set version to 0.10.36 for upcoming maintenance release

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

README.md

@@ -54,24 +54,24 @@ May be found in [COPYING](COPYING)
 ### Tarball
 https://files.froxlor.org/releases/froxlor-latest.tar.gz [MD5](https://files.froxlor.org/releases/froxlor-latest.tar.gz.md5) [SHA1](https://files.froxlor.org/releases/froxlor-latest.tar.gz.sha1)
 
-### Debian repository
+### Debian / Ubutnu repository
 
 [HowTo](https://docs.froxlor.org/general/installation/aptpackage.html)
 
-```
+#### Debian
-apt-get -y install apt-transport-https lsb-release ca-certificates
-wget -O - https://deb.froxlor.org/froxlor.gpg | apt-key add -
-echo "deb https://deb.froxlor.org/debian $(lsb_release -sc) main" > /etc/apt/sources.list.d/froxlor.list
-```
-
-### Ubuntu repository
-
-[HowTo](https://docs.froxlor.org/general/installation/aptpackage.html)
 
 ```
-apt-get -y install apt-transport-https lsb-release ca-certificates
+apt-get -y install apt-transport-https lsb-release ca-certificates curl
-wget -O - https://deb.froxlor.org/froxlor.gpg | apt-key add -
+curl -sSLo /usr/share/keyrings/deb.froxlor.org-froxlor.gpg https://deb.froxlor.org/froxlor.gpg
-echo "deb https://deb.froxlor.org/ubuntu $(lsb_release -sc) main" > /etc/apt/sources.list.d/froxlor.list
+sh -c 'echo "deb [signed-by=/usr/share/keyrings/deb.froxlor.org-froxlor.gpg] https://deb.froxlor.org/debian $(lsb_release -sc) main" > /etc/apt/sources.list.d/froxlor.list'
+```
+
+#### Ubuntu
+
+```
+apt-get -y install apt-transport-https lsb-release ca-certificates curl
+curl -sSLo /usr/share/keyrings/deb.froxlor.org-froxlor.gpg https://deb.froxlor.org/froxlor.gpg
+sh -c 'echo "deb [signed-by=/usr/share/keyrings/deb.froxlor.org-froxlor.gpg] https://deb.froxlor.org/ubuntu $(lsb_release -sc) main" > /etc/apt/sources.list.d/froxlor.list'
 ```
 
 ## Contributing

actions/admin/settings/131.ssl.php

@@ -229,7 +229,7 @@ return array(
 					'default' => true,
 					'save_method' => 'storeSettingField'
 				),
-				'system_disable_le_selfcheck' => array(
+				'system_le_domain_dnscheck' => array(
 					'label' => $lng['serversettings']['le_domain_dnscheck'],
 					'settinggroup' => 'system',
 					'varname' => 'le_domain_dnscheck',

admin_admins.php

@@ -260,7 +260,7 @@ if ($page == 'admins' && $userinfo['change_serversettings'] == '1') {
 				$dec_places = Settings::Get('panel.decimal_places');
 				$result['traffic'] = round($result['traffic'] / (1024 * 1024), $dec_places);
 				$result['diskspace'] = round($result['diskspace'] / 1024, $dec_places);
-				$result['email'] = $idna_convert->decode($result['email']);
+				$result['email'] = $idna_convert->decode($result['email'] ?? '');
 
 				$customers_ul = \Froxlor\UI\HTML::makecheckbox('customers_ul', $lng['customer']['unlimited'], '-1', false, $result['customers'], true, true);
 				if ($result['customers'] == '-1') {

admin_customers.php

@@ -395,7 +395,7 @@ if ($page == 'customers' && $userinfo['customers'] != '0') {
 				$dec_places = Settings::Get('panel.decimal_places');
 				$result['traffic'] = round($result['traffic'] / (1024 * 1024), $dec_places);
 				$result['diskspace'] = round($result['diskspace'] / 1024, $dec_places);
-				$result['email'] = $idna_convert->decode($result['email']);
+				$result['email'] = $idna_convert->decode($result['email'] ?? '');
 
