diff --git a/web/add/cron/autoupdate/index.php b/web/add/cron/autoupdate/index.php index 90854d9bd..30e3dec0b 100644 --- a/web/add/cron/autoupdate/index.php +++ b/web/add/cron/autoupdate/index.php @@ -1,21 +1 @@ - diff --git a/web/add/cron/index.php b/web/add/cron/index.php index c9302ae65..30e3dec0b 100644 --- a/web/add/cron/index.php +++ b/web/add/cron/index.php @@ -1,69 +1 @@ - $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } - - // Protect input - $v_min = escapeshellarg($_POST['v_min']); - $v_hour = escapeshellarg($_POST['v_hour']); - $v_day = escapeshellarg($_POST['v_day']); - $v_month = escapeshellarg($_POST['v_month']); - $v_wday = escapeshellarg($_POST['v_wday']); - $v_cmd = escapeshellarg($_POST['v_cmd']); - - // Add cron job - if (empty($_SESSION['error_msg'])) { - exec (VESTA_CMD."v-add-cron-job ".$user." ".$v_min." ".$v_hour." ".$v_day." ".$v_month." ".$v_wday." ".$v_cmd, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Flush field values on success - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('CRON_CREATED_OK'); - unset($v_min); - unset($v_hour); - unset($v_day); - unset($v_month); - unset($v_wday); - unset($v_cmd); - unset($output); - } -} - -// Render -render_page($user, $TAB, 'add_cron'); - -// Flush session messages -unset($_SESSION['error_msg']); -unset($_SESSION['ok_msg']); + diff --git a/web/add/cron/reports/index.php b/web/add/cron/reports/index.php index 197c57604..30e3dec0b 100644 --- a/web/add/cron/reports/index.php +++ b/web/add/cron/reports/index.php @@ -1,19 +1 @@ - diff --git a/web/add/db/index.php b/web/add/db/index.php index 68f66b4a4..30e3dec0b 100644 --- a/web/add/db/index.php +++ b/web/add/db/index.php @@ -1,129 +1 @@ - $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } - - // Validate email - if ((!empty($_POST['v_db_email'])) && (empty($_SESSION['error_msg']))) { - if (!filter_var($_POST['v_db_email'], FILTER_VALIDATE_EMAIL)) { - $_SESSION['error_msg'] = __('Please enter valid email address.'); - } - } - - // Check password length - if (empty($_SESSION['error_msg'])) { - $pw_len = strlen($_POST['v_password']); - if ($pw_len < 6 ) $_SESSION['error_msg'] = __('Password is too short.',$error_msg); - } - - // Protect input - $v_database = escapeshellarg($_POST['v_database']); - $v_dbuser = escapeshellarg($_POST['v_dbuser']); - $v_type = $_POST['v_type']; - $v_charset = $_POST['v_charset']; - $v_host = $_POST['v_host']; - $v_db_email = $_POST['v_db_email']; - - // Add database - if (empty($_SESSION['error_msg'])) { - $v_type = escapeshellarg($_POST['v_type']); - $v_charset = escapeshellarg($_POST['v_charset']); - $v_host = escapeshellarg($_POST['v_host']); - $v_password = tempnam("/tmp","vst"); - $fp = fopen($v_password, "w"); - fwrite($fp, $_POST['v_password']."\n"); - fclose($fp); - exec (VESTA_CMD."v-add-database ".$user." ".$v_database." ".$v_dbuser." ".$v_password." ".$v_type." ".$v_host." ".$v_charset, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - unlink($v_password); - $v_password = escapeshellarg($_POST['v_password']); - $v_type = $_POST['v_type']; - $v_host = $_POST['v_host']; - $v_charset = $_POST['v_charset']; - } - - // Get database manager url - if (empty($_SESSION['error_msg'])) { - list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"] . ":"); - if ($_POST['v_host'] != 'localhost' ) $http_host = $_POST['v_host']; - if ($_POST['v_type'] == 'mysql') $db_admin = "phpMyAdmin"; - if ($_POST['v_type'] == 'mysql') $db_admin_link = "http://".$http_host."/phpmyadmin/"; - if (($_POST['v_type'] == 'mysql') && (!empty($_SESSION['DB_PMA_URL']))) $db_admin_link = $_SESSION['DB_PMA_URL']; - if ($_POST['v_type'] == 'pgsql') $db_admin = "phpPgAdmin"; - if ($_POST['v_type'] == 'pgsql') $db_admin_link = "http://".$http_host."/phppgadmin/"; - if (($_POST['v_type'] == 'pgsql') && (!empty($_SESSION['DB_PGA_URL']))) $db_admin_link = $_SESSION['DB_PGA_URL']; - } - - // Email login credentials - if ((!empty($v_db_email)) && (empty($_SESSION['error_msg']))) { - $to = $v_db_email; - $subject = __("Database Credentials"); - $hostname = exec('hostname'); - $from = __('MAIL_FROM',$hostname); - $mailtext = __('DATABASE_READY',$user."_".$_POST['v_database'],$user."_".$_POST['v_dbuser'],$_POST['v_password'],$db_admin_link); - send_email($to, $subject, $mailtext, $from); - } - - // Flush field values on success - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('DATABASE_CREATED_OK',htmlentities($user)."_".htmlentities($_POST['v_database']),htmlentities($user)."_".htmlentities($_POST['v_database'])); - $_SESSION['ok_msg'] .= " / " . __('open %s',$db_admin) . ""; - unset($v_database); - unset($v_dbuser); - unset($v_password); - unset($v_type); - unset($v_charset); - } -} - -// Get user email -$v_db_email = $panel[$user]['CONTACT']; - -// List avaiable database types -$db_types = explode(',', $_SESSION['DB_SYSTEM']); - -// List available database servers -exec (VESTA_CMD."v-list-database-hosts json", $output, $return_var); -$db_hosts_tmp1 = json_decode(implode('', $output), true); -$db_hosts_tmp2 = array_map(function($host){return $host['HOST'];}, $db_hosts_tmp1); -$db_hosts = array_values(array_unique($db_hosts_tmp2)); -unset($output); -unset($db_hosts_tmp1); -unset($db_hosts_tmp2); - -render_page($user, $TAB, 'add_db'); - -// Flush session messages -unset($_SESSION['error_msg']); -unset($_SESSION['ok_msg']); + diff --git a/web/add/dns/index.php b/web/add/dns/index.php index 7c18faab3..30e3dec0b 100644 --- a/web/add/dns/index.php +++ b/web/add/dns/index.php @@ -1,180 +1 @@ - $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } - - // Protect input - $v_domain = preg_replace("/^www./i", "", $_POST['v_domain']); - $v_domain = escapeshellarg($v_domain); - $v_domain = strtolower($v_domain); - $v_ip = escapeshellarg($_POST['v_ip']); - $v_ns1 = escapeshellarg($_POST['v_ns1']); - $v_ns2 = escapeshellarg($_POST['v_ns2']); - $v_ns3 = escapeshellarg($_POST['v_ns3']); - $v_ns4 = escapeshellarg($_POST['v_ns4']); - $v_ns5 = escapeshellarg($_POST['v_ns5']); - $v_ns6 = escapeshellarg($_POST['v_ns6']); - $v_ns7 = escapeshellarg($_POST['v_ns7']); - $v_ns8 = escapeshellarg($_POST['v_ns8']); - - // Add dns domain - if (empty($_SESSION['error_msg'])) { - exec (VESTA_CMD."v-add-dns-domain ".$user." ".$v_domain." ".$v_ip." ".$v_ns1." ".$v_ns2." ".$v_ns3." ".$v_ns4." ".$v_ns5." ".$v_ns6." ".$v_ns7." ".$v_ns8." no", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - - // Set expiriation date - if (empty($_SESSION['error_msg'])) { - if ((!empty($_POST['v_exp'])) && ($_POST['v_exp'] != date('Y-m-d', strtotime('+1 year')))) { - $v_exp = escapeshellarg($_POST['v_exp']); - exec (VESTA_CMD."v-change-dns-domain-exp ".$user." ".$v_domain." ".$v_exp." no", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - } - - // Set ttl - if (empty($_SESSION['error_msg'])) { - if ((!empty($_POST['v_ttl'])) && ($_POST['v_ttl'] != '14400') && (empty($_SESSION['error_msg']))) { - $v_ttl = escapeshellarg($_POST['v_ttl']); - exec (VESTA_CMD."v-change-dns-domain-ttl ".$user." ".$v_domain." ".$v_ttl." no", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - } - - // Restart dns server - if (empty($_SESSION['error_msg'])) { - exec (VESTA_CMD."v-restart-dns", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Flush field values on success - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('DNS_DOMAIN_CREATED_OK',htmlentities($_POST[v_domain]),htmlentities($_POST[v_domain])); - unset($v_domain); - } -} - - -// Check POST request for dns record -if (!empty($_POST['ok_rec'])) { - - // Check token - if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) { - header('location: /login/'); - exit(); - } - - // Check empty fields - if (empty($_POST['v_domain'])) $errors[] = 'domain'; - if (empty($_POST['v_rec'])) $errors[] = 'record'; - if (empty($_POST['v_type'])) $errors[] = 'type'; - if (empty($_POST['v_val'])) $errors[] = 'value'; - if (!empty($errors[0])) { - foreach ($errors as $i => $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } - - // Protect input - $v_domain = escapeshellarg($_POST['v_domain']); - $v_rec = escapeshellarg($_POST['v_rec']); - $v_type = escapeshellarg($_POST['v_type']); - $v_val = escapeshellarg($_POST['v_val']); - $v_priority = escapeshellarg($_POST['v_priority']); - - // Add dns record - if (empty($_SESSION['error_msg'])) { - exec (VESTA_CMD."v-add-dns-record ".$user." ".$v_domain." ".$v_rec." ".$v_type." ".$v_val." ".$v_priority, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - $v_type = $_POST['v_type']; - } - - // Flush field values on success - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('DNS_RECORD_CREATED_OK',htmlentities($_POST[v_rec]),htmlentities($_POST[v_domain])); - unset($v_domain); - unset($v_rec); - unset($v_val); - unset($v_priority); - } -} - - -$v_ns1 = str_replace("'", "", $v_ns1); -$v_ns2 = str_replace("'", "", $v_ns2); -$v_ns3 = str_replace("'", "", $v_ns3); -$v_ns4 = str_replace("'", "", $v_ns4); -$v_ns5 = str_replace("'", "", $v_ns5); -$v_ns6 = str_replace("'", "", $v_ns6); -$v_ns7 = str_replace("'", "", $v_ns7); -$v_ns8 = str_replace("'", "", $v_ns8); - - -if (empty($_GET['domain'])) { - // Display body for dns domain - - if (empty($v_ttl)) $v_ttl = 14400; - if (empty($v_exp)) $v_exp = date('Y-m-d', strtotime('+1 year')); - if (empty($v_ns1)) { - exec (VESTA_CMD."v-list-user-ns ".$user." json", $output, $return_var); - $nameservers = json_decode(implode('', $output), true); - $v_ns1 = str_replace("'", "", $nameservers[0]); - $v_ns2 = str_replace("'", "", $nameservers[1]); - $v_ns3 = str_replace("'", "", $nameservers[2]); - $v_ns4 = str_replace("'", "", $nameservers[3]); - $v_ns5 = str_replace("'", "", $nameservers[4]); - $v_ns6 = str_replace("'", "", $nameservers[5]); - $v_ns7 = str_replace("'", "", $nameservers[6]); - $v_ns8 = str_replace("'", "", $nameservers[7]); - unset($output); - } - - render_page($user, $TAB, 'add_dns'); -} else { - // Display body for dns record - - $v_domain = $_GET['domain']; - render_page($user, $TAB, 'add_dns_rec'); -} - - -// Flush session messages -unset($_SESSION['error_msg']); -unset($_SESSION['ok_msg']); + diff --git a/web/add/favorite/index.php b/web/add/favorite/index.php index e9f2e828d..30e3dec0b 100644 --- a/web/add/favorite/index.php +++ b/web/add/favorite/index.php @@ -1,23 +1 @@ - \ No newline at end of file + diff --git a/web/add/firewall/banlist/index.php b/web/add/firewall/banlist/index.php index a9f616a2e..30e3dec0b 100644 --- a/web/add/firewall/banlist/index.php +++ b/web/add/firewall/banlist/index.php @@ -1,61 +1 @@ - $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } - - // Protect input - $v_chain = escapeshellarg($_POST['v_chain']); - $v_ip = escapeshellarg($_POST['v_ip']); - - // Add firewall ban - if (empty($_SESSION['error_msg'])) { - exec (VESTA_CMD."v-add-firewall-ban ".$v_ip." ".$v_chain, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Flush field values on success - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('BANLIST_CREATED_OK'); - unset($v_ip); - } -} - -// Render -render_page($user, $TAB, 'add_firewall_banlist'); - -// Flush session messages -unset($_SESSION['error_msg']); -unset($_SESSION['ok_msg']); + diff --git a/web/add/firewall/index.php b/web/add/firewall/index.php index 9aab3ff5a..30e3dec0b 100644 --- a/web/add/firewall/index.php +++ b/web/add/firewall/index.php @@ -1,71 +1 @@ - $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } - - // Protect input - $v_action = escapeshellarg($_POST['v_action']); - $v_protocol = escapeshellarg($_POST['v_protocol']); - $v_port = str_replace(" ",",", $_POST['v_port']); - $v_port = preg_replace('/\,+/', ',', $v_port); - $v_port = trim($v_port, ","); - $v_port = escapeshellarg($v_port); - $v_ip = escapeshellarg($_POST['v_ip']); - $v_comment = escapeshellarg($_POST['v_comment']); - - // Add firewall rule - if (empty($_SESSION['error_msg'])) { - exec (VESTA_CMD."v-add-firewall-rule ".$v_action." ".$v_ip." ".$v_port." ".$v_protocol." ".$v_comment, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Flush field values on success - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('RULE_CREATED_OK'); - unset($v_port); - unset($v_ip); - unset($v_comment); - } -} - -// Render -render_page($user, $TAB, 'add_firewall'); - -// Flush session messages -unset($_SESSION['error_msg']); -unset($_SESSION['ok_msg']); + diff --git a/web/add/ip/index.php b/web/add/ip/index.php index 73f56b381..30e3dec0b 100644 --- a/web/add/ip/index.php +++ b/web/add/ip/index.php @@ -1,92 +1 @@ - $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } - - // Protect input - $v_ip = escapeshellarg($_POST['v_ip']); - $v_netmask = escapeshellarg($_POST['v_netmask']); - $v_name = escapeshellarg($_POST['v_name']); - $v_nat = escapeshellarg($_POST['v_nat']); - $v_interface = escapeshellarg($_POST['v_interface']); - $v_owner = escapeshellarg($_POST['v_owner']); - $v_shared = $_POST['v_shared']; - - // Check shared checkmark - if ($v_shared == 'on') { - $ip_status = 'shared'; - } else { - $ip_status = 'dedicated'; - $v_dedicated = 'yes'; - - } - - // Add IP - if (empty($_SESSION['error_msg'])) { - exec (VESTA_CMD."v-add-sys-ip ".$v_ip." ".$v_netmask." ".$v_interface." ".$v_owner." ".$ip_status." ".$v_name." ".$v_nat, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - $v_owner = $_POST['v_owner']; - $v_interface = $_POST['v_interface']; - } - - // Flush field values on success - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('IP_CREATED_OK',htmlentities($_POST['v_ip']),htmlentities($_POST['v_ip'])); - unset($v_ip); - unset($v_netmask); - unset($v_name); - unset($v_nat); - } -} - -// List network interfaces -exec (VESTA_CMD."v-list-sys-interfaces json", $output, $return_var); -$interfaces = json_decode(implode('', $output), true); -unset($output); - -// List users -exec (VESTA_CMD."v-list-sys-users json", $output, $return_var); -$users = json_decode(implode('', $output), true); -unset($output); - -// Render -render_page($user, $TAB, 'add_ip'); - -// Flush session messages -unset($_SESSION['error_msg']); -unset($_SESSION['ok_msg']); + diff --git a/web/add/mail/index.php b/web/add/mail/index.php index b260b465d..30e3dec0b 100644 --- a/web/add/mail/index.php +++ b/web/add/mail/index.php @@ -1,214 +1 @@ - $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } - - // Check antispam option - if (!empty($_POST['v_antispam'])) { - $v_antispam = 'yes'; - } else { - $v_antispam = 'no'; - } - - // Check antivirus option - if (!empty($_POST['v_antivirus'])) { - $v_antivirus = 'yes'; - } else { - $v_antivirus = 'no'; - } - - // Check dkim option - if (!empty($_POST['v_dkim'])) { - $v_dkim = 'yes'; - } else { - $v_dkim = 'no'; - } - - // Set domain name to lowercase and remove www prefix - $v_domain = preg_replace("/^www./i", "", $_POST['v_domain']); - $v_domain = escapeshellarg($v_domain); - $v_domain = strtolower($v_domain); - - // Add mail domain - if (empty($_SESSION['error_msg'])) { - exec (VESTA_CMD."v-add-mail-domain ".$user." ".$v_domain." ".$v_antispam." ".$v_antivirus." ".