function verify_setting($path)
{
anchor($path);
if (query("hostname") == "") {
return set_result("FAILED", $path . "/hostname", i18n("Please input the host name."));
}
if (isdomain(query("hostname")) == "0") {
return set_result("FAILED", $path . "/hostname", i18n("Invalid host name."));
}
if (query("username") == "") {
return set_result("FAILED", $path . "/username", i18n("Please enter user account or e-mail."));
}
if (query("password") == "") {
return set_result("FAILED", $path . "/password", i18n("Please input the password."));
}
return "OK";
}
function privatecheck($ipaddr)
{
$private = 0;
if (isdomain($ipaddr) != "0") {
$a = cut($ipaddr, 0, ".");
$b = cut($ipaddr, 1, ".");
$c = cut($ipaddr, 2, ".");
$d = cut($ipaddr, 3, ".");
if ($a == 10) {
$private = 1;
} else {
if ($a == 172) {
if ($b >= 16 && $b <= 31) {
$private = 1;
}
} else {
if ($a == 192 && $b == 168) {
$private = 1;
}
}
}
}
return $private;
}
$rssfeed = $row['rssfeed'];
$maxnews = isid($row['maxnews'], 11) ? $row['maxnews'] : 10;
$page_default = $row['defaultpage'];
$pageurl = $row['pageurl'];
$protectioncheck = $row['protectioncheck'];
$maxnews_sidebar = $row['maxnews_sidebar'];
$newssidebar_textlength = $row['newssidebar_textlength'];
$spamFilter = $row['spamFilter'];
$languageFilter = $row['languageFilter'];
$blockLinks = $row['blockLinks'];
$blockWords = $row['blockWords'];
$mailRequired = $row['mailRequired'];
$commentMinLength = $row['commentMinLength'];
$commentsModerated = $row['commentsModerated'];
$honeyPotKey = $row['honeyPotKey'];
if (!isurl($pageurl) and !isdomain($pageurl)) {
$pageurl = $page_url;
}
}
$query = $sql->prepare("SELECT `active` FROM `modules` WHERE `type`='C' AND `get`='pn' AND `sub`='pn' LIMIT 1");
$query->execute();
$page_active = $query->fetchColumn();
$page_active = active_check($page_active) ? $page_active : 'Y';
$ewInstallPath = EASYWIDIR;
$elements = (!empty($ewInstallPath) and strpos($ui->escaped('REQUEST_URI', 'server'), $ewInstallPath) === false) ? preg_split('/\\//', $ui->escaped('REQUEST_URI', 'server'), -1, PREG_SPLIT_NO_EMPTY) : preg_split('/\\//', substr($ui->escaped('REQUEST_URI', 'server'), strlen($ewInstallPath)), -1, PREG_SPLIT_NO_EMPTY);
if (isset($seo) and $seo == 'Y' and isset($elements[0])) {
$page_detect_language = $elements[0];
if (!preg_match('/^[a-z]{2}+$/', $elements[0]) and !$ui->w('site', 50, 'get') and $elements[0] != 'index.php') {
$throw404 = true;
}
}
function webhostRequest($domain, $useragent, $file, $postParams = '', $port = 80)
{
$domain = str_replace(array('https://', 'http://'), '', $domain);
if (isdomain($domain)) {
$fp = @fsockopen($domain, $port, $errno, $errstr, 10);
} else {
$errstr = $domain . ' is no domain';
}
if (isset($fp) and $fp) {
if (is_array($postParams) and count($postParams) > 0) {
$postData = '';
$i = 0;
foreach ($postParams as $key => $value) {
if ($i == 0) {
$postData .= $key . '=' . $value;
} else {
$postData .= '&' . $key . '=' . $value;
}
$i++;
}
$send = "POST /{$file} HTTP/1.1\r\n";
} else {
if (strlen($file) == 0) {
$file = '/';
}
$send = "GET {$file} HTTP/1.1\r\n";
}
$send .= "Host: {$domain}\r\n";
$send .= "User-Agent: {$useragent}\r\n";
$send .= "Content-Type: application/x-www-form-urlencoded; charset=utf-8\r\n";
if (isset($postData) and is_array($postParams) and count($postParams) > 0) {
$send .= "Content-Length: " . strlen($postData) . "\r\n";
}
$send .= "Connection: Close\r\n\r\n";
if (isset($postData) and is_array($postParams) and count($postParams) > 0) {