 				$diskspace_ul = \Froxlor\UI\HTML::makecheckbox('diskspace_ul', $lng['customer']['unlimited'], '-1', false, $result['diskspace'], true, true);
 				if ($result['diskspace'] == '-1') {

admin_domains.php

@@ -148,7 +148,7 @@ if ($page == 'domains' || $page == 'overview') {
 			$customers = \Froxlor\UI\HTML::makeoption($lng['panel']['please_choose'], 0, 0, true);
 			$result_customers_stmt = Database::prepare("
 					SELECT `customerid`, `loginname`, `name`, `firstname`, `company`
-					FROM `" . TABLE_PANEL_CUSTOMERS . "` " . ($userinfo['customers_see_all'] ? '' : " WHERE `adminid` = '" . (int) $userinfo['adminid'] . "' ") . " ORDER BY COALESCE(NULLIF(`name`,''), `company`) ASC");
+					FROM `" . TABLE_PANEL_CUSTOMERS . "` " . ($userinfo['customers_see_all'] ? '' : " WHERE `adminid` = :adminid ") . " ORDER BY COALESCE(NULLIF(`name`,''), `company`) ASC");
 			$params = array();
 			if ($userinfo['customers_see_all'] == '0') {
 				$params['adminid'] = $userinfo['adminid'];
@@ -674,7 +674,7 @@ if ($page == 'domains' || $page == 'overview') {
 function formatDomainEntry(&$row, &$idna_convert)
 {
 	$row['domain'] = $idna_convert->decode($row['domain']);
-	$row['aliasdomain'] = $idna_convert->decode($row['aliasdomain']);
+	$row['aliasdomain'] = $idna_convert->decode($row['aliasdomain'] ?? '');
 
 	$row['ipandport'] = '';
 	foreach ($row['ipsandports'] as $rowip) {
@@ -685,7 +685,7 @@ function formatDomainEntry(&$row, &$idna_convert)
 		}
 	}
 	$row['ipandport'] = substr($row['ipandport'], 0, - 1);
-	$row['termination_date'] = str_replace("0000-00-00", "", $row['termination_date']);
+	$row['termination_date'] = str_replace("0000-00-00", "", $row['termination_date'] ?? '');
 
 	$row['termination_css'] = "";
 	if ($row['termination_date'] != "") {

customer_domains.php

@@ -83,7 +83,7 @@ if ($page == 'overview') {
 				$statsapp = 'webalizer';
 			}
 			$row = [
-				'domain' => $idna_convert->decode($parentdomain)
+				'domain' => $idna_convert->decode($parentdomain ?? '')
 			];
 			eval("\$domains.=\"" . \Froxlor\UI\Template::getTemplate("domains/domains_delimiter") . "\";");
 
@@ -472,8 +472,8 @@ if ($page == 'overview') {
 function formatDomainEntry(&$row, &$idna_convert)
 {
 	$row['domain'] = $idna_convert->decode($row['domain']);
-	$row['aliasdomain'] = $idna_convert->decode($row['aliasdomain']);
+	$row['aliasdomain'] = $idna_convert->decode($row['aliasdomain'] ?? '');
-	$row['domainalias'] = $idna_convert->decode($row['domainalias']);
+	$row['domainalias'] = $idna_convert->decode($row['domainalias'] ?? '');
 
 	/**
 	 * check for set ssl-certs to show different state-icons
@@ -503,7 +503,7 @@ function formatDomainEntry(&$row, &$idna_convert)
 		}
 	}
 
-	$row['termination_date'] = str_replace("0000-00-00", "", $row['termination_date']);
+	$row['termination_date'] = str_replace("0000-00-00", "", $row['termination_date'] ?? '');
 
 	$row['termination_css'] = "";
 	if ($row['termination_date'] != "") {

install/froxlor.sql

@@ -723,7 +723,7 @@ opcache.validate_timestamps'),
 	('panel', 'logo_image_login', ''),
 	('panel', 'logo_overridetheme', '0'),
 	('panel', 'logo_overridecustom', '0'),
-	('panel', 'version', '0.10.33'),
+	('panel', 'version', '0.10.36'),
 	('panel', 'db_version', '202112310');
 
 

install/lib/class.FroxlorInstall.php

@@ -550,16 +550,23 @@ class FroxlorInstall
 			$this->_updateSetting($upd_stmt, 'error', 'system', 'errorlog_level');
 		}
 