$v_dkim, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Flush field values on success - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('MAIL_DOMAIN_CREATED_OK',htmlentities($_POST['v_domain']),htmlentities($_POST['v_domain'])); - unset($v_domain); - } -} - - -// Check POST request for mail account -if (!empty($_POST['ok_acc'])) { - - // Check token - if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) { - header('location: /login/'); - exit(); - } - - // Check empty fields - if (empty($_POST['v_domain'])) $errors[] = __('domain'); - if (empty($_POST['v_account'])) $errors[] = __('account'); - if (empty($_POST['v_password'])) $errors[] = __('password'); - if (!empty($errors[0])) { - foreach ($errors as $i => $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } - - // Validate email - if ((!empty($_POST['v_send_email'])) && (empty($_SESSION['error_msg']))) { - if (!filter_var($_POST['v_send_email'], FILTER_VALIDATE_EMAIL)) { - $_SESSION['error_msg'] = __('Please enter valid email address.'); - } - } - - // Protect input - $v_domain = escapeshellarg($_POST['v_domain']); - $v_domain = strtolower($v_domain); - $v_account = escapeshellarg($_POST['v_account']); - $v_quota = escapeshellarg($_POST['v_quota']); - $v_send_email = $_POST['v_send_email']; - $v_credentials = $_POST['v_credentials']; - $v_aliases = $_POST['v_aliases']; - $v_fwd = $_POST['v_fwd']; - if (empty($_POST['v_quota'])) $v_quota = 0; - if ((!empty($_POST['v_quota'])) || (!empty($_POST['v_aliases'])) || (!empty($_POST['v_fwd'])) ) $v_adv = 'yes'; - - // Add Mail Account - if (empty($_SESSION['error_msg'])) { - $v_password = tempnam("/tmp","vst"); - $fp = fopen($v_password, "w"); - fwrite($fp, $_POST['v_password']."\n"); - fclose($fp); - exec (VESTA_CMD."v-add-mail-account ".$user." ".$v_domain." ".$v_account." ".$v_password." ".$v_quota, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - unlink($v_password); - $v_password = escapeshellarg($_POST['v_password']); - } - - // Add Aliases - if ((!empty($_POST['v_aliases'])) && (empty($_SESSION['error_msg']))) { - $valiases = preg_replace("/\n/", " ", $_POST['v_aliases']); - $valiases = preg_replace("/,/", " ", $valiases); - $valiases = preg_replace('/\s+/', ' ',$valiases); - $valiases = trim($valiases); - $aliases = explode(" ", $valiases); - foreach ($aliases as $alias) { - $alias = escapeshellarg($alias); - if (empty($_SESSION['error_msg'])) { - exec (VESTA_CMD."v-add-mail-account-alias ".$user." ".$v_domain." ".$v_account." ".$alias, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - } - } - - // Add Forwarders - if ((!empty($_POST['v_fwd'])) && (empty($_SESSION['error_msg']))) { - $vfwd = preg_replace("/\n/", " ", $_POST['v_fwd']); - $vfwd = preg_replace("/,/", " ", $vfwd); - $vfwd = preg_replace('/\s+/', ' ',$vfwd); - $vfwd = trim($vfwd); - $fwd = explode(" ", $vfwd); - foreach ($fwd as $forward) { - $forward = escapeshellarg($forward); - if (empty($_SESSION['error_msg'])) { - exec (VESTA_CMD."v-add-mail-account-forward ".$user." ".$v_domain." ".$v_account." ".$forward, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - } - } - - // Add fwd_only flag - if ((!empty($_POST['v_fwd_only'])) && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-add-mail-account-fwd-only ".$user." ".$v_domain." ".$v_account, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Get webmail url - if (empty($_SESSION['error_msg'])) { - list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"].":"); - $webmail = "http://".$http_host."/webmail/"; - if (!empty($_SESSION['MAIL_URL'])) $webmail = $_SESSION['MAIL_URL']; - } - - // Email login credentials - if ((!empty($v_send_email)) && (empty($_SESSION['error_msg']))) { - $to = $v_send_email; - $subject = __("Email Credentials"); - $hostname = exec('hostname'); - $from = __('MAIL_FROM', $hostname); - $mailtext = $v_credentials; - send_email($to, $subject, $mailtext, $from); - } - - // Flush field values on success - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('MAIL_ACCOUNT_CREATED_OK',htmlentities(strtolower($_POST['v_account'])),htmlentities($_POST[v_domain]),htmlentities(strtolower($_POST['v_account'])),htmlentities($_POST[v_domain])); - $_SESSION['ok_msg'] .= " / " . __('open webmail') . ""; - unset($v_account); - unset($v_password); - unset($v_password); - unset($v_aliases); - unset($v_fwd); - unset($v_quota); - } -} - -// Render page -if (empty($_GET['domain'])) { - // Display body for mail domain - - render_page($user, $TAB, 'add_mail'); -} else { - // Display body for mail account - - $v_domain = $_GET['domain']; - render_page($user, $TAB, 'add_mail_acc'); -} - -// Flush session messages -unset($_SESSION['error_msg']); -unset($_SESSION['ok_msg']); + diff --git a/web/add/package/index.php b/web/add/package/index.php index b0d8be71a..30e3dec0b 100644 --- a/web/add/package/index.php +++ b/web/add/package/index.php @@ -1,209 +1 @@ - $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } - - // Protect input - $v_package = escapeshellarg($_POST['v_package']); - $v_web_template = escapeshellarg($_POST['v_web_template']); - $v_backend_template = escapeshellarg($_POST['v_backend_template']); - $v_proxy_template = escapeshellarg($_POST['v_proxy_template']); - $v_dns_template = escapeshellarg($_POST['v_dns_template']); - $v_shell = escapeshellarg($_POST['v_shell']); - $v_web_domains = escapeshellarg($_POST['v_web_domains']); - $v_web_aliases = escapeshellarg($_POST['v_web_aliases']); - $v_dns_domains = escapeshellarg($_POST['v_dns_domains']); - $v_dns_records = escapeshellarg($_POST['v_dns_records']); - $v_mail_domains = escapeshellarg($_POST['v_mail_domains']); - $v_mail_accounts = escapeshellarg($_POST['v_mail_accounts']); - $v_databases = escapeshellarg($_POST['v_databases']); - $v_cron_jobs = escapeshellarg($_POST['v_cron_jobs']); - $v_backups = escapeshellarg($_POST['v_backups']); - $v_disk_quota = escapeshellarg($_POST['v_disk_quota']); - $v_bandwidth = escapeshellarg($_POST['v_bandwidth']); - $v_ns1 = trim($_POST['v_ns1'], '.'); - $v_ns2 = trim($_POST['v_ns2'], '.'); - $v_ns3 = trim($_POST['v_ns3'], '.'); - $v_ns4 = trim($_POST['v_ns4'], '.'); - $v_ns5 = trim($_POST['v_ns5'], '.'); - $v_ns6 = trim($_POST['v_ns6'], '.'); - $v_ns7 = trim($_POST['v_ns7'], '.'); - $v_ns8 = trim($_POST['v_ns8'], '.'); - $v_ns = $v_ns1.",".$v_ns2; - if (!empty($v_ns3)) $v_ns .= ",".$v_ns3; - if (!empty($v_ns4)) $v_ns .= ",".$v_ns4; - if (!empty($v_ns5)) $v_ns .= ",".$v_ns5; - if (!empty($v_ns6)) $v_ns .= ",".$v_ns6; - if (!empty($v_ns7)) $v_ns .= ",".$v_ns7; - if (!empty($v_ns8)) $v_ns .= ",".$v_ns8; - $v_ns = escapeshellarg($v_ns); - $v_time = escapeshellarg(date('H:i:s')); - $v_date = escapeshellarg(date('Y-m-d')); - - // Create temporary dir - if (empty($_SESSION['error_msg'])) { - exec ('mktemp -d', $output, $return_var); - $tmpdir = $output[0]; - check_return_code($return_var,$output); - unset($output); - } - - // Create package file - if (empty($_SESSION['error_msg'])) { - $pkg = "WEB_TEMPLATE=".$v_web_template."\n"; - if (!empty($_SESSION['WEB_BACKEND'])) { - $pkg .= "BACKEND_TEMPLATE=".$v_backend_template."\n"; - } - if (!empty($_SESSION['PROXY_SYSTEM'])) { - $pkg .= "PROXY_TEMPLATE=".$v_proxy_template."\n"; - } - $pkg .= "DNS_TEMPLATE=".$v_dns_template."\n"; - $pkg .= "WEB_DOMAINS=".$v_web_domains."\n"; - $pkg .= "WEB_ALIASES=".$v_web_aliases."\n"; - $pkg .= "DNS_DOMAINS=".$v_dns_domains."\n"; - $pkg .= "DNS_RECORDS=".$v_dns_records."\n"; - $pkg .= "MAIL_DOMAINS=".$v_mail_domains."\n"; - $pkg .= "MAIL_ACCOUNTS=".$v_mail_accounts."\n"; - $pkg .= "DATABASES=".$v_databases."\n"; - $pkg .= "CRON_JOBS=".$v_cron_jobs."\n"; - $pkg .= "DISK_QUOTA=".$v_disk_quota."\n"; - $pkg .= "BANDWIDTH=".$v_bandwidth."\n"; - $pkg .= "NS=".$v_ns."\n"; - $pkg .= "SHELL=".$v_shell."\n"; - $pkg .= "BACKUPS=".$v_backups."\n"; - $pkg .= "TIME=".$v_time."\n"; - $pkg .= "DATE=".$v_date."\n"; - - $fp = fopen($tmpdir."/".$_POST['v_package'].".pkg", 'w'); - fwrite($fp, $pkg); - fclose($fp); - } - - // Add new package - if (empty($_SESSION['error_msg'])) { - exec (VESTA_CMD."v-add-user-package ".$tmpdir." ".$v_package, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Remove tmpdir - exec ('rm -rf '.$tmpdir, $output, $return_var); - unset($output); - - // Flush field values on success - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('PACKAGE_CREATED_OK',htmlentities($_POST['v_package']),htmlentities($_POST['v_package'])); - unset($v_package); - } - -} - - -// List web temmplates -exec (VESTA_CMD."v-list-web-templates json", $output, $return_var); -$web_templates = json_decode(implode('', $output), true); -unset($output); - -// List web templates for backend -if (!empty($_SESSION['WEB_BACKEND'])) { - exec (VESTA_CMD."v-list-web-templates-backend json", $output, $return_var); - $backend_templates = json_decode(implode('', $output), true); - unset($output); -} - -// List web templates for proxy -if (!empty($_SESSION['PROXY_SYSTEM'])) { - exec (VESTA_CMD."v-list-web-templates-proxy json", $output, $return_var); - $proxy_templates = json_decode(implode('', $output), true); - unset($output); -} - -// List DNS templates -exec (VESTA_CMD."v-list-dns-templates json", $output, $return_var); -$dns_templates = json_decode(implode('', $output), true); -unset($output); - -// List system shells -exec (VESTA_CMD."v-list-sys-shells json", $output, $return_var); -$shells = json_decode(implode('', $output), true); -unset($output); - -// Set default values -if (empty($v_web_template)) $v_web_template = 'default'; -if (empty($v_backend_template)) $v_backend_template = 'default'; -if (empty($v_proxy_template)) $v_proxy_template = 'default'; -if (empty($v_dns_template)) $v_dns_template = 'default'; -if (empty($v_shell)) $v_shell = 'nologin'; -if (empty($v_web_domains)) $v_web_domains = "'1'"; -if (empty($v_web_aliases)) $v_web_aliases = "'1'"; -if (empty($v_dns_domains)) $v_dns_domains = "'1'"; -if (empty($v_dns_records)) $v_dns_records = "'1'"; -if (empty($v_mail_domains)) $v_mail_domains = "'1'"; -if (empty($v_mail_accounts)) $v_mail_accounts = "'1'"; -if (empty($v_databases)) $v_databases = "'1'"; -if (empty($v_cron_jobs)) $v_cron_jobs = "'1'"; -if (empty($v_backups)) $v_backups = "'1'"; -if (empty($v_disk_quota)) $v_disk_quota = "'1000'"; -if (empty($v_bandwidth)) $v_bandwidth = "'1000'"; -if (empty($v_ns1)) $v_ns1 = 'ns1.example.ltd'; -if (empty($v_ns2)) $v_ns2 = 'ns2.example.ltd'; - -// Render page -render_page($user, $TAB, 'add_package'); - -// Flush session messages -unset($_SESSION['error_msg']); -unset($_SESSION['ok_msg']); + diff --git a/web/add/user/index.php b/web/add/user/index.php index f622b9d44..30e3dec0b 100644 --- a/web/add/user/index.php +++ b/web/add/user/index.php @@ -1,129 +1 @@ - $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } - - // Validate email - if ((empty($_SESSION['error_msg'])) && (!filter_var($_POST['v_email'], FILTER_VALIDATE_EMAIL))) { - $_SESSION['error_msg'] = __('Please enter valid email address.'); - } - - // Check password length - if (empty($_SESSION['error_msg'])) { - $pw_len = strlen($_POST['v_password']); - if ($pw_len < 6 ) $_SESSION['error_msg'] = __('Password is too short.',$error_msg); - } - - // Protect input - $v_username = escapeshellarg($_POST['v_username']); - $v_email = escapeshellarg($_POST['v_email']); - $v_package = escapeshellarg($_POST['v_package']); - $v_language = escapeshellarg($_POST['v_language']); - $v_fname = escapeshellarg($_POST['v_fname']); - $v_lname = escapeshellarg($_POST['v_lname']); - $v_notify = $_POST['v_notify']; - - - // Add user - if (empty($_SESSION['error_msg'])) { - $v_password = tempnam("/tmp","vst"); - $fp = fopen($v_password, "w"); - fwrite($fp, $_POST['v_password']."\n"); - fclose($fp); - exec (VESTA_CMD."v-add-user ".$v_username." ".$v_password." ".$v_email." ".$v_package." ".$v_fname." ".$v_lname, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - unlink($v_password); - $v_password = escapeshellarg($_POST['v_password']); - } - - // Set language - if (empty($_SESSION['error_msg'])) { - exec (VESTA_CMD."v-change-user-language ".$v_username." ".$v_language, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Send email to the new user - if ((empty($_SESSION['error_msg'])) && (!empty($v_notify))) { - $to = $_POST['v_notify']; - $subject = _translate($_POST['v_language'],"Welcome to Vesta Control Panel"); - $hostname = exec('hostname'); - unset($output); - $from = _translate($_POST['v_language'],'MAIL_FROM',$hostname); - if (!empty($_POST['v_fname'])) { - $mailtext = _translate($_POST['v_language'],'GREETINGS_GORDON_FREEMAN',$_POST['v_fname'],$_POST['v_lname']); - } else { - $mailtext = _translate($_POST['v_language'],'GREETINGS'); - } - $mailtext .= _translate($_POST['v_language'],'ACCOUNT_READY',$_SERVER['HTTP_HOST'],$_POST['v_username'],$_POST['v_password']); - send_email($to, $subject, $mailtext, $from); - } - - // Flush field values on success - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('USER_CREATED_OK',htmlentities($_POST['v_username']),htmlentities($_POST['v_username'])); - $_SESSION['ok_msg'] .= " / " . __('login as') ." ".htmlentities($_POST['v_username']). ""; - unset($v_username); - unset($v_password); - unset($v_email); - unset($v_fname); - unset($v_lname); - unset($v_notify); - } -} - - -// List hosting packages -exec (VESTA_CMD."v-list-user-packages json", $output, $return_var); -check_error($return_var); -$data = json_decode(implode('', $output), true); -unset($output); - -// List languages -exec (VESTA_CMD."v-list-sys-languages json", $output, $return_var); -$languages = json_decode(implode('', $output), true); -unset($output); - -// Render page -render_page($user, $TAB, 'add_user'); - -// Flush session messages -unset($_SESSION['error_msg']); -unset($_SESSION['ok_msg']); + diff --git a/web/add/web/index.php b/web/add/web/index.php index d77b8f409..30e3dec0b 100644 --- a/web/add/web/index.php +++ b/web/add/web/index.php @@ -1,368 +1 @@ - $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } - - // Check stats password length - if ((!empty($v_stats)) && (empty($_SESSION['error_msg']))) { - if (!empty($_POST['v_stats_user'])) { - $pw_len = strlen($_POST['v_stats_password']); - if ($pw_len < 6 ) $_SESSION['error_msg'] = __('Password is too short.',$error_msg); - } - } - - // Set domain to lowercase and remove www prefix - $v_domain = preg_replace("/^www\./i", "", $_POST['v_domain']); - $v_domain = escapeshellarg($v_domain); - $v_domain = strtolower($v_domain); - - // Define domain ip address - $v_ip = escapeshellarg($_POST['v_ip']); - - // Using public IP instead of internal IP when creating DNS - // Gets public IP from 'v-list-user-ips' command (that reads /vesta/data/ips/ip), precisely from 'NAT' field - $v_public_ip = $v_ip; - $v_clean_ip = $_POST['v_ip']; // clean_ip = IP without quotas - exec (VESTA_CMD."v-list-user-ips ".$user." json", $output, $return_var); - $ips = json_decode(implode('', $output), true); - unset($output); - if (isset($ips[$v_clean_ip]) && isset($ips[$v_clean_ip]['NAT']) && trim($ips[$v_clean_ip]['NAT'])!='') { - $v_public_ip = trim($ips[$v_clean_ip]['NAT']); - $v_public_ip = escapeshellarg($v_public_ip); - } - - // Define domain aliases - $v_aliases = $_POST['v_aliases']; - $aliases = preg_replace("/\n/", ",", $v_aliases); - $aliases = preg_replace("/\r/", ",", $aliases); - $aliases = preg_replace("/\t/", ",", $aliases); - $aliases = preg_replace("/ /", ",", $aliases); - $aliases_arr = explode(",", $aliases); - $aliases_arr = array_unique($aliases_arr); - $aliases_arr = array_filter($aliases_arr); - $aliases = implode(",",$aliases_arr); - $aliases = escapeshellarg($aliases); - if (empty($_POST['v_aliases'])) $aliases = 'none'; - - // Define proxy extensions - $v_proxy_ext = $_POST['v_proxy_ext']; - $proxy_ext = preg_replace("/\n/", ",", $v_proxy_ext); - $proxy_ext = preg_replace("/\r/", ",", $proxy_ext); - $proxy_ext = preg_replace("/\t/", ",", $proxy_ext); - $proxy_ext = preg_replace("/ /", ",", $proxy_ext); - $proxy_ext_arr = explode(",", $proxy_ext); - $proxy_ext_arr = array_unique($proxy_ext_arr); - $proxy_ext_arr = array_filter($proxy_ext_arr); - $proxy_ext = implode(",",$proxy_ext_arr); - $proxy_ext = escapeshellarg($proxy_ext); - - // Define other options - $v_elog = $_POST['v_elog']; - $v_ssl = $_POST['v_ssl']; - $v_ssl_crt = $_POST['v_ssl_crt']; - $v_ssl_key = $_POST['v_ssl_key']; - $v_ssl_ca = $_POST['v_ssl_ca']; - $v_ssl_home = $data[$v_domain]['SSL_HOME']; - $v_letsencrypt = $_POST['v_letsencrypt']; - $v_stats = escapeshellarg($_POST['v_stats']); - $v_stats_user = $data[$v_domain]['STATS_USER']; - $v_stats_password = $data[$v_domain]['STATS_PASSWORD']; - $v_ftp = $_POST['v_ftp']; - $v_ftp_user = $_POST['v_ftp_user']; - $v_ftp_password = $_POST['v_ftp_password']; - $v_ftp_email = $_POST['v_ftp_email']; - if (!empty($v_domain)) $v_ftp_user_prepath .