updated dmarc entry

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

.drone.yml

@@ -0,0 +1,40 @@
+kind: pipeline
+name: deploy-froxlor
+type: docker
+
+platform:
+  os: linux
+  arch: arm64
+
+trigger:
+  branch:
+    - live
+  event:
+    include:
+     - push
+     
+steps:
+- name: deploy
+  image: cr.wks/drone/drone-rsync:latest
+  settings:
+    hosts: ["rechner02.maketank.net"]
+    source: ./
+    target: ~/froxlor-test
+    user: www-data
+    exclude: ['vendor', '.git*', '*drone.yml', '.settings', '.buildpath', '.editorconfig', '.project', '.travis.yml']
+    args: '-v --delete'
+    log_level: quiet
+    key: 
+      from_secret: ssh-www-data-maketank-rsa
+    command_timeout: 10m
+- name: compose-install
+  image: appleboy/drone-ssh
+  settings:
+    host:
+        - rechner02.maketank.net
+    username: www-data
+    key:
+        from_secret: ssh-www-data-maketank-rsa
+    script:
+        - cd ~/froxlor-test && composer install --no-dev
+        

.gitignore

@@ -14,6 +14,7 @@ logs/*
 *.iml
 img/
 
+!templates/Maketank/
 !templates/Froxlor/
 !templates/Sparkle/
 !templates/misc/

README.md

@@ -54,24 +54,24 @@ May be found in [COPYING](COPYING)
 ### Tarball
 https://files.froxlor.org/releases/froxlor-latest.tar.gz [MD5](https://files.froxlor.org/releases/froxlor-latest.tar.gz.md5) [SHA1](https://files.froxlor.org/releases/froxlor-latest.tar.gz.sha1)
 
-### Debian repository
+### Debian / Ubutnu repository
 
 [HowTo](https://docs.froxlor.org/general/installation/aptpackage.html)
 
-```
+#### Debian
-apt-get -y install apt-transport-https lsb-release ca-certificates
-wget -O - https://deb.froxlor.org/froxlor.gpg | apt-key add -
-echo "deb https://deb.froxlor.org/debian $(lsb_release -sc) main" > /etc/apt/sources.list.d/froxlor.list
-```
-
-### Ubuntu repository
-
-[HowTo](https://docs.froxlor.org/general/installation/aptpackage.html)
 
 ```
-apt-get -y install apt-transport-https lsb-release ca-certificates
+apt-get -y install apt-transport-https lsb-release ca-certificates curl
-wget -O - https://deb.froxlor.org/froxlor.gpg | apt-key add -
+curl -sSLo /usr/share/keyrings/deb.froxlor.org-froxlor.gpg https://deb.froxlor.org/froxlor.gpg
-echo "deb https://deb.froxlor.org/ubuntu $(lsb_release -sc) main" > /etc/apt/sources.list.d/froxlor.list
+sh -c 'echo "deb [signed-by=/usr/share/keyrings/deb.froxlor.org-froxlor.gpg] https://deb.froxlor.org/debian $(lsb_release -sc) main" > /etc/apt/sources.list.d/froxlor.list'
+```
+
+#### Ubuntu
+
+```
+apt-get -y install apt-transport-https lsb-release ca-certificates curl
+curl -sSLo /usr/share/keyrings/deb.froxlor.org-froxlor.gpg https://deb.froxlor.org/froxlor.gpg
+sh -c 'echo "deb [signed-by=/usr/share/keyrings/deb.froxlor.org-froxlor.gpg] https://deb.froxlor.org/ubuntu $(lsb_release -sc) main" > /etc/apt/sources.list.d/froxlor.list'
 ```
 
 ## Contributing

actions/admin/settings/131.ssl.php

@@ -229,7 +229,7 @@ return array(
 					'default' => true,
 					'save_method' => 'storeSettingField'
 				),
-				'system_disable_le_selfcheck' => array(
+				'system_le_domain_dnscheck' => array(
 					'label' => $lng['serversettings']['le_domain_dnscheck'],
 					'settinggroup' => 'system',
 					'varname' => 'le_domain_dnscheck',

actions/admin/settings/150.mail.php

@@ -90,7 +90,23 @@ return array(
 					'varname' => 'catchall_enabled',
 					'type' => 'bool',
 					'default' => true,
-					'save_method' => 'storeSettingResetCatchall'
+					'save_method' => 'storeSettingResetCatchall',
+					),
+				'mail_greylist_enabled' => array(
+						'label' => $lng['serversettings']['greylist_enabled'],
+						'settinggroup' => 'mail',
+						'varname' => 'greylist_enabled',
+						'type' => 'bool',
+						'default' => true,
+						'save_method' => 'storeSettingField',
+				),
+				'mail_greylist_disabled_default' => array(
+						'label' => $lng['serversettings']['greylist_disabled_default'],
+						'settinggroup' => 'mail',
+						'varname' => 'greylist_disabled_default',
+						'type' => 'bool',
+						'default' => false,
+						'save_method' => 'storeSettingField',
 				),
 				'system_mailtraffic_enabled' => array(
 					'label' => $lng['serversettings']['mailtraffic_enabled'],

admin_admins.php

@@ -260,7 +260,7 @@ if ($page == 'admins' && $userinfo['change_serversettings'] == '1') {
 				$dec_places = Settings::Get('panel.decimal_places');
 				$result['traffic'] = round($result['traffic'] / (1024 * 1024), $dec_places);
 				$result['diskspace'] = round($result['diskspace'] / 1024, $dec_places);
-				$result['email'] = $idna_convert->decode($result['email']);
+				$result['email'] = $idna_convert->decode($result['email'] ?? '');
 
 				$customers_ul = \Froxlor\UI\HTML::makecheckbox('customers_ul', $lng['customer']['unlimited'], '-1', false, $result['customers'], true, true);
 				if ($result['customers'] == '-1') {

admin_customers.php

@@ -298,6 +298,7 @@ if ($page == 'customers' && $userinfo['customers'] != '0') {
 			$email_quota_ul = \Froxlor\UI\HTML::makecheckbox('email_quota_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$ftps_ul = \Froxlor\UI\HTML::makecheckbox('ftps_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 			$mysqls_ul = \Froxlor\UI\HTML::makecheckbox('mysqls_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
+			$nextcloud_quota_ul = \Froxlor\UI\HTML::makecheckbox('nextcloud_quota_ul', $lng['customer']['unlimited'], '-1', false, '0', true, true);
 
 			$gender_options = \Froxlor\UI\HTML::makeoption($lng['gender']['undef'], 0, true, true, true);
 			$gender_options .= \Froxlor\UI\HTML::makeoption($lng['gender']['male'], 1, null, true, true);
@@ -395,13 +396,18 @@ if ($page == 'customers' && $userinfo['customers'] != '0') {
 				$dec_places = Settings::Get('panel.decimal_places');
 				$result['traffic'] = round($result['traffic'] / (1024 * 1024), $dec_places);
 				$result['diskspace'] = round($result['diskspace'] / 1024, $dec_places);
-				$result['email'] = $idna_convert->decode($result['email']);
+				$result['email'] = $idna_convert->decode($result['email'] ?? '');
 
+				$nextcloud_quota_ul = \Froxlor\UI\HTML::makecheckbox('nextcloud_quota_ul', $lng['customer']['unlimited'], '-1', false, $result['nextcloud_quota'], true, true);
+				if ($result['nextcloud_quota'] == '-1') {
+				    $result['nextcloud_quota'] = '';
+				}
+				
 				$diskspace_ul = \Froxlor\UI\HTML::makecheckbox('diskspace_ul', $lng['customer']['unlimited'], '-1', false, $result['diskspace'], true, true);
 				if ($result['diskspace'] == '-1') {
 					$result['diskspace'] = '';
 				}
-
+    
 				$traffic_ul = \Froxlor\UI\HTML::makecheckbox('traffic_ul', $lng['customer']['unlimited'], '-1', false, $result['traffic'], true, true);
 				if ($result['traffic'] == '-1') {
 					$result['traffic'] = '';

admin_domains.php

@@ -148,7 +148,7 @@ if ($page == 'domains' || $page == 'overview') {
 			$customers = \Froxlor\UI\HTML::makeoption($lng['panel']['please_choose'], 0, 0, true);
 			$result_customers_stmt = Database::prepare("
 					SELECT `customerid`, `loginname`, `name`, `firstname`, `company`
-					FROM `" . TABLE_PANEL_CUSTOMERS . "` " . ($userinfo['customers_see_all'] ? '' : " WHERE `adminid` = '" . (int) $userinfo['adminid'] . "' ") . " ORDER BY COALESCE(NULLIF(`name`,''), `company`) ASC");
+					FROM `" . TABLE_PANEL_CUSTOMERS . "` " . ($userinfo['customers_see_all'] ? '' : " WHERE `adminid` = :adminid ") . " ORDER BY COALESCE(NULLIF(`name`,''), `company`) ASC");
 			$params = array();
 			if ($userinfo['customers_see_all'] == '0') {
 				$params['adminid'] = $userinfo['adminid'];
@@ -674,7 +674,7 @@ if ($page == 'domains' || $page == 'overview') {
 function formatDomainEntry(&$row, &$idna_convert)
 {
 	$row['domain'] = $idna_convert->decode($row['domain']);
-	$row['aliasdomain'] = $idna_convert->decode($row['aliasdomain']);
+	$row['aliasdomain'] = $idna_convert->decode($row['aliasdomain'] ?? '');
 
 	$row['ipandport'] = '';
 	foreach ($row['ipsandports'] as $rowip) {
@@ -685,7 +685,7 @@ function formatDomainEntry(&$row, &$idna_convert)
 		}
 	}
 	$row['ipandport'] = substr($row['ipandport'], 0, - 1);
-	$row['termination_date'] = str_replace("0000-00-00", "", $row['termination_date']);
+	$row['termination_date'] = str_replace("0000-00-00", "", $row['termination_date'] ?? '');
 
 	$row['termination_css'] = "";
 	if ($row['termination_date'] != "") {

api_keys.php

@@ -1,5 +1,5 @@
 <?php
-if (! defined('AREA')) {
+if (!defined('AREA')) {
 	header("Location: index.php");
 	exit();
 }
@@ -27,68 +27,88 @@ use Froxlor\Database\Database;
 
 $del_stmt = Database::prepare("DELETE FROM `" . TABLE_API_KEYS . "` WHERE id = :id");
 $success_message = "";
-$id = isset($_GET['id']) ? (int) $_GET['id'] : 0;
+$id = isset($_POST['id']) ? (int) $_POST['id'] : (isset($_GET['id']) ? (int) $_GET['id'] : 0);
 $area = AREA;
 
