheben Sie die angezeigten Probleme und versuchen Sie es erneut.';
 $lng['requirements']['froxlor_succ_checks'] = 'Alle Vorraussetzungen sind erfüllt';
 

install/scripts/config-services.php

@@ -43,6 +43,7 @@ class ConfigServicesCmd extends CmdLineHandler
 	public static $params = array(
 		'create',
 		'apply',
+		'import-settings',
 		'daemon',
 		'list-daemons',
 		'froxlor-dir',
@@ -60,7 +61,7 @@ class ConfigServicesCmd extends CmdLineHandler
 		self::println("--create\t\tlets you create a services list configuration for the 'apply' command");
 		self::println("");
 		self::println("--apply\t\t\tconfigure your services by given configuration file. To create one run the --create command");
-		self::println("\t\t\tExample: --apply=/path/to/my-config.json");
+		self::println("\t\t\tExample: --apply=/path/to/my-config.json or --apply=http://domain.tld/my-config.json");
 		self::println("");
 		self::println("--list-daemons\t\tOutput the services that are going to be configured using a given config file. No services will be configured.");
 		self::println("\t\t\tExample: --apply=/path/to/my-config.json --list-daemons");
@@ -68,6 +69,9 @@ class ConfigServicesCmd extends CmdLineHandler
 		self::println("--daemon\t\tWhen running --apply you can specify a daemon. This will be the only service that gets configured");
 		self::println("\t\t\tExample: --apply=/path/to/my-config.json --daemon=apache24");
 		self::println("");
+		self::println("--import-settings\tImport settings from another froxlor installation. This should be done prior to running --apply or alternatively in the same command together.");
+		self::println("\t\t\tExample: --import-settings=/path/to/Froxlor_settings-[version]-[dbversion]-[date].json or --import-settings=http://domain.tld/Froxlor_settings-[version]-[dbversion]-[date].json");
+		self::println("");
 		self::println("--froxlor-dir\t\tpath to froxlor installation");
 		self::println("\t\t\tExample: --froxlor-dir=/var/www/froxlor/");
 		self::println("");
@@ -115,10 +119,15 @@ class Action
 		require FROXLOR_INSTALL_DIR . '/lib/tables.inc.php';
 		require FROXLOR_INSTALL_DIR . '/lib/functions.php';
 		require FROXLOR_INSTALL_DIR . '/lib/classes/settings/class.Settings.php';
+		require FROXLOR_INSTALL_DIR . '/lib/classes/settings/class.SImExporter.php';
 		require FROXLOR_INSTALL_DIR . '/lib/classes/config/class.ConfigParser.php';
 		require FROXLOR_INSTALL_DIR . '/lib/classes/config/class.ConfigService.php';
 		require FROXLOR_INSTALL_DIR . '/lib/classes/config/class.ConfigDaemon.php';
 		
+		if (array_key_exists("import-settings", $this->_args)) {
+			$this->_importSettings();
+		}
+		
 		if (array_key_exists("create", $this->_args)) {
 			$this->_createConfig();
 		} elseif (array_key_exists("apply", $this->_args)) {
@@ -128,6 +137,29 @@ class Action
 		}
 	}
 
+	private function _importSettings()
+	{
+		if (strtoupper(substr($this->_args["import-settings"], 0, 4)) == 'HTTP') {
+			echo "Settings file seems to be an URL, trying to download" . PHP_EOL;
+			$target = "/tmp/froxlor-import-settings-" . time() . ".json";
+			if (@file_exists($target)) {
+				@unlink($target);
+			}
+			$this->downloadFile($this->_args["import-settings"], $target);
+			$this->_args["import-settings"] = $target;
+		}
+		if (! is_file($this->_args["import-settings"])) {
+			throw new Exception("Given settings file is not a file");
+		} elseif (! file_exists($this->_args["import-settings"])) {
+			throw new Exception("Given settings file cannot be found ('" . $this->_args["import-settings"] . "')");
+		} elseif (! is_readable($this->_args["import-settings"])) {
+			throw new Exception("Given settings file cannot be read ('" . $this->_args["import-settings"] . "')");
+		}
+		$imp_content = file_get_contents($this->_args["import-settings"]);
+		SImExporter::import($imp_content);
+		CmdLineHandler::printsucc("Successfully imported settings from '" . $this->_args["import-settings"] . "'");
+	}
+
 	private function _createConfig()
 	{
 		$_daemons_config = array(
@@ -237,6 +269,15 @@ class Action
 
 	private function _applyConfig()
 	{
+		if (strtoupper(substr($this->_args["apply"], 0, 4)) == 'HTTP') {
+			echo "Config file seems to be an URL, trying to download" . PHP_EOL;
+			$target = "/tmp/froxlor-config-" . time() . ".json";
+			if (@file_exists($target)) {
+				@unlink($target);
+			}
+			$this->downloadFile($this->_args["apply"], $target);
+			$this->_args["apply"] = $target;
+		}
 		if (! is_file($this->_args["apply"])) {
 			throw new Exception("Given config file is not a file");
 		} elseif (! file_exists($this->_args["apply"])) {
@@ -316,7 +357,7 @@ class Action
 							case "file":
 								if (array_key_exists('content', $action)) {
 									CmdLineHandler::printwarn("Creating file '" . $action['name'] . "'");
-									file_put_contents($action['name'], strtr($action['content'], $replace_arr));
+									file_put_contents($action['name'], trim(strtr($action['content'], $replace_arr)));
 								} elseif (array_key_exists('subcommands', $action)) {
 									foreach ($action['subcommands'] as $fileaction) {
 										if (array_key_exists('execute', $fileaction) && $fileaction['execute'] == "pre") {
@@ -325,7 +366,7 @@ class Action
 											exec(strtr($fileaction['content'], $replace_arr));
 										} elseif ($fileaction['type'] == 'file') {
 											CmdLineHandler::printwarn("Creating file '" . $fileaction['name'] . "'");
-											file_put_contents($fileaction['name'], strtr($fileaction['content'], $replace_arr));
+											file_put_contents($fileaction['name'], trim(strtr($fileaction['content'], $replace_arr)));
 										}
 									}
 								}
@@ -334,6 +375,9 @@ class Action
 					}
 				}
 			}
+			// run cronjob at the end to ensure configs are all up to date
+			exec('php ' . FROXLOR_INSTALL_DIR . '/scripts/froxlor_master_cronjob.php --force');
+			// and done
 			CmdLineHandler::printsucc("All services have been configured");
 		} else {
 			CmdLineHandler::printerr("Unable to decode given JSON file");
@@ -417,6 +461,24 @@ class Action
 			}
 		}
 	}
+
+	private function downloadFile($src, $dest)
+	{
+		set_time_limit(0);
+		// This is the file where we save the information
+		$fp = fopen($dest, 'w+');
+		// Here is the file we are downloading, replace spaces with %20
+		$ch = curl_init(str_replace(" ", "%20", $src));
+		curl_setopt($ch, CURLOPT_TIMEOUT, 50);
+		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+		// write curl response to file
+		curl_setopt($ch, CURLOPT_FILE, $fp);
+		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+		// get curl response
+		curl_exec($ch);
+		curl_close($ch);
+		fclose($fp);
+	}
 }
 
 // give control to command line handler

install/scripts/switch-server-ip.php

@@ -164,6 +164,7 @@ class Action
 		}
 		
 		if (count($ips_to_switch) > 0) {
+			$check_stmt = Database::prepare("SELECT `id` FROM panel_ipsandports WHERE `ip` = :newip");
 			$upd_stmt = Database::prepare("UPDATE panel_ipsandports SET `ip` = :newip WHERE `ip` = :oldip");
 			
 			// system.ipaddress
@@ -180,6 +181,13 @@ class Action
 			
 			foreach ($ips_to_switch as $ip_pair) {
 				echo "Switching IP \033[1m" . $ip_pair[0] . "\033[0m to IP \033[1m" . $ip_pair[1] . "\033[0m" . PHP_EOL;
+
+				$ip_check = Database::pexecute_first($check_stmt, array('newip' => $ip_pair[1]));
+				if ($ip_check) {
+					CmdLineHandler::printwarn("Note: " . $ip_pair[0] . " not updated to " . $ip_pair[1] . " - IP already exists in froxlor's database");
+					continue;
+				}
+
 				Database::pexecute($upd_stmt, array(
 					'newip' => $ip_pair[1],
 					'oldip' => $ip_pair[0]
@@ -235,6 +243,9 @@ class Action
 		if (! file_exists(FROXLOR_INSTALL_DIR . '/lib/userdata.inc.php')) {
 			throw new Exception("Could not find froxlor's userdata.inc.php file. You should use this script only with a fully installed and setup froxlor system.");
 		}
+		require FROXLOR_INSTALL_DIR . '/lib/functions/filedir/function.makeSecurePath.php';
+		require FROXLOR_INSTALL_DIR . '/lib/functions/filedir/function.makeCorrectDir.php';
+		require FROXLOR_INSTALL_DIR . '/lib/functions/filedir/function.makeCorrectFile.php';
 		require FROXLOR_INSTALL_DIR . '/lib/classes/database/class.Database.php';
 	}
 

install/updates/froxlor/0.9/update_0.9.inc.php

@@ -3939,3 +3939,130 @@ if (isFroxlorVersion('0.9.39.4')) {
 	showUpdateStep("Updating from 0.9.39.4 to 0.9.39.5", false);
 	updateToVersion('0.9.39.5');
 }
+
+if (isDatabaseVersion('201802130')) {
+
+	showUpdateStep("Adding fullchain field to ssl certificates");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` ADD `ssl_fullchain_file` mediumtext AFTER `ssl_csr_file`;");
+	lastStepStatus(0);
+
+	updateToDbVersion('201802250');
+}
+
+if (isDatabaseVersion('201802250')) {
+
+	showUpdateStep("Adding webserver logfile settings");
+	Settings::AddNew("system.logfiles_format",  '');
+	Settings::AddNew("system.logfiles_type",  '1');
+	Settings::AddNew("system.logfiles_piped",  '0');
+	lastStepStatus(0);
+
+	updateToDbVersion('201805240');
+}
+
+if (isDatabaseVersion('201805240')) {
+
+	showUpdateStep("Adding webserver logfile-script settings");
+	Settings::AddNew("system.logfiles_script",  '');
+	lastStepStatus(0);
+
+	updateToDbVersion('201805241');
+}
+
+if (isDatabaseVersion('201805241')) {
+
+	$do_update = true;
+	showUpdateStep("Checking for required PHP json-extension");
+	if (! extension_loaded('json')) {
+		$do_update = false;
+		lastStepStatus(2, 'not installed');
+	} else {
+		lastStepStatus(0);
+
+		showUpdateStep("Checking for current cronjobs that need converting");
+		$result_tasks_stmt = Database::query("
+			SELECT * FROM `" . TABLE_PANEL_TASKS . "` ORDER BY `id` ASC
+		");
+		$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_TASKS . "` SET `data` = :data WHERE `id` = :taskid");
+		while ($row = $result_tasks_stmt->fetch(PDO::FETCH_ASSOC)) {
+			if (! empty($row['data'])) {
+				$data = unserialize($row['data']);
+				Database::pexecute($upd_stmt, array(
+					'data' => json_encode($data),
+					'taskid' => $row['id']
+				));
+			}
+		}
+		lastStepStatus(0);
+
+		updateToDbVersion('201805290');
+	}
+}
+
+if (isDatabaseVersion('201805290')) {
+
+	showUpdateStep("Adding leaccount field to panel customers");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` ADD COLUMN `leaccount` varchar(255) default '' AFTER `leregistered`;");
+	lastStepStatus(0);
+
+	showUpdateStep("Adding system setting for let's-encrypt account");
+	Settings::AddNew('system.leaccount', "");
+	lastStepStatus(0);
+
+	updateToDbVersion('201809180');
+}
+
+if (isDatabaseVersion('201809180')) {
+	
+	showUpdateStep("Adding new fields for php configs");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `override_fpmconfig` tinyint(1) NOT NULL DEFAULT '0';");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `pm` varchar(15) NOT NULL DEFAULT 'static';");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `max_children` int(4) NOT NULL DEFAULT '1';");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `start_servers` int(4) NOT NULL DEFAULT '20';");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `min_spare_servers` int(4) NOT NULL DEFAULT '5';");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `max_spare_servers` int(4) NOT NULL DEFAULT '35';");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `max_requests` int(4) NOT NULL DEFAULT '0';");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `idle_timeout` int(4) NOT NULL DEFAULT '30';");
+	Database::query("ALTER TABLE `" . TABLE_PANEL_PHPCONFIGS . "` ADD `limit_extensions` varchar(255) NOT NULL default '.php';");
+	lastStepStatus(0);
+	
+	showUpdateStep("Synchronize fpm-daemon process manager settings with php-configs");
+	// get all fpm-daemons
+	$sel_stmt = Database::prepare("SELECT * FROM `panel_fpmdaemons`;");
+	Database::pexecute($sel_stmt);
+	$fpm_daemons = $sel_stmt->fetchAll(PDO::FETCH_ASSOC);
+	$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_PHPCONFIGS . "` SET
+		`pm` = :pm,
+		`max_children` = :maxc,
+		`start_servers` = :starts,
+		`min_spare_servers` = :minss,
+		`max_spare_servers` = :maxss,
+		`max_requests` = :maxr,
+		`idle_timeout` = :it,
+		`limit_extensions` = :le
+		WHERE `fpmsettingid` = :fpmid
+	");
+	// update all php-configs with the pm data from the fpm-daemon
+	foreach ($fpm_daemons as $fpm_daemon) {
+		Database::pexecute($upd_stmt, array(
+			'pm' => $fpm_daemon['pm'],
+			'maxc' => $fpm_daemon['max_children'],
+			'starts' => $fpm_daemon['start_servers'],
+			'minss' => $fpm_daemon['min_spare_servers'],
+			'maxss' => $fpm_daemon['max_spare_servers'],
+			'maxr' => $fpm_daemon['max_requests'],
+			'it' => $fpm_daemon['idle_timeout'],
+			'le' => $fpm_daemon['limit_extensions'],
+			'fpmid' => $fpm_daemon['id']
+		));
+	}
+	lastStepStatus(0);
+	
+	updateToDbVersion('201809280');
+}
+
+if (isFroxlorVersion('0.9.39.5')) {
+
+	showUpdateStep("Updating from 0.9.39.5 to 0.9.40", false);
+	updateToVersion('0.9.40');
+}

lib/classes/cURL/class.HttpClient.php

@@ -10,13 +10,15 @@ class HttpClient
 	 *
 	 * @return array
 	 */
-	public static function urlGet($url)
+	public static function urlGet($url, $follow_location = true)
 	{
 		include FROXLOR_INSTALL_DIR . '/lib/version.inc.php';
 		$ch = curl_init();
 		curl_setopt($ch, CURLOPT_URL, $url);
 		curl_setopt($ch, CURLOPT_USERAGENT, 'Froxlor/' . $version);
-		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+		if ($follow_location) {
+			curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
+		}
 		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
 		$output = curl_exec($ch);
 		if ($output === false) {

lib/classes/database/class.Database.php

@@ -28,6 +28,11 @@
  * @author     Froxlor team <team@froxlor.org> (2010-)
  * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
  * @package    Classes
+ *
+ * @method static \PDOStatement prepare($statement, array $driver_options = null) Prepares a statement for execution and returns a statement object
+ * @method static \PDOStatement query ($statement) Executes an SQL statement, returning a result set as a PDOStatement object
+ * @method static string lastInsertId ($name = null) Returns the ID of the last inserted row or sequence value
+ * @method static string quote ($string, $parameter_type = null) Quotes a string for use in a query.
  */
 class Database {
 

lib/classes/dns/class.DnsEntry.php

@@ -43,9 +43,9 @@ class DnsEntry
 	{
 		$_content = $this->content;
 		// check content length for txt records for bind9 (multiline)
-		if (Settings::Get('system.dns_server') != 'pdns' && $this->type == 'TXT' && strlen($_content) >= 64) {
+		if (Settings::Get('system.dns_server') != 'pdns' && $this->type == 'TXT' && strlen($_content) >= 255) {
 			// split string
-			$_contentlines = str_split($_content, 63);
+			$_contentlines = str_split($_content, 254);
 			// first line
 			$_l = array_shift($_contentlines);
 			// check for starting quote

lib/classes/output/class.paging.php

@@ -114,7 +114,7 @@ class paging {
 		$this->userinfo = $userinfo;
 
 		if (!is_array($this->userinfo['lastpaging'])) {
-			$this->userinfo['lastpaging'] = unserialize($this->userinfo['lastpaging']);
+			$this->userinfo['lastpaging'] = json_decode($this->userinfo['lastpaging'], true);
 		}
 