= $v_domain; - - // Set advanced option checkmark - if (!empty($_POST['v_proxy'])) $v_adv = 'yes'; - if (!empty($_POST['v_ftp'])) $v_adv = 'yes'; - if ($_POST['v_proxy_ext'] != $v_proxy_ext) $v_adv = 'yes'; - if ((!empty($_POST['v_aliases'])) && ($_POST['v_aliases'] != 'www.'.$_POST['v_domain'])) $v_adv = 'yes'; - if ((!empty($_POST['v_ssl'])) || (!empty($_POST['v_elog']))) $v_adv = 'yes'; - if ((!empty($_POST['v_ssl_crt'])) || (!empty($_POST['v_ssl_key']))) $v_adv = 'yes'; - if ((!empty($_POST['v_ssl_ca'])) || ($_POST['v_stats'] != 'none')) $v_adv = 'yes'; - if ((!empty($_POST['v_letsencrypt']))) $v_adv = 'yes'; - - // Check advanced features - if (empty($_POST['v_dns'])) $v_dns = 'off'; - if (empty($_POST['v_mail'])) $v_mail = 'off'; - if (empty($_POST['v_proxy'])) $v_proxy = 'off'; - - // Add web domain - if (empty($_SESSION['error_msg'])) { - exec (VESTA_CMD."v-add-web-domain ".$user." ".$v_domain." ".$v_ip." no ".$aliases." ".$proxy_ext, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - $domain_added = empty($_SESSION['error_msg']); - } - - // Add DNS domain - if (($_POST['v_dns'] == 'on') && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-add-dns-domain ".$user." ".$v_domain." ".$v_public_ip." '' '' '' '' '' '' '' '' no", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Add DNS for domain aliases - if (($_POST['v_dns'] == 'on') && (empty($_SESSION['error_msg']))) { - foreach ($aliases_arr as $alias) { - if ($alias != "www.".$_POST['v_domain']) { - $alias = escapeshellarg($alias); - exec (VESTA_CMD."v-add-dns-on-web-alias ".$user." ".$alias." ".$v_ip." no", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - } - } - - // Add mail domain - if (($_POST['v_mail'] == 'on') && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-add-mail-domain ".$user." ".$v_domain, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Delete proxy support - if ((!empty($_SESSION['PROXY_SYSTEM'])) && ($_POST['v_proxy'] == 'off') && (empty($_SESSION['error_msg']))) { - $ext = escapeshellarg($ext); - exec (VESTA_CMD."v-delete-web-domain-proxy ".$user." ".$v_domain." no", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Add Lets Encrypt support - if ((!empty($_POST['v_letsencrypt'])) && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-schedule-letsencrypt-domain ".$user." ".$v_domain, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } else { - // Add SSL certificates only if Lets Encrypt is off - if ((!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) { - exec ('mktemp -d', $output, $return_var); - $tmpdir = $output[0]; - unset($output); - - // Save certificate - if (!empty($_POST['v_ssl_crt'])) { - $fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt'])); - fwrite($fp, "\n"); - fclose($fp); - } - - // Save private key - if (!empty($_POST['v_ssl_key'])) { - $fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key'])); - fwrite($fp, "\n"); - fclose($fp); - } - - // Save CA bundle - if (!empty($_POST['v_ssl_ca'])) { - $fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca'])); - fwrite($fp, "\n"); - fclose($fp); - } - - $v_ssl_home = escapeshellarg($_POST['v_ssl_home']); - exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." no", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - } - - // Add web stats - if ((!empty($_POST['v_stats'])) && ($_POST['v_stats'] != 'none' ) && (empty($_SESSION['error_msg']))) { - $v_stats = escapeshellarg($_POST['v_stats']); - exec (VESTA_CMD."v-add-web-domain-stats ".$user." ".$v_domain." ".$v_stats, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Add web stats password - if ((!empty($_POST['v_stats_user'])) && (empty($_SESSION['error_msg']))) { - $v_stats_user = escapeshellarg($_POST['v_stats_user']); - $v_stats_password = tempnam("/tmp","vst"); - $fp = fopen($v_stats_password, "w"); - fwrite($fp, $_POST['v_stats_password']."\n"); - fclose($fp); - exec (VESTA_CMD."v-add-web-domain-stats-user ".$user." ".$v_domain." ".$v_stats_user." ".$v_stats_password, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - unlink($v_stats_password); - $v_stats_password = escapeshellarg($_POST['v_stats_password']); - } - - // Restart DNS server - if (($_POST['v_dns'] == 'on') && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-restart-dns", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Restart web server - if (empty($_SESSION['error_msg'])) { - exec (VESTA_CMD."v-restart-web", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Restart proxy server - if ((!empty($_SESSION['PROXY_SYSTEM'])) && ($_POST['v_proxy'] == 'on') && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-restart-proxy", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Add FTP - if ((!empty($_POST['v_ftp'])) && (empty($_SESSION['error_msg']))) { - $v_ftp_users_updated = array(); - foreach ($_POST['v_ftp_user'] as $i => $v_ftp_user_data) { - if ($v_ftp_user_data['is_new'] == 1) { - if ((!empty($v_ftp_user_data['v_ftp_email'])) && (!filter_var($v_ftp_user_data['v_ftp_email'], FILTER_VALIDATE_EMAIL))) $_SESSION['error_msg'] = __('Please enter valid email address.'); - if (empty($v_ftp_user_data['v_ftp_user'])) $errors[] = 'ftp user'; - if (empty($v_ftp_user_data['v_ftp_password'])) $errors[] = 'ftp user password'; - if (!empty($errors[0])) { - foreach ($errors as $i => $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } - - // Validate email - if ((!empty($v_ftp_user_data['v_ftp_email'])) && (!filter_var($v_ftp_user_data['v_ftp_email'], FILTER_VALIDATE_EMAIL))) { - $_SESSION['error_msg'] = __('Please enter valid email address.'); - } - - // Check ftp password length - if ((!empty($v_ftp_user_data['v_ftp']))) { - if (!empty($v_ftp_user_data['v_ftp_user'])) { - $pw_len = strlen($v_ftp_user_data['v_ftp_password']); - if ($pw_len < 6 ) $_SESSION['error_msg'] = __('Password is too short.',$error_msg); - } - } - - $v_ftp_user_data['v_ftp_user'] = preg_replace("/^".$user."_/i", "", $v_ftp_user_data['v_ftp_user']); - $v_ftp_username = $v_ftp_user_data['v_ftp_user']; - $v_ftp_username_full = $user . '_' . $v_ftp_user_data['v_ftp_user']; - $v_ftp_user = escapeshellarg($v_ftp_user_data['v_ftp_user']); - if ($domain_added) { - $v_ftp_path = escapeshellarg(trim($v_ftp_user_data['v_ftp_path'])); - $v_ftp_password = tempnam("/tmp","vst"); - $fp = fopen($v_ftp_password, "w"); - fwrite($fp, $v_ftp_user_data['v_ftp_password']."\n"); - fclose($fp); - exec (VESTA_CMD."v-add-web-domain-ftp ".$user." ".$v_domain." ".$v_ftp_user." ".$v_ftp_password . " " . $v_ftp_path, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - unlink($v_ftp_password); - if ((!empty($v_ftp_user_data['v_ftp_email'])) && (empty($_SESSION['error_msg']))) { - $to = $v_ftp_user_data['v_ftp_email']; - $subject = __("FTP login credentials"); - $from = __('MAIL_FROM',$_POST['v_domain']); - $mailtext = __('FTP_ACCOUNT_READY',$_POST['v_domain'],$user,$v_ftp_user_data['v_ftp_user'],$v_ftp_user_data['v_ftp_password']); - send_email($to, $subject, $mailtext, $from); - unset($v_ftp_email); - } - } else { - $return_var = -1; - } - - if ($return_var == 0) { - $v_ftp_password = "••••••••"; - $v_ftp_user_data['is_new'] = 0; - } else { - $v_ftp_user_data['is_new'] = 1; - } - - $v_ftp_username = preg_replace("/^".$user."_/", "", $v_ftp_user_data['v_ftp_user']); - $v_ftp_users_updated[] = array( - 'is_new' => $v_ftp_user_data['is_new'], - 'v_ftp_user' => $return_var == 0 ? $v_ftp_username_full : $v_ftp_username, - 'v_ftp_password' => $v_ftp_password, - 'v_ftp_path' => $v_ftp_user_data['v_ftp_path'], - 'v_ftp_email' => $v_ftp_user_data['v_ftp_email'], - 'v_ftp_pre_path' => $v_ftp_user_prepath - ); - continue; - } - } - - if (!empty($_SESSION['error_msg']) && $domain_added) { - $_SESSION['ok_msg'] = __('WEB_DOMAIN_CREATED_OK',htmlentities($_POST[v_domain]),htmlentities($_POST[v_domain])); - $_SESSION['flash_error_msg'] = $_SESSION['error_msg']; - $url = '/edit/web/?domain='.strtolower(preg_replace("/^www\./i", "", $_POST['v_domain'])); - header('Location: ' . $url); - exit; - } - } - - // Flush field values on success - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('WEB_DOMAIN_CREATED_OK',htmlentities($_POST['v_domain']),htmlentities($_POST['v_domain'])); - unset($v_domain); - unset($v_aliases); - unset($v_ssl); - unset($v_ssl_crt); - unset($v_ssl_key); - unset($v_ssl_ca); - unset($v_stats_user); - unset($v_stats_password); - unset($v_ftp); - } -} - -// Define user variables -$v_ftp_user_prepath = $panel[$user]['HOME'] . "/web"; -$v_ftp_email = $panel[$user]['CONTACT']; - -// List IP addresses -exec (VESTA_CMD."v-list-user-ips ".$user." json", $output, $return_var); -$ips = json_decode(implode('', $output), true); -unset($output); - -// List web stat engines -exec (VESTA_CMD."v-list-web-stats json", $output, $return_var); -$stats = json_decode(implode('', $output), true); -unset($output); - -// Render page -render_page($user, $TAB, 'add_web'); - -// Flush session messages -unset($_SESSION['error_msg']); -unset($_SESSION['ok_msg']); + diff --git a/web/api/index.php b/web/api/index.php index b19693670..30e3dec0b 100644 --- a/web/api/index.php +++ b/web/api/index.php @@ -1,125 +1 @@ - 0 ) { - echo 'Error: authentication failed'; - exit; - } - } else { - $key = '/usr/local/vesta/data/keys/' . basename($_POST['hash']); - if (file_exists($key) && is_file($key)) { - exec(VESTA_CMD ."v-check-api-key ".escapeshellarg($key)." ".$v_ip, $output, $return_var); - unset($output); - - // Check API answer - if ( $return_var > 0 ) { - echo 'Error: authentication failed'; - exit; - } - } else { - $return_var = 1; - } - } - - if ( $return_var > 0 ) { - echo 'Error: authentication failed'; - exit; - } - - // Prepare arguments - if (isset($_POST['cmd'])) $cmd = escapeshellarg($_POST['cmd']); - if (isset($_POST['arg1'])) $arg1 = escapeshellarg($_POST['arg1']); - if (isset($_POST['arg2'])) $arg2 = escapeshellarg($_POST['arg2']); - if (isset($_POST['arg3'])) $arg3 = escapeshellarg($_POST['arg3']); - if (isset($_POST['arg4'])) $arg4 = escapeshellarg($_POST['arg4']); - if (isset($_POST['arg5'])) $arg5 = escapeshellarg($_POST['arg5']); - if (isset($_POST['arg6'])) $arg6 = escapeshellarg($_POST['arg6']); - if (isset($_POST['arg7'])) $arg7 = escapeshellarg($_POST['arg7']); - if (isset($_POST['arg8'])) $arg8 = escapeshellarg($_POST['arg8']); - if (isset($_POST['arg9'])) $arg9 = escapeshellarg($_POST['arg9']); - - // Build query - $cmdquery = VESTA_CMD.$cmd." "; - if(!empty($arg1)){ - $cmdquery = $cmdquery.$arg1." "; } - if(!empty($arg2)){ - $cmdquery = $cmdquery.$arg2." "; } - if(!empty($arg3)){ - $cmdquery = $cmdquery.$arg3." "; } - if(!empty($arg4)){ - $cmdquery = $cmdquery.$arg4." "; } - if(!empty($arg5)){ - $cmdquery = $cmdquery.$arg5." "; } - if(!empty($arg6)){ - $cmdquery = $cmdquery.$arg6." "; } - if(!empty($arg7)){ - $cmdquery = $cmdquery.$arg7." "; } - if(!empty($arg8)){ - $cmdquery = $cmdquery.$arg8." "; } - if(!empty($arg9)){ - $cmdquery = $cmdquery.$arg9; } - - // Check command - if ($cmd == "'v-make-tmp-file'") { - // Used in DNS Cluster - $fp = fopen('/tmp/'.basename($_POST['arg2']), 'w'); - fwrite($fp, $_POST['arg1']."\n"); - fclose($fp); - $return_var = 0; - } else { - // Run normal cmd query - exec ($cmdquery, $output, $return_var); - } - - if ((!empty($_POST['returncode'])) && ($_POST['returncode'] == 'yes')) { - echo $return_var; - } else { - if (($return_var == 0) && (empty($output))) { - echo "OK"; - } else { - echo implode("\n",$output)."\n"; - } - } -} + diff --git a/web/bulk/backup/exclusions/index.php b/web/bulk/backup/exclusions/index.php index 4d0e43933..30e3dec0b 100644 --- a/web/bulk/backup/exclusions/index.php +++ b/web/bulk/backup/exclusions/index.php @@ -1,23 +1 @@ - diff --git a/web/bulk/backup/index.php b/web/bulk/backup/index.php index f191dfe2a..30e3dec0b 100644 --- a/web/bulk/backup/index.php +++ b/web/bulk/backup/index.php @@ -1,29 +1 @@ - diff --git a/web/bulk/cron/index.php b/web/bulk/cron/index.php index 0beb49083..30e3dec0b 100644 --- a/web/bulk/cron/index.php +++ b/web/bulk/cron/index.php @@ -1,74 +1 @@ - diff --git a/web/bulk/db/index.php b/web/bulk/db/index.php index 15361be4b..30e3dec0b 100644 --- a/web/bulk/db/index.php +++ b/web/bulk/db/index.php @@ -1,41 +1 @@ - diff --git a/web/bulk/dns/index.php b/web/bulk/dns/index.php index d7fe0a292..30e3dec0b 100644 --- a/web/bulk/dns/index.php +++ b/web/bulk/dns/index.php @@ -1,85 +1 @@ - diff --git a/web/bulk/firewall/banlist/index.php b/web/bulk/firewall/banlist/index.php index 5fe4ef8a5..30e3dec0b 100644 --- a/web/bulk/firewall/banlist/index.php +++ b/web/bulk/firewall/banlist/index.php @@ -1,38 +1 @@ - diff --git a/web/bulk/firewall/index.php b/web/bulk/firewall/index.php index 6f076cb81..30e3dec0b 100644 --- a/web/bulk/firewall/index.php +++ b/web/bulk/firewall/index.php @@ -1,42 +1 @@ - diff --git a/web/bulk/ip/index.php b/web/bulk/ip/index.php index 4f1705403..30e3dec0b 100644 --- a/web/bulk/ip/index.php +++ b/web/bulk/ip/index.php @@ -1,38 +1 @@ - diff --git a/web/bulk/mail/index.php b/web/bulk/mail/index.php index c526c9e0e..30e3dec0b 100644 --- a/web/bulk/mail/index.php +++ b/web/bulk/mail/index.php @@ -1,81 +1 @@ - diff --git a/web/bulk/package/index.php b/web/bulk/package/index.php index 32e36e936..30e3dec0b 100644 --- a/web/bulk/package/index.php +++ b/web/bulk/package/index.php @@ -1,36 +1 @@ - diff --git a/web/bulk/restore/index.php b/web/bulk/restore/index.php index 3bc048414..30e3dec0b 100644 --- a/web/bulk/restore/index.php +++ b/web/bulk/restore/index.php @@ -1,47 +1 @@ -', $output); - if (empty($_SESSION['error_msg'])) { - $_SESSION['error_msg'] = __('Error: vesta did not return any output.'); - } - if ($return_var == 4) { - $_SESSION['error_msg'] = __('RESTORE_EXISTS'); - } - } -} - -header("Location: /list/backup/?backup=" . $_POST['backup']); + diff --git a/web/bulk/service/index.php b/web/bulk/service/index.php index 70ce660c7..30e3dec0b 100644 --- a/web/bulk/service/index.php +++ b/web/bulk/service/index.php @@ -1,43 +1 @@ - diff --git a/web/bulk/user/index.php b/web/bulk/user/index.php index 5d42fbfd9..30e3dec0b 100644 --- a/web/bulk/user/index.php +++ b/web/bulk/user/index.php @@ -1,62 +1 @@ - diff --git a/web/bulk/vesta/index.php b/web/bulk/vesta/index.php index c909f83e3..30e3dec0b 100644 --- a/web/bulk/vesta/index.php +++ b/web/bulk/vesta/index.php @@ -1,31 +1 @@ - diff --git a/web/bulk/web/index.php b/web/bulk/web/index.php index 4a661a1ff..30e3dec0b 100644 --- a/web/bulk/web/index.php +++ b/web/bulk/web/index.php @@ -1,48 +1 @@ - diff --git a/web/delete/backup/exclusion/index.php b/web/delete/backup/exclusion/index.php index 29ad3bd58..30e3dec0b 100644 --- a/web/delete/backup/exclusion/index.php +++ b/web/delete/backup/exclusion/index.php @@ -1,27 +1 @@ - diff --git a/web/delete/backup/index.php