maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Compare commits

base: maketank:upgrade-2
Branches Tags
maketank:live maketank:upgrade-2.0 maketank:upgrade-2 maketank:2.1.x maketank:remotes/origin/2.1.x maketank:master
maketank:greylisting-2.0 maketank:2.2.8 maketank:2.2.7 maketank:2.2.6 maketank:2.2.5 maketank:2.2.4 maketank:2.2.3 maketank:2.2.2 maketank:2.2.1 maketank:2.2.0 maketank:2.2.0-rc3 maketank:2.2.0-rc2 maketank:2.2.0-rc1 maketank:2.1.9 maketank:2.1.8 maketank:2.1.7 maketank:2.1.6 maketank:2.1.5 maketank:2.1.4 maketank:2.1.3 maketank:2.1.2 maketank:2.1.1 maketank:2.1.0 maketank:2.1.0-rc3 maketank:2.1.0-rc2 maketank:2.1.0-rc1 maketank:2.1.0-beta2 maketank:2.1.0-beta1 maketank:2.0.24 maketank:2.0.23 maketank:2.0.22 maketank:2.0.21 maketank:2.0.20 maketank:2.0.19 maketank:2.0.18 maketank:2.0.17 maketank:2.0.16 maketank:2.0.15 maketank:2.0.14 maketank:2.0.13 maketank:2.0.12 maketank:2.0.11 maketank:2.0.10 maketank:2.0.9 maketank:2.0.8 maketank:2.0.7 maketank:2.0.6 maketank:2.0.5 maketank:2.0.4 maketank:2.0.3 maketank:2.0.2 maketank:2.0.1 maketank:0.10.38.3 maketank:0.10.38.2 maketank:0.10.38.1 maketank:0.10.38 maketank:0.10.37 maketank:0.10.36 maketank:0.10.35.1 maketank:0.10.35 maketank:0.10.34.1 maketank:0.10.34 maketank:0.10.33 maketank:0.10.32 maketank:0.10.31 maketank:0.10.30 maketank:0.10.29.1 maketank:0.10.29 maketank:0.10.28 maketank:0.10.27 maketank:0.10.26 maketank:0.10.25 maketank:0.10.24 maketank:0.10.23.1 maketank:0.10.23 maketank:0.10.22 maketank:0.10.21 maketank:0.10.20 maketank:0.10.19 maketank:0.10.18 maketank:0.10.17 maketank:0.10.16 maketank:0.10.15 maketank:0.10.14 maketank:0.10.13 maketank:0.10.12 maketank:0.10.11 maketank:0.10.10 maketank:0.10.9 maketank:0.10.8 maketank:0.10.7 maketank:0.10.6 maketank:0.10.5 maketank:0.10.4 maketank:0.10.3 maketank:0.10.2 maketank:0.10.1 maketank:0.10.0 maketank:0.10.0-rc2 maketank:0.10.0-rc1 maketank:0.9.40.1 maketank:0.9.40 maketank:0.9.39.5 maketank:0.9.39.4 maketank:0.9.39.3 maketank:0.9.39.2 maketank:0.9.39.1 maketank:0.9.39 maketank:0.9.38.8 maketank:0.9.38.7 maketank:0.9.38.6 maketank:0.9.38.5 maketank:0.9.38.4 maketank:0.9.38.3 maketank:0.9.38.2 maketank:0.9.38.1 maketank:0.9.38 maketank:0.9.38-rc2 maketank:0.9.38-rc1 maketank:0.9.37 maketank:0.9.37-rc1 maketank:0.9.36 maketank:0.9.35.1 maketank:0.9.35 maketank:0.9.35-rc1 maketank:0.9.34.2 maketank:0.9.34.1 maketank:0.9.34 maketank:0.9.33.2 maketank:0.9.33.1 maketank:0.9.33 maketank:0.9.33-rc3 maketank:0.9.33-rc2 maketank:0.9.33-rc1 maketank:0.9.32 maketank:0.9.32-rc2 maketank:0.9.32-rc1 maketank:0.9.31.2 maketank:0.9.31.1 maketank:0.9.31 maketank:0.9.31-rc2 maketank:0.9.31-rc1 maketank:0.9.30 maketank:0.9.30-rc1 maketank:0.9.29 maketank:0.9.29-rc1 maketank:0.9.28.1 maketank:0.9.28 maketank:0.9.28-rc1 maketank:0.9.27 maketank:0.9.27-rc1 maketank:0.9.26 maketank:0.9.26-rc1 maketank:0.9.25 maketank:0.9.25-rc1 maketank:0.9.24 maketank:0.9.24-rc1 maketank:0.9.23 maketank:0.9.23-rc1 maketank:0.9.22 maketank:0.9.22-rc1 maketank:0.9.21 maketank:0.9.20.1 maketank:0.9.20 maketank:0.9.19 maketank:0.9.18.1 maketank:0.9.18 maketank:0.9.17 maketank:0.9.16 maketank:0.9.15.1 maketank:0.9.15 maketank:0.9.14 maketank:0.9.13.1 maketank:0.9.13 maketank:0.9.12 maketank:0.9.11 maketank:0.9.10 maketank:0.9.9 maketank:0.9.8 maketank:0.9.7 maketank:0.9.6 maketank:0.9.5 maketank:0.9.4 maketank:0.9.3 maketank:0.9.2.1 maketank:0.9.2 maketank:0.9.1 maketank:0.9
..
compare: maketank:upgrade-2.0
Branches Tags
maketank:upgrade-2.0 maketank:live maketank:upgrade-2 maketank:2.1.x maketank:remotes/origin/2.1.x maketank:master
maketank:greylisting-2.0 maketank:2.2.8 maketank:2.2.7 maketank:2.2.6 maketank:2.2.5 maketank:2.2.4 maketank:2.2.3 maketank:2.2.2 maketank:2.2.1 maketank:2.2.0 maketank:2.2.0-rc3 maketank:2.2.0-rc2 maketank:2.2.0-rc1 maketank:2.1.9 maketank:2.1.8 maketank:2.1.7 maketank:2.1.6 maketank:2.1.5 maketank:2.1.4 maketank:2.1.3 maketank:2.1.2 maketank:2.1.1 maketank:2.1.0 maketank:2.1.0-rc3 maketank:2.1.0-rc2 maketank:2.1.0-rc1 maketank:2.1.0-beta2 maketank:2.1.0-beta1 maketank:2.0.24 maketank:2.0.23 maketank:2.0.22 maketank:2.0.21 maketank:2.0.20 maketank:2.0.19 maketank:2.0.18 maketank:2.0.17 maketank:2.0.16 maketank:2.0.15 maketank:2.0.14 maketank:2.0.13 maketank:2.0.12 maketank:2.0.11 maketank:2.0.10 maketank:2.0.9 maketank:2.0.8 maketank:2.0.7 maketank:2.0.6 maketank:2.0.5 maketank:2.0.4 maketank:2.0.3 maketank:2.0.2 maketank:2.0.1 maketank:0.10.38.3 maketank:0.10.38.2 maketank:0.10.38.1 maketank:0.10.38 maketank:0.10.37 maketank:0.10.36 maketank:0.10.35.1 maketank:0.10.35 maketank:0.10.34.1 maketank:0.10.34 maketank:0.10.33 maketank:0.10.32 maketank:0.10.31 maketank:0.10.30 maketank:0.10.29.1 maketank:0.10.29 maketank:0.10.28 maketank:0.10.27 maketank:0.10.26 maketank:0.10.25 maketank:0.10.24 maketank:0.10.23.1 maketank:0.10.23 maketank:0.10.22 maketank:0.10.21 maketank:0.10.20 maketank:0.10.19 maketank:0.10.18 maketank:0.10.17 maketank:0.10.16 maketank:0.10.15 maketank:0.10.14 maketank:0.10.13 maketank:0.10.12 maketank:0.10.11 maketank:0.10.10 maketank:0.10.9 maketank:0.10.8 maketank:0.10.7 maketank:0.10.6 maketank:0.10.5 maketank:0.10.4 maketank:0.10.3 maketank:0.10.2 maketank:0.10.1 maketank:0.10.0 maketank:0.10.0-rc2 maketank:0.10.0-rc1 maketank:0.9.40.1 maketank:0.9.40 maketank:0.9.39.5 maketank:0.9.39.4 maketank:0.9.39.3 maketank:0.9.39.2 maketank:0.9.39.1 maketank:0.9.39 maketank:0.9.38.8 maketank:0.9.38.7 maketank:0.9.38.6 maketank:0.9.38.5 maketank:0.9.38.4 maketank:0.9.38.3 maketank:0.9.38.2 maketank:0.9.38.1 maketank:0.9.38 maketank:0.9.38-rc2 maketank:0.9.38-rc1 maketank:0.9.37 maketank:0.9.37-rc1 maketank:0.9.36 maketank:0.9.35.1 maketank:0.9.35 maketank:0.9.35-rc1 maketank:0.9.34.2 maketank:0.9.34.1 maketank:0.9.34 maketank:0.9.33.2 maketank:0.9.33.1 maketank:0.9.33 maketank:0.9.33-rc3 maketank:0.9.33-rc2 maketank:0.9.33-rc1 maketank:0.9.32 maketank:0.9.32-rc2 maketank:0.9.32-rc1 maketank:0.9.31.2 maketank:0.9.31.1 maketank:0.9.31 maketank:0.9.31-rc2 maketank:0.9.31-rc1 maketank:0.9.30 maketank:0.9.30-rc1 maketank:0.9.29 maketank:0.9.29-rc1 maketank:0.9.28.1 maketank:0.9.28 maketank:0.9.28-rc1 maketank:0.9.27 maketank:0.9.27-rc1 maketank:0.9.26 maketank:0.9.26-rc1 maketank:0.9.25 maketank:0.9.25-rc1 maketank:0.9.24 maketank:0.9.24-rc1 maketank:0.9.23 maketank:0.9.23-rc1 maketank:0.9.22 maketank:0.9.22-rc1 maketank:0.9.21 maketank:0.9.20.1 maketank:0.9.20 maketank:0.9.19 maketank:0.9.18.1 maketank:0.9.18 maketank:0.9.17 maketank:0.9.16 maketank:0.9.15.1 maketank:0.9.15 maketank:0.9.14 maketank:0.9.13.1 maketank:0.9.13 maketank:0.9.12 maketank:0.9.11 maketank:0.9.10 maketank:0.9.9 maketank:0.9.8 maketank:0.9.7 maketank:0.9.6 maketank:0.9.5 maketank:0.9.4 maketank:0.9.3 maketank:0.9.2.1 maketank:0.9.2 maketank:0.9.1 maketank:0.9

48 Commits
upgrade-2 ... upgrade-2.

Author SHA1 Message Date
Udo Waechter
d7a3568506 reject policy dmarc 2025-09-29 19:06:10 +02:00
Udo Waechter
10c13bc5b1 not generating disabled zones 2025-09-26 13:01:26 +02:00
Udo Waechter
dcb3f6f568 DKIM stuff with our own selector 2025-09-25 11:16:48 +02:00
Udo Waechter
7566def0d1 TODO: This is a dkim hack 2025-09-25 09:40:40 +02:00
Udo Waechter
3630f82817 greylisting 2.0 2025-09-24 16:45:43 +02:00
Udo Waechter
9ddd2e9154 styles 2025-09-03 12:10:46 +02:00
Udo Waechter
53afe4ebd1 new files
Some checks failed
continuous-integration/drone/push Build is failing
Details
2024-01-30 17:12:26 +01:00
Udo Waechter
4f69e8ee0e new css 2024-01-30 17:12:16 +01:00
Udo Waechter
32f5b0d5e9 new Theme
Some checks failed
continuous-integration/drone/push Build is failing
Details
2024-01-30 16:52:34 +01:00
Udo Waechter
53a6485a6e Maketank Theme migration
Some checks failed
continuous-integration/drone/push Build is failing
Details
2024-01-30 13:52:59 +01:00
Udo Waechter
f2643ac887 env test 3
Some checks failed
continuous-integration/drone/push Build is failing
Details
2023-12-13 12:46:20 +01:00
Udo Waechter
e37687a85d env test 3
Some checks failed
continuous-integration/drone/push Build is failing
Details
2023-12-13 12:44:29 +01:00
Udo Waechter
ccbc3286a5 env test 2
Some checks failed
continuous-integration/drone/push Build is failing
Details
2023-12-13 12:39:58 +01:00
Udo Waechter
929a562324 env test 2
Some checks failed
continuous-integration/drone/push Build is failing
Details
2023-12-13 12:36:50 +01:00
Udo Waechter
3704cf6621 env test 2
Some checks failed
continuous-integration/drone/push Build is failing
Details
2023-12-13 12:35:09 +01:00
Udo Waechter
10238a1466 env test
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-12-12 14:04:03 +01:00
Udo Waechter
9002ddf4a2 env test
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details
2023-12-12 14:03:10 +01:00
Udo Waechter
8a2de5a44a env test
Some checks reported errors
continuous-integration/drone/push Build encountered an error
Details
2023-12-12 13:59:34 +01:00
Udo Waechter
96c0af18dd npm and compose
Some checks failed
continuous-integration/drone/push Build is failing
Details
2023-12-12 13:50:23 +01:00
Udo Waechter
5bb228ce78 npm and compose
Some checks failed
continuous-integration/drone/push Build is failing
Details
2023-12-12 13:48:08 +01:00
Udo Waechter
804128280c npm and compose 2023-12-12 13:47:32 +01:00
Udo Waechter
5b8e918f75 ssh test
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-12-12 13:45:23 +01:00
Udo Waechter
0e3e83d184 ssh test
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
2023-12-12 10:51:21 +01:00
Udo Waechter
8ced61c6aa bogus edit for pipeline trigger
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
2023-12-11 15:31:39 +01:00
Udo Waechter
29a2ab7567 2.0 upgrade test first
Some checks reported errors
continuous-integration/drone/push Build was killed
Details
2023-12-07 12:39:20 +01:00
Michael Kaufmann
166ec0575b set version to 2.0.24 for upcoming maintenance release 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-10-06 11:18:18 +02:00
Andreu Trepat Rubirola
215e749ba8 added ca language (#1184) 2023-09-24 15:22:33 +02:00
Michael Kaufmann
506cccd7c8 fix vhost-cleaning regex for nginx-location directives; fixes #1185 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-09-12 15:20:56 +02:00
Michael Kaufmann
6d9014c29b fix API permission error in navigation when customer-hide-options include 'domains'; fixes #1183 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-09-07 15:34:06 +02:00
Michael Kaufmann
10555bff76 set version to 2.0.23 for upcoming bugfix release 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-09-03 20:16:18 +02:00
Michael Kaufmann
37aa7af4da check for existing userinfo if settings are being imported via cli 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-09-02 17:11:06 +02:00
Michael Kaufmann
4b75369597 only check non-admin resources if user is not an admin in navigation 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-09-02 15:53:15 +02:00
Michael Kaufmann
9d0e463906 set version to 2.0.22 for upcoming maintenance release 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-09-01 09:58:33 +02:00
Daniel
a7198f58ce Fix"Add" shortcut link in email address navigation (#1169) 
Seems to have changed when adding the domain-filter overview for email addresses, but not updated in the navigation.
 2023-08-13 08:19:32 +02:00
Michael Kaufmann
47be4b2847 remove shortcode for --diff-params in configdiff command 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-08-12 09:04:58 +02:00
Daniel
b0fae4bd14 Add config-diff CLI Command (#1168) 
---------

Co-authored-by: Michael Kaufmann <d00p@froxlor.org>
 2023-08-12 09:03:16 +02:00
Michael Kaufmann
4711a41436 correct validation of hostingplan name and description 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-08-11 13:57:21 +02:00
Michael Kaufmann
faa71ceaef forgot to save one file for the last commit 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-08-11 12:13:33 +02:00
Michael Kaufmann
2d30394150 correctly redirect to last-page if session is timed out and remove passing script/qrystr url parameters 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-08-11 12:09:23 +02:00
Michael Kaufmann
99c1182af8 adjustments in installation for debian 12 and fcgid / disabling mod_php; thx to Konstantin 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-07-27 11:25:03 +02:00
Michael Kaufmann
d9abe58dd2 adjust proftpd config for debian 12 bookworm 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-07-22 13:00:11 +02:00
Michael Kaufmann
23034b8ad2 rework path to certificates non-ecc/ecc, regardless of current setting 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-07-21 08:54:29 +02:00
Michael Kaufmann
1cae5638d3 fix optional-flag for IpsAndPorts.add() and IpsAndPorts.update() 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-07-16 17:09:45 +02:00
Michael Kaufmann
ce9a5f97a3 validate non-empy admin-name in Admins.update() 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-07-16 16:44:46 +02:00
Michael Kaufmann
c38b90deef Merge branch 'main' of github.com:Froxlor/Froxlor 2023-07-07 09:52:37 +02:00
Michael Kaufmann
13daa7d6fa set version to 2.0.21 for upcoming maintenance release 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-07-07 09:50:50 +02:00
Michael Kaufmann
b0e43d332d validate generated config-json parameter string 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2023-07-07 09:47:17 +02:00
jabertwo
75c8754fb4 Fix typo in pathDescriptionSubdomain (#1156) 2023-06-26 11:03:48 +02:00
298 changed files with 13535 additions and 11343 deletions
Expand all files Collapse all files

21
.drone.yml
View File

@@ -8,11 +8,15 @@ platform:
trigger:
branch:
- upgrade-2
- upgrade-2.0
event:
include:
- push
environment:
DEPLOY_HOST: rechner.maketank.net
DEPLOY_DIR: ~/froxlor-test
steps:
- name: deploy
image: cr.wks/drone/drone-rsync:latest
@@ -21,13 +25,13 @@ steps:
source: ./
target: ~/froxlor-test
user: www-data
exclude: ['vendor', '.git*', '*drone.yml', '.settings', '.buildpath', '.editorconfig', '.project', '.travis.yml']
exclude: ['vendor', '.git*', '*drone.yml', '.settings', '.buildpath', '.editorconfig', '.project', '.travis.yml', 'node_modules']
args: '-v --delete'
log_level: quiet
key:
from_secret: ssh-www-data-maketank-rsa
command_timeout: 10m
- name: compose-install
- name: compose
image: appleboy/drone-ssh
settings:
host:
@@ -37,4 +41,13 @@ steps:
from_secret: ssh-www-data-maketank-rsa
script:
- cd ~/froxlor-test && composer install --no-dev
- name: npm
image: appleboy/drone-ssh
settings:
host:
- rechner02.maketank.net
username: www-data
key:
from_secret: ssh-www-data-maketank-rsa
script:
- cd ~/froxlor-test && npm install && npm run build

2
.gitignore vendored
View File

@@ -13,13 +13,11 @@ logs/*
*~
.well-known
.idea
.DS_Store
*.iml
img/
vendor/
node_modules/
fonts/
templates/*
!templates/index.html
!templates/Froxlor/
templates/Froxlor/assets/mix-manifest.json

2
actions/admin/settings/100.panel.php
View File

@@ -265,7 +265,7 @@ return [
'extras.directoryprotection' => lng('menue.extras.extras') . " / " . lng('menue.extras.directoryprotection'),
'extras.pathoptions' => lng('menue.extras.extras') . " / " . lng('menue.extras.pathoptions'),
'extras.logger' => lng('menue.extras.extras') . " / " . lng('menue.logger.logger'),
'extras.export' => lng('menue.extras.extras') . " / " . lng('menue.extras.export'),
'extras.backup' => lng('menue.extras.extras') . " / " . lng('menue.extras.backup'),
'traffic' => lng('menue.traffic.traffic'),
'traffic.http' => lng('menue.traffic.traffic') . " / HTTP",
'traffic.ftp' => lng('menue.traffic.traffic') . " / FTP",

8
actions/admin/settings/110.accounts.php
View File

@@ -230,13 +230,13 @@ return [
'onlyif' => 1
]
],
'system_exportenabled' => [
'label' => lng('serversettings.exportenabled'),
'system_backupenabled' => [
'label' => lng('serversettings.backupenabled'),
'settinggroup' => 'system',
'varname' => 'exportenabled',
'varname' => 'backupenabled',
'type' => 'checkbox',
'default' => false,
'cronmodule' => 'froxlor/export',
'cronmodule' => 'froxlor/backup',
'save_method' => 'storeSettingField'
],
'system_createstdsubdom_default' => [

3
actions/admin/settings/120.system.php
View File

@@ -107,8 +107,7 @@ return [
'varname' => 'enabled',
'type' => 'checkbox',
'default' => false,
'save_method' => 'storeSettingField',
'required_otp' => true
'save_method' => 'storeSettingField'
],
'api_customer_default' => [
'label' => lng('serversettings.api_customer_default'),

9
actions/admin/settings/125.cronjob.php
View File

@@ -46,8 +46,7 @@ return [
'type' => 'text',
'string_regexp' => '/^[a-z0-9\/\._\- ]+$/i',
'default' => '/usr/bin/nice -n 5 /usr/bin/php -q',
'save_method' => 'storeSettingField',
'required_otp' => true
'save_method' => 'storeSettingField'
],
'system_crondreload' => [
'label' => lng('serversettings.system_crondreload'),
@@ -56,8 +55,7 @@ return [
'type' => 'text',
'string_regexp' => '/^[a-z0-9\/\._\- ]+$/i',
'default' => '/etc/init.d/cron reload',
'save_method' => 'storeSettingField',
'required_otp' => true
'save_method' => 'storeSettingField'
],
'system_cron_allowautoupdate' => [
'label' => lng('serversettings.system_cron_allowautoupdate'),
@@ -65,8 +63,7 @@ return [
'varname' => 'cron_allowautoupdate',
'type' => 'checkbox',
'default' => false,
'save_method' => 'storeSettingField',
'required_otp' => true
'save_method' => 'storeSettingField'
]
]
]

9
actions/admin/settings/130.webserver.php
View File

@@ -181,8 +181,7 @@ return [
'label' => lng('serversettings.logfiles_format'),
'settinggroup' => 'system',
'varname' => 'logfiles_format',
'type' => (strpos(Settings::Get('system.logfiles_format'), '"') !== false ? 'textarea' : 'text'),
'string_regexp' => '/^[^\0\r\n<>]*$/i',
'type' => 'text',
'default' => '',
'string_emptyallowed' => true,
'save_method' => 'storeSettingField',
@@ -308,8 +307,7 @@ return [
'type' => 'text',
'string_regexp' => '/^[a-z0-9\/\._\- ]+$/i',
'default' => '/etc/init.d/apache2 reload',
'save_method' => 'storeSettingField',
'required_otp' => true
'save_method' => 'storeSettingField'
],
'system_phpreload_command' => [
'label' => lng('serversettings.phpreload_command'),
@@ -321,8 +319,7 @@ return [
'save_method' => 'storeSettingField',
'websrv_avail' => [
'nginx'
],
'required_otp' => true
]
],
'system_nginx_php_backend' => [
'label' => lng('serversettings.nginx_php_backend'),

3
actions/admin/settings/131.ssl.php
View File

@@ -157,8 +157,7 @@ return [
'string_type' => 'file',
'default' => '/root/.acme.sh/acme.sh',
'save_method' => 'storeSettingField',
'advanced_mode' => true,
'required_otp' => true
'advanced_mode' => true
],
'system_letsencryptacmeconf' => [
'label' => lng('serversettings.letsencryptacmeconf'),

12
actions/admin/settings/136.phpfpm.php
View File

@@ -126,8 +126,7 @@ return [
'type' => 'textarea',
'default' => '',
'save_method' => 'storeSettingField',
'advanced_mode' => true,
'required_otp' => true
'advanced_mode' => true
],
'phpfpm_ini_values' => [
'label' => lng('phpfpm.ini_values'),
@@ -136,8 +135,7 @@ return [
'type' => 'textarea',
'default' => '',
'save_method' => 'storeSettingField',
'advanced_mode' => true,
'required_otp' => true
'advanced_mode' => true
],
'phpfpm_ini_admin_flags' => [
'label' => lng('phpfpm.ini_admin_flags'),
@@ -146,8 +144,7 @@ return [
'type' => 'textarea',
'default' => '',
'save_method' => 'storeSettingField',
'advanced_mode' => true,
'required_otp' => true
'advanced_mode' => true
],
'phpfpm_ini_admin_values' => [
'label' => lng('phpfpm.ini_admin_values'),
@@ -156,8 +153,7 @@ return [
'type' => 'textarea',
'default' => '',
'save_method' => 'storeSettingField',
'advanced_mode' => true,
'required_otp' => true
'advanced_mode' => true
]
]
]

6
actions/admin/settings/160.nameserver.php
View File

@@ -80,8 +80,7 @@ return [
'type' => 'text',
'string_regexp' => '/^[a-z0-9\/\._\- ]+$/i',
'default' => '/etc/init.d/bind9 reload',
'save_method' => 'storeSettingField',
'required_otp' => true
'save_method' => 'storeSettingField'
],
'system_nameservers' => [
'label' => lng('serversettings.nameservers'),
@@ -112,8 +111,7 @@ return [
'string_delimiter' => ',',
'string_emptyallowed' => true,
'default' => '',
'save_method' => 'storeSettingField',
'required_otp' => true
'save_method' => 'storeSettingField'
],
'system_powerdns_mode' => [
'label' => lng('serversettings.powerdns_mode'),

3
actions/admin/settings/180.dkim.php
View File

@@ -137,8 +137,7 @@ return [
'type' => 'text',
'string_regexp' => '/^[a-z0-9\/\._\- ]+$/i',
'default' => '/etc/init.d/dkim-filter restart',
'save_method' => 'storeSettingField',
'required_otp' => true
'save_method' => 'storeSettingField'
]
]
]

24
actions/admin/settings/210.security.php
View File

@@ -37,8 +37,7 @@ return [
'varname' => 'unix_names',
'type' => 'checkbox',
'default' => true,
'save_method' => 'storeSettingField',
'required_otp' => true
'save_method' => 'storeSettingField'
],
'system_mailpwcleartext' => [
'label' => lng('serversettings.mailpwcleartext'),
@@ -47,8 +46,7 @@ return [
'type' => 'checkbox',
'default' => false,
'save_method' => 'storeSettingField',
'advanced_mode' => true,
'required_otp' => true
'advanced_mode' => true
],
'system_passwordcryptfunc' => [
'label' => lng('serversettings.passwordcryptfunc'),
@@ -61,8 +59,7 @@ return [
'getAvailablePasswordHashes'
],
'save_method' => 'storeSettingField',
'advanced_mode' => true,
'required_otp' => true
'advanced_mode' => true
],
'system_allow_error_report_admin' => [
'label' => lng('serversettings.allow_error_report_admin'),
@@ -70,8 +67,7 @@ return [
'varname' => 'allow_error_report_admin',
'type' => 'checkbox',
'default' => false,
'save_method' => 'storeSettingField',
'required_otp' => true
'save_method' => 'storeSettingField'
],
'system_allow_error_report_customer' => [
'label' => lng('serversettings.allow_error_report_customer'),
@@ -79,8 +75,7 @@ return [
'varname' => 'allow_error_report_customer',
'type' => 'checkbox',
'default' => false,
'save_method' => 'storeSettingField',
'required_otp' => true
'save_method' => 'storeSettingField'
],
'system_allow_customer_shell' => [
'label' => lng('serversettings.allow_allow_customer_shell'),
@@ -89,8 +84,7 @@ return [
'type' => 'checkbox',
'default' => false,
'save_method' => 'storeSettingField',
'advanced_mode' => true,
'required_otp' => true
'advanced_mode' => true
],
'system_available_shells' => [
'label' => lng('serversettings.available_shells'),
@@ -100,8 +94,7 @@ return [
'string_emptyallowed' => true,
'default' => '',
'save_method' => 'storeSettingField',
'advanced_mode' => true,
'required_otp' => true
'advanced_mode' => true
],
'system_froxlorusergroup' => [
'label' => lng('serversettings.froxlorusergroup'),
@@ -115,8 +108,7 @@ return [
'checkLocalGroup'
],
'visible' => Settings::Get('system.nssextrausers'),
'advanced_mode' => true,
'required_otp' => true
'advanced_mode' => true
],
]
]

12
actions/admin/settings/220.quota.php
View File

@@ -44,30 +44,24 @@ return [
'settinggroup' => 'system',
'varname' => 'diskquota_repquota_path',
'type' => 'text',
'string_type' => 'file',
'default' => '/usr/sbin/repquota',
'save_method' => 'storeSettingField',
'required_otp' => true
'save_method' => 'storeSettingField'
],
'system_diskquota_quotatool_path' => [
'label' => lng('serversettings.diskquota_quotatool_path.description'),
'settinggroup' => 'system',
'varname' => 'diskquota_quotatool_path',
'type' => 'text',
'string_type' => 'file',
'default' => '/usr/bin/quotatool',
'save_method' => 'storeSettingField',
'required_otp' => true
'save_method' => 'storeSettingField'
],
'system_diskquota_customer_partition' => [
'label' => lng('serversettings.diskquota_customer_partition.description'),
'settinggroup' => 'system',
'varname' => 'diskquota_customer_partition',
'type' => 'text',
'string_type' => 'file',
'default' => '/dev/root',
'save_method' => 'storeSettingField',
'required_otp' => true
'save_method' => 'storeSettingField'
]
]
]

87
actions/admin/settings/230.backup.php
View File

@@ -1,87 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, you can also view it online at
* https://files.froxlor.org/misc/COPYING.txt
*
* @copyright the authors
* @author Froxlor team <team@froxlor.org>
* @license https://files.froxlor.org/misc/COPYING.txt GPLv2
*/
return [
'groups' => [
'backup' => [
'title' => lng('backup'),
'icon' => 'fa-solid fa-sliders',
'advanced_mode' => true,
'fields' => [
'backup_enabled' => [
'label' => lng('serversettings.backup_enabled'),
'settinggroup' => 'backup',
'varname' => 'enabled',
'type' => 'checkbox',
'default' => false,
'save_method' => 'storeSettingField',
'overview_option' => true,
'cronmodule' => 'froxlor/backup'
],
'backup_default_storage' => [
'label' => lng('serversettings.backup_default_storage'),
'settinggroup' => 'backup',
'varname' => 'default_storage',
'type' => 'select',
'default' => '1',
'option_options_method' => [
'\\Froxlor\\Backup\\Backup',
'getBackupStorages'
],
'save_method' => 'storeSettingField'
],
'backup_default_retention' => [
'label' => lng('serversettings.backup_default_retention'),
'settinggroup' => 'backup',
'varname' => 'default_retention',
'type' => 'number',
'default' => 3,
'min' => 0,
'save_method' => 'storeSettingField',
],
'backup_default_customer_access' => [
'label' => lng('serversettings.backup_default_customer_access'),
'settinggroup' => 'backup',
'varname' => 'default_customer_access',
'type' => 'checkbox',
'default' => true,
'save_method' => 'storeSettingField',
],
'backup_default_pgp_public_key' => [
'label' => lng('serversettings.backup_default_pgp_public_key'),
'settinggroup' => 'backup',
'varname' => 'default_pgp_public_key',
'type' => 'textarea',
'default' => '',
'save_method' => 'storeSettingField',
'plausibility_check_method' => [
'\\Froxlor\\Validate\\Check',
'checkPgpPublicKeySetting'
],
],
]
]
]
];

2
admin_apcuinfo.php
View File

@@ -62,7 +62,7 @@ if ($action == 'delete' && function_exists('apcu_clear_cache') && $userinfo['cha
}
if (!function_exists('apcu_cache_info') || !function_exists('apcu_sma_info')) {
Response::standardError('no_apcuinfo');
Response::standardError(lng('error.no_apcuinfo'));
}
if ($page == 'showinfo' && $userinfo['change_serversettings'] == '1') {

183
admin_backups.php
View File

@@ -1,183 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, you can also view it online at
* https://files.froxlor.org/misc/COPYING.txt
*
* @copyright the authors
* @author Froxlor team <team@froxlor.org>
* @license https://files.froxlor.org/misc/COPYING.txt GPLv2
*/
const AREA = 'admin';
require __DIR__ . '/lib/init.php';
use Froxlor\Api\Commands\Backups;
use Froxlor\Api\Commands\BackupStorages;
use Froxlor\FroxlorLogger;
use Froxlor\UI\Collection;
use Froxlor\UI\HTML;
use Froxlor\UI\Listing;
use Froxlor\UI\Panel\UI;
use Froxlor\UI\Request;
use Froxlor\UI\Response;
$id = (int)Request::any('id');
if (($page == 'backups' || $page == 'overview')) {
if ($action == '') {
$log->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "viewed admin_backups");
try {
$admin_list_data = include_once dirname(__FILE__) . '/lib/tablelisting/admin/tablelisting.backups.php';
$collection = (new Collection(Backups::class, $userinfo))
->withPagination($admin_list_data['backups_list']['columns'], $admin_list_data['backups_list']['default_sorting']);
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
}
UI::view('user/table.html.twig', [
'listing' => Listing::format($collection, $admin_list_data, 'backups_list'),
'actions_links' => [
[
'href' => $linker->getLink(['section' => 'backups', 'page' => $page, 'action' => 'restore']),
'label' => lng('admin.backups_restore'),
'icon' => 'fa-solid fa-file-import',
'class' => 'btn-outline-secondary'
],
[
'href' => $linker->getLink(['section' => 'backups', 'page' => 'storages']),
'label' => lng('admin.backup_storages'),
'icon' => 'fa-solid fa-hard-drive',
'class' => 'btn-outline-secondary',
'visible' => $userinfo['change_serversettings'] == '1'
]
]
]);
} elseif ($action == 'delete' && $id != 0) {
} elseif ($action == 'add') {
} elseif ($action == 'edit' && $id != 0) {
} elseif ($action == 'restore') {
}
} else if ($page == 'storages' && $userinfo['change_serversettings'] == '1') {
if ($action == '') {
$log->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "list backup storages");
try {
$backup_storage_list_data = include_once dirname(__FILE__) . '/lib/tablelisting/admin/tablelisting.backup_storages.php';
$collection = (new Collection(BackupStorages::class, $userinfo))
->withPagination($backup_storage_list_data['backup_storages_list']['columns'], $backup_storage_list_data['backup_storages_list']['default_sorting']);
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
}
UI::view('user/table.html.twig', [
'listing' => Listing::format($collection, $backup_storage_list_data, 'backup_storages_list'),
'actions_links' => [
[
'href' => $linker->getLink(['section' => 'backups', 'page' => 'backups']),
'label' => lng('admin.backups'),
'icon' => 'fa-solid fa-reply'
],
[
'href' => $linker->getLink(['section' => 'backups', 'page' => $page, 'action' => 'add']),
'label' => lng('admin.backup_storage_add')
]
]
]);
} elseif ($action == 'delete' && $id != 0) {
try {
$json_result = BackupStorages::getLocal($userinfo, [
'id' => $id
])->get();
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
}
$result = json_decode($json_result, true)['data'];
if ($result['id'] != '') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
BackupStorages::getLocal($userinfo, [
'id' => $id
])->delete();
Response::redirectTo($filename, [
'page' => $page
]);
} else {
HTML::askYesNo('backup_backup_server_reallydelete', $filename, [
'id' => $id,
'page' => $page,
'action' => $action
], $result['id']);
}
}
} elseif ($action == 'add') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
try {
BackupStorages::getLocal($userinfo, $_POST)->add();
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
}
Response::redirectTo($filename, [
'page' => $page
]);
} else {
$admin_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/backup_storages/formfield.backup_storage_add.php';
UI::view('user/form.html.twig', [
'formaction' => $linker->getLink(['section' => 'backups']),
'formdata' => $admin_add_data['backup_storage_add']
]);
}
} elseif ($action == 'edit' && $id != 0) {
try {
$json_result = BackupStorages::getLocal($userinfo, [
'id' => $id
])->get();
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
}
$result = json_decode($json_result, true)['data'];
if ($result['id'] != '') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
try {
BackupStorages::getLocal($userinfo, $_POST)->update();
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
}
Response::redirectTo($filename, [
'page' => $page
]);
} else {
$backup_storage_edit_data = include_once dirname(__FILE__) . '/lib/formfields/admin/backup_storages/formfield.backup_storage_edit.php';
UI::view('user/form.html.twig', [
'formaction' => $linker->getLink(['section' => 'backups', 'id' => $id]),
'formdata' => $backup_storage_edit_data['backup_storage_edit'],
'editid' => $id
]);
}
}
}
} else {
Response::dynamicError('403');
}