 		$this->table = $table;
@@ -224,7 +224,7 @@ class paging {
 			AND `adminsession` = :adminsession
 		");
 		$upd_data = array(
-			'lastpaging' => serialize($this->userinfo['lastpaging']),
+			'lastpaging' => json_encode($this->userinfo['lastpaging']),
 			'hash' => $userinfo['hash'],
 			'userid' => $userinfo['userid'],
 			'ipaddr' => $userinfo['ipaddress'],

lib/classes/phpinterface/class.phpinterface_fpm.php

@@ -91,6 +91,18 @@ class phpinterface_fpm
 		$fh = @fopen($this->getConfigFile(), 'w');
 		
 		if ($fh) {
+			
+			if ($phpconfig['override_fpmconfig'] == 1) {
+				$this->_fpm_cfg['pm'] = $phpconfig['pm'];
+				$this->_fpm_cfg['max_children'] = $phpconfig['max_children'];
+				$this->_fpm_cfg['start_servers'] = $phpconfig['start_servers'];
+				$this->_fpm_cfg['min_spare_servers'] = $phpconfig['min_spare_servers'];
+				$this->_fpm_cfg['max_spare_servers'] = $phpconfig['max_spare_servers'];
+				$this->_fpm_cfg['max_requests'] = $phpconfig['max_requests'];
+				$this->_fpm_cfg['idle_timeout'] = $phpconfig['idle_timeout'];
+				$this->_fpm_cfg['limit_extensions'] = $phpconfig['limit_extensions'];
+			}
+			
 			$fpm_pm = $this->_fpm_cfg['pm'];
 			$fpm_children = (int) $this->_fpm_cfg['max_children'];
 			$fpm_start_servers = (int) $this->_fpm_cfg['start_servers'];

lib/classes/settings/class.SImExporter.php

@@ -98,14 +98,28 @@ class SImExporter
 			// when there were changes in the variable-name or similar
 			unset($_data['panel.version']);
 			unset($_data['panel.db_version']);
-
+			// validate we got ssl enabled ips when ssl is enabled
+			// otherwise deactivate it
+			if ($_data['system.use_ssl'] == 1) {
+				$result_ssl_ipsandports_stmt = Database::prepare("
+					SELECT COUNT(*) as count_ssl_ip FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ssl`='1'
+				");
+				$result = Database::pexecute_first($result_ssl_ipsandports_stmt);
+				if ($result['count_ssl_ip'] <= 0) {
+					// no ssl-ip -> deactivate
+					$_data['system.use_ssl'] = 0;
+					// deactivate other ssl-related settings
+					$_data['system.leenabled'] = 0;
+					$_data['system.le_froxlor_enabled'] = 0;
+					$_data['system.le_froxlor_redirect'] = 0;
+				}
+			}
 			// store new data
 			foreach ($_data as $index => $value) {
 				Settings::Set($index, $value);
 			}
 			// save to DB
 			Settings::Flush();
-
 			// all good
 			return true;
 		}

lib/classes/ssl/class.lescript.php

@@ -82,7 +82,7 @@ class lescript
 					Settings::Set('system.leprivatekey', $keys['private']);
 					Settings::Set('system.leregistered', 0); // key is not registered
 				} else {
-					$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `lepublickey` = :public, `leprivatekey` = :private, `leregistered` = :registered " . "WHERE `customerid` = :customerid;");
+					$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `lepublickey` = :public, `leprivatekey` = :private, `leregistered` = :registered WHERE `customerid` = :customerid;");
 					Database::pexecute($upd_stmt, array(
 						'public' => $keys['public'],
 						'private' => $keys['private'],
@@ -216,7 +216,7 @@ class lescript
 			// simple self check
 			if (Settings::Get('system.disable_le_selfcheck') == '0')
 			{
-				$selfcheckpayload = HttpClient::urlGet($uri);
+				$selfcheckpayload = HttpClient::urlGet($uri, false);
 				if ($payload !== trim($selfcheckpayload)) {
 					$errmsg = json_encode(error_get_last());
 					if ($errmsg != "null") {
@@ -342,7 +342,7 @@ class lescript
 			if ($this->isFroxlorVhost) {
 				Settings::Set('system.leregistered', $state);
 			} else {
-				$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered " . "WHERE `customerid` = :customerid;");
+				$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered WHERE `customerid` = :customerid;");
 				Database::pexecute($upd_stmt, array(
 					'registered' => $state,
 					'customerid' => $this->customerId

lib/classes/ssl/class.lescript_v2.php

@@ -76,6 +76,7 @@ class lescript_v2
 		$this->customerId = (! $isFroxlorVhost ? $certrow['customerid'] : null);
 		$this->isFroxlorVhost = $isFroxlorVhost;
 		$this->isLeProduction = (Settings::Get('system.letsencryptca') == 'production');
+		$this->_acc_location = $certrow['leaccount'];
 		
 		$leregistered = $certrow['leregistered'];
 		
@@ -93,7 +94,7 @@ class lescript_v2
 					Settings::Set('system.leprivatekey', $keys['private']);
 					Settings::Set('system.leregistered', 0); // key is not registered
 				} else {
-					$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `lepublickey` = :public, `leprivatekey` = :private, `leregistered` = :registered " . "WHERE `customerid` = :customerid;");
+					$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `lepublickey` = :public, `leprivatekey` = :private, `leregistered` = :registered WHERE `customerid` = :customerid;");
 					Database::pexecute($upd_stmt, array(
 						'public' => $keys['public'],
 						'private' => $keys['private'],
@@ -149,42 +150,55 @@ class lescript_v2
 		
 		// start domains authentication
 		// ----------------------------
-		
+
+		// Prepare order
+		$domains_in_order = array();
 		foreach ($domains as $domain) {
+			$domains_in_order []= array(
+				"type" => "dns",
+				"value" => $domain
+			);
+		}
+
+		// Send new-order request
+		$response = $this->signedRequest($this->_req_uris['newOrder'], array(
+			"identifiers" => $domains_in_order
+		), false);
+		
+		if ($this->client->getLastCode() == 403) {
+			$this->log("Got status 403 - setting LE status to unregistered.");
+			$this->_acc_location = '';
+			$this->setLeRegisteredState(0);
+			throw new RuntimeException("Got 'unauthorized' response - we need to re-register at next run.  Whole response: " . json_encode($response));
+		}
+		
+		// if response is not an array but a string, it's most likely a server-error, e.g.
+		// <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>An error occurred while processing your request.
+		// <p>Reference&#32;&#35;179&#46;d8be1402&#46;1458059103&#46;3613c4db</BODY></HTML>
+		if (! is_array($response)) {
+			throw new RuntimeException("Invalid response from LE for domain $domain. Whole response: " . json_encode($response));
+		}
+		
+		if (! array_key_exists('authorizations', $response)) {
+			throw new RuntimeException("No authorizations received for $domain. Whole response: " . json_encode($response));
+		}
+
+		$authorizations = $response['authorizations'];
+		$finalizeLink = $response['finalize'];
+
+		$i = 0;
+		
+		foreach ($authorizations as $authorization) {
 			
 			// 1. getting available authentication options
 			// -------------------------------------------
+
+			$domain = $response['identifiers'][$i++]['value'];
 			
 			$this->log("Requesting challenge for $domain");
 			
-			$response = $this->signedRequest($this->_req_uris['newOrder'], array(
-				"identifiers" => array(
-					array(
-						"type" => "dns",
-						"value" => $domain
-					)
-				)
-			), false);
-			
-			if ($this->client->getLastCode() == 403) {
-				$this->log("Got status 403 - setting LE status to unregistered.");
-				$this->setLeRegisteredState(0);
-				throw new RuntimeException("Got 'unauthorized' response - we need to re-register at next run.  Whole response: " . json_encode($response));
-			}
-			
-			// if response is not an array but a string, it's most likely a server-error, e.g.
-			// <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>An error occurred while processing your request.
-			// <p>Reference&#32;&#35;179&#46;d8be1402&#46;1458059103&#46;3613c4db</BODY></HTML>
-			if (! is_array($response)) {
-				throw new RuntimeException("Invalid response from LE for domain $domain. Whole response: " . json_encode($response));
-			}
-			
-			if (! array_key_exists('authorizations', $response)) {
-				throw new RuntimeException("No authorizations received for $domain. Whole response: " . json_encode($response));
-			}
-			
 			// get authorization
-			$auth_response = $this->client->get($response['authorizations'][0]);
+			$auth_response = $this->client->get($authorization);
 			
 			if (! array_key_exists('challenges', $auth_response)) {
 				throw new RuntimeException("No challenges received for $domain. Whole response: " . json_encode($auth_response));
@@ -201,7 +215,6 @@ class lescript_v2
 			
 			$this->log("Got challenge token for $domain");
 			$location = $challenge['url'];
-			$finalizeLink = $response['finalize'];
 			
 			// 2. saving authentication token for web verification
 			// ---------------------------------------------------
@@ -233,7 +246,7 @@ class lescript_v2
 			
 			// simple self check
 			if (Settings::Get('system.disable_le_selfcheck') == '0') {
-				$selfcheckpayload = HttpClient::urlGet($uri);
+				$selfcheckpayload = HttpClient::urlGet($uri, false);
 				if ($payload !== trim($selfcheckpayload)) {
 					$errmsg = json_encode(error_get_last());
 					if ($errmsg != "null") {
@@ -336,10 +349,12 @@ class lescript_v2
 		if ($this->isLeProduction) {
 			if ($this->isFroxlorVhost) {
 				Settings::Set('system.leregistered', $state);
+				Settings::Set('system.leaccount', $this->_acc_location);
 			} else {
-				$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered " . "WHERE `customerid` = :customerid;");
+				$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered, `leaccount` = :kid WHERE `customerid` = :customerid;");
 				Database::pexecute($upd_stmt, array(
 					'registered' => $state,
+					'kid' => $this->_acc_location,
 					'customerid' => $this->customerId
 				));
 			}
@@ -495,8 +510,8 @@ class Client
 	private function curl($method, $url, $data = null)
 	{
 		$headers = array(
-			'Accept: application/json',
-			'Content-Type: application/json'
+			'Accept: application/jose+json',
+			'Content-Type: application/jose+json'
 		);
 		$handle = curl_init();
 		curl_setopt($handle, CURLOPT_URL, preg_match('~^http~', $url) ? $url : $this->base . $url);
@@ -550,7 +565,7 @@ class Client
 			return trim($matches[1]);
 		}
 		
-		$this->curl('GET', '/directory');
+		$this->curl('GET', '/acme/new-nonce');
 		return $this->getLastNonce();
 	}
 

lib/classes/ticket/class.ticket.php

@@ -19,46 +19,53 @@
  *
  * Support Tickets - Tickets-Class
  */
-
-class ticket {
+class ticket
+{
 
 	/**
 	 * Userinfo
+	 *
 	 * @var array
 	 */
 	private $userinfo = array();
 
 	/**
 	 * Ticket ID
-	 * @var tid
+	 *
+	 * @var int
 	 */
 	private $tid = - 1;
 
 	/**
 	 * Ticket Data Array
-	 * @var t_data
+	 *
+	 * @var array
 	 */
 	private $t_data = array();
 
 	/**
 	 * Ticket-Object-Array
-	 * @var tickets
+	 *
+	 * @var ticket[]
 	 */
-	static private $tickets = array();
+	private static $tickets = array();
 
 	/**
 	 * Class constructor.
 	 *
-	 * @param array userinfo
-	 * @param int ticket id
+	 * @param
+	 *        	array userinfo
+	 * @param
+	 *        	int ticket id
 	 */
-	private function __construct($userinfo, $tid = - 1) {
+	private function __construct($userinfo, $tid = - 1)
+	{
 		$this->userinfo = $userinfo;
 		$this->tid = $tid;
-
+		
 		// initialize data array
 		$this->initData();
-
+		
 		// read data from database
 		$this->readData();
 	}
@@ -66,21 +73,24 @@ class ticket {
 	/**
 	 * Singleton ftw ;-)
 	 *
-	 * @param array userinfo
-	 * @param int ticket id
+	 * @param
+	 *        	array userinfo
+	 * @param
+	 *        	int ticket id
 	 */
-	static public function getInstanceOf($_usernfo, $_tid) {
-		if (!isset(self::$tickets[$_tid])) {
-			self::$tickets[$_tid] = new ticket($_usernfo, $_tid);
+	static public function getInstanceOf($_usernfo, $_tid)
+	{
+		if (! isset(self::$tickets[$_tid . '-' . $_usernfo['userid']])) {
+			self::$tickets[$_tid . '-' . $_usernfo['userid']] = new ticket($_usernfo, $_tid);
 		}
-		return self::$tickets[$_tid];
+		return self::$tickets[$_tid . '-' . $_usernfo['userid']];
 	}
 