+		/*
+		 * not yet used in configfiles
+		 * -> 0.11.x
+		 *
 		$distros = glob(\Froxlor\FileDir::makeCorrectDir(\Froxlor\Froxlor::getInstallDir() . '/lib/configfiles/') . '*.xml');
 		foreach ($distros as $_distribution) {
 			if ($this->_data['distribution'] == str_replace(".xml", "", strtolower(basename($_distribution)))) {
 				$dist = new \Froxlor\Config\ConfigParser($_distribution);
 				$defaults = $dist->getDefaults();
-				foreach ($defaults->property as $property) {
+				if (!empty($defaults)) {
-					$this->_updateSetting($upd_stmt, $property->value, $property->settinggroup, $property->varname);
+					foreach ($defaults as $property) {
+						$this->_updateSetting($upd_stmt, $property->attributes()->value, $property->attributes()->settinggroup, $property->attributes()->varname);
 					}
 				}
 			}
+		}
+		*/
 
 		$this->_updateSetting($upd_stmt, $this->_data['activate_newsfeed'], 'admin', 'show_news_feed');
 		$this->_updateSetting($upd_stmt, dirname(dirname(dirname(__FILE__))), 'system', 'letsencryptchallengepath');
@@ -734,8 +741,26 @@ class FroxlorInstall
 
 	private function _grantDbPrivilegesTo(&$db_root, $database, $username, $password, $access_host)
 	{
+		// mariadb
+		if (version_compare($db_root->getAttribute(\PDO::ATTR_SERVER_VERSION), '10.0.0', '>=')) {
+			// create user
+			$stmt = $db_root->prepare("
+				CREATE USER '" . $username . "'@'" . $access_host . "' IDENTIFIED BY :password
+			");
+			$stmt->execute(array(
+				"password" => $password
+			));
+			// grant privileges
+			$stmt = $db_root->prepare("
+				GRANT ALL ON `" . $database . "`.* TO :username@:host
+			");
+			$stmt->execute(array(
+				"username" => $username,
+				"host" => $access_host
+			));
+		}
 		// mysql8 compatibility
-		if (version_compare($db_root->getAttribute(\PDO::ATTR_SERVER_VERSION), '8.0.11', '>=')) {
+		elseif (version_compare($db_root->getAttribute(\PDO::ATTR_SERVER_VERSION), '8.0.11', '>=')) {
 			// create user
 			$stmt = $db_root->prepare("
 				CREATE USER '" . $username . "'@'" . $access_host . "' IDENTIFIED WITH mysql_native_password BY :password

install/scripts/config-services.php

@@ -28,4 +28,5 @@ try {
 	\Froxlor\Cli\ConfigServicesCmd::processParameters($argc, $argv);
 } catch (Exception $e) {
 	\Froxlor\Cli\ConfigServicesCmd::printerr($e->getMessage());
+	exit(1);
 }

install/scripts/switch-server-ip.php

@@ -28,4 +28,5 @@ try {
 	\Froxlor\Cli\SwitchServerIpCmd::processParameters($argc, $argv);
 } catch (Exception $e) {
 	\Froxlor\Cli\SwitchServerIpCmd::printerr($e->getMessage());
+	exit(1);
 }

install/updates/froxlor/0.10/update_0.10.inc.php

@@ -970,3 +970,29 @@ if (\Froxlor\Froxlor::isFroxlorVersion('0.10.32')) {
 	showUpdateStep("Updating from 0.10.32 to 0.10.33", false);
 	\Froxlor\Froxlor::updateToVersion('0.10.33');
 }
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.33')) {
+	showUpdateStep("Updating from 0.10.33 to 0.10.34", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.34');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.34')) {
+	showUpdateStep("Updating from 0.10.34 to 0.10.34.1", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.34.1');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.34.1')) {
+	showUpdateStep("Updating from 0.10.34.1 to 0.10.35", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.35');
+}
+
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.35')) {
+	showUpdateStep("Updating from 0.10.35 to 0.10.35.1", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.35.1');
+}
+
+if (\Froxlor\Froxlor::isFroxlorVersion('0.10.35.1')) {
+	showUpdateStep("Updating from 0.10.35.1 to 0.10.36", false);
+	\Froxlor\Froxlor::updateToVersion('0.10.36');
+}