b/web/delete/backup/index.php index 33f492268..30e3dec0b 100644 --- a/web/delete/backup/index.php +++ b/web/delete/backup/index.php @@ -1,33 +1 @@ - diff --git a/web/delete/cron/autoupdate/index.php b/web/delete/cron/autoupdate/index.php index a58064c07..30e3dec0b 100644 --- a/web/delete/cron/autoupdate/index.php +++ b/web/delete/cron/autoupdate/index.php @@ -1,21 +1 @@ - diff --git a/web/delete/cron/index.php b/web/delete/cron/index.php index d4ca20263..30e3dec0b 100644 --- a/web/delete/cron/index.php +++ b/web/delete/cron/index.php @@ -1,33 +1 @@ - diff --git a/web/delete/cron/reports/index.php b/web/delete/cron/reports/index.php index 10d422a8d..30e3dec0b 100644 --- a/web/delete/cron/reports/index.php +++ b/web/delete/cron/reports/index.php @@ -1,19 +1 @@ - diff --git a/web/delete/db/index.php b/web/delete/db/index.php index f2088ad2b..30e3dec0b 100644 --- a/web/delete/db/index.php +++ b/web/delete/db/index.php @@ -1,33 +1 @@ - diff --git a/web/delete/dns/index.php b/web/delete/dns/index.php index 7069d0c89..30e3dec0b 100644 --- a/web/delete/dns/index.php +++ b/web/delete/dns/index.php @@ -1,60 +1 @@ - diff --git a/web/delete/favorite/index.php b/web/delete/favorite/index.php index 9f471b9bd..30e3dec0b 100644 --- a/web/delete/favorite/index.php +++ b/web/delete/favorite/index.php @@ -1,15 +1 @@ - \ No newline at end of file + diff --git a/web/delete/firewall/banlist/index.php b/web/delete/firewall/banlist/index.php index 7b30edd59..30e3dec0b 100644 --- a/web/delete/firewall/banlist/index.php +++ b/web/delete/firewall/banlist/index.php @@ -1,37 +1 @@ - diff --git a/web/delete/firewall/index.php b/web/delete/firewall/index.php index b6b38f0c6..30e3dec0b 100644 --- a/web/delete/firewall/index.php +++ b/web/delete/firewall/index.php @@ -1,36 +1 @@ - diff --git a/web/delete/ip/index.php b/web/delete/ip/index.php index f8bcd994d..30e3dec0b 100644 --- a/web/delete/ip/index.php +++ b/web/delete/ip/index.php @@ -1,31 +1 @@ - diff --git a/web/delete/mail/index.php b/web/delete/mail/index.php index 8a3d87f82..30e3dec0b 100644 --- a/web/delete/mail/index.php +++ b/web/delete/mail/index.php @@ -1,59 +1 @@ - diff --git a/web/delete/notification/index.php b/web/delete/notification/index.php index 0f9787124..30e3dec0b 100644 --- a/web/delete/notification/index.php +++ b/web/delete/notification/index.php @@ -1,29 +1 @@ - diff --git a/web/delete/package/index.php b/web/delete/package/index.php index 1058f495d..30e3dec0b 100644 --- a/web/delete/package/index.php +++ b/web/delete/package/index.php @@ -1,30 +1 @@ - diff --git a/web/delete/user/index.php b/web/delete/user/index.php index 8e20b4c63..30e3dec0b 100644 --- a/web/delete/user/index.php +++ b/web/delete/user/index.php @@ -1,31 +1 @@ - diff --git a/web/delete/web/index.php b/web/delete/web/index.php index ecf6f415c..30e3dec0b 100644 --- a/web/delete/web/index.php +++ b/web/delete/web/index.php @@ -1,34 +1 @@ - diff --git a/web/download/backup/index.php b/web/download/backup/index.php index f71131a1c..30e3dec0b 100644 --- a/web/download/backup/index.php +++ b/web/download/backup/index.php @@ -1,33 +1 @@ - diff --git a/web/download/file/index.php b/web/download/file/index.php index efabb0e15..30e3dec0b 100644 --- a/web/download/file/index.php +++ b/web/download/file/index.php @@ -1,33 +1 @@ - diff --git a/web/download/web-log/index.php b/web/download/web-log/index.php index 79b5601cd..30e3dec0b 100644 --- a/web/download/web-log/index.php +++ b/web/download/web-log/index.php @@ -1,28 +1 @@ - + diff --git a/web/edit/backup/exclusions/index.php b/web/edit/backup/exclusions/index.php index f4b854b06..30e3dec0b 100644 --- a/web/edit/backup/exclusions/index.php +++ b/web/edit/backup/exclusions/index.php @@ -1,130 +1 @@ - $value) { - if (!empty($value)){ - $v_web .= $key . ":" . $value. "\n"; - } else { - $v_web .= $key . "\n"; - } -} - -// Parse dns -foreach ($data['DNS'] as $key => $value) { - if (!empty($value)){ - $v_dns .= $key . ":" . $value. "\n"; - } else { - $v_dns .= $key . "\n"; - } -} - -// Parse mail -foreach ($data['MAIL'] as $key => $value) { - if (!empty($value)){ - $v_mail .= $key . ":" . $value. "\n"; - } else { - $v_mail .= $key . "\n"; - } -} - -// Parse databases -foreach ($data['DB'] as $key => $value) { - if (!empty($value)){ - $v_db .= $key . ":" . $value. "\n"; - } else { - $v_db .= $key . "\n"; - } -} - -// Parse user directories -foreach ($data['USER'] as $key => $value) { - if (!empty($value)){ - $v_userdir .= $key . ":" . $value. "\n"; - } else { - $v_userdir .= $key . "\n"; - } -} - -// Check POST request -if (!empty($_POST['save'])) { - - // Check token - if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) { - header('location: /login/'); - exit(); - } - - $v_web = $_POST['v_web']; - $v_web_tmp = str_replace("\r\n", ",", $_POST['v_web']); - $v_web_tmp = rtrim($v_web_tmp, ","); - $v_web_tmp = "WEB=" . escapeshellarg($v_web_tmp); - - $v_dns = $_POST['v_dns']; - $v_dns_tmp = str_replace("\r\n", ",", $_POST['v_dns']); - $v_dns_tmp = rtrim($v_dns_tmp, ","); - $v_dns_tmp = "DNS=" . escapeshellarg($v_dns_tmp); - - $v_mail = $_POST['v_mail']; - $v_mail_tmp = str_replace("\r\n", ",", $_POST['v_mail']); - $v_mail_tmp = rtrim($v_mail_tmp, ","); - $v_mail_tmp = "MAIL=" . escapeshellarg($v_mail_tmp); - - $v_db = $_POST['v_db']; - $v_db_tmp = str_replace("\r\n", ",", $_POST['v_db']); - $v_db_tmp = rtrim($v_db_tmp, ","); - $v_db_tmp = "DB=" . escapeshellarg($v_db_tmp); - - $v_cron = $_POST['v_cron']; - $v_cron_tmp = str_replace("\r\n", ",", $_POST['v_cron']); - $v_cron_tmp = rtrim($v_cron_tmp, ","); - $v_cron_tmp = "CRON=" . escapeshellarg($v_cron_tmp); - - $v_userdir = $_POST['v_userdir']; - $v_userdir_tmp = str_replace("\r\n", ",", $_POST['v_userdir']); - $v_userdir_tmp = rtrim($v_userdir_tmp, ","); - $v_userdir_tmp = "USER=" . escapeshellarg($v_userdir_tmp); - - // Create temporary exeption list on a filesystem - exec ('mktemp', $mktemp_output, $return_var); - $tmp = $mktemp_output[0]; - $fp = fopen($tmp, 'w'); - fwrite($fp, $v_web_tmp . "\n" . $v_dns_tmp . "\n" . $v_mail_tmp . "\n" . $v_db_tmp . "\n" . $v_userdir_tmp . "\n"); - fclose($fp); - unset($mktemp_output); - - // Save changes - exec (VESTA_CMD."v-update-user-backup-exclusions ".$user." ".$tmp, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - - // Set success message - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __("Changes has been saved."); - } -} - - -// Render page -render_page($user, $TAB, 'edit_backup_exclusions'); - -// Flush session messages -unset($_SESSION['error_msg']); -unset($_SESSION['ok_msg']); + diff --git a/web/edit/cron/index.php b/web/edit/cron/index.php index 9f7ffb344..30e3dec0b 100644 --- a/web/edit/cron/index.php +++ b/web/edit/cron/index.php @@ -1,83 +1 @@ - diff --git a/web/edit/db/index.php b/web/edit/db/index.php index 232f63224..30e3dec0b 100644 --- a/web/edit/db/index.php +++ b/web/edit/db/index.php @@ -1,91 +1 @@ - diff --git a/web/edit/dns/index.php b/web/edit/dns/index.php index b8cbc4dbf..30e3dec0b 100644 --- a/web/edit/dns/index.php +++ b/web/edit/dns/index.php @@ -1,209 +1 @@ - diff --git a/web/edit/file/index.php b/web/edit/file/index.php index d6ae8dcee..30e3dec0b 100644 --- a/web/edit/file/index.php +++ b/web/edit/file/index.php @@ -1,148 +1 @@ - - -Edit file <?= htmlspecialchars($_REQUEST['path']) ?> - - - - - - - - - - - - -Error while saving file

'); - exit; - } - } - unlink($fn); - } - } - - exec (VESTA_CMD . "v-open-fs-file {$user} ".escapeshellarg($path), $content, $return_var); - if ($return_var != 0) { - print 'Error while opening file'; // todo: handle this more styled - exit; - } - $content = implode("\n", $content)."\n"; - } else { - $content = ''; - } -?> - -
- - - - - - -
- - - + diff --git a/web/edit/firewall/index.php b/web/edit/firewall/index.php index 67e039d4d..30e3dec0b 100644 --- a/web/edit/firewall/index.php +++ b/web/edit/firewall/index.php @@ -1,88 +1 @@ - diff --git a/web/edit/ip/index.php b/web/edit/ip/index.php index c7ec6d7a0..30e3dec0b 100644 --- a/web/edit/ip/index.php +++ b/web/edit/ip/index.php @@ -1,106 +1 @@ - diff --git a/web/edit/mail/index.php b/web/edit/mail/index.php index 44f122f13..30e3dec0b 100644 --- a/web/edit/mail/index.php +++ b/web/edit/mail/index.php @@ -1,342 +1 @@ - diff --git a/web/edit/package/index.php b/web/edit/package/index.php index e8d4eddc9..30e3dec0b 100644 --- a/web/edit/package/index.php +++ b/web/edit/package/index.php @@ -1,231 +1 @@ - $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } - - // Protect input - $v_package = escapeshellarg($_POST['v_package']); - $v_web_template = escapeshellarg($_POST['v_web_template']); - if (!empty($_SESSION['WEB_BACKEND'])) { - $v_backend_template = escapeshellarg($_POST['v_backend_template']); - } - if (!empty($_SESSION['PROXY_SYSTEM'])) { - $v_proxy_template = escapeshellarg($_POST['v_proxy_template']); - } - $v_dns_template = escapeshellarg($_POST['v_dns_template']); - $v_shell = escapeshellarg($_POST['v_shell']); - $v_web_domains = escapeshellarg($_POST['v_web_domains']); - $v_web_aliases = escapeshellarg($_POST['v_web_aliases']); - $v_dns_domains = escapeshellarg($_POST['v_dns_domains']); - $v_dns_records = escapeshellarg($_POST['v_dns_records']); - $v_mail_domains = escapeshellarg($_POST['v_mail_domains']); - $v_mail_accounts = escapeshellarg($_POST['v_mail_accounts']); - $v_databases = escapeshellarg($_POST['v_databases']); - $v_cron_jobs = escapeshellarg($_POST['v_cron_jobs']); - $v_backups = escapeshellarg($_POST['v_backups']); - $v_disk_quota = escapeshellarg($_POST['v_disk_quota']); - $v_bandwidth = escapeshellarg($_POST['v_bandwidth']); - $v_ns1 = trim($_POST['v_ns1'], '.'); - $v_ns2 = trim($_POST['v_ns2'], '.'); - $v_ns3 = trim($_POST['v_ns3'], '.'); - $v_ns4 = trim($_POST['v_ns4'], '.'); - $v_ns5 = trim($_POST['v_ns5'], '.'); - $v_ns6 = trim($_POST['v_ns6'], '.'); - $v_ns7 = trim($_POST['v_ns7'], '.'); - $v_ns8 = trim($_POST['v_ns8'], '.'); - $v_ns = $v_ns1.",".$v_ns2; - if (!empty($v_ns3)) $v_ns .= ",".$v_ns3; - if (!empty($v_ns4)) $v_ns .= ",".$v_ns4; - if (!empty($v_ns5)) $v_ns .= ",".$v_ns5; - if (!empty($v_ns6)) $v_ns .= ",".$v_ns6; - if (!empty($v_ns7)) $v_ns .= ",".$v_ns7; - if (!empty($v_ns8)) $v_ns .= ",".$v_ns8; - $v_ns = escapeshellarg($v_ns); - $v_time = escapeshellarg(date('H:i:s')); - $v_date = escapeshellarg(date('Y-m-d')); - - // Create temprorary directory - exec ('mktemp -d', $output, $return_var); - $tmpdir = $output[0]; - unset($output); - - // Save package file on a fs - $pkg = "WEB_TEMPLATE=".$v_web_template."\n"; - $pkg .= "BACKEND_TEMPLATE=".$v_backend_template."\n"; - $pkg .= "PROXY_TEMPLATE=".$v_proxy_template."\n"; - $pkg .= "DNS_TEMPLATE=".$v_dns_template."\n"; - $pkg .= "WEB_DOMAINS=".$v_web_domains."\n"; - $pkg .= "WEB_ALIASES=".$v_web_aliases."\n"; - $pkg .= "DNS_DOMAINS=".$v_dns_domains."\n"; - $pkg .= "DNS_RECORDS=".$v_dns_records."\n"; - $pkg .= "MAIL_DOMAINS=".$v_mail_domains."\n"; - $pkg .= "MAIL_ACCOUNTS=".$v_mail_accounts."\n"; - $pkg .= "DATABASES=".$v_databases."\n"; - $pkg .= "CRON_JOBS=".$v_cron_jobs."\n"; - $pkg .= "DISK_QUOTA=".$v_disk_quota."\n"; - $pkg .= "BANDWIDTH=".$v_bandwidth."\n"; - $pkg .= "NS=".$v_ns."\n"; - $pkg .= "SHELL=".$v_shell."\n"; - $pkg .= "BACKUPS=".$v_backups."\n"; - $pkg .= "TIME=".$v_time."\n"; - $pkg .= "DATE=".$v_date."\n"; - $fp = fopen($tmpdir."/".$_POST['v_package'].".pkg", 'w'); - fwrite($fp, $pkg); - fclose($fp); - - // Save changes - exec (VESTA_CMD."v-add-user-package ".$tmpdir." ".$v_package." yes", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - - // Remove temporary dir - exec ('rm -rf '.$tmpdir, $output, $return_var); - unset($output); - - // Propogate new package - exec (VESTA_CMD."v-update-user-package ".$v_package." json", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - - // Set success message - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('Changes has been saved.'); - } -} - - -// Render page -render_page($user, $TAB, 'edit_package'); - -// Flush session messages -unset($_SESSION['error_msg']); -unset($_SESSION['ok_msg']); + diff --git a/web/edit/server/apache2/index.php b/web/edit/server/apache2/index.php index 10eddb7cb..30e3dec0b 100644 --- a/web/edit/server/apache2/index.php +++ b/web/edit/server/apache2/index.php @@ -1,58 +1 @@ - diff --git a/web/edit/server/bind9/index.php b/web/edit/server/bind9/index.php index bbe7e5634..30e3dec0b 100644 --- a/web/edit/server/bind9/index.php +++ b/web/edit/server/bind9/index.php @@ -1,73 +1 @@ - diff --git a/web/edit/server/clamd/index.php b/web/edit/server/clamd/index.php index 29b8dcdf0..30e3dec0b 100644 --- a/web/edit/server/clamd/index.php +++ b/web/edit/server/clamd/index.php @@ -1,58 +1 @@ - diff --git a/web/edit/server/cron/index.php b/web/edit/server/cron/index.php index 16736b0bd..30e3dec0b 100644 --- a/web/edit/server/cron/index.php +++ b/web/edit/server/cron/index.php @@ -1,58 +1 @@ - diff --git a/web/edit/server/crond/index.php b/web/edit/server/crond/index.php index c35174c97..30e3dec0b 100644 --- a/web/edit/server/crond/index.php +++ b/web/edit/server/crond/index.php @@ -1,58 +1 @@ - diff --git a/web/edit/server/dovecot/index.php b/web/edit/server/dovecot/index.php index 9e8015a93..30e3dec0b 100644 --- a/web/edit/server/dovecot/index.php +++ b/web/edit/server/dovecot/index.php @@ -1,183 +1 @@ - diff --git a/web/edit/server/exim/index.php b/web/edit/server/exim/index.php index 4cce77209..30e3dec0b 100644 --- a/web/edit/server/exim/index.php +++ b/web/edit/server/exim/index.php @@ -1,58 +1 @@ - diff --git a/web/edit/server/exim4/index.php b/web/edit/server/exim4/index.php index 3aa66cf05..30e3dec0b 100644 --- a/web/edit/server/exim4/index.php +++ b/web/edit/server/exim4/index.php @@ -1,58 +1 @@ - diff --git a/web/edit/server/fail2ban/index.php b/web/edit/server/fail2ban/index.php index 98f5ff53d..30e3dec0b 100644 --- a/web/edit/server/fail2ban/index.php +++ b/web/edit/server/fail2ban/index.php @@ -1,58 +1 @@ - diff --git a/web/edit/server/httpd/index.php b/web/edit/server/httpd/index.php index 05864a975..30e3dec0b 100644 --- a/web/edit/server/httpd/index.php +++ b/web/edit/server/httpd/index.php @@ -1,58 +1 @@ - diff --git a/web/edit/server/index.php b/web/edit/server/index.php index 055bcdcd1..30e3dec0b 100644 --- a/web/edit/server/index.php +++ b/web/edit/server/index.php @@ -1,627 +1 @@ - $value) { - $v_dns_cluster = 'yes'; -} - -// List Database hosts -exec (VESTA_CMD."v-list-database-hosts json", $output, $return_var); -$db_hosts = json_decode(implode('', $output), true); -unset($output); -$v_mysql_hosts = array_values(array_filter($db_hosts, function($host){return $host['TYPE'] === 'mysql';})); -$v_mysql = count($v_mysql_hosts) ? 'yes' : 'no'; -$v_pgsql_hosts = array_values(array_filter($db_hosts, function($host){return $host['TYPE'] === 'pgsql';})); -$v_pgsql = count($v_pgsql_hosts) ? 'yes' : 'no'; -unset($db_hosts); - -// List backup settings -$v_backup_dir = "/backup"; -if (!empty($_SESSION['BACKUP'])) $v_backup_dir = $_SESSION['BACKUP']; -$v_backup_gzip = '5'; -if (!empty($_SESSION['BACKUP_GZIP'])) $v_backup_gzip = $_SESSION['BACKUP_GZIP']; -$backup_types = explode(",",$_SESSION['BACKUP_SYSTEM']); -foreach ($backup_types as $backup_type) { - if ($backup_type == 'local') { - $v_backup = 'yes'; - } else { - exec (VESTA_CMD."v-list-backup-host ".