protected function create_pathOptions($domain)
{
$result_stmt = Database::prepare("\n\t\t\tSELECT * FROM " . TABLE_PANEL_HTACCESS . "\n\t\t\tWHERE `path` LIKE :docroot\n\t\t");
Database::pexecute($result_stmt, array('docroot' => $domain['documentroot'] . '%'));
$path_options = '';
$error_string = '';
while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
if (!empty($row['error404path'])) {
$defhandler = $row['error404path'];
if (!validateUrl($defhandler)) {
$defhandler = makeCorrectFile($domain['documentroot'] . '/' . $defhandler);
}
$error_string .= ' server.error-handler-404 = "' . $defhandler . '"' . "\n\n";
}
if ($row['options_indexes'] != '0') {
if (!empty($error_string)) {
$path_options .= $error_string;
// reset $error_string here to prevent duplicate entries
$error_string = '';
}
$path = makeCorrectDir(substr($row['path'], strlen($domain['documentroot']) - 1));
mkDirWithCorrectOwnership($domain['documentroot'], $row['path'], $domain['guid'], $domain['guid']);
// We need to remove the last slash, otherwise the regex wouldn't work
if ($row['path'] != $domain['documentroot']) {
$path = substr($path, 0, -1);
}
$path_options .= ' $HTTP["url"] =~ "^' . $path . '($|/)" {' . "\n";
$path_options .= "\t" . 'dir-listing.activate = "enable"' . "\n";
$path_options .= ' }' . "\n\n";
} else {
$path_options = $error_string;
}
if (customerHasPerlEnabled($domain['customerid']) && $row['options_cgi'] != '0') {
$path = makeCorrectDir(substr($row['path'], strlen($domain['documentroot']) - 1));
mkDirWithCorrectOwnership($domain['documentroot'], $row['path'], $domain['guid'], $domain['guid']);
// We need to remove the last slash, otherwise the regex wouldn't work
if ($row['path'] != $domain['documentroot']) {
$path = substr($path, 0, -1);
}
$path_options .= ' $HTTP["url"] =~ "^' . $path . '($|/)" {' . "\n";
$path_options .= "\t" . 'cgi.assign = (' . "\n";
$path_options .= "\t\t" . '".pl" => "' . makeCorrectFile(Settings::Get('system.perl_path')) . '",' . "\n";
$path_options .= "\t\t" . '".cgi" => "' . makeCorrectFile(Settings::Get('system.perl_path')) . '"' . "\n";
$path_options .= "\t" . ')' . "\n";
$path_options .= ' }' . "\n\n";
}
}
return $path_options;
}
/**
* We compose the diroption entries for the paths
*/
public function createFileDirOptions()
{
$result_stmt = Database::query("\n\t\t\tSELECT `htac`.*, `c`.`guid`, `c`.`documentroot` AS `customerroot`\n\t\t\tFROM `" . TABLE_PANEL_HTACCESS . "` `htac`\n\t\t\tLEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING (`customerid`)\n\t\t\tORDER BY `htac`.`path`\n\t\t");
$diroptions = array();
while ($row_diroptions = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
if ($row_diroptions['customerid'] != 0 && isset($row_diroptions['customerroot']) && $row_diroptions['customerroot'] != '') {
$diroptions[$row_diroptions['path']] = $row_diroptions;
$diroptions[$row_diroptions['path']]['htpasswds'] = array();
}
}
$result_stmt = Database::query("\n\t\t\tSELECT `htpw`.*, `c`.`guid`, `c`.`documentroot` AS `customerroot`\n\t\t\tFROM `" . TABLE_PANEL_HTPASSWDS . "` `htpw`\n\t\t\tLEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING (`customerid`)\n\t\t\tORDER BY `htpw`.`path`, `htpw`.`username`\n\t\t");
while ($row_htpasswds = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
if ($row_htpasswds['customerid'] != 0 && isset($row_htpasswds['customerroot']) && $row_htpasswds['customerroot'] != '') {
if (!isset($diroptions[$row_htpasswds['path']]) || !is_array($diroptions[$row_htpasswds['path']])) {
$diroptions[$row_htpasswds['path']] = array();
}
$diroptions[$row_htpasswds['path']]['path'] = $row_htpasswds['path'];
$diroptions[$row_htpasswds['path']]['guid'] = $row_htpasswds['guid'];
$diroptions[$row_htpasswds['path']]['customerroot'] = $row_htpasswds['customerroot'];
$diroptions[$row_htpasswds['path']]['customerid'] = $row_htpasswds['customerid'];
$diroptions[$row_htpasswds['path']]['htpasswds'][] = $row_htpasswds;
}
}
foreach ($diroptions as $row_diroptions) {
$row_diroptions['path'] = makeCorrectDir($row_diroptions['path']);
mkDirWithCorrectOwnership($row_diroptions['customerroot'], $row_diroptions['path'], $row_diroptions['guid'], $row_diroptions['guid']);
$diroptions_filename = makeCorrectFile(Settings::Get('system.apacheconf_diroptions') . '/40_froxlor_diroption_' . md5($row_diroptions['path']) . '.conf');