35
admin_customers.php
View File

@@ -27,7 +27,6 @@ const AREA = 'admin';
require __DIR__ . '/lib/init.php';
use Froxlor\Api\Commands\Admins;
use Froxlor\Api\Commands\BackupStorages;
use Froxlor\Api\Commands\Customers;
use Froxlor\Api\Commands\MysqlServer;
use Froxlor\CurrentUser;
@@ -226,23 +225,6 @@ if (($page == 'customers' || $page == 'overview') && $userinfo['customers'] != '
$hosting_plans[$row['id']] = $row['name'];
}
// backup storages
$backup_storages = [];
if (Settings::Get('backup.enabled') == '1' && $userinfo['change_serversettings'] == '1') {
$backup_storages = [
0 => lng('backup.storage_none')
];
try {
$result_json = BackupStorages::getLocal($userinfo)->listing();
$result_decoded = json_decode($result_json, true)['data']['list'];
foreach ($result_decoded as $storagedata) {
$backup_storages[$storagedata['id']] = "[" . $storagedata['type'] . "] " . html_entity_decode($storagedata['description']);
}
} catch (Exception $e) {
/* just none */
}
}
$customer_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/customer/formfield.customer_add.php';
UI::view('user/form.html.twig', [
@@ -325,23 +307,6 @@ if (($page == 'customers' || $page == 'overview') && $userinfo['customers'] != '
$hosting_plans[$row['id']] = $row['name'];
}
// backup storages
$backup_storages = [];
if (Settings::Get('backup.enabled') == '1' && $userinfo['change_serversettings'] == '1') {
$backup_storages = [
0 => lng('backup.storage_none')
];
try {
$result_json = BackupStorages::getLocal($userinfo)->listing();
$result_decoded = json_decode($result_json, true)['data']['list'];
foreach ($result_decoded as $storagedata) {
$backup_storages[$storagedata['id']] = "[" . $storagedata['type'] . "] " . html_entity_decode($storagedata['description']);
}
} catch (Exception $e) {
/* just none */
}
}
$available_admins_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_ADMINS . "`
WHERE (`customers` = '-1' OR `customers` > `customers_used`)

61
admin_domains.php
View File

@@ -114,11 +114,15 @@ if ($page == 'domains' || $page == 'overview') {
} elseif ($alias_check['count'] > 0) {
Response::standardError('domains_cantdeletedomainwithaliases');
} else {
HTML::askYesNo('admin_domain_reallydelete', $filename, [
$showcheck = false;
if (Domain::domainHasMainSubDomains($id)) {
$showcheck = true;
}
HTML::askYesNoWithCheckbox('admin_domain_reallydelete', 'remove_subbutmain_domains', $filename, [
'id' => $id,
'page' => $page,
'action' => $action
], $idna_convert->decode($result['domain']));
], $idna_convert->decode($result['domain']), $showcheck);
}
}
} elseif ($action == 'add') {
@@ -248,6 +252,21 @@ if ($page == 'domains' || $page == 'overview') {
$domains[$row_domain['id']] = $idna_convert->decode($row_domain['domain']) . ' (' . $row_domain['loginname'] . ')';
}
$subtodomains = [
0 => lng('domains.nosubtomaindomain')
];
$result_domains_stmt = Database::prepare("
SELECT `d`.`id`, `d`.`domain`, `c`.`loginname` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c`
WHERE `d`.`aliasdomain` IS NULL AND `d`.`parentdomainid` = 0 AND `d`.`ismainbutsubto` = 0 " . $standardsubdomains . ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = :adminid") . "
AND `d`.`customerid`=`c`.`customerid` ORDER BY `loginname`, `domain` ASC
");
// params from above still valid
Database::pexecute($result_domains_stmt, $params);
while ($row_domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
$subtodomains[$row_domain['id']] = $idna_convert->decode($row_domain['domain']) . ' (' . $row_domain['loginname'] . ')';
}
$phpconfigs = [];
$configs = Database::query("
SELECT c.*, fc.description as interpreter
@@ -450,6 +469,27 @@ if ($page == 'domains' || $page == 'overview') {
$domains[$row_domain['id']] = $idna_convert->decode($row_domain['domain']);
}
$subtodomains = [
0 => lng('domains.nosubtomaindomain')
];
$result_domains_stmt = Database::prepare("
SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c`
WHERE `d`.`aliasdomain` IS NULL AND `d`.`parentdomainid` = '0' AND `d`.`id` <> :id
AND `c`.`standardsubdomain`<>`d`.`id` AND `c`.`customerid`=`d`.`customerid`" . ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = :adminid") . "
ORDER BY `d`.`domain` ASC
");
$params = [
'id' => $result['id']
];
if ($userinfo['customers_see_all'] == '0') {
$params['adminid'] = $userinfo['adminid'];
}
Database::pexecute($result_domains_stmt, $params);
while ($row_domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
$subtodomains[$row_domain['id']] = $idna_convert->decode($row_domain['domain']);
}
if ($userinfo['ip'] == "-1") {
$result_ipsandports_stmt = Database::query("
SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ssl`='0' ORDER BY `ip`, `port` ASC
@@ -636,23 +676,6 @@ if ($page == 'domains' || $page == 'overview') {
'alert_msg' => lng('domains.import_description')
]);
}
} elseif ($action == 'duplicate') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
try {
Domains::getLocal($userinfo, $_POST)->duplicate();
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
}
Response::redirectTo($filename, [
'page' => $page,
'searchfield' => 'd.domain_ace',
'searchtext' => $_POST['domain'] ?? ""
]);
} else {
Response::redirectTo($filename, [
'page' => 'overview'
]);
}
}
} elseif ($page == 'domainssleditor') {
require_once __DIR__ . '/ssl_editor.php';

71
admin_index.php
View File

@@ -31,7 +31,6 @@ use Froxlor\Api\Commands\Froxlor as Froxlor;
use Froxlor\CurrentUser;
use Froxlor\Database\Database;
use Froxlor\FroxlorLogger;
use Froxlor\Language;
use Froxlor\Settings;
use Froxlor\System\Cronjob;
use Froxlor\System\Crypt;
@@ -39,6 +38,7 @@ use Froxlor\UI\Panel\UI;
use Froxlor\UI\Request;
use Froxlor\UI\Response;
use Froxlor\Validate\Validate;
use Froxlor\Language;
$id = (int)Request::any('id');
@@ -197,11 +197,8 @@ if ($page == 'overview') {
'outstanding_tasks' => $outstanding_tasks,
'cron_last_runs' => $cron_last_runs
]);
} elseif ($page == 'profile') {
$languages = Language::getLanguages();
if (!empty($_POST)) {
if ($_POST['send'] == 'changepassword') {
} elseif ($page == 'change_password') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$old_password = Validate::validate($_POST['old_password'], 'old password');
if (!Crypt::validatePasswordLogin($userinfo, $old_password, TABLE_PANEL_ADMINS, 'adminid')) {
@@ -244,22 +241,12 @@ if ($page == 'overview') {
$log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, 'changed password');
Response::redirectTo($filename);
}
} elseif ($_POST['send'] == 'changetheme') {
if (Settings::Get('panel.allow_theme_change_admin') == 1) {
$theme = Validate::validate($_POST['theme'], 'theme');
try {
Admins::getLocal($userinfo, [
'id' => $userinfo['adminid'],
'theme' => $theme
])->update();
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
} else {
UI::view('user/change_password.html.twig');
}
$log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "changed his/her theme to '" . $theme . "'");
}
Response::redirectTo($filename);
} elseif ($_POST['send'] == 'changelanguage') {
} elseif ($page == 'change_language') {
$languages = Language::getLanguages();
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$def_language = Validate::validate($_POST['def_language'], 'default language');
if (isset($languages[$def_language])) {
@@ -275,26 +262,42 @@ if ($page == 'overview') {
}
$log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "changed his/her default language to '" . $def_language . "'");
Response::redirectTo($filename);
}
} else {
// change theme
$default_theme = Settings::Get('panel.default_theme');
if ($userinfo['theme'] != '') {
$default_theme = $userinfo['theme'];
}
$themes_avail = UI::getThemes();
// change language
$default_lang = Settings::Get('panel.standardlanguage');
if ($userinfo['def_language'] != '') {
$default_lang = $userinfo['def_language'];
}
UI::view('user/profile.html.twig', [
'themes' => $themes_avail,
'default_theme' => $default_theme,
UI::view('user/change_language.html.twig', [
'languages' => $languages,
'default_lang' => $default_lang,
'default_lang' => $default_lang
]);
}
} elseif ($page == 'change_theme') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$theme = Validate::validate($_POST['theme'], 'theme');
try {
Admins::getLocal($userinfo, [
'id' => $userinfo['adminid'],
'theme' => $theme
])->update();
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
}
$log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "changed his/her theme to '" . $theme . "'");
Response::redirectTo($filename);
} else {
$default_theme = Settings::Get('panel.default_theme');
if ($userinfo['theme'] != '') {
$default_theme = $userinfo['theme'];
}
$themes_avail = UI::getThemes();
UI::view('user/change_theme.html.twig', [
'themes' => $themes_avail,
'default_theme' => $default_theme
]);
}
} elseif ($page == 'send_error_report' && Settings::Get('system.allow_error_report_admin') == '1') {

254
admin_opcacheinfo.php
View File

@@ -33,9 +33,9 @@ const AREA = 'admin';
require __DIR__ . '/lib/init.php';
use Froxlor\FroxlorLogger;
use Froxlor\UI\HTML;
use Froxlor\UI\Panel\UI;
use Froxlor\UI\Response;
use Froxlor\UI\HTML;
if ($action == 'reset' && function_exists('opcache_reset') && $userinfo['change_serversettings'] == '1') {
if ($_POST['send'] == 'send') {
@@ -57,30 +57,252 @@ if ($action == 'reset' && function_exists('opcache_reset') && $userinfo['change_
}
}
if (!extension_loaded('Zend OPcache')) {
Response::standardError('no_opcacheinfo');
}
$ocEnabled = ini_get('opcache.enable');
if (empty($ocEnabled)) {
Response::standardError('inactive_opcacheinfo');
if (!function_exists('opcache_get_configuration')) {
Response::standardError(lng('error.no_opcacheinfo'));
}
if ($page == 'showinfo' && $userinfo['change_serversettings'] == '1') {
$time = time();
$log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "viewed OPcache info");
$opcache = (new \Amnuts\Opcache\Service())->getData();
$optimizationLevels = [
1 << 0 => 'CSE, STRING construction',
1 << 1 => 'Constant conversion and jumps',
1 << 2 => '++, +=, series of jumps',
1 << 3 => 'INIT_FCALL_BY_NAME -> DO_FCALL',
1 << 4 => 'CFG based optimization',
1 << 5 => 'DFA based optimization',
1 << 6 => 'CALL GRAPH optimization',
1 << 7 => 'SCCP (constant propagation)',
1 << 8 => 'TMP VAR usage',
1 << 9 => 'NOP removal',
1 << 10 => 'Merge equal constants',
1 << 11 => 'Adjust used stack',
1 << 12 => 'Remove unused variables',
1 << 13 => 'DCE (dead code elimination)',
1 << 14 => '(unsafe) Collect constants',
1 << 15 => 'Inline functions'
];
$jitModes = [
[
'flag' => 'CPU-specific optimization',
'value' => [
'Disable CPU-specific optimization',
'Enable use of AVX, if the CPU supports it'
]
],
[
'flag' => 'Register allocation',
'value' => [
'Do not perform register allocation',
'Perform block-local register allocation',
'Perform global register allocation'
]
],
[
'flag' => 'Trigger',
'value' => [
'Compile all functions on script load',
'Compile functions on first execution',
'Profile functions on first request and compile the hottest functions afterwards',
'Profile on the fly and compile hot functions',
'Currently unused',
'Use tracing JIT. Profile on the fly and compile traces for hot code segments'
]
],
[
'flag' => 'Optimization level',
'value' => [
'No JIT',
'Minimal JIT (call standard VM handlers)',
'Inline VM handlers',
'Use type inference',
'Use call graph',
'Optimize whole script'
]
]
];
$jitModeMapping = [
'tracing' => 1254,
'on' => 1254,
'function' => 1205
];
$status = opcache_get_status(false);
$config = opcache_get_configuration();
$missingConfig = array_diff_key(ini_get_all('zend opcache', false), $config['directives']);
if (!empty($missingConfig)) {
$config['directives'] = array_merge($config['directives'], $missingConfig);
}
$files = [];
if (!empty($status['scripts'])) {
uasort($status['scripts'], static function ($a, $b) {
return $a['hits'] <=> $b['hits'];
});
foreach ($status['scripts'] as &$file) {
$file['full_path'] = str_replace('\\', '/', $file['full_path']);
$file['readable'] = [
'hits' => number_format($file['hits']),
'memory_consumption' => bsize($file['memory_consumption'])
];
}
$files = array_values($status['scripts']);
}
if ($config['directives']['opcache.file_cache_only'] || !empty($status['file_cache_only'])) {
$overview = false;
} else {
$status['opcache_statistics']['start_time'] = $status['opcache_statistics']['start_time'] ?? time();
$status['opcache_statistics']['last_restart_time'] = $status['opcache_statistics']['last_restart_time'] ?? time();
$overview = array_merge(
$status['memory_usage'],
$status['opcache_statistics'],
[
'total_memory' => $config['directives']['opcache.memory_consumption'],
'used_memory_percentage' => round(100 * (
($status['memory_usage']['used_memory'] + $status['memory_usage']['wasted_memory'])
/ $config['directives']['opcache.memory_consumption']
)),
'hit_rate_percentage' => round($status['opcache_statistics']['opcache_hit_rate']),
'used_key_percentage' => round(100 * ($status['opcache_statistics']['num_cached_keys']
/ $status['opcache_statistics']['max_cached_keys']
)),
'wasted_percentage' => round($status['memory_usage']['current_wasted_percentage'], 2),
'readable' => [
'total_memory' => bsize($config['directives']['opcache.memory_consumption']),
'used_memory' => bsize($status['memory_usage']['used_memory']),
'free_memory' => bsize($status['memory_usage']['free_memory']),
'wasted_memory' => bsize($status['memory_usage']['wasted_memory']),
'num_cached_scripts' => number_format($status['opcache_statistics']['num_cached_scripts']),
'hits' => number_format($status['opcache_statistics']['hits']),
'misses' => number_format($status['opcache_statistics']['misses']),
'blacklist_miss' => number_format($status['opcache_statistics']['blacklist_misses']),
'num_cached_keys' => number_format($status['opcache_statistics']['num_cached_keys']),
'max_cached_keys' => number_format($status['opcache_statistics']['max_cached_keys']),
'interned' => null,
'start_time' => (new DateTimeImmutable("@{$status['opcache_statistics']['start_time']}"))
->setTimezone(new DateTimeZone(date_default_timezone_get()))
->format('Y-m-d H:i:s'),
'last_restart_time' => ($status['opcache_statistics']['last_restart_time'] == 0
? 'never'
: (new DateTimeImmutable("@{$status['opcache_statistics']['last_restart_time']}"))
->setTimezone(new DateTimeZone(date_default_timezone_get()))
->format('Y-m-d H:i:s')
)
]
]
);
}
$preload = [];
if (!empty($status['preload_statistics']['scripts'])) {
$preload = $status['preload_statistics']['scripts'];
sort($preload, SORT_STRING);
if ($overview) {
$overview['preload_memory'] = $status['preload_statistics']['memory_consumption'];
$overview['readable']['preload_memory'] = bsize($status['preload_statistics']['memory_consumption']);
}
}
if (!empty($status['interned_strings_usage'])) {
$overview['readable']['interned'] = [
'buffer_size' => bsize($status['interned_strings_usage']['buffer_size']),
'strings_used_memory' => bsize($status['interned_strings_usage']['used_memory']),
'strings_free_memory' => bsize($status['interned_strings_usage']['free_memory']),
'number_of_strings' => number_format($status['interned_strings_usage']['number_of_strings'])
];
}
if ($overview && !empty($status['jit'])) {
$overview['jit_buffer_used_percentage'] = ($status['jit']['buffer_size']
? round(100 * (($status['jit']['buffer_size'] - $status['jit']['buffer_free']) / $status['jit']['buffer_size']))
: 0
);
$overview['readable'] = array_merge($overview['readable'], [
'jit_buffer_size' => bsize($status['jit']['buffer_size']),
'jit_buffer_free' => bsize($status['jit']['buffer_free'])
]);
}
$directives = [];
ksort($config['directives']);
foreach ($config['directives'] as $k => $v) {
if (in_array($k, ['opcache.max_file_size', 'opcache.memory_consumption', 'opcache.jit_buffer_size']) && $v) {
$v = bsize($v) . " ({$v})";
} elseif ($k === 'opcache.optimization_level') {
$levels = [];
foreach ($optimizationLevels as $level => $info) {
if ($level & $v) {
$levels[] = "{$info} [{$level}]";
}
}
$v = $levels ?: 'none';
} elseif ($k === 'opcache.jit') {
if ($v === '1') {
$v = 'on';
}
if (isset($jitModeMapping[$v]) || is_numeric($v)) {
$levels = [];
foreach (str_split((string)($jitModeMapping[$v] ?? $v)) as $type => $level) {
$levels[] = "{$level}: {$jitModes[$type]['value'][$level]} ({$jitModes[$type]['flag']})";
}
$v = [$v, $levels];
} elseif (empty($v) || strtolower($v) === 'off') {
$v = 'Off';
}
}
$directives[] = [
'k' => $k,
'v' => $v
];
}
$version = array_merge(
$config['version'],
[
'php' => phpversion(),
'server' => $_SERVER['SERVER_SOFTWARE'] ?: '',
'host' => (function_exists('gethostname')
? gethostname()
: (php_uname('n')
?: (empty($_SERVER['SERVER_NAME'])
? $_SERVER['HOST_NAME']
: $_SERVER['SERVER_NAME']
)
)
)
]
);
UI::view('settings/opcacheinfo.html.twig', [
'opcacheinfo' => [
'version' => $opcache['version'],
'overview' => $opcache['overview'],
'files' => $opcache['files'],
'preload' => $opcache['preload'],
'directives' => $opcache['directives'],
'blacklist' => $opcache['blacklist'],
'functions' => $opcache['functions'],
'version' => $version,
'overview' => $overview,
'files' => $files,
'preload' => $preload,
'directives' => $directives,
'blacklist' => $config['blacklist'],
'functions' => get_extension_funcs('Zend OPcache')
]
]);
}
function bsize($size)
{
$i = 0;
$val = ['b', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB'];
while (($size / 1024) > 1) {
$size /= 1024;
++$i;
}
return sprintf(
'%.2f%s%s',
$size,
'',
$val[$i]
);
}

7
admin_settings.php
View File

@@ -70,15 +70,14 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
// check if the session timeout is too low #815
if (isset($_POST['session_sessiontimeout']) && $_POST['session_sessiontimeout'] < 60) {
Response::standardError(['session_timeout', 'session_timeout_desc']);
Response::standardError(lng('error.session_timeout'), lng('error.session_timeout_desc'));
}
try {
if (Form::processForm($settings_data, $_POST, [
'filename' => $filename,
'action' => $action,
'page' => $page,
'part' => $_part,
'page' => $page
], $_part, $settings_all, $settings_part, $only_enabledisable)) {
$log->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "rebuild configfiles due to changed setting");
Cronjob::inserttask(TaskId::REBUILD_VHOST);
@@ -133,7 +132,7 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') {
}
}
} else {
Response::standardError('error.no_phpinfo');
Response::standardError(lng('error.no_phpinfo'));
}
UI::view('settings/phpinfo.html.twig', [
'phpversion' => PHP_VERSION,

4
composer.json
View File

@@ -46,7 +46,6 @@
"ext-fileinfo": "*",
"ext-gmp": "*",
"ext-gd": "*",
"ext-ftp": "*",
"phpmailer/phpmailer": "~6.0",
"monolog/monolog": "^1.24",
"robthree/twofactorauth": "^1.6",
@@ -55,8 +54,7 @@
"twig/twig": "^3.3",
"erusev/parsedown": "^1.7",
"symfony/console": "^5.4",
"pear/net_dns2": "^1.5",
"amnuts/opcache-gui": "^3.4"
"pear/net_dns2": "^1.5"
},
"require-dev": {
"phpunit/phpunit": "^9",

195
composer.lock generated
View File

@@ -4,70 +4,8 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "9ce9c044d979a2358438b876c3c73561",
"content-hash": "2de39e6b85579ce1f0c2f7a16d57ede3",
"packages": [
{
"name": "amnuts/opcache-gui",
"version": "3.4.0",
"source": {
"type": "git",
"url": "https://github.com/amnuts/opcache-gui.git",
"reference": "a4af194185bcda734cf3e15e877b217153fffd2b"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/amnuts/opcache-gui/zipball/a4af194185bcda734cf3e15e877b217153fffd2b",
"reference": "a4af194185bcda734cf3e15e877b217153fffd2b",
"shasum": ""
},
"require": {
"ext-json": "*",
"ext-zend-opcache": "*",
"php": ">=7.1.0"
},
"type": "library",
"autoload": {
"psr-4": {
"Amnuts\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Andrew Collington",
"email": "andy@amnuts.com",
"homepage": "https://blog.amnuts.com/",
"role": "Developer"
},
{
"name": "Contributors",
"homepage": "https://github.com/amnuts/opcache-gui/graphs/contributors"
}
],
"description": "A clean, effective and responsive interface for Zend OPcache, with real(ish)-time monitoring, filtering and the ability to invalidate files",
"keywords": [
"Opcache",
"cache",
"gui",
"interface",
"opcodes"
],
"support": {
"email": "andy@amnuts.com",
"issues": "https://github.com/amnuts/opcache-gui/issues",
"source": "https://github.com/amnuts/opcache-gui/tree/3.4.0"
},
"funding": [
{
"url": "https://github.com/amnuts",
"type": "github"
}
],
"time": "2022-08-02T23:08:34+00:00"
},
{
"name": "erusev/parsedown",
"version": "1.7.4",
@@ -561,16 +499,16 @@
},
{
"name": "symfony/console",
"version": "v5.4.24",
"version": "v5.4.22",
"source": {
"type": "git",
"url": "https://github.com/symfony/console.git",
"reference": "560fc3ed7a43e6d30ea94a07d77f9a60b8ed0fb8"
"reference": "3cd51fd2e6c461ca678f84d419461281bd87a0a8"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/console/zipball/560fc3ed7a43e6d30ea94a07d77f9a60b8ed0fb8",
"reference": "560fc3ed7a43e6d30ea94a07d77f9a60b8ed0fb8",
"url": "https://api.github.com/repos/symfony/console/zipball/3cd51fd2e6c461ca678f84d419461281bd87a0a8",
"reference": "3cd51fd2e6c461ca678f84d419461281bd87a0a8",
"shasum": ""
},
"require": {
@@ -640,7 +578,7 @@
"terminal"
],
"support": {
"source": "https://github.com/symfony/console/tree/v5.4.24"
"source": "https://github.com/symfony/console/tree/v5.4.22"
},
"funding": [
{
@@ -656,7 +594,7 @@
"type": "tidelift"
}
],
"time": "2023-05-26T05:13:16+00:00"
"time": "2023-03-25T09:27:28+00:00"
},
{
"name": "symfony/deprecation-contracts",
@@ -1547,16 +1485,16 @@
},
{
"name": "twig/twig",
"version": "v3.7.0",
"version": "v3.5.1",
"source": {
"type": "git",
"url": "https://github.com/twigphp/Twig.git",
"reference": "5cf942bbab3df42afa918caeba947f1b690af64b"
"reference": "a6e0510cc793912b451fd40ab983a1d28f611c15"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/twigphp/Twig/zipball/5cf942bbab3df42afa918caeba947f1b690af64b",
"reference": "5cf942bbab3df42afa918caeba947f1b690af64b",
"url": "https://api.github.com/repos/twigphp/Twig/zipball/a6e0510cc793912b451fd40ab983a1d28f611c15",
"reference": "a6e0510cc793912b451fd40ab983a1d28f611c15",
"shasum": ""
},
"require": {
@@ -1565,10 +1503,15 @@
"symfony/polyfill-mbstring": "^1.3"
},
"require-dev": {
"psr/container": "^1.0|^2.0",
"psr/container": "^1.0",
"symfony/phpunit-bridge": "^4.4.9|^5.0.9|^6.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "3.5-dev"
}
},
"autoload": {
"psr-4": {
"Twig\\": "src/"
@@ -1602,7 +1545,7 @@
],
"support": {
"issues": "https://github.com/twigphp/Twig/issues",
"source": "https://github.com/twigphp/Twig/tree/v3.7.0"
"source": "https://github.com/twigphp/Twig/tree/v3.5.1"
},
"funding": [
{
@@ -1614,20 +1557,20 @@
"type": "tidelift"
}
],
"time": "2023-07-26T07:16:09+00:00"
"time": "2023-02-08T07:49:20+00:00"
},
{
"name": "voku/anti-xss",
"version": "4.1.42",
"version": "4.1.41",
"source": {
"type": "git",
"url": "https://github.com/voku/anti-xss.git",
"reference": "bca1f8607e55a3c5077483615cd93bd8f11bd675"
"reference": "55a403436494e44a2547a8d42de68e6cad4bca1d"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/voku/anti-xss/zipball/bca1f8607e55a3c5077483615cd93bd8f11bd675",
"reference": "bca1f8607e55a3c5077483615cd93bd8f11bd675",
"url": "https://api.github.com/repos/voku/anti-xss/zipball/55a403436494e44a2547a8d42de68e6cad4bca1d",
"reference": "55a403436494e44a2547a8d42de68e6cad4bca1d",
"shasum": ""
},
"require": {
@@ -1673,7 +1616,7 @@
],
"support": {
"issues": "https://github.com/voku/anti-xss/issues",
"source": "https://github.com/voku/anti-xss/tree/4.1.42"
"source": "https://github.com/voku/anti-xss/tree/4.1.41"
},
"funding": [
{
@@ -1697,7 +1640,7 @@
"type": "tidelift"
}
],
"time": "2023-07-03T14:40:46+00:00"
"time": "2023-02-12T15:56:55+00:00"
},
{
"name": "voku/portable-ascii",
@@ -2146,16 +2089,16 @@
},
{
"name": "nikic/php-parser",
"version": "v4.16.0",
"version": "v4.15.4",
"source": {
"type": "git",
"url": "https://github.com/nikic/PHP-Parser.git",
"reference": "19526a33fb561ef417e822e85f08a00db4059c17"
"reference": "6bb5176bc4af8bcb7d926f88718db9b96a2d4290"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/19526a33fb561ef417e822e85f08a00db4059c17",
"reference": "19526a33fb561ef417e822e85f08a00db4059c17",
"url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/6bb5176bc4af8bcb7d926f88718db9b96a2d4290",
"reference": "6bb5176bc4af8bcb7d926f88718db9b96a2d4290",
"shasum": ""
},
"require": {
@@ -2196,22 +2139,22 @@
],
"support": {
"issues": "https://github.com/nikic/PHP-Parser/issues",
"source": "https://github.com/nikic/PHP-Parser/tree/v4.16.0"
"source": "https://github.com/nikic/PHP-Parser/tree/v4.15.4"
},
"time": "2023-06-25T14:52:30+00:00"
"time": "2023-03-05T19:49:14+00:00"
},
{
"name": "pdepend/pdepend",
"version": "2.14.0",
"version": "2.13.0",
"source": {
"type": "git",
"url": "https://github.com/pdepend/pdepend.git",
"reference": "1121d4b04af06e33e9659bac3a6741b91cab1de1"
"reference": "31be7cd4f305f3f7b52af99c1cb13fc938d1cfad"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/pdepend/pdepend/zipball/1121d4b04af06e33e9659bac3a6741b91cab1de1",
"reference": "1121d4b04af06e33e9659bac3a6741b91cab1de1",
"url": "https://api.github.com/repos/pdepend/pdepend/zipball/31be7cd4f305f3f7b52af99c1cb13fc938d1cfad",
"reference": "31be7cd4f305f3f7b52af99c1cb13fc938d1cfad",
"shasum": ""
},
"require": {
@@ -2245,15 +2188,9 @@
"BSD-3-Clause"
],
"description": "Official version of pdepend to be handled with Composer",
"keywords": [
"PHP Depend",
"PHP_Depend",
"dev",
"pdepend"
],
"support": {
"issues": "https://github.com/pdepend/pdepend/issues",
"source": "https://github.com/pdepend/pdepend/tree/2.14.0"
"source": "https://github.com/pdepend/pdepend/tree/2.13.0"
},
"funding": [
{
@@ -2261,7 +2198,7 @@
"type": "tidelift"
}
],
"time": "2023-05-26T13:15:18+00:00"
"time": "2023-02-28T20:56:15+00:00"
},
{
"name": "phar-io/manifest",
@@ -2583,16 +2520,16 @@
},
{
"name": "phpstan/phpstan",
"version": "1.10.26",
"version": "1.10.14",
"source": {
"type": "git",
"url": "https://github.com/phpstan/phpstan.git",
"reference": "5d660cbb7e1b89253a47147ae44044f49832351f"
"reference": "d232901b09e67538e5c86a724be841bea5768a7c"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/phpstan/phpstan/zipball/5d660cbb7e1b89253a47147ae44044f49832351f",
"reference": "5d660cbb7e1b89253a47147ae44044f49832351f",
"url": "https://api.github.com/repos/phpstan/phpstan/zipball/d232901b09e67538e5c86a724be841bea5768a7c",
"reference": "d232901b09e67538e5c86a724be841bea5768a7c",
"shasum": ""
},
"require": {
@@ -2641,7 +2578,7 @@
"type": "tidelift"
}
],
"time": "2023-07-19T12:44:37+00:00"
"time": "2023-04-19T13:47:27+00:00"
},
{
"name": "phpunit/php-code-coverage",
@@ -2963,16 +2900,16 @@
},
{
"name": "phpunit/phpunit",
"version": "9.6.10",
"version": "9.6.7",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/phpunit.git",
"reference": "a6d351645c3fe5a30f5e86be6577d946af65a328"
"reference": "c993f0d3b0489ffc42ee2fe0bd645af1538a63b2"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/a6d351645c3fe5a30f5e86be6577d946af65a328",
"reference": "a6d351645c3fe5a30f5e86be6577d946af65a328",
"url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/c993f0d3b0489ffc42ee2fe0bd645af1538a63b2",
"reference": "c993f0d3b0489ffc42ee2fe0bd645af1538a63b2",
"shasum": ""
},
"require": {
@@ -3046,7 +2983,7 @@
"support": {
"issues": "https://github.com/sebastianbergmann/phpunit/issues",
"security": "https://github.com/sebastianbergmann/phpunit/security/policy",
"source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.10"
"source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.7"
},
"funding": [
{
@@ -3062,7 +2999,7 @@
"type": "tidelift"
}
],
"time": "2023-07-10T04:04:23+00:00"
"time": "2023-04-14T08:58:40+00:00"
},
{
"name": "sebastian/cli-parser",
@@ -3364,16 +3301,16 @@
},
{
"name": "sebastian/diff",
"version": "4.0.5",
"version": "4.0.4",
"source": {
"type": "git",
"url": "https://github.com/sebastianbergmann/diff.git",
"reference": "74be17022044ebaaecfdf0c5cd504fc9cd5a7131"
"reference": "3461e3fccc7cfdfc2720be910d3bd73c69be590d"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/diff/zipball/74be17022044ebaaecfdf0c5cd504fc9cd5a7131",
"reference": "74be17022044ebaaecfdf0c5cd504fc9cd5a7131",
"url": "https://api.github.com/repos/sebastianbergmann/diff/zipball/3461e3fccc7cfdfc2720be910d3bd73c69be590d",
"reference": "3461e3fccc7cfdfc2720be910d3bd73c69be590d",
"shasum": ""
},
"require": {
@@ -3418,7 +3355,7 @@
],
"support": {
"issues": "https://github.com/sebastianbergmann/diff/issues",
"source": "https://github.com/sebastianbergmann/diff/tree/4.0.5"
"source": "https://github.com/sebastianbergmann/diff/tree/4.0.4"
},
"funding": [
{
@@ -3426,7 +3363,7 @@
"type": "github"
}
],
"time": "2023-05-07T05:35:17+00:00"
"time": "2020-10-26T13:10:38+00:00"
},
{
"name": "sebastian/environment",
@@ -4228,16 +4165,16 @@
},
{
"name": "symfony/dependency-injection",
"version": "v5.4.25",
"version": "v5.4.22",
"source": {
"type": "git",
"url": "https://github.com/symfony/dependency-injection.git",
"reference": "f0410c30a6c86bbce6c719c2b5cfc343362b982e"
"reference": "e1b7c1432efb4ad1dd89d62906187271e2601ed9"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/dependency-injection/zipball/f0410c30a6c86bbce6c719c2b5cfc343362b982e",
"reference": "f0410c30a6c86bbce6c719c2b5cfc343362b982e",
"url": "https://api.github.com/repos/symfony/dependency-injection/zipball/e1b7c1432efb4ad1dd89d62906187271e2601ed9",
"reference": "e1b7c1432efb4ad1dd89d62906187271e2601ed9",
"shasum": ""
},
"require": {
@@ -4297,7 +4234,7 @@
"description": "Allows you to standardize and centralize the way objects are constructed in your application",
"homepage": "https://symfony.com",
"support": {
"source": "https://github.com/symfony/dependency-injection/tree/v5.4.25"
"source": "https://github.com/symfony/dependency-injection/tree/v5.4.22"
},
"funding": [
{
@@ -4313,20 +4250,20 @@
"type": "tidelift"
}
],
"time": "2023-06-24T09:45:28+00:00"
"time": "2023-03-10T10:02:45+00:00"
},
{
"name": "symfony/filesystem",
"version": "v5.4.25",
"version": "v5.4.21",
"source": {
"type": "git",
"url": "https://github.com/symfony/filesystem.git",
"reference": "0ce3a62c9579a53358d3a7eb6b3dfb79789a6364"
"reference": "e75960b1bbfd2b8c9e483e0d74811d555ca3de9f"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symfony/filesystem/zipball/0ce3a62c9579a53358d3a7eb6b3dfb79789a6364",
"reference": "0ce3a62c9579a53358d3a7eb6b3dfb79789a6364",
"url": "https://api.github.com/repos/symfony/filesystem/zipball/e75960b1bbfd2b8c9e483e0d74811d555ca3de9f",
"reference": "e75960b1bbfd2b8c9e483e0d74811d555ca3de9f",
"shasum": ""
},
"require": {
@@ -4361,7 +4298,7 @@
"description": "Provides basic utilities for the filesystem",
"homepage": "https://symfony.com",
"support": {
"source": "https://github.com/symfony/filesystem/tree/v5.4.25"
"source": "https://github.com/symfony/filesystem/tree/v5.4.21"
},
"funding": [
{
@@ -4377,7 +4314,7 @@
"type": "tidelift"
}
],
"time": "2023-05-31T13:04:02+00:00"
"time": "2023-02-14T08:03:56+00:00"
},
{
"name": "symfony/polyfill-php81",

39
customer_domains.php
View File

@@ -51,7 +51,7 @@ $id = (int)Request::any('id');
if ($page == 'overview' || $page == 'domains') {
if ($action == '') {
$log->logAction(FroxlorLogger::USR_ACTION, LOG_INFO, "viewed customer_domains::domains");
$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "viewed customer_domains::domains");
$parentdomain_id = (int)Request::any('pid', '0');
@@ -73,17 +73,10 @@ if ($page == 'overview' || $page == 'domains') {
];
}
$table_tpl = 'table.html.twig';
if ($collection->count() == 0) {
$table_tpl = 'table-note.html.twig';
}
UI::view('user/' . $table_tpl, [
UI::view('user/table.html.twig', [
'listing' => Listing::format($collection, $domain_list_data, 'domain_list'),
'actions_links' => $actions_links,
'entity_info' => lng('domains.description'),
// alert-box
'type' => 'warning',
'alert_msg' => lng('domains.nodomainsassignedbyadmin')
'entity_info' => lng('domains.description')
]);
} elseif ($action == 'delete' && $id != 0) {
try {
@@ -137,7 +130,6 @@ if ($page == 'overview' || $page == 'domains') {
AND `parentdomainid` = '0'
AND `email_only` = '0'
AND `caneditdomain` = '1'
AND `deactivated` = '0'
ORDER BY `domain` ASC");
Database::pexecute($stmt, [
"customerid" => $userinfo['customerid']
@@ -147,14 +139,6 @@ if ($page == 'overview' || $page == 'domains') {
$domains[$row['domain']] = $idna_convert->decode($row['domain']);
}
// check of there are any domains to be used
if (count($domains) <= 0) {
// no, possible direct URL access, redirect to overview
Response::redirectTo($filename, [
'page' => $page
]);
}
$aliasdomains[0] = lng('domains.noaliasdomain');
$domains_stmt = Database::prepare("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c`
WHERE `d`.`aliasdomain` IS NULL
@@ -389,23 +373,6 @@ if ($page == 'overview' || $page == 'domains') {
} else {
Response::standardError('domains_canteditdomain');
}
} elseif ($action == 'jqSpeciallogfileNote') {
$domainid = intval($_POST['id']);
$newval = intval($_POST['newval']);
try {
$json_result = SubDomains::getLocal($userinfo, [
'id' => $domainid
])->get();
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
}
$result = json_decode($json_result, true)['data'];
if ($newval != $result['speciallogfile']) {
echo json_encode(['changed' => true, 'info' => lng('admin.speciallogwarning')]);
exit();
}
echo 0;
exit();
}
} elseif ($page == 'domainssleditor') {
require_once __DIR__ . '/ssl_editor.php';

