From 5731f5ffffeecb95ce60ed3103e13e869d61e9e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maurice=20Preu=C3=9F=20=28envoyr=29?= Date: Sun, 21 May 2023 20:51:18 +0200 Subject: [PATCH 01/87] add pgp public key encryption for backup MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Maurice Preuß (envoyr) --- lib/Froxlor/Api/Commands/CustomerBackups.php | 18 +++++++++ lib/Froxlor/Cron/System/BackupCron.php | 38 +++++++++++++------ lib/Froxlor/Install/Install.php | 2 +- lib/configfiles/bionic.xml | 2 +- lib/configfiles/bookworm.xml | 2 +- lib/configfiles/bullseye.xml | 2 +- lib/configfiles/buster.xml | 2 +- lib/configfiles/focal.xml | 2 +- lib/configfiles/gentoo.xml | 2 +- lib/configfiles/jammy.xml | 2 +- .../customer/extras/formfield.backup.php | 5 +++ .../customer/tablelisting.backups.php | 6 +++ lng/de.lng.php | 7 ++++ lng/en.lng.php | 7 ++++ 14 files changed, 78 insertions(+), 19 deletions(-) diff --git a/lib/Froxlor/Api/Commands/CustomerBackups.php b/lib/Froxlor/Api/Commands/CustomerBackups.php index efbbaa66..412bc0b6 100644 --- a/lib/Froxlor/Api/Commands/CustomerBackups.php +++ b/lib/Froxlor/Api/Commands/CustomerBackups.php @@ -49,6 +49,8 @@ class CustomerBackups extends ApiCommand implements ResourceEntity * * @param string $path * path to store the backup to + * @param string $pgp_public_key + * optional pgp public key to encrypt the backup, default is empty * @param bool $backup_dbs * optional whether to backup databases, default is 0 (false) * @param bool $backup_mail @@ -72,6 +74,7 @@ class CustomerBackups extends ApiCommand implements ResourceEntity $path = $this->getParam('path'); // parameter + $pgp_public_key = $this->getParam('pgp_public_key', true, ''); $backup_dbs = $this->getBoolParam('backup_dbs', true, 0); $backup_mail = $this->getBoolParam('backup_mail', true, 0); $backup_web = $this->getBoolParam('backup_web', true, 0); @@ -89,6 +92,19 @@ class CustomerBackups extends ApiCommand implements ResourceEntity Response::standardError('backupfoldercannotbedocroot', '', true); } + // pgp public key validation + if (!empty($pgp_public_key)) { + // check if gnupg extension is loaded + if (!extension_loaded('gnupg')) { + Response::standardError('gnupgextensionnotavailable', '', true); + } + // check if the pgp public key is a valid key + putenv('GNUPGHOME='.sys_get_temp_dir()); + if (gnupg_import(gnupg_init(), $pgp_public_key) === false) { + Response::standardError('invalidpgppublickey', '', true); + } + } + if ($backup_dbs != '1') { $backup_dbs = '0'; } @@ -107,10 +123,12 @@ class CustomerBackups extends ApiCommand implements ResourceEntity 'gid' => $customer['guid'], 'loginname' => $customer['loginname'], 'destdir' => $path, + 'pgp_public_key' => $pgp_public_key, 'backup_dbs' => $backup_dbs, 'backup_mail' => $backup_mail, 'backup_web' => $backup_web ]; + // schedule backup job Cronjob::inserttask(TaskId::CREATE_CUSTOMER_BACKUP, $task_data); diff --git a/lib/Froxlor/Cron/System/BackupCron.php b/lib/Froxlor/Cron/System/BackupCron.php index 5b818b56..eb67522c 100644 --- a/lib/Froxlor/Cron/System/BackupCron.php +++ b/lib/Froxlor/Cron/System/BackupCron.php @@ -36,9 +36,9 @@ class BackupCron extends FroxlorCron public static function run() { - // Check Traffic-Lock - if (function_exists('pcntl_fork')) { - $BackupLock = FileDir::makeCorrectFile(dirname(self::getLockfile()) . "/froxlor_cron_backup.lock"); + // Check Backup-Lock + if (function_exists('pcntl_fork') && !defined('CRON_NOFORK_FLAG')) { + $BackupLock = FileDir::makeCorrectFile("/var/run/froxlor_cron_backup.lock"); if (file_exists($BackupLock) && is_numeric($BackupPid = file_get_contents($BackupLock))) { if (function_exists('posix_kill')) { $BackupPidStatus = @posix_kill($BackupPid, 0); @@ -69,7 +69,7 @@ class BackupCron extends FroxlorCron // Fork failed return 1; } - } else { + } elseif (!defined('CRON_NOFORK_FLAG')) { if (extension_loaded('pcntl')) { $msg = "PHP compiled with pcntl but pcntl_fork function is not available."; } else { @@ -114,7 +114,8 @@ class BackupCron extends FroxlorCron ]); } - if (function_exists('pcntl_fork')) { + + if (function_exists('pcntl_fork') && !defined('CRON_NOFORK_FLAG')) { @unlink($BackupLock); die(); } @@ -152,7 +153,7 @@ class BackupCron extends FroxlorCron ]); $has_dbs = false; - $current_dbserver = null; + $current_dbserver = -1; while ($row = $sel_stmt->fetch()) { // Get sql_root data for the specific database-server the database resides on if ($current_dbserver != $row['dbserver']) { @@ -183,7 +184,9 @@ class BackupCron extends FroxlorCron $create_backup_tar_data .= './mysql '; } - unlink($mysqlcnf_file); + if (file_exists($mysqlcnf_file)) { + unlink($mysqlcnf_file); + } unset($sql_root); } @@ -223,11 +226,24 @@ class BackupCron extends FroxlorCron } if (!empty($create_backup_tar_data)) { - $backup_file = FileDir::makeCorrectFile($tmpdir . '/' . $data['loginname'] . '-backup_' . date('YmdHi', time()) . '.tar.gz'); + // set owner to customer + $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> chown -R ' . (int)$data['uid'] . ':' . (int)$data['gid'] . ' ' . escapeshellarg($tmpdir)); + FileDir::safe_exec('chown -R ' . (int)$data['uid'] . ':' . (int)$data['gid'] . ' ' . escapeshellarg($tmpdir)); + // create tar-file + $backup_file = FileDir::makeCorrectFile($tmpdir . '/' . $data['loginname'] . '-backup_' . date('YmdHi', time()) . '.tar.gz' . (!empty($data['pgp_public_key']) ? '.gpg' : '')); $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'Creating backup-file "' . $backup_file . '"'); - // pack all archives in tmp-dir to one - $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> tar cfz ' . escapeshellarg($backup_file) . ' -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_backup_tar_data)); - FileDir::safe_exec('tar cfz ' . escapeshellarg($backup_file) . ' -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_backup_tar_data)); + if (!empty($data['pgp_public_key'])){ + // pack all archives in tmp-dir to one archive and encrypt it with gpg + $recipient_file = FileDir::makeCorrectFile($tmpdir . '/' . $data['loginname'] . '-recipients.gpg'); + $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'Creating recipient-file "' . $recipient_file . '"'); + file_put_contents($recipient_file, $data['pgp_public_key']); + $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> tar cfz - -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_backup_tar_data) . ' | gpg --encrypt --recipient-file '. escapeshellarg($recipient_file) .' --output ' . escapeshellarg($backup_file) . ' --trust-model always --batch --yes'); + FileDir::safe_exec('tar cfz - -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_backup_tar_data) . ' | gpg --encrypt --recipient-file '. escapeshellarg($recipient_file) .' --output ' . escapeshellarg($backup_file) . ' --trust-model always --batch --yes', $return_value, ['|']); + } else { + // pack all archives in tmp-dir to one archive + $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> tar