$send .= $postData;
}
fwrite($fp, $send);
$buffer = '';
while (!feof($fp)) {
$buffer .= fgets($fp, 4096);
}
fclose($fp);
$ex = explode("\r\n\r\n", $buffer);
if (strpos($ex[0], '404') !== false) {
return 'file not found: ' . $domain . '/' . $file;
} else {
if (isset($ex[1])) {
return $ex[1];
} else {
$errstr = 'Error: no response. Header is: ' . $ex[0];
}
}
}
return 'Error: Could not connect to host ' . $domain . ' and port ' . $port . ' (' . $errstr . ')';
}
$flexSlots = $data['flexSlots'];
}
if (isset($data['flexSlotsFree']) and isid($data['flexSlotsFree'], 11)) {
$updateArray[] = $data['flexSlotsFree'];
$eventualUpdate .= ',`flexSlotsFree`=?';
$flexSlotsFree = $data['flexSlotsFree'];
}
if (isset($data['flexSlotsPercent']) and isid($data['flexSlotsPercent'], 3)) {
$updateArray[] = $data['flexSlotsPercent'];
$eventualUpdate .= ',`flexSlotsPercent`=?';
$flexSlotsPercent = $data['flexSlotsPercent'];
}
if (isset($data['tsdns']) and active_check($data['tsdns'])) {
$tsdns = $data['tsdns'];
}
if (isset($data['dns']) and $tsdns == 'Y' and isdomain($data['dns'])) {
$updateArray[] = $data['dns'];
$eventualUpdate .= ',`dns`=?';
$dns = $data['dns'];
}
if (isset($data['autoRestart']) and active_check($data['autoRestart'])) {
$updateArray[] = $data['autoRestart'];
$eventualUpdate .= ',`autoRestart`=?';
$flexSlots = $data['autoRestart'];
}
if (isExternalID($data['server_external_id']) and $data['identify_server_by'] == 'server_local_id') {
$updateArray[] = $data['server_external_id'];
$eventualUpdate .= ',`externalID`=?';
}
if (count($updateArray) > 0) {
$eventualUpdate = trim($eventualUpdate, ',');
$logreseller = 0;
if (isset($admin_id)) {
$logsubuser = $admin_id;
} else {
if (isset($subuser_id)) {
$logsubuser = $subuser_id;
} else {
$logsubuser = 0;
}
}
if ($ui->id('id', 10, 'get') and in_array($ui->st('d', 'get'), array('if', 'pw', 'ri', 'md', 'dm'))) {
$query = $sql->prepare("SELECT v.`webMasterID`,v.`description`,v.`phpConfiguration`,v.`phpConfiguration`,v.`defaultDomain`,m.`vhostTemplate`,m.`usageType`,m.`defaultdns`,m.`connect_ip_only`,m.`ftpIP`,m.`ip`,m.`phpConfiguration` AS `phpMasterConfiguration` FROM `webVhost` AS v INNER JOIN `webMaster` AS m ON m.`webMasterID`=v.`webMasterID` WHERE v.`webVhostID`=? AND v.`userID`=? AND v.`resellerID`=? AND v.`active`='Y'");
$query->execute(array($ui->id('id', 10, 'get'), $user_id, $reseller_id));
while ($row = $query->fetch(PDO::FETCH_ASSOC)) {
$description = $row['description'];
$defaultDns = isdomain($row['defaultDomain']) ? $row['defaultDomain'] : 'web-' . $ui->id('id', 10, 'get') . '.' . $row['defaultdns'];
$dns = strlen($row['description']) == 0 ? 'web-' . $ui->id('id', 10, 'get') : $row['description'];
$webMasterID = $row['webMasterID'];
$usageType = $row['usageType'];
$vhostTemplate = $row['vhostTemplate'];
$phpConfigurationVhost = @json_decode($row['phpConfiguration']);
$phpConfigurationMaster = @parse_ini_string($row['phpMasterConfiguration'], true, INI_SCANNER_RAW);
$serverIP = $row['connect_ip_only'] == 'Y' ? $row['ftpIP'] : $row['ip'];
}
}
if (isset($webMasterID) and $ui->st('d', 'get') == 'pw' and $ui->id('id', 10, 'get') and (!isset($_SESSION['sID']) or in_array($ui->id('id', 10, 'get'), $substituteAccess['ws']))) {
$id = $ui->id('id', 10, 'get');
$errors = array();
if ($ui->st('action', 'post') == 'pw') {
if ($ui->w('action', 4, 'post') and !token(true)) {
$errors[] = $spracheResponse->token;
<?php
/* fatlady is used to validate the configuration for the specific service.