26
customer_email.php
View File

@@ -84,7 +84,7 @@ if ($page == 'overview' || $page == 'emails') {
if ($page == 'email_domain') {
$email_domainid = Request::any('domainid', 0);
if ($action == '') {
$log->logAction(FroxlorLogger::USR_ACTION, LOG_INFO, "viewed customer_email::emails");
$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "viewed customer_email::emails");
$sql_search = [];
if ($email_domainid > 0) {
@@ -299,6 +299,30 @@ if ($page == 'email_domain') {
'action' => 'edit',
'id' => $id,
]);
} elseif ($action == 'togglegreylist' && $id != 0) {
try {
$json_result = Emails::getLocal($userinfo, [
'id' => $id
])->get();
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
}
$result = json_decode($json_result, true)['data'];
try {
Emails::getLocal($userinfo, [
'id' => $id,
'disablegreylist' => ($result['disablegreylist'] == '1' ? 0 : 1)
])->updateGreylist();
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
}
Response::redirectTo($filename, [
'page' => $page,
'domainid' => $email_domainid,
'action' => 'edit',
'id' => $id,
]);
}
} elseif ($page == 'accounts') {
$email_domainid = Request::any('domainid', 0);

34
customer_extras.php
View File

@@ -26,7 +26,7 @@
const AREA = 'customer';
require __DIR__ . '/lib/init.php';
use Froxlor\Api\Commands\DataDump as DataDump;
use Froxlor\Api\Commands\CustomerBackups as CustomerBackups;
use Froxlor\Api\Commands\DirOptions as DirOptions;
use Froxlor\Api\Commands\DirProtections as DirProtections;
use Froxlor\Customer\Customer;
@@ -282,18 +282,18 @@ if ($page == 'overview' || $page == 'htpasswds') {
}
}
}
} elseif ($page == 'export') {
} elseif ($page == 'backup') {
// redirect if this customer sub-page is hidden via settings
if (Settings::IsInList('panel.customer_hide_options', 'extras.export')) {
if (Settings::IsInList('panel.customer_hide_options', 'extras.backup')) {
Response::redirectTo('customer_index.php');
}
if (Settings::Get('system.exportenabled') == 1) {
if (Settings::Get('system.backupenabled') == 1) {
if ($action == 'abort') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "customer_extras::export - aborted scheduled data export job");
$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "customer_extras::backup - aborted scheduled backupjob");
try {
DataDump::getLocal($userinfo, $_POST)->delete();
CustomerBackups::getLocal($userinfo, $_POST)->delete();
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
}
@@ -302,43 +302,43 @@ if ($page == 'overview' || $page == 'htpasswds') {
'action' => ''
]);
} else {
HTML::askYesNo('extras_reallydelete_export', $filename, [
'job_entry' => $id,
HTML::askYesNo('extras_reallydelete_backup', $filename, [
'backup_job_entry' => $id,
'section' => 'extras',
'page' => $page,
'action' => $action
]);
}
} elseif ($action == '') {
$log->logAction(FroxlorLogger::USR_ACTION, LOG_INFO, "viewed customer_extras::export");
$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "viewed customer_extras::backup");
// check whether there is a backup-job for this customer
try {
$export_list_data = include_once dirname(__FILE__) . '/lib/tablelisting/customer/tablelisting.export.php';
$collection = (new Collection(DataDump::class, $userinfo));
$backup_list_data = include_once dirname(__FILE__) . '/lib/tablelisting/customer/tablelisting.backups.php';
$collection = (new Collection(CustomerBackups::class, $userinfo));
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
}
if (isset($_POST['send']) && $_POST['send'] == 'send') {
try {
DataDump::getLocal($userinfo, $_POST)->add();
CustomerBackups::getLocal($userinfo, $_POST)->add();
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
}
Response::standardSuccess('exportscheduled');
Response::standardSuccess('backupscheduled');
} else {
$pathSelect = FileDir::makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']);
$export_data = include_once dirname(__FILE__) . '/lib/formfields/customer/extras/formfield.export.php';
$backup_data = include_once dirname(__FILE__) . '/lib/formfields/customer/extras/formfield.backup.php';
UI::view('user/form-datatable.html.twig', [
'formaction' => $linker->getLink(['section' => 'extras']),
'formdata' => $export_data['export'],
'tabledata' => Listing::format($collection, $export_list_data, 'export_list'),
'formdata' => $backup_data['backup'],
'tabledata' => Listing::format($collection, $backup_list_data, 'backup_list'),
]);
}
}
} else {
Response::standardError('exportfunctionnotenabled');
Response::standardError('backupfunctionnotenabled');
}
}

84
customer_index.php
View File

@@ -27,21 +27,21 @@ const AREA = 'customer';
require __DIR__ . '/lib/init.php';
use Froxlor\Api\Commands\Customers as Customers;
use Froxlor\Cron\TaskId;
use Froxlor\CurrentUser;
use Froxlor\Database\Database;
use Froxlor\Froxlor;
use Froxlor\FroxlorLogger;
use Froxlor\Language;
use Froxlor\Settings;
use Froxlor\System\Cronjob;
use Froxlor\System\Crypt;
use Froxlor\UI\Panel\UI;
use Froxlor\UI\Response;
use Froxlor\Validate\Validate;
use Froxlor\Language;
use Froxlor\System\Cronjob;
use Froxlor\Cron\TaskId;
if ($action == 'logout') {
$log->logAction(FroxlorLogger::USR_ACTION, LOG_INFO, 'logged out');
$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, 'logged out');
unset($_SESSION['userinfo']);
CurrentUser::setData();
@@ -66,7 +66,7 @@ if ($action == 'logout') {
}
if ($page == 'overview') {
$log->logAction(FroxlorLogger::USR_ACTION, LOG_INFO, "viewed customer_index");
$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "viewed customer_index");
$domain_stmt = Database::prepare("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "`
WHERE `customerid` = :customerid
@@ -114,11 +114,6 @@ if ($page == 'overview') {
$userinfo['traffic_bytes'] = ($userinfo['traffic'] > -1) ? $userinfo['traffic'] * 1024 : -1;
$userinfo['traffic_bytes_used'] = $userinfo['traffic_used'] * 1024;
if (Settings::Get('system.mail_quota_enabled')) {
$userinfo['email_quota_bytes'] = ($userinfo['email_quota'] > -1) ? $userinfo['email_quota'] * 1024 : -1;
$userinfo['email_quota_bytes_used'] = $userinfo['email_quota_used'] * 1024;
}
if ($usages) {
$userinfo['diskspace_bytes_used'] = $usages['webspace'] * 1024;
$userinfo['mailspace_used'] = $usages['mail'] * 1024;
@@ -136,11 +131,8 @@ if ($page == 'overview') {
'domains' => $domainArray,
'stdsubdomain' => $stdsubdomain
]);
} elseif ($page == 'profile') {
$languages = Language::getLanguages();
if (!empty($_POST)) {
if ($_POST['send'] == 'changepassword') {
} elseif ($page == 'change_password') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$old_password = Validate::validate($_POST['old_password'], 'old password');
if (!Crypt::validatePasswordLogin($userinfo, $old_password, TABLE_PANEL_CUSTOMERS, 'customerid')) {
@@ -218,22 +210,12 @@ if ($page == 'overview') {
Response::redirectTo($filename);
}
} elseif ($_POST['send'] == 'changetheme') {
if (Settings::Get('panel.allow_theme_change_customer') == 1) {
$theme = Validate::validate($_POST['theme'], 'theme');
try {
Customers::getLocal($userinfo, [
'id' => $userinfo['customerid'],
'theme' => $theme
])->update();
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
} else {
UI::view('user/change_password.html.twig');
}
$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "changed default theme to '" . $theme . "'");
}
Response::redirectTo($filename);
} elseif ($_POST['send'] == 'changelanguage') {
} elseif ($page == 'change_language') {
$languages = Language::getLanguages();
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$def_language = Validate::validate($_POST['def_language'], 'default language');
if (isset($languages[$def_language])) {
try {
@@ -248,26 +230,42 @@ if ($page == 'overview') {
}
$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "changed default language to '" . $def_language . "'");
Response::redirectTo($filename);
}
} else {
// change theme
$default_theme = Settings::Get('panel.default_theme');
if ($userinfo['theme'] != '') {
$default_theme = $userinfo['theme'];
}
$themes_avail = UI::getThemes();
// change language
$default_lang = Settings::Get('panel.standardlanguage');
if ($userinfo['def_language'] != '') {
$default_lang = $userinfo['def_language'];
}
UI::view('user/profile.html.twig', [
'themes' => $themes_avail,
'default_theme' => $default_theme,
UI::view('user/change_language.html.twig', [
'languages' => $languages,
'default_lang' => $default_lang,
'default_lang' => $default_lang
]);
}
} elseif ($page == 'change_theme') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$theme = Validate::validate($_POST['theme'], 'theme');
try {
Customers::getLocal($userinfo, [
'id' => $userinfo['customerid'],
'theme' => $theme
])->update();
} catch (Exception $e) {
Response::dynamicError($e->getMessage());
}
$log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "changed default theme to '" . $theme . "'");
Response::redirectTo($filename);
} else {
$default_theme = Settings::Get('panel.default_theme');
if ($userinfo['theme'] != '') {
$default_theme = $userinfo['theme'];
}
$themes_avail = UI::getThemes();
UI::view('user/change_theme.html.twig', [
'themes' => $themes_avail,
'default_theme' => $default_theme
]);
}
} elseif ($page == 'send_error_report' && Settings::Get('system.allow_error_report_customer') == '1') {

54
index.php
View File

@@ -26,7 +26,6 @@
const AREA = 'login';
require __DIR__ . '/lib/init.php';
use Froxlor\Api\FroxlorRPC;
use Froxlor\CurrentUser;
use Froxlor\Customer\Customer;
use Froxlor\Database\Database;
@@ -38,7 +37,6 @@ use Froxlor\PhpHelper;
use Froxlor\Settings;
use Froxlor\System\Crypt;
use Froxlor\UI\Panel\UI;
use Froxlor\UI\Request;
use Froxlor\UI\Response;
use Froxlor\User;
use Froxlor\Validate\Validate;
@@ -736,58 +734,6 @@ if ($action == 'resetpwd') {
}
}
// one-time link login
if ($action == 'll') {
if (!Froxlor::hasUpdates() && !Froxlor::hasDbUpdates()) {
$loginname = Request::get('ln');
$hash = Request::get('h');
if ($loginname && $hash) {
$sel_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_LOGINLINKS . "`
WHERE `loginname` = :loginname AND `hash` = :hash
");
try {
$entry = Database::pexecute_first($sel_stmt, ['loginname' => $loginname, 'hash' => $hash]);
} catch (Exception $e) {
$entry = false;
}
if ($entry) {
// delete entry
$del_stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_LOGINLINKS . "` WHERE `loginname` = :loginname AND `hash` = :hash");
Database::pexecute($del_stmt, ['loginname' => $loginname, 'hash' => $hash]);
if (time() <= $entry['valid_until']) {
$valid = true;
// validate source ip if specified
if (!empty($entry['allowed_from'])) {
$valid = false;
$ip_list = explode(",", $entry['allowed_from']);
if (FroxlorRPC::validateAllowedFrom($ip_list, $_SERVER['REMOTE_ADDR'])) {
$valid = true;
}
}
if ($valid) {
// login user / select only non-deactivated (in case the user got deactivated after generating the link)
$userinfo_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `loginname`= :loginname AND `deactivated` = 0");
try {
$userinfo = Database::pexecute_first($userinfo_stmt, [
"loginname" => $loginname
]);
} catch (Exception $e) {
$userinfo = false;
}
if ($userinfo) {
$userinfo['userid'] = $userinfo['customerid'];
$userinfo['adminsession'] = 0;
finishLogin($userinfo);
}
}
}
}
}
}
Response::redirectTo('index.php');
}
function finishLogin($userinfo)
{
if (isset($userinfo['userid']) && $userinfo['userid'] != '') {

65
install/froxlor.sql.php
View File

@@ -223,8 +223,6 @@ CREATE TABLE `panel_customers` (
`api_allowed` tinyint(1) NOT NULL default '1',
`logviewenabled` tinyint(1) NOT NULL default '0',
`allowed_mysqlserver` text NOT NULL,
`backup` int(11) NOT NULL default '1',
`access_backups` tinyint(1) NOT NULL default '1',
PRIMARY KEY (`customerid`),
UNIQUE KEY `loginname` (`loginname`)
) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci ROW_FORMAT=DYNAMIC;
@@ -280,6 +278,7 @@ CREATE TABLE `panel_domains` (
`phpsettingid` INT( 11 ) UNSIGNED NOT NULL DEFAULT '1',
`mod_fcgid_starter` int(4) default '-1',
`mod_fcgid_maxrequests` int(4) default '-1',
`ismainbutsubto` int(11) unsigned NOT NULL default '0',
`letsencrypt` tinyint(1) NOT NULL default '0',
`hsts` varchar(10) NOT NULL default '0',
`hsts_sub` tinyint(1) NOT NULL default '0',
@@ -556,7 +555,7 @@ opcache.validate_timestamps'),
('system', 'defaultip', '1'),
('system', 'defaultsslip', ''),
('system', 'phpappendopenbasedir', '/tmp/'),
('system', 'deactivateddocroot', '/var/www/html/froxlor/templates/misc/deactivated/'),
('system', 'deactivateddocroot', ''),
('system', 'mailpwcleartext', '0'),
('system', 'last_tasks_run', '000000'),
('system', 'nameservers', ''),
@@ -648,7 +647,7 @@ opcache.validate_timestamps'),
('system', 'letsencryptreuseold', 0),
('system', 'leenabled', '0'),
('system', 'leapiversion', '2'),
('system', 'exportenabled', '0'),
('system', 'backupenabled', '0'),
('system', 'dnsenabled', '0'),
('system', 'dns_server', 'Bind'),
('system', 'apacheglobaldiropt', ''),
@@ -698,15 +697,10 @@ opcache.validate_timestamps'),
('system', 'distribution', ''),
('system', 'update_channel', 'stable'),
('system', 'updatecheck_data', ''),
('system', 'update_notify_last', '2.0.20'),
('system', 'update_notify_last', '2.0.24'),
('system', 'traffictool', 'goaccess'),
('system', 'req_limit_per_interval', 60),
('system', 'req_limit_interval', 60),
('backup', 'enabled', 0),
('backup', 'default_storage', '1'),
('backup', 'default_customer_access', '1'),
('backup', 'default_pgp_public_key', ''),
('backup', 'default_retention', '3'),
('api', 'enabled', '0'),
('api', 'customer_default', '1'),
('2fa', 'enabled', '1'),
@@ -750,8 +744,8 @@ opcache.validate_timestamps'),
('panel', 'logo_overridetheme', '0'),
('panel', 'logo_overridecustom', '0'),
('panel', 'settings_mode', '0'),
('panel', 'version', '2.0.20'),
('panel', 'db_version', '202305240');
('panel', 'version', '2.0.24'),
('panel', 'db_version', '202304260');
DROP TABLE IF EXISTS `panel_tasks`;
@@ -920,8 +914,7 @@ INSERT INTO `cronjobs_run` (`id`, `module`, `cronfile`, `cronclass`, `interval`,
(3, 'froxlor/reports', 'usage_report', '\\Froxlor\\Cron\\Traffic\\ReportsCron', '1 DAY', '1', 'cron_usage_report'),
(4, 'froxlor/core', 'mailboxsize', '\\Froxlor\\Cron\\System\\MailboxsizeCron', '6 HOUR', '1', 'cron_mailboxsize'),
(5, 'froxlor/letsencrypt', 'letsencrypt', '\\Froxlor\\Cron\\Http\\LetsEncrypt\\AcmeSh', '5 MINUTE', '0', 'cron_letsencrypt'),
(6, 'froxlor/export', 'export', '\\Froxlor\\Cron\\System\\ExportCron', '1 HOUR', '0', 'cron_export'),
(7, 'froxlor/backup', 'backup', '\\Froxlor\\Cron\\Backup\\BackupCron', '1 DAY', '0', 'cron_backup');
(6, 'froxlor/backup', 'backup', '\\Froxlor\\Cron\\System\\BackupCron', '1 DAY', '0', 'cron_backup');
DROP TABLE IF EXISTS `ftp_quotalimits`;
@@ -1059,48 +1052,4 @@ CREATE TABLE `panel_usercolumns` (
KEY adminid (adminid),
KEY customerid (customerid)
) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci;
DROP TABLE IF EXISTS `panel_loginlinks`;
CREATE TABLE `panel_loginlinks` (
`hash` varchar(500) NOT NULL,
`loginname` varchar(50) NOT NULL,
`valid_until` int(15) NOT NULL,
`allowed_from` text NOT NULL,
UNIQUE KEY `loginname` (`loginname`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;
DROP TABLE IF EXISTS `panel_backup_storages`;
CREATE TABLE `panel_backup_storages` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`description` varchar(255) NOT NULL,
`type` varchar(255) NOT NULL DEFAULT 'local',
`region` varchar(255) NULL,
`bucket` varchar(255) NULL,
`destination_path` varchar(255) NOT NULL,
`hostname` varchar(255) NULL,
`username` varchar(255) NULL,
`password` text,
`pgp_public_key` text,
`retention` int(3) NOT NULL DEFAULT 3,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;
INSERT INTO `panel_backup_storages` (`id`, `description`, `destination_path`) VALUES
(1, 'Local backup storage', '/var/customers/backups');
DROP TABLE IF EXISTS `panel_backups`;
CREATE TABLE `panel_backups` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`adminid` int(11) NOT NULL,
`customerid` int(11) NOT NULL,
`loginname` varchar(255) NOT NULL,
`size` bigint(20) NOT NULL,
`storage_id` int(11) NOT NULL,
`filename` varchar(255) NOT NULL,
`created_at` int(15) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;
FROXLORSQL;

6
install/updates/froxlor/update_0.10.inc.php
View File

@@ -23,11 +23,11 @@
* @license https://files.froxlor.org/misc/COPYING.txt GPLv2
*/
use Froxlor\Database\Database;
use Froxlor\FileDir;
use Froxlor\Froxlor;
use Froxlor\Install\Update;
use Froxlor\FileDir;
use Froxlor\Database\Database;
use Froxlor\Settings;
use Froxlor\Install\Update;
use Froxlor\System\Cronjob;
use Froxlor\System\IPTools;

141
install/updates/froxlor/update_2.1.inc.php
View File

@@ -1,141 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, you can also view it online at
* https://files.froxlor.org/misc/COPYING.txt
*
* @copyright the authors
* @author Froxlor team <team@froxlor.org>
* @license https://files.froxlor.org/misc/COPYING.txt GPLv2
*/
use Froxlor\Database\Database;
use Froxlor\FileDir;
use Froxlor\Froxlor;
use Froxlor\Install\Update;
use Froxlor\Settings;
if (!defined('_CRON_UPDATE')) {
if (!defined('AREA') || (defined('AREA') && AREA != 'admin') || !isset($userinfo['loginname']) || (isset($userinfo['loginname']) && $userinfo['loginname'] == '')) {
header('Location: ../../../../index.php');
exit();
}
}
if (Froxlor::isDatabaseVersion('202304260')) {
//Update::showUpdateStep("Cleaning domains table");
//Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` DROP COLUMN `ismainbutsubto`;");
Update::lastStepStatus(0);
Update::showUpdateStep("Creating new tables and fields");
Database::query("DROP TABLE IF EXISTS `panel_loginlinks`;");
$sql = "CREATE TABLE `panel_loginlinks` (
`hash` varchar(500) NOT NULL,
`loginname` varchar(50) NOT NULL,
`valid_until` int(15) NOT NULL,
`allowed_from` text NOT NULL,
UNIQUE KEY `loginname` (`loginname`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;";
Database::query($sql);
Update::lastStepStatus(0);
Update::showUpdateStep("Adjusting setting for deactivated webroot");
$current_deactivated_webroot = Settings::Get('system.deactivateddocroot');
if (empty($current_deactivated_webroot)) {
Settings::Set('system.deactivateddocroot', FileDir::makeCorrectDir(Froxlor::getInstallDir() . '/templates/misc/deactivated/'));
Update::lastStepStatus(0);
} else {
Update::lastStepStatus(1, 'Customized setting, not changing');
}
Update::showUpdateStep("Creating new tables and fields for backups");
Database::query("DROP TABLE IF EXISTS `". TABLE_PANEL_BACKUP_STORAGES ."`;");
$sql = "CREATE TABLE `". TABLE_PANEL_BACKUP_STORAGES ."` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`description` varchar(255) NOT NULL,
`type` varchar(255) NOT NULL DEFAULT 'local',
`region` varchar(255) NULL,
`bucket` varchar(255) NULL,
`destination_path` varchar(255) NOT NULL,
`hostname` varchar(255) NULL,
`username` varchar(255) NULL,
`password` text,
`pgp_public_key` text,
`retention` int(3) NOT NULL DEFAULT 3,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;";
Database::query($sql);
Database::query("
INSERT INTO `panel_backup_storages` (`id`, `description`, `destination_path`) VALUES
(1, 'Local backup storage', '/var/customers/backups');
");
Database::query("DROP TABLE IF EXISTS `". TABLE_PANEL_BACKUPS ."`;");
$sql = "CREATE TABLE `". TABLE_PANEL_BACKUPS ."` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`adminid` int(11) NOT NULL,
`customerid` int(11) NOT NULL,
`loginname` varchar(255) NOT NULL,
`size` bigint(20) NOT NULL,
`storage_id` int(11) NOT NULL,
`filename` varchar(255) NOT NULL,
`created_at` int(15) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;";
Database::query($sql);
// add customer backup-target-storage
Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` ADD `backup` int(11) NOT NULL default '1' AFTER `allowed_mysqlserver`;");
Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` ADD `access_backups` tinyint(1) NOT NULL default '1' AFTER `backup`;");
Update::lastStepStatus(0);
Update::showUpdateStep("Adding new backup settings");
Settings::AddNew('backup.enabled', 0);
Settings::AddNew('backup.default_storage', 1);
Settings::AddNew('backup.default_customer_access', 1);
Settings::AddNew('backup.default_pgp_public_key', '');
Settings::AddNew('backup.default_retention', 3);
Update::lastStepStatus(0);
Update::showUpdateStep("Adjusting cronjobs");
Database::query("
UPDATE `" . TABLE_PANEL_CRONRUNS . "` SET
`module`= 'froxlor/export',
`cronfile` = 'export',
`cronclass` = '\\Froxlor\\Cron\\System\\ExportCron',
`interval` = '1 HOUR',
`desc_lng_key` = 'cron_export'
WHERE `module` = 'froxlor/backup'
");
Database::query("
INSERT INTO `" . TABLE_PANEL_CRONRUNS . "` SET
`module`= 'froxlor/backup',
`cronfile` = 'backup',
`cronclass` = '\\Froxlor\\Cron\\Backup\\BackupCron',
`interval` = '1 DAY',
`isactive` = '0',
`desc_lng_key` = 'cron_backup'
");
Update::lastStepStatus(0);
Update::showUpdateStep("Adjusting system for data-export function");
Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "`SET `varname` = 'exportenabled' WHERE `settinggroup`= 'system' AND `varname`= 'backupenabled");
Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "`SET `value` = REPLACE(`value`, 'extras.backup', 'extras.export') WHERE `settinggroup` = 'panel' AND `varname` = 'customer_hide_options'");
Database::query("DELETE FROM `" . TABLE_PANEL_USERCOLUMNS . "` WHERE `section` = 'backup_list'");
Database::query("DELETE FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '20'");
Update::lastStepStatus(0);
Froxlor::updateToDbVersion('202305240');
}

22
install/updates/froxlor/update_2.0.inc.php → install/updates/froxlor/update_2.x.inc.php
View File

@@ -149,7 +149,7 @@ if (Froxlor::isFroxlorVersion('0.10.38.3')) {
Update::showUpdateStep("Adding new settings");
$panel_settings_mode = isset($_POST['panel_settings_mode']) ? (int)$_POST['panel_settings_mode'] : 0;
Settings::AddNew("panel.settings_mode", $panel_settings_mode);
$system_distribution = isset($_POST['system_distribution']) ? $_POST['system_distribution'] : '';
$system_distribution = isset($_POST['system_distribution']) ? $_POST['system_distribution'] : 'bullseye';
Settings::AddNew("system.distribution", $system_distribution);
Settings::AddNew("system.update_channel", 'stable');
Settings::AddNew("system.updatecheck_data", '');
@@ -497,3 +497,23 @@ if (Froxlor::isFroxlorVersion('2.0.19')) {
Update::showUpdateStep("Updating from 2.0.19 to 2.0.20", false);
Froxlor::updateToVersion('2.0.20');
}
if (Froxlor::isFroxlorVersion('2.0.20')) {
Update::showUpdateStep("Updating from 2.0.20 to 2.0.21", false);
Froxlor::updateToVersion('2.0.21');
}
if (Froxlor::isFroxlorVersion('2.0.21')) {
Update::showUpdateStep("Updating from 2.0.21 to 2.0.22", false);
Froxlor::updateToVersion('2.0.22');
}
if (Froxlor::isFroxlorVersion('2.0.22')) {
Update::showUpdateStep("Updating from 2.0.22 to 2.0.23", false);
Froxlor::updateToVersion('2.0.23');
}
if (Froxlor::isFroxlorVersion('2.0.23')) {
Update::showUpdateStep("Updating from 2.0.23 to 2.0.24", false);
Froxlor::updateToVersion('2.0.24');
}

55
install/updates/preconfig/preconfig_2.1.inc.php
View File

@@ -1,55 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, you can also view it online at
* https://files.froxlor.org/misc/COPYING.txt
*
* @copyright the authors
* @author Froxlor team <team@froxlor.org>
* @license https://files.froxlor.org/misc/COPYING.txt GPLv2
*/
use Froxlor\Froxlor;
use Froxlor\FileDir;
use Froxlor\Config\ConfigParser;
use Froxlor\Install\Update;
use Froxlor\Settings;
$preconfig = [
'title' => '2.1.x updates',
'fields' => []
];
$return = [];
if (Update::versionInUpdate($current_version, '2.1.0-dev1')) {
// Backup
$description = 'Froxlor now comes with a backup capability (More info see [DOCS LINK].';
$question = '<strong>Would you like to enable the backup-feature (default: yes)</strong>';
$return['panel_settings_mode'] = [
'type' => 'select',
'select_var' => [
0 => 'No',
1 => 'Yes'
],
'selected' => 1,
'label' => $question,
'prior_infotext' => $description
];
}
$preconfig['fields'] = $return;
return $preconfig;

4
install/updates/preconfig/preconfig_2.0.inc.php → install/updates/preconfig/preconfig_2.x.inc.php
View File

@@ -30,7 +30,7 @@ use Froxlor\Install\Update;
use Froxlor\Settings;
$preconfig = [
'title' => '2.0.x updates',
'title' => '2.x updates',
'fields' => []
];
$return = [];
@@ -54,7 +54,7 @@ if (Update::versionInUpdate($current_version, '2.0.0-beta1')) {
$config_dir = FileDir::makeCorrectDir(Froxlor::getInstallDir() . '/lib/configfiles/');
// show list of available distro's
$distros = glob($config_dir . '*.xml');
$distributions_select[''] = '-';
// selection is required $distributions_select[''] = '-';
// read in all the distros
foreach ($distros as $_distribution) {
// get configparser object

3
install/updatesql.php
View File

@@ -53,8 +53,7 @@ try {
if (Froxlor::isFroxlor()) {
include_once(FileDir::makeCorrectFile(dirname(__FILE__) . '/updates/froxlor/update_0.10.inc.php'));
include_once(FileDir::makeCorrectFile(dirname(__FILE__) . '/updates/froxlor/update_2.0.inc.php'));
include_once(FileDir::makeCorrectFile(dirname(__FILE__) . '/updates/froxlor/update_2.1.inc.php'));
include_once(FileDir::makeCorrectFile(dirname(__FILE__) . '/updates/froxlor/update_2.x.inc.php'));
// Check Froxlor - database integrity (only happens after all updates are done, so we know the db-layout is okay)
Update::showUpdateStep("Checking database integrity");

4
lib/Froxlor/Api/ApiCommand.php
View File

@@ -272,8 +272,7 @@ abstract class ApiCommand extends ApiParameter
$ops = [
'<',
'>',
'=',
'<>'
'='
];
$first = true;
foreach ($search as $field => $valoper) {
@@ -397,7 +396,6 @@ abstract class ApiCommand extends ApiParameter
$nat_fields = [
'`c`.`loginname`',
'`c`.`name`',
'`a`.`loginname`',
'`adminname`',
'`databasename`',

487
lib/Froxlor/Api/Commands/BackupStorages.php
View File

@@ -1,487 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, you can also view it online at
* https://files.froxlor.org/misc/COPYING.txt
*
* @copyright the authors
* @author Froxlor team <team@froxlor.org>
* @license https://files.froxlor.org/misc/COPYING.txt GPLv2
*/
namespace Froxlor\Api\Commands;
use Exception;
use Froxlor\Api\ApiCommand;
use Froxlor\Api\ResourceEntity;
use Froxlor\Database\Database;
use Froxlor\FileDir;
use Froxlor\FroxlorLogger;
use Froxlor\Settings;
use Froxlor\UI\Response;
use Froxlor\Validate\Validate;
use PDO;
/**
* @since 2.1.0
*/
class BackupStorages extends ApiCommand implements ResourceEntity
{
const SUPPORTED_TYPES = [
'local',
'ftp',
'sftp',
'rsync',
's3',
];
/**
* lists all backup storages entries
*
* @param array $sql_search
* optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =),
* LIKE is used if left empty and 'value' => searchvalue
* @param int $sql_limit
* optional specify number of results to be returned
* @param int $sql_offset
* optional specify offset for resultset
* @param array $sql_orderby
* optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more
* fields
*
* @access admin
* @return string json-encoded array count|list
* @throws Exception
*/
public function listing()
{
if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) {
$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] list backup storages");
$query_fields = [];
$result_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_BACKUP_STORAGES . "` ". $this->getSearchWhere($query_fields) . $this->getOrderBy() . $this->getLimit()
);
Database::pexecute($result_stmt, $query_fields, true, true);
$result = [];
while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
$result[] = $row;
}
return $this->response([
'count' => count($result),
'list' => $result
]);
}
throw new Exception("Not allowed to execute given command.", 403);
}
/**
* returns the total number of backup storages
*
* @access admin
* @return string json-encoded response message
* @throws Exception
*/
public function listingCount()
{
if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) {
$result_stmt = Database::prepare("
SELECT COUNT(*) as num_backup_storagess
FROM `" . TABLE_PANEL_BACKUP_STORAGES . "`
");
$result = Database::pexecute_first($result_stmt, null, true, true);
if ($result) {
return $this->response($result['num_backup_storagess']);
}
$this->response(0);
}
throw new Exception("Not allowed to execute given command.", 403);
}
/**
* create a backup storage
*
* @param string $type
* required, backup storage type
* @param string $destination_path
* required, destination path for backup storage
* @param string $description
* required, description for backup storage
* @param string $region
* optional, required if type=s3. Region for backup storage (used for S3)
* @param string $bucket
* optional, required if type=s3. Bucket for backup storage (used for S3)
* @param string $hostname
* optional, required if type != local. Hostname for backup storage
* @param string $username
* optional, required if type != local. Username for backup storage (also used as access key for S3)
* @param string $password
* optional, required if type != local. Password for backup storage (also used as secret key for S3)
* @param string $pgp_public_key
* optional, pgp public key for backup storage
* @param string $retention
* optional, retention for backup storage (default 3)
*
* @access admin
* @return string json-encoded array
* @throws Exception
*/
public function add()
{
if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) {
// required parameters
$type = $this->getParam('type');
$destination_path = $this->getParam('destination_path');
$description = $this->getParam('description');
// type related requirements
$optional_flags = [
'region' => true,
'bucket' => true,
'hostname' => true,
'username' => true,
'password' => true,
];
if (!in_array($type, self::SUPPORTED_TYPES)) {
throw new Exception("Unsupported storage type: '" . $type . "'", 406);
}
if ($type != 'local') {
$optional_flags['hostname'] = false;
$optional_flags['username'] = false;
$optional_flags['password'] = false;
}
if ($type == 's3') {
$optional_flags['region'] = false;
$optional_flags['bucket'] = false;
}
// parameters
$region = $this->getParam('region', $optional_flags['region']);
$bucket = $this->getParam('bucket', $optional_flags['bucket']);
$hostname = $this->getParam('hostname', $optional_flags['hostname']);
$username = $this->getParam('username', $optional_flags['username']);
$password = $this->getParam('password', $optional_flags['password']);
$pgp_public_key = $this->getParam('pgp_public_key', true, null);
$retention = $this->getParam('retention', true, 3);
// validation
$destination_path = FileDir::makeCorrectDir(Validate::validate($destination_path, 'destination_path', Validate::REGEX_DIR, '', [], true));
// TODO: add more validation
// pgp public key validation
if (!empty($pgp_public_key)) {
// check if gnupg extension is loaded
if (!extension_loaded('gnupg')) {
Response::standardError('gnupgextensionnotavailable', '', true);
}
// check if the pgp public key is a valid key
putenv('GNUPGHOME=' . sys_get_temp_dir());
if (gnupg_import(gnupg_init(), $pgp_public_key) === false) {
Response::standardError('invalidpgppublickey', '', true);
}
}
// store
$stmt = Database::prepare("
INSERT INTO `" . TABLE_PANEL_BACKUP_STORAGES . "` (
`description`,
`type`,
`region`,
`bucket`,
`destination_path`,
`hostname`,
`username`,
`password`,
`pgp_public_key`,
`retention`
) VALUES (
:description,
:type,
:region,
:bucket,
:destination_path,
:hostname,
:username,
:password,
:pgp_public_key,
:retention
)
");
$params = [
"description" => $description,
"type" => $type,
"region" => $region,
"bucket" => $bucket,
"destination_path" => $destination_path,
"hostname" => $hostname,
"username" => $username,
"password" => $password,
"pgp_public_key" => $pgp_public_key,
"retention" => $retention,
];
Database::pexecute($stmt, $params, true, true);
$id = Database::lastInsertId();
// return
$result = $this->apiCall('BackupStorages.get', [
'id' => $id
]);
$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] added backup storage '" . $result['description'] . "' (" . $result['type'] . ")");
return $this->response($result);
}
throw new Exception("Not allowed to execute given command.", 403);
}
/**
* return a backup storage entry by id
*
* @param int $id
* the backup-storage-id
*
* @access admin
* @return string json-encoded array
* @throws Exception
*/
public function get()
{
$id = $this->getParam('id');
if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) {
$result_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_BACKUP_STORAGES . "`
WHERE `id` = :id"
);
$params = [
'id' => $id
];
$result = Database::pexecute_first($result_stmt, $params, true, true);
if ($result) {
$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] get backup storage '" . $result['description'] . "'");
return $this->response($result);
}
throw new Exception("Backup storage with " . $id . " could not be found", 404);
}
throw new Exception("Not allowed to execute given command.", 403);
}
/**
* update a backup storage by given id
*
* @param int $id
* required, the backup-storage-id
* @param string $type
* optional, backup storage type
* @param string $destination_path
* optional, destination path for backup storage
* @param string $description
* required, description for backup storage
* @param string $region
* optional, region for backup storage (used for S3)
* @param string $bucket
* optional, bucket for backup storage (used for S3)
* @param string $hostname
* optional, hostname for backup storage
* @param string $username
* optional, username for backup storage (also used as access key for S3)
* @param string $password
* optional, password for backup storage (also used as secret key for S3)
* @param string $pgp_public_key
* optional, pgp public key for backup storage
* @param string $retention
* optional, retention for backup storage (default 3)
*
* @access admin
* @return string json-encoded array
* @throws Exception
*/
public function update()
{
$id = $this->getParam('id');
if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) {
// validation
$result = $this->apiCall('BackupStorages.get', [
'id' => $id
]);
// parameters
$description = $this->getParam('description', true, $result['description']);
$type = $this->getParam('type', true, $result['type']);
$region = $this->getParam('region', true, $result['region']);
$bucket = $this->getParam('bucket', true, $result['bucket']);
$destination_path = $this->getParam('destination_path', true, $result['destination_path']);
$hostname = $this->getParam('hostname', true, $result['hostname']);
$username = $this->getParam('username', true, $result['username']);
$password = $this->getParam('password', true, '');
$pgp_public_key = $this->getParam('pgp_public_key', true, $result['pgp_public_key']);
$retention = $this->getParam('retention', true, $result['retention']);
if (!in_array($type, self::SUPPORTED_TYPES)) {
throw new Exception("Unsupported storage type: '" . $type . "'", 406);
}
if ($type != 'local') {
if (empty($hostname)) {
throw new Exception("Field 'hostname' cannot be empty", 406);
}
if (empty($username)) {
throw new Exception("Field 'username' cannot be empty", 406);
}
$password = Validate::validate($password, 'password', '', '', [], true);
}
if ($type == 's3') {
if (empty($region)) {
throw new Exception("Field 'region' cannot be empty", 406);
}
if (empty($bucket)) {
throw new Exception("Field 'bucket' cannot be empty", 406);
}
}
// validation
$destination_path = FileDir::makeCorrectDir(Validate::validate($destination_path, 'destination_path', Validate::REGEX_DIR, '', [], true));
// TODO: add more validation
// pgp public key validation
if (!empty($pgp_public_key) && $pgp_public_key != $result['pgp_public_key']) {
// check if gnupg extension is loaded
if (!extension_loaded('gnupg')) {
Response::standardError('gnupgextensionnotavailable', '', true);
}
// check if the pgp public key is a valid key
putenv('GNUPGHOME=' . sys_get_temp_dir());
if (gnupg_import(gnupg_init(), $pgp_public_key) === false) {
Response::standardError('invalidpgppublickey', '', true);
}
}
if (!empty($password)) {
$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_BACKUP_STORAGES . "`
SET `password` = :password
WHERE `id` = :id
");
Database::pexecute($stmt, [
"id" => $id,
"password" => $password
], true, true);
$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] updated password for backup-storage '" . $result['description'] . "'");
}
// update
$stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_BACKUP_STORAGES . "`
SET `description` = :description,
`type` = :type,
`region` = :region,
`bucket` = :bucket,
`destination_path` = :destination_path,
`hostname` = :hostname,
`username` = :username,
`pgp_public_key` = :pgp_public_key,
`retention` = :retention
WHERE `id` = :id
");
$params = [
"id" => $id,
"description" => $description,
"type" => $type,
"region" => $region,
"bucket" => $bucket,
"destination_path" => $destination_path,
"hostname" => $hostname,
"username" => $username,
"pgp_public_key" => $pgp_public_key,
"retention" => $retention,
];
Database::pexecute($stmt, $params, true, true);
$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] edited backup storage '" . $result['description'] . "'");
// return
$result = $this->apiCall('BackupStorages.get', [
'id' => $id
]);
return $this->response($result);
}
throw new Exception("Not allowed to execute given command.", 403);
}
/**
* delete a backup-storage entry by id
*
* @param int $id
* required, the backup-storage-id
*
* @access admin
* @return string json-encoded array
* @throws Exception
*/
public function delete()
{
$id = $this->getParam('id');
if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) {
// validation
$result = $this->apiCall('BackupStorages.get', [
'id' => $id
]);
// validate no-one's using it
// settings
if ($id == Settings::Get('backup.default_storage')) {
throw new Exception("Given backup storage is currently set as default storage and cannot be deleted.", 406);
}
// customers
$sel_stmt = Database::prepare("
SELECT COUNT(*) as num_storage_users
FROM `" . TABLE_PANEL_CUSTOMERS . "`
WHERE `backup` = :id
");
$storage_users_result = Database::pexecute_first($sel_stmt, ['id' => $id]);
if ($storage_users_result && $storage_users_result['num_storage_users'] > 0) {
throw new Exception("Given backup storage is currently assigned to " . $storage_users_result['num_storage_users'] . " customers and cannot be deleted.", 406);
}
// existing backups
$sel_stmt = Database::prepare("
SELECT COUNT(*) as num_storage_backups
FROM `" . TABLE_PANEL_BACKUPS . "`
WHERE `storage_id` = :id
");
$storage_backups_result = Database::pexecute_first($sel_stmt, ['id' => $id]);
if ($storage_backups_result && $storage_backups_result['num_storage_backups'] > 0) {
throw new Exception("Given backup storage has still " . $storage_backups_result['num_storage_backups'] . " backups on it and cannot be deleted.", 406);
}
// delete
$stmt = Database::prepare("
DELETE FROM `" . TABLE_PANEL_BACKUP_STORAGES . "`
WHERE `id` = :id
");
$params = [
"id" => $id
];
Database::pexecute($stmt, $params, true, true);
$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] deleted backup storage '" . $result['description'] . "'");
// return
return $this->response(true);
}
throw new Exception("Not allowed to execute given command.", 403);
}
}