 	/**
 	 * Initialize data-array
 	 */
-	private function initData() {
-
+	private function initData()
+	{
 		$this->Set('customer', 0, true, true);
 		$this->Set('admin', 1, true, true);
 		$this->Set('subject', '', true, true);
@@ -100,16 +110,33 @@ class ticket {
 	/**
 	 * Read ticket data from database.
 	 */
-	private function readData() {
-
-		if (isset($this->tid)
-			&& $this->tid != - 1
-		) {
-			$_ticket_stmt = Database::prepare('
-				SELECT * FROM `' . TABLE_PANEL_TICKETS . '` WHERE `id` = :tid'
-			);
-			$_ticket = Database::pexecute_first($_ticket_stmt, array('tid' => $this->tid));
-
+	private function readData()
+	{
+		if (isset($this->tid) && $this->tid != - 1) {
+			
+			if ($this->userinfo['customerid'] > 0) {
+				$_ticket_stmt = Database::prepare('
+					SELECT * FROM `' . TABLE_PANEL_TICKETS . '` WHERE `id` = :tid AND `customerid` = :cid');
+				$tdata = array(
+					'tid' => $this->tid,
+					'cid' => $this->userinfo['customerid']
+				);
+			} else {
+				$_ticket_stmt = Database::prepare('
+					SELECT * FROM `' . TABLE_PANEL_TICKETS . '` WHERE `id` = :tid' . ($this->userinfo['customers_see_all'] ? '' : ' AND `adminid` = :adminid'));
+				$tdata = array(
+					'tid' => $this->tid
+				);
+				if ($this->userinfo['customers_see_all'] != '1') {
+					$tdata['adminid'] = $this->userinfo['adminid'];
+				}
+			}
+			$_ticket = Database::pexecute_first($_ticket_stmt, $tdata);
+			
+			if ($_ticket == false) {
+				throw new Exception("Invalid ticket id");
+			}
+			
 			$this->Set('customer', $_ticket['customerid'], true, false);
 			$this->Set('admin', $_ticket['adminid'], true, false);
 			$this->Set('subject', $_ticket['subject'], true, false);
@@ -130,8 +157,8 @@ class ticket {
 	/**
 	 * Insert data to database
 	 */
-	public function Insert() {
-
+	public function Insert()
+	{
 		$ins_stmt = Database::prepare("
 			INSERT INTO `" . TABLE_PANEL_TICKETS . "` SET
                 `customerid` = :customerid,
@@ -146,8 +173,7 @@ class ticket {
                 `status` = :status,
                 `lastreplier` = :lastreplier,
                 `by` = :by,
-                `answerto` = :answerto"
-		);
+                `answerto` = :answerto");
 		$ins_data = array(
 			'customerid' => $this->Get('customer'),
 			'adminid' => $this->Get('admin'),
@@ -171,8 +197,9 @@ class ticket {
 	/**
 	 * Update data in database
 	 */
-	public function Update() {
-
+	public function Update()
+	{
+		
 		// Update "main" ticket
 		$upd_stmt = Database::prepare('
 			UPDATE `' . TABLE_PANEL_TICKETS . '` SET
@@ -180,8 +207,7 @@ class ticket {
                 `lastchange` = :lastchange,
                 `status` = :status,
                 `lastreplier` = :lastreplier
-                WHERE `id` = :tid'
-		);
+                WHERE `id` = :tid');
 		$upd_data = array(
 			'priority' => $this->Get('priority'),
 			'lastchange' => $this->Get('lastchange'),
@@ -196,38 +222,44 @@ class ticket {
 	/**
 	 * Moves a ticket to the archive
 	 */
-	public function Archive() {
-
+	public function Archive()
+	{
+		
 		// Update "main" ticket
 		$upd_stmt = Database::prepare('
-			UPDATE `' . TABLE_PANEL_TICKETS . '` SET `archived` = "1" WHERE `id` = :tid'
-		);
-		Database::pexecute($upd_stmt, array('tid' => $this->tid));
-
+			UPDATE `' . TABLE_PANEL_TICKETS . '` SET `archived` = "1" WHERE `id` = :tid');
+		Database::pexecute($upd_stmt, array(
+			'tid' => $this->tid
+		));
+		
 		// Update "answers" to ticket
 		$upd_stmt = Database::prepare('
-			UPDATE `' . TABLE_PANEL_TICKETS . '` SET `archived` = "1" WHERE `answerto` = :tid'
-		);
-		Database::pexecute($upd_stmt, array('tid' => $this->tid));
+			UPDATE `' . TABLE_PANEL_TICKETS . '` SET `archived` = "1" WHERE `answerto` = :tid');
+		Database::pexecute($upd_stmt, array(
+			'tid' => $this->tid
+		));
 		return true;
 	}
 
 	/**
 	 * Remove ticket from database
 	 */
-	public function Delete() {
-
+	public function Delete()
+	{
+		
 		// Delete "main" ticket
 		$del_stmt = Database::prepare('
-			DELETE FROM `' . TABLE_PANEL_TICKETS . '` WHERE `id` = :tid'
-		);
-		Database::pexecute($del_stmt, array('tid' => $this->tid));
-
+			DELETE FROM `' . TABLE_PANEL_TICKETS . '` WHERE `id` = :tid');
+		Database::pexecute($del_stmt, array(
+			'tid' => $this->tid
+		));
+		
 		// Delete "answers" to ticket"
 		$del_stmt = Database::prepare('
-			DELETE FROM `' . TABLE_PANEL_TICKETS . '` WHERE `answerto` = :tid'
-		);
-		Database::pexecute($del_stmt, array('tid' => $this->tid));
+			DELETE FROM `' . TABLE_PANEL_TICKETS . '` WHERE `answerto` = :tid');
+		Database::pexecute($del_stmt, array(
+			'tid' => $this->tid
+		));
 		return true;
 	}
 
@@ -237,16 +269,17 @@ class ticket {
 	public function sendMail($customerid = - 1, $template_subject = null, $default_subject = null, $template_body = null, $default_body = null)
 	{
 		global $mail, $theme;
-
+		
 		// Some checks are to be made here in the future
 		if ($customerid != - 1) {
 			// Get e-mail message for customer
 			$usr_stmt = Database::prepare('
 				SELECT `name`, `firstname`, `company`, `email`
-				FROM `' . TABLE_PANEL_CUSTOMERS . '` WHERE `customerid` = :customerid'
-			);
-			$usr = Database::pexecute_first($usr_stmt, array('customerid' => $customerid));
-
+				FROM `' . TABLE_PANEL_CUSTOMERS . '` WHERE `customerid` = :customerid');
+			$usr = Database::pexecute_first($usr_stmt, array(
+				'customerid' => $customerid
+			));
+			
 			$replace_arr = array(
 				'FIRSTNAME' => $usr['firstname'],
 				'NAME' => $usr['name'],
@@ -268,23 +301,21 @@ class ticket {
 			SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
 			WHERE `adminid`= :adminid
 			AND `language`= :lang
-			AND `templategroup`= 'mails' AND `varname`= :tplsubject"
-		);
+			AND `templategroup`= 'mails' AND `varname`= :tplsubject");
 		$result = Database::pexecute_first($result_stmt, $tpl_seldata);
 		$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $default_subject), $replace_arr));
-
+		
 		unset($tpl_seldata['tplsubject']);
 		$tpl_seldata['tplmailbody'] = $template_body;
-
+		
 		$result_stmt = Database::prepare("
 			SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
 			WHERE `adminid`= :adminid
 			AND `language`= :lang
-			AND `templategroup`= 'mails' AND `varname`= :tplmailbody"
-		);
+			AND `templategroup`= 'mails' AND `varname`= :tplmailbody");
 		$result = Database::pexecute_first($result_stmt, $tpl_seldata);
 		$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $default_body), $replace_arr));
-
+		
 		if ($customerid != - 1) {
 			$_mailerror = false;
 			try {
@@ -294,28 +325,30 @@ class ticket {
 				$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
 				$mail->AddAddress($usr['email'], $usr['firstname'] . ' ' . $usr['name']);
 				$mail->Send();
-			} catch(phpmailerException $e) {
+			} catch (phpmailerException $e) {
 				$mailerr_msg = $e->errorMessage();
 				$_mailerror = true;
 			} catch (Exception $e) {
 				$mailerr_msg = $e->getMessage();
 				$_mailerror = true;
 			}
-
+			
 			if ($_mailerror) {
-				$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'ticket_class'));
+				$rstlog = FroxlorLogger::getInstanceOf(array(
+					'loginname' => 'ticket_class'
+				));
 				$rstlog->logAction(ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
 				standard_error('errorsendingmail', $usr['email']);
 			}
 			$mail->ClearAddresses();
-
 		} else {
-
+			
 			$admin_stmt = Database::prepare("
 				SELECT `name`, `email` FROM `" . TABLE_PANEL_ADMINS . "`
-				WHERE `adminid` = :adminid"
-			);
-			$admin = Database::pexecute_first($admin_stmt, array('adminid' => $this->userinfo['adminid']));
+				WHERE `adminid` = :adminid");
+			$admin = Database::pexecute_first($admin_stmt, array(
+				'adminid' => $this->userinfo['adminid']
+			));
 			$_mailerror = false;
 			try {
 				$mail->SetFrom(Settings::Get('ticket.noreply_email'), Settings::Get('ticket.noreply_name'));
@@ -324,20 +357,22 @@ class ticket {
 				$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
 				$mail->AddAddress($admin['email'], $admin['name']);
 				$mail->Send();
-			} catch(phpmailerException $e) {
+			} catch (phpmailerException $e) {
 				$mailerr_msg = $e->errorMessage();
 				$_mailerror = true;
 			} catch (Exception $e) {
 				$mailerr_msg = $e->getMessage();
 				$_mailerror = true;
 			}
-
+			
 			if ($_mailerror) {
-				$rstlog = FroxlorLogger::getInstanceOf(array('loginname' => 'ticket_class'));
+				$rstlog = FroxlorLogger::getInstanceOf(array(
+					'loginname' => 'ticket_class'
+				));
 				$rstlog->logAction(ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
 				standard_error('errorsendingmail', $admin['email']);
 			}
-
+			
 			$mail->ClearAddresses();
 		}
 	}
@@ -345,21 +380,18 @@ class ticket {
 	/**
 	 * Add a support-categories
 	 */
-	static public function addCategory($_category = null, $_admin = 1, $_order = 1) {
-
-		if ($_category != null
-			&& $_category != ''
-		) {
+	static public function addCategory($_category = null, $_admin = 1, $_order = 1)
+	{
+		if ($_category != null && $_category != '') {
 			if ($_order < 1) {
 				$_order = 1;
 			}
-
+			
 			$ins_stmt = Database::prepare("
 				INSERT INTO `" . TABLE_PANEL_TICKET_CATS . "` SET
 					`name` = :name,
 					`adminid` = :adminid,
-					`logicalorder` = :lo"
-			);
+					`logicalorder` = :lo");
 			$ins_data = array(
 				'name' => $_category,
 				'adminid' => $_admin,
@@ -374,23 +406,24 @@ class ticket {
 	/**
 	 * Edit a support-categories
 	 */
-	static public function editCategory($_category = null, $_id = 0, $_order = 1) {
-
-		if ($_category != null
-			&& $_category != ''
-			&& $_id != 0
-		) {
+	static public function editCategory($_category = null, $_id = 0, $_order = 1)
+	{
+		if ($_category != null && $_category != '' && $_id != 0) {
 			if ($_order < 1) {
 				$_order = 1;
 			}
-
+			
 			$upd_stmt = Database::prepare("
 				UPDATE `" . TABLE_PANEL_TICKET_CATS . "` SET
 					`name` = :name,
 					`logicalorder` = :lo
                   WHERE `id` = :id
 			");
-			Database::pexecute($upd_stmt, array('name' => $_category, 'lo' => $_order, 'id' => $_id));
+			Database::pexecute($upd_stmt, array(
+				'name' => $_category,
+				'lo' => $_order,
+				'id' => $_id
+			));
 			return true;
 		}
 		return false;
@@ -399,40 +432,43 @@ class ticket {
 	/**
 	 * Delete a support-categories
 	 */
-	static public function deleteCategory($_id = 0) {
-
+	static public function deleteCategory($_id = 0)
+	{
 		if ($_id != 0) {
-
+			
 			$result_stmt = Database::prepare("
 				SELECT COUNT(`id`) as `numtickets` FROM `" . TABLE_PANEL_TICKETS . "`
-				WHERE `category` = :cat"
-			);
-			$result = Database::pexecute_first($result_stmt, array('cat' => $_id));
-
+				WHERE `category` = :cat");
+			$result = Database::pexecute_first($result_stmt, array(
+				'cat' => $_id
+			));
+			
 			if ($result['numtickets'] == "0") {
 				$del_stmt = Database::prepare("
-					DELETE FROM `" . TABLE_PANEL_TICKET_CATS . "` WHERE `id` = :id"
-				);
-				Database::pexecute($del_stmt, array('id' => $_id));
+					DELETE FROM `" . TABLE_PANEL_TICKET_CATS . "` WHERE `id` = :id");
+				Database::pexecute($del_stmt, array(
+					'id' => $_id
+				));
 				return true;
 			} else {
 				return false;
 			}
 		}
-
+		
 		return false;
 	}
 
 	/**
 	 * Return a support-category-name
 	 */
-	static public function getCategoryName($_id = 0) {
-
+	static public function getCategoryName($_id = 0)
+	{
 		if ($_id != 0) {
 			$stmt = Database::prepare("
-				SELECT `name` FROM `" . TABLE_PANEL_TICKET_CATS . "` WHERE `id` = :id"
-			);
-			$category = Database::pexecute_first($stmt, array('id' => $_id));
+				SELECT `name` FROM `" . TABLE_PANEL_TICKET_CATS . "` WHERE `id` = :id");
+			$category = Database::pexecute_first($stmt, array(
+				'id' => $_id
+			));
 			return $category['name'];
 		}
 		return null;
@@ -440,32 +476,33 @@ class ticket {
 
 	/**
 	 * get the highest order number
-	 * 
-	 * @param object $_uid admin-id (optional)
-	 * 
+	 *
+	 * @param object $_uid
+	 *        	admin-id (optional)
+	 *        	
 	 * @return int highest order number
 	 */
-	static public function getHighestOrderNumber($_uid = 0) {
-
+	static public function getHighestOrderNumber($_uid = 0)
+	{
 		$where = '';
 		$sel_data = array();
 		if ($_uid > 0) {
 			$where = " WHERE `adminid` = :adminid";
 			$sel_data['adminid'] = $_uid;
 		}
-		$sql = "SELECT MAX(`logicalorder`) as `highestorder` FROM `" . TABLE_PANEL_TICKET_CATS . "`".$where.";";
+		$sql = "SELECT MAX(`logicalorder`) as `highestorder` FROM `" . TABLE_PANEL_TICKET_CATS . "`" . $where . ";";
 		$result_stmt = Database::prepare($sql);
 		$result = Database::pexecute_first($result_stmt, $sel_data);
-		return (isset($result['highestorder']) ? (int)$result['highestorder'] : 0);
+		return (isset($result['highestorder']) ? (int) $result['highestorder'] : 0);
 	}
 