cfz ' . escapeshellarg($backup_file) . ' -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_backup_tar_data)); + FileDir::safe_exec('tar cfz ' . escapeshellarg($backup_file) . ' -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_backup_tar_data)); + } // move to destination directory $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> mv ' . escapeshellarg($backup_file) . ' ' . escapeshellarg($data['destdir'])); FileDir::safe_exec('mv ' . escapeshellarg($backup_file) . ' ' . escapeshellarg($data['destdir'])); diff --git a/lib/Froxlor/Install/Install.php b/lib/Froxlor/Install/Install.php index ebf322cb..ebed9fdb 100644 --- a/lib/Froxlor/Install/Install.php +++ b/lib/Froxlor/Install/Install.php @@ -43,7 +43,7 @@ class Install public $formfield; public string $requiredVersion = '7.4.0'; public array $requiredExtensions = ['session', 'ctype', 'xml', 'filter', 'posix', 'mbstring', 'curl', 'gmp', 'json', 'gd']; - public array $suggestedExtensions = ['bcmath', 'zip']; + public array $suggestedExtensions = ['bcmath', 'zip', 'gnupg']; public array $suggestions = []; public array $criticals = []; public array $loadedExtensions; diff --git a/lib/configfiles/bionic.xml b/lib/configfiles/bionic.xml index f4edb083..22dd1233 100644 --- a/lib/configfiles/bionic.xml +++ b/lib/configfiles/bionic.xml @@ -4717,7 +4717,7 @@ aliases: files - + bin/froxlor-cli /usr/local/bin/froxlor-cli]]> bin/froxlor-cli froxlor:cron --run-task 99]]> diff --git a/lib/configfiles/bookworm.xml b/lib/configfiles/bookworm.xml index 1cf35604..f82d87d4 100644 --- a/lib/configfiles/bookworm.xml +++ b/lib/configfiles/bookworm.xml @@ -3359,7 +3359,7 @@ aliases: files - + bin/froxlor-cli /usr/local/bin/froxlor-cli]]> bin/froxlor-cli froxlor:cron --run-task 99]]> diff --git a/lib/configfiles/bullseye.xml b/lib/configfiles/bullseye.xml index b9bd8053..2e8fe249 100644 --- a/lib/configfiles/bullseye.xml +++ b/lib/configfiles/bullseye.xml @@ -4929,7 +4929,7 @@ aliases: files - + bin/froxlor-cli /usr/local/bin/froxlor-cli]]> bin/froxlor-cli froxlor:cron --run-task 99]]> diff --git a/lib/configfiles/buster.xml b/lib/configfiles/buster.xml index f1bdbe82..17c988e8 100644 --- a/lib/configfiles/buster.xml +++ b/lib/configfiles/buster.xml @@ -4920,7 +4920,7 @@ aliases: files - + bin/froxlor-cli /usr/local/bin/froxlor-cli]]> bin/froxlor-cli froxlor:cron --run-task 99]]> diff --git a/lib/configfiles/focal.xml b/lib/configfiles/focal.xml index cce32d7d..862a80b6 100644 --- a/lib/configfiles/focal.xml +++ b/lib/configfiles/focal.xml @@ -4156,7 +4156,7 @@ aliases: files - + bin/froxlor-cli /usr/local/bin/froxlor-cli]]> bin/froxlor-cli froxlor:cron --run-task 99]]> diff --git a/lib/configfiles/gentoo.xml b/lib/configfiles/gentoo.xml index a03d6a16..aecee819 100644 --- a/lib/configfiles/gentoo.xml +++ b/lib/configfiles/gentoo.xml @@ -3934,7 +3934,7 @@ aliases: files - + bin/froxlor-cli /usr/local/bin/froxlor-cli]]> bin/froxlor-cli froxlor:cron --run-task 99]]> diff --git a/lib/configfiles/jammy.xml b/lib/configfiles/jammy.xml index cc324a71..c7f7172e 100644 --- a/lib/configfiles/jammy.xml +++ b/lib/configfiles/jammy.xml @@ -4148,7 +4148,7 @@ aliases: files - + bin/froxlor-cli /usr/local/bin/froxlor-cli]]> bin/froxlor-cli froxlor:cron --run-task 99]]> diff --git a/lib/formfields/customer/extras/formfield.backup.php b/lib/formfields/customer/extras/formfield.backup.php index d6cdce7a..b8fe8898 100644 --- a/lib/formfields/customer/extras/formfield.backup.php +++ b/lib/formfields/customer/extras/formfield.backup.php @@ -35,6 +35,11 @@ return [ 'value' => $pathSelect['value'], 'note' => $pathSelect['note'] ?? '', ], + 'pgp_public_key' => [ + 'label' => lng('panel.backup_pgp_public_key.title'), + 'desc' => lng('panel.backup_pgp_public_key.description'), + 'type' => 'textarea', + ], 'path_protection_info' => [ 'label' => lng('extras.path_protection_label'), 'type' => 'infotext', diff --git a/lib/tablelisting/customer/tablelisting.backups.php b/lib/tablelisting/customer/tablelisting.backups.php index 1ccf3d10..8b5f2b24 100644 --- a/lib/tablelisting/customer/tablelisting.backups.php +++ b/lib/tablelisting/customer/tablelisting.backups.php @@ -39,6 +39,11 @@ return [ 'field' => 'data.destdir', 'callback' => [Ftp::class, 'pathRelative'] ], + 'pgp_public_key' => [ + 'label' => lng('panel.pgp_public_key'), + 'field' => 'data.pgp_public_key', + 'callback' => [Text::class, 'boolean'] + ], 'backup_web' => [ 'label' => lng('extras.backup_web'), 'field' => 'data.backup_web', @@ -57,6 +62,7 @@ return [ ], 'visible_columns' => Listing::getVisibleColumnsForListing('backup_list', [ 'destdir', + 'pgp_public_key', 'backup_web', 'backup_mail', 'backup_dbs' diff --git a/lng/de.lng.php b/lng/de.lng.php index c331ccd5..7ce6d207 100644 --- a/lng/de.lng.php +++ b/lng/de.lng.php @@ -927,6 +927,8 @@ return [ 'invalidcronjobintervalvalue' => 'Cronjob Intervall muss einer der folgenden Werte sein: %s', 'phpgdextensionnotavailable' => 'Die PHP GD Extension ist nicht verfügbar. Bild-Daten können nicht validiert werden.', '2fa_wrongcode' => 'Der angegebene Code ist nicht korrekt', + 'gnupgextensionnotavailable' => 'Die PHP GnuPG Extension ist nicht verfügbar. PGP Schlüssel können nicht validiert werden.', + 'invalidpgppublickey' => 'Der angegebene PGP Public Key ist ungültig', ], 'extras' => [ 'description' => 'Hier können Sie zusätzliche Extras einrichten, wie zum Beispiel einen Verzeichnisschutz.
Die Änderungen sind erst nach einer kurzen Zeit wirksam.', @@ -1198,6 +1200,11 @@ Vielen Dank, Ihr Administrator', 'title' => 'Pfad zur Ablage der Backups', 'description' => 'In diesem Ordner werden die Backups abgelegt. Wenn das Sichern von Web-Daten aktiviert ist, werden alle Dateien aus dem Heimatverzeichnis gesichert, exklusive des hier angegebenen Backup-Ordners.', ], + 'backup_pgp_public_key' => [ + 'title' => 'Öffentlicher PGP-Schlüssel', + 'description' => 'Der öffentliche PGP-Schlüssel, mit dem die Backups verschlüsselt werden sollen. Wenn kein Schlüssel angegeben ist, werden die Backups nicht verschlüsselt.', + ], + 'pgp_public_key' => 'Öffentlicher PGP-Schlüssel', 'none_value' => 'Keine', 'viewlogs' => 'Logdateien einsehen', 'not_configured' => 'Das System wurde noch nicht konfiguriert. Klicke auf den Button um die Installation zu starten.', diff --git a/lng/en.lng.php b/lng/en.lng.php index e4645ca3..0a05daf4 100644 --- a/lng/en.lng.php +++ b/lng/en.lng.php @@ -996,6 +996,8 @@ return [ 'invalidcronjobintervalvalue' => 'Cronjob interval must be one of: %s', 'phpgdextensionnotavailable' => 'The PHP GD extension is not available. Unable to validate image-data', '2fa_wrongcode' => 'The code entered is not valid', + 'gnupgextensionnotavailable' => 'The PHP GnuPG extension is not available. Unable to validate PGP Public Key', + 'invalidpgppublickey' => 'The PGP Public Key is not valid', ], 'extras' => [ 'description' => 'Here you can add some extras, for example directory protection.
