github/vesta
1
0
Fork 0
mirror of https://github.com/serghey-rodin/vesta.git synced 2025-08-21 05:44:07 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Integrated new api interface.

Browse source
This commit is contained in:
Alexander 2021-10-27 11:20:24 +03:00
commit 4306a4fb4f
116 changed files with 10371 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

27
web/api/v1/add/cron/autoupdate/index.php Normal file
View file

@ -0,0 +1,27 @@
<?php
// Init
error_reporting(NULL);
ob_start();
session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
$message = '';
$error = '';
// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
$error = 'Unauthenticated.';
}
if ($_SESSION['user'] == 'admin') {
exec (VESTA_CMD."v-add-cron-vesta-autoupdate", $output, $return_var);
$message = __('Autoupdate has been successfully enabled');
unset($output);
}
$result = array(
'message' => $message,
'error' => $error,
);
print json_encode($result);

72
web/api/v1/add/cron/index.php Normal file
View file

@ -0,0 +1,72 @@
<?php
error_reporting(NULL);
ob_start();
$TAB = 'CRON';
// Main include
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check POST request
if (!empty($_POST['ok'])) {
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
exit();
}
// Check empty fields
if ((!isset($_POST['v_min'])) || ($_POST['v_min'] == '')) $errors[] = __('minute');
if ((!isset($_POST['v_hour'])) || ($_POST['v_hour'] == '')) $errors[] = __('hour');
if ((!isset($_POST['v_day'])) || ($_POST['v_day'] == '')) $errors[] = __('day');
if ((!isset($_POST['v_month'])) || ($_POST['v_month'] == '')) $errors[] = __('month');
if ((!isset($_POST['v_wday'])) || ($_POST['v_wday'] == '')) $errors[] = __('day of week');
if ((!isset($_POST['v_cmd'])) || ($_POST['v_cmd'] == '')) $errors[] = __('cmd');
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ( $i == 0 ) {
$error_msg = $error;
} else {
$error_msg = $error_msg.", ".$error;
}
}
$_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
}
// Protect input
$v_min = escapeshellarg($_POST['v_min']);
$v_hour = escapeshellarg($_POST['v_hour']);
$v_day = escapeshellarg($_POST['v_day']);
$v_month = escapeshellarg($_POST['v_month']);
$v_wday = escapeshellarg($_POST['v_wday']);
$v_cmd = escapeshellarg($_POST['v_cmd']);
// Add cron job
if (empty($_SESSION['error_msg'])) {
exec (VESTA_CMD."v-add-cron-job ".$user." ".$v_min." ".$v_hour." ".$v_day." ".$v_month." ".$v_wday." ".$v_cmd, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Flush field values on success
if (empty($_SESSION['error_msg'])) {
$_SESSION['ok_msg'] = __('CRON_CREATED_OK');
unset($v_min);
unset($v_hour);
unset($v_day);
unset($v_month);
unset($v_wday);
unset($v_cmd);
unset($output);
}
}
$result = array(
'error_msg' => $_SESSION['error_msg'],
'ok_msg' => $_SESSION['ok_msg']
);
echo json_encode($result);
// Flush session messages
unset($_SESSION['error_msg']);
unset($_SESSION['ok_msg']);

25
web/api/v1/add/cron/reports/index.php Normal file
View file

@ -0,0 +1,25 @@
<?php
// Init
error_reporting(NULL);
ob_start();
session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
$message = '';
$error = '';
// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
$error = 'Unathenticated.';
}
exec (VESTA_CMD."v-add-cron-reports ".$user, $output, $return_var);
$message = __('Cronjob email reporting has been successfully enabled');
unset($output);
$result = array(
'message' => $message,
'error' => $error
);
print json_encode($result);

143
web/api/v1/add/db/index.php Normal file
View file

@ -0,0 +1,143 @@
<?php
error_reporting(NULL);
ob_start();
$TAB = 'DB';
header('Content-Type: application/json');
// Main include
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check POST request
if (!empty($_POST['ok'])) {
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
exit();
}
// Check empty fields
if (empty($_POST['v_database'])) $errors[] = __('database');
if (empty($_POST['v_dbuser'])) $errors[] = __('username');
if (empty($_POST['v_password'])) $errors[] = __('password');
if (empty($_POST['v_type'])) $errors[] = __('type');
if (empty($_POST['v_host'])) $errors[] = __('host');
if (empty($_POST['v_charset'])) $errors[] = __('charset');
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ( $i == 0 ) {
$error_msg = $error;
} else {
$error_msg = $error_msg.", ".$error;
}
}
$_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
}
// Validate email
if ((!empty($_POST['v_db_email'])) && (empty($_SESSION['error_msg']))) {
if (!filter_var($_POST['v_db_email'], FILTER_VALIDATE_EMAIL)) {
$_SESSION['error_msg'] = __('Please enter valid email address.');
}
}
// Check password length
if (empty($_SESSION['error_msg'])) {
$pw_len = strlen($_POST['v_password']);
if ($pw_len < 6 ) $_SESSION['error_msg'] = __('Password is too short.',$error_msg);
}
// Protect input
$v_database = escapeshellarg($_POST['v_database']);
$v_dbuser = escapeshellarg($_POST['v_dbuser']);
$v_type = $_POST['v_type'];
$v_charset = $_POST['v_charset'];
$v_host = $_POST['v_host'];
$v_db_email = $_POST['v_db_email'];
// Add database
if (empty($_SESSION['error_msg'])) {
$v_type = escapeshellarg($_POST['v_type']);
$v_charset = escapeshellarg($_POST['v_charset']);
$v_host = escapeshellarg($_POST['v_host']);
$v_password = tempnam("/tmp","vst");
$fp = fopen($v_password, "w");
fwrite($fp, $_POST['v_password']."\n");
fclose($fp);
exec (VESTA_CMD."v-add-database ".$user." ".$v_database." ".$v_dbuser." ".$v_password." ".$v_type." ".$v_host." ".$v_charset, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
unlink($v_password);
$v_password = escapeshellarg($_POST['v_password']);
$v_type = $_POST['v_type'];
$v_host = $_POST['v_host'];
$v_charset = $_POST['v_charset'];
}
// Get database manager url
if (empty($_SESSION['error_msg'])) {
list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"] . ":");
if ($_POST['v_host'] != 'localhost' ) $http_host = $_POST['v_host'];
if ($_POST['v_type'] == 'mysql') $db_admin = "phpMyAdmin";
if ($_POST['v_type'] == 'mysql') $db_admin_link = "http://".$http_host."/phpmyadmin/";
if (($_POST['v_type'] == 'mysql') && (!empty($_SESSION['DB_PMA_URL']))) $db_admin_link = $_SESSION['DB_PMA_URL'];
if ($_POST['v_type'] == 'pgsql') $db_admin = "phpPgAdmin";
if ($_POST['v_type'] == 'pgsql') $db_admin_link = "http://".$http_host."/phppgadmin/";
if (($_POST['v_type'] == 'pgsql') && (!empty($_SESSION['DB_PGA_URL']))) $db_admin_link = $_SESSION['DB_PGA_URL'];
}
// Email login credentials
if ((!empty($v_db_email)) && (empty($_SESSION['error_msg']))) {
$to = $v_db_email;
$subject = __("Database Credentials");
$hostname = exec('hostname');
$from = __('MAIL_FROM',$hostname);
$mailtext = __('DATABASE_READY',$user."_".$_POST['v_database'],$user."_".$_POST['v_dbuser'],$_POST['v_password'],$db_admin_link);
send_email($to, $subject, $mailtext, $from);
}
// Flush field values on success
if (empty($_SESSION['error_msg'])) {
$_SESSION['ok_msg'] = __('DATABASE_CREATED_OK',htmlentities($user)."_".htmlentities($_POST['v_database']),htmlentities($user)."_".htmlentities($_POST['v_database']));
$_SESSION['ok_msg'] .= " / <a href=".$db_admin_link." target='_blank'>" . __('open %s',$db_admin) . "</a>";
unset($v_database);
unset($v_dbuser);
unset($v_password);
unset($v_type);
unset($v_charset);
}
}
// Get user email
$v_db_email = $panel[$user]['CONTACT'];
// List avaiable database types
$db_types = explode(',', $_SESSION['DB_SYSTEM']);
// List available database servers
exec (VESTA_CMD."v-list-database-hosts json", $output, $return_var);
$db_hosts_tmp1 = json_decode(implode('', $output), true);
$db_hosts_tmp2 = array_map(function($host){return $host['HOST'];}, $db_hosts_tmp1);
$db_hosts = array_values(array_unique($db_hosts_tmp2));
unset($output);
unset($db_hosts_tmp1);
unset($db_hosts_tmp2);
$prefixI18N = __('Prefix will be automaticaly added to database name and database user', "<b>".$_SESSION['user']."_</b>");
$maxCharLength = __('maximum characters length, including prefix', 16);
$result = array(
'dbHosts' => $db_hosts,
'dbTypes' => $db_types,
'user' => $_SESSION['user'],
'prefixI18N' => $prefixI18N,
'maxCharLength' => $maxCharLength,
'error_msg' => $_SESSION['error_msg'],
'ok_msg' => $_SESSION['ok_msg']
);
echo json_encode($result);
// Flush session messages
unset($_SESSION['error_msg']);
unset($_SESSION['ok_msg']);