 	/**
 	 * returns the last x archived tickets
 	 */
-	static public function getLastArchived($_num = 10, $_admin = 1) {
-
+	static public function getLastArchived($_num = 10, $_admin = 1)
+	{
 		if ($_num > 0) {
-
+			
 			$archived = array();
 			$counter = 0;
 			$result_stmt = Database::prepare("
@@ -477,12 +514,13 @@ class ticket {
 				FROM `" . TABLE_PANEL_TICKETS . "` `main`
 				WHERE `main`.`answerto` = '0' AND `main`.`archived` = '1'
 				AND `main`.`adminid` = :adminid
-				ORDER BY `main`.`lastchange` DESC LIMIT 0, ".(int)$_num
-			);
-			Database::pexecute($result_stmt, array('adminid' => $_admin));
-
+				ORDER BY `main`.`lastchange` DESC LIMIT 0, " . (int) $_num);
+			Database::pexecute($result_stmt, array(
+				'adminid' => $_admin
+			));
+			
 			while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-
+				
 				$archived[$counter]['id'] = $row['id'];
 				$archived[$counter]['customerid'] = $row['customerid'];
 				$archived[$counter]['adminid'] = $row['adminid'];
@@ -496,9 +534,9 @@ class ticket {
 				$archived[$counter]['lastchange'] = $row['lastchange'];
 				$archived[$counter]['status'] = $row['status'];
 				$archived[$counter]['by'] = $row['by'];
-				$counter++;
+				$counter ++;
 			}
-
+			
 			if (isset($archived[0]['id'])) {
 				return $archived;
 			} else {
@@ -516,129 +554,102 @@ class ticket {
 	static public function getArchiveSearchStatement($subject = null, $priority = null, $fromdate = null, $todate = null, $message = null, $customer = - 1, $admin = 1, $categories = null)
 	{
 		$search_params = array();
-
+		
 		$query = "
 			SELECT `main`.*, (
 				SELECT COUNT(`sub`.`id`) FROM `" . TABLE_PANEL_TICKETS . "` `sub`
 				WHERE `sub`.`answerto` = `main`.`id`
 			) as `ticket_answers`
 			FROM `" . TABLE_PANEL_TICKETS . "` `main`
-			WHERE `main`.`archived` = '1' AND `main`.`adminid` = :admin"
-		;
-
+			WHERE `main`.`archived` = '1' AND `main`.`adminid` = :admin";
+		
 		$search_params['admin'] = $admin;
-
-		if ($subject != NULL
-			&& $subject != ''
-		) {
+		
+		if ($subject != NULL && $subject != '') {
 			$query .= " AND `main`.`subject` LIKE :subject";
-			$search_params['subject'] = "%".$subject."%";
+			$search_params['subject'] = "%" . $subject . "%";
 		}
-
-		if ($priority != null
-			&& isset($priority[0])
-			&& $priority[0] != ''
-		) {
-
-			if (isset($priority[1])
-				&& $priority[1] != ''
-			) {
-
-				if (isset($priority[2])
-					&& $priority[2] != ''
-				) {
-
+		
+		if ($priority != null && isset($priority[0]) && $priority[0] != '') {
+			
+			if (isset($priority[1]) && $priority[1] != '') {
+				
+				if (isset($priority[2]) && $priority[2] != '') {
+					
 					$query .= " AND (`main`.`priority` = '1' OR `main`.`priority` = '2' OR `main`.`priority` = '3')";
-
 				} else {
-
+					
 					$query .= " AND (`main`.`priority` = '1' OR `main`.`priority` = '1')";
 				}
-
-			} elseif (isset($priority[2])
-				&& $priority[2] != ''
-			) {
-
+			} elseif (isset($priority[2]) && $priority[2] != '') {
+				
 				$query .= " AND (`main`.`priority` = '1' OR `main`.`priority` = '3')";
-
 			} else {
 				$query .= " AND `main`.`priority` = '1'";
 			}
-
-		} elseif($priority != null
-			&& isset($priority[1])
-			&& $priority[1] != ''
-		) {
-			if (isset($priority[2])
-				&& $priority[2] != ''
-			) {
+		} elseif ($priority != null && isset($priority[1]) && $priority[1] != '') {
+			if (isset($priority[2]) && $priority[2] != '') {
 				$query .= " AND (`main`.`priority` = '2' OR `main`.`priority` = '3')";
 			} else {
 				$query .= " AND `main`.`priority` = '2'";
 			}
-
-		} elseif($priority != null) {
-
-			if (isset($priority[3])
-				&& $priority[3] != ''
-			) {
+		} elseif ($priority != null) {
+			
+			if (isset($priority[3]) && $priority[3] != '') {
 				$query .= " AND `main`.`priority` = '3'";
 			}
 		}
-
-		if ($fromdate != null
-			&& $fromdate > 0
-		) {
+		
+		if ($fromdate != null && $fromdate > 0) {
 			$query .= " AND `main`.`lastchange` > :fromdate";
 			$search_params['fromdate'] = strtotime($fromdate);
 		}
-
-		if ($todate != null
-			&& $todate > 0
-		) {
+		
+		if ($todate != null && $todate > 0) {
 			$query .= " AND `main`.`lastchange` < :todate";
 			$search_params['todate'] = strtotime($todate);
 		}
-
-		if ($message != null
-			&& $message != ''
-		) {
+		
+		if ($message != null && $message != '') {
 			$query .= " AND `main`.`message` LIKE :message";
-			$search_params['message'] = "%".$message."%";
+			$search_params['message'] = "%" . $message . "%";
 		}
-
+		
 		if ($customer != - 1) {
 			$query .= " AND `main`.`customerid` = :customer";
 			$search_params['customer'] = $customer;
 		}
-
+		
 		if ($categories != null) {
-
+			
 			$cats = array();
 			foreach ($categories as $index => $catid) {
 				if ($catid != "") {
 					$cats[] = $catid;
 				}
 			}
-
+			
 			if (count($cats) > 0) {
 				$query .= " AND (";
 			}
-
+			
 			foreach ($cats as $catid) {
 				if (isset($catid) && $catid > 0) {
-					$query .= "`main`.`category` = :catid_".$catid." OR ";
-					$search_params['catid_'.$catid] = $catid;
+					$query .= "`main`.`category` = :catid_" . $catid . " OR ";
+					$search_params['catid_' . $catid] = $catid;
 				}
 			}
-
+			
 			if (count($cats) > 0) {
 				$query = substr($query, 0, strlen($query) - 3);
 				$query .= ") ";
 			}
 		}
-
-		return array('0' => $query, '1' => $search_params);
+		
+		return array(
+			'0' => $query,
+			'1' => $search_params
+		);
 	}
 
 	/**
@@ -646,8 +657,7 @@ class ticket {
 	 */
 	static public function getStatusText($_lng, $_status = 0)
 	{
-		switch($_status)
-		{
+		switch ($_status) {
 			case 0:
 				return $_lng['ticket']['open'];
 				break;
@@ -668,8 +678,7 @@ class ticket {
 	 */
 	static public function getPriorityText($_lng, $_priority = 0)
 	{
-		switch($_priority)
-		{
+		switch ($_priority) {
 			case 1:
 				return $_lng['ticket']['high'];
 				break;
@@ -684,19 +693,19 @@ class ticket {
 
 	private function convertLatin1ToHtml($str)
 	{
-		$html_entities = array (
-					"Ä" =>  "&Auml;",
-					"ä" =>  "&auml;",
-					"Ö" =>  "&Ouml;",
-					"ö" =>  "&ouml;",
-					"Ü" =>  "&Uuml;",
-					"ü" =>  "&uuml;",
-					"ß" =>  "&szlig;"
-					/*
-					 * @TODO continue this table for all the special-characters
-					 */
+		$html_entities = array(
+			"Ä" => "&Auml;",
+			"ä" => "&auml;",
+			"Ö" => "&Ouml;",
+			"ö" => "&ouml;",
+			"Ü" => "&Uuml;",
+			"ü" => "&uuml;",
+			"ß" => "&szlig;"
+			/*
+		 * @TODO continue this table for all the special-characters
+		 */
 		);
-
+		
 		foreach ($html_entities as $key => $value) {
 			$str = str_replace($key, $value, $str);
 		}
@@ -706,45 +715,47 @@ class ticket {
 	/**
 	 * function customerHasTickets
 	 *
-	 * @param	int		customer-id
-	 *
-	 * @return	array/bool	array of ticket-ids if customer has any, else false
+	 * @param
+	 *        	int customer-id
+	 *        	
+	 * @return array/bool array of ticket-ids if customer has any, else false
 	 */
-	static public function customerHasTickets($_cid = 0) {
-
+	static public function customerHasTickets($_cid = 0)
+	{
 		if ($_cid != 0) {
 			$result_stmt = Database::prepare("
-				SELECT `id` FROM `" . TABLE_PANEL_TICKETS . "` WHERE `customerid` = :cid"
-			);
-			Database::pexecute($result_stmt, array('cid' => $_cid));
-
+				SELECT `id` FROM `" . TABLE_PANEL_TICKETS . "` WHERE `customerid` = :cid");
+			Database::pexecute($result_stmt, array(
+				'cid' => $_cid
+			));
+			
 			$tickets = array();
 			while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 				$tickets[] = $row['id'];
 			}
-
+			
 			return $tickets;
 		}
-
+		
 		return false;
 	}
 
 	/**
 	 * Get a data-var
 	 */
-	public function Get($_var = '', $_vartrusted = false) {
-
+	public function Get($_var = '', $_vartrusted = false)
+	{
 		if ($_var != '') {
-			if (!$_vartrusted) {
+			if (! $_vartrusted) {
 				$_var = htmlspecialchars($_var);
 			}
-
+			
 			if (isset($this->t_data[$_var])) {
 				if (strtolower($_var) == 'message') {
 					// avoid double line-breaks, #1413
 					$this->t_data[$_var] = str_replace("<br />\n", "\n", $this->t_data[$_var]);
 					return nl2br($this->t_data[$_var]);
-				} elseif(strtolower($_var) == 'subject') {
+				} elseif (strtolower($_var) == 'subject') {
 					return nl2br($this->t_data[$_var]);
 				} else {
 					return $this->t_data[$_var];
@@ -758,25 +769,21 @@ class ticket {
 	/**
 	 * Set a data-var
 	 */
-	public function Set($_var = '', $_value = '', $_vartrusted = false, $_valuetrusted = false) {
-
-		if ($_var != ''
-			&& $_value != ''
-		) {
-			if (!$_vartrusted) {
+	public function Set($_var = '', $_value = '', $_vartrusted = false, $_valuetrusted = false)
+	{
+		if ($_var != '' && $_value != '') {
+			if (! $_vartrusted) {
 				$_var = strip_tags($_var);
 			}
-
-			if (!$_valuetrusted) {
+			
+			if (! $_valuetrusted) {
 				$_value = strip_tags($_value, '<br />');
 			}
-
-			if (strtolower($_var) == 'message'
-				|| strtolower($_var) == 'subject'
-			) {
+			
+			if (strtolower($_var) == 'message' || strtolower($_var) == 'subject') {
 				$_value = $this->convertLatin1ToHtml($_value);
 			}
-
+			
 			$this->t_data[$_var] = $_value;
 		}
 	}

lib/classes/webserver/class.DomainSSL.php

@@ -89,6 +89,10 @@ class DomainSSL {
 					$ssl_files['ssl_cert_chainfile'] = makeCorrectFile($sslcertpath.'/'.$domain['domain'].'_chain.pem');
 				}
 			}
+			// will only be generated to be used externally, froxlor does not need this
+			if ($dom_certs['ssl_fullchain_file'] != '') {
+				$ssl_files['ssl_fullchain_file'] = makeCorrectFile($sslcertpath.'/'.$domain['domain'].'_fullchain.pem');
+			}
 			// create them on the filesystem
 			foreach ($ssl_files as $type => $filename) {
 				if ($filename != '') {

lib/configfiles/gentoo.xml

@@ -2138,7 +2138,7 @@ protocol lda {
 driver = mysql
 connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
 default_pass_scheme = CRYPT
-password_query = "SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota,'M') AS userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve')"
+password_query = "SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota,'M') AS userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))"
 user_query = "SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('*:storage=', quota,'M') AS quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u')"
 iterate_query = "SELECT username AS user FROM mail_users WHERE (imap = 1 OR pop3 = 1)"
 ]]>

lib/configfiles/jessie.xml

@@ -48,6 +48,11 @@
 					<include>//service[@type='http']/general/commands</include>
 					<command><![CDATA[a2dismod userdir]]></command>
 					<command><![CDATA[a2enmod headers]]></command>
+					<command>
+						<visibility mode="true">{{settings.system.use_ssl}}
+						</visibility>
+						<content><![CDATA[a2enmod ssl]]></content>
+					</command>
 					<command>
 						<visibility mode="true">{{settings.phpfpm.enabled}}
 						</visibility>
@@ -2714,7 +2719,7 @@ user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir
 #  SELECT userid AS user, password, \
 #    home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \
 #  FROM users WHERE userid = '%u'
-password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve')
+password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))
 
 # Query to get a list of all usernames.
 #iterate_query = SELECT username AS user FROM users
@@ -4646,7 +4651,9 @@ aliases:     files
 					<install><![CDATA[apt-get install nscd libnss-extrausers]]></install>
 					<commands index="1">
 						<command><![CDATA[mkdir -p /var/lib/extrausers]]></command>
-						<command><![CDATA[touch /var/lib/extrausers/{passwd,group,shadow}]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/passwd]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/group]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/shadow]]></command>
 					</commands>
 					<file name="/etc/nsswitch.conf" backup="true">
 						<content><![CDATA[
@@ -4753,6 +4760,11 @@ aliases:     files
 						</visibility>
 						<command><![CDATA[a2dismod php5]]></command>
 					</commands>
+					<commands index="5">
+						<visibility mode="equals" value="apache2">{{settings.system.webserver}}
+						</visibility>
+						<command><![CDATA[/etc/init.d/apache2 restart]]></command>
+					</commands>
 					<!-- instead of just restarting apache, we let the cronjob do all the
 						dirty work -->
 					<command><![CDATA[php {{const.FROXLOR_INSTALL_DIR}}/scripts/froxlor_master_cronjob.php --force]]></command>

lib/configfiles/precise.xml

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <froxlor>
-	<distribution name="Ubuntu" codename="Precise" version="12.04" defaulteditor="/usr/bin/nano">
+	<distribution name="Ubuntu" codename="Precise" version="12.04" defaulteditor="/usr/bin/nano" deprecated="true">
 		<services>
 			<!-- HTTP -->
 			<service type="http" title="{{lng.admin.configfiles.http}}">
@@ -49,6 +49,11 @@
 					<include>//service[@type='http']/general/commands</include>
 					<command><![CDATA[a2dismod userdir]]></command>
 					<command><![CDATA[a2enmod headers]]></command>
+					<command>
+						<visibility mode="true">{{settings.system.use_ssl}}
+						</visibility>
+						<content><![CDATA[a2enmod ssl]]></content>
+					</command>
 					<file name="/etc/apache2/mods-enabled/fastcgi.conf">
 						<visibility mode="true">{{settings.phpfpm.enabled}}
 						</visibility>
@@ -726,7 +731,7 @@ smtpd_sasl_local_domain = $myhostname
 broken_sasl_auth_clients = yes
 
 # Virtual delivery settings
-virtual_mailbox_base = <VIRTUAL_MAILBOX_BASE>
+virtual_mailbox_base = /
 virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
 virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf
 virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf
@@ -1029,7 +1034,7 @@ userdb {
 driver = mysql
 connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
 default_pass_scheme = CRYPT
-password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('maildir:storage=', (quota*1024)) as userdb_quota FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve')
+password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('maildir:storage=', (quota*1024)) as userdb_quota FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))
 user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('maildir:storage=', (quota*1024)) as quota FROM mail_users WHERE (username = '%u' OR email = '%u')
 iterate_query = SELECT username AS user FROM mail_users WHERE (imap = 1 OR pop3 = 1)
 ]]>
@@ -1645,7 +1650,9 @@ aliases:     files
 					<install><![CDATA[apt-get install nscd libnss-extrausers]]></install>
 					<commands index="1">
 						<command><![CDATA[mkdir -p /var/lib/extrausers]]></command>
-						<command><![CDATA[touch /var/lib/extrausers/{passwd,group,shadow}]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/passwd]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/group]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/shadow]]></command>
 					</commands>
 					<file name="/etc/nsswitch.conf" backup="true">
 						<content><![CDATA[
@@ -1752,6 +1759,11 @@ aliases:     files
 						</visibility>
 						<command><![CDATA[a2dismod php5]]></command>
 					</commands>
+					<commands index="5">
+						<visibility mode="equals" value="apache2">{{settings.system.webserver}}
+						</visibility>
+						<command><![CDATA[/etc/init.d/apache2 restart]]></command>
+					</commands>
 					<!-- instead of just restarting apache, we let the cronjob do all the
 						dirty work -->
 					<command><![CDATA[php {{const.FROXLOR_INSTALL_DIR}}/scripts/froxlor_master_cronjob.php --force]]></command>

lib/configfiles/rhel_centos.xml

@@ -1774,7 +1774,7 @@ default_pass_scheme = CRYPT
 #password_query = \
 #  SELECT username, domain, password \
 #  FROM users WHERE username = '%n' AND domain = '%d'
-password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve')
+password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))
 #password_query = SELECT username as user, password, '/var/vmail/%d/%n' as userdb_home, 'maildir:/var/vmail/%d/%n' as userdb_mail, 150 as userdb_uid, 12 as userdb_gid FROM mailbox WHERE username = '%u' AND active = '1'
 
 # userdb query to retrieve the user information. It can return fields:

lib/configfiles/stretch.xml

@@ -48,6 +48,11 @@
 					<include>//service[@type='http']/general/commands</include>
 					<command><![CDATA[a2dismod userdir]]></command>
 					<command><![CDATA[a2enmod headers]]></command>
+					<command>
+						<visibility mode="true">{{settings.system.use_ssl}}
+						</visibility>
+						<content><![CDATA[a2enmod ssl]]></content>
+					</command>
 					<command>
 						<visibility mode="true">{{settings.phpfpm.enabled}}
 						</visibility>
@@ -2723,7 +2728,7 @@ user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir
 #  SELECT userid AS user, password, \
 #    home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \
 #  FROM users WHERE userid = '%u'
-password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve')
+password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))
 