$backup_type. " json", $output, $return_var); - $v_remote_backup = json_decode(implode('', $output), true); - unset($output); - $v_backup_host = $v_remote_backup[$backup_type]['HOST']; - $v_backup_type = $v_remote_backup[$backup_type]['TYPE']; - $v_backup_username = $v_remote_backup[$backup_type]['USERNAME']; - $v_backup_password = ""; - $v_backup_port = $v_remote_backup[$backup_type]['PORT']; - $v_backup_bpath = $v_remote_backup[$backup_type]['BPATH']; - } -} - -// List ssl web domains -exec (VESTA_CMD."v-search-ssl-certificates json", $output, $return_var); -$v_ssl_domains = json_decode(implode('', $output), true); -//$v_vesta_certificate -unset($output); - -// List ssl certificate info -exec (VESTA_CMD."v-list-sys-vesta-ssl json", $output, $return_var); -$v_sys_ssl_str = json_decode(implode('', $output), true); -unset($output); -$v_sys_ssl_crt = $v_sys_ssl_str['VESTA']['CRT']; -$v_sys_ssl_key = $v_sys_ssl_str['VESTA']['KEY']; -$v_sys_ssl_ca = $v_sys_ssl_str['VESTA']['CA']; -$v_sys_ssl_subject = $v_sys_ssl_str['VESTA']['SUBJECT']; -$v_sys_ssl_aliases = $v_sys_ssl_str['VESTA']['ALIASES']; -$v_sys_ssl_not_before = $v_sys_ssl_str['VESTA']['NOT_BEFORE']; -$v_sys_ssl_not_after = $v_sys_ssl_str['VESTA']['NOT_AFTER']; -$v_sys_ssl_signature = $v_sys_ssl_str['VESTA']['SIGNATURE']; -$v_sys_ssl_pub_key = $v_sys_ssl_str['VESTA']['PUB_KEY']; -$v_sys_ssl_issuer = $v_sys_ssl_str['VESTA']['ISSUER']; - -// List mail ssl certificate info -if (!empty($_SESSION['VESTA_CERTIFICATE'])); { - exec (VESTA_CMD."v-list-sys-mail-ssl json", $output, $return_var); - $v_mail_ssl_str = json_decode(implode('', $output), true); - unset($output); - $v_mail_ssl_crt = $v_mail_ssl_str['MAIL']['CRT']; - $v_mail_ssl_key = $v_mail_ssl_str['MAIL']['KEY']; - $v_mail_ssl_ca = $v_mail_ssl_str['MAIL']['CA']; - $v_mail_ssl_subject = $v_mail_ssl_str['MAIL']['SUBJECT']; - $v_mail_ssl_aliases = $v_mail_ssl_str['MAIL']['ALIASES']; - $v_mail_ssl_not_before = $v_mail_ssl_str['MAIL']['NOT_BEFORE']; - $v_mail_ssl_not_after = $v_mail_ssl_str['MAIL']['NOT_AFTER']; - $v_mail_ssl_signature = $v_mail_ssl_str['MAIL']['SIGNATURE']; - $v_mail_ssl_pub_key = $v_mail_ssl_str['MAIL']['PUB_KEY']; - $v_mail_ssl_issuer = $v_mail_ssl_str['MAIL']['ISSUER']; -} - -// Check POST request -if (!empty($_POST['save'])) { - - // Check token - if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) { - header('location: /login/'); - exit(); - } - - // Change hostname - if ((!empty($_POST['v_hostname'])) && ($v_hostname != $_POST['v_hostname'])) { - exec (VESTA_CMD."v-change-sys-hostname ".escapeshellarg($_POST['v_hostname']), $output, $return_var); - check_return_code($return_var,$output); - unset($output); - $v_hostname = $_POST['v_hostname']; - } - - // Change port - if ((!empty($_POST['port'])) && ($port != $_POST['port'])) { - exec (VESTA_CMD."v-change-vesta-port ".escapeshellarg($_POST['port']), $output, $return_var); - check_return_code($return_var,$output); - unset($output); - $port = $_POST['port']; - } - - // Change timezone - if (empty($_SESSION['error_msg'])) { - if (!empty($_POST['v_timezone'])) { - $v_tz = $_POST['v_timezone']; - if ($v_tz == 'UTC' ) $v_tz = 'Etc/UTC'; - if ($v_tz == 'HAST' ) $v_tz = 'Pacific/Honolulu'; - if ($v_tz == 'HADT' ) $v_tz = 'US/Aleutian'; - if ($v_tz == 'AKST' ) $v_tz = 'Etc/GMT+9'; - if ($v_tz == 'AKDT' ) $v_tz = 'America/Anchorage'; - if ($v_tz == 'PST' ) $v_tz = 'America/Dawson_Creek'; - if ($v_tz == 'PDT' ) $v_tz = 'PST8PDT'; - if ($v_tz == 'MDT' ) $v_tz = 'MST7MDT'; - if ($v_tz == 'CST' ) $v_tz = 'Canada/Saskatchewan'; - if ($v_tz == 'CDT' ) $v_tz = 'CST6CDT'; - if ($v_tz == 'EDT' ) $v_tz = 'EST5EDT'; - if ($v_tz == 'AST' ) $v_tz = 'America/Puerto_Rico'; - if ($v_tz == 'ADT' ) $v_tz = 'America/Halifax'; - - if ($v_timezone != $v_tz) { - exec (VESTA_CMD."v-change-sys-timezone ".escapeshellarg($v_tz), $output, $return_var); - check_return_code($return_var,$output); - $v_timezone = $v_tz; - unset($output); - } - } - } - - // Change default language - if (empty($_SESSION['error_msg'])) { - if ((!empty($_POST['v_language'])) && ($_SESSION['LANGUAGE'] != $_POST['v_language'])) { - exec (VESTA_CMD."v-change-sys-language ".escapeshellarg($_POST['v_language']), $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) $_SESSION['LANGUAGE'] = $_POST['v_language']; - } - } - - // Set disk_quota support - if (empty($_SESSION['error_msg'])) { - if ((!empty($_POST['v_quota'])) && ($_SESSION['DISK_QUOTA'] != $_POST['v_quota'])) { - if($_POST['v_quota'] == 'yes') { - exec (VESTA_CMD."v-add-sys-quota", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) $_SESSION['DISK_QUOTA'] = 'yes'; - } else { - exec (VESTA_CMD."v-delete-sys-quota", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) $_SESSION['DISK_QUOTA'] = 'no'; - } - } - } - - // Set firewall support - if (empty($_SESSION['error_msg'])) { - if ($_SESSION['FIREWALL_SYSTEM'] == 'iptables') $v_firewall = 'yes'; - if ($_SESSION['FIREWALL_SYSTEM'] != 'iptables') $v_firewall = 'no'; - if ((!empty($_POST['v_firewall'])) && ($v_firewall != $_POST['v_firewall'])) { - if($_POST['v_firewall'] == 'yes') { - exec (VESTA_CMD."v-add-sys-firewall", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) $_SESSION['FIREWALL_SYSTEM'] = 'iptables'; - } else { - exec (VESTA_CMD."v-delete-sys-firewall", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) $_SESSION['FIREWALL_SYSTEM'] = ''; - } - } - } - - // Update mysql pasword - if (empty($_SESSION['error_msg'])) { - if (!empty($_POST['v_mysql_password'])) { - exec (VESTA_CMD."v-change-database-host-password mysql localhost root ".escapeshellarg($_POST['v_mysql_password']), $output, $return_var); - check_return_code($return_var,$output); - unset($output); - $v_db_adv = 'yes'; - } - } - - - // Delete Mail Domain SSL certificate - if ((!isset($_POST['v_mail_ssl_domain_checkbox'])) && (!empty($_SESSION['MAIL_CERTIFICATE'])) && (empty($_SESSION['error_msg']))) { - unset($_SESSION['MAIL_CERTIFICATE']); - exec (VESTA_CMD."v-delete-sys-mail-ssl", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Updating Mail Domain SSL certificate - if ((isset($_POST['v_mail_ssl_domain_checkbox'])) && (isset($_POST['v_mail_ssl_domain'])) && (empty($_SESSION['error_msg']))) { - if ((!empty($_POST['v_mail_ssl_domain'])) && ($_POST['v_mail_ssl_domain'] != $_SESSION['MAIL_CERTIFICATE'])) { - $v_mail_ssl_str = explode(":", $_POST['v_mail_ssl_domain']); - $v_mail_ssl_user = escapeshellarg($v_mail_ssl_str[0]); - $v_mail_ssl_domain = escapeshellarg($v_mail_ssl_str[1]); - exec (VESTA_CMD."v-add-sys-mail-ssl ".$v_mail_ssl_user." ".$v_mail_ssl_domain, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - unset($v_mail_ssl_str); - - if (empty($_SESSION['error_msg'])) { - $_SESSION['MAIL_CERTIFICATE'] = $_POST['v_mail_ssl_domain']; - - // List SSL certificate info - exec (VESTA_CMD."v-list-sys-mail-ssl json", $output, $return_var); - $v_mail_ssl_str = json_decode(implode('', $output), true); - unset($output); - $v_mail_ssl_crt = $v_mail_ssl_str['MAIL']['CRT']; - $v_mail_ssl_key = $v_mail_ssl_str['MAIL']['KEY']; - $v_mail_ssl_ca = $v_mail_ssl_str['MAIL']['CA']; - $v_mail_ssl_subject = $v_mail_ssl_str['MAIL']['SUBJECT']; - $v_mail_ssl_aliases = $v_mail_ssl_str['MAIL']['ALIASES']; - $v_mail_ssl_not_before = $v_mail_ssl_str['MAIL']['NOT_BEFORE']; - $v_mail_ssl_not_after = $v_mail_ssl_str['MAIL']['NOT_AFTER']; - $v_mail_ssl_signature = $v_mail_ssl_str['MAIL']['SIGNATURE']; - $v_mail_ssl_pub_key = $v_mail_ssl_str['MAIL']['PUB_KEY']; - $v_mail_ssl_issuer = $v_mail_ssl_str['MAIL']['ISSUER']; - } - } - } - - // Update webmail url - if (empty($_SESSION['error_msg'])) { - if ($_POST['v_mail_url'] != $_SESSION['MAIL_URL']) { - exec (VESTA_CMD."v-change-sys-config-value MAIL_URL ".escapeshellarg($_POST['v_mail_url']), $output, $return_var); - check_return_code($return_var,$output); - unset($output); - $v_mail_adv = 'yes'; - } - } - - // Update phpMyAdmin url - if (empty($_SESSION['error_msg'])) { - if ($_POST['v_mysql_url'] != $_SESSION['DB_PMA_URL']) { - exec (VESTA_CMD."v-change-sys-config-value DB_PMA_URL ".escapeshellarg($_POST['v_mysql_url']), $output, $return_var); - check_return_code($return_var,$output); - unset($output); - $v_db_adv = 'yes'; - } - } - - // Update phpPgAdmin url - if (empty($_SESSION['error_msg'])) { - if ($_POST['v_pgsql_url'] != $_SESSION['DB_PGA_URL']) { - exec (VESTA_CMD."v-change-sys-config-value DB_PGA_URL ".escapeshellarg($_POST['v_pgsql_url']), $output, $return_var); - check_return_code($return_var,$output); - unset($output); - $v_db_adv = 'yes'; - } - } - - // Disable local backup - if (empty($_SESSION['error_msg'])) { - if (($_POST['v_backup'] == 'no') && ($v_backup == 'yes' )) { - exec (VESTA_CMD."v-delete-backup-host local", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) $v_backup = 'no'; - $v_backup_adv = 'yes'; - } - } - - // Enable local backups - if (empty($_SESSION['error_msg'])) { - if (($_POST['v_backup'] == 'yes') && ($v_backup != 'yes' )) { - exec (VESTA_CMD."v-add-backup-host local", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) $v_backup = 'yes'; - $v_backup_adv = 'yes'; - } - } - - // Change backup gzip level - if (empty($_SESSION['error_msg'])) { - if ($_POST['v_backup_gzip'] != $v_backup_gzip ) { - exec (VESTA_CMD."v-change-sys-config-value BACKUP_GZIP ".escapeshellarg($_POST['v_backup_gzip']), $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) $v_backup_gzip = $_POST['v_backup_gzip']; - $v_backup_adv = 'yes'; - } - } - - // Change backup path - if (empty($_SESSION['error_msg'])) { - if ($_POST['v_backup_dir'] != $v_backup_dir ) { - exec (VESTA_CMD."v-change-sys-config-value BACKUP ".escapeshellarg($_POST['v_backup_dir']), $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) $v_backup_dir = $_POST['v_backup_dir']; - $v_backup_adv = 'yes'; - } - } - - // Add remote backup host - if (empty($_SESSION['error_msg'])) { - if ((!empty($_POST['v_backup_host'])) && (empty($v_backup_host))) { - $v_backup_host = escapeshellarg($_POST['v_backup_host']); - $v_backup_type = escapeshellarg($_POST['v_backup_type']); - $v_backup_username = escapeshellarg($_POST['v_backup_username']); - $v_backup_password = escapeshellarg($_POST['v_backup_password']); - $v_backup_bpath = escapeshellarg($_POST['v_backup_bpath']); - exec (VESTA_CMD."v-add-backup-host ".$v_backup_type." ".$v_backup_host ." ".$v_backup_username." ".$v_backup_password." ".$v_backup_bpath, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) $v_backup_host = $_POST['v_backup_host']; - if (empty($_SESSION['error_msg'])) $v_backup_type = $_POST['v_backup_type']; - if (empty($_SESSION['error_msg'])) $v_backup_username = $_POST['v_backup_username']; - if (empty($_SESSION['error_msg'])) $v_backup_password = $_POST['v_backup_password']; - if (empty($_SESSION['error_msg'])) $v_backup_bpath = $_POST['v_backup_bpath']; - $v_backup_new = 'yes'; - $v_backup_adv = 'yes'; - $v_backup_remote_adv = 'yes'; - } - } - - // Change remote backup host type - if (empty($_SESSION['error_msg'])) { - if ((!empty($_POST['v_backup_host'])) && ($_POST['v_backup_type'] != $v_backup_type)) { - exec (VESTA_CMD."v-delete-backup-host " . escapeshellarg($v_backup_type), $output, $return_var); - unset($output); - - $v_backup_host = escapeshellarg($_POST['v_backup_host']); - $v_backup_type = escapeshellarg($_POST['v_backup_type']); - $v_backup_username = escapeshellarg($_POST['v_backup_username']); - $v_backup_password = escapeshellarg($_POST['v_backup_password']); - $v_backup_bpath = escapeshellarg($_POST['v_backup_bpath']); - exec (VESTA_CMD."v-add-backup-host ".$v_backup_type." ".$v_backup_host." ".$v_backup_username." ".$v_backup_password." ".$v_backup_bpath, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) $v_backup_host = $_POST['v_backup_host']; - if (empty($_SESSION['error_msg'])) $v_backup_type = $_POST['v_backup_type']; - if (empty($_SESSION['error_msg'])) $v_backup_username = $_POST['v_backup_username']; - if (empty($_SESSION['error_msg'])) $v_backup_password = $_POST['v_backup_password']; - if (empty($_SESSION['error_msg'])) $v_backup_bpath = $_POST['v_backup_bpath']; - $v_backup_adv = 'yes'; - $v_backup_remote_adv = 'yes'; - } - } - - // Change remote backup host - if (empty($_SESSION['error_msg'])) { - if ((!empty($_POST['v_backup_host'])) && ($_POST['v_backup_type'] == $v_backup_type) && (!isset($v_backup_new))) { - if (($_POST['v_backup_host'] != $v_backup_host) || ($_POST['v_backup_username'] != $v_backup_username) || ($_POST['v_backup_password'] != $v_backup_password) || ($_POST['v_backup_bpath'] != $v_backup_bpath)){ - $v_backup_host = escapeshellarg($_POST['v_backup_host']); - $v_backup_type = escapeshellarg($_POST['v_backup_type']); - $v_backup_username = escapeshellarg($_POST['v_backup_username']); - $v_backup_password = escapeshellarg($_POST['v_backup_password']); - $v_backup_bpath = escapeshellarg($_POST['v_backup_bpath']); - exec (VESTA_CMD."v-add-backup-host ".$v_backup_type." ".$v_backup_host." ".$v_backup_username." ".$v_backup_password." ".$v_backup_bpath, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) $v_backup_host = $_POST['v_backup_host']; - if (empty($_SESSION['error_msg'])) $v_backup_type = $_POST['v_backup_type']; - if (empty($_SESSION['error_msg'])) $v_backup_username = $_POST['v_backup_username']; - if (empty($_SESSION['error_msg'])) $v_backup_password = $_POST['v_backup_password']; - if (empty($_SESSION['error_msg'])) $v_backup_bpath = $_POST['v_backup_bpath']; - $v_backup_adv = 'yes'; - $v_backup_remote_adv = 'yes'; - } - } - } - - // Delete remote backup host - if (empty($_SESSION['error_msg'])) { - if ((empty($_POST['v_backup_host'])) && (!empty($v_backup_host))) { - exec (VESTA_CMD."v-delete-backup-host ". $v_backup_type, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) $v_backup_host = ''; - if (empty($_SESSION['error_msg'])) $v_backup_type = ''; - if (empty($_SESSION['error_msg'])) $v_backup_username = ''; - if (empty($_SESSION['error_msg'])) $v_backup_password = ''; - if (empty($_SESSION['error_msg'])) $v_backup_bpath = ''; - $v_backup_adv = ''; - $v_backup_remote_adv = ''; - } - } - - - - // Delete WEB Domain SSL certificate - if ((!isset($_POST['v_web_ssl_domain_checkbox'])) && (!empty($_SESSION['VESTA_CERTIFICATE'])) && (empty($_SESSION['error_msg']))) { - unset($_SESSION['VESTA_CERTIFICATE']); - exec (VESTA_CMD."v-delete-sys-vesta-ssl", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Updating WEB Domain SSL certificate - if ((isset($_POST['v_web_ssl_domain_checkbox'])) && (isset($_POST['v_web_ssl_domain'])) && (empty($_SESSION['error_msg']))) { - - if ((!empty($_POST['v_web_ssl_domain'])) && ($_POST['v_web_ssl_domain'] != $_SESSION['VESTA_CERTIFICATE'])) { - $v_web_ssl_str = explode(":", $_POST['v_web_ssl_domain']); - $v_web_ssl_user = escapeshellarg($v_web_ssl_str[0]); - $v_web_ssl_domain = escapeshellarg($v_web_ssl_str[1]); - exec (VESTA_CMD."v-add-sys-vesta-ssl ".$v_web_ssl_user." ".$v_web_ssl_domain, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - - if (empty($_SESSION['error_msg'])) { - $_SESSION['VESTA_CERTIFICATE'] = $_POST['v_web_ssl_domain']; - - // List SSL certificate info - exec (VESTA_CMD."v-list-sys-vesta-ssl json", $output, $return_var); - $v_sys_ssl_str = json_decode(implode('', $output), true); - unset($output); - $v_sys_ssl_crt = $v_sys_ssl_str['VESTA']['CRT']; - $v_sys_ssl_key = $v_sys_ssl_str['VESTA']['KEY']; - $v_sys_ssl_ca = $v_sys_ssl_str['VESTA']['CA']; - $v_sys_ssl_subject = $v_sys_ssl_str['VESTA']['SUBJECT']; - $v_sys_ssl_aliases = $v_sys_ssl_str['VESTA']['ALIASES']; - $v_sys_ssl_not_before = $v_sys_ssl_str['VESTA']['NOT_BEFORE']; - $v_sys_ssl_not_after = $v_sys_ssl_str['VESTA']['NOT_AFTER']; - $v_sys_ssl_signature = $v_sys_ssl_str['VESTA']['SIGNATURE']; - $v_sys_ssl_pub_key = $v_sys_ssl_str['VESTA']['PUB_KEY']; - $v_sys_ssl_issuer = $v_sys_ssl_str['VESTA']['ISSUER']; - } - } - } - - - // Update SSL certificate - if ((!empty($_POST['v_sys_ssl_crt'])) && (empty($_POST['v_web_ssl_domain'])) && (empty($_SESSION['error_msg']))) { - if (($v_sys_ssl_crt != str_replace("\r\n", "\n", $_POST['v_sys_ssl_crt'])) || ($v_sys_ssl_key != str_replace("\r\n", "\n", $_POST['v_sys_ssl_key']))) { - exec ('mktemp -d', $mktemp_output, $return_var); - $tmpdir = $mktemp_output[0]; - - // Certificate - if (!empty($_POST['v_sys_ssl_crt'])) { - $fp = fopen($tmpdir."