 // do the delete and then just show a success-message and the apikeys list again
 if ($action == 'delete') {
 	if ($id > 0) {
-		$chk = (AREA == 'admin' && $userinfo['customers_see_all'] == '1') ? true : false;
+		if (isset($_POST['send']) && $_POST['send'] == 'send') {
-		if (AREA == 'customer') {
+			$chk = (AREA == 'admin' && $userinfo['customers_see_all'] == '1') ? true : false;
-			$chk_stmt = Database::prepare("
+			if (AREA == 'customer') {
-				SELECT c.customerid FROM `" . TABLE_PANEL_CUSTOMERS . "` c
+				$chk_stmt = Database::prepare("
-				LEFT JOIN `" . TABLE_API_KEYS . "` ak ON ak.customerid = c.customerid
+					SELECT c.customerid FROM `" . TABLE_PANEL_CUSTOMERS . "` c
-				WHERE ak.`id` = :id AND c.`customerid` = :cid
+					LEFT JOIN `" . TABLE_API_KEYS . "` ak ON ak.customerid = c.customerid
-			");
+					WHERE ak.`id` = :id AND c.`customerid` = :cid
-			$chk = Database::pexecute_first($chk_stmt, array(
+				");
-				'id' => $id,
+				$chk = Database::pexecute_first($chk_stmt, array(
-				'cid' => $userinfo['customerid']
+					'id' => $id,
-			));
+					'cid' => $userinfo['customerid']
-		} elseif (AREA == 'admin' && $userinfo['customers_see_all'] == '0') {
+				));
-			$chk_stmt = Database::prepare("
+			} elseif (AREA == 'admin' && $userinfo['customers_see_all'] == '0') {
-				SELECT a.adminid FROM `" . TABLE_PANEL_ADMINS . "` a
+				$chk_stmt = Database::prepare("
-				LEFT JOIN `" . TABLE_API_KEYS . "` ak ON ak.adminid = a.adminid
+					SELECT a.adminid FROM `" . TABLE_PANEL_ADMINS . "` a
-				WHERE ak.`id` = :id AND a.`adminid` = :aid
+					LEFT JOIN `" . TABLE_API_KEYS . "` ak ON ak.adminid = a.adminid
-			");
+					WHERE ak.`id` = :id AND a.`adminid` = :aid
-			$chk = Database::pexecute_first($chk_stmt, array(
+				");
-				'id' => $id,
+				$chk = Database::pexecute_first($chk_stmt, array(
-				'aid' => $userinfo['adminid']
+					'id' => $id,
-			));
+					'aid' => $userinfo['adminid']
-		}
+				));
-		if ($chk !== false) {
+			}
-			Database::pexecute($del_stmt, array(
+			if ($chk !== false) {
+				Database::pexecute($del_stmt, array(
+					'id' => $id
+				));
+				$success_message = sprintf($lng['apikeys']['apikey_removed'], $id);
+			}
+		} else {
+			\Froxlor\UI\HTML::askYesNo('api_reallydelete', $filename, array(
+				'page' => $page,
+				'action' => $action,
 				'id' => $id
-			));
+			), $id);
-			$success_message = sprintf($lng['apikeys']['apikey_removed'], $id);
 		}
 	}
 } elseif ($action == 'add') {
-	$ins_stmt = Database::prepare("
+
-		INSERT INTO `" . TABLE_API_KEYS . "` SET
+	if (isset($_POST['send']) && $_POST['send'] == 'send') {
-		`apikey` = :key, `secret` = :secret, `adminid` = :aid, `customerid` = :cid, `valid_until` = '-1', `allowed_from` = ''
+		$ins_stmt = Database::prepare("
-	");
+			INSERT INTO `" . TABLE_API_KEYS . "` SET
-	// customer generates for himself, admins will see a customer-select-box later
+			`apikey` = :key, `secret` = :secret, `adminid` = :aid, `customerid` = :cid, `valid_until` = '-1', `allowed_from` = ''
-	if (AREA == 'admin') {
+		");
-		$cid = 0;
+		// customer generates for himself, admins will see a customer-select-box later
-	} elseif (AREA == 'customer') {
+		if (AREA == 'admin') {
-		$cid = $userinfo['customerid'];
+			$cid = 0;
+		} elseif (AREA == 'customer') {
+			$cid = $userinfo['customerid'];
+		}
+		$key = hash('sha256', openssl_random_pseudo_bytes(64 * 64));
+		$secret = hash('sha512', openssl_random_pseudo_bytes(64 * 64 * 4));
+		Database::pexecute($ins_stmt, array(
+			'key' => $key,
+			'secret' => $secret,
+			'aid' => $userinfo['adminid'],
+			'cid' => $cid
+		));
+		$success_message = $lng['apikeys']['apikey_added'];
+	} else {
+		\Froxlor\UI\HTML::askYesNo('api_reallyadd', $filename, array(
+			'page' => $page,
+			'action' => $action
+		), $id);
 	}
-	$key = hash('sha256', openssl_random_pseudo_bytes(64 * 64));
-	$secret = hash('sha512', openssl_random_pseudo_bytes(64 * 64 * 4));
-	Database::pexecute($ins_stmt, array(
-		'key' => $key,
-		'secret' => $secret,
-		'aid' => $userinfo['adminid'],
-		'cid' => $cid
-	));
-	$success_message = $lng['apikeys']['apikey_added'];
 } elseif ($action == 'jqEditApiKey') {
 	$keyid = isset($_POST['id']) ? (int) $_POST['id'] : 0;
+	if (empty($keyid)) {
+		echo json_encode(false);
+		exit;
+	}
 	$allowed_from = isset($_POST['allowed_from']) ? $_POST['allowed_from'] : "";
-	$valid_until = isset($_POST['valid_until']) ? (int) $_POST['valid_until'] : - 1;
+	$valid_until = isset($_POST['valid_until']) ? (int) $_POST['valid_until'] : -1;
 
 	// validate allowed_from
-	if (! empty($allowed_from)) {
+	if (!empty($allowed_from)) {
 		$ip_list = array_map('trim', explode(",", $allowed_from));
 		$_check_list = $ip_list;
 		foreach ($_check_list as $idx => $ip) {
@@ -100,8 +120,8 @@ if ($action == 'delete') {
 		$allowed_from = implode(",", array_unique($ip_list));
 	}
 
-	if ($valid_until <= 0 || ! is_numeric($valid_until)) {
+	if ($valid_until <= 0 || !is_numeric($valid_until)) {
-		$valid_until = - 1;
+		$valid_until = -1;
 	}
 
 	$upd_stmt = Database::prepare("

customer_domains.php

@@ -83,7 +83,7 @@ if ($page == 'overview') {
 				$statsapp = 'webalizer';
 			}
 			$row = [
-				'domain' => $idna_convert->decode($parentdomain)
+				'domain' => $idna_convert->decode($parentdomain ?? '')
 			];
 			eval("\$domains.=\"" . \Froxlor\UI\Template::getTemplate("domains/domains_delimiter") . "\";");
 
@@ -472,8 +472,8 @@ if ($page == 'overview') {
 function formatDomainEntry(&$row, &$idna_convert)
 {
 	$row['domain'] = $idna_convert->decode($row['domain']);
-	$row['aliasdomain'] = $idna_convert->decode($row['aliasdomain']);
+	$row['aliasdomain'] = $idna_convert->decode($row['aliasdomain'] ?? '');
-	$row['domainalias'] = $idna_convert->decode($row['domainalias']);
+	$row['domainalias'] = $idna_convert->decode($row['domainalias'] ?? '');
 
 	/**
 	 * check for set ssl-certs to show different state-icons
@@ -503,7 +503,7 @@ function formatDomainEntry(&$row, &$idna_convert)
 		}
 	}
 
-	$row['termination_date'] = str_replace("0000-00-00", "", $row['termination_date']);
+	$row['termination_date'] = str_replace("0000-00-00", "", $row['termination_date'] ?? '');
 
 	$row['termination_css'] = "";
 	if ($row['termination_date'] != "") {

customer_email.php

@@ -212,7 +212,9 @@ if ($page == 'overview') {
 				if (Settings::Get('catchall.catchall_enabled') != '1') {
 					unset($email_add_data['emails_add']['sections']['section_a']['fields']['iscatchall']);
 				}
-
+				if (Settings::Get('mail.greylist_enabled') != '1') {
+				    unset($email_edit_data['emails_edit']['sections']['section_a']['fields']['mail_greylist']);
+				}
 				$email_add_form = \Froxlor\UI\HtmlForm::genHTMLForm($email_add_data);
 
 				$title = $email_add_data['emails_add']['title'];
@@ -232,7 +234,7 @@ if ($page == 'overview') {
 			\Froxlor\UI\Response::dynamic_error($e->getMessage());
 		}
 		$result = json_decode($json_result, true)['data'];
-
+        
 		if (isset($result['email']) && $result['email'] != '') {
 			$result['email'] = $idna_convert->decode($result['email']);
 			$result['email_full'] = $idna_convert->decode($result['email_full']);
@@ -260,7 +262,9 @@ if ($page == 'overview') {
 			if (Settings::Get('catchall.catchall_enabled') != '1') {
 				unset($email_edit_data['emails_edit']['sections']['section_a']['fields']['mail_catchall']);
 			}
-
+			if (Settings::Get('mail.greylist_enabled') != '1') {
+			    unset($email_edit_data['emails_edit']['sections']['section_a']['fields']['mail_greylist']);
+			}
 			$email_edit_form = \Froxlor\UI\HtmlForm::genHTMLForm($email_edit_data);
 
 			$title = $email_edit_data['emails_edit']['title'];
@@ -281,7 +285,7 @@ if ($page == 'overview') {
 		try {
 			Emails::getLocal($userinfo, array(
 				'id' => $id,
-				'iscatchall' => ($result['iscatchall'] == '1' ? 0 : 1)
+				'iscatchall' => ($result['iscatchall'] == '1' ? 0 : 1),
 			))->update();
 		} catch (Exception $e) {
 			\Froxlor\UI\Response::dynamic_error($e->getMessage());
@@ -292,6 +296,30 @@ if ($page == 'overview') {
 			'id' => $id,
 			's' => $s
 		));
+	} elseif ($action == 'togglegreylist' && $id != 0) {
+	    try {
+	        $json_result = Emails::getLocal($userinfo, array(
+	            'id' => $id
+	        ))->get();
+	    } catch (Exception $e) {
+	        \Froxlor\UI\Response::dynamic_error($e->getMessage());
+	    }
+	    $result = json_decode($json_result, true)['data'];
+	    
+	    try {
+	        Emails::getLocal($userinfo, array(
+	            'id' => $id,
+	            'disablegreylist' => ($result['disablegreylist'] == '1' ? 0 : 1)
+	        ))->update_greylist();
+	    } catch (Exception $e) {
+	        \Froxlor\UI\Response::dynamic_error($e->getMessage());
+	    }
+	    \Froxlor\UI\Response::redirectTo($filename, array(
+	        'page' => $page,
+	        'action' => 'edit',
+	        'id' => $id,
+	        's' => $s
+	    ));
 	}
 } elseif ($page == 'accounts') {
 	if ($action == 'add' && $id != 0) {

dns_editor.php

@@ -24,7 +24,7 @@ use Froxlor\Api\Commands\DomainZones as DomainZones;
 // This file is being included in admin_domains and customer_domains
 // and therefore does not need to require lib/init.php
 
-$domain_id = isset($_GET['domain_id']) ? (int) $_GET['domain_id'] : null;
+$domain_id = isset($_GET['domain_id']) ? (int) $_GET['domain_id'] : (isset($_POST['domain_id']) ? (int)$_POST['domain_id'] : null);
 
 $record = isset($_POST['record']['record']) ? trim($_POST['record']['record']) : null;
 $type = isset($_POST['record']['type']) ? $_POST['record']['type'] : 'A';
@@ -56,17 +56,25 @@ if ($action == 'add_record' && ! empty($_POST)) {
 	}
 } elseif ($action == 'delete') {
 	// remove entry
-	$entry_id = isset($_GET['id']) ? (int) $_GET['id'] : 0;
+	if ($id > 0) {
-	if ($entry_id > 0) {
+		if (isset($_POST['send']) && $_POST['send'] == 'send') {
-		try {
+			try {
-			DomainZones::getLocal($userinfo, array(
+				DomainZones::getLocal($userinfo, array(
-				'entry_id' => $entry_id,
+					'entry_id' => $id,
-				'id' => $domain_id
+					'id' => $domain_id
-			))->delete();
+				))->delete();
-			// success message (inline)
+				// success message (inline)
-			$success_message = $lng['success']['dns_record_deleted'];
+				$success_message = $lng['success']['dns_record_deleted'];
-		} catch (Exception $e) {
+			} catch (Exception $e) {
-			$errors = str_replace("\n", "<br>", $e->getMessage());
+				$errors = str_replace("\n", "<br>", $e->getMessage());
+			}
+		} else {
+			\Froxlor\UI\HTML::askYesNo('dnsentry_reallydelete', $filename, array(
+				'page' => $page,
+				'action' => $action,
+				'id' => $id,
+				'domain_id' => $domain_id
+			), $id);
 		}
 	}
 }

index.php

@@ -22,6 +22,7 @@ require './lib/init.php';
 use Froxlor\Database\Database;
 use Froxlor\Settings;
 use Froxlor\FroxlorLogger;
+use Froxlor\Validate\Validate;
 
 if ($action == '') {
 	$action = 'login';
@@ -352,8 +353,7 @@ if ($action == '2fa_entercode') {
 				$message = sprintf($lng['error']['login_blocked'], Settings::Get('login.deactivatetime'));
 				break;
 			case 4:
-				$cmail = isset($_GET['customermail']) ? $_GET['customermail'] : 'unknown';
+				$message = $lng['error']['errorsendingmailpub'];
-				$message = str_replace('%s', $cmail, $lng['error']['errorsendingmail']);
 				break;
 			case 5:
 				$message = $lng['error']['user_banned'];
@@ -425,159 +425,162 @@ if ($action == 'forgotpwd') {
 			}
 		}
 
-		if ($result_stmt !== null) {
+		$no_action = false;
-			$user = $result_stmt->fetch(PDO::FETCH_ASSOC);
+		if ($adminchecked) {
-
+			if (Settings::Get('panel.allow_preset_admin') != '1') {
-			/* Check whether user is banned */
+				$message = $lng['pwdreminder']['notallowed'];
-			if ($user['deactivated']) {
+				unset($adminchecked);
-				\Froxlor\UI\Response::redirectTo('index.php', array(
-					'showmessage' => '8'
-				));
-				exit();
 			}
+		} else {
+			if (Settings::Get('panel.allow_preset') != '1') {
+				$message = $lng['pwdreminder']['notallowed'];
+			}
+		}
 
-			if (($adminchecked && Settings::Get('panel.allow_preset_admin') == '1') || $adminchecked == false) {
+		if (empty($message)) {
-				if ($user !== false) {
+			if ($result_stmt !== null) {
-					// build a activation code
+				$user = $result_stmt->fetch(PDO::FETCH_ASSOC);
-					$timestamp = time();
-					$first = substr(md5($user['loginname'] . $timestamp . \Froxlor\PhpHelper::randomStr(16)), 0, 15);
-					$third = substr(md5($user['email'] . $timestamp . \Froxlor\PhpHelper::randomStr(16)), - 15);
-					$activationcode = $first . $timestamp . $third . substr(md5($third . $timestamp), 0, 10);
 
-					// Drop all existing activation codes for this user
+				/* Check whether user is banned */
-					$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_ACTIVATION . "`
+				if ($user['deactivated']) {
-						WHERE `userid` = :userid
+					\Froxlor\UI\Response::redirectTo('index.php', array(
-						AND `admin` = :admin");
+						'showmessage' => '8'
-					$params = array(
-						"userid" => $adminchecked ? $user['adminid'] : $user['customerid'],
-						"admin" => $adminchecked ? 1 : 0
-					);
-					Database::pexecute($stmt, $params);
-
-					// Add new activation code to database
-					$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_ACTIVATION . "`
-						(userid, admin, creation, activationcode)
-						VALUES (:userid, :admin, :creation, :activationcode)");
-					$params = array(
-						"userid" => $adminchecked ? $user['adminid'] : $user['customerid'],
-						"admin" => $adminchecked ? 1 : 0,
-						"creation" => $timestamp,
-						"activationcode" => $activationcode
-					);
-					Database::pexecute($stmt, $params);
-
-					$rstlog = FroxlorLogger::getInstanceOf(array(
-						'loginname' => 'password_reset'
 					));
-					$rstlog->logAction(\Froxlor\FroxlorLogger::USR_ACTION, LOG_WARNING, "User '" . $user['loginname'] . "' requested a link for setting a new password.");
+					exit();
+				}
 