if (!isset($this->diroptions_data[$diroptions_filename])) {
$this->diroptions_data[$diroptions_filename] = '';
}
if (is_dir($row_diroptions['path'])) {
$cperlenabled = customerHasPerlEnabled($row_diroptions['customerid']);
$this->diroptions_data[$diroptions_filename] .= '<Directory "' . $row_diroptions['path'] . '">' . "\n";
if (isset($row_diroptions['options_indexes']) && $row_diroptions['options_indexes'] == '1') {
$this->diroptions_data[$diroptions_filename] .= ' Options +Indexes';
// add perl options if enabled
if ($cperlenabled && isset($row_diroptions['options_cgi']) && $row_diroptions['options_cgi'] == '1') {
$this->diroptions_data[$diroptions_filename] .= ' +ExecCGI -MultiViews +SymLinksIfOwnerMatch +FollowSymLinks' . "\n";
} else {
$this->diroptions_data[$diroptions_filename] .= "\n";
}
fwrite($this->debugHandler, ' cron_tasks: Task3 - Setting Options +Indexes' . "\n");
}
if (isset($row_diroptions['options_indexes']) && $row_diroptions['options_indexes'] == '0') {
$this->diroptions_data[$diroptions_filename] .= ' Options -Indexes';
// add perl options if enabled
if ($cperlenabled && isset($row_diroptions['options_cgi']) && $row_diroptions['options_cgi'] == '1') {
$this->diroptions_data[$diroptions_filename] .= ' +ExecCGI -MultiViews +SymLinksIfOwnerMatch +FollowSymLinks' . "\n";
} else {
$this->diroptions_data[$diroptions_filename] .= "\n";
}
fwrite($this->debugHandler, ' cron_tasks: Task3 - Setting Options -Indexes' . "\n");
}
$statusCodes = array('404', '403', '500');
foreach ($statusCodes as $statusCode) {
if (isset($row_diroptions['error' . $statusCode . 'path']) && $row_diroptions['error' . $statusCode . 'path'] != '') {
$defhandler = $row_diroptions['error' . $statusCode . 'path'];
if (!validateUrl($defhandler)) {
if (substr($defhandler, 0, 1) != '"' && substr($defhandler, -1, 1) != '"') {
$defhandler = '"' . makeCorrectFile($defhandler) . '"';
}
}
$this->diroptions_data[$diroptions_filename] .= ' ErrorDocument ' . $statusCode . ' ' . $defhandler . "\n";
}
}
if ($cperlenabled && isset($row_diroptions['options_cgi']) && $row_diroptions['options_cgi'] == '1') {
$this->diroptions_data[$diroptions_filename] .= ' AllowOverride None' . "\n";
$this->diroptions_data[$diroptions_filename] .= ' AddHandler cgi-script .cgi .pl' . "\n";
// >=apache-2.4 enabled?
if (Settings::Get('system.apache24') == '1') {
$mypath_dir = new frxDirectory($row_diroptions['path']);
// only create the require all granted if there is not active directory-protection
// for this path, as this would be the first require and therefore grant all access
if ($mypath_dir->isUserProtected() == false) {
$this->diroptions_data[$diroptions_filename] .= ' Require all granted' . "\n";
}
} else {
$this->diroptions_data[$diroptions_filename] .= ' Order allow,deny' . "\n";
$this->diroptions_data[$diroptions_filename] .= ' Allow from all' . "\n";
}
fwrite($this->debugHandler, ' cron_tasks: Task3 - Enabling perl execution' . "\n");
// check for suexec-workaround, #319
if ((int) Settings::Get('perl.suexecworkaround') == 1) {
// symlink this directory to suexec-safe-path
$loginname = getCustomerDetail($row_diroptions['customerid'], 'loginname');
$suexecpath = makeCorrectDir(Settings::Get('perl.suexecpath') . '/' . $loginname . '/' . md5($row_diroptions['path']) . '/');
if (!file_exists($suexecpath)) {
safe_exec('mkdir -p ' . escapeshellarg($suexecpath));
safe_exec('chown -R ' . escapeshellarg($row_diroptions['guid']) . ':' . escapeshellarg($row_diroptions['guid']) . ' ' . escapeshellarg($suexecpath));
}
// symlink to {$givenpath}/cgi-bin
// NOTE: symlinks are FILES, so do not append a / here
$perlsymlink = makeCorrectFile($row_diroptions['path'] . '/cgi-bin');
if (!file_exists($perlsymlink)) {
safe_exec('ln -s ' . escapeshellarg($suexecpath) . ' ' . escapeshellarg($perlsymlink));
}
safe_exec('chown ' . escapeshellarg($row_diroptions['guid']) . ':' . escapeshellarg($row_diroptions['guid']) . ' ' . escapeshellarg($perlsymlink));
}
} else {
// if no perl-execution is enabled but the workaround is,
// we have to remove the symlink and folder in suexecpath
if ((int) Settings::Get('perl.suexecworkaround') == 1) {
$loginname = getCustomerDetail($row_diroptions['customerid'], 'loginname');
