function verify_group($group)
{
if (!is_group($group)) {
toshout_error('[TOP SECRET] You cannot access that property');
redirect('dashboard');
}
}
function render_item($name)
{
global $mtdata;
if ($name) {
if ($groupname = is_group($name)) {
$description = 'Group ' . $groupname;
$url = url_group($groupname);
} else {
$description = $mtdata['items'][$name]['description'];
$url = url_item($name);
}
$ret = '<div class="item">
' . render_item_icon($name) . '
<div class="itemdesc"><a href="' . $url . '">' . $description . '</a></div>
</div>';
}
return $ret;
}
} else {
$ThemeSel = get_theme();
if (file_exists("themes/{$ThemeSel}/modules/{$name}/" . $file . ".php")) {
$modpath = "themes/{$ThemeSel}/";
} else {
$modpath = "";
}
if ($view == 0) {
$modpath .= "modules/{$name}/" . $file . ".php";
if (file_exists($modpath)) {
include $modpath;
} else {
die("Sorry, such file doesn't exist...");
}
} else {
if ($view == 1 and (is_user($user) or is_group($user, $name)) or is_admin($admin)) {
$modpath .= "modules/{$name}/" . $file . ".php";
if (file_exists($modpath)) {
include $modpath;
} else {
die("Sorry, such file doesn't exist...");
}
} elseif ($view == 1 and !is_user($user) and !is_admin($admin)) {
$pagetitle = "- " . _ACCESSDENIED . "";
include "header.php";
title("{$sitename}: " . _ACCESSDENIED . "");
OpenTable();
echo "<center><b>" . _RESTRICTEDAREA . "</b><br><br>" . "" . _MODULEUSERS . "";
$result2 = $db->sql_query("SELECT mod_group FROM " . $prefix . "_modules WHERE title='{$name}'");
$row2 = $db->sql_fetchrow($result2);
if ($row2[mod_group] != 0) {
public function install_ispconfig()
{
global $conf;
$install_dir = $conf['ispconfig_install_dir'];
//* Create the ISPConfig installation directory
if (!is_dir($install_dir)) {
$command = "mkdir {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
//* Create a ISPConfig user and group
if (!is_group('ispconfig')) {
$command = 'groupadd ispconfig';
caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
if (!is_user('ispconfig')) {
$command = "useradd -g ispconfig -d {$install_dir} ispconfig";
caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
//* copy the ISPConfig interface part
$command = "cp -rf ../interface {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* copy the ISPConfig server part
$command = "cp -rf ../server {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Create the config file for ISPConfig interface
$configfile = 'config.inc.php';
$content = $this->get_template_file($configfile, true, true);
//* get contents & insert db cred
$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
$this->write_config_file("{$install_dir}/interface/lib/{$configfile}", $content);
//* Create the config file for ISPConfig server
$this->write_config_file("{$install_dir}/server/lib/{$configfile}", $content);
//* Create the config file for remote-actions (but only, if it does not exist, because
// the value is a autoinc-value and so changed by the remoteaction_core_module
if (!file_exists($install_dir . '/server/lib/remote_action.inc.php')) {
$content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>';
wf($install_dir . '/server/lib/remote_action.inc.php', $content);
}
// Enable the server modules and plugins.
// TODO: Implement a selector which modules and plugins shall be enabled.
$dir = $install_dir . '/server/mods-available/';
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
include_once $install_dir . '/server/mods-available/' . $file;
$module_name = substr($file, 0, -8);
$tmp = new $module_name();
if ($tmp->onInstall()) {
if (!@is_link($install_dir . '/server/mods-enabled/' . $file)) {
@symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-enabled/' . $file);
// @symlink($install_dir.'/server/mods-available/'.$file, '../mods-enabled/'.$file);
}
if (strpos($file, '_core_module') !== false) {
if (!@is_link($install_dir . '/server/mods-core/' . $file)) {
@symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-core/' . $file);
// @symlink($install_dir.'/server/mods-available/'.$file, '../mods-core/'.$file);
}
}
}
unset($tmp);
}
}
closedir($dh);
}
}
$dir = $install_dir . '/server/plugins-available/';
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if ($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') {
continue;
}
if ($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') {
continue;
}
if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
include_once $install_dir . '/server/plugins-available/' . $file;
$plugin_name = substr($file, 0, -8);
$tmp = new $plugin_name();
if (method_exists($tmp, 'onInstall') && $tmp->onInstall()) {
if (!@is_link($install_dir . '/server/plugins-enabled/' . $file)) {
@symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-enabled/' . $file);
}
if (strpos($file, '_core_plugin') !== false) {
if (!@is_link($install_dir . '/server/plugins-core/' . $file)) {
@symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-core/' . $file);
}
}
}
unset($tmp);
}
}
closedir($dh);
}
}
//* Update the server config
$mail_server_enabled = $conf['services']['mail'] ? 1 : 0;
$web_server_enabled = $conf['services']['web'] ? 1 : 0;
$dns_server_enabled = $conf['services']['dns'] ? 1 : 0;
$file_server_enabled = $conf['services']['file'] ? 1 : 0;
$db_server_enabled = $conf['services']['db'] ? 1 : 0;
$vserver_server_enabled = $conf['services']['vserver'] ? 1 : 0;
$sql = "UPDATE `server` SET mail_server = '{$mail_server_enabled}', web_server = '{$web_server_enabled}', dns_server = '{$dns_server_enabled}', file_server = '{$file_server_enabled}', db_server = '{$db_server_enabled}', vserver_server = '{$vserver_server_enabled}' WHERE server_id = " . intval($conf['server_id']);
if ($conf['mysql']['master_slave_setup'] == 'y') {
$this->dbmaster->query($sql);
$this->db->query($sql);
} else {
$this->db->query($sql);
}
//* Chmod the files
$command = "chmod -R 750 {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the files to the ispconfig user and group
$command = "chown -R ispconfig:ispconfig {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Make the global language file directory group writable
exec("chmod -R 770 {$install_dir}/interface/lib/lang");
//* Make the temp directory for language file exports writable
if (is_dir($install_dir . '/interface/web/temp')) {
exec("chmod -R 770 {$install_dir}/interface/web/temp");
}
//* Make all interface language file directories group writable
$handle = @opendir($install_dir . '/interface/web');
while ($file = @readdir($handle)) {
if ($file != '.' && $file != '..') {
if (@is_dir($install_dir . '/interface/web' . '/' . $file . '/lib/lang')) {
$handle2 = opendir($install_dir . '/interface/web' . '/' . $file . '/lib/lang');
chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang', 0770);
while ($lang_file = @readdir($handle2)) {
if ($lang_file != '.' && $lang_file != '..') {
chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang/' . $lang_file, 0770);
}
}
}
}
}
//* make sure that the server config file (not the interface one) is only readable by the root user
chmod($install_dir . '/server/lib/' . $configfile, 0600);
chown($install_dir . '/server/lib/' . $configfile, 'root');
chgrp($install_dir . '/server/lib/' . $configfile, 'root');
chmod($install_dir . '/server/lib/remote_action.inc.php', 0600);
chown($install_dir . '/server/lib/remote_action.inc.php', 'root');
chgrp($install_dir . '/server/lib/remote_action.inc.php', 'root');
if (@is_file($install_dir . '/server/lib/mysql_clientdb.conf')) {
chmod($install_dir . '/server/lib/mysql_clientdb.conf', 0600);
chown($install_dir . '/server/lib/mysql_clientdb.conf', 'root');
chgrp($install_dir . '/server/lib/mysql_clientdb.conf', 'root');
}
// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
// and must be fixed as this will allow the apache user to read the ispconfig files.