211
lib/Froxlor/Api/Commands/Backups.php
View File

@@ -1,211 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, you can also view it online at
* https://files.froxlor.org/misc/COPYING.txt
*
* @copyright the authors
* @author Froxlor team <team@froxlor.org>
* @license https://files.froxlor.org/misc/COPYING.txt GPLv2
*/
namespace Froxlor\Api\Commands;
use Exception;
use Froxlor\Api\ApiCommand;
use Froxlor\Api\ResourceEntity;
use Froxlor\Database\Database;
use Froxlor\FroxlorLogger;
use PDO;
/**
* @since 2.1.0
*/
class Backups extends ApiCommand implements ResourceEntity
{
/**
* lists all admin entries
*
* @param array $sql_search
* optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =),
* LIKE is used if left empty and 'value' => searchvalue
* @param int $sql_limit
* optional specify number of results to be returned
* @param int $sql_offset
* optional specify offset for resultset
* @param array $sql_orderby
* optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more
* fields
*
* @access admin
* @return string json-encoded array count|list
* @throws Exception
*/
public function listing()
{
if ($this->isAdmin()) {
// if we're an admin, list all backups of all the admins customers
// or optionally for one specific customer identified by id or loginname
$customerid = $this->getParam('customerid', true, 0);
$loginname = $this->getParam('loginname', true, '');
if (!empty($customerid) || !empty($loginname)) {
$result = $this->apiCall('Customers.get', [
'id' => $customerid,
'loginname' => $loginname
]);
$custom_list_result = [
$result
];
} else {
$_custom_list_result = $this->apiCall('Customers.listing');
$custom_list_result = $_custom_list_result['list'];
}
$customer_ids = [];
foreach ($custom_list_result as $customer) {
$customer_ids[] = $customer['customerid'];
}
if (empty($customer_ids)) {
throw new Exception("Required resource unsatisfied.", 405);
}
} else {
$customer_ids = [
$this->getUserDetail('customerid')
];
}
$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] list backups");
$query_fields = [];
$result_stmt = Database::prepare("
SELECT `b`.*, `a`.`loginname` as `adminname`
FROM `" . TABLE_PANEL_BACKUPS . "` `b`
LEFT JOIN `" . TABLE_PANEL_ADMINS . "` `a` USING(`adminid`)
WHERE `b`.`customerid` IN (" . implode(', ', $customer_ids) . ")
" . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit()
);
Database::pexecute($result_stmt, $query_fields, true, true);
$result = [];
while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
$result[] = $row;
}
return $this->response([
'count' => count($result),
'list' => $result
]);
}
/**
* returns the total number of backups for the given admin
*
* @access admin
* @return string json-encoded response message
* @throws Exception
*/
public function listingCount()
{
if ($this->isAdmin()) {
// if we're an admin, list all backups of all the admins customers
// or optionally for one specific customer identified by id or loginname
$customerid = $this->getParam('customerid', true, 0);
$loginname = $this->getParam('loginname', true, '');
if (!empty($customerid) || !empty($loginname)) {
$result = $this->apiCall('Customers.get', [
'id' => $customerid,
'loginname' => $loginname
]);
$custom_list_result = [
$result
];
} else {
$_custom_list_result = $this->apiCall('Customers.listing');
$custom_list_result = $_custom_list_result['list'];
}
$customer_ids = [];
foreach ($custom_list_result as $customer) {
$customer_ids[] = $customer['customerid'];
}
if (empty($customer_ids)) {
throw new Exception("Required resource unsatisfied.", 405);
}
} else {
$customer_ids = [
$this->getUserDetail('customerid')
];
}
$result_stmt = Database::prepare("
SELECT COUNT(*) as num_backups
FROM `" . TABLE_PANEL_BACKUPS . "` `b`
WHERE `b`.`customerid` IN (" . implode(', ', $customer_ids) . ")
");
$result = Database::pexecute_first($result_stmt, null, true, true);
if ($result) {
return $this->response($result['num_backups']);
}
$this->response(0);
}
/**
* You cannot add a backup entry
*
* @throws Exception
*/
public function add()
{
throw new Exception('You cannot add a backup entry', 303);
}
/**
* return a backup entry by id
*
* @param int $id
* optional, the backup-entry-id
*
* @access admin, customers
* @return string json-encoded array
* @throws Exception
*/
public function get()
{
throw new Exception("@TODO", 303);
}
/**
* You cannot update a backup entry
*
* @throws Exception
*/
public function update()
{
throw new Exception('You cannot update a backup entry', 303);
}
/**
* delete a backup entry by id
*
* @param int $id
* required, the backup-entry-id
*
* @access admin, customer
* @return string json-encoded array
* @throws Exception
*/
public function delete()
{
throw new Exception("@TODO", 303);
}
}

128
lib/Froxlor/Api/Commands/DataDump.php → lib/Froxlor/Api/Commands/CustomerBackups.php
View File

@@ -41,22 +41,20 @@ use PDO;
/**
* @since 0.10.0
*/
class DataDump extends ApiCommand implements ResourceEntity
class CustomerBackups extends ApiCommand implements ResourceEntity
{
/**
* add a new data dump job
* add a new customer backup job
*
* @param string $path
* path to store the dumped data to
* @param string $pgp_public_key
* optional pgp public key to encrypt the archive, default is empty
* @param bool $dump_dbs
* optional whether to include databases, default is 0 (false)
* @param bool $dump_mail
* optional whether to include mail-data, default is 0 (false)
* @param bool $dump_web
* optional whether to incoude web-data, default is 0 (false)
* path to store the backup to
* @param bool $backup_dbs
* optional whether to backup databases, default is 0 (false)
* @param bool $backup_mail
* optional whether to backup mail-data, default is 0 (false)
* @param bool $backup_web
* optional whether to backup web-data, default is 0 (false)
* @param int $customerid
* optional, required when called as admin (if $loginname is not specified)
* @param string $loginname
@@ -74,10 +72,9 @@ class DataDump extends ApiCommand implements ResourceEntity
$path = $this->getParam('path');
// parameter
$pgp_public_key = $this->getParam('pgp_public_key', true, '');
$dump_dbs = $this->getBoolParam('dump_dbs', true, 0);
$dump_mail = $this->getBoolParam('dump_mail', true, 0);
$dump_web = $this->getBoolParam('dump_web', true, 0);
$backup_dbs = $this->getBoolParam('backup_dbs', true, 0);
$backup_mail = $this->getBoolParam('backup_mail', true, 0);
$backup_web = $this->getBoolParam('backup_web', true, 0);
// get customer data
$customer = $this->getCustomerData();
@@ -89,32 +86,19 @@ class DataDump extends ApiCommand implements ResourceEntity
// path cannot be the customers docroot
if ($path == FileDir::makeCorrectDir($customer['documentroot'])) {
Response::standardError('dumpfoldercannotbedocroot', '', true);
Response::standardError('backupfoldercannotbedocroot', '', true);
}
// pgp public key validation
if (!empty($pgp_public_key)) {
// check if gnupg extension is loaded
if (!extension_loaded('gnupg')) {
Response::standardError('gnupgextensionnotavailable', '', true);
}
// check if the pgp public key is a valid key
putenv('GNUPGHOME='.sys_get_temp_dir());
if (gnupg_import(gnupg_init(), $pgp_public_key) === false) {
Response::standardError('invalidpgppublickey', '', true);
}
if ($backup_dbs != '1') {
$backup_dbs = '0';
}
if ($dump_dbs != '1') {
$dump_dbs = '0';
if ($backup_mail != '1') {
$backup_mail = '0';
}
if ($dump_mail != '1') {
$dump_mail = '0';
}
if ($dump_web != '1') {
$dump_web = '0';
if ($backup_web != '1') {
$backup_web = '0';
}
$task_data = [
@@ -123,63 +107,61 @@ class DataDump extends ApiCommand implements ResourceEntity
'gid' => $customer['guid'],
'loginname' => $customer['loginname'],
'destdir' => $path,
'pgp_public_key' => $pgp_public_key,
'dump_dbs' => $dump_dbs,
'dump_mail' => $dump_mail,
'dump_web' => $dump_web
'backup_dbs' => $backup_dbs,
'backup_mail' => $backup_mail,
'backup_web' => $backup_web
];
// schedule backup job
Cronjob::inserttask(TaskId::CREATE_CUSTOMER_BACKUP, $task_data);
// schedule export job
Cronjob::inserttask(TaskId::CREATE_CUSTOMER_DATADUMP, $task_data);
$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] added customer data export job for '" . $customer['loginname'] . "'. Target directory: " . $userpath);
$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] added customer-backup job for '" . $customer['loginname'] . "'. Target directory: " . $userpath);
return $this->response($task_data);
}
/**
* check whether data dump is enabled systemwide and if accessible for customer (hide_options)
* check whether backup is enabled systemwide and if accessible for customer (hide_options)
*
* @throws Exception
*/
private function validateAccess()
{
if (Settings::Get('system.exportenabled') != 1) {
if (Settings::Get('system.backupenabled') != 1) {
throw new Exception("You cannot access this resource", 405);
}
if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'extras')) {
throw new Exception("You cannot access this resource", 405);
}
if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'extras.export')) {
if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'extras.backup')) {
throw new Exception("You cannot access this resource", 405);
}
}
/**
* You cannot get a planned data export.
* Try DataDump.listing()
* You cannot get a planned backup.
* Try CustomerBackups.listing()
*/
public function get()
{
throw new Exception('You cannot get a planned data export. Try DataDump.listing()', 303);
throw new Exception('You cannot get a planned backup. Try CustomerBackups.listing()', 303);
}
/**
* You cannot update a planned data export.
* You cannot update a planned backup.
* You need to delete it and re-add it.
*/
public function update()
{
throw new Exception('You cannot update a planned data export. You need to delete it and re-add it.', 303);
throw new Exception('You cannot update a planned backup. You need to delete it and re-add it.', 303);
}
/**
* list all planned data export jobs, if called from an admin, list all planned data export jobs of all customers you are
* list all planned backup-jobs, if called from an admin, list all planned backup-jobs of all customers you are
* allowed to view, or specify id or loginname for one specific customer
*
* @param int $customerid
* optional, admin-only, select data export jobs of a specific customer by id
* optional, admin-only, select backup-jobs of a specific customer by id
* @param string $loginname
* optional, admin-only, select data export jobs of a specific customer by loginname
* optional, admin-only, select backup-jobs of a specific customer by loginname
* @param array $sql_search
* optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =),
* LIKE is used if left empty and 'value' => searchvalue
@@ -199,9 +181,9 @@ class DataDump extends ApiCommand implements ResourceEntity
{
$this->validateAccess();
$customer_ids = $this->getAllowedCustomerIds('extras.export');
$customer_ids = $this->getAllowedCustomerIds('extras.backup');
// check whether there is a data export job for this customer
// check whether there is a backup-job for this customer
$query_fields = [];
$sel_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '20'" . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit());
Database::pexecute($sel_stmt, $query_fields, true, true);
@@ -212,7 +194,7 @@ class DataDump extends ApiCommand implements ResourceEntity
$result[] = $entry;
}
}
$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] list customer data dump jobs");
$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] list customer-backups");
return $this->response([
'count' => count($result),
'list' => $result
@@ -220,12 +202,12 @@ class DataDump extends ApiCommand implements ResourceEntity
}
/**
* returns the total number of planned data exports
* returns the total number of planned backups
*
* @param int $customerid
* optional, admin-only, select data export jobs of a specific customer by id
* optional, admin-only, select backup-jobs of a specific customer by id
* @param string $loginname
* optional, admin-only, select data export jobs of a specific customer by loginname
* optional, admin-only, select backup-jobs of a specific customer by loginname
*
* @access admin, customer
* @return string json-encoded response message
@@ -235,9 +217,9 @@ class DataDump extends ApiCommand implements ResourceEntity
{
$this->validateAccess();
$customer_ids = $this->getAllowedCustomerIds('extras.export');
$customer_ids = $this->getAllowedCustomerIds('extras.backup');
// check whether there is a data export job for this customer
// check whether there is a backup-job for this customer
$result_count = 0;
$sel_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '20'");
Database::pexecute($sel_stmt, null, true, true);
@@ -251,10 +233,10 @@ class DataDump extends ApiCommand implements ResourceEntity
}
/**
* delete a planned data export jobs by id, if called from an admin you need to specify the customerid/loginname
* delete a planned backup-jobs by id, if called from an admin you need to specify the customerid/loginname
*
* @param int $job_entry
* id of data export job
* @param int $backup_job_entry
* id of backup job
* @param int $customerid
* optional, required when called as admin (if $loginname is not specified)
* @param string $loginname
@@ -266,26 +248,26 @@ class DataDump extends ApiCommand implements ResourceEntity
*/
public function delete()
{
// get planned exports
$result = $this->apiCall('DataDump.listing', $this->getParamList());
// get planned backups
$result = $this->apiCall('CustomerBackups.listing', $this->getParamList());
$entry = $this->getParam('job_entry');
$customer_ids = $this->getAllowedCustomerIds('extras.export');
$entry = $this->getParam('backup_job_entry');
$customer_ids = $this->getAllowedCustomerIds('extras.backup');
if ($result['count'] > 0 && $entry > 0) {
// prepare statement
$del_stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_TASKS . "` WHERE `id` = :tid");
// check for the correct job
foreach ($result['list'] as $exportjob) {
if ($exportjob['id'] == $entry && in_array($exportjob['data']['customerid'], $customer_ids)) {
foreach ($result['list'] as $backupjob) {
if ($backupjob['id'] == $entry && in_array($backupjob['data']['customerid'], $customer_ids)) {
Database::pexecute($del_stmt, [
'tid' => $entry
], true, true);
$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] deleted planned customer data export job #" . $entry);
$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] deleted planned customer-backup #" . $entry);
return $this->response(true);
}
}
}
throw new Exception('Data export job with id #' . $entry . ' could not be found', 404);
throw new Exception('Backup job with id #' . $entry . ' could not be found', 404);
}
}

79
lib/Froxlor/Api/Commands/Customers.php
View File

@@ -100,7 +100,7 @@ class Customers extends ApiCommand implements ResourceEntity
AND `id`<> :stdd
");
$usages_stmt = Database::prepare("
SELECT webspace, mail, mysql FROM `" . TABLE_PANEL_DISKSPACE . "`
SELECT * FROM `" . TABLE_PANEL_DISKSPACE . "`
WHERE `customerid` = :cid
ORDER BY `stamp` DESC LIMIT 1
");
@@ -109,10 +109,11 @@ class Customers extends ApiCommand implements ResourceEntity
while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
if ($show_usages) {
// get number of domains
$domains = Database::pexecute_first($domains_stmt, [
Database::pexecute($domains_stmt, [
'cid' => $row['customerid'],
'stdd' => $row['standardsubdomain']
]);
$domains = $domains_stmt->fetch(PDO::FETCH_ASSOC);
$row['domains'] = intval($domains['domains']);
// get disk-space usages for web, mysql and mail
$usages = Database::pexecute_first($usages_stmt, [
@@ -273,13 +274,6 @@ class Customers extends ApiCommand implements ResourceEntity
* @param array $allowed_mysqlserver
* optional, array of IDs of defined mysql-servers the customer is allowed to use,
* default is to allow the default dbserver (id=0)
* @param int $backup
* optional, either 0 to disable backup for this customer or a backup-storage-id
* where backups are to be stored, requires change_serversettings permissions,
* default is system-setting backup.default_storage
* @param bool $access_backups
* optional, where the customer is allowed to view backups, default is system-setting
* default_customer_access
*
* @access admin
* @return string json-encoded array
@@ -366,24 +360,6 @@ class Customers extends ApiCommand implements ResourceEntity
$p_allowed_mysqlserver = [];
}
if ($this->getUserDetail('change_serversettings')) {
$backup = $this->getParam('backup', true, Settings::Get('backup.default_storage'));
if ($backup > 0) {
try {
$this->apiCall('BackupStorages.get', [
'id' => $backup
]);
} catch (Exception $e) {
// not found or other issue, set default
$backup = Settings::Get('backup.default_storage');
}
}
$access_backups = $this->getBoolParam('access_backups', true, Settings::Get('backup.default_customer_access'));
} else {
$backup = Settings::Get('backup.default_storage');
$access_backups = Settings::Get('backup.default_customer_access');
}
// validation
$name = Validate::validate($name, 'name', Validate::REGEX_DESC_TEXT, '', [], true);
$firstname = Validate::validate($firstname, 'first name', Validate::REGEX_DESC_TEXT, '', [], true);
@@ -424,10 +400,6 @@ class Customers extends ApiCommand implements ResourceEntity
}
$allowed_phpconfigs = array_map('intval', $allowed_phpconfigs);
if (empty($allowed_phpconfigs) && $phpenabled == 1) {
Response::standardError('customerphpenabledbutnoconfig', '', true);
}
$allowed_mysqlserver = array();
if (! empty($p_allowed_mysqlserver) && is_array($p_allowed_mysqlserver)) {
foreach ($p_allowed_mysqlserver as $allowed_ms) {
@@ -562,9 +534,7 @@ class Customers extends ApiCommand implements ResourceEntity
'theme' => $_theme,
'custom_notes' => $custom_notes,
'custom_notes_show' => $custom_notes_show,
'allowed_mysqlserver' => empty($allowed_mysqlserver) ? "" : json_encode($allowed_mysqlserver),
'backup' => $backup,
'access_backups' => $access_backups
'allowed_mysqlserver' => empty($allowed_mysqlserver) ? "" : json_encode($allowed_mysqlserver)
];
$ins_stmt = Database::prepare("
@@ -607,9 +577,7 @@ class Customers extends ApiCommand implements ResourceEntity
`theme` = :theme,
`custom_notes` = :custom_notes,
`custom_notes_show` = :custom_notes_show,
`allowed_mysqlserver`= :allowed_mysqlserver,
`backup` = :backup,
`access_backups` = :access_backups
`allowed_mysqlserver`= :allowed_mysqlserver
");
Database::pexecute($ins_stmt, $ins_data, true, true);
@@ -1057,13 +1025,6 @@ class Customers extends ApiCommand implements ResourceEntity
* @param array $allowed_mysqlserver
* optional, array of IDs of defined mysql-servers the customer is allowed to use,
* default is to allow the default dbserver (id=0)
* @param int $backup
* optional, either 0 to disable backup for this customer or a backup-storage-id
* where backups are to be stored, requires change_serversettings permissions,
* default is system-setting backup.default_storage
* @param bool $access_backups
* optional, where the customer is allowed to view backups, default is system-setting
* default_customer_access
*
* @access admin, customer
* @return string json-encoded array
@@ -1125,24 +1086,6 @@ class Customers extends ApiCommand implements ResourceEntity
$deactivated = $this->getBoolParam('deactivated', true, $result['deactivated']);
$theme = $this->getParam('theme', true, $result['theme']);
$allowed_mysqlserver = $this->getParam('allowed_mysqlserver', true, json_decode($result['allowed_mysqlserver'], true));
if ($this->isAdmin() && $this->getUserDetail('change_serversettings')) {
$backup = $this->getParam('backup', true, $result['backup']);
if ($backup > 0) {
try {
$this->apiCall('BackupStorages.get', [
'id' => $backup
]);
} catch (Exception $e) {
// not found or other issue, dont update
$backup = $result['backup'];
}
}
$access_backups = $this->getBoolParam('access_backups', true, Settings::Get('backup.default_customer_access'));
} else {
$backup = $result['backup'];
$access_backups = $result['access_backups'];
}
} else {
// allowed parameters
$def_language = $this->getParam('def_language', true, $result['def_language']);
@@ -1167,9 +1110,6 @@ class Customers extends ApiCommand implements ResourceEntity
if (!empty($allowed_phpconfigs)) {
$allowed_phpconfigs = array_map('intval', $allowed_phpconfigs);
}
if (empty($allowed_phpconfigs) && $phpenabled == 1) {
Response::standardError('customerphpenabledbutnoconfig', '', true);
}
// add permission for allowed mysql usage if customer was not allowed to use mysql prior
if ($result['mysqls'] == 0 && ($mysqls == -1 || $mysqls > 0)) {
@@ -1178,7 +1118,6 @@ class Customers extends ApiCommand implements ResourceEntity
if (! empty($allowed_mysqlserver)) {
$allowed_mysqlserver = array_map('intval', $allowed_mysqlserver);
}
}
$def_language = Validate::validate($def_language, 'default language', '', '', [], true);
$theme = Validate::validate($theme, 'theme', '', '', [], true);
@@ -1451,9 +1390,7 @@ class Customers extends ApiCommand implements ResourceEntity
'custom_notes' => $custom_notes,
'custom_notes_show' => $custom_notes_show,
'api_allowed' => $api_allowed,
'allowed_mysqlserver' => empty($allowed_mysqlserver) ? "" : json_encode($allowed_mysqlserver),
'backup' => $backup,
'access_backups' => $access_backups
'allowed_mysqlserver' => empty($allowed_mysqlserver) ? "" : json_encode($allowed_mysqlserver)
];
$upd_data += $admin_upd_data;
}
@@ -1496,9 +1433,7 @@ class Customers extends ApiCommand implements ResourceEntity
`custom_notes` = :custom_notes,
`custom_notes_show` = :custom_notes_show,
`api_allowed` = :api_allowed,
`allowed_mysqlserver` = :allowed_mysqlserver,
`backup`= :backup,
`access_backups` = :access_backups";
`allowed_mysqlserver` = :allowed_mysqlserver";
$upd_query .= $admin_upd_query;
}
$upd_query .= " WHERE `customerid` = :customerid";

2
lib/Froxlor/Api/Commands/DomainZones.php
View File

@@ -302,8 +302,6 @@ class DomainZones extends ApiCommand implements ResourceEntity
}
} elseif ($type == 'SSHFP' && !empty($content)) {
$content = $content;
} elseif ($type == 'TLSA' && !empty($content)) {
$content = $content;
} elseif ($type == 'TXT' && !empty($content)) {
// check that TXT content is enclosed in " "
$content = Dns::encloseTXTContent($content);

222
lib/Froxlor/Api/Commands/Domains.php
View File

@@ -76,7 +76,7 @@ class Domains extends ApiCommand implements ResourceEntity
$query_fields = [];
$result_stmt = Database::prepare("
SELECT
`d`.*, `c`.`loginname`, `c`.`deactivated` as `customer_deactivated`, `c`.`name`, `c`.`firstname`, `c`.`company`, `c`.`standardsubdomain`, `c`.`adminid` as customeradmin,
`d`.*, `c`.`loginname`, `c`.`deactivated`, `c`.`name`, `c`.`firstname`, `c`.`company`, `c`.`standardsubdomain`, `c`.`adminid` as customeradmin,
`ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain`
FROM `" . TABLE_PANEL_DOMAINS . "` `d`
LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`)
@@ -110,7 +110,7 @@ class Domains extends ApiCommand implements ResourceEntity
*
* @param number $domain_id
* @param bool $ssl_only
* optional, return only ssl enabled ips, default false
* optional, return only ssl enabled ip's, default false
* @return array
*/
private function getIpsForDomain($domain_id = 0, $ssl_only = false)
@@ -190,6 +190,9 @@ class Domains extends ApiCommand implements ResourceEntity
* optional, whether to create an exclusive web-logfile for this domain, default 0 (false)
* @param int $alias
* optional, domain-id of a domain that the new domain should be an alias of, default 0 (none)
* @param int $issubof
* optional, domain-id of a domain this domain is a subdomain of (required for webserver-cronjob to
* generate the correct order), default 0 (none)
* @param string $registration_date
* optional, date of domain registration in form of YYYY-MM-DD, default empty (none)
* @param string $termination_date
@@ -207,7 +210,7 @@ class Domains extends ApiCommand implements ResourceEntity
* @param string $ssl_specialsettings
* optional, custom webserver vhost-content which is added to the generated ssl-vhost, default empty
* @param bool $include_specialsettings
* optional, whether to include non-ssl specialsettings in the generated ssl-vhost, default false
* optional, whether or not to include non-ssl specialsettings in the generated ssl-vhost, default false
* @param bool $notryfiles
* optional, [nginx only] do not generate the default try-files directive, default 0 (false)
* @param bool $writeaccesslog
@@ -216,7 +219,7 @@ class Domains extends ApiCommand implements ResourceEntity
* optional, Enable writing an error-log file for this domain, default 1 (true)
* @param string $documentroot
* optional, specify homedir of domain by specifying a directory (relative to customer-docroot), be
* aware, if path starts with / it is considered a full path, not relative to customer-docroot. Also
* aware, if path starts with / it it considered a full path, not relative to customer-docroot. Also
* specifying a URL is possible here (redirect), default empty (autogenerated)
* @param bool $phpenabled
* optional, whether php is enabled for this domain, default 0 (false)
@@ -241,7 +244,7 @@ class Domains extends ApiCommand implements ResourceEntity
* optional, do NOT set the systems default ssl ip addresses if none are given via $ssl_ipandport
* parameter
* @param bool $sslenabled
* optional, whether SSL is enabled for this domain, regardless of the assigned ssl-ips, default
* optional, whether or not SSL is enabled for this domain, regardless of the assigned ssl-ips, default
* 1 (true)
* @param bool $http2
* optional, whether to enable http/2 for this domain (requires to be enabled in the settings), default
@@ -249,9 +252,9 @@ class Domains extends ApiCommand implements ResourceEntity
* @param int $hsts_maxage
* optional max-age value for HSTS header
* @param bool $hsts_sub
* optional whether to add subdomains to the HSTS header
* optional whether or not to add subdomains to the HSTS header
* @param bool $hsts_preload
* optional whether to preload HSTS header value
* optional whether or not to preload HSTS header value
* @param bool $ocsp_stapling
* optional whether to enable ocsp-stapling for this domain. default 0 (false), requires SSL
* @param bool $honorcipherorder
@@ -260,7 +263,7 @@ class Domains extends ApiCommand implements ResourceEntity
* optional whether to enable or disable TLS sessiontickets (RFC 5077) for this domain. default 1
* (true), requires SSL
* @param bool $override_tls
* optional whether to override system-tls settings like protocol, ssl-ciphers and if applicable
* optional whether or not to override system-tls settings like protocol, ssl-ciphers and if applicable
* tls-1.3 ciphers, requires change_serversettings flag for the admin, default false
* @param array $ssl_protocols
* optional list of allowed/used ssl/tls protocols, see system.ssl_protocols setting, only used/required
@@ -295,6 +298,7 @@ class Domains extends ApiCommand implements ResourceEntity
$serveraliasoption = $this->getParam('selectserveralias', true, Settings::Get('system.domaindefaultalias'));
$speciallogfile = $this->getBoolParam('speciallogfile', true, 0);
$aliasdomain = intval($this->getParam('alias', true, 0));
$issubof = $this->getParam('issubof', true, 0);
$registration_date = $this->getParam('registration_date', true, '');
$termination_date = $this->getParam('termination_date', true, '');
$caneditdomain = $this->getBoolParam('caneditdomain', true, 0);
@@ -661,6 +665,10 @@ class Domains extends ApiCommand implements ResourceEntity
$serveraliasoption = '0';
}
if ($issubof <= 0) {
$issubof = '0';
}
$idna_convert = new IdnaWrapper();
if ($domain == '') {
Response::standardError([
@@ -715,6 +723,7 @@ class Domains extends ApiCommand implements ResourceEntity
'phpsettingid' => $phpsettingid,
'mod_fcgid_starter' => $mod_fcgid_starter,
'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests,
'ismainbutsubto' => $issubof,
'letsencrypt' => $letsencrypt,
'http2' => $http2,
'hsts' => $hsts_maxage,
@@ -768,6 +777,7 @@ class Domains extends ApiCommand implements ResourceEntity
`phpsettingid` = :phpsettingid,
`mod_fcgid_starter` = :mod_fcgid_starter,
`mod_fcgid_maxrequests` = :mod_fcgid_maxrequests,
`ismainbutsubto` = :ismainbutsubto,
`letsencrypt` = :letsencrypt,
`http2` = :http2,
`hsts` = :hsts,
@@ -1059,6 +1069,9 @@ class Domains extends ApiCommand implements ResourceEntity
* default 0 (false)
* @param int $alias
* optional, domain-id of a domain that the new domain should be an alias of, default 0 (none)
* @param int $issubof
* optional, domain-id of a domain this domain is a subdomain of (required for webserver-cronjob to
* generate the correct order), default 0 (none)
* @param string $registration_date
* optional, date of domain registration in form of YYYY-MM-DD, default empty (none)
* @param string $termination_date
@@ -1076,7 +1089,7 @@ class Domains extends ApiCommand implements ResourceEntity
* @param string $ssl_specialsettings
* optional, custom webserver vhost-content which is added to the generated ssl-vhost, default empty
* @param bool $include_specialsettings
* optional, whether to include non-ssl specialsettings in the generated ssl-vhost, default false
* optional, whether or not to include non-ssl specialsettings in the generated ssl-vhost, default false
* @param bool $specialsettingsforsubdomains
* optional, whether to apply specialsettings to all subdomains of this domain, default is read from
* setting system.apply_specialsettings_default
@@ -1088,7 +1101,7 @@ class Domains extends ApiCommand implements ResourceEntity
* optional, Enable writing an error-log file for this domain, default 1 (true)
* @param string $documentroot
* optional, specify homedir of domain by specifying a directory (relative to customer-docroot), be
* aware, if path starts with / it is considered a full path, not relative to customer-docroot. Also
* aware, if path starts with / it it considered a full path, not relative to customer-docroot. Also
* specifying a URL is possible here (redirect), default empty (autogenerated)
* @param bool $phpenabled
* optional, whether php is enabled for this domain, default 0 (false)
@@ -1117,7 +1130,7 @@ class Domains extends ApiCommand implements ResourceEntity
* optional, if set to true and no $ssl_ipandport value is given, the ip's get removed, otherwise, the
* currently set value is used, default false
* @param bool $sslenabled
* optional, whether SSL is enabled for this domain, regardless of the assigned ssl-ips, default
* optional, whether or not SSL is enabled for this domain, regardless of the assigned ssl-ips, default
* 1 (true)
* @param bool $http2
* optional, whether to enable http/2 for this domain (requires to be enabled in the settings), default
@@ -1125,9 +1138,9 @@ class Domains extends ApiCommand implements ResourceEntity
* @param int $hsts_maxage
* optional max-age value for HSTS header
* @param bool $hsts_sub
* optional whether to add subdomains to the HSTS header
* optional whether or not to add subdomains to the HSTS header
* @param bool $hsts_preload
* optional whether to preload HSTS header value
* optional whether or not to preload HSTS header value
* @param bool $ocsp_stapling
* optional whether to enable ocsp-stapling for this domain. default 0 (false), requires SSL
* @param bool $honorcipherorder
@@ -1137,8 +1150,6 @@ class Domains extends ApiCommand implements ResourceEntity
* (true), requires SSL
* @param string $description
* optional custom description (currently not used/shown in the frontend), default empty
* @param bool $deactivated
* optional, if 1 (true) the domain can be deactivated/suspended
*
* @access admin
* @return string json-encoded array
@@ -1180,6 +1191,7 @@ class Domains extends ApiCommand implements ResourceEntity
$speciallogfile = $this->getBoolParam('speciallogfile', true, $result['speciallogfile']);
$speciallogverified = $this->getBoolParam('speciallogverified', true, 0);
$aliasdomain = intval($this->getParam('alias', true, $result['aliasdomain']));
$issubof = $this->getParam('issubof', true, $result['ismainbutsubto']);
$registration_date = $this->getParam('registration_date', true, $result['registration_date']);
$termination_date = $this->getParam('termination_date', true, $result['termination_date']);
$caneditdomain = $this->getBoolParam('caneditdomain', true, $result['caneditdomain']);
@@ -1234,7 +1246,6 @@ class Domains extends ApiCommand implements ResourceEntity
$tlsv13_cipher_list = $result['tlsv13_cipher_list'];
}
$description = $this->getParam('description', true, $result['description']);
$deactivated = $this->getBoolParam('deactivated', true, $result['deactivated']);
// count subdomain usage of source-domain
$subdomains_stmt = Database::prepare("
@@ -1629,6 +1640,10 @@ class Domains extends ApiCommand implements ResourceEntity
Response::standardError('domainisaliasorothercustomer', '', true);
}
if ($issubof <= 0) {
$issubof = '0';
}
if ($serveraliasoption != '1' && $serveraliasoption != '2') {
$serveraliasoption = '0';
}
@@ -1651,6 +1666,7 @@ class Domains extends ApiCommand implements ResourceEntity
|| $writeaccesslog != $result['writeaccesslog']
|| $writeerrorlog != $result['writeerrorlog']
|| $aliasdomain != $result['aliasdomain']
|| $issubof != $result['ismainbutsubto']
|| $email_only != $result['email_only']
|| ($speciallogfile != $result['speciallogfile'] && $speciallogverified == '1')
|| $letsencrypt != $result['letsencrypt']
@@ -1821,6 +1837,7 @@ class Domains extends ApiCommand implements ResourceEntity
$update_data['writeerrorlog'] = $writeerrorlog;
$update_data['registration_date'] = $registration_date;
$update_data['termination_date'] = $termination_date;
$update_data['ismainbutsubto'] = $issubof;
$update_data['letsencrypt'] = $letsencrypt;
$update_data['http2'] = $http2;
$update_data['hsts'] = $hsts_maxage;
@@ -1835,7 +1852,6 @@ class Domains extends ApiCommand implements ResourceEntity
$update_data['honorcipherorder'] = $honorcipherorder;
$update_data['sessiontickets'] = $sessiontickets;
$update_data['description'] = $description;
$update_data['deactivated'] = $deactivated;
$update_data['id'] = $id;
$update_stmt = Database::prepare("
@@ -1869,6 +1885,7 @@ class Domains extends ApiCommand implements ResourceEntity
`writeerrorlog` = :writeerrorlog,
`registration_date` = :registration_date,
`termination_date` = :termination_date,
`ismainbutsubto` = :ismainbutsubto,
`letsencrypt` = :letsencrypt,
`http2` = :http2,
`hsts` = :hsts,
@@ -1882,36 +1899,11 @@ class Domains extends ApiCommand implements ResourceEntity
`ssl_enabled` = :sslenabled,
`ssl_honorcipherorder` = :honorcipherorder,
`ssl_sessiontickets` = :sessiontickets,
`description` = :description,
`deactivated` = :deactivated
`description` = :description
WHERE `id` = :id
");
Database::pexecute($update_stmt, $update_data, true, true);
// activate/deactivate domain-based services
if ($deactivated != $result['deactivated']) {
// deactivate email accounts
$yesno = ($deactivated ? 'N' : 'Y');
$pop3 = ($deactivated ? '0' : (int)$customer['pop3']);
$imap = ($deactivated ? '0' : (int)$customer['imap']);
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_MAIL_USERS . "`
SET `postfix`= :yesno, `pop3` = :pop3, `imap` = :imap
WHERE `customerid` = :customerid AND `domainid` = :domainid
");
Database::pexecute($upd_stmt, [
'yesno' => $yesno,
'pop3' => $pop3,
'imap' => $imap,
'customerid' => $customerid,
'domainid' => $id
]);
$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] " . ($deactivated ? 'deactivated' : 'reactivated') . " domain '" . $result['domain'] . "'");
Cronjob::inserttask(TaskId::REBUILD_VHOST);
}
$_update_data['customerid'] = $customerid;
$_update_data['adminid'] = $adminid;
$_update_data['phpenabled'] = $phpenabled;
@@ -1929,7 +1921,6 @@ class Domains extends ApiCommand implements ResourceEntity
$_update_data['honorcipherorder'] = $honorcipherorder;
$_update_data['sessiontickets'] = $sessiontickets;
$_update_data['parentdomainid'] = $id;
$_update_data['deactivated'] = $deactivated;
// if php config is to be set for all subdomains, check here
$update_phpconfig = '';
@@ -1962,8 +1953,7 @@ class Domains extends ApiCommand implements ResourceEntity
`ssl_cipher_list` = :ssl_cipher_list,
`tlsv13_cipher_list` = :tlsv13_cipher_list,
`ssl_honorcipherorder` = :honorcipherorder,
`ssl_sessiontickets` = :sessiontickets,
`deactivated` = :deactivated
`ssl_sessiontickets` = :sessiontickets
" . $update_phpconfig . $upd_specialsettings . $updatechildren . $update_sslredirect . "
WHERE `parentdomainid` = :parentdomainid
");
@@ -2083,6 +2073,9 @@ class Domains extends ApiCommand implements ResourceEntity
* optional, the domain-id
* @param string $domainname
* optional, the domainname
* @param bool $delete_mainsubdomains
* optional, remove also domains that are subdomains of this domain but added as main domains; default
* false
* @param bool $is_stdsubdomain
* optional, default false, specify whether it's a std-subdomain you are deleting as it does not count
* as subdomain-resource
@@ -2098,6 +2091,7 @@ class Domains extends ApiCommand implements ResourceEntity
$dn_optional = $id > 0;
$domainname = $this->getParam('domainname', $dn_optional, '');
$is_stdsubdomain = $this->getParam('is_stdsubdomain', true, 0);
$remove_subbutmain_domains = $this->getParam('delete_mainsubdomains', true, 0);
$result = $this->apiCall('Domains.get', [
'id' => $id,
@@ -2105,10 +2099,15 @@ class Domains extends ApiCommand implements ResourceEntity
]);
$id = $result['id'];
// check for deletion of main-domains which are logically subdomains, #329
$rsd_sql = '';
if ($remove_subbutmain_domains) {
$rsd_sql .= " OR `ismainbutsubto` = :id";
}
$subresult_stmt = Database::prepare("
SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "`
WHERE (`id` = :id OR `parentdomainid` = :id)
");
WHERE (`id` = :id OR `parentdomainid` = :id " . $rsd_sql . ")");
Database::pexecute($subresult_stmt, [
'id' => $id
], true, true);
@@ -2130,10 +2129,23 @@ class Domains extends ApiCommand implements ResourceEntity
$this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] deleted domain/s from mail-tables");
}
// if mainbutsubto-domains are not to be deleted, re-assign the (ismainbutsubto value of the main
// domain which is being deleted) as their new ismainbutsubto value
if ($remove_subbutmain_domains !== 1) {
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
`ismainbutsubto` = :newIsMainButSubtoValue
WHERE `ismainbutsubto` = :deletedMainDomainId
");
Database::pexecute($upd_stmt, [
'newIsMainButSubtoValue' => $result['ismainbutsubto'],
'deletedMainDomainId' => $id
], true, true);
}
$del_stmt = Database::prepare("
DELETE FROM `" . TABLE_PANEL_DOMAINS . "`
WHERE `id` = :id OR `parentdomainid` = :id
");
WHERE `id` = :id OR `parentdomainid` = :id " . $rsd_sql);
Database::pexecute($del_stmt, [
'id' => $id
], true, true);
@@ -2218,114 +2230,4 @@ class Domains extends ApiCommand implements ResourceEntity
}
throw new Exception("Not allowed to execute given command.", 403);
}
/**
* duplicate domain entry by either id or domainname. All parameters from Domains.add() can be used
* to overwrite source entity values if necessary.
*
* @param int $id
* optional, the domain-id
* @param string $domainname
* optional, the domainname
* @param string $domain
* required, name of the new domain to be added
*
* @access admin
* @return string json-encoded array
* @throws Exception
*/
public function duplicate()
{
if ($this->isAdmin()) {
// parameters
$id = $this->getParam('id', true, 0);
$dn_optional = $id > 0;
$domainname = $this->getParam('domainname', $dn_optional, '');
$p_domain = $this->getParam('domain');
// get requested domain
$result = $this->apiCall('Domains.get', [
'id' => $id,
'domainname' => $domainname,
]);
// clear some defaults
unset($result['domain_ace']);
unset($result['adminid']);
unset($result['documentroot']);
unset($result['registration_date']);
unset($result['termination_date']);
unset($result['zonefile']);
// clear auto-generated values
unset($result['bindserial']);
unset($result['dkim_privkey']);
unset($result['dkim_pubkey']);
// clear api-call generated fields
unset($result['domain_hascert']);
// set correct ip/port information
$domain_ips = $result['ipsandports'];
unset($result['ipsandports']);
$result['ipandport'] = [];
$result['ssl_ipandport'] = [];
foreach ($domain_ips as $dip) {
if ($dip['ssl'] == 1) {
$result['ssl_ipandport'][] = $dip['id'];
} else {
$result['ipandport'][] = $dip['id'];
}
}
// check whether we are changing the customer/owner
if ($this->getParam('customerid', true, 0) == 0 && $this->getParam('loginname', true, '') == '') {
$customerid = $result['customerid'];
} else {
$customer = $this->getCustomerData();
$customerid = $customer['customerid'];
}
// check for alias-domain and whether it belongs to the target user
if (!empty($result['aliasdomain']) && $customerid == $result['customerid']) {
// duplicate alias entry
$result['alias'] = $result['aliasdomain'];
}
unset($result['aliasdomain']);
// validate possible fpm configs and whether the customer is allowed to use them
if ($customerid != $result['customerid']) {
$allowed_phpconfigs = json_decode($customer['allowed_phpconfigs'] ?? '[]', true);
if (empty($allowed_phpconfigs)) {
// system defaults
unset($result['phpsettingid']);
} elseif (!in_array($result['phpsettingid'], $allowed_phpconfigs)) {
// use the first customer allowed config
$result['phpsettingid'] = array_shift($allowed_phpconfigs);
}
}
// translate serveralias values
$result['selectserveralias'] = 2;
if ((int)$result['wwwserveralias'] == 1) {
$result['selectserveralias'] = 1;
} elseif ((int)$result['iswildcarddomain'] == 1) {
$result['selectserveralias'] = 0;
}
unset($result['wwwserveralias']);
unset($result['iswildcarddomain']);
$additional_params = $this->getParamList();
// unset unneeded params from this call
unset($additional_params['id']);
unset($additional_params['domainname']);
unset($additional_params['domain']);
// set new values and merge with optional add() parameters
$new_domain = array_merge($result, $additional_params);
$new_domain['domain'] = $p_domain;
$result_new = $this->apiCall('Domains.add', $new_domain);
return $this->response($result_new);
}
throw new Exception("Not allowed to execute given command.", 403);
}
}