$suexecpath = makeCorrectDir(Settings::Get('perl.suexecpath') . '/' . $loginname . '/' . md5($row_diroptions['path']) . '/');
$perlsymlink = makeCorrectFile($row_diroptions['path'] . '/cgi-bin');
// remove symlink
if (file_exists($perlsymlink)) {
safe_exec('rm -f ' . escapeshellarg($perlsymlink));
}
// remove folder in suexec-path
if (file_exists($suexecpath)) {
safe_exec('rm -rf ' . escapeshellarg($suexecpath));
}
}
}
if (count($row_diroptions['htpasswds']) > 0) {
$htpasswd_filename = makeCorrectFile(Settings::Get('system.apacheconf_htpasswddir') . '/' . $row_diroptions['customerid'] . '-' . md5($row_diroptions['path']) . '.htpasswd');
if (!isset($this->htpasswds_data[$htpasswd_filename])) {
$this->htpasswds_data[$htpasswd_filename] = '';
}
foreach ($row_diroptions['htpasswds'] as $row_htpasswd) {
$this->htpasswds_data[$htpasswd_filename] .= $row_htpasswd['username'] . ':' . $row_htpasswd['password'] . "\n";
}
$this->diroptions_data[$diroptions_filename] .= ' AuthType Basic' . "\n";
$this->diroptions_data[$diroptions_filename] .= ' AuthName "' . $row_htpasswd['authname'] . '"' . "\n";
$this->diroptions_data[$diroptions_filename] .= ' AuthUserFile ' . $htpasswd_filename . "\n";
$this->diroptions_data[$diroptions_filename] .= ' require valid-user' . "\n";
}
$this->diroptions_data[$diroptions_filename] .= '</Directory>' . "\n";
}
}
}
protected function create_pathOptions($domain)
{
$has_location = false;
$result_stmt = Database::prepare("\n\t\t\tSELECT * FROM " . TABLE_PANEL_HTACCESS . "\n\t\t\tWHERE `path` LIKE :docroot\n\t\t");
Database::pexecute($result_stmt, array('docroot' => $domain['documentroot'] . '%'));
$path_options = '';
$htpasswds = $this->getHtpasswds($domain);
// for each entry in the htaccess table
while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
if (!empty($row['error404path'])) {
$defhandler = $row['error404path'];
if (!validateUrl($defhandler)) {
$defhandler = makeCorrectFile($defhandler);
}
$path_options .= "\t" . 'error_page 404 ' . $defhandler . ';' . "\n";
}
if (!empty($row['error403path'])) {
$defhandler = $row['error403path'];
if (!validateUrl($defhandler)) {
$defhandler = makeCorrectFile($defhandler);
}
$path_options .= "\t" . 'error_page 403 ' . $defhandler . ';' . "\n";
}
if (!empty($row['error500path'])) {
$defhandler = $row['error500path'];
if (!validateUrl($defhandler)) {
$defhandler = makeCorrectFile($defhandler);
}
$path_options .= "\t" . 'error_page 500 502 503 504 ' . $defhandler . ';' . "\n";
}
// if ($row['options_indexes'] != '0') {
$path = makeCorrectDir(substr($row['path'], strlen($domain['documentroot']) - 1));
mkDirWithCorrectOwnership($domain['documentroot'], $row['path'], $domain['guid'], $domain['guid']);
$path_options .= "\t" . '# ' . $path . "\n";
if ($path == '/') {
if ($row['options_indexes'] != '0') {
$this->vhost_root_autoindex = true;
}
$path_options .= "\t" . 'location ' . $path . ' {' . "\n";
if ($this->vhost_root_autoindex) {
$path_options .= "\t\t" . 'autoindex on;' . "\n";
$this->vhost_root_autoindex = false;
} else {
$path_options .= "\t\t" . 'index index.php index.html index.htm;' . "\n";
}
// $path_options.= "\t\t" . 'try_files $uri $uri/ @rewrites;'."\n";
// check if we have a htpasswd for this path
// (damn nginx does not like more than one
// 'location'-part with the same path)
if (count($htpasswds) > 0) {
foreach ($htpasswds as $idx => $single) {
switch ($single['path']) {
case '/awstats/':
case '/webalizer/':
// no stats-alias in "location /"-context
break;
default:
if ($single['path'] == '/') {
$path_options .= "\t\t" . 'auth_basic "' . $single['authname'] . '";' . "\n";
$path_options .= "\t\t" . 'auth_basic_user_file ' . makeCorrectFile($single['usrf']) . ';' . "\n";
// remove already used entries so we do not have doubles
unset($htpasswds[$idx]);
}
}
}
}
$path_options .= "\t" . '}' . "\n";
$this->vhost_root_autoindex = false;
} else {
$path_options .= "\t" . 'location ' . $path . ' {' . "\n";
if ($this->vhost_root_autoindex || $row['options_indexes'] != '0') {
$path_options .= "\t\t" . 'autoindex on;' . "\n";
$this->vhost_root_autoindex = false;
} else {
$path_options .= "\t\t" . 'index index.php index.html index.htm;' . "\n";
}
$path_options .= "\t" . '} ' . "\n";
}
// }
/**
* Perl support
* required the fastCGI wrapper to be running to receive the CGI requests.