The system will need some time to apply the new settings after every change.', @@ -1310,6 +1312,11 @@ Yours sincerely, your administrator', 'title' => 'Destination path for the backup', 'description' => 'This is the path where the backups will be stored. If backup of web-data is selected, all files from the homedir are stored excluding the backup-folder specified here.', ], + 'backup_pgp_public_key' => [ + 'title' => 'Public PGP key for encryption', + 'description' => 'This is the public PGP key which will be used to encrypt the backup. If you leave this field empty, the backup will not be encrypted.', + ], + 'pgp_public_key' => 'Public PGP key', 'none_value' => 'None', 'viewlogs' => 'View logfiles', 'not_configured' => 'System not configured yet. Click here to go to configurations.', From c1f03c1683c7a43f0bb1797dbc3e88c240f3bdf9 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Tue, 23 May 2023 14:36:45 +0200 Subject: [PATCH 02/87] remove 'main but subdomain' as we now automatically create the correct order of vhost configs and dns zones Signed-off-by: Michael Kaufmann --- admin_domains.php | 48 ++-------------- install/froxlor.sql.php | 1 - install/updates/froxlor/update_2.x.inc.php | 8 +++ lib/Froxlor/Api/Commands/Domains.php | 55 ++----------------- lib/Froxlor/Cron/Dns/Bind.php | 6 +- lib/Froxlor/Cron/Dns/DnsBase.php | 24 ++++---- lib/Froxlor/Cron/Dns/PowerDNS.php | 6 +- lib/Froxlor/Cron/Http/Apache.php | 23 -------- lib/Froxlor/Cron/Http/HttpConfigBase.php | 15 +++++ lib/Froxlor/Cron/Http/Lighttpd.php | 21 +------ lib/Froxlor/Cron/Http/Nginx.php | 20 ------- lib/Froxlor/Domain/Domain.php | 49 +++++------------ .../admin/domains/formfield.domains_add.php | 6 -- .../admin/domains/formfield.domains_edit.php | 7 --- lng/de.lng.php | 4 -- lng/en.lng.php | 4 -- lng/es.lng.php | 4 -- lng/it.lng.php | 4 -- lng/nl.lng.php | 4 -- 19 files changed, 70 insertions(+), 239 deletions(-) diff --git a/admin_domains.php b/admin_domains.php index 59755968..c295387c 100644 --- a/admin_domains.php +++ b/admin_domains.php @@ -114,15 +114,11 @@ if ($page == 'domains' || $page == 'overview') { } elseif ($alias_check['count'] > 0) { Response::standardError('domains_cantdeletedomainwithaliases'); } else { - $showcheck = false; - if (Domain::domainHasMainSubDomains($id)) { - $showcheck = true; - } - HTML::askYesNoWithCheckbox('admin_domain_reallydelete', 'remove_subbutmain_domains', $filename, [ + HTML::askYesNo('admin_domain_reallydelete', $filename, [ 'id' => $id, 'page' => $page, 'action' => $action - ], $idna_convert->decode($result['domain']), $showcheck); + ], $idna_convert->decode($result['domain'])); } } } elseif ($action == 'add') { @@ -252,21 +248,6 @@ if ($page == 'domains' || $page == 'overview') { $domains[$row_domain['id']] = $idna_convert->decode($row_domain['domain']) . ' (' . $row_domain['loginname'] . ')'; } - $subtodomains = [ - 0 => lng('domains.nosubtomaindomain') - ]; - $result_domains_stmt = Database::prepare(" - SELECT `d`.`id`, `d`.`domain`, `c`.`loginname` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` - WHERE `d`.`aliasdomain` IS NULL AND `d`.`parentdomainid` = 0 AND `d`.`ismainbutsubto` = 0 " . $standardsubdomains . ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = :adminid") . " - AND `d`.`customerid`=`c`.`customerid` ORDER BY `loginname`, `domain` ASC - "); - // params from above still valid - Database::pexecute($result_domains_stmt, $params); - - while ($row_domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) { - $subtodomains[$row_domain['id']] = $idna_convert->decode($row_domain['domain']) . ' (' . $row_domain['loginname'] . ')'; - } - $phpconfigs = []; $configs = Database::query(" SELECT c.*, fc.description as interpreter @@ -287,7 +268,7 @@ if ($page == 'domains' || $page == 'overview') { 1 => lng('domain.homedir'), 2 => lng('domain.docparent') ]; - + // create serveralias options $serveraliasoptions = [ 0 => lng('domains.serveraliasoption_wildcard'), @@ -469,27 +450,6 @@ if ($page == 'domains' || $page == 'overview') { $domains[$row_domain['id']] = $idna_convert->decode($row_domain['domain']); } - $subtodomains = [ - 0 => lng('domains.nosubtomaindomain') - ]; - $result_domains_stmt = Database::prepare(" - SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` - WHERE `d`.`aliasdomain` IS NULL AND `d`.`parentdomainid` = '0' AND `d`.`id` <> :id - AND `c`.`standardsubdomain`<>`d`.`id` AND `c`.`customerid`=`d`.`customerid`" . ($userinfo['customers_see_all'] ? '' : " AND `d`.`adminid` = :adminid") . " - ORDER BY `d`.`domain` ASC - "); - $params = [ - 'id' => $result['id'] - ]; - if ($userinfo['customers_see_all'] == '0') { - $params['adminid'] = $userinfo['adminid']; - } - Database::pexecute($result_domains_stmt, $params); - - while ($row_domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) { - $subtodomains[$row_domain['id']] = $idna_convert->decode($row_domain['domain']); - } - if ($userinfo['ip'] == "-1") { $result_ipsandports_stmt = Database::query(" SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `ssl`='0' ORDER BY `ip`, `port` ASC @@ -556,7 +516,7 @@ if ($page == 'domains' || $page == 'overview') { 1 => lng('domain.homedir'), 2 => lng('domain.docparent') ]; - + $serveraliasoptions = [ 0 => lng('domains.serveraliasoption_wildcard'), 1 => lng('domains.serveraliasoption_www'), diff --git a/install/froxlor.sql.php b/install/froxlor.sql.php index 62c626f2..8b680cfe 100644 --- a/install/froxlor.sql.php +++ b/install/froxlor.sql.php @@ -278,7 +278,6 @@ CREATE TABLE `panel_domains` ( `phpsettingid` INT( 11 ) UNSIGNED NOT NULL DEFAULT '1', `mod_fcgid_starter` int(4) default '-1', `mod_fcgid_maxrequests` int(4) default '-1', - `ismainbutsubto` int(11) unsigned NOT NULL default '0', `letsencrypt` tinyint(1) NOT NULL default '0', `hsts` varchar(10) NOT NULL default '0', `hsts_sub` tinyint(1) NOT NULL default '0', diff --git a/install/updates/froxlor/update_2.x.inc.php b/install/updates/froxlor/update_2.x.inc.php index 228fdac1..5c035172 100644 --- a/install/updates/froxlor/update_2.x.inc.php +++ b/install/updates/froxlor/update_2.x.inc.php @@ -492,3 +492,11 @@ if (Froxlor::isFroxlorVersion('2.0.18')) { Update::showUpdateStep("Updating from 2.0.18 to 2.0.19", false); Froxlor::updateToVersion('2.0.19'); } + +if (Froxlor::isDatabaseVersion('202304260')) { + Update::showUpdateStep("Cleaning domains table"); + Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` DROP COLUMN `ismainbutsubto`;"); + Update::lastStepStatus(0); + + Froxlor::updateToDbVersion('202305231'); +} diff --git a/lib/Froxlor/Api/Commands/Domains.php b/lib/Froxlor/Api/Commands/Domains.php index ea318e97..ab81efd5 100644 --- a/lib/Froxlor/Api/Commands/Domains.php +++ b/lib/Froxlor/Api/Commands/Domains.php @@ -190,9 +190,6 @@ class Domains extends ApiCommand implements ResourceEntity * optional, whether to create an exclusive web-logfile for this domain, default 0 (false) * @param int $alias * optional, domain-id of a domain that the new domain should be an alias of, default 0 (none) - * @param int $issubof - * optional, domain-id of a domain this domain is a subdomain of (required for webserver-cronjob to - * generate the correct order), default 0 (none) * @param string $registration_date * optional, date of domain registration in form of YYYY-MM-DD, default empty (none) * @param string $termination_date @@ -298,7 +295,6 @@ class Domains extends ApiCommand implements ResourceEntity $serveraliasoption = $this->getParam('selectserveralias', true, Settings::Get('system.domaindefaultalias')); $speciallogfile = $this->getBoolParam('speciallogfile', true, 0); $aliasdomain = intval($this->getParam('alias', true, 0)); - $issubof = $this->getParam('issubof', true, 0); $registration_date = $this->getParam('registration_date', true, ''); $termination_date = $this->getParam('termination_date', true, ''); $caneditdomain = $this->getBoolParam('caneditdomain', true, 0); @@ -665,10 +661,6 @@ class Domains extends ApiCommand implements ResourceEntity $serveraliasoption = '0'; } - if ($issubof <= 0) { - $issubof = '0'; - } - $idna_convert = new IdnaWrapper(); if ($domain == '') { Response::standardError([ @@ -723,7 +715,6 @@ class Domains extends ApiCommand implements ResourceEntity 'phpsettingid' => $phpsettingid, 'mod_fcgid_starter' => $mod_fcgid_starter, 'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests, - 'ismainbutsubto' => $issubof, 'letsencrypt' => $letsencrypt, 'http2' => $http2, 'hsts' => $hsts_maxage, @@ -777,7 +768,6 @@ class Domains extends ApiCommand implements ResourceEntity `phpsettingid` = :phpsettingid, `mod_fcgid_starter` = :mod_fcgid_starter, `mod_fcgid_maxrequests` = :mod_fcgid_maxrequests, - `ismainbutsubto` = :ismainbutsubto, `letsencrypt` = :letsencrypt, `http2` = :http2, `hsts` = :hsts, @@ -1069,9 +1059,6 @@ class Domains extends ApiCommand implements ResourceEntity * default 0 (false) * @param int $alias * optional, domain-id of a domain that the new domain should be an alias of, default 0 (none) - * @param int $issubof - * optional, domain-id of a domain this domain is a subdomain of (required for webserver-cronjob to - * generate the correct order), default 0 (none) * @param string $registration_date * optional, date of domain registration in form of YYYY-MM-DD, default empty (none) * @param string $termination_date @@ -1191,7 +1178,6 @@ class Domains extends ApiCommand implements ResourceEntity $speciallogfile = $this->getBoolParam('speciallogfile', true, $result['speciallogfile']); $speciallogverified = $this->getBoolParam('speciallogverified', true, 0); $aliasdomain = intval($this->getParam('alias', true, $result['aliasdomain'])); - $issubof = $this->getParam('issubof', true, $result['ismainbutsubto']); $registration_date = $this->getParam('registration_date', true, $result['registration_date']); $termination_date = $this->getParam('termination_date', true, $result['termination_date']); $caneditdomain = $this->getBoolParam('caneditdomain', true, $result['caneditdomain']); @@ -1640,10 +1626,6 @@ class Domains extends ApiCommand implements ResourceEntity Response::standardError('domainisaliasorothercustomer', '', true); } - if ($issubof <= 0) { - $issubof = '0'; - } - if ($serveraliasoption != '1' && $serveraliasoption != '2') { $serveraliasoption = '0'; } @@ -1666,7 +1648,6 @@ class Domains extends ApiCommand implements ResourceEntity || $writeaccesslog != $result['writeaccesslog'] || $writeerrorlog != $result['writeerrorlog'] || $aliasdomain != $result['aliasdomain'] - || $issubof != $result['ismainbutsubto'] || $email_only != $result['email_only'] || ($speciallogfile != $result['speciallogfile'] && $speciallogverified == '1') || $letsencrypt != $result['letsencrypt'] @@ -1837,7 +1818,6 @@ class Domains extends ApiCommand implements ResourceEntity $update_data['writeerrorlog'] = $writeerrorlog; $update_data['registration_date'] = $registration_date; $update_data['termination_date'] = $termination_date; - $update_data['ismainbutsubto'] = $issubof; $update_data['letsencrypt'] = $letsencrypt; $update_data['http2'] = $http2; $update_data['hsts'] = $hsts_maxage; @@ -1885,7 +1865,6 @@ class Domains extends ApiCommand implements ResourceEntity `writeerrorlog` = :writeerrorlog, `registration_date` = :registration_date, `termination_date` = :termination_date, - `ismainbutsubto` = :ismainbutsubto, `letsencrypt` = :letsencrypt, `http2` = :http2, `hsts` = :hsts, @@ -2073,9 +2052,6 @@ class Domains extends ApiCommand implements ResourceEntity * optional, the domain-id * @param string $domainname * optional, the domainname - * @param bool $delete_mainsubdomains - * optional, remove also domains that are subdomains of this domain but added as main domains; default - * false * @param bool $is_stdsubdomain * optional, default false, specify whether it's a std-subdomain you are deleting as it does not count * as subdomain-resource @@ -2091,7 +2067,6 @@ class Domains extends ApiCommand implements ResourceEntity $dn_optional = $id > 0; $domainname = $this->getParam('domainname', $dn_optional, ''); $is_stdsubdomain = $this->getParam('is_stdsubdomain', true, 0); - $remove_subbutmain_domains = $this->getParam('delete_mainsubdomains', true, 0); $result = $this->apiCall('Domains.get', [ 'id' => $id, @@ -2099,15 +2074,10 @@ class Domains extends ApiCommand implements ResourceEntity ]); $id = $result['id']; - // check for deletion of main-domains which are logically subdomains, #329 - $rsd_sql = ''; - if ($remove_subbutmain_domains) { - $rsd_sql .= " OR `ismainbutsubto` = :id"; - } - $subresult_stmt = Database::prepare(" - SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` - WHERE (`id` = :id OR `parentdomainid` = :id " . $rsd_sql . ")"); + SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` + WHERE (`id` = :id OR `parentdomainid` = :id) + "); Database::pexecute($subresult_stmt, [ 'id' => $id ], true, true); @@ -2129,23 +2099,10 @@ class Domains extends ApiCommand implements ResourceEntity $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] deleted domain/s from mail-tables"); } - // if mainbutsubto-domains are not to be deleted, re-assign the (ismainbutsubto value of the main - // domain which is being deleted) as their new ismainbutsubto value - if ($remove_subbutmain_domains !== 1) { - $upd_stmt = Database::prepare(" - UPDATE `" . TABLE_PANEL_DOMAINS . "` SET - `ismainbutsubto` = :newIsMainButSubtoValue - WHERE `ismainbutsubto` = :deletedMainDomainId - "); - Database::pexecute($upd_stmt, [ - 'newIsMainButSubtoValue' => $result['ismainbutsubto'], - 'deletedMainDomainId' => $id - ], true, true); - } - $del_stmt = Database::prepare(" - DELETE FROM `" . TABLE_PANEL_DOMAINS . "` - WHERE `id` = :id OR `parentdomainid` = :id " . $rsd_sql); + DELETE FROM `" . TABLE_PANEL_DOMAINS . "` + WHERE `id` = :id OR `parentdomainid` = :id + "); Database::pexecute($del_stmt, [ 'id' => $id ], true, true); diff --git a/lib/Froxlor/Cron/Dns/Bind.php b/lib/Froxlor/Cron/Dns/Bind.php index 939796d7..882b3d99 100644 --- a/lib/Froxlor/Cron/Dns/Bind.php +++ b/lib/Froxlor/Cron/Dns/Bind.php @@ -62,8 +62,8 @@ class Bind extends DnsBase $this->bindconf_file = '# ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf' . "\n" . '# Created ' . date('d.m.Y H:i') . "\n" . '# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.' . "\n\n"; foreach ($domains as $domain) { - if ($domain['ismainbutsubto'] > 0) { - // domains with ismainbutsubto>0 are handled by recursion within walkDomainList() + if ($domain['is_child']) { + // domains that are subdomains to other main domains are handled by recursion within walkDomainList() continue; } $this->walkDomainList($domain, $domains); @@ -114,7 +114,7 @@ class Bind extends DnsBase $isFroxlorHostname = true; } - if ($domain['ismainbutsubto'] == 0) { + if (!$domain['is_child']) { $zoneContent = (string)Dns::createDomainZone(($domain['id'] == 'none') ? $domain : $domain['id'], $isFroxlorHostname); $domain['zonefile'] = 'domains/' . $domain['domain'] . '.zone'; $zonefile_name = FileDir::makeCorrectFile(Settings::Get('system.bindconf_directory') . '/' . $domain['zonefile']); diff --git a/lib/Froxlor/Cron/Dns/DnsBase.php b/lib/Froxlor/Cron/Dns/DnsBase.php index 5c9eb018..f9ceaede 100644 --- a/lib/Froxlor/Cron/Dns/DnsBase.php +++ b/lib/Froxlor/Cron/Dns/DnsBase.php @@ -26,6 +26,7 @@ namespace Froxlor\Cron\Dns; use Froxlor\Database\Database; +use Froxlor\Domain\Domain; use Froxlor\FileDir; use Froxlor\FroxlorLogger; use Froxlor\PhpHelper; @@ -210,7 +211,6 @@ abstract class DnsBase `d`.`dkim`, `d`.`dkim_id`, `d`.`dkim_pubkey`, - `d`.`ismainbutsubto`, `c`.`loginname`, `c`.`guid` FROM @@ -219,7 +219,7 @@ abstract class DnsBase WHERE `d`.`isbinddomain` = '1' ORDER BY - `d`.`domain` ASC + LENGTH(`d`.`domain`), `d`.