/**
* Cronjob function to end a cronjob in a critical condition
* but not without sending a notification mail to the admin
*
* @param string $message
* @param string $subject
*
* @return void
*/
function dieWithMail($message, $subject = "[froxlor] Cronjob error")
{
if (Settings::Get('system.send_cron_errors') == '1') {
$_mail = new PHPMailer(true);
$_mail->CharSet = "UTF-8";
if (PHPMailer::ValidateAddress(Settings::Get('panel.adminmail')) !== false) {
// set return-to address and custom sender-name, see #76
$_mail->SetFrom(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname'));
if (Settings::Get('panel.adminmail_return') != '') {
$_mail->AddReplyTo(Settings::Get('panel.adminmail_return'), Settings::Get('panel.adminmail_defname'));
}
}
$_mailerror = false;
try {
$_mail->Subject = $subject;
$_mail->AltBody = $message;
$_mail->MsgHTML(nl2br($message));
$_mail->AddAddress(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname'));
$_mail->Send();
} catch (phpmailerException $e) {
$mailerr_msg = $e->errorMessage();
$_mailerror = true;
} catch (Exception $e) {
$mailerr_msg = $e->getMessage();
$_mailerror = true;
}
$_mail->ClearAddresses();
if ($_mailerror) {
echo 'Error sending mail: ' . $mailerr_msg . "\n";
}
}
die($message);
}
/**
* Make crypted password from clear text password
*
* @author Michal Wojcik <*****@*****.**>
* @author Michael Kaufmann <*****@*****.**>
* @author Froxlor team <*****@*****.**> (2010-)
*
* 0 - default crypt (depenend on system configuration)
* 1 - MD5 $1$
* 2 - BLOWFISH $2a$ | $2y$07$ (on php 5.3.7+)
* 3 - SHA-256 $5$ (default)
* 4 - SHA-512 $6$
*
* @param string $password Password to be crypted
*
* @return string encrypted password
*/
function makeCryptPassword($password)
{
$type = Settings::Get('system.passwordcryptfunc') !== null ? (int) Settings::Get('system.passwordcryptfunc') : 3;
switch ($type) {
case 0:
$cryptPassword = crypt($password);
break;
case 1:
$cryptPassword = crypt($password, '$1$' . generatePassword(true) . generatePassword(true));
break;
case 2:
if (version_compare(phpversion(), '5.3.7', '<')) {
$cryptPassword = crypt($password, '$2a$' . generatePassword(true) . generatePassword(true));
} else {
// Blowfish hashing with a salt as follows: "$2a$", "$2x$" or "$2y$",
// a two digit cost parameter, "$", and 22 characters from the alphabet "./0-9A-Za-z"
$cryptPassword = crypt($password, '$2y$07$' . substr(generatePassword(true) . generatePassword(true) . generatePassword(true), 0, 22));
}
break;
case 3:
$cryptPassword = crypt($password, '$5$' . generatePassword(true) . generatePassword(true));
break;
case 4:
$cryptPassword = crypt($password, '$6$' . generatePassword(true) . generatePassword(true));
break;
default:
$cryptPassword = crypt($password);
break;
}
return $cryptPassword;
}
/**
* Function hasUpdates
*
* checks if a given version is not equal the current one
*
* @param string $to_check version to check
*
* @return bool true if version to check does not match, else false
*/
function hasUpdates($to_check = null)
{
if (Settings::Get('panel.version') == null || Settings::Get('panel.version') != $to_check) {
return true;
}
return false;
}
/**
* Whenever the webserver- / FCGID- or FPM-user gets updated
* we need to update ftp_groups accordingly
*/
function storeSettingWebserverFcgidFpmUser($fieldname, $fielddata, $newfieldvalue)
{
if (is_array($fielddata) && isset($fielddata['settinggroup']) && isset($fielddata['varname'])) {
$update_user = null;
// webserver
if ($fielddata['settinggroup'] == 'system' && $fielddata['varname'] == 'httpuser') {
$update_user = Settings::Get('system.httpuser');
}
// fcgid
if ($fielddata['settinggroup'] == 'system' && $fielddata['varname'] == 'mod_fcgid_httpuser') {
$update_user = Settings::Get('system.mod_fcgid_httpuser');
}
// webserver
if ($fielddata['settinggroup'] == 'phpfpm' && $fielddata['varname'] == 'vhost_httpuser') {
$update_user = Settings::Get('phpfpm.vhost_httpuser');
}
$returnvalue = storeSettingField($fieldname, $fielddata, $newfieldvalue);
if ($returnvalue !== false) {
/**
* only update if anything changed
*/
if ($update_user != null && $newfieldvalue != $update_user) {
$upd_stmt = Database::prepare("UPDATE `" . TABLE_FTP_GROUPS . "` SET `members` = REPLACE(`members`, :olduser, :newuser)");
Database::pexecute($upd_stmt, array('olduser' => $update_user, 'newuser' => $newfieldvalue));
}
}
}
return $returnvalue;
}
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <*****@*****.**> (2003-2009)
* @author Froxlor team <*****@*****.**> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function storeSettingDefaultIp($fieldname, $fielddata, $newfieldvalue)
{