188
web/api/v1/add/dns/index.php Normal file
View file

@ -0,0 +1,188 @@
<?php
error_reporting(NULL);
ob_start();
$TAB = 'DNS';
header('Content-Type: application/json');
// Main include
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check POST request for dns domain
if (!empty($_POST['ok'])) {
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
exit();
}
// Check empty fields
if (empty($_POST['v_domain'])) $errors[] = __('domain');
if (empty($_POST['v_ip'])) $errors[] = __('ip');
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ( $i == 0 ) {
$error_msg = $error;
} else {
$error_msg = $error_msg.", ".$error;
}
}
$_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
}
// Protect input
$v_domain = preg_replace("/^www./i", "", $_POST['v_domain']);
$v_domain = escapeshellarg($v_domain);
$v_domain = strtolower($v_domain);
$v_ip = escapeshellarg($_POST['v_ip']);
$v_ns1 = escapeshellarg($_POST['v_ns1']);
$v_ns2 = escapeshellarg($_POST['v_ns2']);
$v_ns3 = escapeshellarg($_POST['v_ns3']);
$v_ns4 = escapeshellarg($_POST['v_ns4']);
$v_ns5 = escapeshellarg($_POST['v_ns5']);
$v_ns6 = escapeshellarg($_POST['v_ns6']);
$v_ns7 = escapeshellarg($_POST['v_ns7']);
$v_ns8 = escapeshellarg($_POST['v_ns8']);
// Add dns domain
if (empty($_SESSION['error_msg'])) {
exec (VESTA_CMD."v-add-dns-domain ".$user." ".$v_domain." ".$v_ip." ".$v_ns1." ".$v_ns2." ".$v_ns3." ".$v_ns4." ".$v_ns5." ".$v_ns6." ".$v_ns7." ".$v_ns8." no", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Set expiriation date
if (empty($_SESSION['error_msg'])) {
if ((!empty($_POST['v_exp'])) && ($_POST['v_exp'] != date('Y-m-d', strtotime('+1 year')))) {
$v_exp = escapeshellarg($_POST['v_exp']);
exec (VESTA_CMD."v-change-dns-domain-exp ".$user." ".$v_domain." ".$v_exp." no", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
}
// Set ttl
if (empty($_SESSION['error_msg'])) {
if ((!empty($_POST['v_ttl'])) && ($_POST['v_ttl'] != '14400') && (empty($_SESSION['error_msg']))) {
$v_ttl = escapeshellarg($_POST['v_ttl']);
exec (VESTA_CMD."v-change-dns-domain-ttl ".$user." ".$v_domain." ".$v_ttl." no", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
}
// Restart dns server
if (empty($_SESSION['error_msg'])) {
exec (VESTA_CMD."v-restart-dns", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Flush field values on success
if (empty($_SESSION['error_msg'])) {
$_SESSION['ok_msg'] = __('DNS_DOMAIN_CREATED_OK',htmlentities($_POST[v_domain]),htmlentities($_POST[v_domain]));
unset($v_domain);
}
}
// Check POST request for dns record
if (!empty($_POST['ok_rec'])) {
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit();
}
// Check empty fields
if (empty($_POST['v_domain'])) $errors[] = 'domain';
if (empty($_POST['v_rec'])) $errors[] = 'record';
if (empty($_POST['v_type'])) $errors[] = 'type';
if (empty($_POST['v_val'])) $errors[] = 'value';
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ( $i == 0 ) {
$error_msg = $error;
} else {
$error_msg = $error_msg.", ".$error;
}
}
$_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
}
// Protect input
$v_domain = escapeshellarg($_POST['v_domain']);
$v_rec = escapeshellarg($_POST['v_rec']);
$v_type = escapeshellarg($_POST['v_type']);
$v_val = escapeshellarg($_POST['v_val']);
$v_priority = escapeshellarg($_POST['v_priority']);
// Add dns record
if (empty($_SESSION['error_msg'])) {
exec (VESTA_CMD."v-add-dns-record ".$user." ".$v_domain." ".$v_rec." ".$v_type." ".$v_val." ".$v_priority, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
$v_type = $_POST['v_type'];
}
// Flush field values on success
if (empty($_SESSION['error_msg'])) {
$_SESSION['ok_msg'] = __('DNS_RECORD_CREATED_OK',htmlentities($_POST[v_rec]),htmlentities($_POST[v_domain]));
unset($v_domain);
unset($v_rec);
unset($v_val);
unset($v_priority);
}
}
$v_ns1 = str_replace("'", "", $v_ns1);
$v_ns2 = str_replace("'", "", $v_ns2);
$v_ns3 = str_replace("'", "", $v_ns3);
$v_ns4 = str_replace("'", "", $v_ns4);
$v_ns5 = str_replace("'", "", $v_ns5);
$v_ns6 = str_replace("'", "", $v_ns6);
$v_ns7 = str_replace("'", "", $v_ns7);
$v_ns8 = str_replace("'", "", $v_ns8);
if (empty($_GET['domain'])) {
// Display body for dns domain
if (empty($v_ttl)) $v_ttl = 14400;
if (empty($v_exp)) $v_exp = date('Y-m-d', strtotime('+1 year'));
if (empty($v_ns1)) {
exec (VESTA_CMD."v-list-user-ns ".$user." json", $output, $return_var);
$nameservers = json_decode(implode('', $output), true);
$v_ns1 = str_replace("'", "", $nameservers[0]);
$v_ns2 = str_replace("'", "", $nameservers[1]);
$v_ns3 = str_replace("'", "", $nameservers[2]);
$v_ns4 = str_replace("'", "", $nameservers[3]);
$v_ns5 = str_replace("'", "", $nameservers[4]);
$v_ns6 = str_replace("'", "", $nameservers[5]);
$v_ns7 = str_replace("'", "", $nameservers[6]);
$v_ns8 = str_replace("'", "", $nameservers[7]);
unset($output);
}
// render_page($user, $TAB, 'add_dns');
} else {
// Display body for dns record
$v_domain = $_GET['domain'];
// render_page($user, $TAB, 'add_dns_rec');
}
$result = array(
'error_msg' => $_SESSION['error_msg'],
'ok_msg' => $_SESSION['ok_msg']
);
echo json_encode($result);
// Flush session messages
unset($_SESSION['error_msg']);
unset($_SESSION['ok_msg']);

