/**
* store the default index-file in a given destination folder
*
* @param string $loginname customers loginname
* @param string $destination path where to create the file
* @param object $logger FroxlorLogger object
* @param boolean $force force creation whatever the settings say (needed for task #2, create new user)
*
* @return null
*/
function storeDefaultIndex($loginname = null, $destination = null, $logger = null, $force = false)
{
global $db, $settings, $pathtophpfiles;
if ($force || (int) $settings['system']['store_index_file_subs'] == 1) {
$result = $db->query("SELECT `t`.`value`, `c`.`email` AS `customer_email`, `a`.`email` AS `admin_email`, `c`.`loginname` AS `customer_login`, `a`.`loginname` AS `admin_login` FROM `" . TABLE_PANEL_CUSTOMERS . "` AS `c` INNER JOIN `" . TABLE_PANEL_ADMINS . "` AS `a` ON `c`.`adminid` = `a`.`adminid` INNER JOIN `" . TABLE_PANEL_TEMPLATES . "` AS `t` ON `a`.`adminid` = `t`.`adminid` WHERE `varname` = 'index_html' AND `c`.`loginname` = '" . $db->escape($loginname) . "'");
if ($db->num_rows($result) > 0) {
$template = $db->fetch_array($result);
$replace_arr = array('SERVERNAME' => $settings['system']['hostname'], 'CUSTOMER' => $template['customer_login'], 'ADMIN' => $template['admin_login'], 'CUSTOMER_EMAIL' => $template['customer_email'], 'ADMIN_EMAIL' => $template['admin_email']);
$htmlcontent = replace_variables($template['value'], $replace_arr);
$indexhtmlpath = makeCorrectFile($destination . '/index.' . $settings['system']['index_file_extension']);
$index_html_handler = fopen($indexhtmlpath, 'w');
fwrite($index_html_handler, $htmlcontent);
fclose($index_html_handler);
if ($logger !== null) {
$logger->logAction(CRON_ACTION, LOG_NOTICE, 'Creating \'index.' . $settings['system']['index_file_extension'] . '\' for Customer \'' . $template['customer_login'] . '\' based on template in directory ' . escapeshellarg($indexhtmlpath));
}
} else {
$destination = makeCorrectDir($destination);
if ($logger !== null) {
$logger->logAction(CRON_ACTION, LOG_NOTICE, 'Running: cp -a ' . $pathtophpfiles . '/templates/misc/standardcustomer/* ' . escapeshellarg($destination));
}
safe_exec('cp -a ' . $pathtophpfiles . '/templates/misc/standardcustomer/* ' . escapeshellarg($destination));
}
}
return;
}
/**
* Returns an array of found directories
*
* This function checks every found directory if they match either $uid or $gid, if they do
* the found directory is valid. It uses recursive-iterators to find subdirectories.
*
* @param string $path the path to start searching in
* @param int $uid the uid which must match the found directories
* @param int $gid the gid which must match the found direcotries
*
* @return array Array of found valid paths
*/
function findDirs($path, $uid, $gid)
{
$_fileList = array();
$path = makeCorrectDir($path);
// valid directory?
if (is_dir($path)) {
try {
// create RecursiveIteratorIterator
$its = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path));
// we can limit the recursion-depth, but will it be helpful or
// will people start asking "why do I only see 2 subdirectories, i want to use /a/b/c"
// let's keep this in mind and see whether it will be useful
// @TODO
// $its->setMaxDepth(2);
// check every file
foreach ($its as $fullFileName => $it) {
if ($it->isDir() && (fileowner($fullFileName) == $uid || filegroup($fullFileName) == $gid)) {
$_fileList[] = makeCorrectDir(dirname($fullFileName));
}
}
} catch (UnexpectedValueException $e) {
// this is thrown if the directory is not found or not readble etc.
// just ignore and keep going
}
}
return array_unique($_fileList);
}
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <*****@*****.**> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function checkPathConflicts($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues)
{
global $settings;
if ((int) $settings['system']['mod_fcgid'] == 1) {
/**
* fcgid-configdir has changed ->
* check against customer-doc-prefix
*/
if ($fieldname == "system_mod_fcgid_configdir") {
$newdir = makeCorrectDir($newfieldvalue);
$cdir = makeCorrectDir($settings['system']['documentroot_prefix']);
} elseif ($fieldname == "system_documentroot_prefix") {
$newdir = makeCorrectDir($newfieldvalue);
$cdir = makeCorrectDir($settings['system']['mod_fcgid_configdir']);
}
// neither dir can be within the other nor can they be equal
if (substr($newdir, 0, strlen($cdir)) == $cdir || substr($cdir, 0, strlen($newdir)) == $newdir || $newdir == $cdir) {
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_ERROR, 'fcgidpathcannotbeincustomerdoc');
} else {
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_OK);
}
} else {
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_OK);
}
return $returnvalue;
}
public function createOwnVhostStarter()
{
if ($this->settings['system']['mod_fcgid_ownvhost'] == '1' || $this->settings['phpfpm']['enabled'] == '1' && $this->settings['phpfpm']['enabled_ownvhost'] == '1') {
$mypath = makeCorrectDir(dirname(dirname(dirname(__FILE__))));
// /var/www/froxlor, needed for chown
if ($this->settings['system']['mod_fcgid_ownvhost'] == '1') {
$user = $this->settings['system']['mod_fcgid_httpuser'];
$group = $this->settings['system']['mod_fcgid_httpgroup'];
} elseif ($this->settings['phpfpm']['enabled'] == '1' && $this->settings['phpfpm']['enabled_ownvhost'] == '1') {
$user = $this->settings['phpfpm']['vhost_httpuser'];
$group = $this->settings['phpfpm']['vhost_httpgroup'];
}
$domain = array('id' => 'none', 'domain' => $this->settings['system']['hostname'], 'adminid' => 1, 'mod_fcgid_starter' => -1, 'mod_fcgid_maxrequests' => -1, 'guid' => $user, 'openbasedir' => 0, 'safemode' => '0', 'email' => $this->settings['panel']['adminmail'], 'loginname' => 'froxlor.panel', 'documentroot' => $mypath);
// all the files and folders have to belong to the local user
// now because we also use fcgid for our own vhost
safe_exec('chown -R ' . $user . ':' . $group . ' ' . escapeshellarg($mypath));
// get php.ini for our own vhost
$php = new phpinterface($this->getDB(), $this->settings, $domain);
// @FIXME don't use fcgid settings if not fcgid in use, but we don't have anything else atm
$phpconfig = $php->getPhpConfig($this->settings['system']['mod_fcgid_defaultini_ownvhost']);
// create starter-file | config-file
$php->getInterface()->createConfig($phpconfig);
// create php.ini
// @TODO make php-fpm support this
$php->getInterface()->createIniFile($phpconfig);
}
}
/**
* returns an array for the settings-array
*
* @return array
*/
function getThemes()
{
$themespath = makeCorrectDir(FROXLOR_INSTALL_DIR . '/templates/');
$themes_available = array();
if (is_dir($themespath)) {
$its = new DirectoryIterator($themespath);
foreach ($its as $it) {
if ($it->isDir() && $it->getFilename() != '.' && $it->getFilename() != '..' && $it->getFilename() != 'misc') {
$theme = $themespath . $it->getFilename();
if (file_exists($theme . '/config.json')) {
$themeconfig = json_decode(file_get_contents($theme . '/config.json'), true);
if (array_key_exists('variants', $themeconfig) && is_array($themeconfig['variants'])) {
foreach ($themeconfig['variants'] as $variant => $data) {
if ($variant == "default") {
$themes_available[$it->getFilename()] = $it->getFilename();
} elseif (array_key_exists('description', $data)) {
$themes_available[$it->getFilename() . '_' . $variant] = $data['description'];
} else {
$themes_available[$it->getFilename() . '_' . $variant] = $it->getFilename() . ' (' . $variant . ')';
}
}
} else {
$themes_available[$it->getFilename()] = $it->getFilename();
}
}
}
}
}
return $themes_available;
}
/**
* Returns an array of found directories
*
* This function checks every found directory if they match either $uid or $gid, if they do
* the found directory is valid. It uses recursive function calls to find subdirectories. Due
* to the recursive behauviour this function may consume much memory.