$defaultips_old = Settings::Get('system.defaultip');
$returnvalue = storeSettingField($fieldname, $fielddata, $newfieldvalue);
if ($returnvalue !== false && is_array($fielddata) && isset($fielddata['settinggroup']) && $fielddata['settinggroup'] == 'system' && isset($fielddata['varname']) && $fielddata['varname'] == 'defaultip') {
$customerstddomains_result_stmt = Database::prepare("\n\t\t\tSELECT `standardsubdomain` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `standardsubdomain` <> '0'\n\t\t");
Database::pexecute($customerstddomains_result_stmt);
$ids = array();
while ($customerstddomains_row = $customerstddomains_result_stmt->fetch(PDO::FETCH_ASSOC)) {
$ids[] = (int) $customerstddomains_row['standardsubdomain'];
}
if (count($ids) > 0) {
$defaultips_new = explode(',', $newfieldvalue);
// Delete the existing mappings linking to default IPs
$del_stmt = Database::prepare("\n\t\t\t\t\tDELETE FROM `" . TABLE_DOMAINTOIP . "`\n\t\t\t\t\tWHERE `id_domain` IN (" . implode(', ', $ids) . ")\n\t\t\t\t\tAND `id_ipandports` IN (" . $defaultips_old . ", " . $newfieldvalue . ")\n\t\t\t");
Database::pexecute($del_stmt);
// Insert the new mappings
$ins_stmt = Database::prepare("\n\t\t\t\tINSERT INTO `" . TABLE_DOMAINTOIP . "`\n\t\t\t\tSET `id_domain` = :domainid, `id_ipandports` = :ipandportid\n\t\t\t");
foreach ($ids as $id) {
foreach ($defaultips_new as $defaultip_new) {
Database::pexecute($ins_stmt, array('domainid' => $id, 'ipandportid' => $defaultip_new));
}
}
}
}
return $returnvalue;
}
/**
* This file is part of the Froxlor project.
* Copyright (c) 2011- the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <*****@*****.**> (2011-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function getFilesystemQuota()
{
// enabled at all?
if (Settings::Get('system.diskquota_enabled')) {
// set linux defaults
$repquota_params = "-np";
//$quota_line_regex = "/^#([0-9]+)\s*[+-]{2}\s*(\d+)\s*(\d+)\s*(\d+)\s*(\d+)\s*(\d+)\s*(\d+)\s*(\d+)\s*(\d+)/i";
$quota_line_regex = "/^#([0-9]+)\\s+[+-]{2}\\s+(\\d+)\\s+(\\d+)\\s+(\\d+)\\s+(\\d+)\\s+(\\d+)\\s+(\\d+)\\s+(\\d+)\\s+(\\d+)/i";
// check for freebsd - which needs other values
if (isFreeBSD()) {
$repquota_params = "-nu";
$quota_line_regex = "/^([0-9]+)\\s+[+-]{2}\\s+(\\d+)\\s+(\\d+)\\s+(\\d+)\\s+(\\S+)\\s+(\\d+)\\s+(\\d+)\\s+(\\d+)\\s+(\\S+)/i";
}
// Fetch all quota in the desired partition
exec(Settings::Get('system.diskquota_repquota_path') . " " . $repquota_params . " " . escapeshellarg(Settings::Get('system.diskquota_customer_partition')), $repquota);
$usedquota = array();
foreach ($repquota as $tmpquota) {
// Let's see if the line matches a quota - line
if (preg_match($quota_line_regex, $tmpquota, $matches)) {
// It matches - put it into an array with userid as key (for easy lookup later)
$usedquota[$matches[1]] = array('block' => array('used' => $matches[2], 'soft' => $matches[3], 'hard' => $matches[4], 'grace' => isFreeBSD() ? '0' : $matches[5]), 'file' => array('used' => $matches[6], 'soft' => $matches[7], 'hard' => $matches[8], 'grace' => isFreeBSD() ? '0' : $matches[9]));
}
}
return $usedquota;
}
return false;
}
/**
* store the default index-file in a given destination folder
*
* @param string $loginname customers loginname
* @param string $destination path where to create the file
* @param object $logger FroxlorLogger object
* @param boolean $force force creation whatever the settings say (needed for task #2, create new user)
*
* @return null
*/
function storeDefaultIndex($loginname = null, $destination = null, $logger = null, $force = false)
{
if ($force || (int) Settings::Get('system.store_index_file_subs') == 1) {
$result_stmt = Database::prepare("\n\t\t\tSELECT `t`.`value`, `c`.`email` AS `customer_email`, `a`.`email` AS `admin_email`, `c`.`loginname` AS `customer_login`, `a`.`loginname` AS `admin_login`\n\t\t\tFROM `" . TABLE_PANEL_CUSTOMERS . "` AS `c` INNER JOIN `" . TABLE_PANEL_ADMINS . "` AS `a`\n\t\t\tON `c`.`adminid` = `a`.`adminid`\n\t\t\tINNER JOIN `" . TABLE_PANEL_TEMPLATES . "` AS `t`\n\t\t\tON `a`.`adminid` = `t`.`adminid`\n\t\t\tWHERE `varname` = 'index_html' AND `c`.`loginname` = :loginname");
Database::pexecute($result_stmt, array('loginname' => $loginname));
if (Database::num_rows() > 0) {
$template = $result_stmt->fetch(PDO::FETCH_ASSOC);
$replace_arr = array('SERVERNAME' => Settings::Get('system.hostname'), 'CUSTOMER' => $template['customer_login'], 'ADMIN' => $template['admin_login'], 'CUSTOMER_EMAIL' => $template['customer_email'], 'ADMIN_EMAIL' => $template['admin_email']);
$htmlcontent = replace_variables($template['value'], $replace_arr);
$indexhtmlpath = makeCorrectFile($destination . '/index.' . Settings::Get('system.index_file_extension'));