* FATLADY_prefix was defined to the path of Session Data.
* 3 variables should be returned for the result:
* FATLADY_result, FATLADY_node & FATLADY_message. */
include "/htdocs/phplib/trace.php";
$inet_host = query($FATLADY_prefix . "/device/diagnostic/chkconn/host/entry:4");
TRACE_debug("FATLADY: DEVICE.DIAGNOSTIC: FATLADY_prefix=" . $FATLADY_prefix);
TRACE_debug("FATLADY: DEVICE.DIAGNOSTIC: internet host=" . $inet_host);
if (isdomain($inet_host) != "0" || $inet_host == "") {
set($FATLADY_prefix . "/valid", "1");
$_GLOBALS["FATLADY_result"] = "OK";
$_GLOBALS["FATLADY_node"] = "";
$_GLOBALS["FATLADY_message"] = "";
} else {
$_GLOBALS["FATLADY_result"] = "FAILED";
$_GLOBALS["FATLADY_node"] = $FATLADY_prefix . "/device/diagnostic/chkconn/host/entry:4";
$_GLOBALS["FATLADY_message"] = i18n("Invalid Internet Host");
}
<?php
/* fatlady is used to validate the configuration for the specific service.
* FATLADY_prefix was defined to the path of Session Data.
* 3 variables should be returned for the result:
* FATLADY_result, FATLADY_node & FATLADY_message. */
include "/htdocs/phplib/trace.php";
$hostname = query($FATLADY_prefix . "/device/hostname");
TRACE_debug("FATLADY: DEVICE.HOSTNAME: hostname=" . $hostname);
if ($hostname == "" || isdomain($hostname) == "0" || isdigit($hostname) == "1" || strchr($hostname, ".") != "") {
$_GLOBALS["FATLADY_result"] = "FAILED";
$_GLOBALS["FATLADY_node"] = $FATLADY_prefix . "/device/hostname";
$_GLOBALS["FATLADY_message"] = i18n("Invalid host name");
/* internal error, no i18n. */
} else {
set($FATLADY_prefix . "/valid", "1");
$_GLOBALS["FATLADY_result"] = "OK";
$_GLOBALS["FATLADY_node"] = "";
$_GLOBALS["FATLADY_message"] = "";
}
$localServerID = $row['webVhostID'];
$localUserLookupID = $row['userID'];
$webMasterID = $row['webMasterID'];
$externalServerID = $row['externalID'];
$userID = $row['userID'];
$oldHDD = $row['hdd'];
$active = $row['active'];
$private = $row['password'];
$hdd = $row['hdd'];
$domainRowCount = 0;
$query2 = $sql->prepare("SELECT COUNT(`jobID`) AS `amount` FROM `jobs` WHERE `affectedID`=? AND `type`='wv' AND `action`='dl' AND (`status` IS NULL OR `status`='1') LIMIT 1");
$query2->execute(array($localServerID));
if ($query2->fetchColumn() > 0) {
$success['false'][] = 'Server is marked for deletion';
} else {
if (isdomain($dns)) {
$query = $sql->prepare("UPDATE `webVhost` SET `defaultDomain`=? WHERE `webVhostID`=? AND `resellerID`=? LIMIT 1");
$query->execute(array($dns, $localServerID, $resellerID));
$domainRowCount = $query->rowCount();
}
}
$updateArray = array();
$eventualUpdate = '';
if (isset($data['active']) and active_check($data['active'])) {
$updateArray[] = $data['active'];
$eventualUpdate .= ',`active`=?';
$active = $data['active'];
}
if (isset($data['password']) and is_password($data['password'], 255)) {
$updateArray[] = $data['private'];
$updateArray[] = $aeskey;
$dns = $row['dns'];
$userID = $row['userID'];
$active = $row['active'];
$query = $sql->prepare("SELECT COUNT(`jobID`) AS `amount` FROM `jobs` WHERE `affectedID`=? AND `type`='ds' AND `action`='dl' AND (`status` IS NULL OR `status`='1') LIMIT 1");