`domain` ASC "); $domains = []; @@ -241,7 +241,6 @@ abstract class DnsBase 'bindserial' => date('Ymd') . '00', 'dkim' => '0', 'iswildcarddomain' => '1', - 'ismainbutsubto' => '0', 'zonefile' => '', 'froxlorhost' => '1' ]; @@ -257,18 +256,23 @@ abstract class DnsBase if (!isset($domains[$key]['children'])) { $domains[$key]['children'] = []; } - if ($domains[$key]['ismainbutsubto'] > 0) { - if (isset($domains[$domains[$key]['ismainbutsubto']])) { - $domains[$domains[$key]['ismainbutsubto']]['children'][] = $domains[$key]['id']; - } else { - $domains[$key]['ismainbutsubto'] = 0; + if (!isset($domains[$key]['is_child'])) { + $domains[$key]['is_child'] = false; + } + $children = Domain::getMainSubdomainIds($key); + if (count($children) > 0) { + foreach ($children as $child) { + if (isset($domains[$child])) { + $domains[$key]['children'][] = $domains[$child]['id']; + $domains[$child]['is_child'] = true; + } } } } - $this->logger->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, str_pad('domId', 9, ' ') . str_pad('domain', 40, ' ') . 'ismainbutsubto ' . str_pad('parent domain', 40, ' ') . "list of child domain ids"); + $this->logger->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, str_pad('domId', 9, ' ') . str_pad('domain', 40, ' ') . "list of child domain ids"); foreach ($domains as $domain) { - $logLine = str_pad($domain['id'], 9, ' ') . str_pad($domain['domain'], 40, ' ') . str_pad($domain['ismainbutsubto'], 15, ' ') . str_pad(((isset($domains[$domain['ismainbutsubto']])) ? $domains[$domain['ismainbutsubto']]['domain'] : '-'), 40, ' ') . join(', ', $domain['children']); + $logLine = str_pad($domain['id'], 9, ' ') . str_pad($domain['domain'], 40, ' ') . join(', ', $domain['children']); $this->logger->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, $logLine); } diff --git a/lib/Froxlor/Cron/Dns/PowerDNS.php b/lib/Froxlor/Cron/Dns/PowerDNS.php index c3d8f20b..65fb25ca 100644 --- a/lib/Froxlor/Cron/Dns/PowerDNS.php +++ b/lib/Froxlor/Cron/Dns/PowerDNS.php @@ -50,8 +50,8 @@ class PowerDNS extends DnsBase } foreach ($domains as $domain) { - if ($domain['ismainbutsubto'] > 0) { - // domains with ismainbutsubto>0 are handled by recursion within walkDomainList() + if ($domain['is_child']) { + // domains that are subdomains to other main domains are handled by recursion within walkDomainList() continue; } $this->walkDomainList($domain, $domains); @@ -108,7 +108,7 @@ class PowerDNS extends DnsBase $isFroxlorHostname = true; } - if ($domain['ismainbutsubto'] == 0) { + if (!$domain['is_child']) { $zoneContent = Dns::createDomainZone(($domain['id'] == 'none') ? $domain : $domain['id'], $isFroxlorHostname); if (count($subzones)) { foreach ($subzones as $subzone) { diff --git a/lib/Froxlor/Cron/Http/Apache.php b/lib/Froxlor/Cron/Http/Apache.php index faa439ef..8fba3764 100644 --- a/lib/Froxlor/Cron/Http/Apache.php +++ b/lib/Froxlor/Cron/Http/Apache.php @@ -630,29 +630,6 @@ class Apache extends HttpConfigBase } } - /** - * Get the filename for the virtualhost - */ - protected function getVhostFilename($domain, $ssl_vhost = false) - { - if ((int)$domain['parentdomainid'] == 0 && Domain::isCustomerStdSubdomain((int)$domain['id']) == false && ((int)$domain['ismainbutsubto'] == 0 || Domain::domainMainToSubExists($domain['ismainbutsubto']) == false)) { - $vhost_no = '35'; - } elseif ((int)$domain['parentdomainid'] == 0 && Domain::isCustomerStdSubdomain((int)$domain['id']) == false && (int)$domain['ismainbutsubto'] > 0) { - $vhost_no = '30'; - } else { - // number of dots in a domain specifies it's position (and depth of subdomain) starting at 29 going downwards on higher depth - $vhost_no = (string)(30 - substr_count($domain['domain'], ".") + 1); - } - - if ($ssl_vhost === true) { - $vhost_filename = FileDir::makeCorrectFile(Settings::Get('system.apacheconf_vhost') . '/' . $vhost_no . '_froxlor_ssl_vhost_' . $domain['domain'] . '.conf'); - } else { - $vhost_filename = FileDir::makeCorrectFile(Settings::Get('system.apacheconf_vhost') . '/' . $vhost_no . '_froxlor_normal_vhost_' . $domain['domain'] . '.conf'); - } - - return $vhost_filename; - } - /** * We compose the virtualhost entry for one domain */ diff --git a/lib/Froxlor/Cron/Http/HttpConfigBase.php b/lib/Froxlor/Cron/Http/HttpConfigBase.php index 7b400726..4226322a 100644 --- a/lib/Froxlor/Cron/Http/HttpConfigBase.php +++ b/lib/Froxlor/Cron/Http/HttpConfigBase.php @@ -28,6 +28,7 @@ namespace Froxlor\Cron\Http; use Froxlor\Cron\Http\LetsEncrypt\AcmeSh; use Froxlor\Cron\Http\Php\Fpm; use Froxlor\Database\Database; +use Froxlor\Domain\Domain; use Froxlor\FileDir; use Froxlor\Froxlor; use Froxlor\FroxlorLogger; @@ -187,4 +188,18 @@ class HttpConfigBase } return false; } + + /** + * Get the filename for the virtualhost + */ + protected function getVhostFilename(array $domain, bool $ssl_vhost = false, bool $filename_only = false) + { + // number of dots in a domain specifies its position (and depth of subdomain) starting at 35 going downwards on higher depth + $vhost_no = (string)(35 - substr_count($domain['domain'], ".") + 1); + $filename = $vhost_no . '_froxlor_' . ($ssl_vhost ? 'ssl' : 'normal') . '_vhost_' . $domain['domain'] . '.conf'; + if ($filename_only) { + return $filename; + } + return FileDir::makeCorrectFile(Settings::Get('system.apacheconf_vhost') . '/' . $filename); + } } diff --git a/lib/Froxlor/Cron/Http/Lighttpd.php b/lib/Froxlor/Cron/Http/Lighttpd.php index 233236a0..968ab62c 100644 --- a/lib/Froxlor/Cron/Http/Lighttpd.php +++ b/lib/Froxlor/Cron/Http/Lighttpd.php @@ -336,24 +336,9 @@ class Lighttpd extends HttpConfigBase $_pos = strrpos($_tmp_path, '/'); $_inc_path = substr($_tmp_path, $_pos + 1); - // maindomain - if ((int)$domain['parentdomainid'] == 0 && Domain::isCustomerStdSubdomain((int)$domain['id']) == false && ((int)$domain['ismainbutsubto'] == 0 || Domain::domainMainToSubExists($domain['ismainbutsubto']) == false)) { - $vhost_no = '50'; - } elseif ((int)$domain['parentdomainid'] == 0 && Domain::isCustomerStdSubdomain((int)$domain['id']) == false && (int)$domain['ismainbutsubto'] > 0) { - // sub-but-main-domain - $vhost_no = '51'; - } else { - // subdomains - // number of dots in a domain specifies it's position (and depth of subdomain) starting at 89 going downwards on higher depth - $vhost_no = (string)(90 - substr_count($domain['domain'], ".") + 1); - } - - if ($ssl == '1') { - $vhost_no = (int)$vhost_no += 10; - } - - $vhost_filename = FileDir::makeCorrectFile(Settings::Get('system.apacheconf_vhost') . '/vhosts/' . $vhost_no . '_' . $domain['domain'] . '.conf'); - $included_vhosts[] = $_inc_path . '/vhosts/' . $vhost_no . '_' . $domain['domain'] . '.conf'; + $filename = self::getVhostFilename($domain, ($ssl == '1'), true); + $vhost_filename = FileDir::makeCorrectFile(Settings::Get('system.apacheconf_vhost') . '/vhosts/' . $filename); + $included_vhosts[] = $_inc_path . '/vhosts/' . $filename; } if (!isset($this->lighttpd_data[$vhost_filename])) { diff --git a/lib/Froxlor/Cron/Http/Nginx.php b/lib/Froxlor/Cron/Http/Nginx.php index 51230334..3d2ad85e 100644 --- a/lib/Froxlor/Cron/Http/Nginx.php +++ b/lib/Froxlor/Cron/Http/Nginx.php @@ -467,26 +467,6 @@ class Nginx extends HttpConfigBase } } - protected function getVhostFilename($domain, $ssl_vhost = false) - { - if ((int)$domain['parentdomainid'] == 0 && Domain::isCustomerStdSubdomain((int)$domain['id']) == false && ((int)$domain['ismainbutsubto'] == 0 || Domain::domainMainToSubExists($domain['ismainbutsubto']) == false)) { - $vhost_no = '35'; - } elseif ((int)$domain['parentdomainid'] == 0 && Domain::isCustomerStdSubdomain((int)$domain['id']) == false && (int)$domain['ismainbutsubto'] > 0) { - $vhost_no = '30'; - } else { - // number of dots in a domain specifies it's position (and depth of subdomain) starting at 29 going downwards on higher depth - $vhost_no = (string)(30 - substr_count($domain['domain'], ".") + 1); - } - - if ($ssl_vhost === true) { - $vhost_filename = FileDir::makeCorrectFile(Settings::Get('system.apacheconf_vhost') . '/' . $vhost_no . '_froxlor_ssl_vhost_' . $domain['domain'] . '.conf'); - } else { - $vhost_filename = FileDir::makeCorrectFile(Settings::Get('system.apacheconf_vhost') . '/' . $vhost_no . '_froxlor_normal_vhost_' . $domain['domain'] . '.conf'); - } - - return $vhost_filename; - } - protected function getVhostContent($domain, $ssl_vhost = false) { if ($ssl_vhost === true && $domain['ssl'] != '1' && $domain['ssl_redirect'] != '1') { diff --git a/lib/Froxlor/Domain/Domain.php b/lib/Froxlor/Domain/Domain.php index 21aeead0..0f7a300b 100644 --- a/lib/Froxlor/Domain/Domain.php +++ b/lib/Froxlor/Domain/Domain.php @@ -235,51 +235,30 @@ class Domain } /** - * check whether a domain has subdomains added as full-domains - * #329 + * get ids of domains that are main domains but a subdomain of another main domain (for DNS) * - * @param int $id domain-id + * @param int $id main-domain to check * - * @return bool + * @return array * @throws \Exception */ - public static function domainHasMainSubDomains(int $id): bool + public static function getMainSubdomainIds(int $id): array { $result_stmt = Database::prepare(" - SELECT COUNT(`id`) as `mainsubs` FROM `" . TABLE_PANEL_DOMAINS . "` - WHERE `ismainbutsubto` = :id"); - $result = Database::pexecute_first($result_stmt, [ - 'id' => $id - ]); - - if ($result && isset($result['mainsubs'])) { - return $result['mainsubs'] > 0; - } - return false; - } - - /** - * check whether a subof-domain exists - * #329 - * - * @param int $id subof-domain-id - * - * @return bool - * @throws \Exception - */ - public static function domainMainToSubExists(int $id): bool - { - $result_stmt = Database::prepare(" - SELECT `id` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `id` = :id"); + SELECT id + FROM `" . TABLE_PANEL_DOMAINS . "` + WHERE + isbinddomain = 1 AND + domain LIKE CONCAT('%.', ( SELECT d.domain FROM `" . TABLE_PANEL_DOMAINS . "` AS d WHERE d.id = :id )) + "); Database::pexecute($result_stmt, [ 'id' => $id ]); - $result = $result_stmt->fetch(PDO::FETCH_ASSOC); - - if ($result && isset($result['id'])) { - return $result['id'] > 0; + $result = []; + while ($entry = $result_stmt->fetch(PDO::FETCH_ASSOC)) { + $result = $entry['id']; } - return false; + return $result; } /** diff --git a/lib/formfields/admin/domains/formfield.domains_add.php b/lib/formfields/admin/domains/formfield.domains_add.php index c48d0ce3..5400cc7d 100644 --- a/lib/formfields/admin/domains/formfield.domains_add.php +++ b/lib/formfields/admin/domains/formfield.domains_add.php @@ -60,12 +60,6 @@ return [ 'type' => 'select', 'select_var' => $domains ], - 'issubof' => [ - 'label' => lng('domains.issubof'), - 'desc' => lng('domains.issubofinfo'), - 'type' => 'select', - 'select_var' => $subtodomains - ], 'caneditdomain' => [ 'label' => lng('admin.domain_editable.title'), 'desc' => lng('admin.domain_editable.desc'), diff --git a/lib/formfields/admin/domains/formfield.domains_edit.php b/lib/formfields/admin/domains/formfield.domains_edit.php index c8f81bea..b6a9c308 100644 --- a/lib/formfields/admin/domains/formfield.domains_edit.php +++ b/lib/formfields/admin/domains/formfield.domains_edit.php @@ -65,13 +65,6 @@ return [ 'select_var' => $domains, 'selected' => $result['aliasdomain'] ], - 'issubof' => [ - 'label' => lng('domains.issubof'), - 'desc' => lng('domains.issubofinfo'), - 'type' => 'select', - 'select_var' => $subtodomains, - 'selected' => $result['ismainbutsubto'] - ], 'associated_info' => [ 'label' => lng('domains.associated_with_domain'), 'type' => 'label', diff --git a/lng/de.lng.php b/lng/de.lng.php index 7ce6d207..b899a717 100644 --- a/lng/de.lng.php +++ b/lng/de.lng.php @@ -665,9 +665,6 @@ return [ 'aliasdomains' => 'Aliasdomains', 'redirectifpathisurl' => 'Redirect-Code (Standard: leer)', 'redirectifpathisurlinfo' => 'Der Redirect-Code kann gewählt werden, wenn der eingegebene Pfad eine URL ist.
HINWEIS: Änderungen werden nur wirksam wenn der Pfad eine URL ist.', - 'issubof' => 'Diese Domain ist eine Subdomain von der Domain', - 'issubofinfo' => 'Diese Einstellung muss gesetzt werden, wenn Sie eine Subdomain einer Hauptdomain als Hauptdomain anlegen (z. B. soll "www.domain.tld" hinzugefügt werden, somit muss hier "domain.tld" ausgewählt werden).', - 'nosubtomaindomain' => 'Keine Subdomain einer Hauptdomain', 'ipandport_multi' => [ 'title' => 'IP-Adresse(n)', 'description' => 'Definieren Sie eine oder mehrere IP-Adresse(n) für diese Domain.

Hinweis: Die IP-Adressen können nicht geändert werden, sollte die Domain als Alias-Domain für eine andere Domain konfiguriert worden sein.
', @@ -1287,7 +1284,6 @@ Vielen Dank, Ihr Administrator', 'admin_quotas_reallyenforce' => 'Sind Sie sicher, dass Sie allen Benutzern das Default-Quota zuweisen wollen? Dies kann nicht rückgängig gemacht werden!', 'phpsetting_reallydelete' => 'Wollen Sie diese PHP-Einstellungen wirklich löschen? Alle Domains die diese Einstellungen bis jetzt verwendet haben, werden dann auf die Standardeinstellungen umgestellt.', 'fpmsetting_reallydelete' => 'Wollen Sie diese PHP-FPM Einstellungen wirklich löschen? Alle PHP Konfigurationen die diese Einstellungen bis jetzt verwendet haben, werden dann auf die Standardeinstellungen umgestellt.', - 'remove_subbutmain_domains' => 'Auch Domains entfernen, welche als volle Domains hinzugefügt wurden, aber Subdomains von dieser Domain sind?', 'customer_reallyunlock' => 'Wollen Sie den Kunden "%s" wirklich entsperren?', 'admin_integritycheck_reallyfix' => 'Möchten Sie wirklich versuchen sämtliche Datenbank-Integritätsprobleme automatisch zu beheben?', 'plan_reallydelete' => 'Wollen Sie den Hostingplan %s wirklich löschen?', diff --git a/lng/en.lng.php b/lng/en.lng.php index 0a05daf4..d4cb30fa 100644 --- a/lng/en.lng.php +++ b/lng/en.lng.php @@ -731,9 +731,6 @@ return [ 'aliasdomains' => 'Alias domains', 'redirectifpathisurl' => 'Redirect code (default: empty)', 'redirectifpathisurlinfo' => 'You only need to select one of these if you entered an URL as path
NOTE: Changes are only applied if the given path is an URL.', - 'issubof' => 'This domain is a subdomain of another domain', - 'issubofinfo' => 'You have to set this to the correct domain if you want to add a subdomain as full-domain (e.g. you want to add "www.domain.tld", you have to select "domain.tld" here)', - 'nosubtomaindomain' => 'No subdomain of a full domain', 'ipandport_multi' => [ 'title' => 'IP address(es)', 'description' => 'Specify one or more IP address for the domain.

NOTE: IP addresses cannot be changed when the domain is configured as alias-domain of another domain.
', @@ -1399,7 +1396,6 @@ Yours sincerely, your administrator', 'admin_quotas_reallyenforce' => 'Do you really want to enforce the default quota to all Users? This cannot be reverted!', 'phpsetting_reallydelete' => 'Do you really want to delete these settings? All domains which use these settings currently will be changed to the default config.', 'fpmsetting_reallydelete' => 'Do you really want to delete these php-fpm settings? All php configurations which use these settings currently will be changed to the default config.', - 'remove_subbutmain_domains' => 'Also remove domains which are added as full domains but which are subdomains of this domain?', 'customer_reallyunlock' => 'Do you really want to unlock customer %s?', 'admin_integritycheck_reallyfix' => 'Do you really want to try fixing all database integrity problems automatically?', 'plan_reallydelete' => 'Do you really want to delete the hosting plan %s?', diff --git a/lng/es.lng.php b/lng/es.lng.php index 28eb7454..f5d5974d 100644 --- a/lng/es.lng.php +++ b/lng/es.lng.php @@ -731,9 +731,6 @@ return [ 'aliasdomains' => 'Alias dominios', 'redirectifpathisurl' => 'Código de redirección (por defecto: vacío)', 'redirectifpathisurlinfo' => 'Sólo tiene que seleccionar una de estas opciones si ha introducido una URL como ruta
NOTA: Los cambios sólo se aplican si la ruta indicada es una URL.', - 'issubof' => 'Este dominio es un subdominio de otro dominio', - 'issubofinfo' => 'Si desea añadir un subdominio como dominio completo, deberá establecerlo en el dominio correcto (por ejemplo, si desea añadir "www.domain.tld", deberá seleccionar "dominio.tld").', - 'nosubtomaindomain' => 'No es subdominio de un dominio completo', 'ipandport_multi' => [ 'title' => 'Direcciones IP', 'description' => 'Especifique una o más direcciones IP para el dominio.

NOTA: Las direcciones IP no pueden cambiarse cuando el dominio está configurado como alias-dominio de otro dominio.