 # Query to get a list of all usernames.
 #iterate_query = SELECT username AS user FROM users
@@ -4546,7 +4551,9 @@ PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
 					<install><![CDATA[apt-get install nscd libnss-extrausers]]></install>
 					<commands index="1">
 						<command><![CDATA[mkdir -p /var/lib/extrausers]]></command>
-						<command><![CDATA[touch /var/lib/extrausers/{passwd,group,shadow}]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/passwd]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/group]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/shadow]]></command>
 					</commands>
 					<file name="/etc/nsswitch.conf" backup="true">
 						<content><![CDATA[
@@ -4647,6 +4654,11 @@ aliases:     files
 						</visibility>
 						<command><![CDATA[a2dismod php7.0]]></command>
 					</commands>
+					<commands index="5">
+						<visibility mode="equals" value="apache2">{{settings.system.webserver}}
+						</visibility>
+						<command><![CDATA[/etc/init.d/apache2 restart]]></command>
+					</commands>
 					<!-- instead of just restarting apache, we let the cronjob do all the
 						dirty work -->
 					<command><![CDATA[php {{const.FROXLOR_INSTALL_DIR}}/scripts/froxlor_master_cronjob.php --force]]></command>

lib/configfiles/trusty.xml

@@ -49,6 +49,11 @@
 					<include>//service[@type='http']/general/commands</include>
 					<command><![CDATA[a2dismod userdir]]></command>
 					<command><![CDATA[a2enmod headers]]></command>
+					<command>
+						<visibility mode="true">{{settings.system.use_ssl}}
+						</visibility>
+						<content><![CDATA[a2enmod ssl]]></content>
+					</command>
 					<file name="/etc/apache2/mods-enabled/fastcgi.conf">
 						<visibility mode="true">{{settings.phpfpm.enabled}}
 						</visibility>
@@ -85,6 +90,11 @@ Alias "/.well-known/acme-challenge" "{{settings.system.letsencryptchallengepath}
 					<include>//service[@type='http']/general/commands</include>
 					<command><![CDATA[a2dismod userdir]]></command>
 					<command><![CDATA[a2enmod headers]]></command>
+					<command>
+						<visibility mode="true">{{settings.system.use_ssl}}
+						</visibility>
+						<content><![CDATA[a2enmod ssl]]></content>
+					</command>
 					<file name="/etc/apache2/mods-enabled/fastcgi.conf">
 						<visibility mode="true">{{settings.phpfpm.enabled}}
 						</visibility>
@@ -761,7 +771,7 @@ smtpd_sasl_local_domain = $myhostname
 broken_sasl_auth_clients = yes
 
 # Virtual delivery settings
-virtual_mailbox_base = <VIRTUAL_MAILBOX_BASE>
+virtual_mailbox_base = /
 virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
 virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf
 virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf
@@ -1038,7 +1048,7 @@ auth_mechanisms = plain login
 driver = mysql
 connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
 default_pass_scheme = CRYPT
-password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve')
+password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid,  CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('*:storage=', quota, 'M') as userdb_quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR ((postfix = 'Y' AND '%Ls' = 'smtp') OR (postfix = 'Y' AND '%Ls' = 'sieve')))
 user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('*:storage=', quota, 'M') as quota_rule FROM mail_users WHERE (username = '%u' OR email = '%u')
 iterate_query = SELECT username AS user FROM mail_users WHERE (imap = 1 OR pop3 = 1)
 ]]>
@@ -1654,7 +1664,9 @@ aliases:     files
 					<install><![CDATA[apt-get install nscd libnss-extrausers]]></install>
 					<commands index="1">
 						<command><![CDATA[mkdir -p /var/lib/extrausers]]></command>
-						<command><![CDATA[touch /var/lib/extrausers/{passwd,group,shadow}]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/passwd]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/group]]></command>
+						<command><![CDATA[touch /var/lib/extrausers/shadow]]></command>
 					</commands>
 					<file name="/etc/nsswitch.conf" backup="true">
 						<content><![CDATA[
@@ -1761,6 +1773,11 @@ aliases:     files
 						</visibility>
 						<command><![CDATA[a2dismod php5]]></command>
 					</commands>
+					<commands index="5">
+						<visibility mode="equals" value="apache2">{{settings.system.webserver}}
+						</visibility>
+						<command><![CDATA[/etc/init.d/apache2 restart]]></command>
+					</commands>
 					<!-- instead of just restarting apache, we let the cronjob do all the
 						dirty work -->
 					<command><![CDATA[php {{const.FROXLOR_INSTALL_DIR}}/scripts/froxlor_master_cronjob.php --force]]></command>

lib/formfields/admin/customer/formfield.customer_add.php

@@ -178,7 +178,7 @@ return array(
 						'label' => $lng['customer']['diskspace'],
 						'type' => 'textul',
 						'value' => 0,
-						'maxlength' => 6,
+						'maxlength' => 16,
 						'mandatory' => true,
 						'ul_field' => $diskspace_ul
 					),
@@ -186,7 +186,7 @@ return array(
 						'label' => $lng['customer']['traffic'],
 						'type' => 'textul',
 						'value' => 0,
-						'maxlength' => 4,
+						'maxlength' => 14,
 						'mandatory' => true,
 						'ul_field' => $traffic_ul
 					),

lib/formfields/admin/customer/formfield.customer_edit.php

@@ -170,7 +170,7 @@ return array(
 						'label' => $lng['customer']['diskspace'],
 						'type' => 'textul',
 						'value' => $result['diskspace'],
-						'maxlength' => 6,
+						'maxlength' => 16,
 						'mandatory' => true,
 						'ul_field' => $diskspace_ul
 					),
@@ -178,7 +178,7 @@ return array(
 						'label' => $lng['customer']['traffic'],
 						'type' => 'textul',
 						'value' => $result['traffic'],
-						'maxlength' => 4,
+						'maxlength' => 14,
 						'mandatory' => true,
 						'ul_field' => $traffic_ul
 					),

lib/formfields/admin/phpconfig/formfield.phpconfig_add.php

@@ -99,6 +99,70 @@ return array(
 						),
 						'value' => array()
 					),
+					'override_fpmconfig' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['override_fpmconfig'],
+						'type' => 'checkbox',
+						'values' => array(
+							array ('label' => $lng['panel']['yes'], 'value' => '1')
+						),
+						'value' => array()
+					),
+					'pm' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['pm'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'select',
+						'select_var' => $pm_select
+					),
+					'max_children' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['max_children']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['max_children']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => 1
+					),
+					'start_servers' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['start_servers']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['start_servers']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => 20
+					),
+					'min_spare_servers' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => 5
+					),
+					'max_spare_servers' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => 35
+					),
+					'max_requests' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['max_requests']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['max_requests']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => 0
+					),
+					'idle_timeout' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => 30
+					),
+					'limit_extensions' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'text',
+						'value' => '.php'
+					),
 					'phpsettings' => array(
 						'style' => 'align-top',
 						'label' => $lng['admin']['phpsettings']['phpinisettings'],

lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php

@@ -102,6 +102,70 @@ return array(
 						),
 						'value' => array($result['pass_authorizationheader'])
 					),
+					'override_fpmconfig' => array(
+						'label' => $lng['serversettings']['phpfpm_settings']['override_fpmconfig'],
+						'type' => 'checkbox',
+						'values' => array(
+							array ('label' => $lng['panel']['yes'], 'value' => '1')
+						),
+						'value' => array($result['override_fpmconfig'])
+					),
+					'pm' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['pm'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'select',
+						'select_var' => $pm_select
+					),
+					'max_children' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['max_children']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['max_children']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => $result['max_children']
+					),
+					'start_servers' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['start_servers']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['start_servers']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => $result['start_servers']
+					),
+					'min_spare_servers' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['min_spare_servers']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => $result['min_spare_servers']
+					),
+					'max_spare_servers' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['max_spare_servers']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => $result['max_spare_servers']
+					),
+					'max_requests' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['max_requests']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['max_requests']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => $result['max_requests']
+					),
+					'idle_timeout' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['idle_timeout']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'int',
+						'value' => $result['idle_timeout']
+					),
+					'limit_extensions' => array(
+						'visible' => (Settings::Get('phpfpm.enabled') == 1 ? true : false),
+						'label' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['title'],
+						'desc' => $lng['serversettings']['phpfpm_settings']['limit_extensions']['description'].$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'],
+						'type' => 'text',
+						'value' => $result['limit_extensions']
+					),
 					'phpsettings' => array(
 						'style' => 'align-top',
 						'label' => $lng['admin']['phpsettings']['phpinisettings'],

lib/formfields/customer/extras/formfield.backup.php

@@ -24,8 +24,8 @@ return array(
 				'image' => 'icons/backup_big.png',
 				'fields' => array(
 					'path' => array(
-						'label' => $lng['panel']['path'],
-						'desc' => (Settings::Get('panel.pathedit') != 'Dropdown' ? $lng['panel']['pathDescription'] : null).(isset($pathSelect['note']) ? '<br />'.$pathSelect['value'] : ''),
+						'label' => $lng['panel']['backuppath']['title'],
+						'desc' => $lng['panel']['backuppath']['description'].'<br>'.(Settings::Get('panel.pathedit') != 'Dropdown' ? $lng['panel']['pathDescription'] : null).(isset($pathSelect['note']) ? '<br />'.$pathSelect['value'] : ''),
 						'type' => $pathSelect['type'],
 						'select_var' => $pathSelect['value'],
 						'value' => $pathSelect['value']

lib/functions/formfields/option/function.validateFormFieldOption.php

@@ -34,7 +34,7 @@ function validateFormFieldOption($fieldname, $fielddata, $newfieldvalue)
 		$returnvalue = isset($fielddata['option_options'][$newfieldvalue]);
 	}
 
-	if($returnvalue === true)
+	if($returnvalue === true || $fielddata['visible'] == false)
 	{
 		return true;
 	}

lib/functions/froxlor/function.CronjobFunctions.php

@@ -63,7 +63,7 @@ function getOutstandingTasks() {
 	while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
 
 		if ($row['data'] != '') {
-			$row['data'] = unserialize($row['data']);
+			$row['data'] = json_decode($row['data'], true);
 		}
 
 		// rebuilding webserver-configuration

lib/functions/froxlor/function.inserttask.php

@@ -70,7 +70,7 @@ function inserttask($type, $param1 = '', $param2 = '', $param3 = '', $param4 = '
 		$data['uid'] = $param2;
 		$data['gid'] = $param3;
 		$data['store_defaultindex'] = $param4;
-		$data = serialize($data);
+		$data = json_encode($data);
 		Database::pexecute($ins_stmt, array('type' => '2', 'data' => $data));
 
 	} elseif ($type == '6'
@@ -78,7 +78,7 @@ function inserttask($type, $param1 = '', $param2 = '', $param3 = '', $param4 = '
 	) {
 		$data = array();
 		$data['loginname'] = $param1;
-		$data = serialize($data);
+		$data = json_encode($data);
 		Database::pexecute($ins_stmt, array('type' => '6', 'data' => $data));
 
 	} elseif ($type == '7'
@@ -88,7 +88,7 @@ function inserttask($type, $param1 = '', $param2 = '', $param3 = '', $param4 = '
 		$data = array();
 		$data['loginname'] = $param1;
 		$data['email'] = $param2;
-		$data = serialize($data);
+		$data = json_encode($data);
 		Database::pexecute($ins_stmt, array('type' => '7', 'data' => $data));
 
 	} elseif ($type == '8'
@@ -98,13 +98,13 @@ function inserttask($type, $param1 = '', $param2 = '', $param3 = '', $param4 = '
 		$data = array();
 		$data['loginname'] = $param1;
 		$data['homedir'] = $param2;
-		$data = serialize($data);
+		$data = json_encode($data);
 		Database::pexecute($ins_stmt, array('type' => '8', 'data' => $data));
 
 	} elseif ($type == '20'
 		&& is_array($param1)
 	) {
-		$data = serialize($param1);
+		$data = json_encode($param1);
 		Database::pexecute($ins_stmt, array('type' => '20', 'data' => $data));
 	}
 }

lib/functions/output/function.RedirectCode.php

@@ -36,9 +36,11 @@ function getRedirectCodesArray() {
  * return an array of all enabled redirect-codes
  * for the settings form
  *
+ * @param bool $add_desc optional, default true, add the code-description
+ *
  * @return array array of enabled redirect-codes
  */
-function getRedirectCodes() {
+function getRedirectCodes($add_desc = true) {
 
 	global $lng;
 
@@ -47,7 +49,10 @@ function getRedirectCodes() {
 
 	$codes = array();
 	while ($rc = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-		$codes[$rc['id']] = $rc['code']. ' ('.$lng['redirect_desc'][$rc['desc']].')';
+		$codes[$rc['id']] = $rc['code'];
+		if ($add_desc) {
+			$codes[$rc['id']] .= ' ('.$lng['redirect_desc'][$rc['desc']].')';
+		}
 	}
 
 	return $codes;
@@ -58,12 +63,18 @@ function getRedirectCodes() {
  * domain-id
  *
  * @param integer $domainid id of the domain
- * @param string $default
  *
  * @return string redirect-code
  */
-function getDomainRedirectCode($domainid = 0, $default = '') {
+function getDomainRedirectCode($domainid = 0) {
 
+	// get system default
+	$default = '301';
+	if (Settings::Get('customredirect.enabled') == '1') {
+		$all_codes = getRedirectCodes(false);
+		$_default = $all_codes[Settings::Get('customredirect.default')];
+		$default = ($_default == '---') ? $default : $_default;
+	}
 	$code = $default;
 	if ($domainid > 0) {
 

lib/functions/validate/function.checkFcgidPhpFpm.php

@@ -24,12 +24,14 @@ function checkFcgidPhpFpm($fieldname, $fielddata, $newfieldvalue, $allnewfieldva
         'system_mod_fcgid_enabled' => array(
             'other_post_field' => 'system_phpfpm_enabled',
             'other_enabled' => 'phpfpm.enabled',
-            'other_enabled_lng' => 'phpfpmstillenabled'
+			'other_enabled_lng' => 'phpfpmstillenabled',
+			'deactivate' => array('phpfpm.enabled_ownvhost' => 0)
         ),
         'system_phpfpm_enabled' => array(
             'other_post_field' => 'system_mod_fcgid_enabled',
             'other_enabled' => 'system.mod_fcgid',
-            'other_enabled_lng' => 'fcgidstillenabled'
+			'other_enabled_lng' => 'fcgidstillenabled',
+			'deactivate' => array('system.mod_fcgid_ownvhost' => 0)
         )
     );
     
@@ -56,6 +58,13 @@ function checkFcgidPhpFpm($fieldname, $fielddata, $newfieldvalue, $allnewfieldva
                 }
             }
         }
+        if (in_array(FORMFIELDS_PLAUSIBILITY_CHECK_OK, $returnvalue)) {
+			// be sure to deactivate the other one for the froxlor-vhost
+			// to avoid having a settings-deadlock
+			foreach ($check_array[$fieldname]['deactivate'] as $setting => $value) {
+				Settings::Set($setting, $value, true);
+			}
+        }
     }
     
     return $returnvalue;

lib/navigation/00.froxlor.main.php

@@ -272,6 +272,12 @@ return array(
 					'label' => $lng['admin']['autoupdate'],
 					'required_resources' => 'change_serversettings',
 					'show_element' => extension_loaded('zip')
+				),
+				array(
+					'url' => 'admin_settings.php?page=wipecleartextmailpws',
+					'label' => $lng['admin']['wipecleartextmailpwd'],
+					'required_resources' => 'change_serversettings',
+					'show_element' => (Settings::Get('system.mailpwcleartext') == true)
 				)
 			)
 		),

lib/version.inc.php

@@ -16,10 +16,10 @@
  */
 
 // Main version variable
-$version = '0.9.39.5';
+$version = '0.9.40';
 