$query->execute(array($localServerID));
if ($query->fetchColumn() > 0) {
$success['false'][] = 'Server is marked for deletion';
}
$updateArray = array();
$eventualUpdate = '';
if (isset($data['active']) and active_check($data['active'])) {
$updateArray[] = $data['active'];
$eventualUpdate .= ',`active`=?';
$active = $data['active'];
}
if (isset($data['dns']) and isdomain($data['dns'])) {
$updateArray[] = $data['dns'];
$eventualUpdate .= ',`dns`=?';
$dns = $data['dns'];
}
if (isset($data['ip']) and isip($data['ip'], 'ip4')) {
$updateArray[] = $data['ip'];
$eventualUpdate .= ',`ip`=?';
$ip = $data['ip'];
}
if (isset($data['port']) and port($data['port'])) {
$updateArray[] = $data['port'];
$eventualUpdate .= ',`port`=?';
$port = $data['port'];
}
if (isExternalID($data['server_external_id']) and $data['identify_server_by'] == 'server_local_id') {
function check_ppp4($path)
{
anchor($path);
$over = query("over");
if ($over != "eth" && $over != "pptp" && $over != "l2tp" && $over != "tty") {
/* Internal error, no i18n. */
set_result("FAILED", $path . "/ipaddr", "Illegal value for over : " . $over);
return;
}
/* IP address */
$static = query("static");
if ($static == "1") {
$ipaddr = query("ipaddr");
if (INET_validv4addr($ipaddr) == 0) {
set_result("FAILED", $path . "/ipaddr", i18n("Invalid IP address"));
return;
}
} else {
/* if static is not 1, it should be 0. */
set("static", "0");
del("ipaddr");
}
/* DNS */
$cnt = query("dns/count");
$i = 0;
while ($i < $cnt) {
$i++;
$value = query("dns/entry:" . $i);
if (INET_validv4addr($value) == 0) {
set_result("FAILED", $path . "/dns:" . $i, i18n("Invalid DNS address"));
return;
}
set("dns/entry:" . $i, INET_addr_strip0($value));
}
/* MTU/MRU */
$mtu = query("mtu");
if ($mtu != "") {
if (isdigit($mtu) == "0") {
set_result("FAILED", $path . "/mtu", i18n("The MTU value is invalid."));
return;
}
if ($mtu < 576) {
set_result("FAILED", $path . "/mtu", i18n("The MTU value is too small, the valid value cannot be smaller than 576."));
return;
}
if ($over == "pptp" && $mtu > 1460) {
set_result("FAILED", $path . "/mtu", i18n("The MTU value is too large, the valid value for pptp is 576 ~ 1460."));
return;
} else {
if ($over == "l2tp" && $mtu > 1460) {
set_result("FAILED", $path . "/mtu", i18n("The MTU value is too large, the valid value for l2tp is 576 ~ 1460."));
return;
} else {
if ($mtu > 1492) {
if ($over == "tty") {
if ($mtu > 1500) {
set_result("FAILED", $path . "/mtu", i18n("The MTU value is too large, the valid value for 3G is 576 ~ 1500."));
return;
}
} else {
set_result("FAILED", $path . "/mtu", i18n("The MTU value is too large, the valid value is 576 ~ 1492."));
return;
}
}
}
}
$mtu = $mtu + 1 - 1;
/* convert to number */
set("mtu", $mtu);
}
$mru = query("mru");
if ($mru != "") {
if (isdigit($mru) == "0") {
set_result("FAILED", $path . "/mtu", i18n("Invalid MRU value."));
return;
}
if ($mru < 576) {
set_result("FAILED", $path . "/mru", i18n("The MRU value is too small, the valid value is 576 ~ 1492."));