4
lib/Froxlor/Api/Commands/EmailAccounts.php
View File

@@ -95,13 +95,9 @@ class EmailAccounts extends ApiCommand implements ResourceEntity
$customer = $this->getCustomerData('email_accounts');
// check for imap||pop3 == 1, see #1298
// d00p, 6.5.2023 @revert this - if a customer has resources which allow email accounts
// it implicitly allowed SMTP, e.g. sending of emails which also requires an account to exist
/*
if ($customer['imap'] != '1' && $customer['pop3'] != '1') {
Response::standardError('notallowedtouseaccounts', '', true);
}
*/
if (!empty($emailaddr)) {
$idna_convert = new IdnaWrapper();

93
lib/Froxlor/Api/Commands/Emails.php
View File

@@ -75,6 +75,7 @@ class Emails extends ApiCommand implements ResourceEntity
// parameters
$iscatchall = $this->getBoolParam('iscatchall', true, 0);
$disablegreylist = $this->getBoolParam('disablegreylist', true, 0);
$description = $this->getParam('description', true, '');
// validation
@@ -88,12 +89,9 @@ class Emails extends ApiCommand implements ResourceEntity
$domain_check = $this->apiCall('SubDomains.get', [
'domainname' => $domain
], true);
if ((int)$domain_check['isemaildomain'] == 0) {
if ($domain_check['isemaildomain'] == 0) {
Response::standardError('maindomainnonexist', $domain, true);
}
if ((int)$domain_check['deactivated'] == 1) {
Response::standardError('maindomaindeactivated', $domain, true);
}
if (Settings::Get('catchall.catchall_enabled') != '1') {
$iscatchall = 0;
@@ -121,7 +119,7 @@ class Emails extends ApiCommand implements ResourceEntity
// duplicate check
$stmt = Database::prepare("
SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid` FROM `" . TABLE_MAIL_VIRTUAL . "`
SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid`, `disablegreylist` FROM `" . TABLE_MAIL_VIRTUAL . "`
WHERE (`email` = :email OR `email_full` = :emailfull )
AND `customerid`= :cid
");
@@ -147,7 +145,8 @@ class Emails extends ApiCommand implements ResourceEntity
`email_full` = :email_full,
`iscatchall` = :iscatchall,
`domainid` = :domainid,
`description` = :description
`description` = :description,
`disablegreylist` = :disablegreylist
");
$params = [
"cid" => $customer['customerid'],
@@ -155,7 +154,8 @@ class Emails extends ApiCommand implements ResourceEntity
"email_full" => $email_full,
"iscatchall" => $iscatchall,
"domainid" => $domain_check['id'],
"description" => $description
"description" => $description,
"disablegreylist" => $disablegreylist
];
Database::pexecute($stmt, $params, true, true);
@@ -194,7 +194,7 @@ class Emails extends ApiCommand implements ResourceEntity
$customer_ids = $this->getAllowedCustomerIds('email');
$params['idea'] = ($id <= 0 ? $emailaddr : $id);
$result_stmt = Database::prepare("SELECT v.`id`, v.`email`, v.`email_full`, v.`iscatchall`, v.`destination`, v.`customerid`, v.`popaccountid`, v.`domainid`, v.`description`, u.`quota`, u.`imap`, u.`pop3`, u.`postfix`, u.`mboxsize`
$result_stmt = Database::prepare("SELECT v.`id`, v.`email`, v.`email_full`, v.`iscatchall`, v.`disablegreylist`, v.`destination`, v.`customerid`, v.`popaccountid`, v.`domainid`, v.`description`, u.`quota`, u.`imap`, u.`pop3`, u.`postfix`, u.`mboxsize`
FROM `" . TABLE_MAIL_VIRTUAL . "` v
LEFT JOIN `" . TABLE_MAIL_USERS . "` u ON v.`popaccountid` = u.`id`
WHERE v.`customerid` IN (" . implode(", ", $customer_ids) . ")
@@ -305,6 +305,81 @@ class Emails extends ApiCommand implements ResourceEntity
return $this->response($result);
}
/**
* toggle greylist flag of given email address either by id or email-address
*
* @param int $id
* optional, the email-address-id
* @param string $emailaddr
* optional, the email-address
* @param int $customerid
* optional, required when called as admin (if $loginname is not specified)
* @param string $loginname
* optional, required when called as admin (if $customerid is not specified)
* @param boolean $greylist
* optional
* @param string $description
* optional custom description (currently not used/shown in the frontend), default empty
*
* @access admin, customer
* @return string json-encoded array
* @throws Exception
*/
public function updateGreylist()
{
if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'email')) {
throw new Exception("You cannot access this resource", 405);
}
// if enabling catchall is not allowed by settings, we do not need
// to run update()
/** if (Settings::Get('catchall.catchall_enabled') != '1') {
Response::standardError([
'operationnotpermitted',
'featureisdisabled'
], 'catchall', true);
} */
$id = $this->getParam('id', true, 0);
$ea_optional = $id > 0;
$emailaddr = $this->getParam('emailaddr', $ea_optional, '');
$result = $this->apiCall('Emails.get', [
'id' => $id,
'emailaddr' => $emailaddr
]);
$id = $result['id'];
$email = $result['email'];
// parameters
$disablegreylist = $this->getBoolParam('disablegreylist', true, $result['disablegreylist']);
$description = $this->getParam('description', true, $result['description']);
// get needed customer info to reduce the email-address-counter by one
$customer = $this->getCustomerData();
// check for catchall-flag
$stmt = Database::prepare("
UPDATE `" . TABLE_MAIL_VIRTUAL . "`
SET `email` = :email , `disablegreylist` = :grflag, `description` = :description
WHERE `customerid`= :cid AND `id`= :id
");
$params = [
"email" => $email,
"grflag" => $disablegreylist,
"description" => $description,
"cid" => $customer['customerid'],
"id" => $id
];
Database::pexecute($stmt, $params, true, true);
$this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] toggled greylist-flag for email address '" . $result['email_full'] . "'");
$result = $this->apiCall('Emails.get', [
'emailaddr' => $result['email_full']
]);
return $this->response($result);
}
/**
* list all email addresses, if called from an admin, list all email addresses of all customers you are allowed to
* view, or specify id or loginname for one specific customer
@@ -334,7 +409,7 @@ class Emails extends ApiCommand implements ResourceEntity
$result = [];
$query_fields = [];
$result_stmt = Database::prepare("
SELECT m.`id`, m.`domainid`, m.`email`, m.`email_full`, m.`iscatchall`, m.`destination`, m.`popaccountid`, d.`domain`, u.`quota`, u.`imap`, u.`pop3`, u.`postfix`, u.`mboxsize`
SELECT m.`id`, m.`domainid`, m.`email`, m.`email_full`, m.`iscatchall`, m.`disablegreylist`, m.`destination`, m.`popaccountid`, d.`domain`, u.`quota`, u.`imap`, u.`pop3`, u.`postfix`, u.`mboxsize`
FROM `" . TABLE_MAIL_VIRTUAL . "` m
LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` d ON (m.`domainid` = d.`id`)
LEFT JOIN `" . TABLE_MAIL_USERS . "` u ON (m.`popaccountid` = u.`id`)

74
lib/Froxlor/Api/Commands/Froxlor.php
View File

@@ -37,7 +37,6 @@ use Froxlor\Settings;
use Froxlor\SImExporter;
use Froxlor\System\Cronjob;
use Froxlor\System\Crypt;
use Froxlor\Validate\Validate;
use PDO;
use RecursiveDirectoryIterator;
use RecursiveIteratorIterator;
@@ -270,79 +269,6 @@ class Froxlor extends ApiCommand
return $this->response(Crypt::generatePassword($length));
}
/**
* return a one-time login link URL for a given user
*
* @param int $customerid optional, required if $loginname is not specified, user to create link for
* @param string $loginname optional, required if $customerid is not specified, user to create link for
* @param int $valid_time optional, value in seconds how long the link will be valid, default is 10 seconds, valid values are numbers from 10 to 120
* @param string $allowed_from optional, comma separated list of ip addresses or networks to allow login from via this link
*
* @access admin
* @return string json-encoded array [base => domain, uri => relative link]
* @throws Exception
*/
public function generateLoginLink()
{
if ($this->isAdmin()) {
$customer = $this->getCustomerData();
// cannot create link for deactivated users
if ((int)$customer['deactivated'] == 1) {
throw new Exception("Cannot generate link for deactivated user", 406);
}
$valid_time = (int)$this->getParam('valid_time', true, 10);
$allowed_from = $this->getParam('allowed_from', true, '');
$valid_time = Validate::validate($valid_time, 'valid time', '/^(1[0-1][0-9]|120|[1-9][0-9])$/', 'invalid_validtime', [10], true);
// validate allowed_from
if (!empty($allowed_from)) {
$ip_list = array_map('trim', explode(",", $allowed_from));
$_check_list = $ip_list;
foreach ($_check_list as $idx => $ip) {
if (Validate::validate_ip2($ip, true, 'invalidip', true, true, true) == false) {
throw new Exception('Invalid ip address', 406);
}
// check for cidr
if (strpos($ip, '/') !== false) {
$ipparts = explode("/", $ip);
// shorten IP
$ip = inet_ntop(inet_pton($ipparts[0]));
// re-add cidr
$ip .= '/' . $ipparts[1];
} else {
// shorten IP
$ip = inet_ntop(inet_pton($ip));
}
$ip_list[$idx] = $ip;
}
$allowed_from = implode(",", array_unique($ip_list));
}
$hash = hash('sha256', openssl_random_pseudo_bytes(64 * 64));
$ins_stmt = Database::prepare("
INSERT INTO `" . TABLE_PANEL_LOGINLINKS . "`
SET `hash` = :hash, `loginname` = :loginname, `valid_until` = :validuntil, `allowed_from` = :allowedfrom
ON DUPLICATE KEY UPDATE `hash` = :hash, `valid_until` = :validuntil, `allowed_from` = :allowedfrom
");
Database::pexecute($ins_stmt, [
'hash' => $hash,
'loginname' => $customer['loginname'],
'validuntil' => time() + $valid_time,
'allowedfrom' => $allowed_from
]);
return $this->response([
'base' => 'https://' . Settings::Get('system.hostname') . '/' . (Settings::Get('system.froxlordirectlyviahostname') != 1 ? basename(\Froxlor\Froxlor::getInstallDir()) . '/' : ''),
'uri' => 'index.php?action=ll&ln=' . $customer['loginname'] . '&h=' . $hash
]);
}
throw new Exception("Not allowed to execute given command.", 403);
}
/**
* can be used to remotely run the integritiy checks froxlor implements
*

16
lib/Froxlor/Api/Commands/Ftps.php
View File

@@ -72,8 +72,6 @@ class Ftps extends ApiCommand implements ResourceEntity
* optional whether to add additional usernames to the group
* @param bool $is_defaultuser
* optional whether this is the standard default ftp user which is being added so no usage is decreased
* @param bool $login_enabled
* optional whether to allow login (default) or not
*
* @access admin, customer
* @return string json-encoded array
@@ -86,7 +84,6 @@ class Ftps extends ApiCommand implements ResourceEntity
}
$is_defaultuser = $this->getBoolParam('is_defaultuser', true, 0);
$login_enabled = $this->getBoolParam('login_enabled', true, 1);
if (($this->getUserDetail('ftps_used') < $this->getUserDetail('ftps') || $this->getUserDetail('ftps') == '-1') || $this->isAdmin() && $is_defaultuser == 1) {
// required parameters
@@ -179,14 +176,13 @@ class Ftps extends ApiCommand implements ResourceEntity
$stmt = Database::prepare("INSERT INTO `" . TABLE_FTP_USERS . "`
(`customerid`, `username`, `description`, `password`, `homedir`, `login_enabled`, `uid`, `gid`, `shell`)
VALUES (:customerid, :username, :description, :password, :homedir, :loginenabled, :guid, :guid, :shell)");
VALUES (:customerid, :username, :description, :password, :homedir, 'y', :guid, :guid, :shell)");
$params = [
"customerid" => $customer['customerid'],
"username" => $username,
"description" => $description,
"password" => $cryptPassword,
"homedir" => $path,
"loginenabled" => $login_enabled ? 'Y' : 'N',
"guid" => $customer['guid'],
"shell" => $shell
];
@@ -393,8 +389,6 @@ class Ftps extends ApiCommand implements ResourceEntity
* optional, description for ftp-user
* @param string $shell
* optional, default /bin/false (not changeable when deactivated)
* @param bool $login_enabled
* optional whether to allow login (default) or not
* @param int $customerid
* optional, required when called as admin (if $loginname is not specified)
* @param string $loginname
@@ -425,7 +419,6 @@ class Ftps extends ApiCommand implements ResourceEntity
$password = $this->getParam('ftp_password', true, '');
$description = $this->getParam('ftp_description', true, $result['description']);
$shell = $this->getParam('shell', true, $result['shell']);
$login_enabled = $this->getBoolParam('login_enabled', true, ($result['login_enabled'] == 'Y' ? 1 : 0));
// validation
$password = Validate::validate($password, 'password', '', '', [], true);
@@ -437,10 +430,6 @@ class Ftps extends ApiCommand implements ResourceEntity
$shell = "/bin/false";
}
if ($login_enabled != 1) {
$login_enabled = 0;
}
// get needed customer info to reduce the ftp-user-counter by one
$customer = $this->getCustomerData();
@@ -491,14 +480,13 @@ class Ftps extends ApiCommand implements ResourceEntity
$stmt = Database::prepare("
UPDATE `" . TABLE_FTP_USERS . "`
SET `description` = :desc, `shell` = :shell, `login_enabled` = :loginenabled
SET `description` = :desc, `shell` = :shell
WHERE `customerid` = :customerid
AND `id` = :id
");
Database::pexecute($stmt, [
"desc" => $description,
"shell" => $shell,
"loginenabled" => $login_enabled ? 'Y' : 'N',
"customerid" => $customer['customerid'],
"id" => $id
], true, true);

61
lib/Froxlor/Api/Commands/SubDomains.php
View File

@@ -67,8 +67,6 @@ class SubDomains extends ApiCommand implements ResourceEntity
* optional, php-settings-id, if empty the $domain value is used
* @param int $redirectcode
* optional, redirect-code-id from TABLE_PANEL_REDIRECTCODES
* @param int $speciallogfile
* optional, whether to create an exclusive web-logfile for this domain (1) or not (0) or inherit value from parentdomain (2, default)
* @param bool $sslenabled
* optional, whether or not SSL is enabled for this domain, regardless of the assigned ssl-ips, default
* 1 (true)
@@ -109,7 +107,6 @@ class SubDomains extends ApiCommand implements ResourceEntity
$openbasedir_path = $this->getParam('openbasedir_path', true, 0);
$phpsettingid = $this->getParam('phpsettingid', true, 0);
$redirectcode = $this->getParam('redirectcode', true, Settings::Get('customredirect.default'));
$speciallogfile = intval($this->getParam('speciallogfile', true, 2));
$isemaildomain = $this->getParam('isemaildomain', true, 0);
if (Settings::Get('system.use_ssl')) {
$sslenabled = $this->getBoolParam('sslenabled', true, 1);
@@ -232,9 +229,6 @@ class SubDomains extends ApiCommand implements ResourceEntity
} elseif ($completedomain_check && strtolower($completedomain_check['domain']) == strtolower($completedomain)) {
// the domain does already exist as main-domain
Response::standardError('domainexistalready', $completedomain, true);
} elseif ((int)$domain_check['deactivated'] == 1) {
// main domain is deactivated
Response::standardError('maindomaindeactivated', $domain, true);
}
// if allowed, check for 'is email domain'-flag
@@ -279,11 +273,6 @@ class SubDomains extends ApiCommand implements ResourceEntity
$ssl_redirect = 2;
}
// validate speciallogfile value
if ($speciallogfile < 0 || $speciallogfile > 2) {
$speciallogfile = 2; // inherit from parent-domain
}
// get the phpsettingid from parentdomain, #107
$phpsid_stmt = Database::prepare("
SELECT `phpsettingid` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `id` = :id
@@ -362,7 +351,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
"openbasedir" => $domain_check['openbasedir'],
"openbasedir_path" => $openbasedir_path,
"phpenabled" => $domain_check['phpenabled'],
"speciallogfile" => $speciallogfile == 2 ? $domain_check['speciallogfile'] : $speciallogfile,
"speciallogfile" => $domain_check['speciallogfile'],
"specialsettings" => $domain_check['specialsettings'],
"ssl_specialsettings" => $domain_check['ssl_specialsettings'],
"include_specialsettings" => $domain_check['include_specialsettings'],
@@ -599,11 +588,6 @@ class SubDomains extends ApiCommand implements ResourceEntity
* optional, php-settings-id, if empty the $domain value is used
* @param int $redirectcode
* optional, redirect-code-id from TABLE_PANEL_REDIRECTCODES
* @param bool $speciallogfile
* optional, whether to create an exclusive web-logfile for this domain
* @param bool $speciallogverified
* optional, when setting $speciallogfile to false, this needs to be set to true to confirm the action,
* default 0 (false)
* @param bool $sslenabled
* optional, whether or not SSL is enabled for this domain, regardless of the assigned ssl-ips, default
* 1 (true)
@@ -661,8 +645,6 @@ class SubDomains extends ApiCommand implements ResourceEntity
$openbasedir_path = $this->getParam('openbasedir_path', true, $result['openbasedir_path']);
$phpsettingid = $this->getParam('phpsettingid', true, $result['phpsettingid']);
$redirectcode = $this->getParam('redirectcode', true, Domain::getDomainRedirectId($id));
$speciallogfile = $this->getBoolParam('speciallogfile', true, $result['speciallogfile']);
$speciallogverified = $this->getBoolParam('speciallogverified', true, 0);
if (Settings::Get('system.use_ssl')) {
$sslenabled = $this->getBoolParam('sslenabled', true, $result['ssl_enabled']);
$ssl_redirect = $this->getBoolParam('ssl_redirect', true, $result['ssl_redirect']);
@@ -772,10 +754,6 @@ class SubDomains extends ApiCommand implements ResourceEntity
$ssl_redirect = 2;
}
if ($speciallogfile != $result['speciallogfile'] && $speciallogverified != '1') {
$speciallogfile = $result['speciallogfile'];
}
// is-email-domain flag changed - remove mail accounts and mail-addresses
if (($result['isemaildomain'] == '1') && $isemaildomain == '0') {
$params = [
@@ -808,21 +786,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
Domain::updateRedirectOfDomain($id, $redirectcode);
}
if ($path != $result['documentroot']
|| $isemaildomain != $result['isemaildomain']
|| $wwwserveralias != $result['wwwserveralias']
|| $iswildcarddomain != $result['iswildcarddomain']
|| $aliasdomain != (int)$result['aliasdomain']
|| $openbasedir_path != $result['openbasedir_path']
|| $ssl_redirect != $result['ssl_redirect']
|| $letsencrypt != $result['letsencrypt']
|| $hsts_maxage != $result['hsts']
|| $hsts_sub != $result['hsts_sub']
|| $hsts_preload != $result['hsts_preload']
|| $phpsettingid != $result['phpsettingid']
|| $http2 != $result['http2']
|| ($speciallogfile != $result['speciallogfile'] && $speciallogverified == '1')
) {
if ($path != $result['documentroot'] || $isemaildomain != $result['isemaildomain'] || $wwwserveralias != $result['wwwserveralias'] || $iswildcarddomain != $result['iswildcarddomain'] || $aliasdomain != (int)$result['aliasdomain'] || $openbasedir_path != $result['openbasedir_path'] || $ssl_redirect != $result['ssl_redirect'] || $letsencrypt != $result['letsencrypt'] || $hsts_maxage != $result['hsts'] || $hsts_sub != $result['hsts_sub'] || $hsts_preload != $result['hsts_preload'] || $phpsettingid != $result['phpsettingid'] || $http2 != $result['http2']) {
$stmt = Database::prepare("
UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
`documentroot` = :documentroot,
@@ -838,8 +802,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
`hsts` = :hsts,
`hsts_sub` = :hsts_sub,
`hsts_preload` = :hsts_preload,
`phpsettingid` = :phpsettingid,
`speciallogfile` = :speciallogfile
`phpsettingid` = :phpsettingid
WHERE `customerid`= :customerid AND `id`= :id
");
$params = [
@@ -857,7 +820,6 @@ class SubDomains extends ApiCommand implements ResourceEntity
"hsts_sub" => $hsts_sub,
"hsts_preload" => $hsts_preload,
"phpsettingid" => $phpsettingid,
"speciallogfile" => $speciallogfile,
"customerid" => $customer['customerid'],
"id" => $id
];
@@ -903,7 +865,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
}
/**
* lists all customer domain/subdomain entries
* lists all subdomain entries
*
* @param bool $with_ips
* optional, default true
@@ -948,12 +910,17 @@ class SubDomains extends ApiCommand implements ResourceEntity
$custom_list_result = $_custom_list_result['list'];
}
$customer_ids = [];
$customer_stdsubs = [];
foreach ($custom_list_result as $customer) {
$customer_ids[] = $customer['customerid'];
$customer_stdsubs[$customer['customerid']] = $customer['standardsubdomain'];
}
if (empty($customer_ids)) {
throw new Exception("Required resource unsatisfied.", 405);
}
if (empty($customer_stdsubs)) {
throw new Exception("Required resource unsatisfied.", 405);
}
$select_fields = [
'`d`.*'
@@ -965,6 +932,9 @@ class SubDomains extends ApiCommand implements ResourceEntity
$customer_ids = [
$this->getUserDetail('customerid')
];
$customer_stdsubs = [
$this->getUserDetail('customerid') => $this->getUserDetail('standardsubdomain')
];
$select_fields = [
'`d`.`id`',
@@ -979,8 +949,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
'`d`.`parentdomainid`',
'`d`.`letsencrypt`',
'`d`.`registration_date`',
'`d`.`termination_date`',
'`d`.`deactivated`'
'`d`.`termination_date`'
];
}
$query_fields = [];
@@ -994,7 +963,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `pd` ON `pd`.`id`=`d`.`parentdomainid`
WHERE `d`.`customerid` IN (" . implode(', ', $customer_ids) . ")
AND `d`.`email_only` = '0'
" . $this->getSearchWhere($query_fields, true) . " GROUP BY `d`.`id` ORDER BY `parentdomainname` ASC, `d`.`parentdomainid` ASC " . $this->getOrderBy(true) . $this->getLimit());
AND `d`.`id` NOT IN (" . implode(', ', $customer_stdsubs) . ")" . $this->getSearchWhere($query_fields, true) . " GROUP BY `d`.`id` ORDER BY `parentdomainname` ASC, `d`.`parentdomainid` ASC " . $this->getOrderBy(true) . $this->getLimit());
$result = [];
Database::pexecute($domains_stmt, $query_fields, true, true);
@@ -1094,7 +1063,6 @@ class SubDomains extends ApiCommand implements ResourceEntity
$this->getUserDetail('customerid') => $this->getUserDetail('standardsubdomain')
];
}
if (!empty($customer_ids)) {
// prepare select statement
$domains_stmt = Database::prepare("
SELECT COUNT(*) as num_subdom
@@ -1107,7 +1075,6 @@ class SubDomains extends ApiCommand implements ResourceEntity
if ($result) {
return $this->response($result['num_subdom']);
}
}
return $this->response(0);
}

4
lib/Froxlor/Api/FroxlorRPC.php
View File

@@ -112,11 +112,11 @@ class FroxlorRPC
*
* @return bool
*/
public static function validateAllowedFrom(array $allowed_from, string $remote_addr): bool
private static function validateAllowedFrom(array $allowed_from, string $remote_addr): bool
{
// shorten IP for comparison
$remote_addr = inet_ntop(inet_pton($remote_addr));
// check for direct matches
// check for diret matches
if (in_array($remote_addr, $allowed_from)) {
return true;
}

53
lib/Froxlor/Backup/Backup.php
View File

@@ -1,53 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, you can also view it online at
* https://files.froxlor.org/misc/COPYING.txt
*
* @copyright the authors
* @author Froxlor team <team@froxlor.org>
* @license https://files.froxlor.org/misc/COPYING.txt GPLv2
*/
namespace Froxlor\Backup;
use Froxlor\Database\Database;
use PDO;
class Backup
{
/**
* returns an array of existing backup-storages
* in our database for the settings-array
*
* @return array
*/
public static function getBackupStorages(): array
{
$storages_array = [
0 => lng('backup.storage_none')
];
// get all storages
$result_stmt = Database::query("SELECT id, type, description FROM `" . TABLE_PANEL_BACKUP_STORAGES . "` ORDER BY type, description");
while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
if (!isset($storages_array[$row['id']]) && !in_array($row['id'], $storages_array)) {
$storages_array[$row['id']] = "[" . $row['type'] . "] " . html_entity_decode($row['description']);
}
}
return $storages_array;
}
}

102
lib/Froxlor/Backup/Storages/Ftp.php
View File

@@ -1,102 +0,0 @@
<?php
namespace Froxlor\Backup\Storages;
use Exception;
use Froxlor\FileDir;
class Ftp extends Storage
{
private $ftp_conn = null;
/**
* @return bool
* @throws Exception
*/
public function init(): bool
{
$hostname = $this->sData['storage']['hostname'] ?? '';
$username = $this->sData['storage']['username'] ?? '';
$password = $this->sData['storage']['password'] ?? '';
if (!empty($hostname) && !empty($username) && !empty($password)) {
$tmp = explode(":", $hostname);
$hostname = $tmp[0];
$port = $tmp[1] ?? 21;
$this->ftp_conn = ftp_connect($hostname, $port);
if ($this->ftp_conn === false) {
throw new Exception('Unable to connect to ftp-server "' . $hostname . ':' . $port . '"');
}
if (!ftp_login($this->ftp_conn, $username, $password)) {
throw new Exception('Unable to login to ftp-server "' . $hostname . ':' . $port . '"');
}
return $this->changeToCorrectDirectory();
}
throw new Exception('Empty hostname for FTP backup storage');
}
/**
* Move/Upload file from tmp-source-directory. The file should be moved or deleted afterward.
* Must return the (relative) path including filename to the backup.
*
* @param string $filename
* @param string $tmp_source_directory
* @return string
* @throws Exception
*/
protected function putFile(string $filename, string $tmp_source_directory): string
{
$source = FileDir::makeCorrectFile($tmp_source_directory . "/" . $filename);
if (file_exists($source) && ftp_size($this->ftp_conn, $filename) == -1) {
if (ftp_put($this->ftp_conn, $filename, $source, FTP_BINARY)) {
return FileDir::makeCorrectFile($this->getDestinationDirectory() . '/' . $filename);
}
}
return "";
}
/**
* @param string $filename
* @return bool
* @throws Exception
*/
protected function rmFile(string $filename): bool
{
$target = basename($filename);
if (ftp_size($this->ftp_conn, $target) >= 0) {
return ftp_delete($this->ftp_conn, $target);
}
return true;
}
/**
* @return bool
*/
public function shutdown(): bool
{
return ftp_close($this->ftp_conn);
}
/**
* @return bool
* @throws Exception
*/
private function changeToCorrectDirectory(): bool
{
$dirs = explode("/", $this->getDestinationDirectory());
array_shift($dirs);
if (count($dirs) > 0 && !empty($dirs[0])) {
foreach ($dirs as $dir) {
if (empty($dir)) {
continue;
}
if (!@ftp_chdir($this->ftp_conn, $dir)) {
ftp_mkdir($this->ftp_conn, $dir);
ftp_chmod($this->ftp_conn, 0700, $dir);
ftp_chdir($this->ftp_conn, $dir);
}
}
return true;
}
return ftp_chdir($this->ftp_conn, "/");
}
}