-					// Set together our activation link
+				if (($adminchecked && Settings::Get('panel.allow_preset_admin') == '1') || $adminchecked == false) {
-					$protocol = empty($_SERVER['HTTPS']) ? 'http' : 'https';
+					if ($user !== false) {
-					// this can be a fixed value to avoid potential exploiting by modifying headers
+						// build a activation code
-					$host = Settings::Get('system.hostname'); // $_SERVER['HTTP_HOST'];
+						$timestamp = time();
-					$port = $_SERVER['SERVER_PORT'] != 80 ? ':' . $_SERVER['SERVER_PORT'] : '';
+						$first = substr(md5($user['loginname'] . $timestamp . \Froxlor\PhpHelper::randomStr(16)), 0, 15);
-					// don't add :443 when https is used, as it is default (and just looks weird!)
+						$third = substr(md5($user['email'] . $timestamp . \Froxlor\PhpHelper::randomStr(16)), - 15);
-					if ($protocol == 'https' && $_SERVER['SERVER_PORT'] == '443') {
+						$activationcode = $first . $timestamp . $third . substr(md5($third . $timestamp), 0, 10);
-						$port = '';
-					}
-					// there can be only one script to handle this so we can use a fixed value here
-					$script = "/index.php"; // $_SERVER['SCRIPT_NAME'];
-					if (Settings::Get('system.froxlordirectlyviahostname') == 0) {
-						$script = \Froxlor\FileDir::makeCorrectFile("/" . basename(__DIR__) . "/" . $script);
-					}
-					$activationlink = $protocol . '://' . $host . $port . $script . '?action=resetpwd&resetcode=' . $activationcode;
 
-					$replace_arr = array(
+						// Drop all existing activation codes for this user
-						'SALUTATION' => \Froxlor\User::getCorrectUserSalutation($user),
+						$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_ACTIVATION . "`
-						'NAME' => $user['name'],
+							WHERE `userid` = :userid
-						'FIRSTNAME' => $user['firstname'] ?? "",
+							AND `admin` = :admin");
-						'COMPANY' => $user['company'] ?? "",
+						$params = array(
-						'CUSTOMER_NO' => $user['customernumber'] ?? 0,
+							"userid" => $adminchecked ? $user['adminid'] : $user['customerid'],
-						'USERNAME' => $loginname,
+							"admin" => $adminchecked ? 1 : 0
-						'LINK' => $activationlink
+						);
-					);
+						Database::pexecute($stmt, $params);
 
-					$def_language = ($user['def_language'] != '') ? $user['def_language'] : Settings::Get('panel.standardlanguage');
+						// Add new activation code to database
-					$result_stmt = Database::prepare('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '`
+						$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_ACTIVATION . "`
-						WHERE `adminid`= :adminid
+							(userid, admin, creation, activationcode)
-						AND `language`= :lang
+							VALUES (:userid, :admin, :creation, :activationcode)");
-						AND `templategroup`=\'mails\'
+						$params = array(
-						AND `varname`=\'password_reset_subject\'');
+							"userid" => $adminchecked ? $user['adminid'] : $user['customerid'],
-					Database::pexecute($result_stmt, array(
+							"admin" => $adminchecked ? 1 : 0,
-						"adminid" => $user['adminid'],
+							"creation" => $timestamp,
-						"lang" => $def_language
+							"activationcode" => $activationcode
-					));
+						);
-					$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+						Database::pexecute($stmt, $params);
-					$mail_subject = html_entity_decode(\Froxlor\PhpHelper::replaceVariables((($result['value'] != '') ? $result['value'] : $lng['mails']['password_reset']['subject']), $replace_arr));
 
-					$result_stmt = Database::prepare('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '`
-						WHERE `adminid`= :adminid
-						AND `language`= :lang
-						AND `templategroup`=\'mails\'
-						AND `varname`=\'password_reset_mailbody\'');
-					Database::pexecute($result_stmt, array(
-						"adminid" => $user['adminid'],
-						"lang" => $def_language
-					));
-					$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
-					$mail_body = html_entity_decode(\Froxlor\PhpHelper::replaceVariables((($result['value'] != '') ? $result['value'] : $lng['mails']['password_reset']['mailbody']), $replace_arr));
-
-					$_mailerror = false;
-					$mailerr_msg = "";
-					try {
-						$mail->Subject = $mail_subject;
-						$mail->AltBody = $mail_body;
-						$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
-						$mail->AddAddress($user['email'], \Froxlor\User::getCorrectUserSalutation($user));
-						$mail->Send();
-					} catch (\PHPMailer\PHPMailer\Exception $e) {
-						$mailerr_msg = $e->errorMessage();
-						$_mailerror = true;
-					} catch (Exception $e) {
-						$mailerr_msg = $e->getMessage();
-						$_mailerror = true;
-					}
-
-					if ($_mailerror) {
 						$rstlog = FroxlorLogger::getInstanceOf(array(
 							'loginname' => 'password_reset'
 						));
-						$rstlog->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
+						$rstlog->logAction(\Froxlor\FroxlorLogger::USR_ACTION, LOG_WARNING, "User '" . $user['loginname'] . "' requested a link for setting a new password.");
+
+						// Set together our activation link
+						$protocol = empty($_SERVER['HTTPS']) ? 'http' : 'https';
+						// this can be a fixed value to avoid potential exploiting by modifying headers
+						$host = Settings::Get('system.hostname'); // $_SERVER['HTTP_HOST'];
+						$port = $_SERVER['SERVER_PORT'] != 80 ? ':' . $_SERVER['SERVER_PORT'] : '';
+						// don't add :443 when https is used, as it is default (and just looks weird!)
+						if ($protocol == 'https' && $_SERVER['SERVER_PORT'] == '443') {
+							$port = '';
+						}
+						// there can be only one script to handle this so we can use a fixed value here
+						$script = "/index.php"; // $_SERVER['SCRIPT_NAME'];
+						if (Settings::Get('system.froxlordirectlyviahostname') == 0) {
+							$script = \Froxlor\FileDir::makeCorrectFile("/" . basename(__DIR__) . "/" . $script);
+						}
+						$activationlink = $protocol . '://' . $host . $port . $script . '?action=resetpwd&resetcode=' . $activationcode;
+
+						$replace_arr = array(
+							'SALUTATION' => \Froxlor\User::getCorrectUserSalutation($user),
+							'NAME' => $user['name'],
+							'FIRSTNAME' => $user['firstname'] ?? "",
+							'COMPANY' => $user['company'] ?? "",
+							'CUSTOMER_NO' => $user['customernumber'] ?? 0,
+							'USERNAME' => $loginname,
+							'LINK' => $activationlink
+						);
+
+						$def_language = ($user['def_language'] != '') ? $user['def_language'] : Settings::Get('panel.standardlanguage');
+						$result_stmt = Database::prepare('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '`
+							WHERE `adminid`= :adminid
+							AND `language`= :lang
+							AND `templategroup`=\'mails\'
+							AND `varname`=\'password_reset_subject\'');
+						Database::pexecute($result_stmt, array(
+							"adminid" => $user['adminid'],
+							"lang" => $def_language
+						));
+						$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+						$mail_subject = html_entity_decode(\Froxlor\PhpHelper::replaceVariables((($result['value'] != '') ? $result['value'] : $lng['mails']['password_reset']['subject']), $replace_arr));
+
+						$result_stmt = Database::prepare('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '`
+							WHERE `adminid`= :adminid
+							AND `language`= :lang
+							AND `templategroup`=\'mails\'
+							AND `varname`=\'password_reset_mailbody\'');
+						Database::pexecute($result_stmt, array(
+							"adminid" => $user['adminid'],
+							"lang" => $def_language
+						));
+						$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
+						$mail_body = html_entity_decode(\Froxlor\PhpHelper::replaceVariables((($result['value'] != '') ? $result['value'] : $lng['mails']['password_reset']['mailbody']), $replace_arr));
+
+						$_mailerror = false;
+						$mailerr_msg = "";
+						try {
+							$mail->Subject = $mail_subject;
+							$mail->AltBody = $mail_body;
+							$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
+							$mail->AddAddress($user['email'], \Froxlor\User::getCorrectUserSalutation($user));
+							$mail->Send();
+						} catch (\PHPMailer\PHPMailer\Exception $e) {
+							$mailerr_msg = $e->errorMessage();
+							$_mailerror = true;
+						} catch (Exception $e) {
+							$mailerr_msg = $e->getMessage();
+							$_mailerror = true;
+						}
+
+						if ($_mailerror) {
+							$rstlog = FroxlorLogger::getInstanceOf(array(
+								'loginname' => 'password_reset'
+							));
+							$rstlog->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
+							\Froxlor\UI\Response::redirectTo('index.php', array(
+								'showmessage' => '4',
+								'customermail' => $user['email']
+							));
+							exit();
+						}
+
+						$mail->ClearAddresses();
 						\Froxlor\UI\Response::redirectTo('index.php', array(
-							'showmessage' => '4',
+							'showmessage' => '1'
-							'customermail' => $user['email']
 						));
 						exit();
+					} else {
+						$rstlog = FroxlorLogger::getInstanceOf(array(
+							'loginname' => 'password_reset'
+						));
+						$rstlog->logAction(\Froxlor\FroxlorLogger::USR_ACTION, LOG_WARNING, "User '" . $loginname . "' requested to set a new password, but was not found in database!");
+						$message = $lng['login']['combination_not_found'];
 					}
 
-					$mail->ClearAddresses();
+					unset($user);
-					\Froxlor\UI\Response::redirectTo('index.php', array(
-						'showmessage' => '1'
-					));
-					exit();
-				} else {
-					$rstlog = FroxlorLogger::getInstanceOf(array(
-						'loginname' => 'password_reset'
-					));
-					$rstlog->logAction(\Froxlor\FroxlorLogger::USR_ACTION, LOG_WARNING, "User '" . $loginname . "' requested to set a new password, but was not found in database!");
-					$message = $lng['login']['combination_not_found'];
 				}
-
+			} else {
-				unset($user);
+				$message = $lng['pwdreminder']['notallowed'];
 			}
-		} else {
-			$message = $lng['login']['usernotfound'];
-		}
-	}
-
-	if ($adminchecked) {
-		if (Settings::Get('panel.allow_preset_admin') != '1') {
-			$message = $lng['pwdreminder']['notallowed'];
-			unset($adminchecked);
-		}
-	} else {
-		if (Settings::Get('panel.allow_preset') != '1') {
-			$message = $lng['pwdreminder']['notallowed'];
 		}
 	}
 

install/froxlor.sql

@@ -723,7 +723,7 @@ opcache.validate_timestamps'),
 	('panel', 'logo_image_login', ''),
 	('panel', 'logo_overridetheme', '0'),
 	('panel', 'logo_overridecustom', '0'),
-	('panel', 'version', '0.10.33'),
+	('panel', 'version', '0.10.38.3'),
 	('panel', 'db_version', '202112310');
 
 

install/lib/class.FroxlorInstall.php

@@ -550,16 +550,23 @@ class FroxlorInstall
 			$this->_updateSetting($upd_stmt, 'error', 'system', 'errorlog_level');
 		}
 
+		/*
+		 * not yet used in configfiles
+		 * -> 0.11.x
+		 *
 		$distros = glob(\Froxlor\FileDir::makeCorrectDir(\Froxlor\Froxlor::getInstallDir() . '/lib/configfiles/') . '*.xml');
 		foreach ($distros as $_distribution) {
 			if ($this->_data['distribution'] == str_replace(".xml", "", strtolower(basename($_distribution)))) {
 				$dist = new \Froxlor\Config\ConfigParser($_distribution);
 				$defaults = $dist->getDefaults();
-				foreach ($defaults->property as $property) {
+				if (!empty($defaults)) {
-					$this->_updateSetting($upd_stmt, $property->value, $property->settinggroup, $property->varname);
+					foreach ($defaults as $property) {
+						$this->_updateSetting($upd_stmt, $property->attributes()->value, $property->attributes()->settinggroup, $property->attributes()->varname);
+					}
 				}
 			}
 		}
+		*/
 