*
* @param string path The path to start searching in
* @param integer uid The uid which must match the found directories
* @param integer gid The gid which must match the found direcotries
* @param array _fileList recursive transport array !for internal use only!
* @return array Array of found valid pathes
*
* @author Martin Burchert <*****@*****.**>
* @author Manuel Bernhardt <*****@*****.**>
*/
function findDirs($path, $uid, $gid)
{
$list = array($path);
$_fileList = array();
while (sizeof($list) > 0) {
$path = array_pop($list);
$path = makeCorrectDir($path);
if (!is_readable($path) || !is_executable($path)) {
//return $_fileList;
// only 'skip' this directory, #611
continue;
}
$dh = opendir($path);
if ($dh === false) {
/*
* this should never be called because we checked
* 'is_readable' before...but we never know what might happen
*/
standard_error('cannotreaddir', $path);
return null;
} else {
while (false !== ($file = @readdir($dh))) {
if ($file == '.' && (fileowner($path . '/' . $file) == $uid || filegroup($path . '/' . $file) == $gid)) {
$_fileList[] = makeCorrectDir($path);
}
if (is_dir($path . '/' . $file) && $file != '..' && $file != '.') {
array_push($list, $path . '/' . $file);
}
}
@closedir($dh);
}
}
return $_fileList;
}
public function writeConfigs()
{
// tell the world what we are doing
$this->_logger->logAction(CRON_ACTION, LOG_INFO, 'Task4 started - Rebuilding froxlor_bind.conf');
// clean up
$this->_cleanZonefiles();
// check for subfolder in bind-config-directory
if (!file_exists(makeCorrectDir(Settings::Get('system.bindconf_directory') . '/domains/'))) {
$this->_logger->logAction(CRON_ACTION, LOG_NOTICE, 'mkdir ' . escapeshellarg(makeCorrectDir(Settings::Get('system.bindconf_directory') . '/domains/')));
safe_exec('mkdir -p ' . escapeshellarg(makeCorrectDir(Settings::Get('system.bindconf_directory') . '/domains/')));
}
$domains = $this->getDomainList();
if (empty($domains)) {
$this->_logger->logAction(CRON_ACTION, LOG_INFO, 'No domains found for nameserver-config, skipping...');
return;
}
$bindconf_file = '# ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf' . "\n" . '# Created ' . date('d.m.Y H:i') . "\n" . '# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.' . "\n\n";
foreach ($domains as $domain) {
if ($domain['ismainbutsubto'] > 0) {
// domains with ismainbutsubto>0 are handled by recursion within walkDomainList()
continue;
}
$this->walkDomainList($domain, $domains);
}
$bindconf_file_handler = fopen(makeCorrectFile(Settings::Get('system.bindconf_directory') . '/froxlor_bind.conf'), 'w');
fwrite($bindconf_file_handler, $this->_bindconf_file);
fclose($bindconf_file_handler);
$this->_logger->logAction(CRON_ACTION, LOG_INFO, 'froxlor_bind.conf written');
$this->reloadDaemon();
$this->_logger->logAction(CRON_ACTION, LOG_INFO, 'Task4 finished');
}
/**
* Returns a valid html tag for the choosen $fieldType for pathes
*
* @param string path The path to start searching in
* @param integer uid The uid which must match the found directories
* @param integer gid The gid which must match the found direcotries
* @param string fieldType Either "Manual" or "Dropdown"
* @return string The html tag for the choosen $fieldType
*
* @author Martin Burchert <*****@*****.**>
* @author Manuel Bernhardt <*****@*****.**>
*/
function makePathfield($path, $uid, $gid, $fieldType, $value = '')
{
global $lng;
$value = str_replace($path, '', $value);
$field = '';
if ($fieldType == 'Manual') {
$field = '<input type="text" name="path" value="' . htmlspecialchars($value) . '" size="30" />';
} elseif ($fieldType == 'Dropdown') {
$dirList = findDirs($path, $uid, $gid);
natcasesort($dirList);
if (sizeof($dirList) > 0) {
$field = '<select name="path">';
foreach ($dirList as $key => $dir) {
if (strpos($dir, $path) === 0) {
$dir = makeCorrectDir(substr($dir, strlen($path)));
}
$field .= makeoption($dir, $dir, $value);
}
$field .= '</select>';
} else {
$field = $lng['panel']['dirsmissing'];
$field .= '<input type="hidden" name="path" value="/" />';
}
}
return $field;
}
public function createOwnVhostStarter()
{
if (Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.enabled_ownvhost') == '1') {
$mypath = makeCorrectDir(dirname(dirname(dirname(__FILE__))));
// /var/www/froxlor, needed for chown
$user = Settings::Get('phpfpm.vhost_httpuser');
$group = Settings::Get('phpfpm.vhost_httpgroup');
$domain = array('id' => 'none', 'domain' => Settings::Get('system.hostname'), 'adminid' => 1, 'mod_fcgid_starter' => -1, 'mod_fcgid_maxrequests' => -1, 'guid' => $user, 'openbasedir' => 0, 'email' => Settings::Get('panel.adminmail'), 'loginname' => 'froxlor.panel', 'documentroot' => $mypath);
// all the files and folders have to belong to the local user
// now because we also use fcgid for our own vhost
safe_exec('chown -R ' . $user . ':' . $group . ' ' . escapeshellarg($mypath));
// get php.ini for our own vhost
$php = new phpinterface($domain);
// get php-config
if (Settings::Get('phpfpm.enabled') == '1') {
// fpm
$phpconfig = $php->getPhpConfig(Settings::Get('phpfpm.vhost_defaultini'));
} else {
// fcgid
$phpconfig = $php->getPhpConfig(Settings::Get('system.mod_fcgid_defaultini_ownvhost'));
}
// create starter-file | config-file
$php->getInterface()->createConfig($phpconfig);
// create php.ini (fpm does nothing here, as it
// defines ini-settings in its pool config)
$php->getInterface()->createIniFile($phpconfig);