22
web/api/v1/add/favorite/index.php Normal file
View file

@ -0,0 +1,22 @@
<?
error_reporting(NULL);
session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
exit();
}
// Protect input
$v_section = escapeshellarg($_REQUEST['v_section']);
$v_unit_id = escapeshellarg($_REQUEST['v_unit_id']);
$_SESSION['favourites'][strtoupper($_REQUEST['v_section'])][$_REQUEST['v_unit_id']] = 1;
exec (VESTA_CMD."v-add-user-favourites ".$_SESSION['user']." ".$v_section." ".$v_unit_id, $output, $return_var);
// check_return_code($return_var,$output);
?>

66
web/api/v1/add/firewall/banlist/index.php Normal file
View file

@ -0,0 +1,66 @@
<?php
error_reporting(NULL);
ob_start();
$TAB = 'FIREWALL';
header('Content-Type: application/json');
// Main include
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check user
if ($_SESSION['user'] != 'admin') {
header("Location: /list/user");
exit;
}
// Check POST request
if (!empty($_POST['ok'])) {
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
exit();
}
// Check empty fields
if (empty($_POST['v_chain'])) $errors[] = __('banlist');
if (empty($_POST['v_ip'])) $errors[] = __('ip address');
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ( $i == 0 ) {
$error_msg = $error;
} else {
$error_msg = $error_msg.", ".$error;
}
}
$_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
}
// Protect input
$v_chain = escapeshellarg($_POST['v_chain']);
$v_ip = escapeshellarg($_POST['v_ip']);
// Add firewall ban
if (empty($_SESSION['error_msg'])) {
exec (VESTA_CMD."v-add-firewall-ban ".$v_ip." ".$v_chain, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Flush field values on success
if (empty($_SESSION['error_msg'])) {
$_SESSION['ok_msg'] = __('BANLIST_CREATED_OK');
unset($v_ip);
}
}
$result = array(
'ip' => $v_ip,
'chain' => $v_chain,
'error_msg' => $_SESSION['error_msg'],
'ok_msg' => $_SESSION['ok_msg']
);
// Flush session messages
unset($_SESSION['error_msg']);
unset($_SESSION['ok_msg']);

77
web/api/v1/add/firewall/index.php Normal file
View file

@ -0,0 +1,77 @@
<?php
error_reporting(NULL);
ob_start();
$TAB = 'FIREWALL';
header('Content-Type: application/json');
// Main include
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check user
if ($_SESSION['user'] != 'admin') {
exit;
}
// Check POST request
if (!empty($_POST['ok'])) {
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
exit();
}
// Check empty fields
if (empty($_POST['v_action'])) $errors[] = __('action');
if (empty($_POST['v_protocol'])) $errors[] = __('protocol');
if (!isset($_POST['v_port'])) $errors[] = __('port');
if (empty($_POST['v_ip'])) $errors[] = __('ip address');
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ( $i == 0 ) {
$error_msg = $error;
} else {
$error_msg = $error_msg.", ".$error;
}
}
$_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
}
// Protect input
$v_action = escapeshellarg($_POST['v_action']);
$v_protocol = escapeshellarg($_POST['v_protocol']);
$v_port = str_replace(" ",",", $_POST['v_port']);
$v_port = preg_replace('/\,+/', ',', $v_port);
$v_port = trim($v_port, ",");
$v_port = escapeshellarg($v_port);
$v_ip = escapeshellarg($_POST['v_ip']);
$v_comment = escapeshellarg($_POST['v_comment']);
// Add firewall rule
if (empty($_SESSION['error_msg'])) {
exec (VESTA_CMD."v-add-firewall-rule ".$v_action." ".$v_ip." ".$v_port." ".$v_protocol." ".$v_comment, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Flush field values on success
if (empty($_SESSION['error_msg'])) {
$_SESSION['ok_msg'] = __('RULE_CREATED_OK');
unset($v_port);
unset($v_ip);
unset($v_comment);
}
}
// Render
// render_page($user, $TAB, 'add_firewall');
$result = array(
'ok_msg' => $_SESSION['ok_msg'],
'error_msg' => $_SESSION['error_msg']
);
echo json_encode($result);
// Flush session messages
unset($_SESSION['error_msg']);
unset($_SESSION['ok_msg']);

97
web/api/v1/add/ip/index.php Normal file
View file

@ -0,0 +1,97 @@
<?php
error_reporting(NULL);
ob_start();
$TAB = 'IP';
// Main include
header('Content-Type: application/json');
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check user
if ($_SESSION['user'] != 'admin') {
exit;
}
// Check POST request
if (!empty($_POST['ok'])) {
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
exit();
}
// Check empty fields
if (empty($_POST['v_ip'])) $errors[] = __('ip address');
if (empty($_POST['v_netmask'])) $errors[] = __('netmask');
if (empty($_POST['v_interface'])) $errors[] = __('interface');
if (empty($_POST['v_owner'])) $errors[] = __('assigned user');
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ( $i == 0 ) {
$error_msg = $error;
} else {
$error_msg = $error_msg.", ".$error;
}
}
$_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
}
// Protect input
$v_ip = escapeshellarg($_POST['v_ip']);
$v_netmask = escapeshellarg($_POST['v_netmask']);
$v_name = escapeshellarg($_POST['v_name']);
$v_nat = escapeshellarg($_POST['v_nat']);
$v_interface = escapeshellarg($_POST['v_interface']);
$v_owner = escapeshellarg($_POST['v_owner']);
$v_shared = $_POST['v_shared'];
// Check shared checkmark
if ($v_shared == 'on') {
$ip_status = 'shared';
} else {
$ip_status = 'dedicated';
$v_dedicated = 'yes';
}
// Add IP
if (empty($_SESSION['error_msg'])) {
exec (VESTA_CMD."v-add-sys-ip ".$v_ip." ".$v_netmask." ".$v_interface." ".$v_owner." ".$ip_status." ".$v_name." ".$v_nat, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
$v_owner = $_POST['v_owner'];
$v_interface = $_POST['v_interface'];
}
// Flush field values on success
if (empty($_SESSION['error_msg'])) {
$_SESSION['ok_msg'] = __('IP_CREATED_OK',htmlentities($_POST['v_ip']),htmlentities($_POST['v_ip']));
unset($v_ip);
unset($v_netmask);
unset($v_name);
unset($v_nat);
}
}
// List network interfaces
exec (VESTA_CMD."v-list-sys-interfaces json", $output, $return_var);
$interfaces = json_decode(implode('', $output), true);
unset($output);
// List users
exec (VESTA_CMD."v-list-sys-users json", $output, $return_var);
$users = json_decode(implode('', $output), true);
unset($output);
$result = array(
'interfaces' => $interfaces,
'users' => $users,
'error_msg' => $_SESSION['error_msg'],
'ok_msg' => $_SESSION['ok_msg']
);
echo json_encode($result);
// Flush session messages
unset($_SESSION['error_msg']);
unset($_SESSION['ok_msg']);