return;
}
if ($mru > 1492) {
set_result("FAILED", $path . "/mru", i18n("The MRU value is too large, the valid value is 576 ~ 1492."));
return;
}
$mru = $mru + 1 - 1;
/* convert to number */
set("mru", $mru);
}
/* User Name & Password */
if (query("username") == "" && $over != "tty") {
set_result("FAILED", $path . "/username", i18n("The user name cannot be empty"));
return;
}
/* dialup */
$mode = query("dialup/mode");
if ($mode != "auto" && $mode != "manual" && $mode != "ondemand") {
/* no i18n */
set_result("FAILED", $path . "/dialup/mode", "Invalid value for dial up mode - " . $mode);
return;
}
$tout = query("dialup/idletimeout");
if ($tout != "") {
if (isdigit($tout) == "0" || $tout < 0 || $tout >= 10000) {
set_result("FAILED", $path . "/dialup/mode", i18n("Invalid value for idle timeout."));
return;
}
}
if ($over == "eth") {
/* should check service name & ac name here. */
} else {
if ($over == "pptp") {
$server = query("pptp/server");
if ($server == "") {
set_result("FAILED", $path . "/pptp/server", i18n("No PPTP server."));
return;
}
if (cut_count($server, ".") == 4 && isdigit(cut($server, 0, ".")) == 1 && isdigit(cut($server, 1, ".")) == 1 && isdigit(cut($server, 2, ".")) == 1 && isdigit(cut($server, 3, ".")) == 1) {
if (INET_validv4addr($server) == 0) {
set_result("FAILED", $path . "/pptp/server", i18n("Invalid server IP address"));
return;
} else {
set("pptp/server", INET_addr_strip0($server));
}
} else {
if (isdomain($server) != 1) {
set_result("FAILED", $path . "/pptp/server", i18n("Invalid server IP address"));
return;
}
}
} else {
if ($over == "l2tp") {
$server = query("l2tp/server");
if ($server == "") {
set_result("FAILED", $path . "/l2tp/server", i18n("No L2TP server."));
return;
}
if (cut_count($server, ".") == 4 && isdigit(cut($server, 0, ".")) == 1 && isdigit(cut($server, 1, ".")) == 1 && isdigit(cut($server, 2, ".")) == 1 && isdigit(cut($server, 3, ".")) == 1) {
if (INET_validv4addr($server) == 0) {
set_result("FAILED", $path . "/l2tp/server", i18n("Invalid server IP address"));
return;
} else {
set("l2tp/server", INET_addr_strip0($server));
}
} else {
if (isdomain($server) != 1) {
set_result("FAILED", $path . "/l2tp/server", i18n("Invalid server IP address"));
return;
}
}
}
}
}
set_result("OK", "", "");
}
private function getVhostData($vhostID)
{
if ($this->vhostData == false) {
$query = $this->sql->prepare("SELECT v.`active`,v.`userID`,v.`description`,v.`hdd`,v.`ftpUser`,v.`phpConfiguration`,v.`defaultDomain`,AES_DECRYPT(v.`ftpPassword`,?) AS `decryptedFTPPass`,u.`mail` FROM `webVhost` AS v INNER JOIN `userdata` AS u ON u.`id`=v.`userID` WHERE v.`webVhostID`=? AND v.`resellerID`=? LIMIT 1");
$query->execute(array($this->aeskey, $vhostID, $this->resellerID));
while ($row = $query->fetch(PDO::FETCH_ASSOC)) {
$this->vhostData['userID'] = $row['userID'];
$this->vhostData['hdd'] = $row['hdd'];
$this->vhostData['ftpUser'] = $row['ftpUser'];
$this->vhostData['ftpPassword'] = $row['decryptedFTPPass'];