}
}
/**
* store the default index-file in a given destination folder
*
* @param string $loginname customers loginname
* @param string $destination path where to create the file
* @param object $logger FroxlorLogger object
* @param boolean $force force creation whatever the settings say (needed for task #2, create new user)
*
* @return null
*/
function storeDefaultIndex($loginname = null, $destination = null, $logger = null, $force = false)
{
if ($force || (int) Settings::Get('system.store_index_file_subs') == 1) {
$result_stmt = Database::prepare("\n\t\t\tSELECT `t`.`value`, `c`.`email` AS `customer_email`, `a`.`email` AS `admin_email`, `c`.`loginname` AS `customer_login`, `a`.`loginname` AS `admin_login`\n\t\t\tFROM `" . TABLE_PANEL_CUSTOMERS . "` AS `c` INNER JOIN `" . TABLE_PANEL_ADMINS . "` AS `a`\n\t\t\tON `c`.`adminid` = `a`.`adminid`\n\t\t\tINNER JOIN `" . TABLE_PANEL_TEMPLATES . "` AS `t`\n\t\t\tON `a`.`adminid` = `t`.`adminid`\n\t\t\tWHERE `varname` = 'index_html' AND `c`.`loginname` = :loginname");
Database::pexecute($result_stmt, array('loginname' => $loginname));
if (Database::num_rows() > 0) {
$template = $result_stmt->fetch(PDO::FETCH_ASSOC);
$replace_arr = array('SERVERNAME' => Settings::Get('system.hostname'), 'CUSTOMER' => $template['customer_login'], 'ADMIN' => $template['admin_login'], 'CUSTOMER_EMAIL' => $template['customer_email'], 'ADMIN_EMAIL' => $template['admin_email']);
$htmlcontent = replace_variables($template['value'], $replace_arr);
$indexhtmlpath = makeCorrectFile($destination . '/index.' . Settings::Get('system.index_file_extension'));
$index_html_handler = fopen($indexhtmlpath, 'w');
fwrite($index_html_handler, $htmlcontent);
fclose($index_html_handler);
if ($logger !== null) {
$logger->logAction(CRON_ACTION, LOG_NOTICE, 'Creating \'index.' . Settings::Get('system.index_file_extension') . '\' for Customer \'' . $template['customer_login'] . '\' based on template in directory ' . escapeshellarg($indexhtmlpath));
}
} else {
$destination = makeCorrectDir($destination);
if ($logger !== null) {
$logger->logAction(CRON_ACTION, LOG_NOTICE, 'Running: cp -a ' . FROXLOR_INSTALL_DIR . '/templates/misc/standardcustomer/* ' . escapeshellarg($destination));
}
safe_exec('cp -a ' . FROXLOR_INSTALL_DIR . '/templates/misc/standardcustomer/* ' . escapeshellarg($destination));
}
}
return;
}
/**
* Returns an array of found directories
*
* This function checks every found directory if they match either $uid or $gid, if they do
* the found directory is valid. It uses recursive function calls to find subdirectories. Due
* to the recursive behauviour this function may consume much memory.
*
* @param string path The path to start searching in
* @param integer uid The uid which must match the found directories
* @param integer gid The gid which must match the found direcotries
* @param array _fileList recursive transport array !for internal use only!
* @return array Array of found valid pathes
*
* @author Martin Burchert <*****@*****.**>
* @author Manuel Bernhardt <*****@*****.**>
*/
function findDirs($path, $uid, $gid)
{
$list = array($path);
$_fileList = array();
while (sizeof($list) > 0) {
$path = array_pop($list);
$path = makeCorrectDir($path);
$dh = opendir($path);
if ($dh === false) {
standard_error('cannotreaddir', $path);
return null;
} else {
while (false !== ($file = @readdir($dh))) {
if ($file == '.' && (fileowner($path . '/' . $file) == $uid || filegroup($path . '/' . $file) == $gid)) {
$_fileList[] = makeCorrectDir($path);
}
if (is_dir($path . '/' . $file) && $file != '..' && $file != '.') {
array_push($list, $path . '/' . $file);
}
}
@closedir($dh);
}
}
return $_fileList;
}
/**
* read domain-related (or if empty, parentdomain-related) ssl-certificates from the database
* and (if not empty) set the corresponding array-indices (ssl_cert_file, ssl_key_file,
* ssl_ca_file and ssl_cert_chainfile). Hence the parameter as reference.
*
* @param array $domain domain-array as reference so we can set the corresponding array-indices
*
* @return null
*/
public function setDomainSSLFilesArray(array &$domain = null)
{
// check if the domain itself has a certificate defined
$dom_certs_stmt = Database::prepare("\n\t\t\tSELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` = :domid\n\t\t");
$dom_certs = Database::pexecute_first($dom_certs_stmt, array('domid' => $domain['id']));
if (!is_array($dom_certs) || !isset($dom_certs['ssl_cert_file']) || $dom_certs['ssl_cert_file'] == '') {
// maybe its parent?
if ($domain['parentdomainid'] != null) {
$dom_certs = Database::pexecute_first($dom_certs_stmt, array('domid' => $domain['parentdomainid']));
}
}
// check if it's an array and if the most important field is set
if (is_array($dom_certs) && isset($dom_certs['ssl_cert_file']) && $dom_certs['ssl_cert_file'] != '') {
// get destination path
$sslcertpath = makeCorrectDir(Settings::Get('system.customer_ssl_path'));
// create path if it does not exist
if (!file_exists($sslcertpath)) {
safe_exec('mkdir -p ' . escapeshellarg($sslcertpath));
}
// make correct files for the certificates
$ssl_files = array('ssl_cert_file' => makeCorrectFile($sslcertpath . '/' . $domain['domain'] . '.crt'), 'ssl_key_file' => makeCorrectFile($sslcertpath . '/' . $domain['domain'] . '.key'));
if (Settings::Get('system.webserver') == 'lighttpd') {
// put my.crt and my.key together for lighty.