 		$this->_updateSetting($upd_stmt, $this->_data['activate_newsfeed'], 'admin', 'show_news_feed');
 		$this->_updateSetting($upd_stmt, dirname(dirname(dirname(__FILE__))), 'system', 'letsencryptchallengepath');
@@ -734,8 +741,26 @@ class FroxlorInstall
 
 	private function _grantDbPrivilegesTo(&$db_root, $database, $username, $password, $access_host)
 	{
+		// mariadb
+		if (version_compare($db_root->getAttribute(\PDO::ATTR_SERVER_VERSION), '10.0.0', '>=')) {
+			// create user
+			$stmt = $db_root->prepare("
+				CREATE USER '" . $username . "'@'" . $access_host . "' IDENTIFIED BY :password
+			");
+			$stmt->execute(array(
+				"password" => $password
+			));
+			// grant privileges
+			$stmt = $db_root->prepare("
+				GRANT ALL ON `" . $database . "`.* TO :username@:host
+			");
+			$stmt->execute(array(
+				"username" => $username,
+				"host" => $access_host
+			));
+		}
 		// mysql8 compatibility
-		if (version_compare($db_root->getAttribute(\PDO::ATTR_SERVER_VERSION), '8.0.11', '>=')) {
+		elseif (version_compare($db_root->getAttribute(\PDO::ATTR_SERVER_VERSION), '8.0.11', '>=')) {
 			// create user
 			$stmt = $db_root->prepare("
 				CREATE USER '" . $username . "'@'" . $access_host . "' IDENTIFIED WITH mysql_native_password BY :password

install/scripts/config-services.php

@@ -28,4 +28,5 @@ try {
 	\Froxlor\Cli\ConfigServicesCmd::processParameters($argc, $argv);
 } catch (Exception $e) {
 	\Froxlor\Cli\ConfigServicesCmd::printerr($e->getMessage());
+	exit(1);
 }

install/scripts/switch-server-ip.php

@@ -28,4 +28,5 @@ try {
 	\Froxlor\Cli\SwitchServerIpCmd::processParameters($argc, $argv);
 } catch (Exception $e) {
 	\Froxlor\Cli\SwitchServerIpCmd::printerr($e->getMessage());
+	exit(1);
 }

install/updates/froxlor/0.10/update_0.10.inc.php

@@ -970,3 +970,54 @@ if (\Froxlor\Froxlor::isFroxlorVersion('0.10.32')) {
 	showUpdateStep("Updating from 0.10.32 to 0.10.33", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.33');
 }
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.33')) {
+	showUpdateStep("Updating from 0.10.33 to 0.10.34", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.34');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.34')) {
+	showUpdateStep("Updating from 0.10.34 to 0.10.34.1", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.34.1');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.34.1')) {
+	showUpdateStep("Updating from 0.10.34.1 to 0.10.35", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.35');
+}
+
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.35')) {
+	showUpdateStep("Updating from 0.10.35 to 0.10.35.1", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.35.1');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.35.1')) {
+	showUpdateStep("Updating from 0.10.35.1 to 0.10.36", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.36');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.36')) {
+	showUpdateStep("Updating from 0.10.36 to 0.10.37", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.37');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.37')) {
+        showUpdateStep("Updating from 0.10.37 to 0.10.38", false);
+        \Froxlor\Froxlor::updateToVersion('0.10.38');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.38')) {
+        showUpdateStep("Updating from 0.10.38 to 0.10.38.1", false);
+        \Froxlor\Froxlor::updateToVersion('0.10.38.1');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.38.1')) {
+        showUpdateStep("Updating from 0.10.38.1 to 0.10.38.2", false);
+        \Froxlor\Froxlor::updateToVersion('0.10.38.2');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.38.2')) {
+	showUpdateStep("Updating from 0.10.38.2 to 0.10.38.3", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.38.3');
+}

lib/Froxlor/Api/ApiCommand.php

@@ -297,6 +297,10 @@ abstract class ApiCommand extends ApiParameter
 					$sortfield[$id] = $sfield;
 				}
 				$field = implode('.', $sortfield);
+				if (preg_match('/^([a-z0-9\-\._`]+)$/i', $field) == false) {
+					// skip
+					continue;
+				}
 				if (! $first) {
 					$condition .= ' AND ';
 				}
@@ -313,6 +317,14 @@ abstract class ApiCommand extends ApiParameter
 				} elseif (strtolower($valoper['op']) == 'in' && is_array($valoper['value']) && count($valoper['value']) > 0) {
 					$condition .= $field . ' ' . $valoper['op'] . ' (';
 					foreach ($valoper['value'] as $incnt => $invalue) {
+						if (!is_numeric($incnt)) {
+							// skip
+							continue;
+						}
+						if (!empty($invalue) && preg_match('/^([a-z0-9\-\._`]+)$/i', $invalue) == false) {
+							// skip
+							continue;
+						}
 						$condition .= ":" . $cleanfield . $incnt . ", ";
 						$query_fields[':' . $cleanfield . $incnt] = $invalue ?? '';
 					}
@@ -398,6 +410,10 @@ abstract class ApiCommand extends ApiParameter
 					$sortfield[$id] = $sfield;
 				}
 				$field = implode('.', $sortfield);
+				if (preg_match('/^([a-z0-9\-\._`]+)$/i', $field) == false) {
+					// skip
+					continue;
+				}
 				$by = strtoupper($by);
 				if (! in_array($by, [
 					'ASC',
@@ -423,6 +439,7 @@ abstract class ApiCommand extends ApiParameter
 		return $order;
 	}
 
+
 	/**
 	 * return logger instance
 	 *

lib/Froxlor/Api/ApiParameter.php

@@ -180,12 +180,18 @@ abstract class ApiParameter
 	 */
 	private function trimArray($input)
 	{
-		if (! is_array($input)) {
+		if ($input === '') {
+			return "";
+		}
+		if (is_numeric($input) || is_null($input)) {
+			return $input;
+		}
+		if (!is_array($input)) {
 			return trim($input);
 		}
-		return array_map(array(
+		return array_map([
 			$this,
 			'trimArray'
-		), $input);
+		], $input);
 	}
 }

lib/Froxlor/Api/Commands/Admins.php

@@ -227,7 +227,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			$ipaddress = $this->getParam('ipaddress', true, - 1);
 
 			// validation
-			$name = \Froxlor\Validate\Validate::validate($name, 'name', '', '', array(), true);
+			$name = \Froxlor\Validate\Validate::validate($name, 'name', \Froxlor\Validate\Validate::REGEX_DESC_TEXT, '', array(), true);
 			$idna_convert = new \Froxlor\Idna\IdnaWrapper();
 			$email = $idna_convert->encode(\Froxlor\Validate\Validate::validate($email, 'email', '', '', array(), true));
 			$def_language = \Froxlor\Validate\Validate::validate($def_language, 'default language', '', '', array(), true);
@@ -472,10 +472,10 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 				// parameters
 				$name = $this->getParam('name', true, $result['name']);
 				$idna_convert = new \Froxlor\Idna\IdnaWrapper();
-				$email = $this->getParam('email', true, $idna_convert->decode($result['email']));
+				$email = $this->getParam('email', true, $idna_convert->decode($result['email'] ?? ''));
 				$password = $this->getParam('admin_password', true, '');
 				$def_language = $this->getParam('def_language', true, $result['def_language']);
-				$custom_notes = $this->getParam('custom_notes', true, $result['custom_notes']);
+				$custom_notes = $this->getParam('custom_notes', true, ($result['custom_notes'] ?? ""));
 				$custom_notes_show = $this->getBoolParam('custom_notes_show', true, $result['custom_notes_show']);
 				$theme = $this->getParam('theme', true, $result['theme']);
 
@@ -527,7 +527,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 				}
 
 				// validation
-				$name = \Froxlor\Validate\Validate::validate($name, 'name', '', '', array(), true);
+				$name = \Froxlor\Validate\Validate::validate($name, 'name', \Froxlor\Validate\Validate::REGEX_DESC_TEXT, '', array(), true);
 				$idna_convert = new \Froxlor\Idna\IdnaWrapper();
 				$email = $idna_convert->encode(\Froxlor\Validate\Validate::validate($email, 'email', '', '', array(), true));
 				$def_language = \Froxlor\Validate\Validate::validate($def_language, 'default language', '', '', array(), true);

lib/Froxlor/Api/Commands/Customers.php

@@ -368,6 +368,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 					foreach ($hp_result['value'] as $index => $value) {
 						$hp_result[$index] = $value;
 					}
+					$nextcloud_quota = $hp_result['nextcloud_quota'] ?? 0;
 					$diskspace = $hp_result['diskspace'] ?? 0;
 					$traffic = $hp_result['traffic'] ?? 0;
 					$subdomains = $hp_result['subdomains'] ?? 0;
@@ -385,6 +386,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 					$dnsenabled = $hp_result['dnsenabled'] ?? 0;
 					$logviewenabled = $hp_result['logviewenabled'] ?? 0;
 				} else {
+				    $nextcloud_quota = $this->getUlParam('nextcloud_quota', 'nextcloud_quota_ul', true, 0);
 					$diskspace = $this->getUlParam('diskspace', 'diskspace_ul', true, 0);
 					$traffic = $this->getUlParam('traffic', 'traffic_ul', true, 0);
 					$subdomains = $this->getUlParam('subdomains', 'subdomains_ul', true, 0);
@@ -404,12 +406,12 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 				}
 
 				// validation
-				$name = \Froxlor\Validate\Validate::validate($name, 'name', '', '', array(), true);
+				$name = \Froxlor\Validate\Validate::validate($name, 'name', \Froxlor\Validate\Validate::REGEX_DESC_TEXT, '', array(), true);
-				$firstname = \Froxlor\Validate\Validate::validate($firstname, 'first name', '', '', array(), true);
+				$firstname = \Froxlor\Validate\Validate::validate($firstname, 'first name', \Froxlor\Validate\Validate::REGEX_DESC_TEXT, '', array(), true);
-				$company = \Froxlor\Validate\Validate::validate($company, 'company', '', '', array(), true);
+				$company = \Froxlor\Validate\Validate::validate($company, 'company', \Froxlor\Validate\Validate::REGEX_DESC_TEXT, '', array(), true);
-				$street = \Froxlor\Validate\Validate::validate($street, 'street', '', '', array(), true);
+				$street = \Froxlor\Validate\Validate::validate($street, 'street', \Froxlor\Validate\Validate::REGEX_DESC_TEXT, '', array(), true);
 				$zipcode = \Froxlor\Validate\Validate::validate($zipcode, 'zipcode', '/^[0-9 \-A-Z]*$/', '', array(), true);
-				$city = \Froxlor\Validate\Validate::validate($city, 'city', '', '', array(), true);
+				$city = \Froxlor\Validate\Validate::validate($city, 'city', \Froxlor\Validate\Validate::REGEX_DESC_TEXT, '', array(), true);
 				$phone = \Froxlor\Validate\Validate::validate($phone, 'phone', '/^[0-9\- \+\(\)\/]*$/', '', array(), true);
 				$fax = \Froxlor\Validate\Validate::validate($fax, 'fax', '/^[0-9\- \+\(\)\/]*$/', '', array(), true);
 				$idna_convert = new \Froxlor\Idna\IdnaWrapper();
@@ -533,6 +535,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 						'api_allowed' => $api_allowed,
 						'docroot' => $documentroot,
 						'guid' => $guid,
+					    'nextcloud_quota' => $nextcloud_quota,
 						'diskspace' => $diskspace,
 						'traffic' => $traffic,
 						'subdomains' => $subdomains,
@@ -574,6 +577,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 						`api_allowed` = :api_allowed,
 						`documentroot` = :docroot,
 						`guid` = :guid,
+                        `nextcloud_quota` = :nextcloud_quota,
 						`diskspace` = :diskspace,
 						`traffic` = :traffic,
 						`subdomains` = :subdomains,
@@ -950,7 +954,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 			$move_to_admin = (int) ($this->getParam('move_to_admin', true, 0));
 
 			$idna_convert = new \Froxlor\Idna\IdnaWrapper();
-			$email = $this->getParam('email', true, $idna_convert->decode($result['email']));
+			$email = $this->getParam('email', true, $idna_convert->decode($result['email'] ?? ''));
 			$name = $this->getParam('name', true, $result['name']);
 			$firstname = $this->getParam('firstname', true, $result['firstname']);
 			$company_required = empty($result['company']) && ((! empty($name) && empty($firstname)) || (empty($name) && ! empty($firstname)) || (empty($name) && empty($firstname)));
@@ -968,6 +972,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 			$custom_notes_show = $this->getBoolParam('custom_notes_show', true, $result['custom_notes_show']);
 