// Later this must run as own apache server or via suexec!
if ($conf['apache']['installed'] == true) {
$command = 'usermod -a -G ispconfig ' . $conf['apache']['user'];
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if (is_group('ispapps')) {
$command = 'usermod -a -G ispapps ' . $conf['apache']['user'];
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
}
if ($conf['nginx']['installed'] == true) {
$command = 'usermod -a -G ispconfig ' . $conf['nginx']['user'];
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if (is_group('ispapps')) {
$command = 'usermod -a -G ispapps ' . $conf['nginx']['user'];
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
}
//* Make the shell scripts executable
$command = "chmod +x {$install_dir}/server/scripts/*.sh";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if ($conf['apache']['installed'] == true) {
//* Copy the ISPConfig vhost for the controlpanel
$content = $this->get_template_file("apache_ispconfig.vhost", true);
$content = str_replace('{vhost_port}', $conf['apache']['vhost_port'], $content);
//* comment out the listen directive if port is 80 or 443
if ($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
$content = str_replace('{vhost_port_listen}', '#', $content);
} else {
$content = str_replace('{vhost_port_listen}', '', $content);
}
if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) {
$content = str_replace('{ssl_comment}', '', $content);
} else {
$content = str_replace('{ssl_comment}', '#', $content);
}
$vhost_path = $conf['apache']['vhost_conf_dir'] . '/ispconfig.vhost';
$this->write_config_file($vhost_path, $content);
if (!is_file('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
mkdir('/var/www/php-fcgi-scripts/ispconfig', 0755, true);
copy('tpl/apache_ispconfig_fcgi_starter.master', '/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
exec('chmod +x /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
chmod('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', 0755);
symlink($install_dir . '/interface/web', '/var/www/ispconfig');
exec('chown -R ispconfig:ispconfig /var/www/php-fcgi-scripts/ispconfig');
}
}
if ($conf['nginx']['installed'] == true) {
//* Copy the ISPConfig vhost for the controlpanel
$vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
$vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
// Dont just copy over the virtualhost template but add some custom settings
$content = rf('tpl/nginx_ispconfig.vhost.master');
$content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) {
$content = str_replace('{ssl_on}', ' ssl', $content);
$content = str_replace('{ssl_comment}', '', $content);
$content = str_replace('{fastcgi_ssl}', 'on', $content);
} else {
$content = str_replace('{ssl_on}', '', $content);
$content = str_replace('{ssl_comment}', '#', $content);
$content = str_replace('{fastcgi_ssl}', 'off', $content);
}
$socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
if (substr($socket_dir, -1) != '/') {
$socket_dir .= '/';
}
if (!is_dir($socket_dir)) {
exec('mkdir -p ' . $socket_dir);
}
$fpm_socket = $socket_dir . 'ispconfig.sock';
//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
$content = str_replace('{fpm_socket}', $fpm_socket, $content);
wf($vhost_conf_dir . '/ispconfig.vhost', $content);
unset($content);
// PHP-FPM
// Dont just copy over the php-fpm pool template but add some custom settings
$content = rf('tpl/php_fpm_pool.conf.master');
$content = str_replace('{fpm_pool}', 'ispconfig', $content);
//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
$content = str_replace('{fpm_socket}', $fpm_socket, $content);
$content = str_replace('{fpm_user}', 'ispconfig', $content);
$content = str_replace('{fpm_group}', 'ispconfig', $content);
wf($conf['nginx']['php_fpm_pool_dir'] . '/ispconfig.conf', $content);
//copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
//* and create the symlink
if ($this->install_ispconfig_interface == true && $this->is_update == false) {
if (@is_link($vhost_conf_enabled_dir . '/ispconfig.vhost')) {
unlink($vhost_conf_enabled_dir . '/ispconfig.vhost');
}
if (!@is_link($vhost_conf_enabled_dir . '/000-ispconfig.vhost')) {
symlink($vhost_conf_dir . '/ispconfig.vhost', $vhost_conf_enabled_dir . '/000-ispconfig.vhost');
}
}
}
//* Install the update script
if (is_file('/usr/local/bin/ispconfig_update_from_svn.sh')) {
unlink('/usr/local/bin/ispconfig_update_from_svn.sh');
}
chown($install_dir . '/server/scripts/update_from_svn.sh', 'root');
chmod($install_dir . '/server/scripts/update_from_svn.sh', 0700);
chown($install_dir . '/server/scripts/update_from_tgz.sh', 'root');
chmod($install_dir . '/server/scripts/update_from_tgz.sh', 0700);
chown($install_dir . '/server/scripts/ispconfig_update.sh', 'root');
chmod($install_dir . '/server/scripts/ispconfig_update.sh', 0700);
if (!is_link('/usr/local/bin/ispconfig_update_from_svn.sh')) {
symlink($install_dir . '/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update_from_svn.sh');
}
if (!is_link('/usr/local/bin/ispconfig_update.sh')) {
symlink($install_dir . '/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update.sh');
}
//* Make the logs readable for the ispconfig user
if (is_file('/var/log/maillog')) {
exec('chmod +r /var/log/maillog');
}
if (is_file('/var/log/messages')) {
exec('chmod +r /var/log/messages');
}
if (is_file('/var/log/clamav/clamav.log')) {
exec('chmod +r /var/log/clamav/clamav.log');
}
if (is_file('/var/log/clamav/freshclam.log')) {
exec('chmod +r /var/log/clamav/freshclam.log');
}
//* Create the ispconfig log directory
if (!is_dir($conf['ispconfig_log_dir'])) {
mkdir($conf['ispconfig_log_dir']);
}
if (!is_file($conf['ispconfig_log_dir'] . '/ispconfig.log')) {
touch($conf['ispconfig_log_dir'] . '/ispconfig.log');
}
rename($install_dir . '/server/scripts/run-getmail.sh', '/usr/local/bin/run-getmail.sh');
if (is_user('getmail')) {
chown('/usr/local/bin/run-getmail.sh', 'getmail');
}
chmod('/usr/local/bin/run-getmail.sh', 0744);
}
public function install_ispconfig()
{
global $conf;
$install_dir = $conf['ispconfig_install_dir'];
//* Create the ISPConfig installation directory