lib/Froxlor/Api/ApiCommand.php

@@ -297,6 +297,10 @@ abstract class ApiCommand extends ApiParameter
 					$sortfield[$id] = $sfield;
 				}
 				$field = implode('.', $sortfield);
+				if (preg_match('/^([a-z0-9\-\._`]+)$/i', $field) == false) {
+					// skip
+					continue;
+				}
 				if (! $first) {
 					$condition .= ' AND ';
 				}
@@ -313,6 +317,14 @@ abstract class ApiCommand extends ApiParameter
 				} elseif (strtolower($valoper['op']) == 'in' && is_array($valoper['value']) && count($valoper['value']) > 0) {
 					$condition .= $field . ' ' . $valoper['op'] . ' (';
 					foreach ($valoper['value'] as $incnt => $invalue) {
+						if (!is_numeric($incnt)) {
+							// skip
+							continue;
+						}
+						if (!empty($invalue) && preg_match('/^([a-z0-9\-\._`]+)$/i', $invalue) == false) {
+							// skip
+							continue;
+						}
 						$condition .= ":" . $cleanfield . $incnt . ", ";
 						$query_fields[':' . $cleanfield . $incnt] = $invalue ?? '';
 					}
@@ -398,6 +410,10 @@ abstract class ApiCommand extends ApiParameter
 					$sortfield[$id] = $sfield;
 				}
 				$field = implode('.', $sortfield);
+				if (preg_match('/^([a-z0-9\-\._`]+)$/i', $field) == false) {
+					// skip
+					continue;
+				}
 				$by = strtoupper($by);
 				if (! in_array($by, [
 					'ASC',
@@ -423,6 +439,7 @@ abstract class ApiCommand extends ApiParameter
 		return $order;
 	}
 
+
 	/**
 	 * return logger instance
 	 *

lib/Froxlor/Api/Commands/Admins.php

@@ -472,7 +472,7 @@ class Admins extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 				// parameters
 				$name = $this->getParam('name', true, $result['name']);
 				$idna_convert = new \Froxlor\Idna\IdnaWrapper();
-				$email = $this->getParam('email', true, $idna_convert->decode($result['email']));
+				$email = $this->getParam('email', true, $idna_convert->decode($result['email'] ?? ''));
 				$password = $this->getParam('admin_password', true, '');
 				$def_language = $this->getParam('def_language', true, $result['def_language']);
 				$custom_notes = $this->getParam('custom_notes', true, $result['custom_notes']);

lib/Froxlor/Api/Commands/Customers.php

@@ -950,7 +950,7 @@ class Customers extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resource
 			$move_to_admin = (int) ($this->getParam('move_to_admin', true, 0));
 
 			$idna_convert = new \Froxlor\Idna\IdnaWrapper();
-			$email = $this->getParam('email', true, $idna_convert->decode($result['email']));
+			$email = $this->getParam('email', true, $idna_convert->decode($result['email'] ?? ''));
 			$name = $this->getParam('name', true, $result['name']);
 			$firstname = $this->getParam('firstname', true, $result['firstname']);
 			$company_required = empty($result['company']) && ((! empty($name) && empty($firstname)) || (empty($name) && ! empty($firstname)) || (empty($name) && empty($firstname)));

lib/Froxlor/Api/Commands/EmailAccounts.php

@@ -197,6 +197,7 @@ class EmailAccounts extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Reso
 					'NAME' => $customer['name'],
 					'FIRSTNAME' => $customer['firstname'],
 					'COMPANY' => $customer['company'],
+					'USERNAME' => $customer['loginname'],
 					'CUSTOMER_NO' => $customer['customernumber']
 				);
 

lib/Froxlor/Api/Commands/Ftps.php

@@ -243,6 +243,7 @@ class Ftps extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEntit
 						'NAME' => $customer['name'],
 						'FIRSTNAME' => $customer['firstname'],
 						'COMPANY' => $customer['company'],
+						'USERNAME' => $customer['loginname'],
 						'CUSTOMER_NO' => $customer['customernumber'],
 						'USR_NAME' => $username,
 						'USR_PASS' => htmlentities(htmlentities($password)),

lib/Froxlor/Api/Commands/Mysqls.php

@@ -141,6 +141,7 @@ class Mysqls extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\ResourceEnt
 					'NAME' => $userinfo['name'],
 					'FIRSTNAME' => $userinfo['firstname'],
 					'COMPANY' => $userinfo['company'],
+					'USERNAME' => $userinfo['loginname'],
 					'CUSTOMER_NO' => $userinfo['customernumber'],
 					'DB_NAME' => $username,
 					'DB_PASS' => htmlentities(htmlentities($password)),

lib/Froxlor/Config/ConfigParser.php

@@ -182,7 +182,7 @@ class ConfigParser
 	}
 
 	/**
-	 * Parse the XML and populate $this->services
+	 * Parse the XML and populate $this->defaults
 	 *
 	 * @return bool
 	 */
@@ -194,9 +194,9 @@ class ConfigParser
 		}
 