/certificate.crt", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_sys_ssl_crt'])); - fwrite($fp, "\n"); - fclose($fp); - } - - // Key - if (!empty($_POST['v_sys_ssl_key'])) { - $fp = fopen($tmpdir."/certificate.key", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_sys_ssl_key'])); - fwrite($fp, "\n"); - fclose($fp); - } - - exec (VESTA_CMD."v-change-sys-vesta-ssl ".$tmpdir, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - - if (empty($_SESSION['error_msg'])) { - // List ssl certificate info - exec (VESTA_CMD."v-list-sys-vesta-ssl json", $output, $return_var); - $v_sys_ssl_str = json_decode(implode('', $output), true); - unset($output); - $v_sys_ssl_crt = $v_sys_ssl_str['VESTA']['CRT']; - $v_sys_ssl_key = $v_sys_ssl_str['VESTA']['KEY']; - $v_sys_ssl_ca = $v_sys_ssl_str['VESTA']['CA']; - $v_sys_ssl_subject = $v_sys_ssl_str['VESTA']['SUBJECT']; - $v_sys_ssl_aliases = $v_sys_ssl_str['VESTA']['ALIASES']; - $v_sys_ssl_not_before = $v_sys_ssl_str['VESTA']['NOT_BEFORE']; - $v_sys_ssl_not_after = $v_sys_ssl_str['VESTA']['NOT_AFTER']; - $v_sys_ssl_signature = $v_sys_ssl_str['VESTA']['SIGNATURE']; - $v_sys_ssl_pub_key = $v_sys_ssl_str['VESTA']['PUB_KEY']; - $v_sys_ssl_issuer = $v_sys_ssl_str['VESTA']['ISSUER']; - } - } - } - - // Flush field values on success - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('Changes has been saved.'); - } - - // activating sftp licence - if (empty($_SESSION['error_msg'])) { - if($_SESSION['SFTPJAIL_KEY'] != $_POST['v_sftp_licence'] && $_POST['v_sftp'] == 'yes'){ - $module = 'sftpjail'; - $licence_key = escapeshellarg($_POST['v_sftp_licence']); - exec (VESTA_CMD."v-activate-vesta-license ".$module." ".$licence_key, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('Licence Activated'); - $_SESSION['SFTPJAIL_KEY'] = $_POST['v_sftp_licence']; - } - } - } - - // cancel sftp licence - if (empty($_SESSION['error_msg'])) { - if($_POST['v_sftp'] == 'cancel' && $_SESSION['SFTPJAIL_KEY']){ - $module = 'sftpjail'; - $licence_key = escapeshellarg($_SESSION['SFTPJAIL_KEY']); - exec (VESTA_CMD."v-deactivate-vesta-license ".$module." ".$licence_key, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('Licence Deactivated'); - unset($_SESSION['SFTPJAIL_KEY']); - } - } - } - - // activating filemanager licence - if (empty($_SESSION['error_msg'])) { - if($_SESSION['FILEMANAGER_KEY'] != $_POST['v_filemanager_licence'] && $_POST['v_filemanager'] == 'yes'){ - $module = 'filemanager'; - $licence_key = escapeshellarg($_POST['v_filemanager_licence']); - exec (VESTA_CMD."v-activate-vesta-license ".$module." ".$licence_key, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('Licence Activated'); - $_SESSION['FILEMANAGER_KEY'] = $_POST['v_filemanager_licence']; - } - } - } - - // cancel filemanager licence - if (empty($_SESSION['error_msg'])) { - if($_POST['v_filemanager'] == 'cancel' && $_SESSION['FILEMANAGER_KEY']){ - $module = 'filemanager'; - $licence_key = escapeshellarg($_SESSION['FILEMANAGER_KEY']); - exec (VESTA_CMD."v-deactivate-vesta-license ".$module." ".$licence_key, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('Licence Deactivated'); - unset($_SESSION['FILEMANAGER_KEY']); - } - } - } - - // activating softaculous - if (empty($_SESSION['error_msg'])) { - if($_SESSION['SOFTACULOUS'] != $_POST['v_softaculous'] && $_POST['v_softaculous'] == 'yes'){ - exec (VESTA_CMD."v-add-vesta-softaculous WEB", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('Softaculous Activated'); - $_SESSION['SOFTACULOUS'] = 'yes'; - } - } - } - - // disable softaculous - if (empty($_SESSION['error_msg'])) { - if($_SESSION['SOFTACULOUS'] != $_POST['v_softaculous'] && $_POST['v_softaculous'] == 'no'){ - exec (VESTA_CMD."v-delete-vesta-softaculous", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('Softaculous Disabled'); - $_SESSION['SOFTACULOUS'] = ''; - } - } - } - -} - -// Check system configuration -exec (VESTA_CMD . "v-list-sys-config json", $output, $return_var); -$data = json_decode(implode('', $output), true); -unset($output); - -$sys_arr = $data['config']; -foreach ($sys_arr as $key => $value) { - $_SESSION[$key] = $value; -} - - -// Render page -render_page($user, $TAB, 'edit_server'); - -// Flush session messages -unset($_SESSION['error_msg']); -unset($_SESSION['ok_msg']); + diff --git a/web/edit/server/iptables/index.php b/web/edit/server/iptables/index.php index 5b9814fa2..30e3dec0b 100644 --- a/web/edit/server/iptables/index.php +++ b/web/edit/server/iptables/index.php @@ -1,10 +1 @@ - diff --git a/web/edit/server/mariadb/index.php b/web/edit/server/mariadb/index.php index bf9d9fb68..30e3dec0b 100644 --- a/web/edit/server/mariadb/index.php +++ b/web/edit/server/mariadb/index.php @@ -1,67 +1 @@ - diff --git a/web/edit/server/mysql/index.php b/web/edit/server/mysql/index.php index a0dcc72e3..30e3dec0b 100644 --- a/web/edit/server/mysql/index.php +++ b/web/edit/server/mysql/index.php @@ -1,67 +1 @@ - diff --git a/web/edit/server/mysqld/index.php b/web/edit/server/mysqld/index.php index 7c8548ed2..30e3dec0b 100644 --- a/web/edit/server/mysqld/index.php +++ b/web/edit/server/mysqld/index.php @@ -1,67 +1 @@ - diff --git a/web/edit/server/named/index.php b/web/edit/server/named/index.php index 6fc04a9c4..30e3dec0b 100644 --- a/web/edit/server/named/index.php +++ b/web/edit/server/named/index.php @@ -1,58 +1 @@ - diff --git a/web/edit/server/nginx/index.php b/web/edit/server/nginx/index.php index f9da848a1..30e3dec0b 100644 --- a/web/edit/server/nginx/index.php +++ b/web/edit/server/nginx/index.php @@ -1,72 +1 @@ - diff --git a/web/edit/server/php-fpm/index.php b/web/edit/server/php-fpm/index.php index c2c2413f3..30e3dec0b 100644 --- a/web/edit/server/php-fpm/index.php +++ b/web/edit/server/php-fpm/index.php @@ -1,68 +1 @@ - diff --git a/web/edit/server/php/index.php b/web/edit/server/php/index.php index c2c2413f3..30e3dec0b 100644 --- a/web/edit/server/php/index.php +++ b/web/edit/server/php/index.php @@ -1,68 +1 @@ - diff --git a/web/edit/server/php5-fpm/index.php b/web/edit/server/php5-fpm/index.php index c2c2413f3..30e3dec0b 100644 --- a/web/edit/server/php5-fpm/index.php +++ b/web/edit/server/php5-fpm/index.php @@ -1,68 +1 @@ - diff --git a/web/edit/server/postgresql/index.php b/web/edit/server/postgresql/index.php index abd003e12..30e3dec0b 100644 --- a/web/edit/server/postgresql/index.php +++ b/web/edit/server/postgresql/index.php @@ -1,78 +1 @@ - diff --git a/web/edit/server/proftpd/index.php b/web/edit/server/proftpd/index.php index 32ffd125f..30e3dec0b 100644 --- a/web/edit/server/proftpd/index.php +++ b/web/edit/server/proftpd/index.php @@ -1,58 +1 @@ - diff --git a/web/edit/server/spamassassin/index.php b/web/edit/server/spamassassin/index.php index afd1330b7..30e3dec0b 100644 --- a/web/edit/server/spamassassin/index.php +++ b/web/edit/server/spamassassin/index.php @@ -1,58 +1 @@ - diff --git a/web/edit/server/spamd/index.php b/web/edit/server/spamd/index.php index 95f720a5d..30e3dec0b 100644 --- a/web/edit/server/spamd/index.php +++ b/web/edit/server/spamd/index.php @@ -1,58 +1 @@ - diff --git a/web/edit/server/vsftpd/index.php b/web/edit/server/vsftpd/index.php index ed26924ce..30e3dec0b 100644 --- a/web/edit/server/vsftpd/index.php +++ b/web/edit/server/vsftpd/index.php @@ -1,58 +1 @@ - diff --git a/web/edit/user/index.php b/web/edit/user/index.php index 049ee20da..30e3dec0b 100644 --- a/web/edit/user/index.php +++ b/web/edit/user/index.php @@ -1,191 +1 @@ - diff --git a/web/edit/web/index.php b/web/edit/web/index.php index 6c703e7d7..30e3dec0b 100644 --- a/web/edit/web/index.php +++ b/web/edit/web/index.php @@ -1,753 +1 @@ - $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } else { - exec ('mktemp -d', $mktemp_output, $return_var); - $tmpdir = $mktemp_output[0]; - - // Certificate - if (!empty($_POST['v_ssl_crt'])) { - $fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt'])); - fclose($fp); - } - - // Key - if (!empty($_POST['v_ssl_key'])) { - $fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key'])); - fclose($fp); - } - - // CA - if (!empty($_POST['v_ssl_ca'])) { - $fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca'])); - fclose($fp); - } - exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." no", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - $v_ssl = 'yes'; - $restart_web = 'yes'; - $restart_proxy = 'yes'; - - exec (VESTA_CMD."v-list-web-domain-ssl ".$user." ".$v_domain." json", $output, $return_var); - $ssl_str = json_decode(implode('', $output), true); - unset($output); - $v_ssl_crt = $ssl_str[$_POST['v_domain']]['CRT']; - $v_ssl_key = $ssl_str[$_POST['v_domain']]['KEY']; - $v_ssl_ca = $ssl_str[$_POST['v_domain']]['CA']; - $v_ssl_subject = $ssl_str[$_POST['v_domain']]['SUBJECT']; - $v_ssl_aliases = $ssl_str[$_POST['v_domain']]['ALIASES']; - $v_ssl_not_before = $ssl_str[$_POST['v_domain']]['NOT_BEFORE']; - $v_ssl_not_after = $ssl_str[$_POST['v_domain']]['NOT_AFTER']; - $v_ssl_signature = $ssl_str[$_POST['v_domain']]['SIGNATURE']; - $v_ssl_pub_key = $ssl_str[$_POST['v_domain']]['PUB_KEY']; - $v_ssl_issuer = $ssl_str[$_POST['v_domain']]['ISSUER']; - - // Cleanup certificate tempfiles - if (!empty($_POST['v_ssl_crt'])) unlink($tmpdir."/".$_POST['v_domain'].".crt"); - if (!empty($_POST['v_ssl_key'])) unlink($tmpdir."/".$_POST['v_domain'].".key"); - if (!empty($_POST['v_ssl_ca'])) unlink($tmpdir."/".$_POST['v_domain'].".ca"); - rmdir($tmpdir); - } - } - - - - // Delete web stats - if ((!empty($v_stats)) && ($_POST['v_stats'] == 'none') && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-delete-web-domain-stats ".$v_username." ".$v_domain, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - $v_stats = ''; - } - - // Change web stats engine - if ((!empty($v_stats)) && ($_POST['v_stats'] != $v_stats) && (empty($_SESSION['error_msg']))) { - $v_stats = escapeshellarg($_POST['v_stats']); - exec (VESTA_CMD."v-change-web-domain-stats ".$v_username." ".$v_domain." ".$v_stats, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Add web stats - if ((empty($v_stats)) && ($_POST['v_stats'] != 'none') && (empty($_SESSION['error_msg']))) { - $v_stats = escapeshellarg($_POST['v_stats']); - exec (VESTA_CMD."v-add-web-domain-stats ".$v_username." ".$v_domain." ".$v_stats, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Delete web stats authorization - if ((!empty($v_stats_user)) && (empty($_POST['v_stats_auth'])) && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-delete-web-domain-stats-user ".$v_username." ".$v_domain, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - $v_stats_user = ''; - $v_stats_password = ''; - } - - // Change web stats user or password - if ((empty($v_stats_user)) && (!empty($_POST['v_stats_auth'])) && (empty($_SESSION['error_msg']))) { - if (empty($_POST['v_stats_user'])) $errors[] = __('stats username'); - if (!empty($errors[0])) { - foreach ($errors as $i => $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } else { - $v_stats_user = escapeshellarg($_POST['v_stats_user']); - $v_stats_password = tempnam("/tmp","vst"); - $fp = fopen($v_stats_password, "w"); - fwrite($fp, $_POST['v_stats_password']."\n"); - fclose($fp); - exec (VESTA_CMD."v-add-web-domain-stats-user ".$v_username." ".$v_domain." ".$v_stats_user." ".$v_stats_password, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - unlink($v_stats_password); - $v_stats_password = escapeshellarg($_POST['v_stats_password']); - } - } - - // Add web stats authorization - if ((!empty($v_stats_user)) && (!empty($_POST['v_stats_auth'])) && (empty($_SESSION['error_msg']))) { - if (empty($_POST['v_stats_user'])) $errors[] = __('stats user'); - if (!empty($errors[0])) { - foreach ($errors as $i => $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } - if (($v_stats_user != $_POST['v_stats_user']) || (!empty($_POST['v_stats_password'])) && (empty($_SESSION['error_msg']))) { - $v_stats_user = escapeshellarg($_POST['v_stats_user']); - $v_stats_password = tempnam("/tmp","vst"); - $fp = fopen($v_stats_password, "w"); - fwrite($fp, $_POST['v_stats_password']."\n"); - fclose($fp); - exec (VESTA_CMD."v-add-web-domain-stats-user ".$v_username." ".$v_domain." ".$v_stats_user." ".$v_stats_password, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - unlink($v_stats_password); - $v_stats_password = escapeshellarg($_POST['v_stats_password']); - } - } - - // Update ftp account - if (!empty($_POST['v_ftp_user'])) { - $v_ftp_users_updated = array(); - foreach ($_POST['v_ftp_user'] as $i => $v_ftp_user_data) { - if (empty($v_ftp_user_data['v_ftp_user'])) { - continue; - } - - $v_ftp_user_data['v_ftp_user'] = preg_replace("/^".$user."_/i", "", $v_ftp_user_data['v_ftp_user']); - if ($v_ftp_user_data['is_new'] == 1 && !empty($_POST['v_ftp'])) { - if ((!empty($v_ftp_user_data['v_ftp_email'])) && (!filter_var($v_ftp_user_data['v_ftp_email'], FILTER_VALIDATE_EMAIL))) $_SESSION['error_msg'] = __('Please enter valid email address.'); - if (empty($v_ftp_user_data['v_ftp_user'])) $errors[] = 'ftp user'; - if (!empty($errors[0])) { - foreach ($errors as $i => $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } - - // Add ftp account - $v_ftp_username = $v_ftp_user_data['v_ftp_user']; - $v_ftp_username_full = $user . '_' . $v_ftp_user_data['v_ftp_user']; - $v_ftp_user = escapeshellarg($v_ftp_username); - $v_ftp_path = escapeshellarg(trim($v_ftp_user_data['v_ftp_path'])); - if (empty($_SESSION['error_msg'])) { - $v_ftp_password = tempnam("/tmp","vst"); - $fp = fopen($v_ftp_password, "w"); - fwrite($fp, $v_ftp_user_data['v_ftp_password']."\n"); - fclose($fp); - exec (VESTA_CMD."v-add-web-domain-ftp ".$v_username." ".$v_domain." ".$v_ftp_user." ".$v_ftp_password . " " . $v_ftp_path, $output, $return_var); - check_return_code($return_var,$output); - if ((!empty($v_ftp_user_data['v_ftp_email'])) && (empty($_SESSION['error_msg']))) { - $to = $v_ftp_user_data['v_ftp_email']; - $subject = __("FTP login credentials"); - $hostname = exec('hostname'); - $from = __('MAIL_FROM',$hostname); - $mailtext = __('FTP_ACCOUNT_READY',$_GET['domain'],$user,$v_ftp_username,$v_ftp_user_data['v_ftp_password']); - send_email($to, $subject, $mailtext, $from); - unset($v_ftp_email); - } - unset($output); - unlink($v_ftp_password); - $v_ftp_password = escapeshellarg($v_ftp_user_data['v_ftp_password']); - } - - if ($return_var == 0) { - $v_ftp_password = ""; - $v_ftp_user_data['is_new'] = 0; - } - else { - $v_ftp_user_data['is_new'] = 1; - } - - $v_ftp_users_updated[] = array( - 'is_new' => empty($_SESSION['error_msg']) ? 0 : 1, - 'v_ftp_user' => $v_ftp_username_full, - 'v_ftp_password' => $v_ftp_password, - 'v_ftp_path' => $v_ftp_user_data['v_ftp_path'], - 'v_ftp_email' => $v_ftp_user_data['v_ftp_email'], - 'v_ftp_pre_path' => $v_ftp_user_prepath - ); - - continue; - } - - // Delete FTP account - if ($v_ftp_user_data['delete'] == 1) { - $v_ftp_username = $user . '_' . $v_ftp_user_data['v_ftp_user']; - exec (VESTA_CMD."v-delete-web-domain-ftp ".$v_username." ".$v_domain." ".