if (!@is_dir("{$install_dir}")) {
$command = "mkdir {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
//* Create a ISPConfig user and group
$command = 'groupadd ispconfig';
if (!is_group('ispconfig')) {
caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
$command = "useradd -g ispconfig -d {$install_dir} ispconfig";
if (!is_user('ispconfig')) {
caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
//* copy the ISPConfig interface part
$command = "cp -rf ../interface {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* copy the ISPConfig server part
$command = "cp -rf ../server {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Create a symlink, so ISPConfig is accessible via web
// Replaced by a separate vhost definition for port 8080
// $command = "ln -s $install_dir/interface/web/ /var/www/ispconfig";
// caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Create the config file for ISPConfig interface
$configfile = 'config.inc.php';
if (is_file($install_dir . '/interface/lib/' . $configfile)) {
copy("{$install_dir}/interface/lib/{$configfile}", "{$install_dir}/interface/lib/{$configfile}~");
}
$content = rf("tpl/{$configfile}.master");
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
wf("{$install_dir}/interface/lib/{$configfile}", $content);
//* Create the config file for ISPConfig server
$configfile = 'config.inc.php';
if (is_file($install_dir . '/server/lib/' . $configfile)) {
copy("{$install_dir}/server/lib/{$configfile}", "{$install_dir}/interface/lib/{$configfile}~");
}
$content = rf("tpl/{$configfile}.master");
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
wf("{$install_dir}/server/lib/{$configfile}", $content);
//* Create the config file for remote-actions (but only, if it does not exist, because
// the value is a autoinc-value and so changed by the remoteaction_core_module
if (!file_exists($install_dir . '/server/lib/remote_action.inc.php')) {
$content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>';
wf($install_dir . '/server/lib/remote_action.inc.php', $content);
}
//* Enable the server modules and plugins.
// TODO: Implement a selector which modules and plugins shall be enabled.
$dir = $install_dir . '/server/mods-available/';
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
include_once $install_dir . '/server/mods-available/' . $file;
$module_name = substr($file, 0, -8);
$tmp = new $module_name();
if ($tmp->onInstall()) {
if (!@is_link($install_dir . '/server/mods-enabled/' . $file)) {
@symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-enabled/' . $file);
}
if (strpos($file, '_core_module') !== false) {
if (!@is_link($install_dir . '/server/mods-core/' . $file)) {
@symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-core/' . $file);
}
}
}
unset($tmp);
}
}
closedir($dh);
}
}
$dir = $install_dir . '/server/plugins-available/';
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if ($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') {
continue;
}
if ($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') {
continue;
}
if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
include_once $install_dir . '/server/plugins-available/' . $file;
$plugin_name = substr($file, 0, -8);
$tmp = new $plugin_name();
if ($tmp->onInstall()) {
if (!@is_link($install_dir . '/server/plugins-enabled/' . $file)) {
@symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-enabled/' . $file);
}
if (strpos($file, '_core_plugin') !== false) {
if (!@is_link($install_dir . '/server/plugins-core/' . $file)) {
@symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-core/' . $file);
}
}
}
unset($tmp);
}
}
closedir($dh);
}
}
// Update the server config
$mail_server_enabled = $conf['services']['mail'] ? 1 : 0;
$web_server_enabled = $conf['services']['web'] ? 1 : 0;
$dns_server_enabled = $conf['services']['dns'] ? 1 : 0;
$file_server_enabled = $conf['services']['file'] ? 1 : 0;
$db_server_enabled = $conf['services']['db'] ? 1 : 0;
$vserver_server_enabled = $conf['services']['vserver'] ? 1 : 0;
$sql = "UPDATE `server` SET mail_server = '{$mail_server_enabled}', web_server = '{$web_server_enabled}', dns_server = '{$dns_server_enabled}', file_server = '{$file_server_enabled}', db_server = '{$db_server_enabled}', vserver_server = '{$vserver_server_enabled}' WHERE server_id = " . intval($conf['server_id']);
if ($conf['mysql']['master_slave_setup'] == 'y') {
$this->dbmaster->query($sql);
$this->db->query($sql);
} else {
$this->db->query($sql);
}
//* Chmod the files
$command = "chmod -R 750 {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the files to the ispconfig user and group
$command = "chown -R ispconfig:ispconfig {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Make the global language file directory group writable
exec("chmod -R 770 {$install_dir}/interface/lib/lang");
//* Make the temp directory for language file exports writable
exec("chmod -R 770 {$install_dir}/interface/web/temp");
//* Make all interface language file directories group writable
$handle = @opendir($install_dir . '/interface/web');
while ($file = @readdir($handle)) {
if ($file != '.' && $file != '..') {
if (@is_dir($install_dir . '/interface/web' . '/' . $file . '/lib/lang')) {
$handle2 = opendir($install_dir . '/interface/web' . '/' . $file . '/lib/lang');
chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang', 0770);
while ($lang_file = @readdir($handle2)) {
if ($lang_file != '.' && $lang_file != '..') {
chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang/' . $lang_file, 0770);
}
}
}
}
}
//* make sure that the server config file (not the interface one) is only readable by the root user
exec("chmod 600 {$install_dir}/server/lib/{$configfile}");
exec("chown root:root {$install_dir}/server/lib/{$configfile}");
if (@is_file("{$install_dir}/server/lib/mysql_clientdb.conf")) {
exec("chmod 600 {$install_dir}/server/lib/mysql_clientdb.conf");
exec("chown root:root {$install_dir}/server/lib/mysql_clientdb.conf");
}
// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
// and must be fixed as this will allow the apache user to read the ispconfig files.