 		// Get all defaults
-		$defaults = $this->xml->xpath('//defaults');
+		$defaults = $this->xml->xpath('//defaults/default');
 		foreach ($defaults as $default) {
-			$this->defaults = $default;
+			$this->defaults[] = $default;
 		}
 
 		// Switch flag to indicate we parsed our data

lib/Froxlor/Cron/CronConfig.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace Froxlor\Cron;
 
 /**
@@ -18,6 +19,7 @@ namespace Froxlor\Cron;
  * @since 0.10.0
  *
  */
+
 use Froxlor\Database\Database;
 use Froxlor\Settings;
 
@@ -56,6 +58,12 @@ class CronConfig
 				SELECT * FROM `" . TABLE_PANEL_CRONRUNS . "` WHERE `isactive` = '1'
 			");
 
+			$binpath = Settings::Get("system.croncmdline");
+			// fallback as it is important
+			if ($binpath === null) {
+				$binpath = "/usr/bin/nice -n 5 /usr/bin/php -q";
+			}
+
 			$hour_delay = 0;
 			$day_delay = 5;
 			$month_delay = 7;
@@ -96,12 +104,6 @@ class CronConfig
 					}
 
 					// create entry-line
-					$binpath = Settings::Get("system.croncmdline");
-					// fallback as it is important
-					if ($binpath === null) {
-						$binpath = "/usr/bin/nice -n 5 /usr/bin/php -q";
-					}
-
 					$cronfile .= "root " . $binpath . " " . \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . "/scripts/froxlor_master_cronjob.php") . " --" . $row_cronentry['cronfile'] . " 1> /dev/null\n";
 				}
 			}
@@ -109,7 +111,7 @@ class CronConfig
 			// php sessionclean if enabled
 			if ((int) Settings::Get('phpfpm.enabled') == 1) {
 				$cronfile .= "# Look for and purge old sessions every 30 minutes" . PHP_EOL;
-				$cronfile .= "09,39 * * * * root " . \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . "/scripts/php-sessionclean.php") . " --froxlor-dir=" . escapeshellarg(\Froxlor\Froxlor::getInstallDir()) . " 1> /dev/null" . PHP_EOL;
+				$cronfile .= "09,39 * * * * root " . $binpath . " " . \Froxlor\FileDir::makeCorrectFile(\Froxlor\Froxlor::getInstallDir() . "/scripts/php-sessionclean.php") . " --froxlor-dir=" . escapeshellarg(\Froxlor\Froxlor::getInstallDir()) . " 1> /dev/null" . PHP_EOL;
 			}
 
 			if (\Froxlor\FileDir::isFreeBSD()) {

lib/Froxlor/Cron/Http/Apache.php

@@ -773,6 +773,7 @@ class Apache extends HttpConfigBase
 		}
 
 		if (Settings::Get('system.logfiles_piped') == '1' && Settings::Get('system.logfiles_script') != '') {
+			if ($domain['writeerrorlog']) {
 				// replace for error_log
 				$command = \Froxlor\PhpHelper::replaceVariables(Settings::Get('system.logfiles_script'), array(
 					'LOGFILE' => $error_log,
@@ -780,6 +781,10 @@ class Apache extends HttpConfigBase
 					'CUSTOMER' => $domain['loginname']
 				));
 				$logfiles_text .= '  ErrorLog "|' . $command . "\"\n";
+			} else {
+				$logfiles_text .= '  ErrorLog "' . $error_log . '"' . "\n";
+			}
+			if ($domain['writeaccesslog']) {
 				// replace for access_log
 				$command = \Froxlor\PhpHelper::replaceVariables(Settings::Get('system.logfiles_script'), array(
 					'LOGFILE' => $access_log,
@@ -787,6 +792,9 @@ class Apache extends HttpConfigBase
 					'CUSTOMER' => $domain['loginname']
 				));
 				$logfiles_text .= '  CustomLog "|' . $command . '" ' . $logtype . "\n";
+			} else {
+				$logfiles_text .= '  CustomLog "' . $access_log . '" ' . $logtype . "\n";
+			}
 		} else {
 			$logfiles_text .= '  ErrorLog "' . $error_log . '"' . "\n";
 			$logfiles_text .= '  CustomLog "' . $access_log . '" ' . $logtype . "\n";

lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php

@@ -635,6 +635,9 @@ EOC;
 		$acmesh_result = \Froxlor\FileDir::safe_exec(self::getAcmeSh() . " --upgrade --auto-upgrade 0");
 		// check for activated cron
 		$acmesh_result2 = \Froxlor\FileDir::safe_exec(self::getAcmeSh() . " --install-cronjob");
-		FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Checking for LetsEncrypt client upgrades before renewing certificates:\n" . implode("\n", $acmesh_result) . "\n" . implode("\n", $acmesh_result2));
+		// set default CA
+		$acmesh_result3 = \Froxlor\FileDir::safe_exec(self::getAcmeSh() . " --set-default-ca --server " . self::$apiserver);
+		// log messages
+		FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "Checking for LetsEncrypt client upgrades before renewing certificates:\n" . implode("\n", $acmesh_result) . "\n" . implode("\n", $acmesh_result2) . "\n" . implode("\n", $acmesh_result3));
 	}
 }

lib/Froxlor/Cron/Http/Lighttpd.php

@@ -251,7 +251,7 @@ class Lighttpd extends HttpConfigBase
 							// check for existence, #1485
 							if (! file_exists($domain['ssl_ca_file'])) {
 								$this->logger->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_ERR, $ip . ':' . $port . ' :: certificate CA file "' . $domain['ssl_ca_file'] . '" does not exist! Cannot create ssl-directives');
-								echo $ip . ':' . port . ' :: certificate CA file "' . $domain['ssl_ca_file'] . '" does not exist! SSL-directives might not be working' . "\n";
+								echo $ip . ':' . $port . ' :: certificate CA file "' . $domain['ssl_ca_file'] . '" does not exist! SSL-directives might not be working' . "\n";
 							} else {
 								$this->lighttpd_data[$vhost_filename] .= 'ssl.ca-file = "' . \Froxlor\FileDir::makeCorrectFile($domain['ssl_ca_file']) . '"' . "\n";
 							}
@@ -760,6 +760,7 @@ class Lighttpd extends HttpConfigBase
 			'customerid' => $domain['customerid']
 		));
 
+		$diroption_text = '';
 		while ($row_htpasswds = $result_stmt->fetch(\PDO::FETCH_ASSOC)) {
 			if ($this->auth_backend_loaded[$domain['ipandport']] != 'yes' && $this->auth_backend_loaded[$domain['ssl_ipandport']] != 'yes') {
 				$filename = $domain['customerid'] . '.htpasswd';
@@ -836,6 +837,7 @@ class Lighttpd extends HttpConfigBase
 			}
 		}
 
+		$servernames_text = '';
 		for ($i = 0; $i < sizeof($server_string); $i ++) {
 			$data = $server_string[$i];
 

lib/Froxlor/Cron/System/BackupCron.php

@@ -150,13 +150,17 @@ class BackupCron extends \Froxlor\Cron\FroxlorCron
 			$sql_root = Database::getSqlData();
 			Database::needRoot(false);
 
+			$mysqlcnf_file = tempnam("/tmp", "frx");
+			$mysqlcnf = "[mysqldump]\npassword=".$sql_root['passwd']."\n";
+			file_put_contents($mysqlcnf_file, $mysqlcnf);
+
 			$has_dbs = false;
 			while ($row = $sel_stmt->fetch()) {
 				$cronlog->logAction(\Froxlor\FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> mysqldump -u ' . escapeshellarg($sql_root['user']) . ' -pXXXXX ' . $row['databasename'] . ' > ' . \Froxlor\FileDir::makeCorrectFile($tmpdir . '/mysql/' . $row['databasename'] . '_' . date('YmdHi', time()) . '.sql'));
 				$bool_false = false;
-				\Froxlor\FileDir::safe_exec('mysqldump -u ' . escapeshellarg($sql_root['user']) . ' -p' . $sql_root['passwd'] . ' ' . $row['databasename'] . ' > ' . \Froxlor\FileDir::makeCorrectFile($tmpdir . '/mysql/' . $row['databasename'] . '_' . date('YmdHi', time()) . '.sql'), $bool_false, array(
+				FileDir::safe_exec('mysqldump --defaults-file=' . escapeshellarg($mysqlcnf_file) .' -u ' . escapeshellarg($sql_root['user']) . ' ' . $row['databasename'] . ' > ' . FileDir::makeCorrectFile($tmpdir . '/mysql/' . $row['databasename'] . '_' . date('YmdHi', time()) . '.sql'), $bool_false, [
 					'>'
-				));
+				]);
 				$has_dbs = true;
 			}
 