$v_ftp_username, $output, $return_var); - check_return_code($return_var,$output); - unset($output); - - continue; - } - - if (!empty($_POST['v_ftp'])) { - if (empty($v_ftp_user_data['v_ftp_user'])) $errors[] = __('ftp user'); - if (!empty($errors[0])) { - foreach ($errors as $i => $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - } - - // Change FTP account path - $v_ftp_username_for_emailing = $v_ftp_user_data['v_ftp_user']; - $v_ftp_username = $user . '_' . $v_ftp_user_data['v_ftp_user']; //preg_replace("/^".$user."_/", "", $v_ftp_user_data['v_ftp_user']); - $v_ftp_username = escapeshellarg($v_ftp_username); - $v_ftp_path = escapeshellarg(trim($v_ftp_user_data['v_ftp_path'])); - if(escapeshellarg(trim($v_ftp_user_data['v_ftp_path_prev'])) != $v_ftp_path) { - exec (VESTA_CMD."v-change-web-domain-ftp-path ".$v_username." ".$v_domain." ".$v_ftp_username." ".$v_ftp_path, $output, $return_var); - } - - // Change FTP account password - if (!empty($v_ftp_user_data['v_ftp_password'])) { - $v_ftp_password = tempnam("/tmp","vst"); - $fp = fopen($v_ftp_password, "w"); - fwrite($fp, $v_ftp_user_data['v_ftp_password']."\n"); - fclose($fp); - exec (VESTA_CMD."v-change-web-domain-ftp-password ".$v_username." ".$v_domain." ".$v_ftp_username." ".$v_ftp_password, $output, $return_var); - unlink($v_ftp_password); - - $to = $v_ftp_user_data['v_ftp_email']; - $subject = __("FTP login credentials"); - $hostname = exec('hostname'); - $from = __('MAIL_FROM',$hostname); - $mailtext = __('FTP_ACCOUNT_READY',$_GET['domain'],$user,$v_ftp_username_for_emailing,$v_ftp_user_data['v_ftp_password']); - send_email($to, $subject, $mailtext, $from); - unset($v_ftp_email); - } - check_return_code($return_var, $output); - unset($output); - - $v_ftp_users_updated[] = array( - 'is_new' => 0, - 'v_ftp_user' => $v_ftp_username, - 'v_ftp_password' => $v_ftp_user_data['v_ftp_password'], - 'v_ftp_path' => $v_ftp_user_data['v_ftp_path'], - 'v_ftp_email' => $v_ftp_user_data['v_ftp_email'], - 'v_ftp_pre_path' => $v_ftp_user_prepath - ); - } - } - } - - // Restart web server - if (!empty($restart_web) && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-restart-web", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Restart proxy server - if ((!empty($_SESSION['PROXY_SYSTEM'])) && !empty($restart_proxy) && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-restart-proxy", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Restart dns server - if (!empty($restart_dns) && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-restart-dns", $output, $return_var); - check_return_code($return_var,$output); - unset($output); - } - - // Set success message - if (empty($_SESSION['error_msg'])) { - $_SESSION['ok_msg'] = __('Changes has been saved.'); - } - -} - - -$v_ftp_users_raw = explode(':', $v_ftp_user); -$v_ftp_users_paths_raw = explode(':', $data[$v_domain]['FTP_PATH']); -$v_ftp_users = array(); -foreach ($v_ftp_users_raw as $v_ftp_user_index => $v_ftp_user_val) { - if (empty($v_ftp_user_val)) { - continue; - } - $v_ftp_users[] = array( - 'is_new' => 0, - 'v_ftp_user' => $v_ftp_user_val, - 'v_ftp_password' => $v_ftp_password, - 'v_ftp_path' => (isset($v_ftp_users_paths_raw[$v_ftp_user_index]) ? $v_ftp_users_paths_raw[$v_ftp_user_index] : ''), - 'v_ftp_email' => $v_ftp_email, - 'v_ftp_pre_path' => $v_ftp_user_prepath - ); -} - -if (empty($v_ftp_users)) { - $v_ftp_user = null; - $v_ftp_users[] = array( - 'is_new' => 1, - 'v_ftp_user' => '', - 'v_ftp_password' => '', - 'v_ftp_path' => (isset($v_ftp_users_paths_raw[$v_ftp_user_index]) ? $v_ftp_users_paths_raw[$v_ftp_user_index] : ''), - 'v_ftp_email' => '', - 'v_ftp_pre_path' => $v_ftp_user_prepath - ); -} - -// set default pre path for newly created users -$v_ftp_pre_path_new_user = $v_ftp_user_prepath; -if (isset($v_ftp_users_updated)) { - $v_ftp_users = $v_ftp_users_updated; - if (empty($v_ftp_users_updated)) { - $v_ftp_user = null; - $v_ftp_users[] = array( - 'is_new' => 1, - 'v_ftp_user' => '', - 'v_ftp_password' => '', - 'v_ftp_path' => (isset($v_ftp_users_paths_raw[$v_ftp_user_index]) ? $v_ftp_users_paths_raw[$v_ftp_user_index] : ''), - 'v_ftp_email' => '', - 'v_ftp_pre_path' => $v_ftp_user_prepath - ); - } -} - -// Render page -render_page($user, $TAB, 'edit_web'); - -// Flush session messages -unset($_SESSION['error_msg']); -unset($_SESSION['ok_msg']); + diff --git a/web/file_manager/index.php b/web/file_manager/index.php index 8df684698..30e3dec0b 100644 --- a/web/file_manager/index.php +++ b/web/file_manager/index.php @@ -1,3 +1 @@ - diff --git a/web/generate/ssl/index.php b/web/generate/ssl/index.php index 990fbc665..30e3dec0b 100644 --- a/web/generate/ssl/index.php +++ b/web/generate/ssl/index.php @@ -1,103 +1 @@ - $error) { - if ( $i == 0 ) { - $error_msg = $error; - } else { - $error_msg = $error_msg.", ".$error; - } - } - $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg); - render_page($user, $TAB, 'generate_ssl'); - unset($_SESSION['error_msg']); - exit; -} - -// Protect input -$v_domain = escapeshellarg($_POST['v_domain']); -$v_email = escapeshellarg($_POST['v_email']); -$v_country = escapeshellarg($_POST['v_country']); -$v_state = escapeshellarg($_POST['v_state']); -$v_locality = escapeshellarg($_POST['v_locality']); -$v_org = escapeshellarg($_POST['v_org']); - -exec (VESTA_CMD."v-generate-ssl-cert ".$v_domain." ".$v_email." ".$v_country." ".$v_state." ".$v_locality." ".$v_org." IT '' json", $output, $return_var); - -// Revert to raw values -$v_domain = $_POST['v_domain']; -$v_email = $_POST['v_email']; -$v_country = $_POST['v_country']; -$v_state = $_POST['v_state']; -$v_locality = $_POST['v_locality']; -$v_org = $_POST['v_org']; - -// Check return code -if ($return_var != 0) { - $error = implode('
', $output); - if (empty($error)) $error = __('Error code:',$return_var); - $_SESSION['error_msg'] = $error; - render_page($user, $TAB, 'generate_ssl'); - unset($_SESSION['error_msg']); - exit; -} - -// OK message -$_SESSION['ok_msg'] = __('SSL_GENERATED_OK'); - -// Parse output -$data = json_decode(implode('', $output), true); -unset($output); -$v_crt = $data[$v_domain]['CRT']; -$v_key = $data[$v_domain]['KEY']; -$v_csr = $data[$v_domain]['CSR']; - -// Back uri -$_SESSION['back'] = $_SERVER['REQUEST_URI']; - -// Render page -render_page($user, $TAB, 'list_ssl'); - -unset($_SESSION['ok_msg']); + diff --git a/web/index.php b/web/index.php index 2f0707473..30e3dec0b 100644 --- a/web/index.php +++ b/web/index.php @@ -1,7 +1 @@ - diff --git a/web/list/backup/exclusions/index.php b/web/list/backup/exclusions/index.php index 8089e8d72..30e3dec0b 100644 --- a/web/list/backup/exclusions/index.php +++ b/web/list/backup/exclusions/index.php @@ -1,17 +1 @@ - diff --git a/web/list/backup/index.php b/web/list/backup/index.php index 2e29a50ac..30e3dec0b 100644 --- a/web/list/backup/index.php +++ b/web/list/backup/index.php @@ -1,26 +1 @@ - diff --git a/web/list/cron/index.php b/web/list/cron/index.php index 230483cb5..30e3dec0b 100644 --- a/web/list/cron/index.php +++ b/web/list/cron/index.php @@ -1,18 +1 @@ - diff --git a/web/list/db/index.php b/web/list/db/index.php index 421290640..30e3dec0b 100644 --- a/web/list/db/index.php +++ b/web/list/db/index.php @@ -1,18 +1 @@ - diff --git a/web/list/directory/index.php b/web/list/directory/index.php index 7a57566ce..30e3dec0b 100644 --- a/web/list/directory/index.php +++ b/web/list/directory/index.php @@ -1,35 +1 @@ - 0 ) { - header("Location: /error/"); - exit; - } - $panel = json_decode(implode('', $output), true); -} - -$path_a = !empty($_REQUEST['dir_a']) ? htmlentities($_REQUEST['dir_a']) : ''; -$path_b = !empty($_REQUEST['dir_b']) ? htmlentities($_REQUEST['dir_b']) : ''; -$GLOBAL_JS = ''; -$GLOBAL_JS .= ''; -$GLOBAL_JS .= ''; - - -// Footer -include($_SERVER['DOCUMENT_ROOT'].'/templates/file_manager/main.php'); \ No newline at end of file + diff --git a/web/list/dns/index.php b/web/list/dns/index.php index 53d5980cc..30e3dec0b 100644 --- a/web/list/dns/index.php +++ b/web/list/dns/index.php @@ -1,26 +1 @@ - diff --git a/web/list/favorites/index.php b/web/list/favorites/index.php index 0ddc4c0b0..30e3dec0b 100644 --- a/web/list/favorites/index.php +++ b/web/list/favorites/index.php @@ -1,24 +1 @@ - Favorites:
'; - - // Data - exec (VESTA_CMD."v-list-user-favourites ".$_SESSION['user']." json", $output, $return_var); - - -// print_r(implode('', $output)); -// $json = '{ "Favourites": { "USER": "", "WEB": "bulletfarm.com", "DNS": "", "MAIL": "", "DB": "", "CRON": "", "BACKUP": "", "IP": "", "PACKAGE": "", "FIREWALL": ""}}'; -// $data = json_decode($json, true); - - - $data = json_decode(implode('', $output).'}', true); - $data = array_reverse($data,true); - - print_r($data); -// $data = array_reverse($data,true); - -// $data = json_decode(implode('', $output), true); - -?> \ No newline at end of file + diff --git a/web/list/firewall/banlist/index.php b/web/list/firewall/banlist/index.php index 6d8cddb4b..30e3dec0b 100644 --- a/web/list/firewall/banlist/index.php +++ b/web/list/firewall/banlist/index.php @@ -1,24 +1 @@ - diff --git a/web/list/firewall/index.php b/web/list/firewall/index.php index e4e3d4dfb..30e3dec0b 100644 --- a/web/list/firewall/index.php +++ b/web/list/firewall/index.php @@ -1,24 +1 @@ - diff --git a/web/list/index.php b/web/list/index.php index b0d34a3f8..30e3dec0b 100644 --- a/web/list/index.php +++ b/web/list/index.php @@ -1,8 +1 @@ - + diff --git a/web/list/ip/index.php b/web/list/ip/index.php index 04f4fbe72..30e3dec0b 100644 --- a/web/list/ip/index.php +++ b/web/list/ip/index.php @@ -1,25 +1 @@ - diff --git a/web/list/log/index.php b/web/list/log/index.php index 5c70e96e3..30e3dec0b 100644 --- a/web/list/log/index.php +++ b/web/list/log/index.php @@ -1,16 +1 @@ - diff --git a/web/list/mail/index.php b/web/list/mail/index.php index e389b3b14..30e3dec0b 100644 --- a/web/list/mail/index.php +++ b/web/list/mail/index.php @@ -1,26 +1 @@ - diff --git a/web/list/notifications/index.php b/web/list/notifications/index.php index 1323b5323..30e3dec0b 100644 --- a/web/list/notifications/index.php +++ b/web/list/notifications/index.php @@ -1,34 +1 @@ - $note){ - $note['ID'] = $key; - $data[$key] = $note; - } - echo json_encode($data); - exit; -} - - - -$TAB = 'NOTIFICATIONS'; - -// Data -exec (VESTA_CMD."v-list-user-notifications $user json", $output, $return_var); -$data = json_decode(implode('', $output), true); -$data = array_reverse($data,true); - -// Render page -render_page($user, $TAB, 'list_notifications'); - -// Back uri -$_SESSION['back'] = $_SERVER['REQUEST_URI']; + diff --git a/web/list/package/index.php b/web/list/package/index.php index 7d7f35e50..30e3dec0b 100644 --- a/web/list/package/index.php +++ b/web/list/package/index.php @@ -1,24 +1 @@ - diff --git a/web/list/rrd/index.php b/web/list/rrd/index.php index 2c30b530a..30e3dec0b 100644 --- a/web/list/rrd/index.php +++ b/web/list/rrd/index.php @@ -1,27 +1 @@ - diff --git a/web/list/server/index.php b/web/list/server/index.php index b71507782..30e3dec0b 100644 --- a/web/list/server/index.php +++ b/web/list/server/index.php @@ -1,128 +1 @@ -\n\n\n"; - exit(); -} - -// Memory info -if (isset($_GET['mem'])) { - $TAB = 'MEMORY'; - include($_SERVER['DOCUMENT_ROOT'].'/templates/admin/list_server_info.html'); - exec (VESTA_CMD.'v-list-sys-memory-status', $output, $return_var); - foreach($output as $file) { - echo $file . "\n"; - } - echo " \n\n\n"; - exit(); -} - -// Disk info -if (isset($_GET['disk'])) { - $TAB = 'DISK'; - include($_SERVER['DOCUMENT_ROOT'].'/templates/admin/list_server_info.html'); - exec (VESTA_CMD.'v-list-sys-disk-status', $output, $return_var); - foreach($output as $file) { - echo $file . "\n"; - } - echo " \n\n\n"; - exit(); -} - -// Network info -if (isset($_GET['net'])) { - $TAB = 'NETWORK'; - include($_SERVER['DOCUMENT_ROOT'].'/templates/admin/list_server_info.html'); - exec (VESTA_CMD.'v-list-sys-network-status', $output, $return_var); - foreach($output as $file) { - echo $file . "\n"; - } - echo " \n\n\n"; - exit(); -} - -// Web info -if (isset($_GET['web'])) { - $TAB = 'WEB'; - include($_SERVER['DOCUMENT_ROOT'].'/templates/admin/list_server_info.html'); - exec (VESTA_CMD.'v-list-sys-web-status', $output, $return_var); - foreach($output as $file) { - $file=str_replace('border="0"', 'border="1"', $file); - echo $file . "\n"; - } - echo " \n\n\n"; - exit(); -} - - -// DNS info -if (isset($_GET['dns'])) { - $TAB = 'DNS'; - include($_SERVER['DOCUMENT_ROOT'].'/templates/admin/list_server_info.html'); - exec (VESTA_CMD.'v-list-sys-dns-status', $output, $return_var); - foreach($output as $file) { - echo $file . "\n"; - } - echo " \n\n\n"; - exit(); -} - -// Mail info -if (isset($_GET['mail'])) { - $TAB = 'MAIL'; - include($_SERVER['DOCUMENT_ROOT'].'/templates/admin/list_server_info.html'); - exec (VESTA_CMD.'v-list-sys-mail-status', $output, $return_var); - if ($return_var == 0 ) { - foreach($output as $file) { - echo $file . "\n"; - } - } - echo " \n\n\n"; - exit(); -} - -// DB info -if (isset($_GET['db'])) { - $TAB = 'DB'; - include($_SERVER['DOCUMENT_ROOT'].'/templates/admin/list_server_info.html'); - exec (VESTA_CMD.'v-list-sys-db-status', $output, $return_var); - if ($return_var == 0 ) { - foreach($output as $file) { - echo $file . "\n"; - } - } - echo " \n\n\n"; - exit(); -} - -// Data -exec (VESTA_CMD."v-list-sys-info json", $output, $return_var); -$sys = json_decode(implode('', $output), true); -unset($output); -exec (VESTA_CMD."v-list-sys-services json", $output, $return_var); -$data = json_decode(implode('', $output), true); -unset($output); - -// Render page -render_page($user, $TAB, 'list_services'); - -// Back uri -$_SESSION['back'] = $_SERVER['REQUEST_URI']; + diff --git a/web/list/stats/index.php b/web/list/stats/index.php index 3c7306322..30e3dec0b 100644 --- a/web/list/stats/index.php +++ b/web/list/stats/index.php @@ -1,37 +1 @@ - diff --git a/web/list/updates/index.php b/web/list/updates/index.php index ef1f9b179..30e3dec0b 100644 --- a/web/list/updates/index.php +++ b/web/list/updates/index.php @@ -1,26 +1 @@ - diff --git a/web/list/user/index.php b/web/list/user/index.php index 302e8c144..30e3dec0b 100644 --- a/web/list/user/index.php +++ b/web/list/user/index.php @@ -1,21 +1 @@ - diff --git a/web/list/web-log/index.php b/web/list/web-log/index.php index effa56a5e..30e3dec0b 100644 --- a/web/list/web-log/index.php +++ b/web/list/web-log/index.php @@ -1,21 +1 @@ -\n\n\n"; + diff --git a/web/list/web/index.php b/web/list/web/index.php index 688dfeaa9..30e3dec0b 100644 --- a/web/list/web/index.php +++ b/web/list/web/index.php @@ -1,18 +1 @@ - diff --git a/web/login/index.php b/web/login/index.php index 36ea9fe5c..30e3dec0b 100644 --- a/web/login/index.php +++ b/web/login/index.php @@ -1,166 +1 @@ -".__('Login with root has been disabled').""; - } else { - // Get user's salt - $output = ''; - exec (VESTA_CMD."v-get-user-salt ".$v_user." ".$v_ip." json" , $output, $return_var); - $pam = json_decode(implode('', $output), true); - if ( $return_var > 0 ) { - $ERROR = "".__('Invalid username or password').""; - } else { - $user = $_POST['user']; - $password = $_POST['password']; - $salt = $pam[$user]['SALT']; - $method = $pam[$user]['METHOD']; - - if ($method == 'md5' ) { - $hash = crypt($password, '$1$'.$salt.'$'); - } - if ($method == 'sha-512' ) { - $hash = crypt($password, '$6$rounds=5000$'.$salt.'$'); - $hash = str_replace('$rounds=5000','',$hash); - } - if ($method == 'des' ) { - $hash = crypt($password, $salt); - } - - // Send hash via tmp file - $v_hash = exec('mktemp -p /tmp'); - $fp = fopen($v_hash, "w"); - fwrite($fp, $hash."