$dom_certs['ssl_cert_file'] = trim($dom_certs['ssl_cert_file']) . "\n" . trim($dom_certs['ssl_key_file']) . "\n";
$ssl_files['ssl_key_file'] = '';
}
// initialize optional files
$ssl_files['ssl_ca_file'] = '';
$ssl_files['ssl_cert_chainfile'] = '';
// set them if they are != empty
if ($dom_certs['ssl_ca_file'] != '') {
$ssl_files['ssl_ca_file'] = makeCorrectFile($sslcertpath . '/' . $domain['domain'] . '_CA.pem');
}
if ($dom_certs['ssl_cert_chainfile'] != '') {
if (Settings::Get('system.webserver') == 'nginx') {
// put ca.crt in my.crt, as nginx does not support a separate chain file.
$dom_certs['ssl_cert_file'] = trim($dom_certs['ssl_cert_file']) . "\n" . trim($dom_certs['ssl_cert_chainfile']) . "\n";
} else {
$ssl_files['ssl_cert_chainfile'] = makeCorrectFile($sslcertpath . '/' . $domain['domain'] . '_chain.pem');
}
}
// create them on the filesystem
foreach ($ssl_files as $type => $filename) {
if ($filename != '') {
touch($filename);
$_fh = fopen($filename, 'w');
fwrite($_fh, $dom_certs[$type]);
fclose($_fh);
chmod($filename, 0600);
}
}
// override corresponding array values
$domain['ssl_cert_file'] = $ssl_files['ssl_cert_file'];
$domain['ssl_key_file'] = $ssl_files['ssl_key_file'];
$domain['ssl_ca_file'] = $ssl_files['ssl_ca_file'];
$domain['ssl_cert_chainfile'] = $ssl_files['ssl_cert_chainfile'];
}
return;
}
/**
* Create or modify the AWStats configuration file for the given domain.
* Modified by Berend Dekens to allow custom configurations.
*
* @param logFile
* @param siteDomain
* @param hostAliases
* @return null
*/
function createAWStatsConf($logFile, $siteDomain, $hostAliases, $customerDocroot, $awstats_params = array())
{
global $pathtophpfiles, $settings;
// Generation header
$header = "## GENERATED BY FROXLOR\n";
$header2 = "## Do not remove the line above! This tells Froxlor to update this configuration\n## If you wish to manually change this configuration file, remove the first line to make sure Froxlor won't rebuild this file\n## Generated for domain {SITE_DOMAIN} on " . date('l dS \\of F Y h:i:s A') . "\n";
$awstats_dir = makeCorrectDir($customerDocroot . '/awstats/' . $siteDomain . '/');
if (!is_dir($awstats_dir)) {
safe_exec('mkdir -p ' . escapeshellarg($awstats_dir));
}
// chown created folder, #258
makeChownWithNewStats($awstats_params);
// weird but could happen...
if (!is_dir($settings['system']['awstats_conf'])) {
safe_exec('mkdir -p ' . escapeshellarg($settings['system']['awstats_conf']));
}
// These are the variables we will replace
$regex = array('/\\{LOG_FILE\\}/', '/\\{SITE_DOMAIN\\}/', '/\\{HOST_ALIASES\\}/', '/\\{CUSTOMER_DOCROOT\\}/', '/\\{AWSTATS_CONF\\}/');
$replace = array(makeCorrectFile($logFile), $siteDomain, $hostAliases, $awstats_dir, makeCorrectDir($settings['system']['awstats_conf']));
// File names
$domain_file = makeCorrectFile($settings['system']['awstats_conf'] . '/awstats.' . $siteDomain . '.conf');
$model_file = dirname(dirname(dirname(dirname(__FILE__))));
$model_file .= '/templates/misc/awstatsmodel/';
if ($settings['system']['mod_log_sql'] == '1') {
$model_file .= 'awstats.froxlor.model_log_sql.conf';
} else {
$model_file .= 'awstats.froxlor.model.conf';
}
$model_file = makeCorrectFile($model_file);
// Test if the file exists
if (file_exists($domain_file)) {
// Check for the generated header - if this is a manual modification we won't update
$awstats_domain_conf = fopen($domain_file, 'r');
if (fgets($awstats_domain_conf, strlen($header)) != $header) {
fclose($awstats_domain_conf);
return;
}
// Close the file
fclose($awstats_domain_conf);
}
$awstats_domain_conf = fopen($domain_file, 'w');
$awstats_model_conf = fopen($model_file, 'r');
// Write the header
fwrite($awstats_domain_conf, $header);
fwrite($awstats_domain_conf, preg_replace($regex, $replace, $header2));
// Write the configuration file
while (($line = fgets($awstats_model_conf, 4096)) !== false) {
if (!preg_match('/^#/', $line) && trim($line) != '') {
fwrite($awstats_domain_conf, preg_replace($regex, $replace, $line));
}
}
fclose($awstats_domain_conf);
fclose($awstats_model_conf);
}
/**
* checks give path for security issues
* and returns a string that can be appended
* to a line for a open_basedir directive
*
* @param string $path the path to check and append
* @param boolean $first if true, no ':' will be prefixed to the path
*
* @return string
*/
function appendOpenBasedirPath($path = '', $first = false)
{
$path = makeCorrectDir($path);
if ($path != '' && $path != '/' && !preg_match("#^/dev#i", $path) && !preg_match("#^/proc#i", $path) && !preg_match("#^/etc#i", $path) && !preg_match("#^/sys#i", $path) && !preg_match("#:#", $path)) {
if ($first) {
return $path;
}
return ':' . $path;
}
return '';
}
/**
* Creates a directory below a users homedir and sets all directories,
* which had to be created below with correct Owner/Group
* (Copied from cron_tasks.php:rev1189 as we'll need this more often in future)
*
* @param string The homedir of the user
* @param string The dir which should be created
* @param int The uid of the user
* @param int The gid of the user
* @param bool Place standard-index.html into the new folder
* @param bool Allow creating a directory out of the customers docroot
*
* @return bool true if everything went okay, false if something went wrong
*
* @author Florian Lippert <*****@*****.**>
* @author Martin Burchert <*****@*****.**>
*/
function mkDirWithCorrectOwnership($homeDir, $dirToCreate, $uid, $gid, $placeindex = false, $allow_notwithinhomedir = false, $setgid = false)
{
$returncode = true;
if ($homeDir != '' && $dirToCreate != '') {
$homeDir = makeCorrectDir($homeDir);
$dirToCreate = makeCorrectDir($dirToCreate);
if (substr($dirToCreate, 0, strlen($homeDir)) == $homeDir) {
$subdir = substr($dirToCreate, strlen($homeDir) - 1);
$within_homedir = true;