 			$dec_places = Settings::Get('panel.decimal_places');
+			$nextcloud_quota = $this->getUlParam('nextcloud_quota', 'nextcloud_quota_ul', true, round($result['nextcloud_quota'], $dec_places));
 			$diskspace = $this->getUlParam('diskspace', 'diskspace_ul', true, round($result['diskspace'] / 1024, $dec_places));
 			$traffic = $this->getUlParam('traffic', 'traffic_ul', true, round($result['traffic'] / (1024 * 1024), $dec_places));
 			$subdomains = $this->getUlParam('subdomains', 'subdomains_ul', true, $result['subdomains']);
@@ -998,12 +1003,12 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 		// validation
 		if ($this->isAdmin()) {
 			$idna_convert = new \Froxlor\Idna\IdnaWrapper();
-			$name = \Froxlor\Validate\Validate::validate($name, 'name', '', '', array(), true);
+			$name = \Froxlor\Validate\Validate::validate($name, 'name', \Froxlor\Validate\Validate::REGEX_DESC_TEXT, '', array(), true);
-			$firstname = \Froxlor\Validate\Validate::validate($firstname, 'first name', '', '', array(), true);
+			$firstname = \Froxlor\Validate\Validate::validate($firstname, 'first name', \Froxlor\Validate\Validate::REGEX_DESC_TEXT, '', array(), true);
-			$company = \Froxlor\Validate\Validate::validate($company, 'company', '', '', array(), true);
+			$company = \Froxlor\Validate\Validate::validate($company, 'company', \Froxlor\Validate\Validate::REGEX_DESC_TEXT, '', array(), true);
-			$street = \Froxlor\Validate\Validate::validate($street, 'street', '', '', array(), true);
+			$street = \Froxlor\Validate\Validate::validate($street, 'street', \Froxlor\Validate\Validate::REGEX_DESC_TEXT, '', array(), true);
 			$zipcode = \Froxlor\Validate\Validate::validate($zipcode, 'zipcode', '/^[0-9 \-A-Z]*$/', '', array(), true);
-			$city = \Froxlor\Validate\Validate::validate($city, 'city', '', '', array(), true);
+			$city = \Froxlor\Validate\Validate::validate($city, 'city', \Froxlor\Validate\Validate::REGEX_DESC_TEXT, '', array(), true);
 			$phone = \Froxlor\Validate\Validate::validate($phone, 'phone', '/^[0-9\- \+\(\)\/]*$/', '', array(), true);
 			$fax = \Froxlor\Validate\Validate::validate($fax, 'fax', '/^[0-9\- \+\(\)\/]*$/', '', array(), true);
 			$email = $idna_convert->encode(\Froxlor\Validate\Validate::validate($email, 'email', '', '', array(), true));
@@ -1234,6 +1239,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 				'fax' => $fax,
 				'email' => $email,
 				'customerno' => $customernumber,
+			    'nextcloud_quota' => $nextcloud_quota,
 				'diskspace' => $diskspace,
 				'traffic' => $traffic,
 				'subdomains' => $subdomains,
@@ -1276,6 +1282,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 				`fax` = :fax,
 				`email` = :email,
 				`customernumber` = :customerno,
+                `nextcloud_quota` = :nextcloud_quota,
 				`diskspace` = :diskspace,
 				`traffic` = :traffic,
 				`subdomains` = :subdomains,

lib/Froxlor/Api/Commands/EmailAccounts.php

@@ -197,6 +197,7 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
 					'NAME' => $customer['name'],
 					'FIRSTNAME' => $customer['firstname'],
 					'COMPANY' => $customer['company'],
+					'USERNAME' => $customer['loginname'],
 					'CUSTOMER_NO' => $customer['customernumber']
 				);
 

lib/Froxlor/Api/Commands/EmailForwarders.php

@@ -65,7 +65,7 @@ class EmailForwarders extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Re
 			$id = $result['id'];
 
 			// current destination array
-			$result['destination_array'] = explode(' ', $result['destination']);
+			$result['destination_array'] = explode(' ', ($result['destination'] ?? ''));
 
 			// prepare destination
 			$destination = trim($destination);

lib/Froxlor/Api/Commands/Emails.php

@@ -57,6 +57,7 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			// parameters
 			$iscatchall = $this->getBoolParam('iscatchall', true, 0);
 			$description = $this->getParam('description', true, '');
+			$disablegreylist = $this->getBoolParam('disablegreylist', true, 0);
 
 			// validation
 			if (substr($domain, 0, 4) != 'xn--') {
@@ -76,6 +77,9 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 			if (Settings::Get('catchall.catchall_enabled') != '1') {
 				$iscatchall = 0;
 			}
+			if (Settings::Get('mail.greylist_enabled') != '1') {
+			    $disablegreylist = 1;
+			}
 
 			// check for catchall-flag
 			if ($iscatchall) {
@@ -124,6 +128,7 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 				`email` = :email,
 				`email_full` = :email_full,
 				`iscatchall` = :iscatchall,
+                `disablegreylist` = :disablegreylist,
 				`domainid` = :domainid,
 				`description` = :description
 			");
@@ -132,8 +137,9 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 				"email" => $email,
 				"email_full" => $email_full,
 				"iscatchall" => $iscatchall,
+			    "disablegreylist" => $disablegreylist,
 				"domainid" => $domain_check['id'],
-				"description" => $description
+			    "description" => $description
 			);
 			Database::pexecute($stmt, $params, true, true);
 
@@ -172,7 +178,7 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		$customer_ids = $this->getAllowedCustomerIds('email');
 		$params['idea'] = ($id <= 0 ? $emailaddr : $id);
 
-		$result_stmt = Database::prepare("SELECT v.`id`, v.`email`, v.`email_full`, v.`iscatchall`, v.`destination`, v.`customerid`, v.`popaccountid`, v.`domainid`, v.`description`, u.`quota`, u.`imap`, u.`pop3`, u.`postfix`, u.`mboxsize`
+		$result_stmt = Database::prepare("SELECT v.`id`, v.`email`, v.`email_full`, v.`iscatchall`, v.`destination`, v.`customerid`, v.`popaccountid`, v.`domainid`, v.`description`, u.`quota`, u.`imap`, u.`pop3`, u.`postfix`, u.`mboxsize`, v.`disablegreylist`
 			FROM `" . TABLE_MAIL_VIRTUAL . "` v
 			LEFT JOIN `" . TABLE_MAIL_USERS . "` u ON v.`popaccountid` = u.`id`
 			WHERE v.`customerid` IN (" . implode(", ", $customer_ids) . ")
@@ -235,7 +241,7 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		// parameters
 		$iscatchall = $this->getBoolParam('iscatchall', true, $result['iscatchall']);
 		$description = $this->getParam('description', true, $result['description']);
-
+		
 		// get needed customer info to reduce the email-address-counter by one
 		$customer = $this->getCustomerData();
 
@@ -282,7 +288,97 @@ class Emails extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 		));
 		return $this->response(200, "successful", $result);
 	}
-
+	/**
+	 * toggle greylist flag of given email address either by id or email-address
+	 *
+	 * @param int $id
+	 *        	optional, the email-address-id
+	 * @param string $emailaddr
+	 *        	optional, the email-address
+	 * @param int $customerid
+	 *        	optional, admin-only, the customer-id
+	 * @param string $loginname
+	 *        	optional, admin-only, the loginname
+	 * @param boolean $disablegreylist
+	 *        	optional
+	 *
+	 * @access admin, customer
+	 * @throws \Exception
+	 * @return string json-encoded array
+	 */
+	public function update_greylist()
+	{
+	    if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'email')) {
+	        throw new \Exception("You cannot access this resource", 405);
+	    }
+	    
+	    // if enabling catchall is not allowed by settings, we do not need
+	    // to run update()
+	    if (Settings::Get('mail.greylist_enabled') != '1') {
+	        \Froxlor\UI\Response::standard_error(array(
+	            'operationnotpermitted',
+	            'featureisdisabled'
+	        ), 'catchall', true);
+	    }
+	    
+	    $id = $this->getParam('id', true, 0);
+	    $ea_optional = ($id <= 0 ? false : true);
+	    $emailaddr = $this->getParam('emailaddr', $ea_optional, '');
+	    
+	    $result = $this->apiCall('Emails.get', array(
+	        'id' => $id,
+	        'emailaddr' => $emailaddr
+	    ));
+	    $id = $result['id'];
+	    
+	    // parameters
+	    $disablegreylist = $this->getBoolParam('disablegreylist', true, $result['disablegreylist']);
+	    // get needed customer info to reduce the email-address-counter by one
+	    $customer = $this->getCustomerData();
+	    
+	    // check for catchall-flag
+	    if ($disablegreylist) {
+	        $disablegreylist = '1';
+	        $email_parts = explode('@', $result['email_full']);
+	        $email = '@' . $email_parts[1];
+	        // catchall check
+	        $stmt = Database::prepare("
+				SELECT `email_full` FROM `" . TABLE_MAIL_VIRTUAL . "`
+				WHERE `email` = :email AND `customerid` = :cid AND `disablegreylist` = '1'
+			");
+	        $params = array(
+	            "email" => $email,
+	            "cid" => $customer['customerid']
+	        );
+	        $email_check = Database::pexecute_first($stmt, $params, true, true);
+	        if ($email_check) {
+	            \Froxlor\UI\Response::standard_error('youhavealreadyacatchallforthisdomain', '', true);
+	        }
+	    } else {
+	        $disablegreylist = '0';
+	        $email = $result['email_full'];
+	    }
+	    
+	    $stmt = Database::prepare("
+			UPDATE `" . TABLE_MAIL_VIRTUAL . "`
+			SET `email` = :email , `disablegreylist` = :disablegreylist
+			WHERE `customerid`= :cid AND `id`= :id
+		");
+	    $params = array(
+	        "email" => $email,
+	        "disablegreylist" => $disablegreylist,
+	        "cid" => $customer['customerid'],
+	        "id" => $id
+	    );
+	    Database::pexecute($stmt, $params, true, true);
+	    $this->logger()->logAction($this->isAdmin() ? \Froxlor\FroxlorLogger::ADM_ACTION : \Froxlor\FroxlorLogger::USR_ACTION, LOG_INFO, "[API] toggled greylist-flag for email address '" . $result['email_full'] . "'");
+	    
+	    $result = $this->apiCall('Emails.get', array(
+	        'emailaddr' => $result['email_full']
+	    ));
+	    return $this->response(200, "successfull", $result);
+	}
+	
 	/**
 	 * list all email addresses, if called from an admin, list all email addresses of all customers you are allowed to view, or specify id or loginname for one specific customer
 	 *

lib/Froxlor/Api/Commands/Ftps.php

@@ -243,6 +243,7 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 						'NAME' => $customer['name'],
 						'FIRSTNAME' => $customer['firstname'],
 						'COMPANY' => $customer['company'],
+						'USERNAME' => $customer['loginname'],
 						'CUSTOMER_NO' => $customer['customernumber'],
 						'USR_NAME' => $username,
 						'USR_PASS' => htmlentities(htmlentities($password)),

lib/Froxlor/Api/Commands/IpsAndPorts.php

@@ -378,9 +378,9 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 			$listen_statement = $this->getBoolParam('listen_statement', true, $result['listen_statement']);
 			$namevirtualhost_statement = $this->getBoolParam('namevirtualhost_statement', true, $result['namevirtualhost_statement']);
 			$vhostcontainer = $this->getBoolParam('vhostcontainer', true, $result['vhostcontainer']);
-			$specialsettings = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $this->getParam('specialsettings', true, $result['specialsettings'])), 'specialsettings', \Froxlor\Validate\Validate::REGEX_CONF_TEXT, '', array(), true);
+			$specialsettings = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $this->getParam('specialsettings', true, ($result['specialsettings'] ?? ""))), 'specialsettings', \Froxlor\Validate\Validate::REGEX_CONF_TEXT, '', array(), true);
 			$vhostcontainer_servername_statement = $this->getParam('vhostcontainer_servername_statement', true, $result['vhostcontainer_servername_statement']);
-			$default_vhostconf_domain = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $this->getParam('default_vhostconf_domain', true, $result['default_vhostconf_domain'])), 'default_vhostconf_domain', \Froxlor\Validate\Validate::REGEX_CONF_TEXT, '', array(), true);
+			$default_vhostconf_domain = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $this->getParam('default_vhostconf_domain', true, ($result['default_vhostconf_domain'] ?? ""))), 'default_vhostconf_domain', \Froxlor\Validate\Validate::REGEX_CONF_TEXT, '', array(), true);
 			$docroot = \Froxlor\Validate\Validate::validate($this->getParam('docroot', true, $result['docroot']), 'docroot', \Froxlor\Validate\Validate::REGEX_DIR, '', array(), true);
 
 			if ((int) Settings::Get('system.use_ssl') == 1) {
@@ -389,9 +389,9 @@ class IpsAndPorts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 				$ssl_key_file = \Froxlor\Validate\Validate::validate($this->getParam('ssl_key_file', $ssl, $result['ssl_key_file']), 'ssl_key_file', '', '', array(), true);
 				$ssl_ca_file = \Froxlor\Validate\Validate::validate($this->getParam('ssl_ca_file', true, $result['ssl_ca_file']), 'ssl_ca_file', '', '', array(), true);
 				$ssl_cert_chainfile = \Froxlor\Validate\Validate::validate($this->getParam('ssl_cert_chainfile', true, $result['ssl_cert_chainfile']), 'ssl_cert_chainfile', '', '', array(), true);
-				$ssl_specialsettings = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $this->getParam('ssl_specialsettings', true, $result['ssl_specialsettings'])), 'ssl_specialsettings', \Froxlor\Validate\Validate::REGEX_CONF_TEXT, '', array(), true);
+				$ssl_specialsettings = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $this->getParam('ssl_specialsettings', true, ($result['ssl_specialsettings'] ?? ""))), 'ssl_specialsettings', \Froxlor\Validate\Validate::REGEX_CONF_TEXT, '', array(), true);
 				$include_specialsettings = $this->getBoolParam('include_specialsettings', true, $result['include_specialsettings']);
-				$ssl_default_vhostconf_domain = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $this->getParam('ssl_default_vhostconf_domain', true, $result['ssl_default_vhostconf_domain'])), 'ssl_default_vhostconf_domain', \Froxlor\Validate\Validate::REGEX_CONF_TEXT, '', array(), true);
+				$ssl_default_vhostconf_domain = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $this->getParam('ssl_default_vhostconf_domain', true, ($result['ssl_default_vhostconf_domain'] ?? ""))), 'ssl_default_vhostconf_domain', \Froxlor\Validate\Validate::REGEX_CONF_TEXT, '', array(), true);
 				$include_default_vhostconf_domain = $this->getBoolParam('include_default_vhostconf_domain', true, $result['include_default_vhostconf_domain']);
 			} else {
 				$ssl = 0;

lib/Froxlor/Api/Commands/Mysqls.php

@@ -141,6 +141,7 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 					'NAME' => $userinfo['name'],
 					'FIRSTNAME' => $userinfo['firstname'],
 					'COMPANY' => $userinfo['company'],
+					'USERNAME' => $userinfo['loginname'],
 					'CUSTOMER_NO' => $userinfo['customernumber'],
 					'DB_NAME' => $username,
 					'DB_PASS' => htmlentities(htmlentities($password)),

lib/Froxlor/Api/Commands/PhpSettings.php

@@ -99,7 +99,7 @@ class PhpSettings extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
 				}
 