$index_html_handler = fopen($indexhtmlpath, 'w');
fwrite($index_html_handler, $htmlcontent);
fclose($index_html_handler);
if ($logger !== null) {
$logger->logAction(CRON_ACTION, LOG_NOTICE, 'Creating \'index.' . Settings::Get('system.index_file_extension') . '\' for Customer \'' . $template['customer_login'] . '\' based on template in directory ' . escapeshellarg($indexhtmlpath));
}
} else {
$destination = makeCorrectDir($destination);
if ($logger !== null) {
$logger->logAction(CRON_ACTION, LOG_NOTICE, 'Running: cp -a ' . FROXLOR_INSTALL_DIR . '/templates/misc/standardcustomer/* ' . escapeshellarg($destination));
}
safe_exec('cp -a ' . FROXLOR_INSTALL_DIR . '/templates/misc/standardcustomer/* ' . escapeshellarg($destination));
}
}
return;
}
public function createOwnVhostStarter()
{
if (Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.enabled_ownvhost') == '1') {
$mypath = makeCorrectDir(dirname(dirname(dirname(__FILE__))));
// /var/www/froxlor, needed for chown
$user = Settings::Get('phpfpm.vhost_httpuser');
$group = Settings::Get('phpfpm.vhost_httpgroup');
$domain = array('id' => 'none', 'domain' => Settings::Get('system.hostname'), 'adminid' => 1, 'mod_fcgid_starter' => -1, 'mod_fcgid_maxrequests' => -1, 'guid' => $user, 'openbasedir' => 0, 'email' => Settings::Get('panel.adminmail'), 'loginname' => 'froxlor.panel', 'documentroot' => $mypath);
// all the files and folders have to belong to the local user
// now because we also use fcgid for our own vhost
safe_exec('chown -R ' . $user . ':' . $group . ' ' . escapeshellarg($mypath));
// get php.ini for our own vhost
$php = new phpinterface($domain);
// get php-config
if (Settings::Get('phpfpm.enabled') == '1') {
// fpm
$phpconfig = $php->getPhpConfig(Settings::Get('phpfpm.vhost_defaultini'));
} else {
// fcgid
$phpconfig = $php->getPhpConfig(Settings::Get('system.mod_fcgid_defaultini_ownvhost'));
}
// create starter-file | config-file
$php->getInterface()->createConfig($phpconfig);
// create php.ini (fpm does nothing here, as it
// defines ini-settings in its pool config)
$php->getInterface()->createIniFile($phpconfig);
}
}
/**
* this functions validates a given value as ErrorDocument
* refs #267
*
* @param string error-document-string
*
* @return string error-document-string
*
*/
function correctErrorDocument($errdoc = null)
{
global $idna_convert;
if ($errdoc !== null && $errdoc != '') {
// not a URL
if (strtoupper(substr($errdoc, 0, 5)) != 'HTTP:' && strtoupper(substr($errdoc, 0, 6)) != 'HTTPS:' || !validateUrl($errdoc)) {
// a file
if (substr($errdoc, 0, 1) != '"') {
$errdoc = makeCorrectFile($errdoc);
// apache needs a starting-slash (starting at the domains-docroot)
if (!substr($errdoc, 0, 1) == '/') {
$errdoc = '/' . $errdoc;
}
} else {
// string won't work for lighty
if (Settings::Get('system.webserver') == 'lighttpd') {
standard_error('stringerrordocumentnotvalidforlighty');
} elseif (substr($errdoc, -1) != '"') {
$errdoc .= '"';
}
}
} else {
if (Settings::Get('system.webserver') == 'lighttpd') {
standard_error('urlerrordocumentnotvalidforlighty');
}
}
}
return $errdoc;
}
/**
* Instantiate object
* @global object $config Site configuration settings
* @return object Returns object of class type
*/
public function __construct()
{
global $config;
$this->config = $config;
$this->phpmailer = new PHPMailer();
// Retrieve "From" name and address
$url = parse_url(HOST);
$this->from_name = Settings::Get('from_name');
$this->from_address = Settings::Get('from_address');
$this->from_name = empty($this->from_name) ? $this->config->sitename : $this->from_name;
$this->from_address = empty($this->from_address) ? 'cumulusclips@' . $url['host'] : $this->from_address;
$this->phpmailer->FromName = $this->from_name;
$this->phpmailer->From = $this->from_address;
// Retrieve SMTP settings
$smtp = unserialize(Settings::Get('smtp'));
if ($smtp->enabled == '1') {
// PHPMailer SMTP Connection Settings
$this->phpmailer->IsSMTP();
// telling the class to use SMTP
$this->phpmailer->SMTPAuth = true;
// enable SMTP authentication
$this->phpmailer->Host = $smtp->host;
// sets the SMTP server
$this->phpmailer->Port = $smtp->port;
// set the port for the SMTP server
$this->phpmailer->Username = $smtp->username;
// SMTP account username
$this->phpmailer->Password = $smtp->password;
// SMTP account password
}
}
static function getCategoryGames($tag, $game_limit)
{
$games = array();
if (Settings::Get('homepage_order') == 'random') {
$order = 'rand()';
} else {
if (Settings::Get('homepage_order') == 'newest') {
$order = 'tbl_games.game_id DESC';
} else {
if (Settings::Get('homepage_order') == 'rating') {
$order = 'rating DESC';