} else {
$subdir = $dirToCreate;
$within_homedir = false;
}
$subdir = makeCorrectDir($subdir);
$subdirs = array();
if ($within_homedir || !$allow_notwithinhomedir) {
$subdirlen = strlen($subdir);
$offset = 0;
while ($offset < $subdirlen) {
$offset = strpos($subdir, '/', $offset);
$subdirelem = substr($subdir, 0, $offset);
$offset++;
array_push($subdirs, makeCorrectDir($homeDir . $subdirelem));
}
} else {
array_push($subdirs, $dirToCreate);
}
$subdirs = array_unique($subdirs);
sort($subdirs);
foreach ($subdirs as $sdir) {
if (!is_dir($sdir)) {
$sdir = makeCorrectDir($sdir);
safe_exec('mkdir -p ' . escapeshellarg($sdir));
/**
* #68
*/
if ($placeindex) {
$loginname = getLoginNameByUid($uid);
if ($loginname !== false) {
storeDefaultIndex($loginname, $sdir, null);
}
}
safe_exec('chown -R ' . (int) $uid . ':' . $gid . ' ' . escapeshellarg($sdir));
if ($setgid) {
safe_exec('chmod g+s ' . escapeshellarg($sdir));
}
}
}
} else {
$returncode = false;
}
return $returncode;
}
/**
* checks a directory against disallowed paths which could
* lead to a damaged system if you use them
*
* @param string $fieldname
* @param array $fielddata
* @param mixed $newfieldvalue
*
* @return boolean|array
*/
function checkDisallowedPaths($path = null)
{
/*
* disallow base-directories and /
*/
$disallowed_values = array("/", "/bin/", "/boot/", "/dev/", "/etc/", "/home/", "/lib/", "/lib32/", "/lib64/", "/opt/", "/proc/", "/root/", "/run/", "/sbin/", "/sys/", "/tmp/", "/usr/", "/var/");
$path = makeCorrectDir($path);
// check if it's a disallowed path
if (in_array($path, $disallowed_values)) {
return false;
}
return true;
}
function includeCronjobs($debugHandler, $pathtophpfiles)
{
global $settings;
$cronjobs = getNextCronjobs();
$jobs_to_run = array();
$cron_path = makeCorrectDir($pathtophpfiles . '/scripts/jobs/');
if ($cronjobs !== false && is_array($cronjobs) && isset($cronjobs[0])) {
foreach ($cronjobs as $cronjob) {
$cron_file = makeCorrectFile($cron_path . $cronjob);
$jobs_to_run[] = $cron_file;
}
}
return $jobs_to_run;
}
/**
* returns an array for the settings-array
*
* @return array
*/
function getThemes()
{
$themespath = makeCorrectDir(dirname(dirname(dirname(dirname(__FILE__)))) . '/templates/');
$themes_available = array();
if (is_dir($themespath)) {
$its = new DirectoryIterator($themespath);
foreach ($its as $it) {
if ($it->isDir() && $it->getFilename() != '.' && $it->getFilename() != '..' && $it->getFilename() != '.svn' && $it->getFilename() != 'misc') {
$themes_available[$it->getFilename()] = $it->getFilename();
}
}
}
return $themes_available;
}
protected function getMyPath($ip_port = null)
{
if (!empty($ip_port) && $ip_port['docroot'] == '') {
if (Settings::Get('system.froxlordirectlyviahostname')) {
$mypath = makeCorrectDir(dirname(dirname(dirname(__FILE__))));
} else {
$mypath = makeCorrectDir(dirname(dirname(dirname(dirname(__FILE__)))));
}
} else {
// user-defined docroot, #417
$mypath = makeCorrectDir($ip_port['docroot']);
}
return $mypath;
}
/**
* check whether a maildir exists on the filesystem
*
* @param array $result all mail-info of customer
*
* @return boolean
*/
function maildirExists($result = null)
{
global $settings;
if (is_array($result)) {
$loginname = getCustomerDetail($result['customerid'], 'loginname');
if ($loginname !== false) {
$maildir = makeCorrectDir($settings['system']['vmail_homedir'] . '/' . $loginname . '/' . $result['email_full']);
if (@file_exists($maildir)) {
return true;
}
}
}
return false;
}
/**
* This file is part of the SysCP project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.syscp.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <*****@*****.**>
* @license GPLv2 http://files.syscp.org/misc/COPYING.txt
* @package Functions
* @version $Id$
*/
function validateFormFieldString($fieldname, $fielddata, $newfieldvalue)
{
if (isset($fielddata['string_delimiter']) && $fielddata['string_delimiter'] != '') {
$newfieldvalues = explode($fielddata['string_delimiter'], $newfieldvalue);
unset($fielddata['string_delimiter']);
$returnvalue = true;
foreach ($newfieldvalues as $single_newfieldvalue) {
$single_returnvalue = validateFormFieldString($fieldname, $fielddata, $single_newfieldvalue);
if ($single_returnvalue !== true) {
$returnvalue = $single_returnvalue;
break;
}
}
} else {
$returnvalue = false;
if (isset($fielddata['string_type']) && $fielddata['string_type'] == 'mail') {
$returnvalue = filter_var($newfieldvalue, FILTER_VALIDATE_EMAIL) == $newfieldvalue;
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'url') {
$returnvalue = validateUrl($newfieldvalue);
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'dir') {
$returnvalue = $newfieldvalue == makeCorrectDir($newfieldvalue);
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'file') {
$returnvalue = $newfieldvalue == makeCorrectFile($newfieldvalue);
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'filedir') {
$returnvalue = $newfieldvalue == makeCorrectDir($newfieldvalue) || $newfieldvalue == makeCorrectFile($newfieldvalue);
} elseif (preg_match('/^[^\\r\\n\\t\\f\\0]*$/D', $newfieldvalue)) {
$returnvalue = true;
}
if (isset($fielddata['string_regexp']) && $fielddata['string_regexp'] != '') {
if (preg_match($fielddata['string_regexp'], $newfieldvalue)) {
$returnvalue = true;
} else {
$returnvalue = false;
}
}
if (isset($fielddata['string_emptyallowed']) && $fielddata['string_emptyallowed'] === true && $newfieldvalue === '') {
$returnvalue = true;
} elseif (isset($fielddata['string_emptyallowed']) && $fielddata['string_emptyallowed'] === false && $newfieldvalue === '') {
$returnvalue = 'stringmustntbeempty';
}
}
if ($returnvalue === true) {
return true;
} elseif ($returnvalue === false) {
return 'stringformaterror';
} else {
return $returnvalue;
}
}
/**
* Returns a valid html tag for the chosen $fieldType for paths