' @@ -1390,7 +1387,6 @@ Atentamente, su administrador' 'admin_quotas_reallyenforce' => '¿Realmente desea aplicar la cuota por defecto a todos los usuarios? Esto no se puede revertir.', 'phpsetting_reallydelete' => '¿Realmente desea eliminar esta configuración? Todos los dominios que usen esta configuración serán cambiados a la configuración por defecto.', 'fpmsetting_reallydelete' => '¿Realmente desea eliminar esta configuración de php-fpm? Todas las configuraciones de php que utilicen estos ajustes se cambiarán a la configuración por defecto.', - 'remove_subbutmain_domains' => '¿Quitar también los dominios que se añaden como dominios completos pero que son subdominios de este dominio?', 'customer_reallyunlock' => '¿Realmente quieres desbloquear al cliente %s?', 'admin_integritycheck_reallyfix' => '¿Realmente quieres intentar arreglar todos los problemas de integridad de la base de datos automáticamente?', 'plan_reallydelete' => '¿De verdad quieres eliminar el plan de alojamiento %s?', diff --git a/lng/it.lng.php b/lng/it.lng.php index af5bff91..58610b82 100644 --- a/lng/it.lng.php +++ b/lng/it.lng.php @@ -732,9 +732,6 @@ return [ 'aliasdomains' => 'Alias domini', 'redirectifpathisurl' => 'Codice di redirezione (Predefinito: vuoto)', 'redirectifpathisurlinfo' => 'È necessario selezionare uno di questi se hai inserito un URL come percorso', - 'issubof' => 'Questo dominio è un sottodominio di un altro dominio', - 'issubofinfo' => 'Devi impostare correttamente questo dominio se si desidera aggiungere un sottodominio come dominio completo (es. si vuole aggiungere "www.domain.tld", devi selezionare qui "domain.tld")', - 'nosubtomaindomain' => 'No sottodominio di un dominio completo', 'ipandport_multi' => [ 'title' => 'Indirizzi IP', 'description' => 'Specifica uno o più indirizzi IP per il dominio.

NOTA: L\'indirizzo IP non può essere modificato quando il dominio è configurato come alias-domain di un altro dominio.
', @@ -1196,7 +1193,6 @@ Cordiali Saluti, Team Froxlor', 'admin_quotas_reallywipe' => 'Sei sicuro di voler cancellare tutti i limiti dalla tabella mail_users? Questa operazione non può essere annullata!', 'admin_quotas_reallyenforce' => 'Sei sicuro di voler impostare il limite predefinito a tutti gli utenti? Questa operazione non può essere annullata!', 'phpsetting_reallydelete' => 'Do you really want to delete these settings? All domains which use these settings currently will be changed to the default config.', - 'remove_subbutmain_domains' => 'Rimuover anche i domini che sono stati aggiunti come domini completi, ma quali sono i sottodomini di questo dominio?', 'customer_reallyunlock' => 'Sei sicuro di voler sbloccare il cliente %s?', 'admin_customer_alsoremovemail' => 'Eliminare completamente i dati della posta elettronica dal filesystem??', 'admin_customer_alsoremoveftphomedir' => 'Rimuovere anche la cartella homedir dell\'utente FTP?', diff --git a/lng/nl.lng.php b/lng/nl.lng.php index ad47606f..02548024 100644 --- a/lng/nl.lng.php +++ b/lng/nl.lng.php @@ -400,9 +400,6 @@ return [ 'aliasdomains' => 'Alternatieve domeinnamen', 'redirectifpathisurl' => 'Doorverwijzingscode (standaard: leegt)', 'redirectifpathisurlinfo' => 'U dient deze alleen op te geven indien u een URL als pad hebt opgegeven', - 'issubof' => 'Dit domein is een subdomein van een ander domein', - 'issubofinfo' => 'U dient het correcte domein op te geven indien u een subdomein als volledig domein wilt (bijvoorbeeld als u "www.domain.tld" wilt gebruiken, dan geeft u hier "domain.tld")', - 'nosubtomaindomain' => 'Geen subdomein van volledig domein', ], 'emails' => [ 'description' => 'Hier kunt u e-mail adressen maken en wijzigen.
Een account is net als een brievenbus voor uw huis. Als iemand u mail stuurt wordt dit op uw account bezorgd.

Om uw emails te downloaden moet u het volgende instellen in uw mailprogramma: (De schuingedrukte gegevens moeten gewijzigd worden in wat u ingegeven heeft!)
Servernaam: Domeinnaam
Gebruikersnaam: Account naam / E-mailadres
Wachtwoord: het door u ingegeven wachtwoord', @@ -741,7 +738,6 @@ Met vriendelijke groet, uw beheerder', 'admin_quotas_reallywipe' => 'Weet u zeker dat u alle quota wilt verwijderen? Dit is niet terug te draaien!', 'admin_quotas_reallyenforce' => 'Weet u zeker dat u quota wilt afdwingen? Dit is niet terug te draaien!', 'phpsetting_reallydelete' => 'Weet u zeker dat u deze instellingen wilt verwijderen? Alle domeinen die deze configuratie gebruiken zullen terugvallen op de standaardinstellingen.', - 'remove_subbutmain_domains' => 'Verwijder ook domeinen die als volledige domeinen zijn opgegeven maar een subdomein zijn van dit domein?', 'customer_reallyunlock' => 'Weet u zeker dat u klant %s? wilt ontgrendelen', ], 'serversettings' => [ From 2e6b939ec6d4ed90d8657a8915c87da845efd4e4 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Tue, 23 May 2023 15:21:25 +0200 Subject: [PATCH 03/87] set dbversion Signed-off-by: Michael Kaufmann --- install/froxlor.sql.php | 2 +- install/updates/froxlor/update_2.x.inc.php | 2 +- lib/Froxlor/Froxlor.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/install/froxlor.sql.php b/install/froxlor.sql.php index 8b680cfe..a4cb7c5a 100644 --- a/install/froxlor.sql.php +++ b/install/froxlor.sql.php @@ -744,7 +744,7 @@ opcache.validate_timestamps'), ('panel', 'logo_overridecustom', '0'), ('panel', 'settings_mode', '0'), ('panel', 'version', '2.0.19'), - ('panel', 'db_version', '202304260'); + ('panel', 'db_version', '202305230'); DROP TABLE IF EXISTS `panel_tasks`; diff --git a/install/updates/froxlor/update_2.x.inc.php b/install/updates/froxlor/update_2.x.inc.php index 5c035172..50f0f3cb 100644 --- a/install/updates/froxlor/update_2.x.inc.php +++ b/install/updates/froxlor/update_2.x.inc.php @@ -498,5 +498,5 @@ if (Froxlor::isDatabaseVersion('202304260')) { Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` DROP COLUMN `ismainbutsubto`;"); Update::lastStepStatus(0); - Froxlor::updateToDbVersion('202305231'); + Froxlor::updateToDbVersion('202305230'); } diff --git a/lib/Froxlor/Froxlor.php b/lib/Froxlor/Froxlor.php index 6f05abf1..df17100a 100644 --- a/lib/Froxlor/Froxlor.php +++ b/lib/Froxlor/Froxlor.php @@ -34,7 +34,7 @@ final class Froxlor const VERSION = '2.0.19'; // Database version (YYYYMMDDC where C is a daily counter) - const DBVERSION = '202304260'; + const DBVERSION = '202305230'; // Distribution branding-tag (used for Debian etc.) const BRANDING = ''; From 09b3c1c45a14be9e7394511118366b4908aaf363 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Wed, 24 May 2023 09:05:50 +0200 Subject: [PATCH 04/87] implement Domains.duplicate() API call, refs #807 Signed-off-by: Michael Kaufmann --- lib/Froxlor/Api/Commands/Domains.php | 134 ++++++++++++++++++++++++--- tests/Domains/DomainsTest.php | 20 ++++ 2 files changed, 142 insertions(+), 12 deletions(-) diff --git a/lib/Froxlor/Api/Commands/Domains.php b/lib/Froxlor/Api/Commands/Domains.php index ab81efd5..1b4bf6f2 100644 --- a/lib/Froxlor/Api/Commands/Domains.php +++ b/lib/Froxlor/Api/Commands/Domains.php @@ -110,7 +110,7 @@ class Domains extends ApiCommand implements ResourceEntity * * @param number $domain_id * @param bool $ssl_only - * optional, return only ssl enabled ip's, default false + * optional, return only ssl enabled ips, default false * @return array */ private function getIpsForDomain($domain_id = 0, $ssl_only = false) @@ -207,7 +207,7 @@ class Domains extends ApiCommand implements ResourceEntity * @param string $ssl_specialsettings * optional, custom webserver vhost-content which is added to the generated ssl-vhost, default empty * @param bool $include_specialsettings - * optional, whether or not to include non-ssl specialsettings in the generated ssl-vhost, default false + * optional, whether to include non-ssl specialsettings in the generated ssl-vhost, default false * @param bool $notryfiles * optional, [nginx only] do not generate the default try-files directive, default 0 (false) * @param bool $writeaccesslog @@ -216,7 +216,7 @@ class Domains extends ApiCommand implements ResourceEntity * optional, Enable writing an error-log file for this domain, default 1 (true) * @param string $documentroot * optional, specify homedir of domain by specifying a directory (relative to customer-docroot), be - * aware, if path starts with / it it considered a full path, not relative to customer-docroot. Also + * aware, if path starts with / it is considered a full path, not relative to customer-docroot. Also * specifying a URL is possible here (redirect), default empty (autogenerated) * @param bool $phpenabled * optional, whether php is enabled for this domain, default 0 (false) @@ -241,7 +241,7 @@ class Domains extends ApiCommand implements ResourceEntity * optional, do NOT set the systems default ssl ip addresses if none are given