}
}
}
$result = Game::query('SELECT tbl_games.game_id, title, plays, tbl_games.desc, catID FROM tbl_games, tbl_tag_relations WHERE tag_id=' . $tag . ' AND tbl_tag_relations.game_id=tbl_games.game_id ORDER BY ' . $order . ' LIMIT ' . $game_limit);
while ($row = $result->fetch_assoc()) {
$description_stripped = strip_tags($row['desc']);
$game['plays'] = $row['plays'];
$game['id'] = $row['game_id'];
$game['file'] = Utils::TitleToFile($row['title']);
$game['name'] = Utils::shortenStr($row['title'], Settings::Get('home_game_chars'));
$game['description'] = Utils::shortenStr($description_stripped, Settings::Get('home_game_desc_chars'));
$game['url'] = Settings::Get('site_url') . '/view/' . $row['game_id'];
//Utils::GameUrl($row['game_id'], $row['title'], $row['catID']);
$game['image_url'] = Utils::FileToGameImageURL($game['file'], 'png');
/*if ($this->request['admin'] == 1) {
$game['admin_edit'] = '<a href="' . $this->request['settings']->get('site_url') . '/admin/?task=manage_games#id=' . $row['game_id'] . '">Edit</a>';
} else {
$game['admin_edit'] = '';
}*/
$game['admin_edit'] = '';
array_push($games, $game);
}
return $games;
}
/**
* constructor
* @param string logFile
* @param int startTime
* @param string logFileExim
*/
public function __construct($startTime = 0)
{
$this->startTime = $startTime;
// Get all domains from Database
$stmt = Database::prepare("SELECT domain FROM `" . TABLE_PANEL_DOMAINS . "`");
Database::pexecute($stmt, array());
while ($domain_row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$this->myDomains[] = $domain_row["domain"];
}
// Parse MTA traffic
if (Settings::Get("system.mtaserver") == "postfix") {
$this->_parsePostfixLog(Settings::Get("system.mtalog"));
$this->_parsePostfixLog(Settings::Get("system.mtalog") . ".1");
} elseif (Settings::Get("system.mtaserver") == "exim4") {
$this->_parseExim4Log(Settings::Get("system.mtalog"));
}
// Parse MDA traffic
if (Settings::Get("system.mdaserver") == "dovecot") {
$this->_parseDovecotLog(Settings::Get("system.mdalog"));
$this->_parsePostfixLog(Settings::Get("system.mdalog") . ".1");
} elseif (Settings::Get("system.mdaserver") == "courier") {
$this->_parseCourierLog(Settings::Get("system.mdalog"));
$this->_parsePostfixLog(Settings::Get("system.mdalog") . ".1");
}
}
/**
* Function validatePasswordLogin
*
* compare user password-hash with given user-password
* and check if they are the same
* additionally it updates the hash if the system settings changed
* or if the very old md5() sum is used
*
* @param array $userinfo user-data from table
* @param string $password the password to validate
* @param string $table either panel_customers or panel_admins
* @param string $uid user-id-field in $table
*
* @return boolean
*/
function validatePasswordLogin($userinfo = null, $password = null, $table = 'panel_customers', $uid = 'customerid')
{
$systype = 3;
// SHA256
if (Settings::Get('system.passwordcryptfunc') !== null) {
$systype = (int) Settings::Get('system.passwordcryptfunc');
}
$pwd_hash = $userinfo['password'];
$update_hash = false;
// check for good'ole md5
if (strlen($pwd_hash) == 32 && ctype_xdigit($pwd_hash)) {
$pwd_check = md5($password);
$update_hash = true;
} else {
// cut out the salt from the hash
$pwd_salt = str_replace(substr(strrchr($pwd_hash, "\$"), 1), "", $pwd_hash);
// create same hash to compare
$pwd_check = crypt($password, $pwd_salt);
// check whether the hash needs to be updated
$hash_type_chk = substr($pwd_hash, 0, 3);
if ($systype == 1 && $hash_type_chk != '$1$' || $systype == 2 && $hash_type_chk != '$2$' || $systype == 3 && $hash_type_chk != '$5$' || $systype == 4 && $hash_type_chk != '$6$') {
$update_hash = true;
}
}
if ($pwd_hash == $pwd_check) {
// check for update of hash
if ($update_hash) {
$upd_stmt = Database::prepare("\n\t\t\t\tUPDATE " . $table . " SET `password` = :newpasswd WHERE `" . $uid . "` = :uid\n\t\t\t");
$params = array('newpasswd' => makeCryptPassword($password), 'uid' => $userinfo[$uid]);
Database::pexecute($upd_stmt, $params);
}
return true;
}
return false;
}
function assignCompanyInfoAndTheme()
{
$this->assign('url', Settings::Get('hosturl', Resources::Get('site.url')));
$this->assign('company', Settings::Get('company_name', Resources::Get('company.webim')));
$this->assign('logo', Settings::Get('logo', WEBIM_ROOT . '/themes/default/images/logo.gif'));
$this->assign('theme', Browser::getCurrentTheme());
}
/**
* read domain-related (or if empty, parentdomain-related) ssl-certificates from the database
* and (if not empty) set the corresponding array-indices (ssl_cert_file, ssl_key_file,
* ssl_ca_file and ssl_cert_chainfile). Hence the parameter as reference.