 // Database version (YYYYMMDDC where C is a daily counter)
-$dbversion = '201802130';
+$dbversion = '201809280';
 
 // Distribution branding-tag (used for Debian etc.)
 $branding = '';

lng/english.lng.php

@@ -229,6 +229,7 @@ $lng['error']['destinationalreadyexistasmail'] = 'The forwarder to %s already ex
 $lng['error']['destinationalreadyexist'] = 'You have already defined a forwarder to %s .';
 $lng['error']['destinationiswrong'] = 'The forwarder %s contains invalid character(s) or is incomplete.';
 $lng['error']['ticketnotaccessible'] = 'You cannot access this ticket.';
+$lng['error']['backupfoldercannotbedocroot'] = 'The folder for backups cannot be your homedir, please chose a folder within your homedir, e.g. /backups';
 
 /**
  * Questions
@@ -337,6 +338,14 @@ $lng['serversettings']['documentroot_prefix']['title'] = 'Home directory';
 $lng['serversettings']['documentroot_prefix']['description'] = 'Where should all home directories be stored?';
 $lng['serversettings']['logfiles_directory']['title'] = 'Logfiles directory';
 $lng['serversettings']['logfiles_directory']['description'] = 'Where should all log files be stored?';
+$lng['serversettings']['logfiles_script']['title'] = 'Custom script to pipe log-files to';
+$lng['serversettings']['logfiles_script']['description'] = 'You can specify a script here and use the placeholders <strong>{LOGFILE}, {DOMAIN} and {CUSTOMER}</strong> if needed. In case you want to use it you will need to activate the <strong>Pipe webserver logfiles</strong> option too. No prefixed pipe-character is needed.';
+$lng['serversettings']['logfiles_format']['title'] = 'Access-log format';
+$lng['serversettings']['logfiles_format']['description'] = 'Enter a custom log-format here according to your webservers specifications, leave empty for default';
+$lng['serversettings']['logfiles_type']['title'] = 'Access-log type';
+$lng['serversettings']['logfiles_type']['description'] = 'Chose between <strong>combined</strong> or <strong>vhost_combined</strong> here.';
+$lng['serversettings']['logfiles_piped']['title'] = 'Pipe webserver logfiles to specified script (see above)';
+$lng['serversettings']['logfiles_piped']['description'] = 'When using a custom script for the logfiles you need to activate this in order for it to be executed';
 $lng['serversettings']['ipaddress']['title'] = 'IP-address';
 $lng['serversettings']['ipaddress']['description'] = 'What\'s the main IP-address of this server?';
 $lng['serversettings']['hostname']['title'] = 'Hostname';
@@ -508,8 +517,8 @@ $lng['changepassword']['also_change_webalizer'] = ' also change password for the
 
 $lng['serversettings']['mailpwcleartext']['title'] = 'Also save passwords of mail accounts unencrypted in database';
 $lng['serversettings']['mailpwcleartext']['description'] = 'If this is set to yes, all passwords will also be saved unencrypted (clear text, plain readable for everyone with database access) in the mail_users-table. Only activate this if you intend to use SASL!';
-$lng['serversettings']['mailpwcleartext']['removelink'] = 'Click here to wipe all unencrypted passwords from the table.';
-$lng['question']['admin_cleartextmailpws_reallywipe'] = 'Do you really want to wipe all unencrypted mail account passwords from the table mail_users? This cannot be reverted!';
+$lng['admin']['wipecleartextmailpwd'] = 'Clear plaintext passwords';
+$lng['question']['admin_cleartextmailpws_reallywipe'] = 'Do you really want to wipe all unencrypted mail account passwords from the table mail_users? This cannot be reverted! The setting to store email passwords unencrypted will also be set to OFF';
 $lng['admin']['configfiles']['overview'] = 'Overview';
 $lng['admin']['configfiles']['wizard'] = 'Wizard';
 $lng['admin']['configfiles']['distribution'] = 'Distribution';
@@ -1648,7 +1657,7 @@ $lng['admin']['usedmax'] = 'Used / Max';
 $lng['admin']['used'] = 'Used';
 $lng['mysql']['size'] = 'Size';
 
-$lng['error']['invalidhostname'] = 'Hostname can\'t be empty nor can it consist only of whitespaces';
+$lng['error']['invalidhostname'] = 'Hostname needs to be avalid domain. It can\'t be empty nor can it consist only of whitespaces';
 
 $lng['traffic']['http'] = 'HTTP (MiB)';
 $lng['traffic']['ftp'] = 'FTP (MiB)';
@@ -2117,3 +2126,7 @@ $lng['admin']['plans']['use_plan'] = 'Apply plan';
 $lng['question']['plan_reallydelete'] = 'Do you really want to delete the hosting plan %s?';
 $lng['admin']['notryfiles']['title'] = 'No autogenerated try_files';
 $lng['admin']['notryfiles']['description'] = 'Say yes here if you want to specify a custom try_files directive in specialsettings (needed for some wordpress plugins for example).';
+$lng['serversettings']['phpfpm_settings']['override_fpmconfig'] = 'Override FPM-daemon settings (pm, max_children, etc.)';
+$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'] = '<br /><span class="red">Only used if "Override FPM-daemon settings" is set to "Yes"</span>';
+$lng['panel']['backuppath']['title'] = 'Destination path for the backup';
+$lng['panel']['backuppath']['description'] = 'This is the path where the backups will be stored. If backup of web-data is selected, all files from the homedir are stored excluding the backup-folder specified here.';

lng/german.lng.php

@@ -227,6 +227,7 @@ $lng['error']['destinationalreadyexistasmail'] = 'Die Weiterleitung zu "%s" exis
 $lng['error']['destinationalreadyexist'] = 'Es existiert bereits eine Weiterleitung nach "%s".';
 $lng['error']['destinationiswrong'] = 'Die Weiterleitungsadresse "%s" enthält ungültige Zeichen oder ist nicht vollständig.';
 $lng['error']['ticketnotaccessible'] = 'Sie können sich das Ticket nicht ansehen.';
+$lng['error']['backupfoldercannotbedocroot'] = 'Der Ordner für Backups darf nicht das Heimatverzeichnis sein, wähle einen Ordner unterhalb des Heimatverzeichnisses, z.B. /backups';
 
 /**
  * Questions
@@ -333,6 +334,14 @@ $lng['serversettings']['documentroot_prefix']['title'] = 'Heimatverzeichnis';
 $lng['serversettings']['documentroot_prefix']['description'] = 'Wo sollen die Heimatverzeichnisse der Kunden liegen?';
 $lng['serversettings']['logfiles_directory']['title'] = 'Webserver-Logdateien-Verzeichnis';
 $lng['serversettings']['logfiles_directory']['description'] = 'Wo sollen die Logdateien des Webservers liegen?';
+$lng['serversettings']['logfiles_script']['title'] = 'Eigenes Script zu dem Log-Files übergeben werden';
+$lng['serversettings']['logfiles_script']['description'] = 'Hier kann ein Script an das die Loginhalte übergeben werden hinterlegt und die Platzhalter <strong>{LOGFILE}, {DOMAIN} und {CUSTOMER}</strong> genutzt werden, sofern nötig. Falls ein Script angegeben wird, muss die Option <strong>Webserver Logdateien umleiten</strong> gesetzt werden';
+$lng['serversettings']['logfiles_format']['title'] = 'Access-Log Format';
+$lng['serversettings']['logfiles_format']['description'] = 'Hier kann ein angepasstes Log-format entsprechend der Webserver-Dokumentation angegeben werden, leer lassen für Standard';
+$lng['serversettings']['logfiles_type']['title'] = 'Access-Log Typ';
+$lng['serversettings']['logfiles_type']['description'] = 'Wähle zwischen <strong>combined</strong> oder <strong>vhost_combined</strong>.';
+$lng['serversettings']['logfiles_piped']['title'] = 'Webserver Logdateien zu eigenem Script umleiten (siehe oben)';
+$lng['serversettings']['logfiles_piped']['description'] = 'Wenn ein Script für die Logdateien verwendet wird, muss diese Option aktiviert werden, damit der Webserver die Ausgabe an das Script weitergibt.';
 $lng['serversettings']['ipaddress']['title'] = 'IP-Adresse';
 $lng['serversettings']['ipaddress']['description'] = 'Welche Haupt-IP-Adresse hat der Server?';
 $lng['serversettings']['hostname']['title'] = 'Hostname';
@@ -503,8 +512,8 @@ $lng['changepassword']['also_change_webalizer'] = ' Auch Passwort der Statistiks
 
 $lng['serversettings']['mailpwcleartext']['title'] = 'Passwörter der Mail-Konten auch im Klartext in der Datenbank speichern';
 $lng['serversettings']['mailpwcleartext']['description'] = 'Wenn diese Einstellung auf Ja gesetzt wird, werden alle Passwörter auch unverschlüsselt (also im Klartext, für jeden mit Zugriff auf die Froxlor-Datenbank sofort lesbar) in der mail_users-Tabelle gespeichert. Aktivieren Sie diese Option nur dann, wenn Sie SASL nutzen!';
-$lng['serversettings']['mailpwcleartext']['removelink'] = 'Klicken Sie hier, um alle unverschlüsselten Passwörter aus der Tabelle zu entfernen.';
-$lng['question']['admin_cleartextmailpws_reallywipe'] = 'Wollen Sie wirklich alle unverschlüsselten Passwörter aus der Tabelle mail_users entfernen? Dieser Schritt kann nicht rückgängig gemacht werden!';
+$lng['admin']['wipecleartextmailpwd'] = 'Klartext-Passwörter leeren';
+$lng['question']['admin_cleartextmailpws_reallywipe'] = 'Wollen Sie wirklich alle unverschlüsselten Passwörter aus der Tabelle mail_users entfernen? Dieser Schritt kann nicht rückgängig gemacht werden! Die Einstellung für das Speichern der E-Mail Konten Passwörter in Klartext wird hierbei ebenfalls deaktiviert.';
 $lng['admin']['configfiles']['overview'] = 'Übersicht';
 $lng['admin']['configfiles']['wizard'] = 'Assistent';
 $lng['admin']['configfiles']['distribution'] = 'Distribution';
@@ -1375,7 +1384,7 @@ $lng['admin']['usedmax'] = 'Benutzt / Max.';
 $lng['admin']['used'] = 'Benutzt';
 $lng['mysql']['size'] = 'Datenbankgröße';
 
-$lng['error']['invalidhostname'] = 'Hostname darf nicht leer sein oder nur aus Leerzeichen bestehen';
+$lng['error']['invalidhostname'] = 'Hostname muss eine gültige Domain sein. Er darf weder leer sein noch nur aus Leerzeichen bestehen';
 
 $lng['traffic']['http'] = 'HTTP (MiB)';
 $lng['traffic']['ftp'] = 'FTP (MiB)';
@@ -1588,9 +1597,9 @@ $lng['integrity_check']['SubdomainLetsencrypt'] = 'Hauptdomains ohne zugewiesene
 $lng['admin']['mod_fcgid_umask']['title'] = 'Umask (Standard: 022)';
 
 // Added for let's encrypt
-$lng['admin']['letsencrypt']['title'] = 'Benutze Let\'s Encrypt';
+$lng['admin']['letsencrypt']['title'] = 'SSL Zertifikat erstellen (Let\'s Encrypt)';
 $lng['admin']['letsencrypt']['description'] = 'Holt ein kostenloses Zertifikat von <a href="https://letsencrypt.org">Let\'s Encrypt</a>. Das Zertifikat wird automatisch erstellt und verlängert.<br><strong class="red">ACHTUNG:</strong> Wenn Wildcards aktiviert sind, wird diese Option automatisch deaktiviert. Dieses Feature befindet sich noch im Test.';
-$lng['customer']['letsencrypt']['title'] = 'Benutze Let\'s Encrypt';
+$lng['customer']['letsencrypt']['title'] = 'SSL Zertifikat erstellen (Let\'s Encrypt)';
 $lng['customer']['letsencrypt']['description'] = 'Holt ein kostenloses Zertifikat von <a href="https://letsencrypt.org">Let\'s Encrypt</a>. Das Zertifikat wird automatisch erstellt und verlängert.<br><strong class="red">ACHTUNG:</strong> Dieses Feature befindet sich noch im Test.';
 $lng['error']['sslredirectonlypossiblewithsslipport'] = 'Die Nutzung von Let\'s Encrypt ist nur möglich, wenn die Domain mindestens eine IP/Port - Kombination mit aktiviertem SSL zugewiesen hat.';
 $lng['error']['nowildcardwithletsencrypt'] = 'Let\'s Encrypt kann in ACME v1 nicht mit Wildcard-Domains umgehen. Bitte den ServerAlias auf WWW setzen oder deaktivieren';
@@ -1685,7 +1694,7 @@ $lng['serversettings']['panel_customer_hide_options']['description'] = 'Wählen
 $lng['serversettings']['allow_allow_customer_shell']['title'] = 'Erlaube Kunden für FTP Benutzer eine Shell auszuwählen';
 $lng['serversettings']['allow_allow_customer_shell']['description'] = '<strong class="red">Bitte beachten: Shell Zugriff gestattet dem Benutzer verschiedene Programme auf Ihrem System auszuführen. Mit großer Vorsicht verwenden. Bitte aktiviere dies nur wenn WIRKLICH bekannt ist, was das bedeutet!!!</strong>';
 $lng['serversettings']['available_shells']['title'] = 'Liste der verfügbaren Shells';
-$lng['serversettings']['available_shells']['description'] = 'Komme-getrennte Liste von Shells die der Kunde für seine FTP-Konten wählen kann.<br><br>Hinweis: Die Standard-Shell <strong>/bin/false</strong> wird immer eine Auswahlmöglichkeit sein (wenn aktiviert), auch wenn diese Einstellung leer ist. Sie ist in jedem Fall der Standardwert für alle FTP-Konten';
+$lng['serversettings']['available_shells']['description'] = 'Komma-getrennte Liste von Shells die der Kunde für seine FTP-Konten wählen kann.<br><br>Hinweis: Die Standard-Shell <strong>/bin/false</strong> wird immer eine Auswahlmöglichkeit sein (wenn aktiviert), auch wenn diese Einstellung leer ist. Sie ist in jedem Fall der Standardwert für alle FTP-Konten';
 $lng['serversettings']['le_froxlor_enabled']['title'] = "Let's Encrypt für den froxlor Vhost verwenden";
 $lng['serversettings']['le_froxlor_enabled']['description'] = "Wenn dies aktiviert ist, erstellt froxlor für seinen vhost automatisch ein Let's Encrypt Zertifikat.";
 $lng['serversettings']['le_froxlor_redirect']['title'] = "SSL-Weiterleitung für den froxlor Vhost aktivieren";
@@ -1767,3 +1776,7 @@ $lng['admin']['plans']['use_plan'] = 'Plan übernehmen';
 $lng['question']['plan_reallydelete'] = 'Wollen Sie den Hosting-Plan "%s" wirklich löschen?';
 $lng['admin']['notryfiles']['title'] = 'Keine generierte try_files Anweisung';
 $lng['admin']['notryfiles']['description'] = 'Wähle "Ja", wenn eine eigene try_files Direktive in den "eigenen Vhost Einstellungen" angegeben werden soll (z.B. nötig für manche Wordpress Plugins).';
+$lng['serversettings']['phpfpm_settings']['override_fpmconfig'] = 'Überschreibe FPM-Daemon Einstellungen (pm, max_children, etc.)';
+$lng['serversettings']['phpfpm_settings']['override_fpmconfig_addinfo'] = '<br /><span class="red">Nur verwendet wenn "Überschreibe FPM-Daemon Einstellungen" auf "Ja" gestellt ist</span>';
+$lng['panel']['backuppath']['title'] = 'Pfad zur Ablage der Backups';
+$lng['panel']['backuppath']['description'] = 'In diesem Ordner werden die Backups abgelegt. Wenn das Sichern von Web-Daten aktiviert ist, werden alle Dateien aus dem Heimatverzeichnis gesichert, exklusive des hier angegebenen Backup-Ordners.';

scripts/jobs/cron_backup.php

@@ -79,7 +79,7 @@ $all_jobs = $result_tasks_stmt->fetchAll();
 foreach ($all_jobs as $row) {
 
 	if ($row['data'] != '') {
-		$row['data'] = unserialize($row['data']);
+		$row['data'] = json_decode($row['data'], true);
 	}
 
 	if (is_array($row['data'])) {
@@ -91,6 +91,7 @@ foreach ($all_jobs as $row) {
 				$row['data']['destdir'] = makeCorrectDir($row['data']['destdir']);
 				$customerdocroot = makeCorrectDir(Settings::Get('system.documentroot_prefix').'/'.$row['data']['loginname'].'/');
 