// Later this must run as own apache server or via suexec!
if ($conf['apache']['installed'] == true) {
$command = 'groupmod --add-user ' . $conf['apache']['user'] . ' ispconfig';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if (is_group('ispapps')) {
$command = 'groupmod --add-user ' . $conf['apache']['user'] . ' ispapps';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
}
if ($conf['nginx']['installed'] == true) {
$command = 'groupmod --add-user ' . $conf['nginx']['user'] . ' ispconfig';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if (is_group('ispapps')) {
$command = 'groupmod --add-user ' . $conf['nginx']['user'] . ' ispapps';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
}
//* Make the shell scripts executable
$command = "chmod +x {$install_dir}/server/scripts/*.sh";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if ($conf['apache']['installed'] == true) {
//* Copy the ISPConfig vhost for the controlpanel
// TODO: These are missing! should they be "vhost_dist_*_dir" ?
$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
// Dont just copy over the virtualhost template but add some custom settings
$content = rf("tpl/apache_ispconfig.vhost.master");
$content = str_replace('{vhost_port}', $conf['apache']['vhost_port'], $content);
// comment out the listen directive if port is 80 or 443
if ($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
$content = str_replace('{vhost_port_listen}', '#', $content);
} else {
$content = str_replace('{vhost_port_listen}', '', $content);
}
if (is_file('/usr/local/ispconfig/interface/ssl/ispserver.crt') && is_file('/usr/local/ispconfig/interface/ssl/ispserver.key')) {
$content = str_replace('{ssl_comment}', '', $content);
} else {
$content = str_replace('{ssl_comment}', '#', $content);
}
$content = str_replace('/var/www/', '/srv/www/', $content);
wf("{$vhost_conf_dir}/ispconfig.vhost", $content);
if (!is_file('/srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
exec('mkdir -p /srv/www/php-fcgi-scripts/ispconfig');
exec('cp tpl/apache_ispconfig_fcgi_starter.master /srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
exec('chmod +x /srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
exec('ln -s /usr/local/ispconfig/interface/web /srv/www/ispconfig');
exec('chown -R ispconfig:ispconfig /srv/www/php-fcgi-scripts/ispconfig');
}
//copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
//* and create the symlink
if ($this->install_ispconfig_interface == true && $this->is_update == false) {
if (@is_link("{$vhost_conf_enabled_dir}/ispconfig.vhost")) {
unlink("{$vhost_conf_enabled_dir}/ispconfig.vhost");
}
if (!@is_link("{$vhost_conf_enabled_dir}/000-ispconfig.vhost")) {
exec("ln -s {$vhost_conf_dir}/ispconfig.vhost {$vhost_conf_enabled_dir}/000-ispconfig.vhost");
}
}
// Fix a setting in vhost master file for suse
replaceLine('/usr/local/ispconfig/server/conf/vhost.conf.master', "suPHP_UserGroup", " suPHP_UserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>", 0);
}
if ($conf['nginx']['installed'] == true) {
//* Copy the ISPConfig vhost for the controlpanel
$vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
$vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
// Dont just copy over the virtualhost template but add some custom settings
$content = rf('tpl/nginx_ispconfig.vhost.master');
$content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) {
$content = str_replace('{ssl_on}', ' ssl', $content);
$content = str_replace('{ssl_comment}', '', $content);
$content = str_replace('{fastcgi_ssl}', 'on', $content);
} else {
$content = str_replace('{ssl_on}', '', $content);
$content = str_replace('{ssl_comment}', '#', $content);
$content = str_replace('{fastcgi_ssl}', 'off', $content);
}
$socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
if (substr($socket_dir, -1) != '/') {
$socket_dir .= '/';
}
if (!is_dir($socket_dir)) {
exec('mkdir -p ' . $socket_dir);
}
$fpm_socket = $socket_dir . 'ispconfig.sock';
//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
$content = str_replace('{fpm_socket}', $fpm_socket, $content);
wf($vhost_conf_dir . '/ispconfig.vhost', $content);
unset($content);
// PHP-FPM
// Dont just copy over the php-fpm pool template but add some custom settings
$content = rf('tpl/php_fpm_pool.conf.master');
$content = str_replace('{fpm_pool}', 'ispconfig', $content);
//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
$content = str_replace('{fpm_socket}', $fpm_socket, $content);
$content = str_replace('{fpm_user}', 'ispconfig', $content);
$content = str_replace('{fpm_group}', 'ispconfig', $content);
wf($conf['nginx']['php_fpm_pool_dir'] . '/ispconfig.conf', $content);
//copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
//* and create the symlink
if ($this->install_ispconfig_interface == true && $this->is_update == false) {
if (@is_link($vhost_conf_enabled_dir . '/ispconfig.vhost')) {
unlink($vhost_conf_enabled_dir . '/ispconfig.vhost');
}
if (!@is_link($vhost_conf_enabled_dir . '/000-ispconfig.vhost')) {
symlink($vhost_conf_dir . '/ispconfig.vhost', $vhost_conf_enabled_dir . '/000-ispconfig.vhost');
}
}
// create symlinks from /usr/share to phpMyAdmin and SquirrelMail, if they are installed
if (!@file_exists('/usr/share/phpmyadmin') && @is_dir('/srv/www/htdocs/phpMyAdmin')) {
symlink('/srv/www/htdocs/phpMyAdmin/', '/usr/share/phpmyadmin');
}
if (!@file_exists('/usr/share/squirrelmail') && @is_dir('/srv/www/htdocs/squirrelmail')) {
symlink('/srv/www/htdocs/squirrelmail/', '/usr/share/squirrelmail');
}
}
// Make the Clamav log files readable by ISPConfig
//exec('chmod +r /var/log/clamav/clamav.log');
//exec('chmod +r /var/log/clamav/freshclam.log');
//* Install the update script
if (is_file('/usr/local/bin/ispconfig_update_from_svn.sh')) {
unlink('/usr/local/bin/ispconfig_update_from_svn.sh');
}