 				// check whether we use that config as froxor-vhost config
-				if (Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $row['id'] || Settings::Get('phpfpm.vhost_defaultini') == $row['id']) {
+				if ((Settings::Get('system.mod_fcgid') == '1' && Settings::Get('system.mod_fcgid_defaultini_ownvhost') == $row['id']) || (Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.vhost_defaultini') == $row['id'])) {
 					$domains[] = Settings::Get('system.hostname');
 				}
 

lib/Froxlor/Config/ConfigParser.php

@@ -182,7 +182,7 @@ class ConfigParser
 	}
 
 	/**
-	 * Parse the XML and populate $this->services
+	 * Parse the XML and populate $this->defaults
 	 *
 	 * @return bool
 	 */
@@ -194,9 +194,9 @@ class ConfigParser
 		}
 
 		// Get all defaults
-		$defaults = $this->xml->xpath('//defaults');
+		$defaults = $this->xml->xpath('//defaults/default');
 		foreach ($defaults as $default) {
-			$this->defaults = $default;
+			$this->defaults[] = $default;
 		}
 
 		// Switch flag to indicate we parsed our data

lib/Froxlor/Cron/CronConfig.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace Froxlor\Cron;
 
 /**
@@ -18,6 +19,7 @@ namespace Froxlor\Cron;
  * @since 0.10.0
  *
  */
+
 use Froxlor\Database\Database;
 use Froxlor\Settings;
 
@@ -56,6 +58,12 @@ class CronConfig
 				SELECT * FROM `" . TABLE_PANEL_CRONRUNS . "` WHERE `isactive` = '1'
 			");
 
+			$binpath = Settings::Get("system.croncmdline");
+			// fallback as it is important
+			if ($binpath === null) {
+				$binpath = "/usr/bin/nice -n 5 /usr/bin/php -q";
+			}
+
 			$hour_delay = 0;
 			$day_delay = 5;
 			$month_delay = 7;
@@ -96,20 +104,14 @@ class CronConfig
 					}
 
 					// create entry-line
-					$binpath = Settings::Get("system.croncmdline");
-					// fallback as it is important
-					if ($binpath === null) {
-						$binpath = "/usr/bin/nice -n 5 /usr/bin/php -q";
-					}
-
 					$cronfile .= "root " . $binpath . " " . \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . "/scripts/froxlor_master_cronjob.php") . " --" . $row_cronentry['cronfile'] . " 1> /dev/null\n";
 				}
 			}
 
 			// php sessionclean if enabled
 			if ((int) Settings::Get('phpfpm.enabled') == 1) {
-				$cronfile .= "# Look for and purge old sessions every 30 minutes".PHP_EOL;
+				$cronfile .= "# Look for and purge old sessions every 30 minutes" . PHP_EOL;
-				$cronfile .= "09,39 * * * * root " . \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . "/scripts/php-sessionclean.php") . " --froxlor-dir=" . escapeshellarg(\Froxlor\Froxlor::getInstallDir()) . " 1> /dev/null" . PHP_EOL;
+				$cronfile .= "09,39 * * * * root " . $binpath . " " . \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . "/scripts/php-sessionclean.php") . " --froxlor-dir=" . escapeshellarg(\Froxlor\Froxlor::getInstallDir()) . " 1> /dev/null" . PHP_EOL;
 			}
 
 			if (\Froxlor\FileDir::isFreeBSD()) {
@@ -127,7 +129,7 @@ class CronConfig
 				$newcrontab = "";
 				foreach ($crontablines as $ctl) {
 					$ctl = trim($ctl);
-					if (! empty($ctl) && ! preg_match("/(.*)froxlor_master_cronjob\.php(.*)/", $ctl)) {
+					if (!empty($ctl) && !preg_match("/(.*)froxlor_master_cronjob\.php(.*)/", $ctl)) {
 						$newcrontab .= $ctl . "\n";
 					}
 				}

lib/Froxlor/Cron/Http/Apache.php

@@ -773,20 +773,28 @@ class Apache extends HttpConfigBase
 		}
 
 		if (Settings::Get('system.logfiles_piped') == '1' && Settings::Get('system.logfiles_script') != '') {
-			// replace for error_log
+			if ($domain['writeerrorlog']) {
-			$command = \Froxlor\PhpHelper::replaceVariables(Settings::Get('system.logfiles_script'), array(
+				// replace for error_log
-				'LOGFILE' => $error_log,
+				$command = \Froxlor\PhpHelper::replaceVariables(Settings::Get('system.logfiles_script'), array(
-				'DOMAIN' => $domain['domain'],
+					'LOGFILE' => $error_log,
-				'CUSTOMER' => $domain['loginname']
+					'DOMAIN' => $domain['domain'],
-			));
+					'CUSTOMER' => $domain['loginname']
-			$logfiles_text .= '  ErrorLog "|' . $command . "\"\n";
+				));
-			// replace for access_log
+				$logfiles_text .= '  ErrorLog "|' . $command . "\"\n";
-			$command = \Froxlor\PhpHelper::replaceVariables(Settings::Get('system.logfiles_script'), array(
+			} else {
-				'LOGFILE' => $access_log,
+				$logfiles_text .= '  ErrorLog "' . $error_log . '"' . "\n";
-				'DOMAIN' => $domain['domain'],
+			}
-				'CUSTOMER' => $domain['loginname']
+			if ($domain['writeaccesslog']) {
-			));
+				// replace for access_log
-			$logfiles_text .= '  CustomLog "|' . $command . '" ' . $logtype . "\n";
+				$command = \Froxlor\PhpHelper::replaceVariables(Settings::Get('system.logfiles_script'), array(
+					'LOGFILE' => $access_log,
+					'DOMAIN' => $domain['domain'],
+					'CUSTOMER' => $domain['loginname']
+				));
+				$logfiles_text .= '  CustomLog "|' . $command . '" ' . $logtype . "\n";
+			} else {
+				$logfiles_text .= '  CustomLog "' . $access_log . '" ' . $logtype . "\n";
+			}
 		} else {
 			$logfiles_text .= '  ErrorLog "' . $error_log . '"' . "\n";
 			$logfiles_text .= '  CustomLog "' . $access_log . '" ' . $logtype . "\n";

lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php

@@ -635,6 +635,9 @@ EOC;
 		$acmesh_result = \Froxlor\FileDir::safe_exec(self::getAcmeSh() . " --upgrade --auto-upgrade 0");
 		// check for activated cron
 		$acmesh_result2 = \Froxlor\FileDir::safe_exec(self::getAcmeSh() . " --install-cronjob");
-		FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Checking for LetsEncrypt client upgrades before renewing certificates:\n" . implode("\n", $acmesh_result) . "\n" . implode("\n", $acmesh_result2));
+		// set default CA
+		$acmesh_result3 = \Froxlor\FileDir::safe_exec(self::getAcmeSh() . " --set-default-ca --server " . self::$apiserver);
+		// log messages
+		FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Checking for LetsEncrypt client upgrades before renewing certificates:\n" . implode("\n", $acmesh_result) . "\n" . implode("\n", $acmesh_result2) . "\n" . implode("\n", $acmesh_result3));
 	}
 }

lib/Froxlor/Cron/Http/Lighttpd.php

@@ -251,7 +251,7 @@ class Lighttpd extends HttpConfigBase
 							// check for existence, #1485
 							if (! file_exists($domain['ssl_ca_file'])) {
 								$this->logger->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_ERR, $ip . ':' . $port . ' :: certificate CA file "' . $domain['ssl_ca_file'] . '" does not exist! Cannot create ssl-directives');
-								echo $ip . ':' . port . ' :: certificate CA file "' . $domain['ssl_ca_file'] . '" does not exist! SSL-directives might not be working' . "\n";
+								echo $ip . ':' . $port . ' :: certificate CA file "' . $domain['ssl_ca_file'] . '" does not exist! SSL-directives might not be working' . "\n";
 							} else {
 								$this->lighttpd_data[$vhost_filename] .= 'ssl.ca-file = "' . \Froxlor\FileDir::makeCorrectFile($domain['ssl_ca_file']) . '"' . "\n";
 							}
@@ -760,6 +760,7 @@ class Lighttpd extends HttpConfigBase
 			'customerid' => $domain['customerid']
 		));
 
+		$diroption_text = '';
 		while ($row_htpasswds = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 			if ($this->auth_backend_loaded[$domain['ipandport']] != 'yes' && $this->auth_backend_loaded[$domain['ssl_ipandport']] != 'yes') {
 				$filename = $domain['customerid'] . '.htpasswd';
@@ -836,6 +837,7 @@ class Lighttpd extends HttpConfigBase
 			}
 		}
 
+		$servernames_text = '';
 		for ($i = 0; $i < sizeof($server_string); $i ++) {
 			$data = $server_string[$i];
 

lib/Froxlor/Cron/Http/Nginx.php

@@ -1035,8 +1035,10 @@ class Nginx extends HttpConfigBase
 
 	protected function getStats($domain, $single)
 	{
-		$stats_text = '';
+		
+	    $stats_text = '';
 
+	    return $stats_text;
 		// define basic path to the stats
 		if (Settings::Get('system.awstats_enabled') == '1') {
 			$alias_dir = \Froxlor\FileDir::makeCorrectFile($domain['customerroot'] . '/awstats/');

lib/Froxlor/Cron/System/BackupCron.php

@@ -4,6 +4,7 @@ namespace Froxlor\Cron\System;
 use Froxlor\Database\Database;
 use Froxlor\Settings;
 use Froxlor\FroxlorLogger;
+use Froxlor\FileDir;
 
 /**
  * This file is part of the Froxlor project.
@@ -150,13 +151,17 @@ class BackupCron extends \Froxlor\Cron\FroxlorCron
 			$sql_root = Database::getSqlData();
 			Database::needRoot(false);
 
+			$mysqlcnf_file = tempnam("/tmp", "frx");
+			$mysqlcnf = "[mysqldump]\npassword=".$sql_root['passwd']."\n";
+			file_put_contents($mysqlcnf_file, $mysqlcnf);
+
 			$has_dbs = false;
 			while ($row = $sel_stmt->fetch()) {
 				$cronlog->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> mysqldump -u ' . escapeshellarg($sql_root['user']) . ' -pXXXXX ' . $row['databasename'] . ' > ' . \Froxlor\FileDir::makeCorrectFile($tmpdir . '/mysql/' . $row['databasename'] . '_' . date('YmdHi', time()) . '.sql'));
 				$bool_false = false;
-				\Froxlor\FileDir::safe_exec('mysqldump -u ' . escapeshellarg($sql_root['user']) . ' -p' . $sql_root['passwd'] . ' ' . $row['databasename'] . ' > ' . \Froxlor\FileDir::makeCorrectFile($tmpdir . '/mysql/' . $row['databasename'] . '_' . date('YmdHi', time()) . '.sql'), $bool_false, array(
+				\Froxlor\FileDir::safe_exec('mysqldump --defaults-file=' . escapeshellarg($mysqlcnf_file) .' -u ' . escapeshellarg($sql_root['user']) . ' ' . $row['databasename'] . ' > ' . FileDir::makeCorrectFile($tmpdir . '/mysql/' . $row['databasename'] . '_' . date('YmdHi', time()) . '.sql'), $bool_false, [
 					'>'
-				));
+				]);
 				$has_dbs = true;
 			}
 
@@ -164,6 +169,8 @@ class BackupCron extends \Froxlor\Cron\FroxlorCron
 				$create_backup_tar_data .= './mysql ';
 			}
 