64
lib/Froxlor/Backup/Storages/Local.php
View File

@@ -1,64 +0,0 @@
<?php
namespace Froxlor\Backup\Storages;
use Exception;
use Froxlor\FileDir;
class Local extends Storage
{
/**
* @throws Exception
*/
public function init(): bool
{
// create destination_path
if (!file_exists($this->getDestinationDirectory())) {
return mkdir($this->getDestinationDirectory(), 0700, true);
}
return true;
}
/**
* Move/Upload file from tmp-source-directory. The file should be moved or deleted afterward.
* Must return the (relative) path including filename to the backup.
*
* @param string $filename
* @param string $tmp_source_directory
* @return string
* @throws Exception
*/
protected function putFile(string $filename, string $tmp_source_directory): string
{
$source = FileDir::makeCorrectFile($tmp_source_directory . "/" . $filename);
$target = FileDir::makeCorrectFile($this->getDestinationDirectory() . "/" . $filename);
if (file_exists($source) && !file_exists($target)) {
rename($source, $target);
return $target;
}
return "";
}
/**
* @param string $filename
* @return bool
* @throws Exception
*/
protected function rmFile(string $filename): bool
{
$target = FileDir::makeCorrectFile($this->getDestinationDirectory() . "/" . $filename);
if (file_exists($target)) {
return @unlink($target);
}
return true;
}
/**
* @return bool
*/
public function shutdown(): bool
{
return true;
}
}

45
lib/Froxlor/Backup/Storages/Rsync.php
View File

@@ -1,45 +0,0 @@
<?php
namespace Froxlor\Backup\Storages;
class Rsync extends Storage
{
/**
* @return bool
*/
public function init(): bool
{
// TODO: Implement init() method.
}
/**
* Move/Upload file from tmp-source-directory. The file should be moved or deleted afterward.
* Must return the (relative) path including filename to the backup.
*
* @param string $filename
* @param string $tmp_source_directory
* @return string
*/
protected function putFile(string $filename, string $tmp_source_directory): string
{
return "";
}
/**
* @param string $filename
* @return bool
*/
protected function rmFile(string $filename): bool
{
// TODO: Implement removeOld() method.
}
/**
* @return bool
*/
public function shutdown(): bool
{
return true;
}
}

45
lib/Froxlor/Backup/Storages/S3.php
View File

@@ -1,45 +0,0 @@
<?php
namespace Froxlor\Backup\Storages;
class S3 extends Storage
{
/**
* @return bool
*/
public function init(): bool
{
// TODO: Implement init() method.
}
/**
* Move/Upload file from tmp-source-directory. The file should be moved or deleted afterward.
* Must return the (relative) path including filename to the backup.
*
* @param string $filename
* @param string $tmp_source_directory
* @return string
*/
protected function putFile(string $filename, string $tmp_source_directory): string
{
return "";
}
/**
* @param string $filename
* @return bool
*/
protected function rmFile(string $filename): bool
{
// TODO: Implement removeOld() method.
}
/**
* @return bool
*/
public function shutdown(): bool
{
return true;
}
}

45
lib/Froxlor/Backup/Storages/Sftp.php
View File

@@ -1,45 +0,0 @@
<?php
namespace Froxlor\Backup\Storages;
class Sftp extends Storage
{
/**
* @return bool
*/
public function init(): bool
{
// TODO: Implement init() method.
}
/**
* Move/Upload file from tmp-source-directory. The file should be moved or deleted afterward.
* Must return the (relative) path including filename to the backup.
*
* @param string $filename
* @param string $tmp_source_directory
* @return string
*/
protected function putFile(string $filename, string $tmp_source_directory): string
{
return "";
}
/**
* @param string $filename
* @return bool
*/
protected function rmFile(string $filename): bool
{
// TODO: Implement removeOld() method.
}
/**
* @return bool
*/
public function shutdown(): bool
{
return true;
}
}

281
lib/Froxlor/Backup/Storages/Storage.php
View File

@@ -1,281 +0,0 @@
<?php
namespace Froxlor\Backup\Storages;
use Exception;
use Froxlor\Database\Database;
use Froxlor\FileDir;
abstract class Storage
{
private string $tmpDirectory;
protected array $sData;
protected array $filesToStore;
/**
* @throws Exception
*/
public function __construct(array $storage_data)
{
$this->sData = $storage_data;
$this->tmpDirectory = FileDir::makeCorrectDir(sys_get_temp_dir() . '/backup-' . $this->sData['loginname']);
}
/**
* Validate sData, open connection to target storage, etc.
*
* @return bool
*/
abstract public function init(): bool;
/**
* Disconnect / clean up connection if needed
*
* @return bool
*/
abstract public function shutdown(): bool;
/**
* prepare files to back up (e.g. create archive or similar) and fill $filesToStore
*
* @return void
* @throws Exception
*/
public function prepareFiles(): void
{
$this->filesToStore = [];
$tmpdir = FileDir::makeCorrectDir($this->tmpDirectory . '/.tmp/');
FileDir::safe_exec('mkdir -p ' . escapeshellarg($tmpdir));
// create archive of web, mail and database data
$this->prepareWebData();
$this->prepareDatabaseData();
$this->prepareMailData();
// create json-info-file
}
/**
* @throws Exception
*/
private function prepareWebData(): void
{
$tmpdir = FileDir::makeCorrectDir($this->tmpDirectory . '/.tmp/web');
FileDir::safe_exec('mkdir -p ' . escapeshellarg($tmpdir));
FileDir::safe_exec('tar cfz ' . escapeshellarg(FileDir::makeCorrectFile($tmpdir . '/' . $this->sData['loginname'] . '-web.tar.gz')) . ' -C ' . escapeshellarg($this->sData['documentroot']) . ' .');
$this->filesToStore[] = FileDir::makeCorrectFile($tmpdir . '/' . $this->sData['loginname'] . '-web.tar.gz');
}
/**
* @throws Exception
*/
private function prepareDatabaseData(): void
{
$tmpdir = FileDir::makeCorrectDir($this->tmpDirectory . '/.tmp/mysql');
FileDir::safe_exec('mkdir -p ' . escapeshellarg($tmpdir));
// get all customer database-names
$sel_stmt = Database::prepare("
SELECT `databasename`, `dbserver` FROM `" . TABLE_PANEL_DATABASES . "`
WHERE `customerid` = :cid ORDER BY `dbserver`
");
Database::pexecute($sel_stmt, [
'cid' => $this->sData['customerid']
]);
$has_dbs = false;
$current_dbserver = -1;
while ($row = $sel_stmt->fetch()) {
// Get sql_root data for the specific database-server the database resides on
if ($current_dbserver != $row['dbserver']) {
Database::needRoot(true, $row['dbserver']);
Database::needSqlData();
$sql_root = Database::getSqlData();
Database::needRoot(false);
// create temporary mysql-defaults file for the connection-credentials/details
$mysqlcnf_file = tempnam("/tmp", "frx");
$mysqlcnf = "[mysqldump]\npassword=" . $sql_root['passwd'] . "\nhost=" . $sql_root['host'] . "\n";
if (!empty($sql_root['port'])) {
$mysqlcnf .= "port=" . $sql_root['port'] . "\n";
} elseif (!empty($sql_root['socket'])) {
$mysqlcnf .= "socket=" . $sql_root['socket'] . "\n";
}
file_put_contents($mysqlcnf_file, $mysqlcnf);
}
$bool_false = false;
FileDir::safe_exec('mysqldump --defaults-file=' . escapeshellarg($mysqlcnf_file) . ' -u ' . escapeshellarg($sql_root['user']) . ' ' . $row['databasename'] . ' > ' . FileDir::makeCorrectFile($tmpdir . '/' . $row['databasename'] . '_' . date('YmdHi', time()) . '.sql'), $bool_false, [
'>'
]);
$has_dbs = true;
$current_dbserver = $row['dbserver'];
}
if ($has_dbs) {
$this->filesToStore[] = $tmpdir;
}
if (@file_exists($mysqlcnf_file)) {
@unlink($mysqlcnf_file);
}
}
private function prepareMailData(): void
{
$tmpdir = FileDir::makeCorrectDir($this->tmpDirectory . '/.tmp/mail');
FileDir::safe_exec('mkdir -p ' . escapeshellarg($tmpdir));
// get all customer mail-accounts
$sel_stmt = Database::prepare("
SELECT `homedir`, `maildir` FROM `" . TABLE_MAIL_USERS . "`
WHERE `customerid` = :cid
");
Database::pexecute($sel_stmt, [
'cid' => $this->sData['customerid']
]);
$tar_file_list = "";
$mail_homedir = "";
while ($row = $sel_stmt->fetch()) {
$tar_file_list .= escapeshellarg("./" . $row['maildir']) . " ";
if (empty($mail_homedir)) {
// this should be equal for all entries
$mail_homedir = $row['homedir'];
}
}
if (!empty($tar_file_list)) {
FileDir::safe_exec('tar cfz ' . escapeshellarg(FileDir::makeCorrectFile($tmpdir . '/' . $this->sData['loginname'] . '-mail.tar.gz')) . ' -C ' . escapeshellarg($mail_homedir) . ' ' . trim($tar_file_list));
$this->filesToStore[] = FileDir::makeCorrectFile($tmpdir . '/' . $this->sData['loginname'] . '-mail.tar.gz');
}
}
/**
* Move/Upload file from tmp-source-directory. The file should be moved or deleted afterward.
* Must return the (relative) path including filename to the backup.
*
* @param string $filename
* @param string $tmp_source_directory
* @return string
*/
abstract protected function putFile(string $filename, string $tmp_source_directory): string;
/**
* @param string $filename
* @return bool
*/
abstract protected function rmFile(string $filename): bool;
/**
* @return bool
* @throws Exception
*/
public function removeOld(): bool
{
// retention in days
$retention = $this->sData['storage']['retention'] ?? 3;
// keep date
$keepDate = new \DateTime();
$keepDate->setTime(0, 0, 0, 1);
// subtract retention days
$keepDate->sub(new \DateInterval('P' . $retention . 'D'));
// select target backups to remove for this storage-id and customer
$sel_stmt = Database::prepare("
SELECT * FROM `" . TABLE_PANEL_BACKUPS . "`
WHERE `created_at` < :keepdate
AND `storage_id` = :sid
AND `customerid` = :cid
");
Database::pexecute($sel_stmt, [
'keepdate' => $keepDate->format('U'),
'sid' => $this->sData['backup'],
'cid' => $this->sData['customerid']
]);
while ($oldBackup = $sel_stmt->fetch(\PDO::FETCH_ASSOC)) {
$this->rmFile($oldBackup['filename']);
}
}
/**
* Returns the storage configured destination path for all backups
*
* @return string
* @throws Exception
*/
public function getDestinationDirectory(): string
{
return FileDir::makeCorrectDir($this->sData['storage']['destination_path'] ?? "/");
}
/**
* Create backup-archive/file from $filesToStore and call putFile()
*
* @return bool
* @throws Exception
*/
public function createFromFiles(): bool
{
if (empty($this->filesToStore)) {
return false;
}
$filename = FileDir::makeCorrectFile($this->tmpDirectory . "/backup-" . $this->sData['loginname'] . "-" . date('c') . ".tar.gz");
$tmpdir = FileDir::makeCorrectDir($this->tmpDirectory . '/.tmp/');
$create_export_tar_data = implode(" ", $this->filesToStore);
FileDir::safe_exec('chown -R ' . (int)$this->sData['guid'] . ':' . (int)$this->sData['guid'] . ' ' . escapeshellarg($tmpdir));
if (!empty($data['pgp_public_key'])) {
// pack all archives in tmp-dir to one archive and encrypt it with gpg
$recipient_file = FileDir::makeCorrectFile($this->tmpDirectory . '/' . $this->sData['loginname'] . '-recipients.gpg');
file_put_contents($recipient_file, $data['pgp_public_key']);
$return_value = [];
FileDir::safe_exec('tar cfz - -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_export_tar_data) . ' | gpg --encrypt --recipient-file ' . escapeshellarg($recipient_file) . ' --output ' . escapeshellarg($filename) . ' --trust-model always --batch --yes', $return_value, ['|']);
} else {
// pack all archives in tmp-dir to one archive
FileDir::safe_exec('tar cfz ' . escapeshellarg($filename) . ' -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_export_tar_data));
}
// determine filesize (use stat locally here b/c files are possibly large and php's filesize() can't handle them)
$fileSizeOutput = FileDir::safe_exec('/usr/bin/stat -c "%s" ' . escapeshellarg($filename));
$fileSize = (int)array_shift($fileSizeOutput);
// add entry to database and upload/store file
FileDir::safe_exec('rm -rf ' . escapeshellarg($tmpdir));
$fileDest = $this->putFile(basename($filename), $this->tmpDirectory);
if (!empty($fileDest)) {
$this->addEntry($fileDest, $fileSize);
return true;
}
return false;
}
/**
* @param string $filename
* @param int $fileSize
* @return void
* @throws Exception
*/
private function addEntry(string $filename, int $fileSize): void
{
$ins_stmt = Database::prepare("
INSERT INTO `" . TABLE_PANEL_BACKUPS . "` SET
`adminid` = :adminid,
`customerid` = :customerid,
`loginname` = :loginname,
`size` = :size,
`storage_id` = :sid,
`filename` = :filename,
`created_at` = UNIX_TIMESTAMP()
");
Database::pexecute($ins_stmt, [
'adminid' => $this->sData['adminid'],
'customerid' => $this->sData['customerid'],
'loginname' => $this->sData['loginname'],
'size' => $fileSize,
'sid' => $this->sData['backup'],
'filename' => $filename
]);
}
}

39
lib/Froxlor/Backup/Storages/StorageFactory.php
View File

@@ -1,39 +0,0 @@
<?php
namespace Froxlor\Backup\Storages;
use Exception;
use Froxlor\Database\Database;
class StorageFactory
{
public static function fromType(string $type, array $storage_data): Storage
{
$type = "\\Froxlor\\Backup\\Storages\\" . ucfirst($type);
return new $type($storage_data);
}
/**
* @throws Exception
*/
public static function fromStorageId(int $storage_id, array $user_data): Storage
{
$storage = self::readStorageData($storage_id);
$storage_data = $user_data;
$storage_data['storage'] = $storage;
return self::fromType($storage['type'], $storage_data);
}
/**
* @throws Exception
*/
private static function readStorageData(int $storage_id): array
{
$stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_BACKUP_STORAGES . "` WHERE `id` = :bid");
$storage = Database::pexecute_first($stmt, ['bid' => $storage_id]);
if (empty($storage)) {
throw new Exception("Invalid/empty backup-storage. Unable to continue");
}
return $storage;
}
}

2
lib/Froxlor/Cli/ConfigServices.php
View File

@@ -42,7 +42,7 @@ final class ConfigServices extends CliCommand
{
private $yes_to_all_supported = [
'bookworm',
/* 'bookworm', */
'bionic',
'bullseye',
'buster',

10
lib/Froxlor/Cli/MasterCron.php
View File

@@ -52,7 +52,7 @@ final class MasterCron extends CliCommand
$this->setDescription('Regulary perform tasks created by froxlor');
$this->addArgument('job', InputArgument::IS_ARRAY, 'Job(s) to run');
$this->addOption('run-task', 'r', InputOption::VALUE_REQUIRED | InputOption::VALUE_IS_ARRAY, 'Run a specific task [1 = re-generate configs, 4 = re-generate dns zones, 10 = re-set quotas, 99 = re-create cron.d-file]')
->addOption('force', 'f', InputOption::VALUE_NONE, 'Forces given job or, if none given, forces re-generating of config-files (webserver, nameserver, etc.)')
->addOption('force', 'f', InputOption::VALUE_NONE, 'Forces re-generating of config-files (webserver, nameserver, etc.)')
->addOption('debug', 'd', InputOption::VALUE_NONE, 'Output debug information about what is going on to STDOUT.')
->addOption('no-fork', 'N', InputOption::VALUE_NONE, 'Do not fork to background (traffic cron only).');
}
@@ -71,13 +71,12 @@ final class MasterCron extends CliCommand
// handle force option
if ($input->getOption('force')) {
if (empty($jobs) || in_array('tasks', $jobs)) {
// rebuild all config files
Cronjob::inserttask(TaskId::REBUILD_VHOST);
Cronjob::inserttask(TaskId::REBUILD_DNS);
Cronjob::inserttask(TaskId::CREATE_QUOTA);
Cronjob::inserttask(TaskId::REBUILD_CRON);
array_push($jobs, 'tasks');
}
define('CRON_IS_FORCED', 1);
}
// handle debug option
@@ -92,7 +91,7 @@ final class MasterCron extends CliCommand
if ($input->getOption('run-task')) {
$tasks_to_run = $input->getOption('run-task');
foreach ($tasks_to_run as $ttr) {
if (in_array($ttr, [TaskId::REBUILD_VHOST, TaskId::REBUILD_DNS, TaskId::CREATE_QUOTA, TaskId::REBUILD_CRON])) {
if (in_array($ttr, [1, 4, 10, 99])) {
Cronjob::inserttask($ttr);
array_push($jobs, 'tasks');
} else {
@@ -167,9 +166,6 @@ final class MasterCron extends CliCommand
FroxlorLogger::getInstanceOf()->setCronLog(0);
}
// clean up possible old login-links
Database::query("DELETE FROM `" . TABLE_PANEL_LOGINLINKS . "` WHERE `valid_until` < UNIX_TIMESTAMP()");
return $result;
}

95
lib/Froxlor/Cron/Backup/BackupCron.php
View File

@@ -1,95 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, you can also view it online at
* https://files.froxlor.org/misc/COPYING.txt
*
* @copyright the authors
* @author Froxlor team <team@froxlor.org>
* @license https://files.froxlor.org/misc/COPYING.txt GPLv2
*/
namespace Froxlor\Cron\Backup;
use Exception;
use Froxlor\Backup\Storages\StorageFactory;
use Froxlor\Cron\Forkable;
use Froxlor\Cron\FroxlorCron;
use Froxlor\Database\Database;
use Froxlor\FroxlorLogger;
use Froxlor\Settings;
use PDO;
class BackupCron extends FroxlorCron
{
use Forkable;
public static function run()
{
if (!Settings::Get('backup.enabled')) {
FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'BackupCron: disabled - exiting');
return -1;
}
$stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_BACKUP_STORAGES . "`");
Database::pexecute($stmt);
$storages = [];
while ($storage = $stmt->fetch(PDO::FETCH_ASSOC)) {
$storages[$storage['id']] = $storage;
}
$stmt = Database::prepare("SELECT
customerid,
loginname,
adminid,
backup,
guid,
documentroot
FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `backup` > 0
");
Database::pexecute($stmt);
$customers = [];
while ($customer = $stmt->fetch(PDO::FETCH_ASSOC)) {
$customer['storage'] = $storages[$customer['backup']];
$customers[] = $customer;
}
self::runFork([self::class, 'handle'], $customers);
}
/**
* @throws Exception
*/
private static function handle(array $userdata)
{
echo "BackupCron: started - creating customer backup for user " . $userdata['loginname'] . "\n";
$backupStorage = StorageFactory::fromType($userdata['storage']['type'], $userdata);
// initialize storage
$backupStorage->init();
// do what is required to obtain files/archives and move/upload
$backupStorage->prepareFiles();
// upload/move to target
$backupStorage->createFromFiles();
// remove by retention
$backupStorage->removeOld();
echo "BackupCron: finished - creating customer backup for user " . $userdata['loginname'] . "\n";
}
}

6
lib/Froxlor/Cron/Dns/Bind.php
View File

@@ -62,8 +62,8 @@ class Bind extends DnsBase
$this->bindconf_file = '# ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf' . "\n" . '# Created ' . date('d.m.Y H:i') . "\n" . '# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.' . "\n\n";
foreach ($domains as $domain) {
if ($domain['is_child']) {
// domains that are subdomains to other main domains are handled by recursion within walkDomainList()
if ($domain['ismainbutsubto'] > 0) {
// domains with ismainbutsubto>0 are handled by recursion within walkDomainList()
continue;
}
$this->walkDomainList($domain, $domains);
@@ -114,7 +114,7 @@ class Bind extends DnsBase
$isFroxlorHostname = true;
}
if (!$domain['is_child']) {
if ($domain['ismainbutsubto'] == 0) {
$zoneContent = (string)Dns::createDomainZone(($domain['id'] == 'none') ? $domain : $domain['id'], $isFroxlorHostname);
$domain['zonefile'] = 'domains/' . $domain['domain'] . '.zone';
$zonefile_name = FileDir::makeCorrectFile(Settings::Get('system.bindconf_directory') . '/' . $domain['zonefile']);

32
lib/Froxlor/Cron/Dns/DnsBase.php
View File

@@ -26,7 +26,6 @@
namespace Froxlor\Cron\Dns;
use Froxlor\Database\Database;
use Froxlor\Domain\Domain;
use Froxlor\FileDir;
use Froxlor\FroxlorLogger;
use Froxlor\PhpHelper;
@@ -133,18 +132,16 @@ abstract class DnsBase
");
while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
$privkey_filename = FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim' . $domain['dkim_id'] . Settings::Get('dkim.privkeysuffix'));
$pubkey_filename = FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim' . $domain['dkim_id'] . '.public');
$privkey_filename = FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/mx.' . $domain['domain'] . '.' . Settings::Get('dkim.privkeysuffix'));
$pubkey_filename = FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/mx.' . $domain['domain'] . '.public');
if ($domain['dkim_privkey'] == '' || $domain['dkim_pubkey'] == '') {
$max_dkim_id_stmt = Database::query("SELECT MAX(`dkim_id`) as `max_dkim_id` FROM `" . TABLE_PANEL_DOMAINS . "`");
$max_dkim_id = $max_dkim_id_stmt->fetch(PDO::FETCH_ASSOC);
$domain['dkim_id'] = (int)$max_dkim_id['max_dkim_id'] + 1;
$privkey_filename = FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim' . $domain['dkim_id'] . Settings::Get('dkim.privkeysuffix'));
FileDir::safe_exec('openssl genrsa -out ' . escapeshellarg($privkey_filename) . ' ' . Settings::Get('dkim.dkim_keylength'));
$domain['dkim_privkey'] = file_get_contents($privkey_filename);
FileDir::safe_exec("chmod 0640 " . escapeshellarg($privkey_filename));
$pubkey_filename = FileDir::makeCorrectFile(Settings::Get('dkim.dkim_prefix') . '/dkim' . $domain['dkim_id'] . '.public');
FileDir::safe_exec('openssl rsa -in ' . escapeshellarg($privkey_filename) . ' -pubout -outform pem -out ' . escapeshellarg($pubkey_filename));
$domain['dkim_pubkey'] = file_get_contents($pubkey_filename);
FileDir::safe_exec("chmod 0664 " . escapeshellarg($pubkey_filename));
@@ -211,15 +208,16 @@ abstract class DnsBase
`d`.`dkim`,
`d`.`dkim_id`,
`d`.`dkim_pubkey`,
`d`.`ismainbutsubto`,
`c`.`loginname`,
`c`.`guid`
FROM
`" . TABLE_PANEL_DOMAINS . "` `d`
LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`)
WHERE
`d`.`isbinddomain` = '1'
`d`.`isbinddomain` = '1' aND `d`.`deactivated` = '0'
ORDER BY
LENGTH(`d`.`domain`), `d`.`domain` ASC
`d`.`domain` ASC
");
$domains = [];
@@ -241,6 +239,7 @@ abstract class DnsBase
'bindserial' => date('Ymd') . '00',
'dkim' => '0',
'iswildcarddomain' => '1',
'ismainbutsubto' => '0',
'zonefile' => '',
'froxlorhost' => '1'
];
@@ -256,23 +255,18 @@ abstract class DnsBase
if (!isset($domains[$key]['children'])) {
$domains[$key]['children'] = [];
}
if (!isset($domains[$key]['is_child'])) {
$domains[$key]['is_child'] = false;
}
$children = Domain::getMainSubdomainIds($key);
if (count($children) > 0) {
foreach ($children as $child) {
if (isset($domains[$child])) {
$domains[$key]['children'][] = $domains[$child]['id'];
$domains[$child]['is_child'] = true;
}
if ($domains[$key]['ismainbutsubto'] > 0) {
if (isset($domains[$domains[$key]['ismainbutsubto']])) {
$domains[$domains[$key]['ismainbutsubto']]['children'][] = $domains[$key]['id'];
} else {
$domains[$key]['ismainbutsubto'] = 0;
}
}
}
$this->logger->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, str_pad('domId', 9, ' ') . str_pad('domain', 40, ' ') . "list of child domain ids");
$this->logger->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, str_pad('domId', 9, ' ') . str_pad('domain', 40, ' ') . 'ismainbutsubto ' . str_pad('parent domain', 40, ' ') . "list of child domain ids");
foreach ($domains as $domain) {
$logLine = str_pad($domain['id'], 9, ' ') . str_pad($domain['domain'], 40, ' ') . join(', ', $domain['children']);
$logLine = str_pad($domain['id'], 9, ' ') . str_pad($domain['domain'], 40, ' ') . str_pad($domain['ismainbutsubto'], 15, ' ') . str_pad(((isset($domains[$domain['ismainbutsubto']])) ? $domains[$domain['ismainbutsubto']]['domain'] : '-'), 40, ' ') . join(', ', $domain['children']);
$this->logger->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, $logLine);
}

6
lib/Froxlor/Cron/Dns/PowerDNS.php
View File

@@ -50,8 +50,8 @@ class PowerDNS extends DnsBase
}
foreach ($domains as $domain) {
if ($domain['is_child']) {
// domains that are subdomains to other main domains are handled by recursion within walkDomainList()
if ($domain['ismainbutsubto'] > 0) {
// domains with ismainbutsubto>0 are handled by recursion within walkDomainList()
continue;
}
$this->walkDomainList($domain, $domains);
@@ -108,7 +108,7 @@ class PowerDNS extends DnsBase
$isFroxlorHostname = true;
}
if (!$domain['is_child']) {
if ($domain['ismainbutsubto'] == 0) {
$zoneContent = Dns::createDomainZone(($domain['id'] == 'none') ? $domain : $domain['id'], $isFroxlorHostname);
if (count($subzones)) {
foreach ($subzones as $subzone) {

57
lib/Froxlor/Cron/Forkable.php
View File

@@ -1,57 +0,0 @@
<?php
namespace Froxlor\Cron;
use Froxlor\Database\Database;
use Froxlor\FroxlorLogger;
trait Forkable
{
public static function runFork($closure, array $attributes = [], int $concurrentChildren = 3)
{
$childrenPids = [];
// We only fork if pcntl_fork is available and nofork flag is not set
if (function_exists('pcntl_fork') && !defined('CRON_NOFORK_FLAG')) {
foreach ($attributes as $closureAttributes) {
// We close the database - connection before we fork, so we don't share resources with the child
Database::needRoot(false); // this forces the connection to be set to null
$pid = pcntl_fork();
if ($pid == -1) {
exit("Error forking...\n");
} elseif ($pid == 0) {
// re-create db
Database::needRoot(false);
$closure($closureAttributes);
exit();
} else {
$childrenPids[] = $pid;
while (count($childrenPids) >= $concurrentChildren) {
foreach ($childrenPids as $key => $pid) {
$res = pcntl_waitpid($pid, $status, WNOHANG);
// If the process has already exited
if ($res == -1 || $res > 0) {
unset($childrenPids[$key]);
}
}
sleep(1);
}
}
}
while (pcntl_waitpid(0, $status) != -1);
} else {
if (!defined('CRON_NOFORK_FLAG')) {
if (extension_loaded('pcntl')) {
$msg = "PHP compiled with pcntl but pcntl_fork function is not available.";
} else {
$msg = "PHP compiled without pcntl.";
}
FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_WARNING, $msg . " Not forking " . self::class . ", this may take a long time!");
}
foreach ($attributes as $closureAttributes) {
$closure($closureAttributes);
}
}
}
}

23
lib/Froxlor/Cron/Http/Apache.php
View File

@@ -630,6 +630,29 @@ class Apache extends HttpConfigBase
}
}
/**
* Get the filename for the virtualhost
*/
protected function getVhostFilename($domain, $ssl_vhost = false)
{
if ((int)$domain['parentdomainid'] == 0 && Domain::isCustomerStdSubdomain((int)$domain['id']) == false && ((int)$domain['ismainbutsubto'] == 0 || Domain::domainMainToSubExists($domain['ismainbutsubto']) == false)) {
$vhost_no = '35';
} elseif ((int)$domain['parentdomainid'] == 0 && Domain::isCustomerStdSubdomain((int)$domain['id']) == false && (int)$domain['ismainbutsubto'] > 0) {
$vhost_no = '30';
} else {
// number of dots in a domain specifies it's position (and depth of subdomain) starting at 29 going downwards on higher depth
$vhost_no = (string)(30 - substr_count($domain['domain'], ".") + 1);
}
if ($ssl_vhost === true) {
$vhost_filename = FileDir::makeCorrectFile(Settings::Get('system.apacheconf_vhost') . '/' . $vhost_no . '_froxlor_ssl_vhost_' . $domain['domain'] . '.conf');
} else {
$vhost_filename = FileDir::makeCorrectFile(Settings::Get('system.apacheconf_vhost') . '/' . $vhost_no . '_froxlor_normal_vhost_' . $domain['domain'] . '.conf');
}
return $vhost_filename;
}
/**
* We compose the virtualhost entry for one domain
*/

15
lib/Froxlor/Cron/Http/HttpConfigBase.php
View File

@@ -28,7 +28,6 @@ namespace Froxlor\Cron\Http;
use Froxlor\Cron\Http\LetsEncrypt\AcmeSh;
use Froxlor\Cron\Http\Php\Fpm;
use Froxlor\Database\Database;
use Froxlor\Domain\Domain;
use Froxlor\FileDir;
use Froxlor\Froxlor;
use Froxlor\FroxlorLogger;
@@ -188,18 +187,4 @@ class HttpConfigBase
}
return false;
}
/**
* Get the filename for the virtualhost
*/
protected function getVhostFilename(array $domain, bool $ssl_vhost = false, bool $filename_only = false)
{
// number of dots in a domain specifies its position (and depth of subdomain) starting at 35 going downwards on higher depth
$vhost_no = (string)(35 - substr_count($domain['domain'], ".") + 1);
$filename = $vhost_no . '_froxlor_' . ($ssl_vhost ? 'ssl' : 'normal') . '_vhost_' . $domain['domain'] . '.conf';
if ($filename_only) {
return $filename;
}
return FileDir::makeCorrectFile(Settings::Get('system.apacheconf_vhost') . '/' . $filename);
}
}

15
lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php
View File

@@ -556,10 +556,6 @@ EOC;
Settings::Set('system.le_froxlor_enabled', 0);
}
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_WARNING, "Let's Encrypt deactivated for domain " . $domain);
if (!defined('CRON_IS_FORCED') && !defined('CRON_DEBUG_FLAG')) {
// email info to admin that lets encrypt has been disabled for this domain
Cronjob::notifyMailToAdmin("Let's Encrypt has been deactivated for domain '" . $domain . "' due to failed dns validation (wrong or no IP address)");
}
}
}
}
@@ -590,22 +586,13 @@ EOC;
$acmesh_cmd .= " --debug";
}
$exit_code = null;
$acme_result = FileDir::safe_exec($acmesh_cmd, $exit_code);
$acme_result = FileDir::safe_exec($acmesh_cmd);
// debug output of acme.sh run
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, implode("\n", $acme_result));
if ($exit_code != 0) {
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, "Non-successful exit-code returned :(");
if (!defined('CRON_IS_FORCED') && !defined('CRON_DEBUG_FLAG')) {
Cronjob::notifyMailToAdmin("Let's Encrypt certificate could not be obtained for: " . implode(", ", $domains) . "\n\n" . implode("\n", $acme_result));
}
} else {
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, "Successful exit-code returned - storing certificate");
self::certToDb($certrow, $cronlog, $acme_result);
}
}
}
private static function certToDb($certrow, &$cronlog, $acme_result)
{

21
lib/Froxlor/Cron/Http/Lighttpd.php
View File

@@ -336,9 +336,24 @@ class Lighttpd extends HttpConfigBase
$_pos = strrpos($_tmp_path, '/');
$_inc_path = substr($_tmp_path, $_pos + 1);
$filename = self::getVhostFilename($domain, ($ssl == '1'), true);
$vhost_filename = FileDir::makeCorrectFile(Settings::Get('system.apacheconf_vhost') . '/vhosts/' . $filename);
$included_vhosts[] = $_inc_path . '/vhosts/' . $filename;
// maindomain
if ((int)$domain['parentdomainid'] == 0 && Domain::isCustomerStdSubdomain((int)$domain['id']) == false && ((int)$domain['ismainbutsubto'] == 0 || Domain::domainMainToSubExists($domain['ismainbutsubto']) == false)) {
$vhost_no = '50';
} elseif ((int)$domain['parentdomainid'] == 0 && Domain::isCustomerStdSubdomain((int)$domain['id']) == false && (int)$domain['ismainbutsubto'] > 0) {
// sub-but-main-domain
$vhost_no = '51';
} else {
// subdomains
// number of dots in a domain specifies it's position (and depth of subdomain) starting at 89 going downwards on higher depth
$vhost_no = (string)(90 - substr_count($domain['domain'], ".") + 1);
}
if ($ssl == '1') {
$vhost_no = (int)$vhost_no += 10;
}
$vhost_filename = FileDir::makeCorrectFile(Settings::Get('system.apacheconf_vhost') . '/vhosts/' . $vhost_no . '_' . $domain['domain'] . '.conf');
$included_vhosts[] = $_inc_path . '/vhosts/' . $vhost_no . '_' . $domain['domain'] . '.conf';
}
if (!isset($this->lighttpd_data[$vhost_filename])) {

28
lib/Froxlor/Cron/Http/Nginx.php
View File

@@ -467,6 +467,26 @@ class Nginx extends HttpConfigBase
}
}
protected function getVhostFilename($domain, $ssl_vhost = false)
{
if ((int)$domain['parentdomainid'] == 0 && Domain::isCustomerStdSubdomain((int)$domain['id']) == false && ((int)$domain['ismainbutsubto'] == 0 || Domain::domainMainToSubExists($domain['ismainbutsubto']) == false)) {
$vhost_no = '35';
} elseif ((int)$domain['parentdomainid'] == 0 && Domain::isCustomerStdSubdomain((int)$domain['id']) == false && (int)$domain['ismainbutsubto'] > 0) {
$vhost_no = '30';
} else {
// number of dots in a domain specifies it's position (and depth of subdomain) starting at 29 going downwards on higher depth
$vhost_no = (string)(30 - substr_count($domain['domain'], ".") + 1);
}
if ($ssl_vhost === true) {
$vhost_filename = FileDir::makeCorrectFile(Settings::Get('system.apacheconf_vhost') . '/' . $vhost_no . '_froxlor_ssl_vhost_' . $domain['domain'] . '.conf');
} else {
$vhost_filename = FileDir::makeCorrectFile(Settings::Get('system.apacheconf_vhost') . '/' . $vhost_no . '_froxlor_normal_vhost_' . $domain['domain'] . '.conf');
}
return $vhost_filename;
}
protected function getVhostContent($domain, $ssl_vhost = false)
{
if ($ssl_vhost === true && $domain['ssl'] != '1' && $domain['ssl_redirect'] != '1') {
@@ -863,13 +883,7 @@ class Nginx extends HttpConfigBase
// remove comments
$vhost = implode("\n", preg_replace('/^(\s+)?#(.*)$/', '', explode("\n", $vhost)));
// Break blocks into lines
$vhost = str_replace([
"{",
"}"
], [
" {\n",
"\n}"
], $vhost);
$vhost = preg_replace("/^(\s+)?location(.+)\{(.+)\}$/misU", "location $2 {\n $3 \n}", $vhost);
// Break into array items
$vhost = explode("\n", preg_replace('/[ \t]+/', ' ', trim(preg_replace('/\t+/', '', $vhost))));
// Remove empty lines

2
lib/Froxlor/Cron/Http/Php/Fpm.php
View File

@@ -289,7 +289,7 @@ pm.max_children = 1
}
}
// now check if 'sendmail_path' has not been set in the custom-php.ini
// now check if 'sendmail_path' has not beed set in the custom-php.ini
// if not we use our fallback-default as usual
if (strpos($fpm_config, 'php_admin_value[sendmail_path]') === false) {
$fpm_config .= 'php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f ' . $this->domain['email'] . "\n";

125
lib/Froxlor/Cron/System/ExportCron.php → lib/Froxlor/Cron/System/BackupCron.php
View File