*/
if (customerHasPerlEnabled($domain['customerid']) && $row['options_cgi'] != '0') {
$path = makeCorrectDir(substr($row['path'], strlen($domain['documentroot']) - 1));
mkDirWithCorrectOwnership($domain['documentroot'], $row['path'], $domain['guid'], $domain['guid']);
// We need to remove the last slash, otherwise the regex wouldn't work
if ($row['path'] != $domain['documentroot']) {
$path = substr($path, 0, -1);
}
$path_options .= "\t" . 'location ~ \\(.pl|.cgi)$ {' . "\n";
$path_options .= "\t\t" . 'gzip off; #gzip makes scripts feel slower since they have to complete before getting gzipped' . "\n";
$path_options .= "\t\t" . 'fastcgi_pass ' . Settings::Get('system.perl_server') . ';' . "\n";
$path_options .= "\t\t" . 'fastcgi_index index.cgi;' . "\n";
$path_options .= "\t\t" . 'include ' . Settings::Get('nginx.fastcgiparams') . ';' . "\n";
$path_options .= "\t" . '}' . "\n";
}
}
// now the rest of the htpasswds
if (count($htpasswds) > 0) {
foreach ($htpasswds as $idx => $single) {
//if ($single['path'] != '/') {
switch ($single['path']) {
case '/awstats/':
case '/webalizer/':
$path_options .= $this->getStats($domain, $single);
unset($htpasswds[$idx]);
break;
default:
$path_options .= "\t" . 'location ' . makeCorrectDir($single['path']) . ' {' . "\n";
$path_options .= "\t\t" . 'auth_basic "' . $single['authname'] . '";' . "\n";
$path_options .= "\t\t" . 'auth_basic_user_file ' . makeCorrectFile($single['usrf']) . ';' . "\n";
$path_options .= "\t" . '}' . "\n";
}
//}
unset($htpasswds[$idx]);
}
}
return $path_options;
}
standard_error(array('stringisempty', 'mypassword'));
exit;
} else {
$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account password for '" . $result['username'] . "'");
$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int) $userinfo['customerid'] . "' AND `id`='" . (int) $id . "'");
// also update customers backup user password if password of main ftp user is changed
if (!preg_match('/' . $settings['customer']['ftpprefix'] . '/', $result['username'])) {
$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `password`=ENCRYPT('" . $db->escape($password) . "') WHERE `customerid`='" . (int) $userinfo['customerid'] . "' AND `username`='" . $result['username'] . "_backup'");
}
}
}
if ($path != '') {
$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
if ($path != $result['homedir']) {
if (!file_exists($path)) {
mkDirWithCorrectOwnership($userinfo['documentroot'], $path, $result['uid'], $result['gid']);
inserttask(5);
/* Let the cronjob do the rest */
}
$log->logAction(USR_ACTION, LOG_INFO, "updated ftp-account homdir for '" . $result['username'] . "'");
$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `homedir`= '" . $db->escape($path) . "' WHERE `customerid`='" . (int) $userinfo['customerid'] . "' AND `id`='" . (int) $id . "'");
}
}
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
if (strpos($result['homedir'], $userinfo['documentroot']) === 0) {
$homedir = substr($result['homedir'], strlen($userinfo['documentroot']));
} else {
$homedir = $result['homedir'];
}
$homedir = makeCorrectDir($homedir);
$cronlog->logAction(CRON_ACTION, LOG_NOTICE, 'Running: chown -R ' . (int) Settings::Get('system.vmail_uid') . ':' . (int) Settings::Get('system.vmail_gid') . ' ' . escapeshellarg($usermaildir));
safe_exec('chown -R ' . (int) Settings::Get('system.vmail_uid') . ':' . (int) Settings::Get('system.vmail_gid') . ' ' . escapeshellarg($usermaildir));
}
} elseif ($row['type'] == '4' && (int) Settings::Get('system.bind_enable') != 0) {
if (!isset($nameserver)) {
$nameserver = new bind($cronlog, $debugHandler);
}
if (Settings::Get('dkim.use_dkim') == '1') {
$nameserver->writeDKIMconfigs();
}
$nameserver->writeConfigs();
} elseif ($row['type'] == '5') {
$cronlog->logAction(CRON_ACTION, LOG_INFO, 'Creating new FTP-home');
$result_directories_stmt = Database::query("\n\t\t\tSELECT `f`.`homedir`, `f`.`uid`, `f`.`gid`, `c`.`documentroot` AS `customerroot`\n\t\t\tFROM `" . TABLE_FTP_USERS . "` `f` LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING (`customerid`)\n\t\t");
while ($directory = $result_directories_stmt->fetch(PDO::FETCH_ASSOC)) {
mkDirWithCorrectOwnership($directory['customerroot'], $directory['homedir'], $directory['uid'], $directory['gid']);
}
} elseif ($row['type'] == '6') {
fwrite($debugHandler, ' cron_tasks: Task6 started - deleting customer data' . "\n");
$cronlog->logAction(CRON_ACTION, LOG_INFO, 'Task6 started - deleting customer data');
if (is_array($row['data'])) {
if (isset($row['data']['loginname'])) {
// remove homedir
$homedir = makeCorrectDir(Settings::Get('system.documentroot_prefix') . '/' . $row['data']['loginname']);
if (file_exists($homedir) && $homedir != '/' && $homedir != Settings::Get('system.documentroot_prefix') && substr($homedir, 0, strlen(Settings::Get('system.documentroot_prefix'))) == Settings::Get('system.documentroot_prefix')) {