+			unlink($mysqlcnf_file);
+
 			unset($sql_root);
 		}
 

lib/Froxlor/Cron/System/TasksCron.php

@@ -324,8 +324,8 @@ class TasksCron extends \Froxlor\Cron\FroxlorCron
 
 				if (file_exists($logsdir) && $logsdir != '/' && $logsdir != \Froxlor\FileDir::makeCorrectDir(Settings::Get('system.logfiles_directory')) && substr($logsdir, 0, strlen(Settings::Get('system.logfiles_directory'))) == Settings::Get('system.logfiles_directory')) {
 					// build up wildcard for webX-{access,error}.log{*}
-					$logfiles .= '-*';
+					$logsdir .= '-*';
-					\Froxlor\FileDir::safe_exec('rm -f ' . escapeshellarg($logfiles));
+					\Froxlor\FileDir::safe_exec('rm -f ' . escapeshellarg($logsdir));
 				}
 			}
 		}

lib/Froxlor/Cron/Traffic/ReportsCron.php

@@ -36,7 +36,7 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 		if ((int) Settings::Get('system.report_trafficmax') > 0) {
 			// Warn the customers at xx% traffic-usage
 			$result_stmt = Database::prepare("
-				SELECT `c`.`customerid`, `c`.`customernumber`, `c`.`adminid`, `c`.`name`, `c`.`firstname`,
+				SELECT `c`.`customerid`, `c`.`loginname`, `c`.`customernumber`, `c`.`adminid`, `c`.`name`, `c`.`firstname`,
 				`c`.`company`, `c`.`traffic`, `c`.`email`, `c`.`def_language`,
 				`a`.`name` AS `adminname`, `a`.`email` AS `adminmail`,
 				(SELECT SUM(`t`.`http` + `t`.`ftp_up` + `t`.`ftp_down` + `t`.`mail`)
@@ -60,6 +60,7 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 						'name' => $row['name'],
 						'firstname' => $row['firstname'],
 						'company' => $row['company'],
+						'loginname' => $row['loginname'],
 						'customernumber' => $row['customernumber']
 					);
 					$replace_arr = array(
@@ -67,6 +68,7 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 						'NAME' => $rep_userinfo['name'],
 						'FIRSTNAME' => $rep_userinfo['firstname'],
 						'COMPANY' => $rep_userinfo['company'],
+						'USERNAME' => $rep_userinfo['loginname'],
 						'CUSTOMER_NO' => $rep_userinfo['customernumber'],
 						'TRAFFIC' => round(($row['traffic'] / 1024), 2), /* traffic is stored in KB, template uses MB */
 						'TRAFFICUSED' => round(($row['traffic_used'] / 1024), 2), /* traffic is stored in KB, template uses MB */
@@ -354,7 +356,7 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 			 * report about diskusage for customers
 			 */
 			$result_stmt = Database::query("
-				SELECT `c`.`customerid`, `c`.`customernumber`, `c`.`adminid`, `c`.`name`, `c`.`firstname`,
+				SELECT `c`.`customerid`, `c`.`loginname`, `c`.`customernumber`, `c`.`adminid`, `c`.`name`, `c`.`firstname`,
 				`c`.`company`, `c`.`diskspace`, `c`.`diskspace_used`, `c`.`email`, `c`.`def_language`,
 				`a`.`name` AS `adminname`, `a`.`email` AS `adminmail`
 				FROM `" . TABLE_PANEL_CUSTOMERS . "` AS `c`
@@ -373,6 +375,7 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 						'name' => $row['name'],
 						'firstname' => $row['firstname'],
 						'company' => $row['company'],
+						'loginname' => $row['loginname'],
 						'customernumber' => $row['customernumber']
 					);
 					$replace_arr = array(
@@ -380,6 +383,7 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 						'NAME' => $rep_userinfo['name'],
 						'FIRSTNAME' => $rep_userinfo['firstname'],
 						'COMPANY' => $rep_userinfo['company'],
+						'USERNAME' => $rep_userinfo['loginname'],
 						'CUSTOMER_NO' => $rep_userinfo['customernumber'],
 						'DISKAVAILABLE' => round(($row['diskspace'] / 1024), 2), /* traffic is stored in KB, template uses MB */
 						'DISKUSED' => round($row['diskspace_used'] / 1024, 2), /* traffic is stored in KB, template uses MB */

lib/Froxlor/Database/Database.php

@@ -190,10 +190,16 @@ class Database
 	 */
 	public static function getSqlUsernameLength()
 	{
-		// MySQL user names can be up to 32 characters long (16 characters before MySQL 5.7.8).
+		// MariaDB supports up to 80 characters but only 64 for databases and as we use the loginname also for
-		$mysql_max = 32;
+		// database names, we set the limit to 64 here
-		if (version_compare(Database::getAttribute(\PDO::ATTR_SERVER_VERSION), '5.7.8', '<')) {
+		if (strpos(strtolower(Database::getAttribute(\PDO::ATTR_SERVER_VERSION)), "mariadb") !== false) {
-			$mysql_max = 16;
+			$mysql_max = 64;
+		} else {
+			// MySQL user names can be up to 32 characters long (16 characters before MySQL 5.7.8).
+			$mysql_max = 32;
+			if (version_compare(Database::getAttribute(\PDO::ATTR_SERVER_VERSION), '5.7.8', '<')) {
+				$mysql_max = 16;
+			}
 		}
 		return $mysql_max;
 	}

lib/Froxlor/Database/DbManager.php

@@ -173,7 +173,10 @@ class DbManager
 
 				if (isset($users[$username]) && is_array($users[$username]) && isset($users[$username]['hosts']) && is_array($users[$username]['hosts'])) {
 
-					$password = $users[$username]['password'];
+					$password = [
+						'password' => $users[$username]['password'],
+						'plugin' => $users[$username]['plugin']
+					];
 
 					foreach ($mysql_access_host_array as $mysql_access_host) {
 

lib/Froxlor/Database/Manager/DbManagerMySQL.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace Froxlor\Database\Manager;
 
 use Froxlor\Database\Database;
@@ -68,7 +69,7 @@ class DbManagerMySQL
 	 * username and sets the password for that user the given access_host
 	 *
 	 * @param string $username
-	 * @param string $password
+	 * @param string|array $password
 	 * @param string $access_host
 	 * @param bool $p_encrypted
 	 *        	optional, whether the password is encrypted or not, default false
@@ -77,7 +78,13 @@ class DbManagerMySQL
 	 */
 	public function grantPrivilegesTo($username = null, $password = null, $access_host = null, $p_encrypted = false, $update = false)
 	{
-		if (! $update) {
+		$pwd_plugin = 'mysql_native_password';
+		if (is_array($password) && count($password) == 2) {
+			$pwd_plugin = $password['plugin'];
+			$password = $password['password'];
+		}
+
+		if (!$update) {
 			// create user
 			if ($p_encrypted) {
 				if (version_compare(Database::getAttribute(\PDO::ATTR_SERVER_VERSION), '5.7.0', '<')) {
@@ -86,7 +93,7 @@ class DbManagerMySQL
 					");
 				} else {
 					$stmt = Database::prepare("
-						CREATE USER '" . $username . "'@'" . $access_host . "' IDENTIFIED WITH mysql_native_password AS :password
+						CREATE USER '" . $username . "'@'" . $access_host . "' IDENTIFIED WITH " . $pwd_plugin . " AS :password
 					");
 				}
 			} else {
@@ -115,7 +122,7 @@ class DbManagerMySQL
 				}
 			} else {
 				if ($p_encrypted) {
-					$stmt = Database::prepare("ALTER USER :username@:host IDENTIFIED WITH mysql_native_password AS :password");
+					$stmt = Database::prepare("ALTER USER :username@:host IDENTIFIED WITH " . $pwd_plugin . " AS :password");
 				} else {
 					$stmt = Database::prepare("ALTER USER :username@:host IDENTIFIED BY :password");
 				}
@@ -136,7 +143,7 @@ class DbManagerMySQL
 	 */
 	public function deleteDatabase($dbname = null)
 	{
-		if (Database::getAttribute(\PDO::ATTR_SERVER_VERSION) < '5.0.2') {
+		if (version_compare(Database::getAttribute(\PDO::ATTR_SERVER_VERSION), '5.0.2', '<')) {
 			// failsafe if user has been deleted manually (requires MySQL 4.1.2+)
 			$stmt = Database::prepare("REVOKE ALL PRIVILEGES, GRANT OPTION FROM `" . $dbname . "`");
 			Database::pexecute($stmt, array(), false);
@@ -247,9 +254,10 @@ class DbManagerMySQL
 		$allsqlusers = array();
 		while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 			if ($user_only == false) {
-				if (! isset($allsqlusers[$row['User']]) || ! is_array($allsqlusers[$row['User']])) {
+				if (!isset($allsqlusers[$row['User']]) || !is_array($allsqlusers[$row['User']])) {
 					$allsqlusers[$row['User']] = array(
 						'password' => $row['Password'] ?? $row['authentication_string'],
+						'plugin' => $row['plugin'] ?? 'mysql_native_password',
 						'hosts' => array()
 					);
 				}

lib/Froxlor/Dns/Dns.php

@@ -408,7 +408,20 @@ class Dns
 			$soa_record = new DnsEntry('@', 'SOA', $soa_content);
 			array_unshift($zonerecords, $soa_record);
 		}
-
+        //DMARC
+		//_dmarc 18000   IN      TXT     ("v=DMARC1; p=reject; fo=1; adkim=r; aspf=r; pct=100; rf=afrf; r"
+		//                               "i=86400; rua=mailto:dmarc@zweiseitendergeschichte.de;")
+		if ($domain['isemaildomain'] == '1') {
+		    $dmarc_txt = '("v=DMARC1; p=reject; fo=1; adkim=r; aspf=r; pct=100; rf=afrf; ri=86400; ruf=mailto:dmarc@'.$domain['domain'].'; rua=mailto:dmarc@'.$domain['domain'].';")';
+		    $dmarc_record = new DnsEntry('_dmarc', 'TXT',$dmarc_txt );
+		    array_unshift($zonerecords,$dmarc_record);
+		}
+		if ($domain['isemaildomain'] == '1') {
+		    $dkim_txt = 'v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosq0CmLqEzJJxIHkQwG1Xwk6CSyHHWSDXL9BHCKzY9lJXH7a23PogVlLvUBYaAgBtFOpsKuUCBl+/g6rOqgVXKg0OpYdpgTxZyz1i4NcubGFLifQGnF8ZKpIEDqIzmLI6SbH+9DKwYA319sXAR6feZI4g5bWqF07t/kzA5LN+2V5QnDQ3th++GPRl5rmWF6uoidIRD85UZVEX4s3J1hce0k6tRb2aEozCJaSXHUwyarmbbX/5rky467QQ+45Uy0q9CNaMMu1IX5eybhLRxYXK1k0TfIRJv4FH1UFLlq2QoGC7d+KvLrUabhzQ5wbdZkWuVgLFZ7CL2NegfzO6YeEcQIDAQAB';
+		    $dkim_record = new DnsEntry('mx._domainkey', 'TXT', $dkim_txt);
+		    array_unshift($zonerecords, $dkim_record);
+		}
+		
 		$zone = new DnsZone((int) Settings::Get('system.defaultttl'), $domain['domain'], $domain['bindserial'], $zonerecords);
 
 		return $zone;

lib/Froxlor/FileDir.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace Froxlor;
 
 use Froxlor\Database\Database;
@@ -96,14 +97,14 @@ class FileDir
 			$subdir = self::makeCorrectDir($subdir);
 			$subdirs = array();
 
-			if ($within_homedir || ! $allow_notwithinhomedir) {
+			if ($within_homedir || !$allow_notwithinhomedir) {
 				$subdirlen = strlen($subdir);
 				$offset = 0;
 
 				while ($offset < $subdirlen) {
 					$offset = strpos($subdir, '/', $offset);
 					$subdirelem = substr($subdir, 0, $offset);
-					$offset ++;
+					$offset++;
 					array_push($subdirs, self::makeCorrectDir($homeDir . $subdirelem));
 				}
 			} else {
@@ -113,7 +114,7 @@ class FileDir
 			$subdirs = array_unique($subdirs);
 			sort($subdirs);
 			foreach ($subdirs as $sdir) {
-				if (! is_dir($sdir)) {
+				if (!is_dir($sdir)) {
 					$sdir = self::makeCorrectDir($sdir);
 					self::safe_exec('mkdir -p ' . escapeshellarg($sdir));
 					// place index
@@ -247,7 +248,7 @@ class FileDir
 	 */
 	public static function makeCorrectFile($filename)
 	{
-		if (! isset($filename) || trim($filename) == '') {
+		if (!isset($filename) || trim($filename) == '') {
 			$error = 'Given filename for function ' . __FUNCTION__ . ' is empty.' . "\n";
 			$error .= 'This is very dangerous and should not happen.' . "\n";
 			$error .= 'Please inform the Froxlor team about this issue so they can fix it.';
@@ -278,7 +279,7 @@ class FileDir
 	{
 		if (is_string($dir) && strlen($dir) > 0) {
 			$dir = trim($dir);
-			if (substr($dir, - 1, 1) != '/') {
+			if (substr($dir, -1, 1) != '/') {
 				$dir .= '/';
 			}
 			if (substr($dir, 0, 1) != '/') {
@@ -355,7 +356,7 @@ class FileDir
 			$destination = substr($destination, 1);
 		}
 
-		if (substr($destination, - 1, 1) == ' ') {
+		if (substr($destination, -1, 1) == ' ') {
 			$destination = substr($destination, 0, strlen($destination) - 1);
 		}
 
@@ -390,7 +391,7 @@ class FileDir
 		// but dirList holds the paths with starting slash
 		// so we just add one here to get the correct
 		// default path selected, #225
-		if (substr($value, 0, 1) != '/' && ! $dom) {
+		if (substr($value, 0, 1) != '/' && !$dom) {
 			$value = '/' . $value;
 		}
 
@@ -408,34 +409,22 @@ class FileDir
 			natcasesort($dirList);
 
 			if (sizeof($dirList) > 0) {
-				if (sizeof($dirList) <= 100) {
+				$_field = '';
-					$_field = '';
+				foreach ($dirList as $dir) {
-					foreach ($dirList as $dir) {
+					if (strpos($dir, $path) === 0) {
-						if (strpos($dir, $path) === 0) {
+						$dir = substr($dir, strlen($path));
-							$dir = substr($dir, strlen($path));
+						// docroot cut off of current directory == empty -> directory is the docroot
-							// docroot cut off of current directory == empty -> directory is the docroot
+						if (empty($dir)) {
-							if (empty($dir)) {
+							$dir = '/';
-								$dir = '/';
-							}
-							$dir = self::makeCorrectDir($dir);
 						}
-						$_field .= \Froxlor\UI\HTML::makeoption($dir, $dir, $value);
+						$dir = self::makeCorrectDir($dir);
 					}
-					$field = array(
+					$_field .= \Froxlor\UI\HTML::makeoption($dir, $dir, $value);
-						'type' => 'select',
-						'value' => $_field
-					);
-				} else {
-					// remove starting slash we added
-					// for the Dropdown, #225
-					$value = substr($value, 1);
-					// $field = $lng['panel']['toomanydirs'];
-					$field = array(
-						'type' => 'text',
-						'value' => htmlspecialchars($value),
-						'note' => $lng['panel']['toomanydirs']
-					);
 				}
+				$field = array(
+					'type' => 'select',
+					'value' => $_field
+				);
 			} else {
 				// $field = $lng['panel']['dirsmissing'];
 				// $field = '<input type="hidden" name="path" value="/" />';
@@ -489,22 +478,31 @@ class FileDir
 			$filter = function ($file, $key, $iterator) use ($exclude) {
 				if (in_array($file->getFilename(), $exclude)) {
 					return false;
+				} elseif (substr($file->getFilename(), 0, 1) == '.') {
+					// also hide hidden folders
+					return false;
 				}
 				return true;
 			};
 