*
* @param string path The path to start searching in
* @param integer uid The uid which must match the found directories
* @param integer gid The gid which must match the found direcotries
* @param string value the value for the input-field
*
* @return string The html tag for the chosen $fieldType
*
* @author Martin Burchert <*****@*****.**>
* @author Manuel Bernhardt <*****@*****.**>
*/
function makePathfield($path, $uid, $gid, $value = '', $dom = false)
{
global $lng;
$value = str_replace($path, '', $value);
$field = array();
// path is given without starting slash
// but dirList holds the paths with starting slash
// so we just add one here to get the correct
// default path selected, #225
if (substr($value, 0, 1) != '/' && !$dom) {
$value = '/' . $value;
}
$fieldType = Settings::Get('panel.pathedit');
if ($fieldType == 'Manual') {
$field = array('type' => 'text', 'value' => htmlspecialchars($value));
} elseif ($fieldType == 'Dropdown') {
$dirList = findDirs($path, $uid, $gid);
natcasesort($dirList);
if (sizeof($dirList) > 0) {
if (sizeof($dirList) <= 100) {
$_field = '';
foreach ($dirList as $key => $dir) {
if (strpos($dir, $path) === 0) {
$dir = substr($dir, strlen($path));
// docroot cut off of current directory == empty -> directory is the docroot
if (empty($dir)) {
$dir = '/';
}
$dir = makeCorrectDir($dir);
}
$_field .= makeoption($dir, $dir, $value);
}
$field = array('type' => 'select', 'value' => $_field);
} else {
// remove starting slash we added
// for the Dropdown, #225
$value = substr($value, 1);
//$field = $lng['panel']['toomanydirs'];
$field = array('type' => 'text', 'value' => htmlspecialchars($value), 'note' => $lng['panel']['toomanydirs']);
}
} else {
//$field = $lng['panel']['dirsmissing'];
//$field = '<input type="hidden" name="path" value="/" />';
$field = array('type' => 'hidden', 'value' => '/', 'note' => $lng['panel']['dirsmissing']);
}
}
return $field;
}
/**
* checks give path for security issues
* and returns a string that can be appended
* to a line for a open_basedir directive
*
* @param string $path the path to check and append
* @param boolean $first if true, no ':' will be prefixed to the path
*
* @return string
*/
function appendOpenBasedirPath($path = '', $first = false)
{
$path = makeCorrectDir($path);
// check for php-version that requires the trailing
// slash to be removed as it does not allow the usage
// of the subfolders within the given folder, fixes #797
if (PHP_MINOR_VERSION == 2 && PHP_VERSION_ID >= 50216 || PHP_VERSION_ID >= 50304) {
// check trailing slash
if (substr($path, -1, 1) == '/') {
// remove it
$path = substr($path, 0, -1);
}
}
if ($path != '' && $path != '/' && (!preg_match("#^/dev#i", $path) || preg_match("#^/dev/urandom#i", $path)) && !preg_match("#^/proc#i", $path) && !preg_match("#^/etc#i", $path) && !preg_match("#^/sys#i", $path) && !preg_match("#:#", $path)) {
if ($first) {
return $path;
}
return ':' . $path;
}
return '';
}
/**
* Returns an array of found directories
*
* This function checks every found directory if they match either $uid or $gid, if they do
* the found directory is valid. It uses recursive-iterators to find subdirectories.
*
* @param string $path
* the path to start searching in
* @param int $uid
* the uid which must match the found directories
* @param int $gid
* the gid which must match the found direcotries
*
* @return array Array of found valid paths
*/
function findDirs($path, $uid, $gid)
{
$_fileList = array();
$path = makeCorrectDir($path);
// valid directory?
if (is_dir($path)) {
// Will exclude everything under these directories
$exclude = array('awstats', 'webalizer');
/**
*
* @param SplFileInfo $file
* @param mixed $key
* @param RecursiveCallbackFilterIterator $iterator
* @return bool True if you need to recurse or if the item is acceptable
*/
$filter = function ($file, $key, $iterator) use($exclude) {
if (in_array($file->getFilename(), $exclude)) {
return false;
}
return true;
};
// create RecursiveIteratorIterator
$its = new RecursiveIteratorIterator(new RecursiveCallbackFilterIterator(new IgnorantRecursiveDirectoryIterator($path, RecursiveDirectoryIterator::SKIP_DOTS), $filter));
// we can limit the recursion-depth, but will it be helpful or
// will people start asking "why do I only see 2 subdirectories, i want to use /a/b/c"
// let's keep this in mind and see whether it will be useful
// @TODO
// $its->setMaxDepth(2);
// check every file
foreach ($its as $fullFileName => $it) {
if ($it->isDir() && (fileowner($fullFileName) == $uid || filegroup($fullFileName) == $gid)) {
$_fileList[] = makeCorrectDir(dirname($fullFileName));
}
}
$_fileList[] = $path;
}
return array_unique($_fileList);
}
/**
* chowns either awstats or webalizer folder,
* either with webserver-user or - if fcgid
* is used - the customers name, #258
*
* @param array $row array if panel_customers
*
* @return void
*/
function makeChownWithNewStats($row)
{
// get correct user
if ((Settings::Get('system.mod_fcgid') == '1' || Settings::Get('phpfpm.enabled') == '1') && isset($row['deactivated']) && $row['deactivated'] == '0') {
$user = $row['loginname'];
$group = $row['loginname'];
} else {
$user = $row['guid'];
$group = $row['guid'];
}
// get correct directory
$dir = $row['documentroot'];
if (Settings::Get('system.awstats_enabled') == '1') {
$dir .= '/awstats/';
} else {
$dir .= '/webalizer/';
}
// only run chown if directory exists
if (file_exists($dir)) {
// run chown
safe_exec('chown -R ' . escapeshellarg($user) . ':' . escapeshellarg($group) . ' ' . escapeshellarg(makeCorrectDir($dir)));
}
}
/**
* Creates a directory below a users homedir and sets all directories,
* which had to be created below with correct Owner/Group
* (Copied from cron_tasks.php:rev1189 as we'll need this more often in future).