$cronlog->logAction(CRON_ACTION, LOG_NOTICE, 'Running: rm -rf ' . escapeshellarg($homedir));
safe_exec('rm -rf ' . escapeshellarg($homedir));
}
// remove maildir
$maildir = makeCorrectDir(Settings::Get('system.vmail_homedir') . '/' . $row['data']['loginname']);
if (file_exists($maildir) && $maildir != '/' && $maildir != Settings::Get('system.vmail_homedir') && substr($maildir, 0, strlen(Settings::Get('system.vmail_homedir'))) == Settings::Get('system.vmail_homedir') && is_dir($maildir) && fileowner($maildir) == Settings::Get('system.vmail_uid') && filegroup($maildir) == Settings::Get('system.vmail_gid')) {
public function createFileDirOptions()
{
$result = $this->db->query('SELECT `htac`.*, `c`.`guid`, `c`.`documentroot` AS `customerroot` FROM `' . TABLE_PANEL_HTACCESS . '` `htac` LEFT JOIN `' . TABLE_PANEL_CUSTOMERS . '` `c` USING (`customerid`) ORDER BY `htac`.`path`');
$diroptions = array();
while ($row_diroptions = $this->db->fetch_array($result)) {
if ($row_diroptions['customerid'] != 0 && isset($row_diroptions['customerroot']) && $row_diroptions['customerroot'] != '') {
$diroptions[$row_diroptions['path']] = $row_diroptions;
$diroptions[$row_diroptions['path']]['htpasswds'] = array();
}
}
$result = $this->db->query('SELECT `htpw`.*, `c`.`guid`, `c`.`documentroot` AS `customerroot` FROM `' . TABLE_PANEL_HTPASSWDS . '` `htpw` LEFT JOIN `' . TABLE_PANEL_CUSTOMERS . '` `c` USING (`customerid`) ORDER BY `htpw`.`path`, `htpw`.`username`');
while ($row_htpasswds = $this->db->fetch_array($result)) {
if ($row_htpasswds['customerid'] != 0 && isset($row_htpasswds['customerroot']) && $row_htpasswds['customerroot'] != '') {
if (!isset($diroptions[$row_htpasswds['path']]) || !is_array($diroptions[$row_htpasswds['path']])) {
$diroptions[$row_htpasswds['path']] = array();
}
$diroptions[$row_htpasswds['path']]['path'] = $row_htpasswds['path'];
$diroptions[$row_htpasswds['path']]['guid'] = $row_htpasswds['guid'];
$diroptions[$row_htpasswds['path']]['customerroot'] = $row_htpasswds['customerroot'];
$diroptions[$row_htpasswds['path']]['customerid'] = $row_htpasswds['customerid'];
$diroptions[$row_htpasswds['path']]['htpasswds'][] = $row_htpasswds;
}
}
foreach ($diroptions as $row_diroptions) {
$row_diroptions['path'] = makeCorrectDir($row_diroptions['path']);
mkDirWithCorrectOwnership($row_diroptions['customerroot'], $row_diroptions['path'], $row_diroptions['guid'], $row_diroptions['guid']);
$diroptions_filename = makeCorrectFile($this->settings['system']['apacheconf_diroptions'] . '/40_syscp_diroption_' . md5($row_diroptions['path']) . '.conf');
if (!isset($this->diroptions_data[$diroptions_filename])) {
$this->diroptions_data[$diroptions_filename] = '';
}
if (is_dir($row_diroptions['path'])) {
$this->diroptions_data[$diroptions_filename] .= '<Directory "' . $row_diroptions['path'] . '">' . "\n";
if (isset($row_diroptions['options_indexes']) && $row_diroptions['options_indexes'] == '1') {
$this->diroptions_data[$diroptions_filename] .= ' Options +Indexes' . "\n";
fwrite($this->debugHandler, ' cron_tasks: Task3 - Setting Options +Indexes' . "\n");
}
if (isset($row_diroptions['options_indexes']) && $row_diroptions['options_indexes'] == '0') {
$this->diroptions_data[$diroptions_filename] .= ' Options -Indexes' . "\n";
fwrite($this->debugHandler, ' cron_tasks: Task3 - Setting Options -Indexes' . "\n");
}
if (isset($row_diroptions['error404path']) && $row_diroptions['error404path'] != '') {
$this->diroptions_data[$diroptions_filename] .= ' ErrorDocument 404 ' . $row_diroptions['error404path'] . "\n";
}
if (isset($row_diroptions['error403path']) && $row_diroptions['error403path'] != '') {
$this->diroptions_data[$diroptions_filename] .= ' ErrorDocument 403 ' . $row_diroptions['error403path'] . "\n";
}
if (isset($row_diroptions['error500path']) && $row_diroptions['error500path'] != '') {
$this->diroptions_data[$diroptions_filename] .= ' ErrorDocument 500 ' . $row_diroptions['error500path'] . "\n";
}
if (count($row_diroptions['htpasswds']) > 0) {
$htpasswd_filename = makeCorrectFile($this->settings['system']['apacheconf_htpasswddir'] . '/' . $row_diroptions['customerid'] . '-' . md5($row_diroptions['path']) . '.htpasswd');
if (!isset($this->htpasswds_data[$htpasswd_filename])) {
$this->htpasswds_data[$htpasswd_filename] = '';
}
foreach ($row_diroptions['htpasswds'] as $row_htpasswd) {
$this->htpasswds_data[$htpasswd_filename] .= $row_htpasswd['username'] . ':' . $row_htpasswd['password'] . "\n";
}
$this->diroptions_data[$diroptions_filename] .= ' AuthType Basic' . "\n";
$this->diroptions_data[$diroptions_filename] .= ' AuthName "Restricted Area"' . "\n";
$this->diroptions_data[$diroptions_filename] .= ' AuthUserFile ' . $htpasswd_filename . "\n";
$this->diroptions_data[$diroptions_filename] .= ' require valid-user' . "\n";
}