@@ -25,37 +25,70 @@
namespace Froxlor\Cron\System;
use Exception;
use Froxlor\Cron\Forkable;
use Froxlor\Cron\FroxlorCron;
use Froxlor\Database\Database;
use Froxlor\FileDir;
use Froxlor\FroxlorLogger;
use Froxlor\Settings;
class ExportCron extends FroxlorCron
class BackupCron extends FroxlorCron
{
use Forkable;
public static function run()
{
FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'ExportCron: started - creating customer data export');
// Check Traffic-Lock
if (function_exists('pcntl_fork')) {
$BackupLock = FileDir::makeCorrectFile(dirname(self::getLockfile()) . "/froxlor_cron_backup.lock");
if (file_exists($BackupLock) && is_numeric($BackupPid = file_get_contents($BackupLock))) {
if (function_exists('posix_kill')) {
$BackupPidStatus = @posix_kill($BackupPid, 0);
} else {
system("kill -CHLD " . $BackupPid . " 1> /dev/null 2> /dev/null", $BackupPidStatus);
$BackupPidStatus = !$BackupPidStatus;
}
if ($BackupPidStatus) {
FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'Backup run already in progress');
return 1;
}
}
// Create Backup Log and Fork
// We close the database - connection before we fork, so we don't share resources with the child
Database::needRoot(false); // this forces the connection to be set to null
$BackupPid = pcntl_fork();
// Parent
if ($BackupPid) {
file_put_contents($BackupLock, $BackupPid);
// unnecessary to recreate database connection here
return 0;
} elseif ($BackupPid == 0) {
// Child
posix_setsid();
// re-create db
Database::needRoot(false);
} else {
// Fork failed
return 1;
}
} else {
if (extension_loaded('pcntl')) {
$msg = "PHP compiled with pcntl but pcntl_fork function is not available.";
} else {
$msg = "PHP compiled without pcntl.";
}
FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_WARNING, $msg . " Not forking backup-cron, this may take a long time!");
}
FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'BackupCron: started - creating customer backup');
$result_tasks_stmt = Database::query("
SELECT * FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '20' ORDER BY `id` ASC
");
$all_jobs = $result_tasks_stmt->fetchAll();
if (!empty($all_jobs)) {
self::runFork([self::class, 'handle'], $all_jobs);
}
}
public static function handle(array $row)
{
$del_stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_TASKS . "` WHERE `id` = :id");
$cronlog = FroxlorLogger::getInstanceOf();
$cronlog = FroxlorLogger::getInstanceOf();
$all_jobs = $result_tasks_stmt->fetchAll();
foreach ($all_jobs as $row) {
if ($row['data'] != '') {
$row['data'] = json_decode($row['data'], true);
}
@@ -67,11 +100,11 @@ class ExportCron extends FroxlorCron
// create folder if not exists
if (!file_exists($row['data']['destdir']) && $row['data']['destdir'] != '/' && $row['data']['destdir'] != Settings::Get('system.documentroot_prefix') && $row['data']['destdir'] != $customerdocroot) {
FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'Creating data export destination path for customer: ' . escapeshellarg($row['data']['destdir']));
FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_NOTICE, 'Creating backup-destination path for customer: ' . escapeshellarg($row['data']['destdir']));
FileDir::safe_exec('mkdir -p ' . escapeshellarg($row['data']['destdir']));
}
self::createCustomerExport($row['data'], $customerdocroot, $cronlog);
self::createCustomerBackup($row['data'], $customerdocroot, $cronlog);
}
}
@@ -81,28 +114,33 @@ class ExportCron extends FroxlorCron
]);
}
if (function_exists('pcntl_fork')) {
@unlink($BackupLock);
die();
}
}
/**
* depending on the give choice, the customers web-data, email-data and databases are being exported
* depending on the give choice, the customers web-data, email-data and databases are being backup'ed
*
* @param array $data
*
* @return void
*
* @throws Exception
*/
private static function createCustomerExport($data = null, $customerdocroot = null, &$cronlog = null)
private static function createCustomerBackup($data = null, $customerdocroot = null, &$cronlog = null)
{
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_NOTICE, 'Creating data export for user "' . $data['loginname'] . '"');
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'Creating Backup for user "' . $data['loginname'] . '"');
// create tmp folder
$tmpdir = FileDir::makeCorrectDir($data['destdir'] . '/.tmp/');
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'Creating tmp-folder "' . $tmpdir . '"');
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> mkdir -p ' . escapeshellarg($tmpdir));
FileDir::safe_exec('mkdir -p ' . escapeshellarg($tmpdir));
$create_export_tar_data = "";
$create_backup_tar_data = "";
// MySQL databases
if ($data['dump_dbs'] == 1) {
if ($data['backup_dbs'] == 1) {
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'Creating mysql-folder "' . FileDir::makeCorrectDir($tmpdir . '/mysql') . '"');
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> mkdir -p ' . escapeshellarg(FileDir::makeCorrectDir($tmpdir . '/mysql')));
FileDir::safe_exec('mkdir -p ' . escapeshellarg(FileDir::makeCorrectDir($tmpdir . '/mysql')));
@@ -114,7 +152,7 @@ class ExportCron extends FroxlorCron
]);
$has_dbs = false;
$current_dbserver = -1;
$current_dbserver = null;
while ($row = $sel_stmt->fetch()) {
// Get sql_root data for the specific database-server the database resides on
if ($current_dbserver != $row['dbserver']) {
@@ -142,18 +180,16 @@ class ExportCron extends FroxlorCron
}
if ($has_dbs) {
$create_export_tar_data .= './mysql ';
$create_backup_tar_data .= './mysql ';
}
if (file_exists($mysqlcnf_file)) {
unlink($mysqlcnf_file);
}
unset($sql_root);
}
// E-mail data
if ($data['dump_mail'] == 1) {
if ($data['backup_mail'] == 1) {
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'Creating mail-folder "' . FileDir::makeCorrectDir($tmpdir . '/mail') . '"');
FileDir::safe_exec('mkdir -p ' . escapeshellarg(FileDir::makeCorrectDir($tmpdir . '/mail')));
@@ -173,41 +209,28 @@ class ExportCron extends FroxlorCron
if (!empty($tar_file_list)) {
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> tar cfvz ' . escapeshellarg(FileDir::makeCorrectFile($tmpdir . '/mail/' . $data['loginname'] . '-mail.tar.gz')) . ' -C ' . escapeshellarg($mail_homedir) . ' ' . trim($tar_file_list));
FileDir::safe_exec('tar cfz ' . escapeshellarg(FileDir::makeCorrectFile($tmpdir . '/mail/' . $data['loginname'] . '-mail.tar.gz')) . ' -C ' . escapeshellarg($mail_homedir) . ' ' . trim($tar_file_list));
$create_export_tar_data .= './mail ';
$create_backup_tar_data .= './mail ';
}
}
// Web data
if ($data['dump_web'] == 1) {
if ($data['backup_web'] == 1) {
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'Creating web-folder "' . FileDir::makeCorrectDir($tmpdir . '/web') . '"');
FileDir::safe_exec('mkdir -p ' . escapeshellarg(FileDir::makeCorrectDir($tmpdir . '/web')));
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> tar cfz ' . escapeshellarg(FileDir::makeCorrectFile($tmpdir . '/web/' . $data['loginname'] . '-web.tar.gz')) . ' --exclude=' . escapeshellarg(str_replace($customerdocroot, "./", FileDir::makeCorrectFile($tmpdir . '/*'))) . ' --exclude=' . escapeshellarg(str_replace($customerdocroot, "./", substr(FileDir::makeCorrectDir($tmpdir), 0, -1))) . ' -C ' . escapeshellarg($customerdocroot) . ' .');
FileDir::safe_exec('tar cfz ' . escapeshellarg(FileDir::makeCorrectFile($tmpdir . '/web/' . $data['loginname'] . '-web.tar.gz')) . ' --exclude=' . escapeshellarg(str_replace($customerdocroot, "./", FileDir::makeCorrectFile($tmpdir . '/*'))) . ' --exclude=' . escapeshellarg(str_replace($customerdocroot, "./", substr(FileDir::makeCorrectFile($tmpdir), 0, -1))) . ' -C ' . escapeshellarg($customerdocroot) . ' .');
$create_export_tar_data .= './web ';
$create_backup_tar_data .= './web ';
}
if (!empty($create_export_tar_data)) {
// set owner to customer
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> chown -R ' . (int)$data['uid'] . ':' . (int)$data['gid'] . ' ' . escapeshellarg($tmpdir));
FileDir::safe_exec('chown -R ' . (int)$data['uid'] . ':' . (int)$data['gid'] . ' ' . escapeshellarg($tmpdir));
// create tar-file
$export_file = FileDir::makeCorrectFile($tmpdir . '/' . $data['loginname'] . '-export_' . date('YmdHi', time()) . '.tar.gz' . (!empty($data['pgp_public_key']) ? '.gpg' : ''));
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'Creating export-file "' . $export_file . '"');
if (!empty($data['pgp_public_key'])) {
// pack all archives in tmp-dir to one archive and encrypt it with gpg
$recipient_file = FileDir::makeCorrectFile($tmpdir . '/' . $data['loginname'] . '-recipients.gpg');
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'Creating recipient-file "' . $recipient_file . '"');
file_put_contents($recipient_file, $data['pgp_public_key']);
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> tar cfz - -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_export_tar_data) . ' | gpg --encrypt --recipient-file ' . escapeshellarg($recipient_file) . ' --output ' . escapeshellarg($export_file) . ' --trust-model always --batch --yes');
FileDir::safe_exec('tar cfz - -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_export_tar_data) . ' | gpg --encrypt --recipient-file ' . escapeshellarg($recipient_file) . ' --output ' . escapeshellarg($export_file) . ' --trust-model always --batch --yes', $return_value, ['|']);
} else {
// pack all archives in tmp-dir to one archive
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> tar cfz ' . escapeshellarg($export_file) . ' -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_export_tar_data));
FileDir::safe_exec('tar cfz ' . escapeshellarg($export_file) . ' -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_export_tar_data));
}
if (!empty($create_backup_tar_data)) {
$backup_file = FileDir::makeCorrectFile($tmpdir . '/' . $data['loginname'] . '-backup_' . date('YmdHi', time()) . '.tar.gz');
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'Creating backup-file "' . $backup_file . '"');
// pack all archives in tmp-dir to one
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> tar cfz ' . escapeshellarg($backup_file) . ' -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_backup_tar_data));
FileDir::safe_exec('tar cfz ' . escapeshellarg($backup_file) . ' -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_backup_tar_data));
// move to destination directory
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> mv ' . escapeshellarg($export_file) . ' ' . escapeshellarg($data['destdir']));
FileDir::safe_exec('mv ' . escapeshellarg($export_file) . ' ' . escapeshellarg($data['destdir']));
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> mv ' . escapeshellarg($backup_file) . ' ' . escapeshellarg($data['destdir']));
FileDir::safe_exec('mv ' . escapeshellarg($backup_file) . ' ' . escapeshellarg($data['destdir']));
// remove tmp-files
$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> rm -rf ' . escapeshellarg($tmpdir));
FileDir::safe_exec('rm -rf ' . escapeshellarg($tmpdir));

2
lib/Froxlor/Cron/System/TasksCron.php
View File

@@ -46,7 +46,7 @@ class TasksCron extends FroxlorCron
* LOOK INTO TASKS TABLE TO SEE IF THERE ARE ANY UNDONE JOBS
*/
self::$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "TasksCron: Searching for tasks to do");
// no type 99 (regenerate cron.d-file) and no type 20 (customer data export)
// no type 99 (regenerate cron.d-file) and no type 20 (customer backup)
// order by type descending to re-create bind and then webserver at the end
$result_tasks_stmt = Database::query("
SELECT `id`, `type`, `data` FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` <> '99' AND `type` <> '20' ORDER BY `type` DESC, `id` ASC

4
lib/Froxlor/Cron/TaskId.php
View File

@@ -82,9 +82,9 @@ final class TaskId
const DELETE_DOMAIN_SSL = 12;
/**
* TYPE=20 CUSTUMER DATA DUMP
* TYPE=20 COSTUMERBACKUP
*/
const CREATE_CUSTOMER_DATADUMP = 20;
const CREATE_CUSTOMER_BACKUP = 20;
/**
* TYPE=99 REGENERATE CRON

50
lib/Froxlor/Cron/Traffic/TrafficCron.php
View File

@@ -30,7 +30,6 @@ namespace Froxlor\Cron\Traffic;
* @author Froxlor team <team@froxlor.org> (2010-)
*/
use Froxlor\Cron\Forkable;
use Froxlor\Cron\FroxlorCron;
use Froxlor\Database\Database;
use Froxlor\FileDir;
@@ -43,15 +42,51 @@ use PDO;
class TrafficCron extends FroxlorCron
{
use Forkable;
public static function run()
{
self::runFork([self::class, 'handle']);
// Check Traffic-Lock
if (function_exists('pcntl_fork') && !defined('CRON_NOFORK_FLAG')) {
$TrafficLock = FileDir::makeCorrectFile("/var/run/froxlor_cron_traffic.lock");
if (file_exists($TrafficLock) && is_numeric($TrafficPid = file_get_contents($TrafficLock))) {
if (function_exists('posix_kill')) {
$TrafficPidStatus = @posix_kill($TrafficPid, 0);
} else {
system("kill -CHLD " . $TrafficPid . " 1> /dev/null 2> /dev/null", $TrafficPidStatus);
$TrafficPidStatus = !$TrafficPidStatus;
}
if ($TrafficPidStatus) {
FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'Traffic Run already in progress');
return 1;
}
}
// Create Traffic Log and Fork
// We close the database - connection before we fork, so we don't share resources with the child
Database::needRoot(false); // this forces the connection to be set to null
$TrafficPid = pcntl_fork();
// Parent
if ($TrafficPid) {
file_put_contents($TrafficLock, $TrafficPid);
// unnecessary to recreate database connection here
return 0;
} elseif ($TrafficPid == 0) {
// Child
posix_setsid();
// re-create db
Database::needRoot(false);
} else {
// Fork failed
return 1;
}
} elseif (!defined('CRON_NOFORK_FLAG')) {
if (extension_loaded('pcntl')) {
$msg = "PHP compiled with pcntl but pcntl_fork function is not available.";
} else {
$msg = "PHP compiled without pcntl.";
}
FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, $msg . " Not forking traffic-cron, this may take a long time!");
}
public static function handle()
{
/**
* TRAFFIC AND DISKUSAGE MEASURE
*/
@@ -576,6 +611,11 @@ class TrafficCron extends FroxlorCron
}
Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = UNIX_TIMESTAMP() WHERE `settinggroup` = 'system' AND `varname` = 'last_traffic_run'");
if (function_exists('pcntl_fork') && !defined('CRON_NOFORK_FLAG')) {
@unlink($TrafficLock);
die();
}
}
/**

83
lib/Froxlor/CurrentUser.php
View File

@@ -25,13 +25,10 @@
namespace Froxlor;
use Exception;
use Froxlor\Api\Commands\Customers;
use Froxlor\Api\Commands\SubDomains;
use Froxlor\Database\Database;
use Froxlor\UI\Collection;
use Froxlor\UI\Response;
use RobThree\Auth\TwoFactorAuthException;
/**
* Class to manage the current user / session
@@ -147,90 +144,26 @@ class CurrentUser
$result_stmt = Database::prepare("
SELECT COUNT(`id`) as emaildomains
FROM `" . TABLE_PANEL_DOMAINS . "`
WHERE `customerid`= :cid AND `isemaildomain` = '1' AND `deactivated` = '0'
WHERE `customerid`= :cid AND `isemaildomain` = '1'
");
$result = Database::pexecute_first($result_stmt, [
"cid" => $_SESSION['userinfo']['customerid']
]);
$addition = $result['emaildomains'] != 0;
} elseif ($resource == 'subdomains') {
$parentDomainCollection = (new Collection(
SubDomains::class,
$_SESSION['userinfo'],
['sql_search' => [
'd.parentdomainid' => 0,
'd.deactivated' => 0,
'd.id' => ['op' => '<>', 'value' => $_SESSION['userinfo']['standardsubdomain']]
]
]
));
if (Settings::IsInList('panel.customer_hide_options', 'domains')) {
$addition = false;
} else {
$parentDomainCollection = (new Collection(SubDomains::class, $_SESSION['userinfo'],
['sql_search' => ['d.parentdomainid' => 0]]));
$addition = $parentDomainCollection->count() != 0;
}
} elseif ($resource == 'domains') {
$customerCollection = (new Collection(Customers::class, $_SESSION['userinfo']));
$addition = $customerCollection->count() != 0;
$addition = $customerCollection != 0;
}
return ($_SESSION['userinfo'][$resource . '_used'] < $_SESSION['userinfo'][$resource] || $_SESSION['userinfo'][$resource] == '-1') && $addition;
}
/**
* @throws TwoFactorAuthException
*/
public static function sendOtpEmail()
{
global $mail;
if (self::getField('type_2fa') == 1) {
// generate code
$tfa = new FroxlorTwoFactorAuth('Froxlor ' . Settings::Get('system.hostname'));
$code = $tfa->getCode($tfa->createSecret());
// set code for user
$table = TABLE_PANEL_CUSTOMERS;
$uid = 'customerid';
if (self::isAdmin()) {
$table = TABLE_PANEL_ADMINS;
$uid = 'adminid';
}
$stmt = Database::prepare("UPDATE $table SET `data_2fa` = :d2fa WHERE `$uid` = :uid");
Database::pexecute($stmt, [
"d2fa" => $code,
"uid" => self::getField($uid)
]);
// build up & send email
$_mailerror = false;
$mailerr_msg = "";
$replace_arr = [
'CODE' => $code
];
$mail_body = html_entity_decode(PhpHelper::replaceVariables(lng('mails.2fa.mailbody'), $replace_arr));
try {
$mail->Subject = lng('mails.2fa.subject');
$mail->AltBody = $mail_body;
$mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
$mail->AddAddress(self::getField('email'), User::getCorrectUserSalutation(self::getData()));
$mail->Send();
} catch (\PHPMailer\PHPMailer\Exception $e) {
$mailerr_msg = $e->errorMessage();
$_mailerror = true;
} catch (Exception $e) {
$mailerr_msg = $e->getMessage();
$_mailerror = true;
}
if ($_mailerror) {
$rstlog = FroxlorLogger::getInstanceOf([
'loginname' => '2fa code-sending'
]);
$rstlog->logAction(FroxlorLogger::ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg);
Response::redirectTo('index.php', [
'showmessage' => '4',
'customermail' => self::getField('email')
]);
exit();
}
$mail->ClearAddresses();
}
}
}

42
lib/Froxlor/Dns/Dns.php
View File

@@ -22,7 +22,6 @@
* @author Froxlor team <team@froxlor.org>
* @license https://files.froxlor.org/misc/COPYING.txt GPLv2
*/
namespace Froxlor\Dns;
use Froxlor\Database\Database;
@@ -183,7 +182,10 @@ class Dns
}
if (Settings::Get('dkim.use_dkim') == '1') {
// check for DKIM content later
self::addRequiredEntry('dkim' . $domain['dkim_id'] . '._domainkey.' . $sub_record, 'TXT', $required_entries);
//self::addRequiredEntry('dkim' . $domain['dkim_id'] . '._domainkey.' . $sub_record, 'TXT', $required_entries);
self::addRequiredEntry('mx._domainkey.' . $sub_record, 'TXT', $required_entries);
//Also add dmarc
self::addRequiredEntry('_dmarc' . $sub_record, 'TXT', $required_entries);
}
}
}
@@ -220,7 +222,10 @@ class Dns
}
if (Settings::Get('dkim.use_dkim') == '1') {
// check for DKIM content later
self::addRequiredEntry('dkim' . $domain['dkim_id'] . '._domainkey', 'TXT', $required_entries);
//self::addRequiredEntry('dkim' . $domain['dkim_id'] . '._domainkey', 'TXT', $required_entries);
self::addRequiredEntry('mx._domainkey', 'TXT', $required_entries);
//Also add dmarc
self::addRequiredEntry('_dmarc', 'TXT', $required_entries);
}
}
@@ -378,10 +383,13 @@ class Dns
if (array_key_exists("TXT", $required_entries)) {
if (Settings::Get('dkim.use_dkim') == '1') {
$dkim_entries = self::generateDkimEntries($domain);
$dmarc_entries = self::generateDmarcEntries($domain);
}
foreach ($required_entries as $type => $records) {
if ($type == 'TXT') {
//$dkim_record = 'dkim' . $domain['dkim_id'] . '._domainkey';
$dkim_record = 'mx._domainkey';
foreach ($records as $record) {
if ($record == '@SPF@') {
// spf for main-domain
@@ -392,9 +400,8 @@ class Dns
$txt_content = Settings::Get('spf.spf_entry');
$sub_record = substr($record, 6);
$zonerecords[] = new DnsEntry($sub_record, 'TXT', self::encloseTXTContent($txt_content));
} elseif (!empty($dkim_entries)) {
} elseif (!empty($dkim_entries) && $record == $dkim_record ) {
// DKIM entries
$dkim_record = 'dkim' . $domain['dkim_id'] . '._domainkey';
if ($record == $dkim_record) {
// dkim for main-domain
// check for multiline entry
@@ -412,7 +419,10 @@ class Dns
}
$zonerecords[] = new DnsEntry($record, 'TXT', self::encloseTXTContent($dkim_entries[0], $multiline));
}
} elseif ($record == '_dmarc' && !empty($dmarc_entries) && $domain['isemaildomain'] == '1') {
$zonerecords[] = new DnsEntry($record, 'TXT', self::encloseTXTContent($dmarc_entries[0]));
}
}
}
}
@@ -523,7 +533,7 @@ class Dns
* @param array $domain
* @return array
*/
private static function generateDkimEntries(array $domain): array
/** private static function generateDkimEntries(array $domain): array
{
$zone_dkim = [];
@@ -569,8 +579,26 @@ class Dns
}
return $zone_dkim;
} */
private static function generateDkimEntries(array $domain): array
{
$zone_dkim = [];
if (Settings::Get('dkim.use_dkim') == '1' && $domain['dkim'] == '1' && $domain['dkim_pubkey'] != '') {
// start
$dkim_txt = 'v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosq0CmLqEzJJxIHkQwG1Xwk6CSyHHWSDXL9BHCKzY9lJXH7a23PogVlLvUBYaAgBtFOpsKuUCBl+/g6rOqgVXKg0OpYdpgTxZyz1i4NcubGFLifQGnF8ZKpIEDqIzmLI6SbH+9DKwYA319sXAR6feZI4g5bWqF07t/kzA5LN+2V5QnDQ3th++GPRl5rmWF6uoidIRD85UZVEX4s3J1hce0k6tRb2aEozCJaSXHUwyarmbbX/5rky467QQ+45Uy0q9CNaMMu1IX5eybhLRxYXK1k0TfIRJv4FH1UFLlq2QoGC7d+KvLrUabhzQ5wbdZkWuVgLFZ7CL2NegfzO6YeEcQIDAQAB';
$zone_dkim[] = $dkim_txt;
}
return $zone_dkim;
}
private static function generateDmarcEntries(array $domain): array
{
$zone_dmarc = [];
if (Settings::Get('dkim.use_dkim') == '1' && $domain['dkim'] == '1' ){
$dmarc_txt = 'v=DMARC1; p=reject; ruf=mailto:dmarc@'. $domain['domain'] . '; rua=mailto:dmarc@'. $domain['domain'] . '; fo=1; adkim=r; aspf=r; pct=100; rf=afrf; ri=345600;';
$zone_dmarc[] = $dmarc_txt;
}
return $zone_dmarc;
}
/**
* @param string $txt_content
* @param bool $isMultiLine

49
lib/Froxlor/Domain/Domain.php
View File

@@ -235,30 +235,51 @@ class Domain
}
/**
* get ids of domains that are main domains but a subdomain of another main domain (for DNS)
* check whether a domain has subdomains added as full-domains
* #329
*
* @param int $id main-domain to check
* @param int $id domain-id
*
* @return array
* @return bool
* @throws \Exception
*/
public static function getMainSubdomainIds(int $id): array
public static function domainHasMainSubDomains(int $id): bool
{
$result_stmt = Database::prepare("
SELECT id
FROM `" . TABLE_PANEL_DOMAINS . "`
WHERE
isbinddomain = 1 AND
domain LIKE CONCAT('%.', ( SELECT d.domain FROM `" . TABLE_PANEL_DOMAINS . "` AS d WHERE d.id = :id ))
");
SELECT COUNT(`id`) as `mainsubs` FROM `" . TABLE_PANEL_DOMAINS . "`
WHERE `ismainbutsubto` = :id");
$result = Database::pexecute_first($result_stmt, [
'id' => $id
]);
if ($result && isset($result['mainsubs'])) {
return $result['mainsubs'] > 0;
}
return false;
}
/**
* check whether a subof-domain exists
* #329
*
* @param int $id subof-domain-id
*
* @return bool
* @throws \Exception
*/
public static function domainMainToSubExists(int $id): bool
{
$result_stmt = Database::prepare("
SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `id` = :id");
Database::pexecute($result_stmt, [
'id' => $id
]);
$result = [];
while ($entry = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
$result = $entry['id'];
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
if ($result && isset($result['id'])) {
return $result['id'] > 0;
}
return $result;
return false;
}
/**

3
lib/Froxlor/Domain/IpAddr.php
View File

@@ -55,6 +55,7 @@ class IpAddr
/**
* @return array
* @throws \Exception
*/
public static function getSslIpPortCombinations(): array
{
@@ -75,7 +76,7 @@ class IpAddr
$additional_conditions_params = [];
$additional_conditions_array = [];
if ($userinfo['ip'] != '-1') {
if (!empty($userinfo) && $userinfo['ip'] != '-1') {
$admin_ip_stmt = Database::prepare("
SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = IN (:ipid)
");

2
lib/Froxlor/FileDir.php
View File

@@ -219,7 +219,7 @@ class FileDir
}
// execute the command and return output
$return = [];
$return = '';
// -------------------------------------------------------------------------------
if ($return_value == false) {

4
lib/Froxlor/Froxlor.php
View File

@@ -31,10 +31,10 @@ final class Froxlor
{
// Main version variable
const VERSION = '2.1.0-dev1';
const VERSION = '2.0.24';
// Database version (YYYYMMDDC where C is a daily counter)
const DBVERSION = '202305240';
const DBVERSION = '202304260';
// Distribution branding-tag (used for Debian etc.)
const BRANDING = '';

2
lib/Froxlor/Install/Install.php
View File

@@ -43,7 +43,7 @@ class Install
public $formfield;
public string $requiredVersion = '7.4.0';
public array $requiredExtensions = ['session', 'ctype', 'xml', 'filter', 'posix', 'mbstring', 'curl', 'gmp', 'json', 'gd'];
public array $suggestedExtensions = ['bcmath', 'zip', 'gnupg'];
public array $suggestedExtensions = ['bcmath', 'zip'];
public array $suggestions = [];
public array $criticals = [];
public array $loadedExtensions;

1
lib/Froxlor/Install/Install/Core.php
View File

@@ -421,7 +421,6 @@ class Core
$this->updateSetting($upd_stmt, $this->validatedData['activate_newsfeed'], 'admin', 'show_news_feed');
$this->updateSetting($upd_stmt, dirname(__FILE__, 5), 'system', 'letsencryptchallengepath');
$this->updateSetting($upd_stmt, dirname(__FILE__, 5) . '/templates/misc/deactivated/', 'system', 'deactivateddocroot');
// insert the lastcronrun to be the installation date
$this->updateSetting($upd_stmt, time(), 'system', 'lastcronrun');

3
lib/Froxlor/Settings.php
View File

@@ -129,8 +129,7 @@ class Settings
{
// set defaults
self::$conf = [
'enable_webupdate' => false,
'disable_otp_security_check' => false,
'enable_webupdate' => false
];
$configfile = Froxlor::getInstallDir() . '/lib/config.inc.php';

35
lib/Froxlor/System/Cronjob.php
View File

@@ -211,10 +211,10 @@ class Cronjob
'type' => TaskId::DELETE_DOMAIN_SSL,
'data' => $data
]);
} elseif ($type == TaskId::CREATE_CUSTOMER_DATADUMP && isset($params[0]) && is_array($params[0])) {
} elseif ($type == TaskId::CREATE_CUSTOMER_BACKUP && isset($params[0]) && is_array($params[0])) {
$data = json_encode($params[0]);
Database::pexecute($ins_stmt, [
'type' => TaskId::CREATE_CUSTOMER_DATADUMP,
'type' => TaskId::CREATE_CUSTOMER_BACKUP,
'data' => $data
]);
}
@@ -310,39 +310,44 @@ class Cronjob
}
/**
* Send notification to system admin via email
* Cronjob function to end a cronjob in a critical condition
* but not without sending a notification mail to the admin
*
* @param string $message
* @param string $subject
*
* @return void
*/
public static function notifyMailToAdmin(string $message, string $subject = "[froxlor] Important notice")
public static function dieWithMail(string $message, string $subject = "[froxlor] Cronjob error")
{
$mail = new Mailer(true);
$mailerror = false;
if (Settings::Get('system.send_cron_errors') == '1') {
$_mail = new Mailer(true);
$_mailerror = false;
$mailerr_msg = "";
try {
$mail->Subject = $subject;
$mail->AltBody = $message;
$mail->MsgHTML(nl2br($message));
$mail->AddAddress(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname'));
$mail->Send();
$_mail->Subject = $subject;
$_mail->AltBody = $message;
$_mail->MsgHTML(nl2br($message));
$_mail->AddAddress(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname'));
$_mail->Send();
} catch (\PHPMailer\PHPMailer\Exception $e) {
$mailerr_msg = $e->errorMessage();
$mailerror = true;
$_mailerror = true;
} catch (Exception $e) {
$mailerr_msg = $e->getMessage();
$mailerror = true;
$_mailerror = true;
}
$mail->ClearAddresses();
$_mail->ClearAddresses();
if ($mailerror) {
if ($_mailerror) {
echo 'Error sending mail: ' . $mailerr_msg . "\n";
}
}
die($message);
}
/**
* @param string $cronname
* @return void

50
lib/Froxlor/UI/Callbacks/Backup.php
View File

@@ -1,50 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, you can also view it online at
* https://files.froxlor.org/misc/COPYING.txt
*
* @copyright the authors
* @author Froxlor team <team@froxlor.org>
* @license https://files.froxlor.org/misc/COPYING.txt GPLv2
*/
namespace Froxlor\UI\Callbacks;
use Froxlor\Database\Database;
use Froxlor\UI\Panel\UI;
class Backup
{
public static function backupStorageLink(array $attributes)
{
$sel_stmt = Database::prepare("SELECT `description` FROM `" . TABLE_PANEL_BACKUP_STORAGES . "` WHERE `id` = :id");
$backupstorage = Database::pexecute_first($sel_stmt, ['id' => $attributes['data']]);
if ((int)UI::getCurrentUser()['adminsession'] == 1 && UI::getCurrentUser()['change_serversettings']) {
$linker = UI::getLinker();
$result = '<a href="' . $linker->getLink([
'section' => 'backups',
'page' => 'storages',
'searchfield' => 'id',
'searchtext' => $attributes['data'],
]) . '">' . $backupstorage['description'] . '</a>';
} else {
$result = $backupstorage['description'];
}
return $result;
}
}

38
lib/Froxlor/UI/Callbacks/Domain.php
View File

@@ -25,7 +25,6 @@
namespace Froxlor\UI\Callbacks;
use Froxlor\Database\Database;
use Froxlor\Domain\Domain as DDomain;
use Froxlor\FileDir;
use Froxlor\Settings;
@@ -52,9 +51,6 @@ class Domain
public static function domainTarget(array $attributes)
{
if (empty($attributes['fields']['aliasdomain'])) {
if ($attributes['fields']['deactivated']) {
return lng('admin.deactivated');
}
// path or redirect
if (preg_match('/^https?\:\/\//', $attributes['fields']['documentroot'])) {
return [
@@ -84,7 +80,7 @@ class Domain
}
$result .= '<a href="http://' . $attributes['data'] . '" target="_blank">' . $attributes['data'] . '</a>';
// check for statistics if parentdomainid==0 to show stats-link for customers
if ((int)UI::getCurrentUser()['adminsession'] == 0 && $attributes['fields']['parentdomainid'] == 0 && $attributes['fields']['deactivated'] == 0) {
if ((int)UI::getCurrentUser()['adminsession'] == 0 && $attributes['fields']['parentdomainid'] == 0) {
$statsapp = Settings::Get('system.traffictool');
$result .= ' <a href="http://' . $attributes['data'] . '/' . $statsapp . '" rel="external" target="_blank" title="' . lng('domains.statstics') . '"><i class="fa-solid fa-chart-line text-secondary"></i></a>';
}
@@ -99,12 +95,12 @@ class Domain
public static function canEdit(array $attributes): bool
{
return (bool)($attributes['fields']['caneditdomain'] && !$attributes['fields']['deactivated']);
return (bool)$attributes['fields']['caneditdomain'];
}
public static function canViewLogs(array $attributes): bool
{
if ((int)$attributes['fields']['email_only'] == 0 && !$attributes['fields']['deactivated']) {
if ((int)$attributes['fields']['email_only'] == 0) {
if ((int)UI::getCurrentUser()['adminsession'] == 0 && (bool)UI::getCurrentUser()['logviewenabled']) {
return true;
} elseif ((int)UI::getCurrentUser()['adminsession'] == 1) {
@@ -133,8 +129,7 @@ class Domain
&& UI::getCurrentUser()['dnsenabled'] == '1'
&& $attributes['fields']['caneditdomain'] == '1'
&& Settings::Get('system.bind_enable') == '1'
&& Settings::Get('system.dnsenabled') == '1'
&& !$attributes['fields']['deactivated'];
&& Settings::Get('system.dnsenabled') == '1';
}
public static function adminCanEditDNS(array $attributes): bool
@@ -157,7 +152,6 @@ class Domain
&& (int)$attributes['fields']['caneditdomain'] == 1
&& (int)$attributes['fields']['letsencrypt'] == 0
&& (int)$attributes['fields']['email_only'] == 0
&& !$attributes['fields']['deactivated']
) {
return true;
}
@@ -190,11 +184,13 @@ class Domain
// specified certificate for domain
if ($attributes['fields']['domain_hascert'] == 1) {
$result['icon'] .= ' text-success';
} // shared certificates (e.g. subdomain if domain where certificate is specified)
}
// shared certificates (e.g. subdomain if domain where certificate is specified)
elseif ($attributes['fields']['domain_hascert'] == 2) {
$result['icon'] .= ' text-warning';
$result['title'] .= "\n" . lng('panel.ssleditor_infoshared');
} // no certificate specified, using global fallbacks (IPs and Ports or if empty SSL settings)
}
// no certificate specified, using global fallbacks (IPs and Ports or if empty SSL settings)
elseif ($attributes['fields']['domain_hascert'] == 0) {
$result['icon'] .= ' text-danger';
$result['title'] .= "\n" . lng('panel.ssleditor_infoglobal');
@@ -216,22 +212,4 @@ class Domain
}
return lng('panel.empty');
}
public static function getPhpConfigName(array $attributes): string
{
$sel_stmt = Database::prepare("SELECT `description` FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id");
$phpconfig = Database::pexecute_first($sel_stmt, ['id' => $attributes['data']]);
if ((int)UI::getCurrentUser()['adminsession'] == 1) {
$linker = UI::getLinker();
$result = '<a href="' . $linker->getLink([
'section' => 'phpsettings',
'page' => 'overview',
'searchfield' => 'c.id',
'searchtext' => $attributes['data'],
]) . '">' . $phpconfig['description'] . '</a>';
} else {
$result = $phpconfig['description'];
}
return $result;
}
}

12
lib/Froxlor/UI/Callbacks/Style.php
View File

@@ -34,11 +34,6 @@ class Style
return $attributes['fields']['deactivated'] ? 'bg-danger' : '';
}
public static function loginDisabled(array $attributes): string
{
return $attributes['fields']['login_enabled'] == 'N' ? 'bg-danger' : '';
}
public static function resultIntegrityBad(array $attributes): string
{
return $attributes['fields']['result'] ? '' : 'bg-warning';
@@ -65,18 +60,17 @@ class Style
$today = time();
$termination_css = 'bg-warning';
if ($cdate < $today) {
$termination_css = 'bg-danger text-light';
$termination_css = 'bg-danger';
}
}
$deactivated = $attributes['fields']['deactivated'] || $attributes['fields']['customer_deactivated'];
return $deactivated ? 'bg-info text-light' : $termination_css;
return $attributes['fields']['deactivated'] ? 'bg-info' : $termination_css;
}
public static function resultCustomerLockedOrDeactivated(array $attributes): string
{
$row_css = '';
if ((int)$attributes['fields']['deactivated'] == 1) {
$row_css = 'bg-info text-light';
$row_css = 'bg-info';
} elseif (
$attributes['fields']['loginfail_count'] >= Settings::Get('login.maxloginattempts')
&& $attributes['fields']['lastlogin_fail'] > (time() - Settings::Get('login.deactivatetime'))