*
* @param array $domain domain-array as reference so we can set the corresponding array-indices
*
* @return null
*/
public function setDomainSSLFilesArray(array &$domain = null)
{
// check if the domain itself has a certificate defined
$dom_certs_stmt = Database::prepare("\n\t\t\tSELECT * FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "` WHERE `domainid` = :domid\n\t\t");
$dom_certs = Database::pexecute_first($dom_certs_stmt, array('domid' => $domain['id']));
if (!is_array($dom_certs) || !isset($dom_certs['ssl_cert_file']) || $dom_certs['ssl_cert_file'] == '') {
// maybe its parent?
if ($domain['parentdomainid'] != null) {
$dom_certs = Database::pexecute_first($dom_certs_stmt, array('domid' => $domain['parentdomainid']));
}
}
// check if it's an array and if the most important field is set
if (is_array($dom_certs) && isset($dom_certs['ssl_cert_file']) && $dom_certs['ssl_cert_file'] != '') {
// get destination path
$sslcertpath = makeCorrectDir(Settings::Get('system.customer_ssl_path'));
// create path if it does not exist
if (!file_exists($sslcertpath)) {
safe_exec('mkdir -p ' . escapeshellarg($sslcertpath));
}
// make correct files for the certificates
$ssl_files = array('ssl_cert_file' => makeCorrectFile($sslcertpath . '/' . $domain['domain'] . '.crt'), 'ssl_key_file' => makeCorrectFile($sslcertpath . '/' . $domain['domain'] . '.key'));
if (Settings::Get('system.webserver') == 'lighttpd') {
// put my.crt and my.key together for lighty.
$dom_certs['ssl_cert_file'] = trim($dom_certs['ssl_cert_file']) . "\n" . trim($dom_certs['ssl_key_file']) . "\n";
$ssl_files['ssl_key_file'] = '';
}
// initialize optional files
$ssl_files['ssl_ca_file'] = '';
$ssl_files['ssl_cert_chainfile'] = '';
// set them if they are != empty
if ($dom_certs['ssl_ca_file'] != '') {
$ssl_files['ssl_ca_file'] = makeCorrectFile($sslcertpath . '/' . $domain['domain'] . '_CA.pem');
}
if ($dom_certs['ssl_cert_chainfile'] != '') {
if (Settings::Get('system.webserver') == 'nginx') {
// put ca.crt in my.crt, as nginx does not support a separate chain file.
$dom_certs['ssl_cert_file'] = trim($dom_certs['ssl_cert_file']) . "\n" . trim($dom_certs['ssl_cert_chainfile']) . "\n";
} else {
$ssl_files['ssl_cert_chainfile'] = makeCorrectFile($sslcertpath . '/' . $domain['domain'] . '_chain.pem');
}
}
// create them on the filesystem
foreach ($ssl_files as $type => $filename) {
if ($filename != '') {
touch($filename);
$_fh = fopen($filename, 'w');
fwrite($_fh, $dom_certs[$type]);
fclose($_fh);
chmod($filename, 0600);
}
}
// override corresponding array values
$domain['ssl_cert_file'] = $ssl_files['ssl_cert_file'];
$domain['ssl_key_file'] = $ssl_files['ssl_key_file'];
$domain['ssl_ca_file'] = $ssl_files['ssl_ca_file'];
$domain['ssl_cert_chainfile'] = $ssl_files['ssl_cert_chainfile'];
}
return;
}
/**
* set interface-object by type of
* php-interface: fcgid or php-fpm
* sets private $_interface variable
*/
private function _setInterface()
{
// php-fpm
if ((int) Settings::Get('phpfpm.enabled') == 1) {
$this->_interface = new phpinterface_fpm($this->_domain);
} elseif ((int) Settings::Get('system.mod_fcgid') == 1) {
$this->_interface = new phpinterface_fcgid($this->_domain);
}
}
function soap_client($n, $async = false, $username = null, $password = null)
{
$settings = Settings::Get();
$r = $settings->getNode($n);
if (!$r) {
throw new Exception("Node not configured");
}
return $r->soap($async, $username, $password);
}
public function action_recover($hash = null)
{
if (Input::Method() === "POST") {
if ($user = \Model\Auth_User::find_by_email(Input::POST('email'))) {
// generate a recovery hash
$hash = \Auth::instance()->hash_password(\Str::random()) . $user->id;
// and store it in the user profile
\Auth::update_user(array('lostpassword_hash' => $hash, 'lostpassword_created' => time()), $user->username);
// send an email out with a reset link
\Package::load('email');
$email = \Email::forge();
$html = 'Your password recovery link <a href="' . Uri::Create('login/recover/' . $hash) . '">Recover My Password!</a>';
// use a view file to generate the email message
$email->html_body($html);
// give it a subject
$email->subject(\Settings::Get('site_name') . ' Password Recovery');
// GET ADMIN EMAIL FROM SETTINGS?