 			// create RecursiveIteratorIterator
-			$its = new \RecursiveIteratorIterator(new \RecursiveCallbackFilterIterator(new System\IgnorantRecursiveDirectoryIterator($path, \RecursiveDirectoryIterator::SKIP_DOTS), $filter));
+			$its = new \RecursiveIteratorIterator(
+				new \RecursiveCallbackFilterIterator(
+					new \RecursiveDirectoryIterator($path, \RecursiveDirectoryIterator::SKIP_DOTS),
+					$filter
+				),
+				\RecursiveIteratorIterator::SELF_FIRST,
+				\RecursiveIteratorIterator::CATCH_GET_CHILD
+			);
 			// we can limit the recursion-depth, but will it be helpful or
 			// will people start asking "why do I only see 2 subdirectories, i want to use /a/b/c"
 			// let's keep this in mind and see whether it will be useful
-			// @TODO
+			$its->setMaxDepth(2);
-			// $its->setMaxDepth(2);
 
 			// check every file
 			foreach ($its as $fullFileName => $it) {
 				if ($it->isDir() && (fileowner($fullFileName) == $uid || filegroup($fullFileName) == $gid)) {
-					$_fileList[] = self::makeCorrectDir(dirname($fullFileName));
+					$_fileList[] = self::makeCorrectDir($fullFileName);
 				}
 			}
 			$_fileList[] = $path;
@@ -525,7 +523,7 @@ class FileDir
 	 */
 	public static function isFreeBSD($exact = false)
 	{
-		if (($exact && PHP_OS == 'FreeBSD') || (! $exact && stristr(PHP_OS, 'BSD'))) {
+		if (($exact && PHP_OS == 'FreeBSD') || (!$exact && stristr(PHP_OS, 'BSD'))) {
 			return true;
 		}
 		return false;

lib/Froxlor/Froxlor.php

@@ -7,7 +7,7 @@ final class Froxlor
 {
 
 	// Main version variable
-	const VERSION = '0.10.33';
+	const VERSION = '0.10.38.3';
 
 	// Database version (YYYYMMDDC where C is a daily counter)
 	const DBVERSION = '202112310';

lib/Froxlor/PhpHelper.php

@@ -63,7 +63,7 @@ class PhpHelper
 					$subject[$field] = self::htmlentitiesArray($subject[$field], $fields, $quote_style, $charset);
 				}
 			}
-		} else {
+		} elseif (!empty($subject)) {
 			$subject = htmlentities($subject, $quote_style, $charset);
 		}
 

lib/Froxlor/Settings/Store.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace Froxlor\Settings;
 
 use Froxlor\Database\Database;
@@ -63,9 +64,9 @@ class Store
 		if (count($ids) > 0) {
 			$defaultips_new = explode(',', $newfieldvalue);
 
-			if (! empty($defaultips_old) && ! empty($newfieldvalue)) {
+			if (!empty($defaultips_old) && !empty($newfieldvalue)) {
 				$in_value = $defaultips_old . ", " . $newfieldvalue;
-			} elseif (! empty($defaultips_old) && empty($newfieldvalue)) {
+			} elseif (!empty($defaultips_old) && empty($newfieldvalue)) {
 				$in_value = $defaultips_old;
 			} else {
 				$in_value = $newfieldvalue;
@@ -280,11 +281,11 @@ class Store
 		if ($returnvalue !== false && is_array($fielddata) && isset($fielddata['settinggroup']) && $fielddata['settinggroup'] == 'system' && isset($fielddata['varname']) && $fielddata['varname'] == 'mysql_access_host') {
 			$mysql_access_host_array = array_map('trim', explode(',', $newfieldvalue));
 
-			if (in_array('127.0.0.1', $mysql_access_host_array) && ! in_array('localhost', $mysql_access_host_array)) {
+			if (in_array('127.0.0.1', $mysql_access_host_array) && !in_array('localhost', $mysql_access_host_array)) {
 				$mysql_access_host_array[] = 'localhost';
 			}
 
-			if (! in_array('127.0.0.1', $mysql_access_host_array) && in_array('localhost', $mysql_access_host_array)) {
+			if (!in_array('127.0.0.1', $mysql_access_host_array) && in_array('localhost', $mysql_access_host_array)) {
 				$mysql_access_host_array[] = '127.0.0.1';
 			}
 
@@ -306,8 +307,8 @@ class Store
 
 	private static function cleanMySQLAccessHost($value)
 	{
-		if (substr($value, 0, 1) == '[' && substr($value, - 1) == ']') {
+		if (substr($value, 0, 1) == '[' && substr($value, -1) == ']') {
-			return substr($value, 1, - 1);
+			return substr($value, 1, -1);
 		}
 		return $value;
 	}
@@ -370,66 +371,85 @@ class Store
 	}
 
 	public static function storeSettingImage($fieldname, $fielddata)
-    {
+	{
-        if (isset($fielddata['settinggroup'], $fielddata['varname']) && is_array($fielddata) && $fielddata['settinggroup'] !== '' && $fielddata['varname'] !== '') {
+		if (isset($fielddata['settinggroup'], $fielddata['varname']) && is_array($fielddata) && $fielddata['settinggroup'] !== '' && $fielddata['varname'] !== '') {
-            $save_to = null;
+			$save_to = null;
-            $path = \Froxlor\Froxlor::getInstallDir().'/img/';
+			$path = \Froxlor\Froxlor::getInstallDir() . '/img/';
-            $path = \Froxlor\FileDir::makeCorrectDir($path);
+			$path = \Froxlor\FileDir::makeCorrectDir($path);
 
-            // New file?
+			// New file?
-            if (isset($_FILES[$fieldname]) && $_FILES[$fieldname]['tmp_name']) {
+			if (isset($_FILES[$fieldname]) && $_FILES[$fieldname]['tmp_name']) {
-                // Make sure upload directory exists
+				// Make sure upload directory exists
-                if (!is_dir($path) && !mkdir($path, 0775)) {
+				if (!is_dir($path) && !mkdir($path, 0775)) {
-                    throw new \Exception("img directory does not exist and cannot be created");
+					throw new \Exception("img directory does not exist and cannot be created");
-                }
+				}
 
-                // Make sure we can write to the upload directory
+				// Make sure we can write to the upload directory
-                if (!is_writable($path)) {
+				if (!is_writable($path)) {
-                    if (!chmod($path, 0775)) {
+					if (!chmod($path, 0775)) {
-                        throw new \Exception("Cannot write to img directory");
+						throw new \Exception("Cannot write to img directory");
-                    }
+					}
-                }
+				}
 
-                // Make sure mime-type matches an image
+				// Make sure mime-type matches an image
-                if (!in_array(mime_content_type($_FILES[$fieldname]['tmp_name']), ['image/jpeg','image/jpg','image/png','image/gif'])) {
+				if (function_exists('finfo_open')) {
-                    throw new \Exception("Uploaded file not a valid image");
+					$finfo = finfo_open(FILEINFO_MIME_TYPE);
-                }
+					$mimetype = finfo_file($finfo, $_FILES[$fieldname]['tmp_name']);
+					finfo_close($finfo);
+				} else {
+					$mimetype = mime_content_type($_FILES[$fieldname]['tmp_name']);
+				}
+				if (empty($mimetype)) {
+					$mimetype = 'application/octet-stream';
+				}
+				if (!in_array($mimetype, ['image/jpeg', 'image/jpg', 'image/png', 'image/gif'])) {
+					throw new \Exception("Uploaded file is not a valid image");
+				}
 
-                // Determine file extension
+				// Determine file extension
-                $spl = explode('.', $_FILES[$fieldname]['name']);
+				$spl = explode('.', $_FILES[$fieldname]['name']);
-                $file_extension = strtolower(array_pop($spl));
+				$file_extension = strtolower(array_pop($spl));
-                unset($spl);
+				unset($spl);
 
-                // Move file
+				if (!in_array($file_extension, [
-                if (!move_uploaded_file($_FILES[$fieldname]['tmp_name'], $path.$fielddata['image_name'].'.'.$file_extension)) {
+					'jpeg',
-                    throw new \Exception("Unable to save image to img folder");
+					'jpg',
-                }
+					'png',
+					'gif'
+				])) {
+					throw new Exception("Invalid file-extension, use one of: jpeg, jpg, png, gif");
+				}
 
-                $save_to = 'img/'.$fielddata['image_name'].'.'.$file_extension.'?v='.time();
+				// Move file
-            }
+				if (!move_uploaded_file($_FILES[$fieldname]['tmp_name'], $path . $fielddata['image_name'] . '.' . $file_extension)) {
+					throw new \Exception("Unable to save image to img folder");
+				}
 
-            // Delete file?
+				$save_to = 'img/' . $fielddata['image_name'] . '.' . $file_extension . '?v=' . time();
-            if ($fielddata['value'] !== "" && array_key_exists($fieldname.'_delete', $_POST) && $_POST[$fieldname.'_delete']) {
+			}
-                @unlink(\Froxlor\Froxlor::getInstallDir() . '/' . explode('?', $fielddata['value'], 2)[0]);
-                $save_to = '';
-            }
 
-            // Nothing changed
+			// Delete file?
-            if ($save_to === null) {
+			if ($fielddata['value'] !== "" && array_key_exists($fieldname . '_delete', $_POST) && $_POST[$fieldname . '_delete']) {
-                return array(
+				@unlink(\Froxlor\Froxlor::getInstallDir() . '/' . explode('?', $fielddata['value'], 2)[0]);
-                    $fielddata['settinggroup'] . '.' . $fielddata['varname'] => $fielddata['value']
+				$save_to = '';
-                );
+			}
-            }
 
-            if (Settings::Set($fielddata['settinggroup'] . '.' . $fielddata['varname'], $save_to) === false) {
+			// Nothing changed
-                return false;
+			if ($save_to === null) {
-            }
+				return array(
+					$fielddata['settinggroup'] . '.' . $fielddata['varname'] => $fielddata['value']
+				);
+			}
 
-            return array(
+			if (Settings::Set($fielddata['settinggroup'] . '.' . $fielddata['varname'], $save_to) === false) {
-                $fielddata['settinggroup'] . '.' . $fielddata['varname'] => $save_to
+				return false;
-            );
+			}
-        }
 
-        return false;
+			return array(
-    }
+				$fielddata['settinggroup'] . '.' . $fielddata['varname'] => $save_to
+			);
+		}
+
+		return false;
+	}
 }

lib/Froxlor/System/IgnorantRecursiveDirectoryIterator.php

@@ -1,21 +0,0 @@
-<?php
-namespace Froxlor\System;
-
-/**
- * If you use RecursiveDirectoryIterator with RecursiveIteratorIterator and run
- * into UnexpectedValueException you may use this little hack to ignore those
- * directories, such as lost+found on linux.
- * (User "antennen" @ http://php.net/manual/en/class.recursivedirectoryiterator.php#101654)
- */
-class IgnorantRecursiveDirectoryIterator extends \RecursiveDirectoryIterator
-{
-
-	public function getChildren()
-	{
-		try {
-			return new IgnorantRecursiveDirectoryIterator($this->getPathname());
-		} catch (\UnexpectedValueException $e) {
-			return new \RecursiveArrayIterator(array());
-		}
-	}
-}

lib/config.inc.php

@@ -0,0 +1,14 @@
+<?php
+
+/**
+ * change the options below to either true or false
+ */
+return [
+	/**
+	 * enable/disable the possibility to update froxlor from within the web-interface,
+	 * recommended value for debian/ubuntu package users is false to rely on apt and not have version mixup.
+	 * This is also useful for providers that manage the servers but give admin access to froxlor to handle
+	 * updates the way the providers does it (e.g. automation, etc.)
+	 */
+	'enable_webupdate' => true,
+];

lib/configfiles/bullseye.xml

@@ -3561,7 +3561,7 @@ postmaster_address = postmaster@<SERVERNAME>
 
 protocol lda {
   # Space separated list of plugins to load (default is global mail_plugins).
-  #mail_plugins = $mail_plugins
+  mail_plugins = $mail_plugins quota sieve
 }
 ]]>
 							</content>

lib/configfiles/buster.xml

@@ -3557,7 +3557,7 @@ postmaster_address = postmaster@<SERVERNAME>
 
 protocol lda {
   # Space separated list of plugins to load (default is global mail_plugins).
-  #mail_plugins = $mail_plugins
+  mail_plugins = $mail_plugins quota sieve
 }
 ]]>
 							</content>

lib/configfiles/focal.xml

@@ -1600,7 +1600,7 @@ root:               root@<SERVERNAME>
 # is /etc/mailname.
 #myorigin = /etc/mailname
 
-smtpd_banner = $myhostname ESMTP $mail_name (@@DISTRO@@)
+smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
 biff = no
 
 # appending .domain is the MUA's job.