@@ -164,6 +168,8 @@ class BackupCron extends \Froxlor\Cron\FroxlorCron
 				$create_backup_tar_data .= './mysql ';
 			}
 
+			unlink($mysqlcnf_file);
+
 			unset($sql_root);
 		}
 

lib/Froxlor/Cron/System/TasksCron.php

@@ -324,8 +324,8 @@ class TasksCron extends \Froxlor\Cron\FroxlorCron
 
 				if (file_exists($logsdir) && $logsdir != '/' && $logsdir != \Froxlor\FileDir::makeCorrectDir(Settings::Get('system.logfiles_directory')) && substr($logsdir, 0, strlen(Settings::Get('system.logfiles_directory'))) == Settings::Get('system.logfiles_directory')) {
 					// build up wildcard for webX-{access,error}.log{*}
-					$logfiles .= '-*';
+					$logsdir .= '-*';
-					\Froxlor\FileDir::safe_exec('rm -f ' . escapeshellarg($logfiles));
+					\Froxlor\FileDir::safe_exec('rm -f ' . escapeshellarg($logsdir));
 				}
 			}
 		}

lib/Froxlor/Cron/Traffic/ReportsCron.php

@@ -36,7 +36,7 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 		if ((int) Settings::Get('system.report_trafficmax') > 0) {
 			// Warn the customers at xx% traffic-usage
 			$result_stmt = Database::prepare("
-				SELECT `c`.`customerid`, `c`.`customernumber`, `c`.`adminid`, `c`.`name`, `c`.`firstname`,
+				SELECT `c`.`customerid`, `c`.`loginname`, `c`.`customernumber`, `c`.`adminid`, `c`.`name`, `c`.`firstname`,
 				`c`.`company`, `c`.`traffic`, `c`.`email`, `c`.`def_language`,
 				`a`.`name` AS `adminname`, `a`.`email` AS `adminmail`,
 				(SELECT SUM(`t`.`http` + `t`.`ftp_up` + `t`.`ftp_down` + `t`.`mail`)
@@ -60,6 +60,7 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 						'name' => $row['name'],
 						'firstname' => $row['firstname'],
 						'company' => $row['company'],
+						'loginname' => $row['loginname'],
 						'customernumber' => $row['customernumber']
 					);
 					$replace_arr = array(
@@ -67,6 +68,7 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 						'NAME' => $rep_userinfo['name'],
 						'FIRSTNAME' => $rep_userinfo['firstname'],
 						'COMPANY' => $rep_userinfo['company'],
+						'USERNAME' => $rep_userinfo['loginname'],
 						'CUSTOMER_NO' => $rep_userinfo['customernumber'],
 						'TRAFFIC' => round(($row['traffic'] / 1024), 2), /* traffic is stored in KB, template uses MB */
 						'TRAFFICUSED' => round(($row['traffic_used'] / 1024), 2), /* traffic is stored in KB, template uses MB */
@@ -354,7 +356,7 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 			 * report about diskusage for customers
 			 */
 			$result_stmt = Database::query("
-				SELECT `c`.`customerid`, `c`.`customernumber`, `c`.`adminid`, `c`.`name`, `c`.`firstname`,
+				SELECT `c`.`customerid`, `c`.`loginname`, `c`.`customernumber`, `c`.`adminid`, `c`.`name`, `c`.`firstname`,
 				`c`.`company`, `c`.`diskspace`, `c`.`diskspace_used`, `c`.`email`, `c`.`def_language`,
 				`a`.`name` AS `adminname`, `a`.`email` AS `adminmail`
 				FROM `" . TABLE_PANEL_CUSTOMERS . "` AS `c`
@@ -373,6 +375,7 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 						'name' => $row['name'],
 						'firstname' => $row['firstname'],
 						'company' => $row['company'],
+						'loginname' => $row['loginname'],
 						'customernumber' => $row['customernumber']
 					);
 					$replace_arr = array(
@@ -380,6 +383,7 @@ class ReportsCron extends \Froxlor\Cron\FroxlorCron
 						'NAME' => $rep_userinfo['name'],
 						'FIRSTNAME' => $rep_userinfo['firstname'],
 						'COMPANY' => $rep_userinfo['company'],
+						'USERNAME' => $rep_userinfo['loginname'],
 						'CUSTOMER_NO' => $rep_userinfo['customernumber'],
 						'DISKAVAILABLE' => round(($row['diskspace'] / 1024), 2), /* traffic is stored in KB, template uses MB */
 						'DISKUSED' => round($row['diskspace_used'] / 1024, 2), /* traffic is stored in KB, template uses MB */