*
* @param string The homedir of the user
* @param string The dir which should be created
* @param int The uid of the user
* @param int The gid of the user
*
* @return bool true if everything went okay, false if something went wrong
*
* @author Florian Lippert <*****@*****.**>
* @author Martin Burchert <*****@*****.**>
*/
function mkDirWithCorrectOwnership($homeDir, $dirToCreate, $uid, $gid)
{
$returncode = true;
if ($homeDir != '' && $dirToCreate != '') {
$homeDir = makeCorrectDir($homeDir);
$dirToCreate = makeCorrectDir($dirToCreate);
if (substr($dirToCreate, 0, strlen($homeDir)) == $homeDir) {
$subdir = substr($dirToCreate, strlen($homeDir));
} else {
$subdir = $dirToCreate;
}
$subdir = makeCorrectDir($subdir);
$subdirlen = strlen($subdir);
$subdirs = array();
array_push($subdirs, $dirToCreate);
$offset = 0;
while ($offset < $subdirlen) {
$offset = strpos($subdir, '/', $offset);
$subdirelem = substr($subdir, 0, $offset);
++$offset;
array_push($subdirs, makeCorrectDir($homeDir . $subdirelem));
}
$subdirs = array_unique($subdirs);
sort($subdirs);
foreach ($subdirs as $sdir) {
if (!is_dir($sdir)) {
$sdir = makeCorrectDir($sdir);
safe_exec('mkdir -p ' . escapeshellarg($sdir));
safe_exec('chown -R ' . (int) $uid . ':' . (int) $gid . ' ' . escapeshellarg($sdir));
}
}
} else {
$returncode = false;
}
return $returncode;
}
}
}
} else {
$ssl_redirect = 0;
// we need this for the serialize
// if ssl is disabled or no ssl-ip/port exists
$ssl_ipandports[] = -1;
}
} else {
$ssl_redirect = 0;
// we need this for the serialize
// if ssl is disabled or no ssl-ip/port exists
$ssl_ipandports[] = -1;
}
if (!preg_match('/^https?\\:\\/\\//', $documentroot)) {
$documentroot = makeCorrectDir($documentroot);
}
if ($openbasedir != '1') {
$openbasedir = '0';
}
if ($isbinddomain != '1') {
$isbinddomain = '0';
}
if ($isemaildomain != '1') {
$isemaildomain = '0';
}
if ($email_only == '1') {
$isemaildomain = '1';
} else {
$email_only = '0';
}
/**
* Function which make webalizer statistics and returns used traffic since last run
*
* @param string Name of logfile
* @param string Place where stats should be build
* @param string Caption for webalizer output
* @return int Used traffic
* @author Florian Lippert <*****@*****.**>
*/
function callWebalizerGetTraffic($logfile, $outputdir, $caption, $usersdomainlist)
{
global $cronlog;
$returnval = 0;
$logfile = makeCorrectFile(Settings::Get('system.logfiles_directory') . $logfile . '-access.log');
if (file_exists($logfile)) {
$domainargs = '';
foreach ($usersdomainlist as $domainid => $domain) {
// hide referer
$domainargs .= ' -r ' . escapeshellarg($domain);
}
$outputdir = makeCorrectDir($outputdir);
if (!file_exists($outputdir)) {
safe_exec('mkdir -p ' . escapeshellarg($outputdir));
}
if (file_exists($outputdir . 'webalizer.hist.1')) {
@unlink($outputdir . 'webalizer.hist.1');
}
if (file_exists($outputdir . 'webalizer.hist') && !file_exists($outputdir . 'webalizer.hist.1')) {
safe_exec('cp ' . escapeshellarg($outputdir . 'webalizer.hist') . ' ' . escapeshellarg($outputdir . 'webalizer.hist.1'));
}
$verbosity = '';
if (Settings::Get('system.webalizer_quiet') == '1') {
$verbosity = '-q';
} elseif (Settings::Get('system.webalizer_quiet') == '2') {
$verbosity = '-Q';
}
$we = '/usr/bin/webalizer';
// FreeBSD uses other paths, #140
if (!file_exists($we)) {
$we = '/usr/local/bin/webalizer';
}
$cronlog->logAction(CRON_ACTION, LOG_INFO, "Running webalizer for domain '" . $caption . "'");
safe_exec($we . ' ' . $verbosity . ' -p -o ' . escapeshellarg($outputdir) . ' -n ' . escapeshellarg($caption) . $domainargs . ' ' . escapeshellarg($logfile));
/**
* Format of webalizer.hist-files:
* Month: $webalizer_hist_row['0']
* Year: $webalizer_hist_row['1']
* KB: $webalizer_hist_row['5']
*/
$httptraffic = array();
$webalizer_hist = @file_get_contents($outputdir . 'webalizer.hist');
$cronlog->logAction(CRON_ACTION, LOG_INFO, "Gathering traffic information from '" . $webalizer_hist . "'");
$webalizer_hist_rows = explode("\n", $webalizer_hist);
foreach ($webalizer_hist_rows as $webalizer_hist_row) {
if ($webalizer_hist_row != '') {
$webalizer_hist_row = explode(' ', $webalizer_hist_row);
if (isset($webalizer_hist_row['0']) && isset($webalizer_hist_row['1']) && isset($webalizer_hist_row['5'])) {
$month = intval($webalizer_hist_row['0']);
$year = intval($webalizer_hist_row['1']);
$traffic = floatval($webalizer_hist_row['5']);
if (!isset($httptraffic[$year])) {
$httptraffic[$year] = array();
}
$httptraffic[$year][$month] = $traffic;
}
}
}
reset($httptraffic);
$httptrafficlast = array();
$webalizer_lasthist = @file_get_contents($outputdir . 'webalizer.hist.1');
$cronlog->logAction(CRON_ACTION, LOG_INFO, "Gathering traffic information from '" . $webalizer_lasthist . "'");
$webalizer_lasthist_rows = explode("\n", $webalizer_lasthist);
foreach ($webalizer_lasthist_rows as $webalizer_lasthist_row) {
if ($webalizer_lasthist_row != '') {
$webalizer_lasthist_row = explode(' ', $webalizer_lasthist_row);
if (isset($webalizer_lasthist_row['0']) && isset($webalizer_lasthist_row['1']) && isset($webalizer_lasthist_row['5'])) {
$month = intval($webalizer_lasthist_row['0']);
$year = intval($webalizer_lasthist_row['1']);
$traffic = floatval($webalizer_lasthist_row['5']);
if (!isset($httptrafficlast[$year])) {
$httptrafficlast[$year] = array();
}
$httptrafficlast[$year][$month] = $traffic;
}
}
}
reset($httptrafficlast);
foreach ($httptraffic as $year => $months) {
foreach ($months as $month => $traffic) {
if (!isset($httptrafficlast[$year][$month])) {
$returnval += $traffic;
} elseif ($httptrafficlast[$year][$month] < $httptraffic[$year][$month]) {
$returnval += $httptraffic[$year][$month] - $httptrafficlast[$year][$month];
}
}
}
}
return floatval($returnval);
}
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <*****@*****.**> (2003-2009)
* @author Froxlor team <*****@*****.**> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function validateFormFieldString($fieldname, $fielddata, $newfieldvalue)