exec('chown root /usr/local/ispconfig/server/scripts/update_from_svn.sh');
exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_svn.sh');
exec('chown root /usr/local/ispconfig/server/scripts/update_from_tgz.sh');
exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_tgz.sh');
exec('chown root /usr/local/ispconfig/server/scripts/ispconfig_update.sh');
exec('chmod 700 /usr/local/ispconfig/server/scripts/ispconfig_update.sh');
if (!is_link('/usr/local/bin/ispconfig_update_from_svn.sh')) {
exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update_from_svn.sh');
}
if (!is_link('/usr/local/bin/ispconfig_update.sh')) {
exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update.sh');
}
//set the fast cgi starter script to executable
//exec('chmod 755 '.$install_dir.'/interface/bin/php-fcgi');
//* Make the logs readable for the ispconfig user
if (@is_file('/var/log/mail.log')) {
exec('chmod +r /var/log/mail.log');
}
if (@is_file('/var/log/mail.warn')) {
exec('chmod +r /var/log/mail.warn');
}
if (@is_file('/var/log/mail.err')) {
exec('chmod +r /var/log/mail.err');
}
if (@is_file('/var/log/messages')) {
exec('chmod +r /var/log/messages');
}
//To enable apache to read the directories
exec('chmod a+rx /usr/local/ispconfig');
exec('chmod -R 751 /usr/local/ispconfig/interface');
exec('chmod a+rx /usr/local/ispconfig/interface/web');
//* Create the ispconfig log directory
if (!is_dir($conf['ispconfig_log_dir'])) {
mkdir($conf['ispconfig_log_dir']);
}
if (!is_file($conf['ispconfig_log_dir'] . '/ispconfig.log')) {
exec('touch ' . $conf['ispconfig_log_dir'] . '/ispconfig.log');
}
if (is_user('getmail')) {
exec('mv /usr/local/ispconfig/server/scripts/run-getmail.sh /usr/local/bin/run-getmail.sh');
exec('chown getmail /usr/local/bin/run-getmail.sh');
exec('chmod 744 /usr/local/bin/run-getmail.sh');
}
}
public function install_ispconfig()
{
global $conf;
$install_dir = $conf['ispconfig_install_dir'];
//* Create the ISPConfig installation directory
if (!@is_dir("{$install_dir}")) {
$command = "mkdir {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
//* Create a ISPConfig user and group
$command = 'groupadd ispconfig';
if (!is_group('ispconfig')) {
caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
$command = "useradd -g ispconfig -d {$install_dir} ispconfig";
if (!is_user('ispconfig')) {
caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
//* copy the ISPConfig interface part
$command = "cp -rf ../interface {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* copy the ISPConfig server part
$command = "cp -rf ../server {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Make a backup of the security settings
if (is_file('/usr/local/ispconfig/security/security_settings.ini')) {
copy('/usr/local/ispconfig/security/security_settings.ini', '/usr/local/ispconfig/security/security_settings.ini~');
}
//* copy the ISPConfig security part
$command = 'cp -rf ../security ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Apply changed security_settings.ini values to new security_settings.ini file
if (is_file('/usr/local/ispconfig/security/security_settings.ini~')) {
$security_settings_old = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini~'));
$security_settings_new = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini'));
if (is_array($security_settings_new) && is_array($security_settings_old)) {
foreach ($security_settings_new as $section => $sval) {
if (is_array($sval)) {
foreach ($sval as $key => $val) {
if (isset($security_settings_old[$section]) && isset($security_settings_old[$section][$key])) {
$security_settings_new[$section][$key] = $security_settings_old[$section][$key];
}
}
}
}
file_put_contents('/usr/local/ispconfig/security/security_settings.ini', array_to_ini($security_settings_new));
}
}
//* Create a symlink, so ISPConfig is accessible via web
// Replaced by a separate vhost definition for port 8080
// $command = "ln -s $install_dir/interface/web/ /home/www/ispconfig";
// caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Create the config file for ISPConfig interface
$configfile = 'config.inc.php';
if (is_file($install_dir . '/interface/lib/' . $configfile)) {
copy("{$install_dir}/interface/lib/{$configfile}", "{$install_dir}/interface/lib/{$configfile}~");
}
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $configfile . '.master', "tpl/{$configfile}.master");
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
$content = str_replace('{timezone}', $conf['timezone'], $content);
$content = str_replace('{theme}', $conf['theme'], $content);
$content = str_replace('{language_file_import_enabled}', $conf['language_file_import_enabled'] == true ? 'true' : 'false', $content);
wf("{$install_dir}/interface/lib/{$configfile}", $content);
//* Create the config file for ISPConfig server
$configfile = 'config.inc.php';
if (is_file($install_dir . '/server/lib/' . $configfile)) {
copy("{$install_dir}/server/lib/{$configfile}", "{$install_dir}/interface/lib/{$configfile}~");
}
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $configfile . '.master', "tpl/{$configfile}.master");
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
$content = str_replace('{timezone}', $conf['timezone'], $content);
$content = str_replace('{theme}', $conf['theme'], $content);
$content = str_replace('{language_file_import_enabled}', $conf['language_file_import_enabled'] == true ? 'true' : 'false', $content);
wf("{$install_dir}/server/lib/{$configfile}", $content);
//* Create the config file for remote-actions (but only, if it does not exist, because
// the value is a autoinc-value and so changed by the remoteaction_core_module
if (!file_exists($install_dir . '/server/lib/remote_action.inc.php')) {
$content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>';
wf($install_dir . '/server/lib/remote_action.inc.php', $content);
}
//* Enable the server modules and plugins.