+				// create folder if not exists
 				if (!file_exists($row['data']['destdir'])
 					&& $row['data']['destdir'] != '/'
 					&& $row['data']['destdir'] != Settings::Get('system.documentroot_prefix')

scripts/jobs/cron_letsencrypt.php

@@ -60,6 +60,7 @@ $certificates_stmt = Database::query("
 				dom.`id` = domssl.`domainid`
 		WHERE
 			dom.`customerid` = cust.`customerid`
+			AND cust.deactivated = 0
 			AND dom.`letsencrypt` = 1
 			AND dom.`aliasdomain` IS NULL
 			AND dom.`iswildcarddomain` = 0
@@ -92,6 +93,7 @@ $updcert_stmt = Database::prepare("
 			`ssl_ca_file` = :ca,
 			`ssl_cert_chainfile` = :chain,
 			`ssl_csr_file` = :csr,
+			`ssl_fullchain_file` = :fullchain,
 			`expirationdate` = :expirationdate
 	");
 
@@ -182,6 +184,7 @@ if (Settings::Get('system.le_froxlor_enabled') == '1') {
 				'ca' => $return['chain'],
 				'chain' => $return['chain'],
 				'csr' => $return['csr'],
+				'fullchain' => $return['fullchain'],
 				'expirationdate' => date('Y-m-d H:i:s', $newcert['validTo_time_t'])
 			));
 
@@ -257,6 +260,7 @@ foreach ($certrows as $certrow) {
 				'ca' => $return['chain'],
 				'chain' => $return['chain'],
 				'csr' => $return['csr'],
+				'fullchain' => $return['fullchain'],
 				'expirationdate' => date('Y-m-d H:i:s', $newcert['validTo_time_t'])
 			));
 

scripts/jobs/cron_letsencrypt_v2.php

@@ -45,6 +45,7 @@ $certificates_stmt = Database::query("
 			cust.`leprivatekey`,
 			cust.`lepublickey`,
 			cust.`leregistered`,
+			cust.`leaccount`,
 			cust.`customerid`,
 			cust.`loginname`
 		FROM
@@ -55,6 +56,7 @@ $certificates_stmt = Database::query("
 				dom.`id` = domssl.`domainid`
 		WHERE
 			dom.`customerid` = cust.`customerid`
+			AND cust.deactivated = 0
 			AND dom.`letsencrypt` = 1
 			AND dom.`aliasdomain` IS NULL
 			AND dom.`iswildcarddomain` = 0
@@ -88,6 +90,7 @@ $updcert_stmt = Database::prepare("
 			`ssl_ca_file` = :ca,
 			`ssl_cert_chainfile` = :chain,
 			`ssl_csr_file` = :csr,
+			`ssl_fullchain_file` = :fullchain,
 			`expirationdate` = :expirationdate
 	");
 
@@ -107,6 +110,7 @@ if (Settings::Get('system.le_froxlor_enabled') == '1') {
 		'leprivatekey' => Settings::Get('system.leprivatekey'),
 		'lepublickey' => Settings::Get('system.lepublickey'),
 		'leregistered' => Settings::Get('system.leregistered'),
+		'leaccount' => Settings::Get('system.leaccount'),
 		'ssl_redirect' => Settings::Get('system.le_froxlor_redirect'),
 		'expirationdate' => null,
 		'ssl_cert_file' => null,
@@ -178,6 +182,7 @@ if (Settings::Get('system.le_froxlor_enabled') == '1') {
 				'ca' => $return['chain'],
 				'chain' => $return['chain'],
 				'csr' => $return['csr'],
+				'fullchain' => $return['fullchain'],
 				'expirationdate' => date('Y-m-d H:i:s', $newcert['validTo_time_t'])
 			));
 
@@ -261,6 +266,7 @@ foreach ($certrows as $certrow) {
 				'ca' => $return['chain'],
 				'chain' => $return['chain'],
 				'csr' => $return['csr'],
+				'fullchain' => $return['fullchain'],
 				'expirationdate' => date('Y-m-d H:i:s', $newcert['validTo_time_t'])
 			));
 

scripts/jobs/cron_tasks.inc.http.10.apache.php

@@ -66,8 +66,8 @@ class apache extends HttpConfigBase
 			foreach ($restart_cmds as $restart_cmd) {
 				// check whether the config dir is empty (no domains uses this daemon)
 				// so we need to create a dummy
-				$isDirEmpty = !(new \FilesystemIterator($restart_cmd['config_dir']))->valid();
-				if ($isDirEmpty) {
+				$_conffiles = glob(makeCorrectFile($restart_cmd['config_dir'] . "/*.conf"));
+				if ($_conffiles === false || empty($_conffiles)) {
 					$this->logger->logAction(CRON_ACTION, LOG_INFO, 'apache::reload: fpm config directory "' . $restart_cmd['config_dir'] . '" is empty. Creating dummy.');
 					phpinterface_fpm::createDummyPool($restart_cmd['config_dir']);
 				}
@@ -359,8 +359,8 @@ class apache extends HttpConfigBase
 							// start block, cut off last pipe and close block
 							$filesmatch = '('.str_replace(".", "\.", substr($filesmatch, 0, -1)).')';
 							$this->virtualhosts_data[$vhosts_filename] .= '   <FilesMatch \.'.$filesmatch.'$>'. "\n";
-							$this->virtualhosts_data[$vhosts_filename] .= '     AddHandler php5-fastcgi .php' . "\n";
-							$this->virtualhosts_data[$vhosts_filename] .= '     Action php5-fastcgi /fastcgiphp' . "\n";
+							$this->virtualhosts_data[$vhosts_filename] .= '     AddHandler php-fastcgi .php' . "\n";
+							$this->virtualhosts_data[$vhosts_filename] .= '     Action php-fastcgi /fastcgiphp' . "\n";
 							$this->virtualhosts_data[$vhosts_filename] .= '      Options +ExecCGI' . "\n";
 							$this->virtualhosts_data[$vhosts_filename] .= '    </FilesMatch>' . "\n";
 							// >=apache-2.4 enabled?
@@ -722,19 +722,44 @@ class apache extends HttpConfigBase
 		
 		// The normal access/error - logging is enabled
 		$error_log = makeCorrectFile(Settings::Get('system.logfiles_directory') . $domain['loginname'] . $speciallogfile . '-error.log');
-		// Create the logfile if it does not exist (fixes #46)
-		touch($error_log);
-		chown($error_log, Settings::Get('system.httpuser'));
-		chgrp($error_log, Settings::Get('system.httpgroup'));
-		
 		$access_log = makeCorrectFile(Settings::Get('system.logfiles_directory') . $domain['loginname'] . $speciallogfile . '-access.log');
-		// Create the logfile if it does not exist (fixes #46)
-		touch($access_log);
-		chown($access_log, Settings::Get('system.httpuser'));
-		chgrp($access_log, Settings::Get('system.httpgroup'));
 		
-		$logfiles_text .= '  ErrorLog "' . $error_log . "\"\n";
-		$logfiles_text .= '  CustomLog "' . $access_log . '" combined' . "\n";
+		$logtype = 'combined';
+		if (Settings::Get('system.logfiles_format') != '') {
+			$logtype = 'frx_custom';
+			$logfiles_text .= '  LogFormat "' . Settings::Get('system.logfiles_format') . '" ' . $logtype . "\n";
+		}
+		if (Settings::Get('system.logfiles_type') == '2' && Settings::Get('system.logfiles_format') == '') {
+			$logtype = 'vhost_combined';
+		}
+
+		if (Settings::Get('system.logfiles_piped') == '1' && Settings::Get('system.logfiles_script') != '') {
+			// replace for error_log
+			$command = replace_variables(Settings::Get('system.logfiles_script'), array(
+				'LOGFILE' => $error_log,
+				'DOMAIN' => $domain['domain'],
+				'CUSTOMER' => $domain['loginname']
+			));
+			$logfiles_text .= '  ErrorLog "| ' . $command . "\"\n";
+			// replace for access_log
+			$command = replace_variables(Settings::Get('system.logfiles_script'), array(
+				'LOGFILE' => $access_log,
+				'DOMAIN' => $domain['domain'],
+				'CUSTOMER' => $domain['loginname']
+			));
+			$logfiles_text .= '  CustomLog "| ' . $command . '" ' . $logtype . "\n";
+		} else {
+			// Create the logfile if it does not exist (fixes #46)
+			touch($error_log);
+			chown($error_log, Settings::Get('system.httpuser'));
+			chgrp($error_log, Settings::Get('system.httpgroup'));
+			touch($access_log);
+			chown($access_log, Settings::Get('system.httpuser'));
+			chgrp($access_log, Settings::Get('system.httpgroup'));
+
+			$logfiles_text .= '  ErrorLog "' . $error_log . '"' . "\n";
+			$logfiles_text .= '  CustomLog "' . $access_log . '" ' . $logtype . "\n";
+		}
 		
 		if (Settings::Get('system.awstats_enabled') == '1') {
 			if ((int) $domain['parentdomainid'] == 0) {
@@ -963,7 +988,7 @@ class apache extends HttpConfigBase
 			$corrected_docroot = $domain['documentroot'];
 			
 			// Get domain's redirect code
-			$code = getDomainRedirectCode($domain['id'], '301');
+			$code = getDomainRedirectCode($domain['id']);
 			$modrew_red = '';
 			if ($code != '') {
 				$modrew_red = ' [R=' . $code . ';L,NE]';

scripts/jobs/cron_tasks.inc.http.15.apache_fcgid.php

@@ -91,8 +91,8 @@ class apache_fcgid extends apache
 					// start block, cut off last pipe and close block
 					$filesmatch = '('.str_replace(".", "\.", substr($filesmatch, 0, -1)).')';
 					$php_options_text.= '    <FilesMatch \.'.$filesmatch.'$>'. "\n";
-					$php_options_text.= '      SetHandler php5-fastcgi'. "\n";
-					$php_options_text.= '      Action php5-fastcgi /fastcgiphp' . "\n";
+					$php_options_text.= '      SetHandler php-fastcgi'. "\n";
+					$php_options_text.= '      Action php-fastcgi /fastcgiphp' . "\n";
 					$php_options_text.= '      Options +ExecCGI' . "\n";
 					$php_options_text.= '    </FilesMatch>' . "\n";
 					// >=apache-2.4 enabled?

scripts/jobs/cron_tasks.inc.http.20.lighttpd.php

@@ -66,8 +66,8 @@ class lighttpd extends HttpConfigBase
 			foreach ($restart_cmds as $restart_cmd) {
 				// check whether the config dir is empty (no domains uses this daemon)
 				// so we need to create a dummy
-				$isDirEmpty = !(new \FilesystemIterator($restart_cmd['config_dir']))->valid();
-				if ($isDirEmpty) {
+				$_conffiles = glob(makeCorrectFile($restart_cmd['config_dir'] . "/*.conf"));
+				if ($_conffiles === false || empty($_conffiles)) {
 					$this->logger->logAction(CRON_ACTION, LOG_INFO, 'lighttpd::reload: fpm config directory "' . $restart_cmd['config_dir'] . '" is empty. Creating dummy.');
 					phpinterface_fpm::createDummyPool($restart_cmd['config_dir']);
 				}
@@ -466,7 +466,7 @@ class lighttpd extends HttpConfigBase
 			$uri = $domain['documentroot'];
 
 			// Get domain's redirect code
-			$code = getDomainRedirectCode($domain['id'], '301');
+			$code = getDomainRedirectCode($domain['id']);
 
 			$vhost_content .= '  url.redirect-code = ' . $code. "\n";
 			$vhost_content .= '  url.redirect = (' . "\n";

scripts/jobs/cron_tasks.inc.http.30.nginx.php

@@ -81,8 +81,8 @@ class nginx extends HttpConfigBase
 			foreach ($restart_cmds as $restart_cmd) {
 				// check whether the config dir is empty (no domains uses this daemon)
 				// so we need to create a dummy
-				$isDirEmpty = !(new \FilesystemIterator($restart_cmd['config_dir']))->valid();
-				if ($isDirEmpty) {
+				$_conffiles = glob(makeCorrectFile($restart_cmd['config_dir'] . "/*.conf"));
+				if ($_conffiles === false || empty($_conffiles)) {
 					$this->logger->logAction(CRON_ACTION, LOG_INFO, 'nginx::reload: fpm config directory "' . $restart_cmd['config_dir'] . '" is empty. Creating dummy.');
 					phpinterface_fpm::createDummyPool($restart_cmd['config_dir']);
 				}
@@ -238,7 +238,7 @@ class nginx extends HttpConfigBase
 					} else {
 						$_sslport = $this->checkAlternativeSslPort();
 						$mypath = 'https://' . Settings::Get('system.hostname') . $_sslport . '/';
-						$this->nginx_data[$vhost_filename] .= "\t" . 'if ($request_uri !~ ^/.well-known/acme-challenge/\w+$) {' . "\n";
+						$this->nginx_data[$vhost_filename] .= "\t" . 'if ($request_uri !~ ^/.well-known/acme-challenge/[-\w]+$) {' . "\n";
 						$this->nginx_data[$vhost_filename] .= "\t\t" . 'return 301 ' . $mypath . '$request_uri;' . "\n";
 						$this->nginx_data[$vhost_filename] .= "\t" . '}' . "\n";
 					}
@@ -485,9 +485,9 @@ class nginx extends HttpConfigBase
 			}
 
 			// Get domain's redirect code
-			$code = getDomainRedirectCode($domain['id'], '301');
+			$code = getDomainRedirectCode($domain['id']);
 
-			$vhost_content .= "\t" . 'if ($request_uri !~ ^/.well-known/acme-challenge/\w+$) {' . "\n";
+			$vhost_content .= "\t" . 'if ($request_uri !~ ^/.well-known/acme-challenge/[-\w]+$) {' . "\n";
 			$vhost_content .= "\t\t" . 'return ' . $code .' ' . $uri . '$request_uri;' . "\n";
 			$vhost_content .= "\t" . '}' . "\n";
 		} else {
@@ -1005,7 +1005,13 @@ class nginx extends HttpConfigBase
 		chown($access_log, Settings::Get('system.httpuser'));
 		chgrp($access_log, Settings::Get('system.httpgroup'));
 
-		$logfiles_text .= "\t" . 'access_log    ' . $access_log . ' combined;' . "\n";
+		$logtype = 'combined';
+		if (Settings::Get('system.logfiles_format') != '') {
+			$logtype = 'frx_custom';
+			$logfiles_text .= "\t" . 'log_format ' . $logtype . ' "' . Settings::Get('system.logfiles_format') . '";' . "\n";
+		}
+
+		$logfiles_text .= "\t" . 'access_log    ' . $access_log . ' ' . $logtype . ';' . "\n";
 		$logfiles_text .= "\t" . 'error_log    ' . $error_log . ' error;' . "\n";
 
 		if (Settings::Get('system.awstats_enabled') == '1') {

scripts/jobs/cron_tasks.php

@@ -43,7 +43,7 @@ while ($row = $result_tasks_stmt->fetch(PDO::FETCH_ASSOC)) {
 	$resultIDs[] = $row['id'];
 
 	if ($row['data'] != '') {
-		$row['data'] = unserialize($row['data']);
+		$row['data'] = json_decode($row['data'], true);
 	}
 