$admin_email = Settings::get('admin_email');
if (empty($admin_email) === false) {
$from = $admin_email;
} else {
$from = 'support@' . str_replace('http:', '', str_replace('/', '', Uri::Base(false)));
}
$email->from($from);
$email->to($user->email, $user->fullname);
// and off it goes (if all goes well)!
try {
// send the email
$email->send();
Session::set('success', 'Email has been sent to ' . $user->email . '! Please check your spam folder!');
} catch (\Exception $e) {
Session::Set('error', 'We failed to send the eamil , contact ' . $admin_email);
\Response::redirect_back();
}
} else {
Session::Set('error', 'Sorry there is not a matching email!');
}
} elseif (empty($hash) === false) {
$hash = str_replace(Uri::Create('login/recover/'), '', Uri::current());
$user = substr($hash, 44);
if ($user = \Model\Auth_User::find_by_id($user)) {
// do we have this hash for this user, and hasn't it expired yet , must be within 24 hours
if (isset($user->lostpassword_hash) and $user->lostpassword_hash == $hash and time() - $user->lostpassword_created < 86400) {
// invalidate the hash
\Auth::update_user(array('lostpassword_hash' => null, 'lostpassword_created' => null), $user->username);
// log the user in and go to the profile to change the password
if (\Auth::instance()->force_login($user->id)) {
Session::Set('current_password', Auth::reset_password($user->username));
Response::Redirect(Uri::Create('user/settings'));
}
}
}
Session::Set('error', 'Invalid Hash!');
}
$this->template->content = View::forge('login/recover');
}
/**
* This file is part of the Froxlor project.
* Copyright (c) 2013 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Michael Kaufmann <*****@*****.**>
* @author Froxlor team <*****@*****.**> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package AJAX
*
*/
function checkPhpInterfaceSetting($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues)
{
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_OK);
if ((int) Settings::Get('system.mod_fcgid') == 1) {
// now check if we enable a webserver != apache
if (strtolower($newfieldvalue) != 'apache2') {
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_ERROR, 'fcgidstillenableddeadlock');
}
}
return $returnvalue;
}
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <*****@*****.**> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function checkFcgidPhpFpm($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues)
{
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_OK);
// check whether fcgid should be enabled but php-fpm is
if ($fieldname == 'system_mod_fcgid_enabled' && (int) $newfieldvalue == 1 && (int) Settings::Get('phpfpm.enabled') == 1) {
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_ERROR, 'phpfpmstillenabled');
} elseif ($fieldname == 'system_phpfpm_enabled' && (int) $newfieldvalue == 1 && (int) Settings::Get('system.mod_fcgid') == 1) {
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_ERROR, 'fcgidstillenabled');
}
return $returnvalue;
}
/**
* This file is part of the Froxlor project.
* Copyright (c) 2013 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Michael Kaufmann <*****@*****.**>
* @author Froxlor team <*****@*****.**> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package AJAX
*
*/
function checkPhpInterfaceSetting($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues)
{
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_OK);
if ((int) Settings::Get('system.mod_fcgid') == 1) {
// fcgid only works for apache and lighttpd
if (strtolower($newfieldvalue) != 'apache2' && strtolower($newfieldvalue) != 'lighttpd') {
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_ERROR, 'fcgidstillenableddeadlock');
}
}
return $returnvalue;
}
public function before()
{
// Lets render the template
parent::before();
// Check to see if the config exsists
if (file_exists(APPPATH . 'config/production/db.php') === false) {
Response::Redirect('install');
}
if (DBUtil::field_exists('urls', array('cached_preview')) === false && file_exists(APPPATH . 'classes/controller/upgrade.php')) {
Response::Redirect(Uri::Create('upgrade'));
}
$real_base_url = Config::get('base_url');
Config::set('base_url', str_replace('public/', '', $real_base_url));
$base_url = Settings::get('different_short_url');
if (empty($base_url) === false) {
View::set_global(array('base_url' => $base_url), false, false);
}
if (trim(Uri::Base(), '/') == Settings::get('different_short_url')) {
if (count(Uri::Segments()) == 2) {
$route = Uri::to_assoc();
if (isset($route) === true && $route['core'] == '404') {
// We are good!