219
web/api/v1/add/mail/index.php Normal file
View file

@ -0,0 +1,219 @@
<?php
error_reporting(NULL);
ob_start();
$TAB = 'MAIL';
header('Content-Type: application/json');
// Main include
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check POST request for mail domain
if (!empty($_POST['ok'])) {
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
exit();
}
// Check empty fields
if (empty($_POST['v_domain'])) $errors[] = __('domain');
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ( $i == 0 ) {
$error_msg = $error;
} else {
$error_msg = $error_msg.", ".$error;
}
}
$_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
}
// Check antispam option
if (!empty($_POST['v_antispam'])) {
$v_antispam = 'yes';
} else {
$v_antispam = 'no';
}
// Check antivirus option
if (!empty($_POST['v_antivirus'])) {
$v_antivirus = 'yes';
} else {
$v_antivirus = 'no';
}
// Check dkim option
if (!empty($_POST['v_dkim'])) {
$v_dkim = 'yes';
} else {
$v_dkim = 'no';
}
// Set domain name to lowercase and remove www prefix
$v_domain = preg_replace("/^www./i", "", $_POST['v_domain']);
$v_domain = escapeshellarg($v_domain);
$v_domain = strtolower($v_domain);
// Add mail domain
if (empty($_SESSION['error_msg'])) {
exec (VESTA_CMD."v-add-mail-domain ".$user." ".$v_domain." ".$v_antispam." ".$v_antivirus." ".$v_dkim, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Flush field values on success
if (empty($_SESSION['error_msg'])) {
$_SESSION['ok_msg'] = __('MAIL_DOMAIN_CREATED_OK',htmlentities($_POST['v_domain']),htmlentities($_POST['v_domain']));
unset($v_domain);
}
}
// Check POST request for mail account
if (!empty($_POST['ok_acc'])) {
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
exit();
}
// Check empty fields
if (empty($_POST['v_domain'])) $errors[] = __('domain');
if (empty($_POST['v_account'])) $errors[] = __('account');
if (empty($_POST['v_password'])) $errors[] = __('password');
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ( $i == 0 ) {
$error_msg = $error;
} else {
$error_msg = $error_msg.", ".$error;
}
}
$_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
}
// Validate email
if ((!empty($_POST['v_send_email'])) && (empty($_SESSION['error_msg']))) {
if (!filter_var($_POST['v_send_email'], FILTER_VALIDATE_EMAIL)) {
$_SESSION['error_msg'] = __('Please enter valid email address.');
}
}
// Protect input
$v_domain = escapeshellarg($_POST['v_domain']);
$v_domain = strtolower($v_domain);
$v_account = escapeshellarg($_POST['v_account']);
$v_quota = escapeshellarg($_POST['v_quota']);
$v_send_email = $_POST['v_send_email'];
$v_credentials = $_POST['v_credentials'];
$v_aliases = $_POST['v_aliases'];
$v_fwd = $_POST['v_fwd'];
if (empty($_POST['v_quota'])) $v_quota = 0;
if ((!empty($_POST['v_quota'])) || (!empty($_POST['v_aliases'])) || (!empty($_POST['v_fwd'])) ) $v_adv = 'yes';
// Add Mail Account
if (empty($_SESSION['error_msg'])) {
$v_password = tempnam("/tmp","vst");
$fp = fopen($v_password, "w");
fwrite($fp, $_POST['v_password']."\n");
fclose($fp);
exec (VESTA_CMD."v-add-mail-account ".$user." ".$v_domain." ".$v_account." ".$v_password." ".$v_quota, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
unlink($v_password);
$v_password = escapeshellarg($_POST['v_password']);
}
// Add Aliases
if ((!empty($_POST['v_aliases'])) && (empty($_SESSION['error_msg']))) {
$valiases = preg_replace("/\n/", " ", $_POST['v_aliases']);
$valiases = preg_replace("/,/", " ", $valiases);
$valiases = preg_replace('/\s+/', ' ',$valiases);
$valiases = trim($valiases);
$aliases = explode(" ", $valiases);
foreach ($aliases as $alias) {
$alias = escapeshellarg($alias);
if (empty($_SESSION['error_msg'])) {
exec (VESTA_CMD."v-add-mail-account-alias ".$user." ".$v_domain." ".$v_account." ".$alias, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
}
}
// Add Forwarders
if ((!empty($_POST['v_fwd'])) && (empty($_SESSION['error_msg']))) {
$vfwd = preg_replace("/\n/", " ", $_POST['v_fwd']);
$vfwd = preg_replace("/,/", " ", $vfwd);
$vfwd = preg_replace('/\s+/', ' ',$vfwd);
$vfwd = trim($vfwd);
$fwd = explode(" ", $vfwd);
foreach ($fwd as $forward) {
$forward = escapeshellarg($forward);
if (empty($_SESSION['error_msg'])) {
exec (VESTA_CMD."v-add-mail-account-forward ".$user." ".$v_domain." ".$v_account." ".$forward, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
}
}
// Add fwd_only flag
if ((!empty($_POST['v_fwd_only'])) && (empty($_SESSION['error_msg']))) {
exec (VESTA_CMD."v-add-mail-account-fwd-only ".$user." ".$v_domain." ".$v_account, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Get webmail url
if (empty($_SESSION['error_msg'])) {
list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"].":");
$webmail = "http://".$http_host."/webmail/";
if (!empty($_SESSION['MAIL_URL'])) $webmail = $_SESSION['MAIL_URL'];
}
// Email login credentials
if ((!empty($v_send_email)) && (empty($_SESSION['error_msg']))) {
$to = $v_send_email;
$subject = __("Email Credentials");
$hostname = exec('hostname');
$from = __('MAIL_FROM', $hostname);
$mailtext = $v_credentials;
send_email($to, $subject, $mailtext, $from);
}
// Flush field values on success
if (empty($_SESSION['error_msg'])) {
$_SESSION['ok_msg'] = __('MAIL_ACCOUNT_CREATED_OK',htmlentities(strtolower($_POST['v_account'])),htmlentities($_POST[v_domain]),htmlentities(strtolower($_POST['v_account'])),htmlentities($_POST[v_domain]));
$_SESSION['ok_msg'] .= " / <a href=".$webmail." target='_blank'>" . __('open webmail') . "</a>";
unset($v_account);
unset($v_password);
unset($v_password);
unset($v_aliases);
unset($v_fwd);
unset($v_quota);
}
}
// Render page
if (empty($_GET['domain'])) {
// Display body for mail domain
// render_page($user, $TAB, 'add_mail');
} else {
// Display body for mail account
$v_domain = $_GET['domain'];
// render_page($user, $TAB, 'add_mail_acc');
}
$result = array(
'error_msg' => $_SESSION['error_msg'],
'ok_msg' => $_SESSION['ok_msg']
);
echo json_encode($result);
// Flush session messages
unset($_SESSION['error_msg']);
unset($_SESSION['ok_msg']);