// TODO: Implement a selector which modules and plugins shall be enabled.
$dir = $install_dir . '/server/mods-available/';
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
include_once $install_dir . '/server/mods-available/' . $file;
$module_name = substr($file, 0, -8);
$tmp = new $module_name();
if ($tmp->onInstall()) {
if (!@is_link($install_dir . '/server/mods-enabled/' . $file)) {
@symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-enabled/' . $file);
}
if (strpos($file, '_core_module') !== false) {
if (!@is_link($install_dir . '/server/mods-core/' . $file)) {
@symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-core/' . $file);
}
}
}
unset($tmp);
}
}
closedir($dh);
}
}
$dir = $install_dir . '/server/plugins-available/';
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if ($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') {
continue;
}
if ($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') {
continue;
}
if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
include_once $install_dir . '/server/plugins-available/' . $file;
$plugin_name = substr($file, 0, -8);
$tmp = new $plugin_name();
if ($tmp->onInstall()) {
if (!@is_link($install_dir . '/server/plugins-enabled/' . $file)) {
@symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-enabled/' . $file);
}
if (strpos($file, '_core_plugin') !== false) {
if (!@is_link($install_dir . '/server/plugins-core/' . $file)) {
@symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-core/' . $file);
}
}
}
unset($tmp);
}
}
closedir($dh);
}
}
// Update the server config
$mail_server_enabled = $conf['services']['mail'] ? 1 : 0;
$web_server_enabled = $conf['services']['web'] ? 1 : 0;
$dns_server_enabled = $conf['services']['dns'] ? 1 : 0;
$file_server_enabled = $conf['services']['file'] ? 1 : 0;
$db_server_enabled = $conf['services']['db'] ? 1 : 0;
$vserver_server_enabled = $conf['services']['vserver'] ? 1 : 0;
$sql = "UPDATE `server` SET mail_server = '{$mail_server_enabled}', web_server = '{$web_server_enabled}', dns_server = '{$dns_server_enabled}', file_server = '{$file_server_enabled}', db_server = '{$db_server_enabled}', vserver_server = '{$vserver_server_enabled}' WHERE server_id = " . intval($conf['server_id']);
if ($conf['mysql']['master_slave_setup'] == 'y') {
$this->dbmaster->query($sql);
$this->db->query($sql);
} else {
$this->db->query($sql);
}
// chown install dir to root and chmod 755
$command = 'chown root:root ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chmod 755 ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Chmod the files and directories in the install dir
$command = 'chmod -R 750 ' . $install_dir . '/*';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the interface files to the ispconfig user and group
$command = 'chown -R ispconfig:ispconfig ' . $install_dir . '/interface';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the server files to the root user and group
$command = 'chown -R root:root ' . $install_dir . '/server';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the security files to the root user and group
$command = 'chown -R root:root ' . $install_dir . '/security';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the security directory and security_settings.ini to root:ispconfig
$command = 'chown root:ispconfig ' . $install_dir . '/security/security_settings.ini';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security/ids.whitelist';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security/ids.htmlfield';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security/apache_directives.blacklist';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Make the global language file directory group writable
exec("chmod -R 770 {$install_dir}/interface/lib/lang");
//* Make the temp directory for language file exports writable
exec("chmod -R 770 {$install_dir}/interface/web/temp");
//* Make all interface language file directories group writable
$handle = @opendir($install_dir . '/interface/web');
while ($file = @readdir($handle)) {
if ($file != '.' && $file != '..') {
if (@is_dir($install_dir . '/interface/web' . '/' . $file . '/lib/lang')) {
$handle2 = opendir($install_dir . '/interface/web' . '/' . $file . '/lib/lang');
chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang', 0770);
while ($lang_file = @readdir($handle2)) {
if ($lang_file != '.' && $lang_file != '..') {
chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang/' . $lang_file, 0770);
}
}
}
}
}
//* Make the APS directories group writable
exec("chmod -R 770 {$install_dir}/interface/web/sites/aps_meta_packages");
exec("chmod -R 770 {$install_dir}/server/aps_packages");
//* make sure that the server config file (not the interface one) is only readable by the root user
chmod($install_dir . '/server/lib/config.inc.php', 0600);
chown($install_dir . '/server/lib/config.inc.php', 'root');
chgrp($install_dir . '/server/lib/config.inc.php', 'root');
//* Make sure thet the interface config file is readable by user ispconfig only
chmod($install_dir . '/interface/lib/config.inc.php', 0600);
chown($install_dir . '/interface/lib/config.inc.php', 'ispconfig');
chgrp($install_dir . '/interface/lib/config.inc.php', 'ispconfig');
if (@is_file("{$install_dir}/server/lib/mysql_clientdb.conf")) {
exec("chmod 600 {$install_dir}/server/lib/mysql_clientdb.conf");
exec("chown root:root {$install_dir}/server/lib/mysql_clientdb.conf");
}
if (is_dir($install_dir . '/interface/invoices')) {
exec('chmod -R 770 ' . escapeshellarg($install_dir . '/interface/invoices'));
exec('chown -R ispconfig:ispconfig ' . escapeshellarg($install_dir . '/interface/invoices'));
}
exec('chown -R root:root /usr/local/ispconfig/interface/ssl');
// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
// and must be fixed as this will allow the apache user to read the ispconfig files.