} else {
Response::Redirect(Settings::Get('base_url'));
}
} else {
Response::Redirect(Settings::Get('base_url'));
}
}
$data = null;
if (Auth::Check()) {
$user_id = Auth::get_user_id();
static::$user_id = $user_id[1];
$data['api_key'] = Auth::get('api_key');
if (empty($data['api_key']) === true) {
if (empty($data['api_key']) === true) {
$data['api_key'] = preg_replace('/\\+|\\/|\\=|\\?/', '', \Auth::instance()->hash_password(\Str::random()) . static::$user_id);
// invalidate the hash
\Auth::update_user(array('api_key' => $data['api_key']), Auth::get('username'));
}
}
}
// Lets set the default title , you can change it when calling the view
$this->template->title = ucwords(str_replace('controller_', '', strtolower($this->request->route->controller)));
try {
Module::load('image');
$this->template->image_js = true;
} catch (Exception $e) {
}
// Lets get the header and footer and set a variable to use within the template
$this->template->footer = View::forge('core/footer', $data);
$this->template->header = View::forge('core/header');
}
public function action_create()
{
$url = Input::Get('url');
$custom = Input::Get('custom');
$api = Input::Get('api_key');
if (empty($api) === true) {
$api = true;
}
if (empty($url) === false) {
// Check to see if its a valid url
if (filter_var($url, FILTER_VALIDATE_URL) === false) {
echo 'You did not enter a valid url in, please try again';
die;
}
// Check black list!
$blocked = Model_Blacklist::query()->get();
if (empty($blocked) === false) {
foreach ($blocked as $block) {
// Check aginst the blocked
if (preg_match('/' . strtolower($block['blocked']) . '/', strtolower($url))) {
echo 'URL Blacklisted';
die;
}
}
}
// Lets generate them a url
$safe = \Settings::Get('google_safe_api_key');
// Is it safe?
if (empty($safe) === false) {
$m_url = 'https://sb-ssl.google.com/safebrowsing/api/lookup?client=api&apikey=' . $safe . '&appver=1.0&pver=3.0&url=' . $url;
$curl_handle = curl_init();
curl_setopt($curl_handle, CURLOPT_URL, $m_url);
curl_setopt($curl_handle, CURLOPT_CONNECTTIMEOUT, 2);
curl_setopt($curl_handle, CURLOPT_RETURNTRANSFER, 1);
$buffer = curl_exec($curl_handle);
curl_close($curl_handle);
if (empty($buffer) === false) {
echo 'This website has been blocked because of ' . $buffer;
die;
}
}
$length = strlen($url);
$data['short_url_raw'] = Controller_Url::shortenit($url, $custom, $api);
$data['url'] = $url;
$data['short_url'] = $data['short_url_raw']['short_url'];
echo \Uri::Create($data['short_url']);
die;
} else {
echo 'Error';
die;
}
}
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <*****@*****.**> (2003-2009)
* @author Froxlor team <*****@*****.**> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function checkUsername($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues)
{
if (!isset($allnewfieldvalues['customer_mysqlprefix'])) {
$allnewfieldvalues['customer_mysqlprefix'] = Settings::Get('customer.mysqlprefix');
}
$returnvalue = array();
if (validateUsername($newfieldvalue, Settings::Get('panel.unix_names'), 14 - strlen($allnewfieldvalues['customer_mysqlprefix'])) === true) {
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_OK);
} else {
$returnvalue = array(FORMFIELDS_PLAUSIBILITY_CHECK_ERROR, 'accountprefixiswrong');
}
return $returnvalue;
}
function mail2($recipient, $subject, $message, $in_headers = null)
{
$settings = Settings::Get();
$headers = array();
$headers[] = 'Message-ID: <' . uniqid() . '@sp-enduser>';
if ($settings->getMailSender()) {
$headers[] = "From: " . $settings->getMailSender();
}
if ($in_headers !== null) {
$headers = array_merge($headers, $in_headers);
}
mail($recipient, $subject, $message, implode("\r\n", $headers));
}
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <*****@*****.**> (2003-2009)
* @author Froxlor team <*****@*****.**> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function storeSettingIpAddress($fieldname, $fielddata, $newfieldvalue)
{
$returnvalue = storeSettingField($fieldname, $fielddata, $newfieldvalue);
if ($returnvalue !== false && is_array($fielddata) && isset($fielddata['settinggroup']) && $fielddata['settinggroup'] == 'system' && isset($fielddata['varname']) && $fielddata['varname'] == 'ipaddress') {
$mysql_access_host_array = array_map('trim', explode(',', Settings::Get('system.mysql_access_host')));
$mysql_access_host_array[] = $newfieldvalue;
$mysql_access_host_array = array_unique(array_trim($mysql_access_host_array));
$mysql_access_host = implode(',', $mysql_access_host_array);
correctMysqlUsers($mysql_access_host_array);
Settings::Set('system.mysql_access_host', $mysql_access_host);
}
return $returnvalue;
}
function getFormOverviewGroupOutput($groupname, $groupdetails)
{
global $lng, $filename, $s, $theme;
$group = '';
$title = $groupdetails['title'];
$part = $groupname;