224
web/api/v1/add/package/index.php Normal file
View file

@ -0,0 +1,224 @@
<?php
error_reporting(NULL);
ob_start();
$TAB = 'PACKAGE';
// Main include
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
header('Content-Type: application/json');
// Check user
if ($_SESSION['user'] != 'admin') {
exit;
}
// Check POST request
if (!empty($_POST['ok'])) {
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
exit();
}
// Check empty fields
if (empty($_POST['v_package'])) $errors[] = __('package');
if (empty($_POST['v_web_template'])) $errors[] = __('web template');
if (!empty($_SESSION['WEB_BACKEND'])) {
if (empty($_POST['v_backend_template'])) $errors[] = __('backend template');
}
if (!empty($_SESSION['PROXY_SYSTEM'])) {
if (empty($_POST['v_proxy_template'])) $errors[] = __('proxy template');
}
if (empty($_POST['v_dns_template'])) $errors[] = __('dns template');
if (empty($_POST['v_shell'])) $errrors[] = __('shell');
if (!isset($_POST['v_web_domains'])) $errors[] = __('web domains');
if (!isset($_POST['v_web_aliases'])) $errors[] = __('web aliases');
if (!isset($_POST['v_dns_domains'])) $errors[] = __('dns domains');
if (!isset($_POST['v_dns_records'])) $errors[] = __('dns records');
if (!isset($_POST['v_mail_domains'])) $errors[] = __('mail domains');
if (!isset($_POST['v_mail_accounts'])) $errors[] = __('mail accounts');
if (!isset($_POST['v_databases'])) $errors[] = __('databases');
if (!isset($_POST['v_cron_jobs'])) $errors[] = __('cron jobs');
if (!isset($_POST['v_backups'])) $errors[] = __('backups');
if (!isset($_POST['v_disk_quota'])) $errors[] = __('quota');
if (!isset($_POST['v_bandwidth'])) $errors[] = __('bandwidth');
if (empty($_POST['v_ns1'])) $errors[] = __('ns1');
if (empty($_POST['v_ns2'])) $errors[] = __('ns2');
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ( $i == 0 ) {
$error_msg = $error;
} else {
$error_msg = $error_msg.", ".$error;
}
}
$_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
}
// Protect input
$v_package = escapeshellarg($_POST['v_package']);
$v_web_template = escapeshellarg($_POST['v_web_template']);
$v_backend_template = escapeshellarg($_POST['v_backend_template']);
$v_proxy_template = escapeshellarg($_POST['v_proxy_template']);
$v_dns_template = escapeshellarg($_POST['v_dns_template']);
$v_shell = escapeshellarg($_POST['v_shell']);
$v_web_domains = escapeshellarg($_POST['v_web_domains']);
$v_web_aliases = escapeshellarg($_POST['v_web_aliases']);
$v_dns_domains = escapeshellarg($_POST['v_dns_domains']);
$v_dns_records = escapeshellarg($_POST['v_dns_records']);
$v_mail_domains = escapeshellarg($_POST['v_mail_domains']);
$v_mail_accounts = escapeshellarg($_POST['v_mail_accounts']);
$v_databases = escapeshellarg($_POST['v_databases']);
$v_cron_jobs = escapeshellarg($_POST['v_cron_jobs']);
$v_backups = escapeshellarg($_POST['v_backups']);
$v_disk_quota = escapeshellarg($_POST['v_disk_quota']);
$v_bandwidth = escapeshellarg($_POST['v_bandwidth']);
$v_ns1 = trim($_POST['v_ns1'], '.');
$v_ns2 = trim($_POST['v_ns2'], '.');
$v_ns3 = trim($_POST['v_ns3'], '.');
$v_ns4 = trim($_POST['v_ns4'], '.');
$v_ns5 = trim($_POST['v_ns5'], '.');
$v_ns6 = trim($_POST['v_ns6'], '.');
$v_ns7 = trim($_POST['v_ns7'], '.');
$v_ns8 = trim($_POST['v_ns8'], '.');
$v_ns = $v_ns1.",".$v_ns2;
if (!empty($v_ns3)) $v_ns .= ",".$v_ns3;
if (!empty($v_ns4)) $v_ns .= ",".$v_ns4;
if (!empty($v_ns5)) $v_ns .= ",".$v_ns5;
if (!empty($v_ns6)) $v_ns .= ",".$v_ns6;
if (!empty($v_ns7)) $v_ns .= ",".$v_ns7;
if (!empty($v_ns8)) $v_ns .= ",".$v_ns8;
$v_ns = escapeshellarg($v_ns);
$v_time = escapeshellarg(date('H:i:s'));
$v_date = escapeshellarg(date('Y-m-d'));
// Create temporary dir
if (empty($_SESSION['error_msg'])) {
exec ('mktemp -d', $output, $return_var);
$tmpdir = $output[0];
check_return_code($return_var,$output);
unset($output);
}
// Create package file
if (empty($_SESSION['error_msg'])) {
$pkg = "WEB_TEMPLATE=".$v_web_template."\n";
if (!empty($_SESSION['WEB_BACKEND'])) {
$pkg .= "BACKEND_TEMPLATE=".$v_backend_template."\n";
}
if (!empty($_SESSION['PROXY_SYSTEM'])) {
$pkg .= "PROXY_TEMPLATE=".$v_proxy_template."\n";
}
$pkg .= "DNS_TEMPLATE=".$v_dns_template."\n";
$pkg .= "WEB_DOMAINS=".$v_web_domains."\n";
$pkg .= "WEB_ALIASES=".$v_web_aliases."\n";
$pkg .= "DNS_DOMAINS=".$v_dns_domains."\n";
$pkg .= "DNS_RECORDS=".$v_dns_records."\n";
$pkg .= "MAIL_DOMAINS=".$v_mail_domains."\n";
$pkg .= "MAIL_ACCOUNTS=".$v_mail_accounts."\n";
$pkg .= "DATABASES=".$v_databases."\n";
$pkg .= "CRON_JOBS=".$v_cron_jobs."\n";
$pkg .= "DISK_QUOTA=".$v_disk_quota."\n";
$pkg .= "BANDWIDTH=".$v_bandwidth."\n";
$pkg .= "NS=".$v_ns."\n";
$pkg .= "SHELL=".$v_shell."\n";
$pkg .= "BACKUPS=".$v_backups."\n";
$pkg .= "TIME=".$v_time."\n";
$pkg .= "DATE=".$v_date."\n";
$fp = fopen($tmpdir."/".$_POST['v_package'].".pkg", 'w');
fwrite($fp, $pkg);
fclose($fp);
}
// Add new package
if (empty($_SESSION['error_msg'])) {
exec (VESTA_CMD."v-add-user-package ".$tmpdir." ".$v_package, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Remove tmpdir
exec ('rm -rf '.$tmpdir, $output, $return_var);
unset($output);
// Flush field values on success
if (empty($_SESSION['error_msg'])) {
$_SESSION['ok_msg'] = __('PACKAGE_CREATED_OK',htmlentities($_POST['v_package']),htmlentities($_POST['v_package']));
unset($v_package);
}
}
// List web temmplates
exec (VESTA_CMD."v-list-web-templates json", $output, $return_var);
$web_templates = json_decode(implode('', $output), true);
unset($output);
// List web templates for backend
if (!empty($_SESSION['WEB_BACKEND'])) {
exec (VESTA_CMD."v-list-web-templates-backend json", $output, $return_var);
$backend_templates = json_decode(implode('', $output), true);
unset($output);
}
// List web templates for proxy
if (!empty($_SESSION['PROXY_SYSTEM'])) {
exec (VESTA_CMD."v-list-web-templates-proxy json", $output, $return_var);
$proxy_templates = json_decode(implode('', $output), true);
unset($output);
}
// List DNS templates
exec (VESTA_CMD."v-list-dns-templates json", $output, $return_var);
$dns_templates = json_decode(implode('', $output), true);
unset($output);
// List system shells
exec (VESTA_CMD."v-list-sys-shells json", $output, $return_var);
$shells = json_decode(implode('', $output), true);
unset($output);
// Set default values
if (empty($v_web_template)) $v_web_template = 'default';
if (empty($v_backend_template)) $v_backend_template = 'default';
if (empty($v_proxy_template)) $v_proxy_template = 'default';
if (empty($v_dns_template)) $v_dns_template = 'default';
if (empty($v_shell)) $v_shell = 'nologin';
if (empty($v_web_domains)) $v_web_domains = "'1'";
if (empty($v_web_aliases)) $v_web_aliases = "'1'";
if (empty($v_dns_domains)) $v_dns_domains = "'1'";
if (empty($v_dns_records)) $v_dns_records = "'1'";
if (empty($v_mail_domains)) $v_mail_domains = "'1'";
if (empty($v_mail_accounts)) $v_mail_accounts = "'1'";
if (empty($v_databases)) $v_databases = "'1'";
if (empty($v_cron_jobs)) $v_cron_jobs = "'1'";
if (empty($v_backups)) $v_backups = "'1'";
if (empty($v_disk_quota)) $v_disk_quota = "'1000'";
if (empty($v_bandwidth)) $v_bandwidth = "'1000'";
if (empty($v_ns1)) $v_ns1 = 'ns1.example.ltd';
if (empty($v_ns2)) $v_ns2 = 'ns2.example.ltd';
// Render page
// render_page($user, $TAB, 'add_package');
$result = array(
'web_system' => $_SESSION['WEB_SYSTEM'],
'web_templates' => $web_templates,
'web_backend' => $_SESSION['WEB_BACKEND'],
'backend_templates' => $backend_templates,
'proxy_system' => $_SESSION['PROXY_SYSTEM'],
'proxy_templates' => $proxy_templates,
'dns_system' => $_SESSION['DNS_SYSTEM'],
'dns_templates' => $dns_templates,
'ssh_access' => $shells,
'ok_msg' => $_SESSION['ok_msg'],
'error_msg' => $_SESSION['error_msg']
);
echo json_encode($result);
// Flush session messages
unset($_SESSION['error_msg']);
unset($_SESSION['ok_msg']);