// Later this must run as own apache server or via suexec!
if ($conf['apache']['installed'] == true) {
$command = 'usermod -a -G ispconfig ' . $conf['apache']['user'];
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if (is_group('ispapps')) {
$command = 'usermod -a -G ispapps ' . $conf['apache']['user'];
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
}
if ($conf['nginx']['installed'] == true) {
$command = 'usermod -a -G ispconfig ' . $conf['nginx']['user'];
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//if(is_user('ispapps')){
// Allow the ispapps vhost access to /etc/squirrelmail
//$command = 'usermod -a -G '.$conf['apache']['group'].' ispapps';
//caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//}
if (is_group('ispapps')) {
$command = 'usermod -a -G ispapps ' . $conf['nginx']['user'];
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
}
//* Make the shell scripts executable
$command = "chmod +x {$install_dir}/server/scripts/*.sh";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if ($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true) {
//* Copy the ISPConfig vhost for the controlpanel
// TODO: These are missing! should they be "vhost_dist_*_dir" ?
$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
// Dont just copy over the virtualhost template but add some custom settings
$tpl = new tpl('apache_ispconfig.vhost.master');
$tpl->setVar('vhost_port', $conf['apache']['vhost_port']);
// comment out the listen directive if port is 80 or 8443
if ($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 8443) {
$tpl->setVar('vhost_port_listen', '#');
} else {
$tpl->setVar('vhost_port_listen', '');
}
if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) {
$tpl->setVar('ssl_comment', '');
} else {
$tpl->setVar('ssl_comment', '#');
}
if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key') && is_file($install_dir . '/interface/ssl/ispserver.bundle')) {
$tpl->setVar('ssl_bundle_comment', '');
} else {
$tpl->setVar('ssl_bundle_comment', '#');
}
$tpl->setVar('apache_version', getapacheversion());
wf($vhost_conf_dir . '/ispconfig.vhost', $tpl->grab());
//copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
//* and create the symlink
//if($this->is_update == false) {
if (@is_link("{$vhost_conf_enabled_dir}/ispconfig.vhost")) {
unlink("{$vhost_conf_enabled_dir}/ispconfig.vhost");
}
if (!@is_link("{$vhost_conf_enabled_dir}/000-ispconfig.vhost")) {
exec("ln -s {$vhost_conf_dir}/ispconfig.vhost {$vhost_conf_enabled_dir}/000-ispconfig.vhost");
}
/*
exec('mkdir -p /home/www/php-fcgi-scripts/ispconfig');
exec('cp tpl/apache_ispconfig_fcgi_starter.master /home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
exec('chmod +x /home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
exec('ln -s /usr/local/ispconfig/interface/web /home/www/ispconfig');
exec('chown -R ispconfig:ispconfig /home/www/php-fcgi-scripts/ispconfig');
replaceLine('/home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter','PHPRC=','PHPRC=/etc/',0,0);
*/
//if(!is_file('/home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master');
$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
if (!is_dir('/home/www/php-fcgi-scripts/ispconfig')) {
exec('mkdir -p /home/www/php-fcgi-scripts/ispconfig');
}
wf('/home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content);
exec('chmod +x /home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
if (!is_link('/home/www/ispconfig')) {
exec('ln -s /usr/local/ispconfig/interface/web /home/www/ispconfig');
}
exec('chown -R ispconfig:ispconfig /home/www/php-fcgi-scripts/ispconfig');
//}
//}
}
if ($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true) {
//* Copy the ISPConfig vhost for the controlpanel
$vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
$vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
// Dont just copy over the virtualhost template but add some custom settings
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/nginx_ispconfig.vhost.master', 'tpl/nginx_ispconfig.vhost.master');
$content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) {
$content = str_replace('{ssl_on}', ' on', $content);
$content = str_replace('{ssl_comment}', '', $content);
$content = str_replace('{fastcgi_ssl}', 'on', $content);
} else {
$content = str_replace('{ssl_on}', ' off', $content);
$content = str_replace('{ssl_comment}', '#', $content);
$content = str_replace('{fastcgi_ssl}', 'off', $content);
}
$socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
if (substr($socket_dir, -1) != '/') {
$socket_dir .= '/';
}
if (!is_dir($socket_dir)) {
exec('mkdir -p ' . $socket_dir);
}
$fpm_socket = $socket_dir . 'ispconfig.sock';
//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
$content = str_replace('{fpm_socket}', $fpm_socket, $content);
wf($vhost_conf_dir . '/ispconfig.vhost', $content);
unset($content);
// PHP-FPM
// Dont just copy over the php-fpm pool template but add some custom settings
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/php_fpm_pool.conf.master', 'tpl/php_fpm_pool.conf.master');
$content = str_replace('{fpm_pool}', 'ispconfig', $content);
//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
$content = str_replace('{fpm_socket}', $fpm_socket, $content);
$content = str_replace('{fpm_user}', 'ispconfig', $content);
$content = str_replace('{fpm_group}', 'ispconfig', $content);
wf($conf['nginx']['php_fpm_pool_dir'] . '/ispconfig.conf', $content);
//copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
//* and create the symlink
if ($this->is_update == false) {
if (@is_link($vhost_conf_enabled_dir . '/ispconfig.vhost')) {
unlink($vhost_conf_enabled_dir . '/ispconfig.vhost');
}
if (!@is_link($vhost_conf_enabled_dir . '/000-ispconfig.vhost')) {
symlink($vhost_conf_dir . '/ispconfig.vhost', $vhost_conf_enabled_dir . '/000-ispconfig.vhost');
}
}
// create symlink from /usr/share/phpmyadmin to /usr/share/phpMyAdmin, if it is installed
if (!@file_exists('/usr/share/phpmyadmin') && @is_dir('/usr/share/phpMyAdmin')) {
symlink('/usr/share/phpMyAdmin/', '/usr/share/phpmyadmin');
}
}