51
lib/Froxlor/UI/Callbacks/Text.php
View File

@@ -25,13 +25,10 @@
namespace Froxlor\UI\Callbacks;
use Froxlor\CurrentUser;
use Froxlor\Database\Database;
use Froxlor\Froxlor;
use Froxlor\PhpHelper;
use Froxlor\UI\Panel\UI;
use Froxlor\User;
use PDO;
class Text
{
@@ -43,14 +40,6 @@ class Text
];
}
public static function yesno(array $attributes): array
{
return [
'macro' => 'boolean',
'data' => $attributes['data'] == 'Y'
];
}
public static function customerfullname(array $attributes): string
{
return User::getCorrectFullUserDetails($attributes['fields'], true);
@@ -116,44 +105,4 @@ class Text
'body' => $body
];
}
public static function domainDuplicateModal(array $attributes): array
{
$linker = UI::getLinker();
$result = $attributes['fields'];
$customers = [
0 => lng('panel.please_choose')
];
$result_customers_stmt = Database::prepare("
SELECT `customerid`, `loginname`, `name`, `firstname`, `company`
FROM `" . TABLE_PANEL_CUSTOMERS . "` " . (CurrentUser::getField('customers_see_all') ? '' : " WHERE `adminid` = :adminid ") . "
ORDER BY COALESCE(NULLIF(`name`,''), `company`) ASC
");
$params = [];
if (CurrentUser::getField('customers_see_all') == '0') {
$params['adminid'] = CurrentUser::getField('adminid');
}
Database::pexecute($result_customers_stmt, $params);
while ($row_customer = $result_customers_stmt->fetch(PDO::FETCH_ASSOC)) {
$customers[$row_customer['customerid']] = User::getCorrectFullUserDetails($row_customer) . ' (' . $row_customer['loginname'] . ')';
}
$domdup_data = include Froxlor::getInstallDir() . '/lib/formfields/admin/domains/formfield.domains_duplicate.php';
$body = UI::twig()->render(UI::validateThemeTemplate('/user/inline-form.html.twig'), [
'formaction' => $linker->getLink(['section' => 'domains', 'page' => 'domains', 'action' => 'duplicate']),
'formdata' => $domdup_data['domain_duplicate'],
'editid' => $attributes['fields']['id'],
'nosubmit' => 0
]);
return [
'entry' => $attributes['fields']['id'],
'id' => 'ddModal' . $attributes['fields']['id'],
'title' => lng('admin.domain_duplicate_named', [$attributes['fields']['domain']]),
'action' => 'duplicate',
'body' => $body
];
}
}

51
lib/Froxlor/UI/Form.php
View File

@@ -25,8 +25,6 @@
namespace Froxlor\UI;
use Froxlor\CurrentUser;
use Froxlor\FroxlorTwoFactorAuth;
use Froxlor\Settings;
use Froxlor\Validate\Check;
@@ -185,21 +183,6 @@ class Form
}
}
// OTP security validation for sensitive settings
if (!Settings::Config('disable_otp_security_check') && isset($fielddata['required_otp']) && $do_show) {
$otp_enabled_system = (bool)Settings::Get('2fa.enabled');
$otp_enabled_user = (int)CurrentUser::getField('type_2fa') != 0;
$do_show = !$fielddata['required_otp'] || ($otp_enabled_system && $otp_enabled_user);
if (!$do_show) {
$fielddata['note'] = lng('serversettings.option_requires_otp');
if (!$otp_enabled_system) {
$fielddata['note'] .= '<br>' . lng('2fa.2fa_not_activated');
} elseif (!$otp_enabled_user) {
$fielddata['note'] .= '<br>' . lng('2fa.2fa_not_activated_for_user');
}
}
}
if (!$do_show) {
$fielddata['visible'] = false;
}
@@ -249,7 +232,7 @@ class Form
if (((isset($fielddetails['visible']) && $fielddetails['visible']) || !isset($fielddetails['visible'])) && (!$only_enabledisable || ($only_enabledisable && isset($fielddetails['overview_option'])))) {
$newfieldvalue = self::getFormFieldData($fieldname, $fielddetails, $input);
if ($newfieldvalue != $fielddetails['value']) {
if (($error = \Froxlor\Validate\Form::validateFormField($fieldname, $fielddetails, $newfieldvalue)) !== true) {
if (($error = \Froxlor\Validate\Form::validateFormField($fieldname, $fielddetails, $newfieldvalue)) != true) {
Response::standardError($error, $fieldname);
} else {
$changed_fields[$fieldname] = $newfieldvalue;
@@ -300,38 +283,6 @@ class Form
}
}
}
if (!Settings::Config('disable_otp_security_check') && isset($fielddetails['required_otp']) && isset($changed_fields[$fieldname])) {
$otp_enabled_system = (bool)Settings::Get('2fa.enabled');
$otp_enabled_user = (int)CurrentUser::getField('type_2fa') != 0;
$do_update = !$fielddetails['required_otp'] || ($otp_enabled_system && $otp_enabled_user);
if ($do_update) {
// setting that requires OTP verification
if (empty($input['otp_verification'])) {
// in case email 2fa is enabled, send it now
CurrentUser::sendOtpEmail();
// build up form
if (is_array($url_params) && isset($url_params['filename'])) {
$filename = $url_params['filename'];
unset($url_params['filename']);
} else {
$filename = '';
}
HTML::askOTP('please_enter_otp', $filename, array_merge($url_params, $submitted_fields));
} else {
// validate given OTP code
$code = trim($input['otp_verification']);
$tfa = new FroxlorTwoFactorAuth('Froxlor ' . Settings::Get('system.hostname'));
$result = $tfa->verifyCode(CurrentUser::getField('data_2fa'), $code, 3);
if (!$result) {
Response::standardError('otpnotvalidated');
}
}
} else {
// do not update this setting
unset($changed_fields[$fieldname]);
}
}
}
}
}

13
lib/Froxlor/UI/HTML.php
View File

@@ -221,17 +221,4 @@ class HTML
]);
exit();
}
public static function askOTP(string $text, string $targetfile, array $params = [], string $replacer = '', array $back_link = [])
{
$text = lng('question.' . $text, [htmlspecialchars($replacer)]);
Panel\UI::view('form/otpquestion.html.twig', [
'action' => $targetfile,
'url_params' => $params,
'question' => $text,
'back_link' => $back_link
]);
exit();
}
}

1
lib/Froxlor/UI/Listing.php
View File

@@ -230,7 +230,6 @@ class Listing
'label' => $coldata['label'],
'checked' => in_array($column, $tabellisting['visible_columns']),
'searchable' => $coldata['searchable'] ?? true,
'isdefaultsearchfield' => $coldata['isdefaultsearchfield'] ?? false,
];
}
}

14
lib/Froxlor/UI/Response.php
View File

@@ -32,7 +32,7 @@ class Response
{
/**
* Sends a header ( 'Location ...' ) to the browser.
* Sends an header ( 'Location ...' ) to the browser.
*
* @param string $destination
* Destination
@@ -74,18 +74,18 @@ class Response
$linker->filename = $path . $destination;
}
header('Location: ' . $linker->getLink());
exit;
exit();
} elseif ($get_variables == null) {
$linker = new Linker($destination);
header('Location: ' . $linker->getLink());
exit;
exit();
}
return false;
}
/**
* Prints one or more errormessages on screen
* Prints one ore more errormessages on screen
*
* @param array $errors
* Errormessages
@@ -93,9 +93,8 @@ class Response
* A %s in the errormessage will be replaced by this string.
* @param bool $throw_exception
*
* @throws Exception
* @author Ron Brand <ron.brand@web.de>
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Ron Brand <ron.brand@web.de>
*/
public static function standardError($errors = '', $replacer = '', $throw_exception = false)
{
@@ -158,7 +157,7 @@ class Response
}
/**
* Prints one or more errormessages on screen
* Prints one ore more errormessages on screen
*
* @param array $success_message
* Errormessages
@@ -167,7 +166,6 @@ class Response
* @param array $params
* @param bool $throw_exception
*
* @throws Exception
* @author Florian Lippert <flo@syscp.org> (2003-2009)
*/
public static function standardSuccess($success_message = '', $replacer = '', $params = [], $throw_exception = false)

26
lib/Froxlor/Validate/Check.php
View File

@@ -314,30 +314,4 @@ class Check
}
return $returnvalue;
}
public static function checkPgpPublicKeySetting($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues)
{
// if the field is empty, we don't need to check anything
if ($newfieldvalue === '') {
return [self::FORMFIELDS_PLAUSIBILITY_CHECK_OK];
}
// check if gnupg extension is loaded
if (!extension_loaded('gnupg')) {
return [
self::FORMFIELDS_PLAUSIBILITY_CHECK_ERROR,
'gnupgextensionnotavailable'
];
}
// check if the pgp public key is a valid key
putenv('GNUPGHOME='.sys_get_temp_dir());
if (gnupg_import(gnupg_init(), $newfieldvalue) === false) {
return [
self::FORMFIELDS_PLAUSIBILITY_CHECK_ERROR,
'invalidpgppublickey'
];
}
return [self::FORMFIELDS_PLAUSIBILITY_CHECK_OK];
}
}

6
lib/Froxlor/Validate/Form/Data.php
View File

@@ -319,11 +319,7 @@ class Data
{
$returnvalue = 'stringformaterror';
if (isset($fielddata['string_regexp']) && $fielddata['string_regexp'] != '') {
if (preg_match($fielddata['string_regexp'], $newfieldvalue)) {
$returnvalue = true;
}
} else if (preg_match('/^[^\0]*$/', $newfieldvalue)) {
if (preg_match('/^[^\0]*$/', $newfieldvalue)) {
$returnvalue = true;
}

5
lib/config.example.inc.php
View File

@@ -11,9 +11,4 @@ return [
* updates the way the providers does it (e.g. automation, etc.)
*/
'enable_webupdate' => false,
/**
* @todo description
*/
'disable_otp_security_check' => false,
];

45
lib/configfiles/bionic.xml
View File

@@ -10,13 +10,11 @@
<default for="lighttpd" settinggroup="system" varname="apacheconf_htpasswddir" value="/etc/lighttpd/froxlor-htpasswd/"></default>
<default for="lighttpd" settinggroup="system" varname="apachereload_command" value="service lighttpd reload"></default>
<default for="lighttpd" settinggroup="system" varname="letsencryptacmeconf" value="/etc/lighttpd/acme.conf"></default>
<default for="lighttpd" settinggroup="phpfpm" varname="fastcgi_ipcdir" value="/var/run/lighttpd/"></default>
<default for="nginx" settinggroup="system" varname="apacheconf_vhost" value="/etc/nginx/sites-enabled/"></default>
<default for="nginx" settinggroup="system" varname="apacheconf_diroptions" value="/etc/nginx/sites-enabled/"></default>
<default for="nginx" settinggroup="system" varname="apacheconf_htpasswddir" value="/etc/nginx/froxlor-htpasswd/"></default>
<default for="nginx" settinggroup="system" varname="apachereload_command" value="service nginx reload"></default>
<default for="nginx" settinggroup="system" varname="letsencryptacmeconf" value="/etc/nginx/acme.conf"></default>
<default for="nginx" settinggroup="phpfpm" varname="fastcgi_ipcdir" value="/var/run/nginx/"></default>
</defaults>
<services>
<!-- HTTP -->
@@ -1529,7 +1527,7 @@ user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
hosts = <SQL_HOST>
query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' AND deactivated = 0
query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1'
]]>
</content>
</file>
@@ -3962,6 +3960,7 @@ ServerName "<SERVERNAME> FTP Server"
ServerType standalone
DeferWelcome off
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
@@ -4298,6 +4297,7 @@ SQLNamedQuery get-quota-limit SELECT "ftp_users.username AS name, ftp_quotalimit
SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used,bytes_out_used, bytes_xfer_used, files_in_used, files_out_used,files_xfer_used FROM ftp_quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used= files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name= '%{6}' AND quota_type = '%{7}'" ftp_quotatallies
SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}, %{7}" ftp_quotatallies
</IfModule>
]]>
</content>
@@ -4308,16 +4308,16 @@ SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}
<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd/tls.log
TLSProtocol TLSv1.2 TLSv1.3
TLSProtocol TLSv1 TLSv1.1 TLSv1.2
TLSRSACertificateFile /etc/ssl/certs/proftpd.crt
TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key
TLSECCertificateFile /etc/ssl/certs/proftpd_ec.crt
TLSECCertificateKeyFile /etc/ssl/private/proftpd_ec.key
TLSOptions NoSessionReuseRequired
TLSOptions NoCertRequest NoSessionReuseRequired
TLSVerifyClient off
# Are clients required to use FTP over TLS when talking to this server?
TLSRequired on
#TLSRequired on
# Allow SSL/TLS renegotiations when the client requests them, but
# do not force the renegotiations. Some clients do not support
@@ -4327,37 +4327,6 @@ TLSRequired on
#
#TLSRenegotiate required off
</IfModule>
]]>
</content>
</file>
<file name="/etc/proftpd/conf.d/99-froxlor-ratelimit.conf" chown="root:0"
chmod="0644">
<content><![CDATA[
<Class whitelist>
From 127.0.0.1
</Class>
MaxLoginAttempts 3
<IfModule mod_ban.c>
<IfClass whitelist>
BanEngine off
</IfClass>
<IfClass !whitelist>
BanEngine on
</IfClass>
BanLog /var/log/proftpd/ban.log
BanTable /etc/proftpd/ban.tab
BanMessage "User %u was banned."
BanOnEvent ClientConnectRate 5/00:00:02 12:00:00 "Stop connecting frequently"
BanOnEvent MaxLoginAttempts 3/00:30:00 12:00:00
BanOnEvent AnonRejectPasswords 1/01:00:00 99:99:99
BanControlsACLs all allow user root
</IfModule>
<IfClass whitelist>
BanEngine off
DelayEngine off
</IfClass>
]]>
</content>
</file>
@@ -4748,7 +4717,7 @@ aliases: files
<!-- Cronjob -->
<daemon name="cron" title="Cronjob for froxlor"
mandatory="true">
<install><![CDATA[apt-get install cron gnupg]]></install>
<install><![CDATA[apt-get install cron]]></install>
<command><![CDATA[ln -s <BASE_PATH>bin/froxlor-cli /usr/local/bin/froxlor-cli]]></command>
<command><![CDATA[/usr/bin/php <BASE_PATH>bin/froxlor-cli froxlor:cron --run-task 99]]></command>
<command><![CDATA[{{settings.system.crondreload}}]]></command>

41
lib/configfiles/bookworm.xml
View File

@@ -10,13 +10,11 @@
<default for="lighttpd" settinggroup="system" varname="apacheconf_htpasswddir" value="/etc/lighttpd/froxlor-htpasswd/"></default>
<default for="lighttpd" settinggroup="system" varname="apachereload_command" value="service lighttpd reload"></default>
<default for="lighttpd" settinggroup="system" varname="letsencryptacmeconf" value="/etc/lighttpd/acme.conf"></default>
<default for="lighttpd" settinggroup="phpfpm" varname="fastcgi_ipcdir" value="/var/run/lighttpd/"></default>
<default for="nginx" settinggroup="system" varname="apacheconf_vhost" value="/etc/nginx/sites-enabled/"></default>
<default for="nginx" settinggroup="system" varname="apacheconf_diroptions" value="/etc/nginx/sites-enabled/"></default>
<default for="nginx" settinggroup="system" varname="apacheconf_htpasswddir" value="/etc/nginx/froxlor-htpasswd/"></default>
<default for="nginx" settinggroup="system" varname="apachereload_command" value="service nginx reload"></default>
<default for="nginx" settinggroup="system" varname="letsencryptacmeconf" value="/etc/nginx/acme.conf"></default>
<default for="nginx" settinggroup="phpfpm" varname="fastcgi_ipcdir" value="/var/run/nginx/"></default>
</defaults>
<services>
<!-- HTTP -->
@@ -1488,7 +1486,7 @@ user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
hosts = <SQL_HOST>
query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' AND deactivated = 0
query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1'
]]>
</content>
</file>
@@ -2950,7 +2948,7 @@ SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}
<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd/tls.log
TLSProtocol TLSv1.2 TLSv1.3
TLSProtocol TLSv1 TLSv1.1 TLSv1.2
TLSRSACertificateFile /etc/ssl/certs/proftpd.crt
TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key
TLSECCertificateFile /etc/ssl/certs/proftpd_ec.crt
@@ -2959,7 +2957,7 @@ TLSOptions NoSessionReuseRequired
TLSVerifyClient off
# Are clients required to use FTP over TLS when talking to this server?
TLSRequired on
#TLSRequired on
# Allow SSL/TLS renegotiations when the client requests them, but
# do not force the renegotiations. Some clients do not support
@@ -2969,37 +2967,6 @@ TLSRequired on
#
#TLSRenegotiate required off
</IfModule>
]]>
</content>
</file>
<file name="/etc/proftpd/conf.d/99-froxlor-ratelimit.conf" chown="root:0"
chmod="0644">
<content><![CDATA[
<Class whitelist>
From 127.0.0.1
</Class>
MaxLoginAttempts 3
<IfModule mod_ban.c>
<IfClass whitelist>
BanEngine off
</IfClass>
<IfClass !whitelist>
BanEngine on
</IfClass>
BanLog /var/log/proftpd/ban.log
BanTable /etc/proftpd/ban.tab
BanMessage "User %u was banned."
BanOnEvent ClientConnectRate 5/00:00:02 12:00:00 "Stop connecting frequently"
BanOnEvent MaxLoginAttempts 3/00:30:00 12:00:00
BanOnEvent AnonRejectPasswords 1/01:00:00 99:99:99
BanControlsACLs all allow user root
</IfModule>
<IfClass whitelist>
BanEngine off
DelayEngine off
</IfClass>
]]>
</content>
</file>
@@ -3390,7 +3357,7 @@ aliases: files
<!-- Cronjob -->
<daemon name="cron" title="Cronjob for froxlor"
mandatory="true">
<install><![CDATA[apt-get install cron gnupg]]></install>
<install><![CDATA[apt-get install cron]]></install>
<command><![CDATA[ln -s <BASE_PATH>bin/froxlor-cli /usr/local/bin/froxlor-cli]]></command>
<command><![CDATA[/usr/bin/php <BASE_PATH>bin/froxlor-cli froxlor:cron --run-task 99]]></command>
<command><![CDATA[{{settings.system.crondreload}}]]></command>

45
lib/configfiles/bullseye.xml
View File

@@ -10,13 +10,11 @@
<default for="lighttpd" settinggroup="system" varname="apacheconf_htpasswddir" value="/etc/lighttpd/froxlor-htpasswd/"></default>
<default for="lighttpd" settinggroup="system" varname="apachereload_command" value="service lighttpd reload"></default>
<default for="lighttpd" settinggroup="system" varname="letsencryptacmeconf" value="/etc/lighttpd/acme.conf"></default>
<default for="lighttpd" settinggroup="phpfpm" varname="fastcgi_ipcdir" value="/var/run/lighttpd/"></default>
<default for="nginx" settinggroup="system" varname="apacheconf_vhost" value="/etc/nginx/sites-enabled/"></default>
<default for="nginx" settinggroup="system" varname="apacheconf_diroptions" value="/etc/nginx/sites-enabled/"></default>
<default for="nginx" settinggroup="system" varname="apacheconf_htpasswddir" value="/etc/nginx/froxlor-htpasswd/"></default>
<default for="nginx" settinggroup="system" varname="apachereload_command" value="service nginx reload"></default>
<default for="nginx" settinggroup="system" varname="letsencryptacmeconf" value="/etc/nginx/acme.conf"></default>
<default for="nginx" settinggroup="phpfpm" varname="fastcgi_ipcdir" value="/var/run/nginx/"></default>
</defaults>
<services>
<!-- HTTP -->
@@ -1488,7 +1486,7 @@ user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
hosts = <SQL_HOST>
query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' AND deactivated = 0
query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1'
]]>
</content>
</file>
@@ -4172,6 +4170,7 @@ ServerName "<SERVERNAME> FTP Server"
ServerType standalone
DeferWelcome off
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
@@ -4510,6 +4509,7 @@ SQLNamedQuery get-quota-limit SELECT "ftp_users.username AS name, ftp_quotalimit
SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used,bytes_out_used, bytes_xfer_used, files_in_used, files_out_used,files_xfer_used FROM ftp_quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used= files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name= '%{6}' AND quota_type = '%{7}'" ftp_quotatallies
SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}, %{7}" ftp_quotatallies
</IfModule>
]]>
</content>
@@ -4520,16 +4520,16 @@ SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}
<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd/tls.log
TLSProtocol TLSv1.2 TLSv1.3
TLSProtocol TLSv1 TLSv1.1 TLSv1.2
TLSRSACertificateFile /etc/ssl/certs/proftpd.crt
TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key
TLSECCertificateFile /etc/ssl/certs/proftpd_ec.crt
TLSECCertificateKeyFile /etc/ssl/private/proftpd_ec.key
TLSOptions NoSessionReuseRequired
TLSOptions NoCertRequest NoSessionReuseRequired
TLSVerifyClient off
# Are clients required to use FTP over TLS when talking to this server?
TLSRequired on
#TLSRequired on
# Allow SSL/TLS renegotiations when the client requests them, but
# do not force the renegotiations. Some clients do not support
@@ -4539,37 +4539,6 @@ TLSRequired on
#
#TLSRenegotiate required off
</IfModule>
]]>
</content>
</file>
<file name="/etc/proftpd/conf.d/99-froxlor-ratelimit.conf" chown="root:0"
chmod="0644">
<content><![CDATA[
<Class whitelist>
From 127.0.0.1
</Class>
MaxLoginAttempts 3
<IfModule mod_ban.c>
<IfClass whitelist>
BanEngine off
</IfClass>
<IfClass !whitelist>
BanEngine on
</IfClass>
BanLog /var/log/proftpd/ban.log
BanTable /etc/proftpd/ban.tab
BanMessage "User %u was banned."
BanOnEvent ClientConnectRate 5/00:00:02 12:00:00 "Stop connecting frequently"
BanOnEvent MaxLoginAttempts 3/00:30:00 12:00:00
BanOnEvent AnonRejectPasswords 1/01:00:00 99:99:99
BanControlsACLs all allow user root
</IfModule>
<IfClass whitelist>
BanEngine off
DelayEngine off
</IfClass>
]]>
</content>
</file>
@@ -4960,7 +4929,7 @@ aliases: files
<!-- Cronjob -->
<daemon name="cron" title="Cronjob for froxlor"
mandatory="true">
<install><![CDATA[apt-get install cron gnupg]]></install>
<install><![CDATA[apt-get install cron]]></install>
<command><![CDATA[ln -s <BASE_PATH>bin/froxlor-cli /usr/local/bin/froxlor-cli]]></command>
<command><![CDATA[/usr/bin/php <BASE_PATH>bin/froxlor-cli froxlor:cron --run-task 99]]></command>
<command><![CDATA[{{settings.system.crondreload}}]]></command>

45
lib/configfiles/buster.xml
View File

@@ -10,13 +10,11 @@
<default for="lighttpd" settinggroup="system" varname="apacheconf_htpasswddir" value="/etc/lighttpd/froxlor-htpasswd/"></default>
<default for="lighttpd" settinggroup="system" varname="apachereload_command" value="service lighttpd reload"></default>
<default for="lighttpd" settinggroup="system" varname="letsencryptacmeconf" value="/etc/lighttpd/acme.conf"></default>
<default for="lighttpd" settinggroup="phpfpm" varname="fastcgi_ipcdir" value="/var/run/lighttpd/"></default>
<default for="nginx" settinggroup="system" varname="apacheconf_vhost" value="/etc/nginx/sites-enabled/"></default>
<default for="nginx" settinggroup="system" varname="apacheconf_diroptions" value="/etc/nginx/sites-enabled/"></default>
<default for="nginx" settinggroup="system" varname="apacheconf_htpasswddir" value="/etc/nginx/froxlor-htpasswd/"></default>
<default for="nginx" settinggroup="system" varname="apachereload_command" value="service nginx reload"></default>
<default for="nginx" settinggroup="system" varname="letsencryptacmeconf" value="/etc/nginx/acme.conf"></default>
<default for="nginx" settinggroup="phpfpm" varname="fastcgi_ipcdir" value="/var/run/nginx/"></default>
</defaults>
<services>
<!-- HTTP -->
@@ -1488,7 +1486,7 @@ user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
hosts = <SQL_HOST>
query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' AND deactivated = 0
query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1'
]]>
</content>
</file>
@@ -4165,6 +4163,7 @@ ServerName "<SERVERNAME> FTP Server"
ServerType standalone
DeferWelcome off
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
@@ -4501,6 +4500,7 @@ SQLNamedQuery get-quota-limit SELECT "ftp_users.username AS name, ftp_quotalimit
SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used,bytes_out_used, bytes_xfer_used, files_in_used, files_out_used,files_xfer_used FROM ftp_quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used= files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name= '%{6}' AND quota_type = '%{7}'" ftp_quotatallies
SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}, %{7}" ftp_quotatallies
</IfModule>
]]>
</content>
@@ -4511,16 +4511,16 @@ SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}
<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd/tls.log
TLSProtocol TLSv1.2 TLSv1.3
TLSProtocol TLSv1 TLSv1.1 TLSv1.2
TLSRSACertificateFile /etc/ssl/certs/proftpd.crt
TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key
TLSECCertificateFile /etc/ssl/certs/proftpd_ec.crt
TLSECCertificateKeyFile /etc/ssl/private/proftpd_ec.key
TLSOptions NoSessionReuseRequired
TLSOptions NoCertRequest NoSessionReuseRequired
TLSVerifyClient off
# Are clients required to use FTP over TLS when talking to this server?
TLSRequired on
#TLSRequired on
# Allow SSL/TLS renegotiations when the client requests them, but
# do not force the renegotiations. Some clients do not support
@@ -4530,37 +4530,6 @@ TLSRequired on
#
#TLSRenegotiate required off
</IfModule>
]]>
</content>
</file>
<file name="/etc/proftpd/conf.d/99-froxlor-ratelimit.conf" chown="root:0"
chmod="0644">
<content><![CDATA[
<Class whitelist>
From 127.0.0.1
</Class>
MaxLoginAttempts 3
<IfModule mod_ban.c>
<IfClass whitelist>
BanEngine off
</IfClass>
<IfClass !whitelist>
BanEngine on
</IfClass>
BanLog /var/log/proftpd/ban.log
BanTable /etc/proftpd/ban.tab
BanMessage "User %u was banned."
BanOnEvent ClientConnectRate 5/00:00:02 12:00:00 "Stop connecting frequently"
BanOnEvent MaxLoginAttempts 3/00:30:00 12:00:00
BanOnEvent AnonRejectPasswords 1/01:00:00 99:99:99
BanControlsACLs all allow user root
</IfModule>
<IfClass whitelist>
BanEngine off
DelayEngine off
</IfClass>
]]>
</content>
</file>
@@ -4951,7 +4920,7 @@ aliases: files
<!-- Cronjob -->
<daemon name="cron" title="Cronjob for froxlor"
mandatory="true">
<install><![CDATA[apt-get install cron gnupg]]></install>
<install><![CDATA[apt-get install cron]]></install>
<command><![CDATA[ln -s <BASE_PATH>bin/froxlor-cli /usr/local/bin/froxlor-cli]]></command>
<command><![CDATA[/usr/bin/php <BASE_PATH>bin/froxlor-cli froxlor:cron --run-task 99]]></command>
<command><![CDATA[{{settings.system.crondreload}}]]></command>

47
lib/configfiles/focal.xml
View File

@@ -9,14 +9,12 @@
<default for="lighttpd" settinggroup="system" varname="apacheconf_diroptions" value="/etc/lighttpd/froxlor-diroptions/"></default>
<default for="lighttpd" settinggroup="system" varname="apacheconf_htpasswddir" value="/etc/lighttpd/froxlor-htpasswd/"></default>
<default for="lighttpd" settinggroup="system" varname="apachereload_command" value="service lighttpd reload"></default>
<default for="lighttpd" settinggroup="system" varname="letsencryptacmeconf" value="/etc/lighttpd/acme.conf"></default>+
<default for="lighttpd" settinggroup="phpfpm" varname="fastcgi_ipcdir" value="/var/run/lighttpd/"></default>
<default for="lighttpd" settinggroup="system" varname="letsencryptacmeconf" value="/etc/lighttpd/acme.conf"></default>
<default for="nginx" settinggroup="system" varname="apacheconf_vhost" value="/etc/nginx/sites-enabled/"></default>
<default for="nginx" settinggroup="system" varname="apacheconf_diroptions" value="/etc/nginx/sites-enabled/"></default>
<default for="nginx" settinggroup="system" varname="apacheconf_htpasswddir" value="/etc/nginx/froxlor-htpasswd/"></default>
<default for="nginx" settinggroup="system" varname="apachereload_command" value="service nginx reload"></default>
<default for="nginx" settinggroup="system" varname="letsencryptacmeconf" value="/etc/nginx/acme.conf"></default>
<default for="nginx" settinggroup="phpfpm" varname="fastcgi_ipcdir" value="/var/run/nginx/"></default>
</defaults>
<services>
<!-- HTTP -->
@@ -1517,7 +1515,7 @@ user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
hosts = <SQL_HOST>
query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' AND deactivated = 0
query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1'
]]>
</content>
</file>
@@ -3393,6 +3391,7 @@ ServerName "<SERVERNAME> FTP Server"
ServerType standalone
DeferWelcome off
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
@@ -3729,6 +3728,7 @@ SQLNamedQuery get-quota-limit SELECT "ftp_users.username AS name, ftp_quotalimit
SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used,bytes_out_used, bytes_xfer_used, files_in_used, files_out_used,files_xfer_used FROM ftp_quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used= files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name= '%{6}' AND quota_type = '%{7}'" ftp_quotatallies
SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}, %{7}" ftp_quotatallies
</IfModule>
]]>
</content>
@@ -3739,16 +3739,16 @@ SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}
<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd/tls.log
TLSProtocol TLSv1.2 TLSv1.3
TLSProtocol TLSv1 TLSv1.1 TLSv1.2
TLSRSACertificateFile /etc/ssl/certs/proftpd.crt
TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key
TLSECCertificateFile /etc/ssl/certs/proftpd_ec.crt
TLSECCertificateKeyFile /etc/ssl/private/proftpd_ec.key
TLSOptions NoSessionReuseRequired
TLSOptions NoCertRequest NoSessionReuseRequired
TLSVerifyClient off
# Are clients required to use FTP over TLS when talking to this server?
TLSRequired on
#TLSRequired on
# Allow SSL/TLS renegotiations when the client requests them, but
# do not force the renegotiations. Some clients do not support
@@ -3758,37 +3758,6 @@ TLSRequired on
#
#TLSRenegotiate required off
</IfModule>
]]>
</content>
</file>
<file name="/etc/proftpd/conf.d/99-froxlor-ratelimit.conf" chown="root:0"
chmod="0644">
<content><![CDATA[
<Class whitelist>
From 127.0.0.1
</Class>
MaxLoginAttempts 3
<IfModule mod_ban.c>
<IfClass whitelist>
BanEngine off
</IfClass>
<IfClass !whitelist>
BanEngine on
</IfClass>
BanLog /var/log/proftpd/ban.log
BanTable /etc/proftpd/ban.tab
BanMessage "User %u was banned."
BanOnEvent ClientConnectRate 5/00:00:02 12:00:00 "Stop connecting frequently"
BanOnEvent MaxLoginAttempts 3/00:30:00 12:00:00
BanOnEvent AnonRejectPasswords 1/01:00:00 99:99:99
BanControlsACLs all allow user root
</IfModule>
<IfClass whitelist>
BanEngine off
DelayEngine off
</IfClass>
]]>
</content>
</file>
@@ -4187,7 +4156,7 @@ aliases: files
<!-- Cronjob -->
<daemon name="cron" title="Cronjob for froxlor"
mandatory="true">
<install><![CDATA[apt-get install cron gnupg]]></install>
<install><![CDATA[apt-get install cron]]></install>
<command><![CDATA[ln -s <BASE_PATH>bin/froxlor-cli /usr/local/bin/froxlor-cli]]></command>
<command><![CDATA[/usr/bin/php <BASE_PATH>bin/froxlor-cli froxlor:cron --run-task 99]]></command>
<command><![CDATA[{{settings.system.crondreload}}]]></command>

41
lib/configfiles/gentoo.xml
View File

@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<froxlor>
<distribution name="Gentoo" version="3.0"
<distribution name="Gentoo" version="2.2"
defaulteditor="/usr/bin/nano">
<!-- OS defaults to be loaded on installation -->
<defaults>
@@ -17,13 +17,11 @@
<default for="lighttpd" settinggroup="system" varname="apacheconf_diroptions" value="/etc/lighttpd/diropts.d/"></default>
<default for="lighttpd" settinggroup="system" varname="apacheconf_htpasswddir" value="/etc/lighttpd/froxlor-htpasswd/"></default>
<default for="lighttpd" settinggroup="system" varname="apachereload_command" value="/etc/init.d/lighttpd reload"></default>
<default for="lighttpd" settinggroup="phpfpm" varname="fastcgi_ipcdir" value="/var/run/lighttpd/"></default>
<default for="nginx" settinggroup="system" varname="apacheconf_vhost" value="/etc/nginx/sites-enabled/"></default>
<default for="nginx" settinggroup="system" varname="apacheconf_diroptions" value="/etc/nginx/sites-enabled/"></default>
<default for="nginx" settinggroup="system" varname="apacheconf_htpasswddir" value="/etc/nginx/froxlor-htpasswd/"></default>
<default for="nginx" settinggroup="system" varname="apachereload_command" value="/etc/init.d/nginx reload"></default>
<default for="nginx" settinggroup="system" varname="letsencryptacmeconf" value="/etc/nginx/acme.conf"></default>
<default for="nginx" settinggroup="phpfpm" varname="fastcgi_ipcdir" value="/var/run/nginx/"></default>
<default settinggroup="system" varname="bindreload_command" value="/etc/init.d/named restart"></default>
<default settinggroup="system" varname="crondreload" value="/etc/init.d/cronie restart"></default>
</defaults>
@@ -1473,7 +1471,7 @@ user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
hosts = <SQL_HOST>
query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' AND deactivated = 0
query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1'
]]>
</content>
</file>
@@ -3421,6 +3419,7 @@ MaxInstances 50
# General settings
DeferWelcome on
MultilineRFC2228 on
ShowSymlinks on
AllowOverwrite on
AllowStoreRestart on
@@ -3486,10 +3485,10 @@ SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}
<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd-tls.log
TLSProtocol TLSv1.2 TLSv1.3
TLSProtocol TLSv1 TLSv1.1 TLSv1.2
#TLSTimeoutHandshake 120
# Really important for WinClients and some clients
TLSOptions NoSessionReuseRequired
TLSOptions NoCertRequest NoSessionReuseRequired
TLSRSACertificateFile /etc/ssl/certs/proftpd.crt
TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key
TLSECCertificateFile /etc/ssl/certs/proftpd_ec.crt
@@ -3498,7 +3497,7 @@ TLSECCertificateKeyFile /etc/ssl/private/proftpd_ec.key
# Authenticate client that want to use FTP over TLS?
TLSVerifyClient off
# Uncomment the following line to force tls login
TLSRequired on
#TLSRequired on
</IfModule>
# LOG settings
@@ -3516,32 +3515,6 @@ ExtendedLog /var/log/proftpd-access.log WRITE,READ write
# make proftpd faster / do not perform ident and reverse dns lookup
UseReverseDNS off
<Class whitelist>
From 127.0.0.1
</Class>
MaxLoginAttempts 3
<IfModule mod_ban.c>
<IfClass whitelist>
BanEngine off
</IfClass>
<IfClass !whitelist>
BanEngine on
</IfClass>
BanLog /var/log/proftpd-ban.log
BanTable /etc/proftpd/ban.tab
BanMessage "User %u was banned."
BanOnEvent ClientConnectRate 5/00:00:02 12:00:00 "Stop connecting frequently"
BanOnEvent MaxLoginAttempts 3/00:30:00 12:00:00
BanOnEvent AnonRejectPasswords 1/01:00:00 99:99:99
BanControlsACLs all allow user root
</IfModule>
<IfClass whitelist>
BanEngine off
DelayEngine off
</IfClass>
]]>
</content>
</file>
@@ -3961,7 +3934,7 @@ aliases: files
<!-- Cronjob -->
<daemon name="cron" title="Cronjob for froxlor"
mandatory="true">
<install><![CDATA[emerge sys-process/cronie app-crypt/gnupg]]></install>
<install><![CDATA[emerge sys-process/cronie]]></install>
<command><![CDATA[ln -s <BASE_PATH>bin/froxlor-cli /usr/local/bin/froxlor-cli]]></command>
<command><![CDATA[/usr/bin/php <BASE_PATH>bin/froxlor-cli froxlor:cron --run-task 99]]></command>
<command><![CDATA[{{settings.system.crondreload}}]]></command>

Some files were not shown because too many files have changed in this diff Show More