$this->diroptions_data[$diroptions_filename] .= '</Directory>' . "\n";
}
}
}
public function createFileDirOptions()
{
$result = $this->db->query('SELECT `htac`.*, `c`.`guid`, `c`.`documentroot` AS `customerroot` FROM `' . TABLE_PANEL_HTACCESS . '` `htac` LEFT JOIN `' . TABLE_PANEL_CUSTOMERS . '` `c` USING (`customerid`) ORDER BY `htac`.`path`');
$diroptions = array();
while ($row_diroptions = $this->db->fetch_array($result)) {
if ($row_diroptions['customerid'] != 0 && isset($row_diroptions['customerroot']) && $row_diroptions['customerroot'] != '') {
$diroptions[$row_diroptions['path']] = $row_diroptions;
$diroptions[$row_diroptions['path']]['htpasswds'] = array();
}
}
$result = $this->db->query('SELECT `htpw`.*, `c`.`guid`, `c`.`documentroot` AS `customerroot` FROM `' . TABLE_PANEL_HTPASSWDS . '` `htpw` LEFT JOIN `' . TABLE_PANEL_CUSTOMERS . '` `c` USING (`customerid`) ORDER BY `htpw`.`path`, `htpw`.`username`');
while ($row_htpasswds = $this->db->fetch_array($result)) {
if ($row_htpasswds['customerid'] != 0 && isset($row_htpasswds['customerroot']) && $row_htpasswds['customerroot'] != '') {
if (!isset($diroptions[$row_htpasswds['path']]) || !is_array($diroptions[$row_htpasswds['path']])) {
$diroptions[$row_htpasswds['path']] = array();
}
$diroptions[$row_htpasswds['path']]['path'] = $row_htpasswds['path'];
$diroptions[$row_htpasswds['path']]['guid'] = $row_htpasswds['guid'];
$diroptions[$row_htpasswds['path']]['customerroot'] = $row_htpasswds['customerroot'];
$diroptions[$row_htpasswds['path']]['customerid'] = $row_htpasswds['customerid'];
$diroptions[$row_htpasswds['path']]['htpasswds'][] = $row_htpasswds;
}
}
foreach ($diroptions as $row_diroptions) {
$row_diroptions['path'] = makeCorrectDir($row_diroptions['path']);
mkDirWithCorrectOwnership($row_diroptions['customerroot'], $row_diroptions['path'], $row_diroptions['guid'], $row_diroptions['guid']);
$diroptions_filename = makeCorrectFile($this->settings['system']['apacheconf_diroptions'] . '/40_froxlor_diroption_' . md5($row_diroptions['path']) . '.conf');
if (!isset($this->diroptions_data[$diroptions_filename])) {
$this->diroptions_data[$diroptions_filename] = '';
}
if (is_dir($row_diroptions['path'])) {
$cperlenabled = customerHasPerlEnabled($row_diroptions['customerid']);
$this->diroptions_data[$diroptions_filename] .= '<Directory "' . $row_diroptions['path'] . '">' . "\n";
if (isset($row_diroptions['options_indexes']) && $row_diroptions['options_indexes'] == '1') {
$this->diroptions_data[$diroptions_filename] .= ' Options +Indexes';
// add perl options if enabled
if ($cperlenabled && isset($row_diroptions['options_cgi']) && $row_diroptions['options_cgi'] == '1') {
$this->diroptions_data[$diroptions_filename] .= ' ExecCGI -MultiViews +SymLinksIfOwnerMatch +FollowSymLinks' . "\n";
} else {
$this->diroptions_data[$diroptions_filename] .= "\n";
}
fwrite($this->debugHandler, ' cron_tasks: Task3 - Setting Options +Indexes' . "\n");
}
if (isset($row_diroptions['options_indexes']) && $row_diroptions['options_indexes'] == '0') {
$this->diroptions_data[$diroptions_filename] .= ' Options -Indexes';
// add perl options if enabled
if ($cperlenabled && isset($row_diroptions['options_cgi']) && $row_diroptions['options_cgi'] == '1') {
$this->diroptions_data[$diroptions_filename] .= ' ExecCGI -MultiViews +SymLinksIfOwnerMatch +FollowSymLinks' . "\n";
} else {
$this->diroptions_data[$diroptions_filename] .= "\n";
}
fwrite($this->debugHandler, ' cron_tasks: Task3 - Setting Options -Indexes' . "\n");
}
if (isset($row_diroptions['error404path']) && $row_diroptions['error404path'] != '') {
$this->diroptions_data[$diroptions_filename] .= ' ErrorDocument 404 "' . $this->escapeConfigParameter($row_diroptions['error404path']) . '"' . "\n";
}
if (isset($row_diroptions['error403path']) && $row_diroptions['error403path'] != '') {
$this->diroptions_data[$diroptions_filename] .= ' ErrorDocument 403 "' . $this->escapeConfigParameter($row_diroptions['error403path']) . '"' . "\n";
}
if (isset($row_diroptions['error500path']) && $row_diroptions['error500path'] != '') {
$this->diroptions_data[$diroptions_filename] .= ' ErrorDocument 500 "' . $this->escapeConfigParameter($row_diroptions['error500path']) . '"' . "\n";
}
if ($cperlenabled && isset($row_diroptions['options_cgi']) && $row_diroptions['options_cgi'] == '1') {
$this->diroptions_data[$diroptions_filename] .= ' AllowOverride None' . "\n";
$this->diroptions_data[$diroptions_filename] .= ' AddHandler cgi-script .cgi .pl' . "\n";
$this->diroptions_data[$diroptions_filename] .= ' Order allow,deny' . "\n";
$this->diroptions_data[$diroptions_filename] .= ' Allow from all' . "\n";
fwrite($this->debugHandler, ' cron_tasks: Task3 - Enabling perl execution' . "\n");
// check for suexec-workaround, #319
if ((int) $this->settings['perl']['suexecworkaround'] == 1) {
// symlink this directory to suexec-safe-path