 	/**

templates/Sparkle/admin/tickets/archive.tpl

@@ -60,7 +60,7 @@ $header
  			<tr>
 				<td>{$lng['ticket']['lastchange']}:</td>
 				<td>
-					<label for="fromdate">{$lng['ticket']['lastchange_from']}<br /><input type="text" id="fromdate" name="fromdate" /></label>
+					<label for="fromdate">{$lng['ticket']['lastchange_from']}<br /><input type="text" id="fromdate" name="fromdate" /></label><br />
 					<label for="todate">{$lng['ticket']['lastchange_to']}<br /><input type="text" id="todate" name="todate" /></label>
 				</td>
  			</tr>

templates/Sparkle/assets/js/circular.js

@@ -75,7 +75,7 @@ $(document).ready(function() {
 				circularCircle(canvas, 42, 0, 270, 4, usedColor);
 				circularCircle(canvas, 38, 0, 270, 4, assiColor);
 			}
-			circularText(canvas, 60, 42, 26, "∞")
+			circularText(canvas, 60, 42, 26, "∞");
 		} else if (!isNaN(assigned)) {
 			// Limited ressources but assigned
 			available = parseFloat(available);
@@ -90,7 +90,7 @@ $(document).ready(function() {
 			circularText(canvas, 60, 42, 22, usedP + "%");
 		} else if (available == "∞") {
 			circularCircle(canvas, 40, 0, 270, 8, unliColor);
-			circularText(canvas, 60, 42, 26, "∞")
+			circularText(canvas, 60, 42, 26, "∞");
 		} else {
 			// Limited ressources
 			available = parseFloat(available);
@@ -111,7 +111,7 @@ $(document).ready(function() {
 			if (usedP > 100) {
 				circularText(canvas, 60, 42, 22, usedP + "%", overColor);
 			} else {
-				circularText(canvas, 60, 42, 22, usedP + "%")
+				circularText(canvas, 60, 42, 22, usedP + "%");
 			}
 			
 			

templates/Sparkle/assets/js/customers.js

@@ -30,7 +30,7 @@ $(document).ready(function() {
 		        },
 		        dataType: "json",
 		        success: function(json) {
-		        	for (i in json) {
+				for (var i in json) {
 		        		if (i == 'email_imap' || i == 'email_pop3' || i == 'perlenabled' || i == 'phpenabled' || i == 'dnsenabled') {
 		        			/** handle checkboxes **/
 		        			if (json[i] == 1) {
@@ -42,8 +42,8 @@ $(document).ready(function() {
 		        			/** handle array of values **/
 		        			$("input[name='allowed_phpconfigs[]']").each(function(index) {
 		        				$(this).prop('checked', false);
-		        				for (j in json[i]) {
-		                        	if ($(this).val() == json[i][j]) {
+							for (var j in json[i]) {
+								if ($(this).val() == json[i][j]) {
 				        				$(this).prop('checked', true);
 				        				break;
 				        			}

templates/Sparkle/assets/js/domains.js

@@ -35,7 +35,7 @@ $(document).ready(function() {
                     $('#phpsettingid option').each(function() {
                         var pid = $(this).val();
                         $(this).attr("disabled", "disabled");
-                        for (i in json) {
+                        for (var i in json) {
                         	if (pid == json[i]) {
                             	$(this).removeAttr("disabled");
                             }

templates/Sparkle/ssl_certificates/certs_cert.tpl

@@ -1,6 +1,6 @@
 <tr <if !$isValid>class="domain-expired"</if>>
 	<td>
-		<a href="http://{$row['domain']}" target="_blank">{$row['domain']}</a>
+		<a href="https://{$row['domain']}" target="_blank">{$row['domain']}</a>
 		{$adminCustomerLink}
 	</td>
 	<td>
@@ -8,7 +8,7 @@
 		<if !empty($san_list)><br>SAN: {$san_list}</if>
 	</td>
 	<td>
-		{$cert_data['issuer']['O']}
+		<if isset($cert_data['issuer']['O']) && !empty($cert_data['issuer']['O'])>{$cert_data['issuer']['O']}</if>
 	</td>
 	<td>
 		{$validFrom}

templates/misc/standardcustomer/index.html

@@ -57,7 +57,7 @@
 		<footer>
 			<span>
 				<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEgAAAAQCAYAAAC1MDndAAAACXBIWXMAAAsTAAALEwEAmpwYAAAKT2lDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAHjanVNnVFPpFj333vRCS4iAlEtvUhUIIFJCi4AUkSYqIQkQSoghodkVUcERRUUEG8igiAOOjoCMFVEsDIoK2AfkIaKOg6OIisr74Xuja9a89+bN/rXXPues852zzwfACAyWSDNRNYAMqUIeEeCDx8TG4eQuQIEKJHAAEAizZCFz/SMBAPh+PDwrIsAHvgABeNMLCADATZvAMByH/w/qQplcAYCEAcB0kThLCIAUAEB6jkKmAEBGAYCdmCZTAKAEAGDLY2LjAFAtAGAnf+bTAICd+Jl7AQBblCEVAaCRACATZYhEAGg7AKzPVopFAFgwABRmS8Q5ANgtADBJV2ZIALC3AMDOEAuyAAgMADBRiIUpAAR7AGDIIyN4AISZABRG8lc88SuuEOcqAAB4mbI8uSQ5RYFbCC1xB1dXLh4ozkkXKxQ2YQJhmkAuwnmZGTKBNA/g88wAAKCRFRHgg/P9eM4Ors7ONo62Dl8t6r8G/yJiYuP+5c+rcEAAAOF0ftH+LC+zGoA7BoBt/qIl7gRoXgugdfeLZrIPQLUAoOnaV/Nw+H48PEWhkLnZ2eXk5NhKxEJbYcpXff5nwl/AV/1s+X48/Pf14L7iJIEyXYFHBPjgwsz0TKUcz5IJhGLc5o9H/LcL//wd0yLESWK5WCoU41EScY5EmozzMqUiiUKSKcUl0v9k4t8s+wM+3zUAsGo+AXuRLahdYwP2SycQWHTA4vcAAPK7b8HUKAgDgGiD4c93/+8//UegJQCAZkmScQAAXkQkLlTKsz/HCAAARKCBKrBBG/TBGCzABhzBBdzBC/xgNoRCJMTCQhBCCmSAHHJgKayCQiiGzbAdKmAv1EAdNMBRaIaTcA4uwlW4Dj1wD/phCJ7BKLyBCQRByAgTYSHaiAFiilgjjggXmYX4IcFIBBKLJCDJiBRRIkuRNUgxUopUIFVIHfI9cgI5h1xGupE7yAAygvyGvEcxlIGyUT3UDLVDuag3GoRGogvQZHQxmo8WoJvQcrQaPYw2oefQq2gP2o8+Q8cwwOgYBzPEbDAuxsNCsTgsCZNjy7EirAyrxhqwVqwDu4n1Y8+xdwQSgUXACTYEd0IgYR5BSFhMWE7YSKggHCQ0EdoJNwkDhFHCJyKTqEu0JroR+cQYYjIxh1hILCPWEo8TLxB7iEPENyQSiUMyJ7mQAkmxpFTSEtJG0m5SI+ksqZs0SBojk8naZGuyBzmULCAryIXkneTD5DPkG+Qh8lsKnWJAcaT4U+IoUspqShnlEOU05QZlmDJBVaOaUt2ooVQRNY9aQq2htlKvUYeoEzR1mjnNgxZJS6WtopXTGmgXaPdpr+h0uhHdlR5Ol9BX0svpR+iX6AP0dwwNhhWDx4hnKBmbGAcYZxl3GK+YTKYZ04sZx1QwNzHrmOeZD5lvVVgqtip8FZHKCpVKlSaVGyovVKmqpqreqgtV81XLVI+pXlN9rkZVM1PjqQnUlqtVqp1Q61MbU2epO6iHqmeob1Q/pH5Z/YkGWcNMw09DpFGgsV/jvMYgC2MZs3gsIWsNq4Z1gTXEJrHN2Xx2KruY/R27iz2qqaE5QzNKM1ezUvOUZj8H45hx+Jx0TgnnKKeX836K3hTvKeIpG6Y0TLkxZVxrqpaXllirSKtRq0frvTau7aedpr1Fu1n7gQ5Bx0onXCdHZ4/OBZ3nU9lT3acKpxZNPTr1ri6qa6UbobtEd79up+6Ynr5egJ5Mb6feeb3n+hx9L/1U/W36p/VHDFgGswwkBtsMzhg8xTVxbzwdL8fb8VFDXcNAQ6VhlWGX4YSRudE8o9VGjUYPjGnGXOMk423GbcajJgYmISZLTepN7ppSTbmmKaY7TDtMx83MzaLN1pk1mz0x1zLnm+eb15vft2BaeFostqi2uGVJsuRaplnutrxuhVo5WaVYVVpds0atna0l1rutu6cRp7lOk06rntZnw7Dxtsm2qbcZsOXYBtuutm22fWFnYhdnt8Wuw+6TvZN9un2N/T0HDYfZDqsdWh1+c7RyFDpWOt6azpzuP33F9JbpL2dYzxDP2DPjthPLKcRpnVOb00dnF2e5c4PziIuJS4LLLpc+Lpsbxt3IveRKdPVxXeF60vWdm7Obwu2o26/uNu5p7ofcn8w0nymeWTNz0MPIQ+BR5dE/C5+VMGvfrH5PQ0+BZ7XnIy9jL5FXrdewt6V3qvdh7xc+9j5yn+M+4zw33jLeWV/MN8C3yLfLT8Nvnl+F30N/I/9k/3r/0QCngCUBZwOJgUGBWwL7+Hp8Ib+OPzrbZfay2e1BjKC5QRVBj4KtguXBrSFoyOyQrSH355jOkc5pDoVQfujW0Adh5mGLw34MJ4WHhVeGP45wiFga0TGXNXfR3ENz30T6RJZE3ptnMU85ry1KNSo+qi5qPNo3ujS6P8YuZlnM1VidWElsSxw5LiquNm5svt/87fOH4p3iC+N7F5gvyF1weaHOwvSFpxapLhIsOpZATIhOOJTwQRAqqBaMJfITdyWOCnnCHcJnIi/RNtGI2ENcKh5O8kgqTXqS7JG8NXkkxTOlLOW5hCepkLxMDUzdmzqeFpp2IG0yPTq9MYOSkZBxQqohTZO2Z+pn5mZ2y6xlhbL+xW6Lty8elQfJa7OQrAVZLQq2QqboVFoo1yoHsmdlV2a/zYnKOZarnivN7cyzytuQN5zvn//tEsIS4ZK2pYZLVy0dWOa9rGo5sjxxedsK4xUFK4ZWBqw8uIq2Km3VT6vtV5eufr0mek1rgV7ByoLBtQFr6wtVCuWFfevc1+1dT1gvWd+1YfqGnRs+FYmKrhTbF5cVf9go3HjlG4dvyr+Z3JS0qavEuWTPZtJm6ebeLZ5bDpaql+aXDm4N2dq0Dd9WtO319kXbL5fNKNu7g7ZDuaO/PLi8ZafJzs07P1SkVPRU+lQ27tLdtWHX+G7R7ht7vPY07NXbW7z3/T7JvttVAVVN1WbVZftJ+7P3P66Jqun4lvttXa1ObXHtxwPSA/0HIw6217nU1R3SPVRSj9Yr60cOxx++/p3vdy0NNg1VjZzG4iNwRHnk6fcJ3/ceDTradox7rOEH0x92HWcdL2pCmvKaRptTmvtbYlu6T8w+0dbq3nr8R9sfD5w0PFl5SvNUyWna6YLTk2fyz4ydlZ19fi753GDborZ752PO32oPb++6EHTh0kX/i+c7vDvOXPK4dPKy2+UTV7hXmq86X23qdOo8/pPTT8e7nLuarrlca7nuer21e2b36RueN87d9L158Rb/1tWeOT3dvfN6b/fF9/XfFt1+cif9zsu72Xcn7q28T7xf9EDtQdlD3YfVP1v+3Njv3H9qwHeg89HcR/cGhYPP/pH1jw9DBY+Zj8uGDYbrnjg+OTniP3L96fynQ89kzyaeF/6i/suuFxYvfvjV69fO0ZjRoZfyl5O/bXyl/erA6xmv28bCxh6+yXgzMV70VvvtwXfcdx3vo98PT+R8IH8o/2j5sfVT0Kf7kxmTk/8EA5jz/GMzLdsAAAAgY0hSTQAAeiUAAICDAAD5/wAAgOkAAHUwAADqYAAAOpgAABdvkl/FRgAAAy1JREFUeNrs1muIVlUUBuBnvqZkoswudKErZFOG0kWt6WpN0wWCDMOsgX4UmVS/KovKhIKYLhRBJvV1o/5VlJCmYEmUFYijaBYhSRQVBVE0ZnRBJ/vzfnA4nDN+wTh/pgWHc/baa6+z97v3et/d0Ww24SQ8ij5MNL7tN6zBvdjWiZOxDpP8b3JA5qAXPQ0MtAnOm9jZBvqbsQHbsGsMFrQLv+KPUc47CQONlFXZPsNfJd/buBrDFfHDWIDDcAZmohsPjwFAD+EQnL8Xcl/WqOGc+/FJyXcxVuHJivjX8Hx2cwGeweO4fIxOkL10Wg9o1HSsxUcl30V5P1JxnFuxp+M53I67cQ5mYwZexj2YlnarJBdl3BE4FfPxdfofSOwNhX+uwgXxf1Uz/024DpNxFHrwRIEiPs74XnyIq3A8Xion6qxIvj0TX1vyb8x7CJ/jrELfjrx/zgmS0p2bCWzHzejAQTgmO35J+OpInIcv8GLKeROuzcI24lAsRH/yzcGJFfMfDIB/B/ipeD8bNojX8W1hPR+gCxPwTzsAdaGRgTeGrAZLJXd4zc59l1Jr2dzC91S8g+PSXhFwGgGxO4s6Bd9gaQRkAHdhSQHso/FCzRweS56ezLmB1bgCb+DBCg67rwaLSud+uDAAvVLRfw1OqCO18JEKbusvgNMqA/F153sCpgegT+O7Iwt8NwrZwKsh5irbUuDMFoXMquhv2eKRSKiOg54OUFXSt3SEfPvi4Dz77IEAW/8uH+vdpf6dkXGF+F9GyNtRkXe4or8tqwNoWrigbDeFTEfDZhbKckuBy9blu0XkC1Pi++PK+Objy5q80/NeXSDl9wrgnDkaAIlyzCj5zh1FCb00JL07Jd2LKfgBx+LWXE6XJP6pcMiUiMg8/FmRd3GEYHNiZ+H6wgZP/i+T7MzPJo5wkjYU2t01cWfjp6hH2WZn0adVbM7KALAS3weYftwZIVgTIHtxS8YtD6kOYX2Uqi8iIKCsD6CDhXnNi+iI+vXhwD3g83tHs9l8K5JZZbfh2UL7x0jyeLFljVzUhtoc0DWOwBnCoga25s6wrHDhG8+2I1j0YOu/AwBUU7aBHvM/ZwAAAABJRU5ErkJggg==" style="height: 13px; margin: 0 2px 3px 0; vertical-align:middle;"/>
- &copy; 2009-2017 by <a href="http://www.froxlor.org">the Froxlor Team</a>
+ &copy; 2009-2018 by <a href="http://www.froxlor.org">the Froxlor Team</a>
 			</span>
 		</footer>
 	</body>