$this->vhostData['vhostConfigFile'] = $this->removeNotNeededSlashes($this->hostData['vhostConfigPath'] . '/' . $this->vhostData['ftpUser']) . '.conf';
$this->vhostData['vhostHomeDir'] = $this->removeNotNeededSlashes($this->hostData['vhostStoragePath'] . '/' . $this->vhostData['ftpUser']);
$this->vhostData['description'] = strlen($row['description']) > 0 ? $row['description'] : 'web-' . $vhostID;
$this->vhostData['defaultDomain'] = isdomain($row['defaultDomain']) ? $row['defaultDomain'] : 'web-' . $vhostID . '.' . $this->hostData['defaultdns'];
$phpConfigurationVhost = @json_decode($row['phpConfiguration']);
$this->vhostData['dns'] = array();
// Workaround for migrations and other admin is breaking something faults
$query2 = $this->sql->prepare("SELECT 1 FROM `webVhostDomain` WHERE `webVhostID`=? LIMIT 1");
$query2->execute(array($vhostID));
if ($query2->rowCount() == 0) {
try {
$query2 = $this->sql->prepare("INSERT INTO `webVhostDomain` (`webVhostID`,`userID`,`resellerID`,`domain`,`path`,`ownVhost`,`vhostTemplate`) VALUES (?,?,?,?,'','N',?)");
$query2->execute(array($vhostID, $row['userID'], $this->resellerID, $this->vhostData['defaultDomain'], $this->hostData['vhostTemplate']));
// There is always a catch ...
} catch (PDOException $error) {
$error = $error->getMessage();
}
}
$this->vhostData['templateFileContent'] = "# DO NOT EDIT DIRECTLY!\r\n# This file is autogenerated by easy-wi.com.\r\n# Date and time of generation was " . date('Y-m-d H:i:s') . "\r\n\r\n";
$query2 = $this->sql->prepare("SELECT `path`,`domain`,`ownVhost`,`vhostTemplate` FROM `webVhostDomain` WHERE `webVhostID`=?");
$query2->execute(array($vhostID));
while ($row2 = $query2->fetch(PDO::FETCH_ASSOC)) {
$this->vhostData['dns'][] = $row2['domain'];
$templateFileContentTemp = $row2['ownVhost'] == 'Y' ? $row2['vhostTemplate'] : $this->hostData['vhostTemplate'];
if ($phpConfigurationVhost and $this->hostData['usageType'] == 'W') {
preg_match('/(\\s{1,}%phpConfiguration%)/', $templateFileContentTemp, $matches);
$match = array_shift($matches);
$whiteSpace = str_replace('%phpConfiguration%', '', $match);
$phpOptions = '';
foreach ($phpConfigurationVhost as $phpOption) {
$phpOptions .= $whiteSpace . $phpOption;
}
$templateFileContentTemp = str_replace('%phpConfiguration%', $phpOptions, $templateFileContentTemp);
} else {
$templateFileContentTemp = str_replace('%phpConfiguration%', '', $templateFileContentTemp);
}
$templateFileContentTemp = $this->removeNotNeededSlashes(str_replace(array('%user%', '%group%', '%vhostpath%', '%email%', '%htdocs%', '%logDir%'), array($row['ftpUser'], $this->hostData['userGroup'], $this->hostData['vhostStoragePath'], $row['mail'], $this->hostData['dirHttpd'], $this->hostData['dirLogs']), $templateFileContentTemp)) . "\r\n";
$templateFileContentTemp = $this->removeNotNeededSlashes(str_replace(array('%path%', '%url%', '%domain%'), array($row2['path'], $row2['domain'], $row2['domain']), $templateFileContentTemp)) . "\r\n";
$this->vhostData['templateFileContent'] .= $templateFileContentTemp;
}
return true;
}
} else {
return true;
}
return false;
}