$activated = true;
$option = '';
if (isset($groupdetails['fields'])) {
foreach ($groupdetails['fields'] as $fieldname => $fielddetails) {
if (isset($fielddetails['overview_option']) && $fielddetails['overview_option'] == true) {
if ($fielddetails['type'] != 'option' && $fielddetails['type'] != 'bool') {
standard_error('overviewsettingoptionisnotavalidfield');
}
if ($fielddetails['type'] == 'option') {
$options_array = $fielddetails['option_options'];
$options = '';
foreach ($options_array as $value => $vtitle) {
$options .= makeoption($vtitle, $value, Settings::Get($fielddetails['settinggroup'] . '.' . $fielddetails['varname']));
}
$option .= $fielddetails['label'] . ': ';
$option .= '<select class="dropdown_noborder" name="' . $fieldname . '">';
$option .= $options;
$option .= '</select>';
$activated = true;
} else {
$option .= $lng['admin']['activated'] . ': ';
$option .= makeyesno($fieldname, '1', '0', Settings::Get($fielddetails['settinggroup'] . '.' . $fielddetails['varname']));
$activated = (int) Settings::Get($fielddetails['settinggroup'] . '.' . $fielddetails['varname']);
}
}
}
}
/**
* this part checks for the 'websrv_avail' entry in the settings
* if found, we check if the current webserver is in the array. If this
* is not the case, we change the setting type to "hidden", #502
*/
$do_show = true;
if (isset($groupdetails['websrv_avail']) && is_array($groupdetails['websrv_avail'])) {
$websrv = Settings::Get('system.webserver');
if (!in_array($websrv, $groupdetails['websrv_avail'])) {
$do_show = false;
$title .= sprintf($lng['serversettings']['option_unavailable_websrv'], implode(", ", $groupdetails['websrv_avail']));
// hack disabled flag into select-box
$option = str_replace('<select class', '<select disabled="disabled" class', $option);
}
}
eval("\$group = \"" . getTemplate("settings/settings_overviewgroup") . "\";");
return $group;
}
protected function getMyPath($ip_port = null)
{
if (!empty($ip_port) && $ip_port['docroot'] == '') {
if (Settings::Get('system.froxlordirectlyviahostname')) {
$mypath = makeCorrectDir(dirname(dirname(dirname(__FILE__))));
} else {
$mypath = makeCorrectDir(dirname(dirname(dirname(dirname(__FILE__)))));
}
} else {
// user-defined docroot, #417
$mypath = makeCorrectDir($ip_port['docroot']);
}
return $mypath;
}
/**
* Retrieve a list of valid enabled plugins
* @return array Returns a list of enabled plugins, any orphaned plugins are disabled
*/
static function GetEnabledPlugins()
{
$enabled = Settings::Get('enabled_plugins');
$enabled = unserialize($enabled);
foreach ($enabled as $key => $plugin) {
$plugin_file = DOC_ROOT . "/cc-content/plugins/{$plugin}/{$plugin}.php";
if (!file_exists($plugin_file)) {
unset($enabled[$key]);
}
}
reset($enabled);
Settings::Set('enabled_plugins', serialize($enabled));
return $enabled;
}
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <*****@*****.**> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Settings
*
*/
function buildFormEx($form, $part = '')
{
$fields = '';
if (validateFormDefinition($form)) {
foreach ($form['groups'] as $groupname => $groupdetails) {
// show overview
if ($part == '') {
if (isset($groupdetails['title']) && $groupdetails['title'] != '') {
$fields .= getFormOverviewGroupOutput($groupname, $groupdetails);
}
} elseif ($part != '' && ($groupname == $part || $part == 'all')) {
/**
* this part checks for the 'websrv_avail' entry in the settings-array
* if found, we check if the current webserver is in the array. If this
* is not the case, we change the setting type to "hidden", #502
*/
$do_show = true;
if (isset($groupdetails['websrv_avail']) && is_array($groupdetails['websrv_avail'])) {
$websrv = Settings::Get('system.webserver');
if (!in_array($websrv, $groupdetails['websrv_avail'])) {
$do_show = false;
}
}
// visible = Settings::Get('phpfpm.enabled') for example would result in false if not enabled
// and therefore not shown as intended. Only check if do_show is still true as it might
// be false due to websrv_avail
if (isset($groupdetails['visible']) && $do_show) {
$do_show = $groupdetails['visible'];
}
//if ($do_show) {
if (isset($groupdetails['title']) && $groupdetails['title'] != '') {
$fields .= getFormGroupOutput($groupname, $groupdetails);
}
if (validateFieldDefinition($groupdetails)) {
// Prefetch form fields
foreach ($groupdetails['fields'] as $fieldname => $fielddetails) {
$groupdetails['fields'][$fieldname] = array_merge_prefix($fielddetails, $fielddetails['type'], prefetchFormFieldData($fieldname, $fielddetails));
$form['groups'][$groupname]['fields'][$fieldname] = $groupdetails['fields'][$fieldname];
}
// Collect form field output
foreach ($groupdetails['fields'] as $fieldname => $fielddetails) {
$fields .= getFormFieldOutput($fieldname, $fielddetails);
}
}
//}
}
}
}
return $fields;
}