131
web/api/v1/add/user/index.php Normal file
View file

@ -0,0 +1,131 @@
<?php
error_reporting(NULL);
ob_start();
$TAB = 'USER';
// Main include
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check user
if ($_SESSION['user'] != 'admin') {
exit;
}
// Check POST request
if (!empty($_POST['ok'])) {
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
exit();
}
// Check empty fields
if (empty($_POST['v_username'])) $errors[] = __('user');
if (empty($_POST['v_password'])) $errors[] = __('password');
if (empty($_POST['v_package'])) $errrors[] = __('package');
if (empty($_POST['v_email'])) $errors[] = __('email');
if (empty($_POST['v_fname'])) $errors[] = __('first name');
if (empty($_POST['v_lname'])) $errors[] = __('last name');
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ( $i == 0 ) {
$error_msg = $error;
} else {
$error_msg = $error_msg.", ".$error;
}
}
$_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
}
// Validate email
if ((empty($_SESSION['error_msg'])) && (!filter_var($_POST['v_email'], FILTER_VALIDATE_EMAIL))) {
$_SESSION['error_msg'] = __('Please enter valid email address.');
}
// Check password length
if (empty($_SESSION['error_msg'])) {
$pw_len = strlen($_POST['v_password']);
if ($pw_len < 6 ) $_SESSION['error_msg'] = __('Password is too short.',$error_msg);
}
// Protect input
$v_username = escapeshellarg($_POST['v_username']);
$v_email = escapeshellarg($_POST['v_email']);
$v_package = escapeshellarg($_POST['v_package']);
$v_language = escapeshellarg($_POST['v_language']);
$v_fname = escapeshellarg($_POST['v_fname']);
$v_lname = escapeshellarg($_POST['v_lname']);
$v_notify = $_POST['v_notify'];
// Add user
if (empty($_SESSION['error_msg'])) {
$v_password = tempnam("/tmp","vst");
$fp = fopen($v_password, "w");
fwrite($fp, $_POST['v_password']."\n");
fclose($fp);
exec (VESTA_CMD."v-add-user ".$v_username." ".$v_password." ".$v_email." ".$v_package." ".$v_fname." ".$v_lname, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
unlink($v_password);
$v_password = escapeshellarg($_POST['v_password']);
}
// Set language
if (empty($_SESSION['error_msg'])) {
exec (VESTA_CMD."v-change-user-language ".$v_username." ".$v_language, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Send email to the new user
if ((empty($_SESSION['error_msg'])) && (!empty($v_notify))) {
$to = $_POST['v_notify'];
$subject = _translate($_POST['v_language'],"Welcome to Vesta Control Panel");
$hostname = exec('hostname');
unset($output);
$from = _translate($_POST['v_language'],'MAIL_FROM',$hostname);
if (!empty($_POST['v_fname'])) {
$mailtext = _translate($_POST['v_language'],'GREETINGS_GORDON_FREEMAN',$_POST['v_fname'],$_POST['v_lname']);
} else {
$mailtext = _translate($_POST['v_language'],'GREETINGS');
}
$mailtext .= _translate($_POST['v_language'],'ACCOUNT_READY',$_SERVER['HTTP_HOST'],$_POST['v_username'],$_POST['v_password']);
send_email($to, $subject, $mailtext, $from);
}
// Flush field values on success
if (empty($_SESSION['error_msg'])) {
$_SESSION['ok_msg'] = __('USER_CREATED_OK',htmlentities($_POST['v_username']),htmlentities($_POST['v_username']));
$_SESSION['ok_msg'] .= " / <a href=/login/?loginas=".htmlentities($_POST['v_username']).">" . __('login as') ." ".htmlentities($_POST['v_username']). "</a>";
unset($v_username);
unset($v_password);
unset($v_email);
unset($v_fname);
unset($v_lname);
unset($v_notify);
}
}
// List hosting packages
exec (VESTA_CMD."v-list-user-packages json", $output, $return_var);
check_error($return_var);
$data = json_decode(implode('', $output), true);
unset($output);
// List languages
exec (VESTA_CMD."v-list-sys-languages json", $output, $return_var);
$languages = json_decode(implode('', $output), true);
unset($output);
$result = array(
'error_msg' => $_SESSION['error_msg'],
'ok_msg' => $_SESSION['ok_msg']
);
echo json_encode($result);
// Flush session messages
unset($_SESSION['error_msg']);
unset($_SESSION['ok_msg']);