$loginname = getCustomerDetail($row_diroptions['customerid'], 'loginname');
$suexecpath = makeCorrectDir($this->settings['perl']['suexecpath'] . '/' . $loginname . '/' . md5($row_diroptions['path']) . '/');
if (!file_exists($suexecpath)) {
safe_exec('mkdir -p ' . escapeshellarg($suexecpath));
safe_exec('chown -R ' . escapeshellarg($row_diroptions['guid']) . ':' . escapeshellarg($row_diroptions['guid']) . ' ' . escapeshellarg($suexecpath));
}
// symlink to {$givenpath}/cgi-bin
// NOTE: symlinks are FILES, so do not append a / here
$perlsymlink = makeCorrectFile($row_diroptions['path'] . '/cgi-bin');
if (!file_exists($perlsymlink)) {
safe_exec('ln -s ' . escapeshellarg($suexecpath) . ' ' . escapeshellarg($perlsymlink));
}
safe_exec('chown ' . escapeshellarg($row_diroptions['guid']) . ':' . escapeshellarg($row_diroptions['guid']) . ' ' . escapeshellarg($perlsymlink));
}
} else {
// if no perl-execution is enabled but the workaround is,
// we have to remove the symlink and folder in suexecpath
if ((int) $this->settings['perl']['suexecworkaround'] == 1) {
$loginname = getCustomerDetail($row_diroptions['customerid'], 'loginname');
$suexecpath = makeCorrectDir($this->settings['perl']['suexecpath'] . '/' . $loginname . '/' . md5($row_diroptions['path']) . '/');
$perlsymlink = makeCorrectFile($row_diroptions['path'] . '/cgi-bin');
// remove symlink
if (file_exists($perlsymlink)) {
safe_exec('rm -f ' . escapeshellarg($perlsymlink));
}
// remove folder in suexec-path
if (file_exists($suexecpath)) {
safe_exec('rm -rf ' . escapeshellarg($suexecpath));
}
}
}
if (count($row_diroptions['htpasswds']) > 0) {
$htpasswd_filename = makeCorrectFile($this->settings['system']['apacheconf_htpasswddir'] . '/' . $row_diroptions['customerid'] . '-' . md5($row_diroptions['path']) . '.htpasswd');
if (!isset($this->htpasswds_data[$htpasswd_filename])) {
$this->htpasswds_data[$htpasswd_filename] = '';
}
foreach ($row_diroptions['htpasswds'] as $row_htpasswd) {
$this->htpasswds_data[$htpasswd_filename] .= $row_htpasswd['username'] . ':' . $row_htpasswd['password'] . "\n";
}
$this->diroptions_data[$diroptions_filename] .= ' AuthType Basic' . "\n";
$this->diroptions_data[$diroptions_filename] .= ' AuthName "' . $row_htpasswd['authname'] . '"' . "\n";
$this->diroptions_data[$diroptions_filename] .= ' AuthUserFile ' . $htpasswd_filename . "\n";
$this->diroptions_data[$diroptions_filename] .= ' require valid-user' . "\n";
}
$this->diroptions_data[$diroptions_filename] .= '</Directory>' . "\n";
}
}
}
protected function create_pathOptions($domain)
{
$has_location = false;
$query = "SELECT * FROM " . TABLE_PANEL_HTACCESS . " WHERE `path` LIKE '" . $domain['documentroot'] . "%'";
$result = $this->db->query($query);
$path_options = '';
$htpasswds = $this->getHtpasswds($domain);
while ($row = $this->db->fetch_array($result)) {
if (!empty($row['error404path'])) {
$path_options .= "\t" . 'error_page 404 ' . $row['error404path'] . ';' . "\n";
}
if (!empty($row['error403path'])) {
$path_options .= "\t" . 'error_page 403 ' . $row['error403path'] . ';' . "\n";
}
if (!empty($row['error500path'])) {
$path_options .= "\t" . 'error_page 502 503 504 ' . $row['error500path'] . ';' . "\n";
}
// if($row['options_indexes'] != '0')
// {
$path = makeCorrectDir(substr($row['path'], strlen($domain['documentroot']) - 1));
mkDirWithCorrectOwnership($domain['documentroot'], $row['path'], $domain['guid'], $domain['guid']);
$path_options .= "\t" . '# ' . $path . "\n";
if ($path == '/') {
$this->vhost_root_autoindex = true;
$path_options .= "\t" . 'location ' . $path . ' {' . "\n";
if ($this->vhost_root_autoindex) {
$path_options .= "\t\t" . 'autoindex on;' . "\n";
$this->vhost_root_autoindex = false;
}
$path_options .= "\t\t" . 'index index.php index.html index.htm;' . "\n";
// $path_options.= "\t\t" . 'try_files $uri $uri/ @rewrites;'."\n";
// check if we have a htpasswd for this path
// (damn nginx does not like more than one
// 'location'-part with the same path)
if (count($htpasswds) > 0) {
foreach ($htpasswds as $idx => $single) {
switch ($single['path']) {
case '/awstats/':
case '/webalizer/':
break;
default:
if ($single['path'] == '/') {
$path_options .= "\t\t" . 'auth_basic "Restricted Area";' . "\n";
$path_options .= "\t\t" . 'auth_basic_user_file ' . $single['usrf'] . ';' . "\n";
// remove already used entries so we do not have doubles
unset($htpasswds[$idx]);
}
}
}
}
$path_options .= "\t" . '}' . "\n";
$this->vhost_root_autoindex = false;
} else {
$path_options .= "\t" . 'location ' . $path . ' {' . "\n";
if ($this->vhost_root_autoindex) {
$path_options .= "\t\t" . 'autoindex on;' . "\n";
$this->vhost_root_autoindex = false;
}
$path_options .= "\t\t" . 'index index.php index.html index.htm;' . "\n";
$path_options .= "\t" . '} ' . "\n";
}
// }
/**
* Perl support
* required the fastCGI wrapper to be running to receive the CGI requests.