\n"); - fclose($fp); - - // Check user hash - exec(VESTA_CMD ."v-check-user-hash ".$v_user." ".$v_hash." ".$v_ip, $output, $return_var); - unset($output); - - // Remove tmp file - unlink($v_hash); - - // Check API answer - if ( $return_var > 0 ) { - $ERROR = "".__('Invalid username or password').""; - } else { - - // Make root admin user - // if ($_POST['user'] == 'root') $v_user = 'admin'; - - // Get user speciefic parameters - exec (VESTA_CMD . "v-list-user ".$v_user." json", $output, $return_var); - $data = json_decode(implode('', $output), true); - - // Define session user - $_SESSION['user'] = key($data); - $v_user = $_SESSION['user']; - - // Get user favorites - get_favourites(); - - // Define language - $output = ''; - exec (VESTA_CMD."v-list-sys-languages json", $output, $return_var); - $languages = json_decode(implode('', $output), true); - if (in_array($data[$v_user]['LANGUAGE'], $languages)){ - $_SESSION['language'] = $data[$v_user]['LANGUAGE']; - } else { - $_SESSION['language'] = 'en'; - } - - // Regenerate session id to prevent session fixation - session_regenerate_id(true); - - // Redirect request to control panel interface - if (!empty($_SESSION['request_uri'])) { - header("Location: ".$_SESSION['request_uri']); - unset($_SESSION['request_uri']); - exit; - } else { - header("Location: /list/user/"); - exit; - } - } - } - } - } else { - $ERROR = "".__('Invalid or missing token').""; - } -} - -// Check system configuration -exec (VESTA_CMD . "v-list-sys-config json", $output, $return_var); -$data = json_decode(implode('', $output), true); -$sys_arr = $data['config']; -foreach ($sys_arr as $key => $value) { - $_SESSION[$key] = $value; -} - -// Detect language -if (empty($_SESSION['language'])) { - $output = ''; - exec (VESTA_CMD."v-list-sys-config json", $output, $return_var); - $config = json_decode(implode('', $output), true); - $lang = $config['config']['LANGUAGE']; - - $output = ''; - exec (VESTA_CMD."v-list-sys-languages json", $output, $return_var); - $languages = json_decode(implode('', $output), true); - if(in_array($lang, $languages)){ - $_SESSION['language'] = $lang; - } - else { - $_SESSION['language'] = 'en'; - } -} - -// Generate CSRF token -$token = bin2hex(file_get_contents('/dev/urandom', false, null, 0, 16)); -$_SESSION['token'] = $token; - -require_once($_SERVER['DOCUMENT_ROOT'].'/inc/i18n/'.$_SESSION['language'].'.php'); -require_once('../templates/header.html'); -require_once('../templates/login.html'); + diff --git a/web/logout/index.php b/web/logout/index.php index 51c89198a..30e3dec0b 100644 --- a/web/logout/index.php +++ b/web/logout/index.php @@ -1,13 +1 @@ - + diff --git a/web/reset/index.php b/web/reset/index.php index e4a7608fb..30e3dec0b 100644 --- a/web/reset/index.php +++ b/web/reset/index.php @@ -1,93 +1 @@ - 0 ) { - $ERROR = "".__('An internal error occurred').""; - } else { - $_SESSION['user'] = $_POST['user']; - header("Location: /"); - exit; - } - } else { - $ERROR = "".__('Invalid username or code').""; - } - } else { - $ERROR = "".__('Invalid username or code').""; - } - } else { - $ERROR = "".__('Passwords not match').""; - } -} - -// Detect language -if (empty($_SESSION['language'])) $_SESSION['language'] = detect_user_language(); - -if (empty($_GET['action'])) { - require_once '../templates/header.html'; - require_once '../templates/reset_1.html'; -} else { - require_once '../templates/header.html'; - if ($_GET['action'] == 'code' ) { - require_once '../templates/reset_2.html'; - } - if (($_GET['action'] == 'confirm' ) && (!empty($_GET['code']))) { - require_once '../templates/reset_3.html'; - } -} - -?> + diff --git a/web/reset/mail/index.php b/web/reset/mail/index.php index 2e7d8c72a..30e3dec0b 100644 --- a/web/reset/mail/index.php +++ b/web/reset/mail/index.php @@ -1,165 +1 @@ - $arr_val) { - // search for NAT IPs and allow them - if ($ip==$arr_key || $ip==$arr_val['NAT']) { - $ok=1; - break; - } -} -if ($ip == $_SERVER['SERVER_ADDR']) $ok=1; -if ($ip == '127.0.0.1') $ok=1; -if ($ok==0) exit; - -// -// sourceforge.net/projects/postfixadmin/ -// md5crypt -// Action: Creates MD5 encrypted password -// Call: md5crypt (string cleartextpassword) -// - -function md5crypt ($pw, $salt="", $magic="") -{ - $MAGIC = "$1$"; - - if ($magic == "") $magic = $MAGIC; - if ($salt == "") $salt = create_salt (); - $slist = explode ("$", $salt); - if ($slist[0] == "1") $salt = $slist[1]; - - $salt = substr ($salt, 0, 8); - $ctx = $pw . $magic . $salt; - $final = hex2bin (md5 ($pw . $salt . $pw)); - - for ($i=strlen ($pw); $i>0; $i-=16) - { - if ($i > 16) - { - $ctx .= substr ($final,0,16); - } - else - { - $ctx .= substr ($final,0,$i); - } - } - $i = strlen ($pw); - - while ($i > 0) - { - if ($i & 1) $ctx .= chr (0); - else $ctx .= $pw[0]; - $i = $i >> 1; - } - $final = hex2bin (md5 ($ctx)); - - for ($i=0;$i<1000;$i++) - { - $ctx1 = ""; - if ($i & 1) - { - $ctx1 .= $pw; - } - else - { - $ctx1 .= substr ($final,0,16); - } - if ($i % 3) $ctx1 .= $salt; - if ($i % 7) $ctx1 .= $pw; - if ($i & 1) - { - $ctx1 .= substr ($final,0,16); - } - else - { - $ctx1 .= $pw; - } - $final = hex2bin (md5 ($ctx1)); - } - $passwd = ""; - $passwd .= to64 (((ord ($final[0]) << 16) | (ord ($final[6]) << 8) | (ord ($final[12]))), 4); - $passwd .= to64 (((ord ($final[1]) << 16) | (ord ($final[7]) << 8) | (ord ($final[13]))), 4); - $passwd .= to64 (((ord ($final[2]) << 16) | (ord ($final[8]) << 8) | (ord ($final[14]))), 4); - $passwd .= to64 (((ord ($final[3]) << 16) | (ord ($final[9]) << 8) | (ord ($final[15]))), 4); - $passwd .= to64 (((ord ($final[4]) << 16) | (ord ($final[10]) << 8) | (ord ($final[5]))), 4); - $passwd .= to64 (ord ($final[11]), 2); - return "$magic$salt\$$passwd"; -} - - -// -// sourceforge.net/projects/postfixadmin/ -// to64 -// - -function to64 ($v, $n) -{ - $ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; - $ret = ""; - while (($n - 1) >= 0) - { - $n--; - $ret .= $ITOA64[$v & 0x3f]; - $v = $v >> 6; - } - return $ret; -} - - -// Check arguments -if ((!empty($_POST['email'])) && (!empty($_POST['password'])) && (!empty($_POST['new']))) { - list($v_account, $v_domain) = explode('@', $_POST['email']); - $v_domain = escapeshellarg($v_domain); - $v_account = escapeshellarg($v_account); - $v_password = $_POST['password']; - - // Get domain owner - exec (VESTA_CMD."v-search-domain-owner ".$v_domain." mail", $output, $return_var); - if (($return_var == 0) && (!empty($output[0]))) { - $v_user = escapeshellarg($output[0]); - } - unset($output); - - // Get current md5 hash - if (!empty($v_user)) { - exec (VESTA_CMD."v-get-mail-account-value ".$v_user." ".$v_domain." ".$v_account." md5", $output, $return_var); - if ($return_var == 0) { - $v_hash = $output[0]; - } - } - unset($output); - - // Compare hashes - if (!empty($v_hash)) { - $salt = explode('$', $v_hash); - $n_hash = md5crypt($v_password, $salt[2]); - $n_hash = '{MD5}'.$n_hash; - - // Change password - if ( $v_hash == $n_hash ) { - $v_new_password = tempnam("/tmp","vst"); - $fp = fopen($v_new_password, "w"); - fwrite($fp, $_POST['new']."\n"); - fclose($fp); - exec (VESTA_CMD."v-change-mail-account-password ".$v_user." ".$v_domain." ".$v_account." ".$v_new_password, $output, $return_var); - if ($return_var == 0) { - echo "ok"; - exit; - } - } - } -} - -echo 'error'; - -exit; + diff --git a/web/restart/service/index.php b/web/restart/service/index.php index eb07e8569..30e3dec0b 100644 --- a/web/restart/service/index.php +++ b/web/restart/service/index.php @@ -1,32 +1 @@ -', $output); - if (empty($error)) $error = __('SERVICE_ACTION_FAILED',__('restart'),$v_service); - $_SESSION['error_msg'] = $error; - } - unset($output); -} - -header("Location: /list/server/"); -exit; + diff --git a/web/restart/system/index.php b/web/restart/system/index.php index 4e09745ed..30e3dec0b 100644 --- a/web/restart/system/index.php +++ b/web/restart/system/index.php @@ -1,23 +1 @@ - diff --git a/web/schedule/backup/index.php b/web/schedule/backup/index.php index 67c7b44ff..30e3dec0b 100644 --- a/web/schedule/backup/index.php +++ b/web/schedule/backup/index.php @@ -1,25 +1 @@ -', $output); - if (empty($_SESSION['error_msg'])) { - $_SESSION['error_msg'] = __('Error: vesta did not return any output.'); - } - - if ($return_var == 4) { - $_SESSION['error_msg'] = __('BACKUP_EXISTS'); - } - -} -unset($output); -header("Location: /list/backup/"); -exit; + diff --git a/web/schedule/restore/index.php b/web/schedule/restore/index.php index ce7d5d03d..30e3dec0b 100644 --- a/web/schedule/restore/index.php +++ b/web/schedule/restore/index.php @@ -1,44 +1 @@ -', $output); - if (empty($_SESSION['error_msg'])) { - $_SESSION['error_msg'] = __('Error: vesta did not return any output.'); - } - if ($return_var == 4) { - $_SESSION['error_msg'] = __('RESTORE_EXISTS'); - } -} - -header("Location: /list/backup/?backup=" . $_GET['backup']); + diff --git a/web/search/index.php b/web/search/index.php index 808b6f41f..30e3dec0b 100644 --- a/web/search/index.php +++ b/web/search/index.php @@ -1,33 +1 @@ - diff --git a/web/start/service/index.php b/web/start/service/index.php index 943019c4f..30e3dec0b 100644 --- a/web/start/service/index.php +++ b/web/start/service/index.php @@ -1,26 +1 @@ -', $output); - if (empty($error)) $error = __('SERVICE_ACTION_FAILED',__('start'),$v_service);; - $_SESSION['error_srv'] = $error; - } - unset($output); -} - -header("Location: /list/server/"); -exit; + diff --git a/web/stop/service/index.php b/web/stop/service/index.php index fea495b06..30e3dec0b 100644 --- a/web/stop/service/index.php +++ b/web/stop/service/index.php @@ -1,30 +1 @@ -', $output); - if (empty($error)) { - $error = __('SERVICE_ACTION_FAILED', __('stop'), $v_service); - } - - $_SESSION['error_srv'] = $error; - } - unset($output); -} - -header("Location: /list/server/"); -exit; + diff --git a/web/suspend/cron/index.php b/web/suspend/cron/index.php index 3bf40a615..30e3dec0b 100644 --- a/web/suspend/cron/index.php +++ b/web/suspend/cron/index.php @@ -1,37 +1 @@ - diff --git a/web/suspend/db/index.php b/web/suspend/db/index.php index a335a5b41..30e3dec0b 100644 --- a/web/suspend/db/index.php +++ b/web/suspend/db/index.php @@ -1,39 +1 @@ - diff --git a/web/suspend/dns/index.php b/web/suspend/dns/index.php index 300672f51..30e3dec0b 100644 --- a/web/suspend/dns/index.php +++ b/web/suspend/dns/index.php @@ -1,64 +1 @@ - diff --git a/web/suspend/firewall/index.php b/web/suspend/firewall/index.php index 40f8adaf3..30e3dec0b 100644 --- a/web/suspend/firewall/index.php +++ b/web/suspend/firewall/index.php @@ -1,34 +1 @@ - diff --git a/web/suspend/mail/index.php b/web/suspend/mail/index.php index e96bde2e8..30e3dec0b 100644 --- a/web/suspend/mail/index.php +++ b/web/suspend/mail/index.php @@ -1,64 +1 @@ - diff --git a/web/suspend/user/index.php b/web/suspend/user/index.php index 8f355941f..30e3dec0b 100644 --- a/web/suspend/user/index.php +++ b/web/suspend/user/index.php @@ -1,34 +1 @@ - diff --git a/web/suspend/web/index.php b/web/suspend/web/index.php index 23ae3cda3..30e3dec0b 100644 --- a/web/suspend/web/index.php +++ b/web/suspend/web/index.php @@ -1,40 +1 @@ - diff --git a/web/unsuspend/cron/index.php b/web/unsuspend/cron/index.php index b1e2c5b51..30e3dec0b 100644 --- a/web/unsuspend/cron/index.php +++ b/web/unsuspend/cron/index.php @@ -1,40 +1 @@ - diff --git a/web/unsuspend/db/index.php b/web/unsuspend/db/index.php index e66d98a3e..30e3dec0b 100644 --- a/web/unsuspend/db/index.php +++ b/web/unsuspend/db/index.php @@ -1,39 +1 @@ - diff --git a/web/unsuspend/dns/index.php b/web/unsuspend/dns/index.php index 13e69eb50..30e3dec0b 100644 --- a/web/unsuspend/dns/index.php +++ b/web/unsuspend/dns/index.php @@ -1,72 +1 @@ -', $output); - if (empty($error)) $error = __('Error: vesta did not return any output.'); - $_SESSION['error_msg'] = $error; - } - unset($output); - $back=getenv("HTTP_REFERER"); - if (!empty($back)) { - header("Location: ".$back); - exit; - } - header("Location: /list/dns/"); - exit; -} - -// DNS record -if ((!empty($_GET['domain'])) && (!empty($_GET['record_id']))) { - $v_username = escapeshellarg($user); - $v_domain = escapeshellarg($_GET['domain']); - $v_record_id = escapeshellarg($_GET['record_id']); - exec (VESTA_CMD."v-unsuspend-dns-record ".$v_username." ".$v_domain." ".$v_record_id, $output, $return_var); - if ($return_var != 0) { - $error = implode('
', $output); - if (empty($error)) $error = __('Error: vesta did not return any output.'); - $_SESSION['error_msg'] = $error; - } - unset($output); - $back=getenv("HTTP_REFERER"); - if (!empty($back)) { - header("Location: ".$back); - exit; - } - header("Location: /list/dns/?domain=".$_GET['domain']); - exit; -} - -$back=getenv("HTTP_REFERER"); -if (!empty($back)) { - header("Location: ".$back); - exit; -} - -header("Location: /list/dns/"); -exit; + diff --git a/web/unsuspend/firewall/index.php b/web/unsuspend/firewall/index.php index ec3843e9f..30e3dec0b 100644 --- a/web/unsuspend/firewall/index.php +++ b/web/unsuspend/firewall/index.php @@ -1,34 +1 @@ - diff --git a/web/unsuspend/mail/index.php b/web/unsuspend/mail/index.php index 158cb73ca..30e3dec0b 100644 --- a/web/unsuspend/mail/index.php +++ b/web/unsuspend/mail/index.php @@ -1,72 +1 @@ -', $output); - if (empty($error)) $error = __('Error: vesta did not return any output.'); - $_SESSION['error_msg'] = $error; - } - unset($output); - $back=getenv("HTTP_REFERER"); - if (!empty($back)) { - header("Location: ".$back); - exit; - } - header("Location: /list/mail/"); - exit; -} - -// Mail account -if ((!empty($_GET['domain'])) && (!empty($_GET['account']))) { - $v_username = escapeshellarg($user); - $v_domain = escapeshellarg($_GET['domain']); - $v_account = escapeshellarg($_GET['account']); - exec (VESTA_CMD."v-unsuspend-mail-account ".$v_username." ".$v_domain." ".$v_account, $output, $return_var); - if ($return_var != 0) { - $error = implode('
', $output); - if (empty($error)) $error = __('Error: vesta did not return any output.'); - $_SESSION['error_msg'] = $error; - } - unset($output); - $back=getenv("HTTP_REFERER"); - if (!empty($back)) { - header("Location: ".$back); - exit; - } - header("Location: /list/mail/?domain=".$_GET['domain']); - exit; -} - -$back=getenv("HTTP_REFERER"); -if (!empty($back)) { - header("Location: ".$back); - exit; -} - -header("Location: /list/mail/"); -exit; + diff --git a/web/unsuspend/user/index.php b/web/unsuspend/user/index.php index 7aff155e6..30e3dec0b 100644 --- a/web/unsuspend/user/index.php +++ b/web/unsuspend/user/index.php @@ -1,35 +1 @@ - diff --git a/web/unsuspend/web/index.php b/web/unsuspend/web/index.php index 760cc169e..30e3dec0b 100644 --- a/web/unsuspend/web/index.php +++ b/web/unsuspend/web/index.php @@ -1,37 +1 @@ - diff --git a/web/update/vesta/index.php b/web/update/vesta/index.php index fa7ca2c4e..30e3dec0b 100644 --- a/web/update/vesta/index.php +++ b/web/update/vesta/index.php @@ -1,29 +1 @@ -', $output); - if (empty($error)) $error = 'Error: '.$v_pkg.' update failed'; - $_SESSION['error_msg'] = $error; - } - unset($output); -} - -header("Location: /list/updates/"); -exit; + diff --git a/web/upload/index.php b/web/upload/index.php index 3ae1295ef..30e3dec0b 100644 --- a/web/upload/index.php +++ b/web/upload/index.php @@ -1,15 +1 @@ - diff --git a/web/view/file/index.php b/web/view/file/index.php index e3e77249a..30e3dec0b 100644 --- a/web/view/file/index.php +++ b/web/view/file/index.php @@ -1,43 +1 @@ - - - - - - fotorama - - - - - -
- -
- - +