371
web/api/v1/add/web/index.php Normal file
View file

@ -0,0 +1,371 @@
<?php
error_reporting(NULL);
ob_start();
$TAB = 'WEB';
header('Content-Type: application/json');
// Main include
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check POST request
if (!empty($_POST['ok'])) {
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
exit();
}
// Check for empty fields
if (empty($_POST['v_domain'])) $errors[] = __('domain');
if (empty($_POST['v_ip'])) $errors[] = __('ip');
if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_crt']))&& (empty($_POST['v_letsencrypt']))) $errors[] = __('ssl certificate');
if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_key']))&& (empty($_POST['v_letsencrypt']))) $errors[] = __('ssl key');
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ( $i == 0 ) {
$error_msg = $error;
} else {
$error_msg = $error_msg.", ".$error;
}
}
$_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
}
// Check stats password length
if ((!empty($v_stats)) && (empty($_SESSION['error_msg']))) {
if (!empty($_POST['v_stats_user'])) {
$pw_len = strlen($_POST['v_stats_password']);
if ($pw_len < 6 ) $_SESSION['error_msg'] = __('Password is too short.',$error_msg);
}
}
// Set domain to lowercase and remove www prefix
$v_domain = preg_replace("/^www\./i", "", $_POST['v_domain']);
$v_domain = escapeshellarg($v_domain);
$v_domain = strtolower($v_domain);
// Define domain ip address
$v_ip = escapeshellarg($_POST['v_ip']);
// Using public IP instead of internal IP when creating DNS
// Gets public IP from 'v-list-user-ips' command (that reads /vesta/data/ips/ip), precisely from 'NAT' field
$v_public_ip = $v_ip;
$v_clean_ip = $_POST['v_ip']; // clean_ip = IP without quotas
exec (VESTA_CMD."v-list-user-ips ".$user." json", $output, $return_var);
$ips = json_decode(implode('', $output), true);
unset($output);
if (isset($ips[$v_clean_ip]) && isset($ips[$v_clean_ip]['NAT']) && trim($ips[$v_clean_ip]['NAT'])!='') {
$v_public_ip = trim($ips[$v_clean_ip]['NAT']);
$v_public_ip = escapeshellarg($v_public_ip);
}
// Define domain aliases
$v_aliases = $_POST['v_aliases'];
$aliases = preg_replace("/\n/", ",", $v_aliases);
$aliases = preg_replace("/\r/", ",", $aliases);
$aliases = preg_replace("/\t/", ",", $aliases);
$aliases = preg_replace("/ /", ",", $aliases);
$aliases_arr = explode(",", $aliases);
$aliases_arr = array_unique($aliases_arr);
$aliases_arr = array_filter($aliases_arr);
$aliases = implode(",",$aliases_arr);
$aliases = escapeshellarg($aliases);
if (empty($_POST['v_aliases'])) $aliases = 'none';
// Define proxy extensions
$v_proxy_ext = $_POST['v_proxy_ext'];
$proxy_ext = preg_replace("/\n/", ",", $v_proxy_ext);
$proxy_ext = preg_replace("/\r/", ",", $proxy_ext);
$proxy_ext = preg_replace("/\t/", ",", $proxy_ext);
$proxy_ext = preg_replace("/ /", ",", $proxy_ext);
$proxy_ext_arr = explode(",", $proxy_ext);
$proxy_ext_arr = array_unique($proxy_ext_arr);
$proxy_ext_arr = array_filter($proxy_ext_arr);
$proxy_ext = implode(",",$proxy_ext_arr);
$proxy_ext = escapeshellarg($proxy_ext);
// Define other options
$v_elog = $_POST['v_elog'];
$v_ssl = $_POST['v_ssl'];
$v_ssl_crt = $_POST['v_ssl_crt'];
$v_ssl_key = $_POST['v_ssl_key'];
$v_ssl_ca = $_POST['v_ssl_ca'];
$v_ssl_home = $data[$v_domain]['SSL_HOME'];
$v_letsencrypt = $_POST['v_letsencrypt'];
$v_stats = escapeshellarg($_POST['v_stats']);
$v_stats_user = $data[$v_domain]['STATS_USER'];
$v_stats_password = $data[$v_domain]['STATS_PASSWORD'];
$v_ftp = $_POST['v_ftp'];
$v_ftp_user = $_POST['v_ftp_user'];
$v_ftp_password = $_POST['v_ftp_password'];
$v_ftp_email = $_POST['v_ftp_email'];
if (!empty($v_domain)) $v_ftp_user_prepath .= $v_domain;
// Set advanced option checkmark
if (!empty($_POST['v_proxy'])) $v_adv = 'yes';
if (!empty($_POST['v_ftp'])) $v_adv = 'yes';
if ($_POST['v_proxy_ext'] != $v_proxy_ext) $v_adv = 'yes';
if ((!empty($_POST['v_aliases'])) && ($_POST['v_aliases'] != 'www.'.$_POST['v_domain'])) $v_adv = 'yes';
if ((!empty($_POST['v_ssl'])) || (!empty($_POST['v_elog']))) $v_adv = 'yes';
if ((!empty($_POST['v_ssl_crt'])) || (!empty($_POST['v_ssl_key']))) $v_adv = 'yes';
if ((!empty($_POST['v_ssl_ca'])) || ($_POST['v_stats'] != 'none')) $v_adv = 'yes';
if ((!empty($_POST['v_letsencrypt']))) $v_adv = 'yes';
// Check advanced features
if (empty($_POST['v_dns'])) $v_dns = 'off';
if (empty($_POST['v_mail'])) $v_mail = 'off';
if (empty($_POST['v_proxy'])) $v_proxy = 'off';
// Add web domain
if (empty($_SESSION['error_msg'])) {
exec (VESTA_CMD."v-add-web-domain ".$user." ".$v_domain." ".$v_ip." no ".$aliases." ".$proxy_ext, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
$domain_added = empty($_SESSION['error_msg']);
}
// Add DNS domain
if (($_POST['v_dns'] == 'on') && (empty($_SESSION['error_msg']))) {
exec (VESTA_CMD."v-add-dns-domain ".$user." ".$v_domain." ".$v_public_ip." '' '' '' '' '' '' '' '' no", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Add DNS for domain aliases
if (($_POST['v_dns'] == 'on') && (empty($_SESSION['error_msg']))) {
foreach ($aliases_arr as $alias) {
if ($alias != "www.".$_POST['v_domain']) {
$alias = escapeshellarg($alias);
exec (VESTA_CMD."v-add-dns-on-web-alias ".$user." ".$alias." ".$v_ip." no", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
}
}
// Add mail domain
if (($_POST['v_mail'] == 'on') && (empty($_SESSION['error_msg']))) {
exec (VESTA_CMD."v-add-mail-domain ".$user." ".$v_domain, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Delete proxy support
if ((!empty($_SESSION['PROXY_SYSTEM'])) && ($_POST['v_proxy'] == 'off') && (empty($_SESSION['error_msg']))) {
$ext = escapeshellarg($ext);
exec (VESTA_CMD."v-delete-web-domain-proxy ".$user." ".$v_domain." no", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Add Lets Encrypt support
if ((!empty($_POST['v_letsencrypt'])) && (empty($_SESSION['error_msg']))) {
exec (VESTA_CMD."v-schedule-letsencrypt-domain ".$user." ".$v_domain, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
} else {
// Add SSL certificates only if Lets Encrypt is off
if ((!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
exec ('mktemp -d', $output, $return_var);
$tmpdir = $output[0];
unset($output);
// Save certificate
if (!empty($_POST['v_ssl_crt'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt']));