*/
if (customerHasPerlEnabled($domain['customerid']) && $row['options_cgi'] != '0') {
$path = makeCorrectDir(substr($row['path'], strlen($domain['documentroot']) - 1));
mkDirWithCorrectOwnership($domain['documentroot'], $row['path'], $domain['guid'], $domain['guid']);
// We need to remove the last slash, otherwise the regex wouldn't work
if ($row['path'] != $domain['documentroot']) {
$path = substr($path, 0, -1);
}
$path_options .= "\t" . 'location ~ \\(.pl|.cgi)$ {' . "\n";
$path_options .= "\t\t" . 'gzip off; #gzip makes scripts feel slower since they have to complete before getting gzipped' . "\n";
$path_options .= "\t\t" . 'fastcgi_pass ' . $this->settings['system']['perl_server'] . ';' . "\n";
$path_options .= "\t\t" . 'fastcgi_index index.cgi;' . "\n";
$path_options .= "\t\t" . 'include /etc/nginx/fastcgi_params;' . "\n";
$path_options .= "\t" . '}' . "\n";
}
}
/*
* now the rest of the htpasswds
*/
if (count($htpasswds) > 0) {
foreach ($htpasswds as $idx => $single) {
//if($single['path'] != "/")
//{
switch ($single['path']) {
case '/awstats/':
case '/webalizer/':
$path_options .= $this->getStats($domain, $single);
unset($htpasswds[$idx]);
break;
default:
$path_options .= "\t" . 'location ' . $single['path'] . ' {' . "\n";
$path_options .= "\t\t" . 'auth_basic "Restricted Area";' . "\n";
$path_options .= "\t\t" . 'auth_basic_user_file ' . $single['usrf'] . ';' . "\n";
$path_options .= "\t" . '}' . "\n";
}
//}
unset($htpasswds[$idx]);
}
}
return $path_options;
}
protected function create_pathOptions($domain)
{
$query = "SELECT * FROM " . TABLE_PANEL_HTACCESS . " WHERE `path` LIKE '" . $domain['documentroot'] . "%'";
$result = $this->db->query($query);
$path_options = '';
$error_string = '';
while ($row = $this->db->fetch_array($result)) {
if (!empty($row['error404path'])) {
$error_string .= ' server.error-handler-404 = "' . makeCorrectFile($domain['documentroot'] . '/' . $row['error404path']) . '"' . "\n\n";
}
if ($row['options_indexes'] != '0') {
if (!empty($error_string)) {
$path_options .= $error_string;
// reset $error_string here to prevent duplicate entries
$error_string = '';
}
$path = makeCorrectDir(substr($row['path'], strlen($domain['documentroot']) - 1));
mkDirWithCorrectOwnership($domain['documentroot'], $row['path'], $domain['guid'], $domain['guid']);
// We need to remove the last slash, otherwise the regex wouldn't work
if ($row['path'] != $domain['documentroot']) {
$path = substr($path, 0, -1);
}
$path_options .= ' $HTTP["url"] =~ "^' . $path . '($|/)" {' . "\n";
$path_options .= "\t" . 'dir-listing.activate = "enable"' . "\n";
$path_options .= ' }' . "\n\n";
} else {
$path_options = $error_string;
}
if (customerHasPerlEnabled($domain['customerid']) && $row['options_cgi'] != '0') {
$path = makeCorrectDir(substr($row['path'], strlen($domain['documentroot']) - 1));
mkDirWithCorrectOwnership($domain['documentroot'], $row['path'], $domain['guid'], $domain['guid']);
// We need to remove the last slash, otherwise the regex wouldn't work
if ($row['path'] != $domain['documentroot']) {
$path = substr($path, 0, -1);
}
$path_options .= ' $HTTP["url"] =~ "^' . $path . '($|/)" {' . "\n";
$path_options .= "\t" . 'cgi.assign = (' . "\n";
$path_options .= "\t\t" . '".pl" => "' . makeCorrectFile($this->settings['system']['perl_path']) . '",' . "\n";
$path_options .= "\t\t" . '".cgi" => "' . makeCorrectFile($this->settings['system']['perl_path']) . '"' . "\n";
$path_options .= "\t" . ')' . "\n";
$path_options .= ' }' . "\n\n";
}
}
return $path_options;
}