{
if (isset($fielddata['string_delimiter']) && $fielddata['string_delimiter'] != '') {
$newfieldvalues = array_map('trim', explode($fielddata['string_delimiter'], $newfieldvalue));
unset($fielddata['string_delimiter']);
$returnvalue = true;
foreach ($newfieldvalues as $single_newfieldvalue) {
/**
* don't use tabs in value-fields, #81
*/
$single_newfieldvalue = str_replace("\t", " ", $single_newfieldvalue);
$single_returnvalue = validateFormFieldString($fieldname, $fielddata, $single_newfieldvalue);
if ($single_returnvalue !== true) {
$returnvalue = $single_returnvalue;
break;
}
}
} else {
$returnvalue = false;
/**
* don't use tabs in value-fields, #81
*/
$newfieldvalue = str_replace("\t", " ", $newfieldvalue);
if (isset($fielddata['string_type']) && $fielddata['string_type'] == 'mail') {
$returnvalue = filter_var($newfieldvalue, FILTER_VALIDATE_EMAIL) == $newfieldvalue;
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'url') {
$returnvalue = validateUrl($newfieldvalue);
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'dir') {
// check for empty value (it might be allowed)
if (trim($newfieldvalue) == '') {
$newfieldvalue = '';
$returnvalue = 'stringmustntbeempty';
} else {
// add trailing slash to validate path if needed
// refs #331
if (substr($newfieldvalue, -1) != '/') {
$newfieldvalue .= '/';
}
$returnvalue = $newfieldvalue == makeCorrectDir($newfieldvalue);
}
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'confdir') {
// check for empty value (it might be allowed)
if (trim($newfieldvalue) == '') {
$newfieldvalue = '';
$returnvalue = 'stringmustntbeempty';
} else {
// add trailing slash to validate path if needed
// refs #331
if (substr($newfieldvalue, -1) != '/') {
$newfieldvalue .= '/';
}
// if this is a configuration directory, check for stupidity of admins :p
if (checkDisallowedPaths($newfieldvalue) !== true) {
$newfieldvalue = '';
$returnvalue = 'givendirnotallowed';
} else {
$returnvalue = $newfieldvalue == makeCorrectDir($newfieldvalue);
}
}
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'file') {
// check for empty value (it might be allowed)
if (trim($newfieldvalue) == '') {
$newfieldvalue = '';
$returnvalue = 'stringmustntbeempty';
} else {
$returnvalue = $newfieldvalue == makeCorrectFile($newfieldvalue);
}
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'filedir') {
// check for empty value (it might be allowed)
if (trim($newfieldvalue) == '') {
$newfieldvalue = '';
$returnvalue = 'stringmustntbeempty';
} else {
$returnvalue = $newfieldvalue == makeCorrectDir($newfieldvalue) || $newfieldvalue == makeCorrectFile($newfieldvalue);
}
} elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'validate_ip') {
$newfieldvalue = validate_ip2($newfieldvalue);
$returnvalue = $newfieldvalue !== false ? true : 'invalidip';
} elseif (preg_match('/^[^\\r\\n\\t\\f\\0]*$/D', $newfieldvalue)) {
$returnvalue = true;
}
if (isset($fielddata['string_regexp']) && $fielddata['string_regexp'] != '') {
if (preg_match($fielddata['string_regexp'], $newfieldvalue)) {
$returnvalue = true;
} else {
$returnvalue = false;
}
}
if (isset($fielddata['string_emptyallowed']) && $fielddata['string_emptyallowed'] === true && $newfieldvalue === '') {
$returnvalue = true;
} elseif (isset($fielddata['string_emptyallowed']) && $fielddata['string_emptyallowed'] === false && $newfieldvalue === '') {
$returnvalue = 'stringmustntbeempty';
}
}
if ($returnvalue === true) {
return true;
} elseif ($returnvalue === false) {
return 'stringformaterror';
} else {
return $returnvalue;
}
}
standard_error('maindomainnonexist', $domain);
}
$username = $ftpusername . '@' . $ftpdomain;
} else {
$username = $userinfo['loginname'] . $settings['customer']['ftpprefix'] . (intval($userinfo['ftp_lastaccountnumber']) + 1);
}
$username_check = $db->query_first('SELECT * FROM `' . TABLE_FTP_USERS . '` WHERE `username` = \'' . $db->escape($username) . '\'');
if (!empty($username_check) && ($username_check['username'] = $username)) {
standard_error('usernamealreadyexists', $username);
} elseif ($password == '') {
standard_error(array('stringisempty', 'mypassword'));
} elseif ($path == '') {
standard_error('patherror');
} else {
$userpath = makeCorrectDir($path);
$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
$db->query('INSERT INTO `' . TABLE_FTP_USERS . "` (`customerid`, `username`, `password`, `homedir`, `login_enabled`, `uid`, `gid`) VALUES ('" . (int) $userinfo['customerid'] . "', '" . $db->escape($username) . "', ENCRYPT('" . $db->escape($password) . "'), '" . $db->escape($path) . "', 'y', '" . (int) $userinfo['guid'] . "', '" . (int) $userinfo['guid'] . "')");
$db->query('UPDATE `' . TABLE_FTP_GROUPS . "` SET `members`=CONCAT_WS(',',`members`,'" . $db->escape($username) . "') WHERE `customerid`='" . $userinfo['customerid'] . "' AND `gid`='" . (int) $userinfo['guid'] . "'");
// $db->query("INSERT INTO `".TABLE_FTP_GROUPS."` (`customerid`, `groupname`, `gid`, `members`) VALUES ('".$userinfo['customerid']."', '$username', '$uid', '$username')");
$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . "` SET `ftps_used`=`ftps_used`+1, `ftp_lastaccountnumber`=`ftp_lastaccountnumber`+1 WHERE `customerid`='" . (int) $userinfo['customerid'] . "'");
// $db->query("UPDATE `".TABLE_PANEL_SETTINGS."` SET `value`='$uid' WHERE settinggroup='ftp' AND varname='lastguid'");
$log->logAction(USR_ACTION, LOG_INFO, "added ftp-account '" . $username . ' (' . $path . ")'");
inserttask(5);
redirectTo($filename, array('page' => $page, 's' => $s));
}
} else {
$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
if ($settings['customer']['ftpatdomain'] == '1') {
$domains = '';
$result_domains = $db->query('SELECT `domain` FROM `' . TABLE_PANEL_DOMAINS . "` WHERE `customerid`='" . (int) $userinfo['customerid'] . "'");
while ($row_domain = $db->fetch_array($result_domains)) {