fwrite($fp, "\n");
fclose($fp);
}
// Save private key
if (!empty($_POST['v_ssl_key'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key']));
fwrite($fp, "\n");
fclose($fp);
}
// Save CA bundle
if (!empty($_POST['v_ssl_ca'])) {
$fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w');
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca']));
fwrite($fp, "\n");
fclose($fp);
}
$v_ssl_home = escapeshellarg($_POST['v_ssl_home']);
exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." no", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
}
// Add web stats
if ((!empty($_POST['v_stats'])) && ($_POST['v_stats'] != 'none' ) && (empty($_SESSION['error_msg']))) {
$v_stats = escapeshellarg($_POST['v_stats']);
exec (VESTA_CMD."v-add-web-domain-stats ".$user." ".$v_domain." ".$v_stats, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Add web stats password
if ((!empty($_POST['v_stats_user'])) && (empty($_SESSION['error_msg']))) {
$v_stats_user = escapeshellarg($_POST['v_stats_user']);
$v_stats_password = tempnam("/tmp","vst");
$fp = fopen($v_stats_password, "w");
fwrite($fp, $_POST['v_stats_password']."\n");
fclose($fp);
exec (VESTA_CMD."v-add-web-domain-stats-user ".$user." ".$v_domain." ".$v_stats_user." ".$v_stats_password, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
unlink($v_stats_password);
$v_stats_password = escapeshellarg($_POST['v_stats_password']);
}
// Restart DNS server
if (($_POST['v_dns'] == 'on') && (empty($_SESSION['error_msg']))) {
exec (VESTA_CMD."v-restart-dns", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Restart web server
if (empty($_SESSION['error_msg'])) {
exec (VESTA_CMD."v-restart-web", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Restart proxy server
if ((!empty($_SESSION['PROXY_SYSTEM'])) && ($_POST['v_proxy'] == 'on') && (empty($_SESSION['error_msg']))) {
exec (VESTA_CMD."v-restart-proxy", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Add FTP
if ((!empty($_POST['v_ftp'])) && (empty($_SESSION['error_msg']))) {
$v_ftp_users_updated = array();
foreach ($_POST['v_ftp_user'] as $i => $v_ftp_user_data) {
if ($v_ftp_user_data['is_new'] == 1) {
if ((!empty($v_ftp_user_data['v_ftp_email'])) && (!filter_var($v_ftp_user_data['v_ftp_email'], FILTER_VALIDATE_EMAIL))) $_SESSION['error_msg'] = __('Please enter valid email address.');
if (empty($v_ftp_user_data['v_ftp_user'])) $errors[] = 'ftp user';
if (empty($v_ftp_user_data['v_ftp_password'])) $errors[] = 'ftp user password';
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ( $i == 0 ) {
$error_msg = $error;
} else {
$error_msg = $error_msg.", ".$error;
}
}
$_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
}
// Validate email
if ((!empty($v_ftp_user_data['v_ftp_email'])) && (!filter_var($v_ftp_user_data['v_ftp_email'], FILTER_VALIDATE_EMAIL))) {
$_SESSION['error_msg'] = __('Please enter valid email address.');
}
// Check ftp password length
if ((!empty($v_ftp_user_data['v_ftp']))) {
if (!empty($v_ftp_user_data['v_ftp_user'])) {
$pw_len = strlen($v_ftp_user_data['v_ftp_password']);
if ($pw_len < 6 ) $_SESSION['error_msg'] = __('Password is too short.',$error_msg);
}
}
$v_ftp_user_data['v_ftp_user'] = preg_replace("/^".$user."_/i", "", $v_ftp_user_data['v_ftp_user']);
$v_ftp_username = $v_ftp_user_data['v_ftp_user'];
$v_ftp_username_full = $user . '_' . $v_ftp_user_data['v_ftp_user'];
$v_ftp_user = escapeshellarg($v_ftp_user_data['v_ftp_user']);
if ($domain_added) {
$v_ftp_path = escapeshellarg(trim($v_ftp_user_data['v_ftp_path']));
$v_ftp_password = tempnam("/tmp","vst");
$fp = fopen($v_ftp_password, "w");
fwrite($fp, $v_ftp_user_data['v_ftp_password']."\n");
fclose($fp);
exec (VESTA_CMD."v-add-web-domain-ftp ".$user." ".$v_domain." ".$v_ftp_user." ".$v_ftp_password . " " . $v_ftp_path, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
unlink($v_ftp_password);
if ((!empty($v_ftp_user_data['v_ftp_email'])) && (empty($_SESSION['error_msg']))) {
$to = $v_ftp_user_data['v_ftp_email'];
$subject = __("FTP login credentials");
$from = __('MAIL_FROM',$_POST['v_domain']);
$mailtext = __('FTP_ACCOUNT_READY',$_POST['v_domain'],$user,$v_ftp_user_data['v_ftp_user'],$v_ftp_user_data['v_ftp_password']);
send_email($to, $subject, $mailtext, $from);
unset($v_ftp_email);
}
} else {
$return_var = -1;
}
if ($return_var == 0) {
$v_ftp_password = "••••••••";
$v_ftp_user_data['is_new'] = 0;
} else {
$v_ftp_user_data['is_new'] = 1;
}
$v_ftp_username = preg_replace("/^".$user."_/", "", $v_ftp_user_data['v_ftp_user']);
$v_ftp_users_updated[] = array(
'is_new' => $v_ftp_user_data['is_new'],
'v_ftp_user' => $return_var == 0 ? $v_ftp_username_full : $v_ftp_username,
'v_ftp_password' => $v_ftp_password,
'v_ftp_path' => $v_ftp_user_data['v_ftp_path'],
'v_ftp_email' => $v_ftp_user_data['v_ftp_email'],
'v_ftp_pre_path' => $v_ftp_user_prepath
);
continue;
}
}
if (!empty($_SESSION['error_msg']) && $domain_added) {
$_SESSION['ok_msg'] = __('WEB_DOMAIN_CREATED_OK',htmlentities($_POST[v_domain]),htmlentities($_POST[v_domain]));
$_SESSION['flash_error_msg'] = $_SESSION['error_msg'];
$url = '/edit/web/?domain='.strtolower(preg_replace("/^www\./i", "", $_POST['v_domain']));
header('Location: ' . $url);
exit;
}
}
// Flush field values on success
if (empty($_SESSION['error_msg'])) {
$_SESSION['ok_msg'] = __('WEB_DOMAIN_CREATED_OK',htmlentities($_POST['v_domain']),htmlentities($_POST['v_domain']));
unset($v_domain);
unset($v_aliases);
unset($v_ssl);
unset($v_ssl_crt);
unset($v_ssl_key);
unset($v_ssl_ca);
unset($v_stats_user);
unset($v_stats_password);
unset($v_ftp);
}
}
// Define user variables
$v_ftp_user_prepath = $panel[$user]['HOME'] . "/web";
$v_ftp_email = $panel[$user]['CONTACT'];
// List IP addresses
exec (VESTA_CMD."v-list-user-ips ".$user." json", $output, $return_var);
$ips = json_decode(implode('', $output), true);
unset($output);
// List web stat engines
exec (VESTA_CMD."v-list-web-stats json", $output, $return_var);
$stats = json_decode(implode('', $output), true);
unset($output);
$result = array(
'error_msg' => $_SESSION['error_msg'],
'ok_msg' => $_SESSION['ok_msg']
);
echo json_encode($result);
// Flush session messages
unset($_SESSION['error_msg']);
unset($_SESSION['ok_msg']);