// Make the Clamav log files readable by ISPConfig
//exec('chmod +r /var/log/clamav/clamav.log');
//exec('chmod +r /var/log/clamav/freshclam.log');
//* Install the update script
if (is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) {
unlink('/usr/local/bin/ispconfig_update_from_dev.sh');
}
exec('chown root /usr/local/ispconfig/server/scripts/update_from_dev.sh');
exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_dev.sh');
exec('chown root /usr/local/ispconfig/server/scripts/update_from_tgz.sh');
exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_tgz.sh');
exec('chown root /usr/local/ispconfig/server/scripts/ispconfig_update.sh');
exec('chmod 700 /usr/local/ispconfig/server/scripts/ispconfig_update.sh');
if (!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) {
exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update_from_dev.sh');
}
if (!is_link('/usr/local/bin/ispconfig_update.sh')) {
exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update.sh');
}
// set the fast cgi starter script to executable
// exec('chmod 755 '.$install_dir.'/interface/bin/php-fcgi');
//* Make the logs readable for the ispconfig user
if (@is_file('/var/log/maillog')) {
exec('chmod +r /var/log/maillog');
}
//if(@is_file('/var/log/mail.warn')) exec('chmod +r /var/log/mail.warn');
//if(@is_file('/var/log/mail.err')) exec('chmod +r /var/log/mail.err');
if (@is_file('/var/log/messages')) {
exec('chmod +r /var/log/messages');
}
//To enable apache to read the directories
// exec('chmod a+rx /usr/local/ispconfig');
// exec('chmod -R 751 /usr/local/ispconfig/interface');
// exec('chmod a+rx /usr/local/ispconfig/interface/web');
//* Create the ispconfig log directory
if (!is_dir($conf['ispconfig_log_dir'])) {
mkdir($conf['ispconfig_log_dir']);
}
if (!is_file($conf['ispconfig_log_dir'] . '/ispconfig.log')) {
exec('touch ' . $conf['ispconfig_log_dir'] . '/ispconfig.log');
}
if (is_user('getmail')) {
exec('mv /usr/local/ispconfig/server/scripts/run-getmail.sh /usr/local/bin/run-getmail.sh');
exec('chown getmail /usr/local/bin/run-getmail.sh');
exec('chmod 744 /usr/local/bin/run-getmail.sh');
}
// Edit the file Edit the file /etc/sudoers and comment out the requiregetty line, otherwise the backup function will fail
replaceLine('/etc/sudoers', 'Defaults requiretty', '#Defaults requiretty', 0, 0);
if (is_dir($install_dir . '/interface/invoices')) {
exec('chmod -R 770 ' . escapeshellarg($install_dir . '/interface/invoices'));
exec('chown -R ispconfig:ispconfig ' . escapeshellarg($install_dir . '/interface/invoices'));
}
//* Create the ispconfig auth log file and set uid/gid
if (!is_file($conf['ispconfig_log_dir'] . '/auth.log')) {
touch($conf['ispconfig_log_dir'] . '/auth.log');
}
exec('chown ispconfig:ispconfig ' . $conf['ispconfig_log_dir'] . '/auth.log');
exec('chmod 660 ' . $conf['ispconfig_log_dir'] . '/auth.log');
//* Remove Domain module as its functions are available in the client module now
if (@is_dir('/usr/local/ispconfig/interface/web/domain')) {
exec('rm -rf /usr/local/ispconfig/interface/web/domain');
}
// Add symlink for patch tool
if (!is_link('/usr/local/bin/ispconfig_patch')) {
exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');
}
// Change mode of a few files from amavisd
if (is_file($conf['amavis']['config_dir'] . '/conf.d/50-user')) {
chmod($conf['amavis']['config_dir'] . '/conf.d/50-user', 0640);
}
if (is_file($conf['amavis']['config_dir'] . '/50-user~')) {
chmod($conf['amavis']['config_dir'] . '/50-user~', 0400);
}
if (is_file($conf['amavis']['config_dir'] . '/amavisd.conf')) {
chmod($conf['amavis']['config_dir'] . '/amavisd.conf', 0640);
}
if (is_file($conf['amavis']['config_dir'] . '/amavisd.conf~')) {
chmod($conf['amavis']['config_dir'] . '/amavisd.conf~', 0400);
}
}
<?php
} elseif (is_group('developer')) {
?>
<a href="<?php
echo site_url('page/create');
?>
" class="list-group-item">Page Baru</a>
<a href="<?php
echo site_url('page/list');
?>
" class="list-group-item">Senarai Page</a>
<?php
} elseif (is_group('affiliate')) {
?>
<a href="<?php
echo site_url('dashboard/aff_products');
?>
" class="list-group-item">Senarai Produk</a>
<a href="<?php
echo site_url('dashboard/aff_sales');
?>
" class="list-group-item">Sales</a>
<?php
}
?>
</div>
/**
* Helper function - writes the contents to a config file
* and performs a backup if the file exist. Additionally
* if the file exists the new file will be given the
* same rights and ownership as the original. Optionally the
* rights and/or ownership can be overriden by appending umask,
* user and group to the parameters. Providing only uid and gid
* values will result in only a chown.
*
* @param $tConf
* @param $tContents
* @return bool
*/
protected function write_config_file($tConf, $tContents)
{
// Backup config file before writing new contents and stat file
if (is_file($tConf)) {
$stat = exec('stat -c \'%a %U %G\' ' . escapeshellarg($tConf), $output, $res);
if ($res == 0) {
// stat successfull
list($access, $user, $group) = explode(" ", $stat);
}
if (copy($tConf, $tConf . '~')) {
chmod($tConf . '~', 0400);
}
}
wf($tConf, $tContents);
// write file
if (func_num_args() >= 4) {
$args = func_get_args();
$output = array_slice($args, 2);
switch (sizeof($output)) {
case 3:
$umask = array_shift($output);
if (is_numeric($umask) && preg_match('/^0?[0-7]{3}$/', $umask)) {
$access = $umask;
}
case 2:
if (is_user($output[0]) && is_group($output[1])) {
list($user, $group) = $output;
}
break;
}
}
if (!empty($user) && !empty($group)) {
chown($tConf, $user);
chgrp($tConf, $group);
}
if (!empty($access)) {
exec("chmod {$access} {$tConf}");
}
}
<?php
// show_sess();
?>
<div class="list-group">
<?php
if (is_group('developer')) {
?>
<a href="<?php
echo site_url('customer');
?>
" class="list-group-item">Urus Pelanggan</a>
<?php
} elseif (is_group('user')) {
$user = $this->session->userdata('user');
?>
<a href="<?php
echo site_url('dashboard/data');
?>
" class="list-group-item">Data</a>
<a href="<?php
echo site_url('dashboard/report');
?>
" class="list-group-item">Report</a>
<a href="<?php
echo site_url('dashboard/setting');
?>
" class="list-group-item">Settings</a>