lib/Froxlor/FileDir.php

@@ -494,7 +494,7 @@ class FileDir
 			};
 
 			// create RecursiveIteratorIterator
-			$its = new \RecursiveIteratorIterator(new \RecursiveCallbackFilterIterator(new System\IgnorantRecursiveDirectoryIterator($path, \RecursiveDirectoryIterator::SKIP_DOTS), $filter));
+			$its = new \RecursiveIteratorIterator(new \RecursiveCallbackFilterIterator(new \RecursiveDirectoryIterator($path, \RecursiveDirectoryIterator::SKIP_DOTS), $filter));
 			// we can limit the recursion-depth, but will it be helpful or
 			// will people start asking "why do I only see 2 subdirectories, i want to use /a/b/c"
 			// let's keep this in mind and see whether it will be useful

lib/Froxlor/Froxlor.php

@@ -7,7 +7,7 @@ final class Froxlor
 {
 
 	// Main version variable
-	const VERSION = '0.10.33';
+	const VERSION = '0.10.36';
 
 	// Database version (YYYYMMDDC where C is a daily counter)
 	const DBVERSION = '202112310';

lib/Froxlor/PhpHelper.php

@@ -63,7 +63,7 @@ class PhpHelper
 					$subject[$field] = self::htmlentitiesArray($subject[$field], $fields, $quote_style, $charset);
 				}
 			}
-		} else {
+		} elseif (!empty($subject)) {
 			$subject = htmlentities($subject, $quote_style, $charset);
 		}
 

lib/Froxlor/System/IgnorantRecursiveDirectoryIterator.php

@@ -1,21 +0,0 @@
-<?php
-namespace Froxlor\System;
-
-/**
- * If you use RecursiveDirectoryIterator with RecursiveIteratorIterator and run
- * into UnexpectedValueException you may use this little hack to ignore those
- * directories, such as lost+found on linux.
- * (User "antennen" @ http://php.net/manual/en/class.recursivedirectoryiterator.php#101654)
- */
-class IgnorantRecursiveDirectoryIterator extends \RecursiveDirectoryIterator
-{
-
-	public function getChildren()
-	{
-		try {
-			return new IgnorantRecursiveDirectoryIterator($this->getPathname());
-		} catch (\UnexpectedValueException $e) {
-			return new \RecursiveArrayIterator(array());
-		}
-	}
-}

lib/configfiles/focal.xml

@@ -1600,7 +1600,7 @@ root:               root@<SERVERNAME>
 # is /etc/mailname.
 #myorigin = /etc/mailname
 
-smtpd_banner = $myhostname ESMTP $mail_name (@@DISTRO@@)
+smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
 biff = no
 
 # appending .domain is the MUA's job.

lng/german.lng.php

@@ -410,7 +410,7 @@ $lng['admin']['ipsandports']['port'] = 'Port';
 
 // ADDED IN 1.2.13-rc3
 
-$lng['error']['cantchangesystemip'] = 'Sie können die letzte System-IP-Adresse nicht löschen. Entweder legen Sie eine neue IP/Port-Kombination an oder Sie ändern die System-IP-Adresse.';
+$lng['error']['cantchangesystemip'] = 'Sie können die letzte System-IP-Adresse nicht ändern. Entweder legen Sie eine neue IP/Port-Kombination an oder Sie ändern die System-IP-Adresse.';
 $lng['question']['admin_domain_reallydocrootoutofcustomerroot'] = 'Sind Sie sicher, dass der DocumentRoot dieser Domain außerhalb des Heimatverzeichnisses des Kunden liegen soll?';
 
 // ADDED IN 1.2.14-rc1