via $ssl_ipandport * parameter * @param bool $sslenabled - * optional, whether or not SSL is enabled for this domain, regardless of the assigned ssl-ips, default + * optional, whether SSL is enabled for this domain, regardless of the assigned ssl-ips, default * 1 (true) * @param bool $http2 * optional, whether to enable http/2 for this domain (requires to be enabled in the settings), default @@ -249,9 +249,9 @@ class Domains extends ApiCommand implements ResourceEntity * @param int $hsts_maxage * optional max-age value for HSTS header * @param bool $hsts_sub - * optional whether or not to add subdomains to the HSTS header + * optional whether to add subdomains to the HSTS header * @param bool $hsts_preload - * optional whether or not to preload HSTS header value + * optional whether to preload HSTS header value * @param bool $ocsp_stapling * optional whether to enable ocsp-stapling for this domain. default 0 (false), requires SSL * @param bool $honorcipherorder @@ -260,7 +260,7 @@ class Domains extends ApiCommand implements ResourceEntity * optional whether to enable or disable TLS sessiontickets (RFC 5077) for this domain. default 1 * (true), requires SSL * @param bool $override_tls - * optional whether or not to override system-tls settings like protocol, ssl-ciphers and if applicable + * optional whether to override system-tls settings like protocol, ssl-ciphers and if applicable * tls-1.3 ciphers, requires change_serversettings flag for the admin, default false * @param array $ssl_protocols * optional list of allowed/used ssl/tls protocols, see system.ssl_protocols setting, only used/required @@ -1076,7 +1076,7 @@ class Domains extends ApiCommand implements ResourceEntity * @param string $ssl_specialsettings * optional, custom webserver vhost-content which is added to the generated ssl-vhost, default empty * @param bool $include_specialsettings - * optional, whether or not to include non-ssl specialsettings in the generated ssl-vhost, default false + * optional, whether to include non-ssl specialsettings in the generated ssl-vhost, default false * @param bool $specialsettingsforsubdomains * optional, whether to apply specialsettings to all subdomains of this domain, default is read from * setting system.apply_specialsettings_default @@ -1088,7 +1088,7 @@ class Domains extends ApiCommand implements ResourceEntity * optional, Enable writing an error-log file for this domain, default 1 (true) * @param string $documentroot * optional, specify homedir of domain by specifying a directory (relative to customer-docroot), be - * aware, if path starts with / it it considered a full path, not relative to customer-docroot. Also + * aware, if path starts with / it is considered a full path, not relative to customer-docroot. Also * specifying a URL is possible here (redirect), default empty (autogenerated) * @param bool $phpenabled * optional, whether php is enabled for this domain, default 0 (false) @@ -1117,7 +1117,7 @@ class Domains extends ApiCommand implements ResourceEntity * optional, if set to true and no $ssl_ipandport value is given, the ip's get removed, otherwise, the * currently set value is used, default false * @param bool $sslenabled - * optional, whether or not SSL is enabled for this domain, regardless of the assigned ssl-ips, default + * optional, whether SSL is enabled for this domain, regardless of the assigned ssl-ips, default * 1 (true) * @param bool $http2 * optional, whether to enable http/2 for this domain (requires to be enabled in the settings), default @@ -1125,9 +1125,9 @@ class Domains extends ApiCommand implements ResourceEntity * @param int $hsts_maxage * optional max-age value for HSTS header * @param bool $hsts_sub - * optional whether or not to add subdomains to the HSTS header + * optional whether to add subdomains to the HSTS header * @param bool $hsts_preload - * optional whether or not to preload HSTS header value + * optional whether to preload HSTS header value * @param bool $ocsp_stapling * optional whether to enable ocsp-stapling for this domain. default 0 (false), requires SSL * @param bool $honorcipherorder @@ -2187,4 +2187,114 @@ class Domains extends ApiCommand implements ResourceEntity } throw new Exception("Not allowed to execute given command.", 403); } + + /** + * duplicate domain entry by either id or domainname. All parameters from Domains.add() can be used + * to overwrite source entity values if necessary. + * + * @param int $id + * optional, the domain-id + * @param string $domainname + * optional, the domainname + * @param string $domain + * required, name of the new domain to be added + * + * @access admin + * @return string json-encoded array + * @throws Exception + */ + public function duplicate() + { + if ($this->isAdmin()) { + // parameters + $id = $this->getParam('id', true, 0); + $dn_optional = $id > 0; + $domainname = $this->getParam('domainname', $dn_optional, ''); + $p_domain = $this->getParam('domain'); + + // get requested domain + $result = $this->apiCall('Domains.get', [ + 'id' => $id, + 'domainname' => $domainname, + ]); + + // clear some defaults + unset($result['domain_ace']); + unset($result['adminid']); + unset($result['documentroot']); + unset($result['registration_date']); + unset($result['termination_date']); + unset($result['zonefile']); + // clear auto-generated values + unset($result['bindserial']); + unset($result['dkim_privkey']); + unset($result['dkim_pubkey']); + // clear api-call generated fields + unset($result['domain_hascert']); + + // set correct ip/port information + $domain_ips = $result['ipsandports']; + unset($result['ipsandports']); + $result['ipandport'] = []; + $result['ssl_ipandport'] = []; + foreach ($domain_ips as $dip) { + if ($dip['ssl'] == 1) { + $result['ssl_ipandport'][] = $dip['id']; + } else { + $result['ipandport'][] = $dip['id']; + } + } + + // check whether we are changing the customer/owner + if ($this->getParam('customerid', true, 0) == 0 && $this->getParam('loginname', true, '') == '') { + $customerid = $result['customerid']; + } else { + $customer = $this->getCustomerData(); + $customerid = $customer['customerid']; + } + + // check for alias-domain and whether it belongs to the target user + if (!empty($result['aliasdomain']) && $customerid == $result['customerid']) { + // duplicate alias entry + $result['alias'] = $result['aliasdomain']; + } + unset($result['aliasdomain']); + + // validate possible fpm configs and whether the customer is allowed to use them + if ($customerid != $result['customerid']) { + $allowed_phpconfigs = json_decode($customer['allowed_phpconfigs'] ?? '[]', true); + if (empty($allowed_phpconfigs)) { + // system defaults + unset($result['phpsettingid']); + } elseif (!in_array($result['phpsettingid'], $allowed_phpconfigs)) { + // use the first customer allowed config + $result['phpsettingid'] = array_shift($allowed_phpconfigs); + } + } + + // translate serveralias values + $result['selectserveralias'] = 2; + if ((int)$result['wwwserveralias'] == 1) { + $result['selectserveralias'] = 1; + } elseif ((int)$result['iswildcarddomain'] == 1) { + $result['selectserveralias'] = 0; + } + unset($result['wwwserveralias']); + unset($result['iswildcarddomain']); + + $additional_params = $this->getParamList(); + // unset unneeded params from this call + unset($additional_params['id']); + unset($additional_params['domainname']); + unset($additional_params['domain']); + + // set new values and merge with optional add() parameters + $new_domain = array_merge($result, $additional_params); + $new_domain['domain'] = $p_domain; + + $result_new = $this->apiCall('Domains.add', $new_domain); + return $this->response($result_new); + } + throw new Exception("Not allowed to execute given command.", 403); + } } diff --git a/tests/Domains/DomainsTest.php b/tests/Domains/DomainsTest.php index 716f18e6..48a771f2 100644 --- a/tests/Domains/DomainsTest.php +++ b/tests/Domains/DomainsTest.php @@ -385,6 +385,26 @@ class DomainsTest extends TestCase * * @depends testAdminDomainsMove */ + public function testAdminDomainsDuplicate() + { + global $admin_userdata; + $data = [ + 'domainname' => 'test.local', + 'domain' => 'test.duplicate.local', + 'description' => 'duplicated domain' + ]; + $json_result = Domains::getLocal($admin_userdata, $data)->duplicate(); + $result = json_decode($json_result, true)['data']; + $this->assertEquals('/var/customers/webs/test3/test.duplicate.local/', $result['documentroot']); + $this->assertEquals(1, $result['email_only']); + $this->assertEquals('test.duplicate.local', $result['domain']); + $this->assertEquals('duplicated domain', $result['description']); + } + + /** + * + * @depends testAdminDomainsDuplicate + */ public function testAdminDomainsDelete() { global $admin_userdata; From 233bf27afed66a34675c180301879beaa5870c8f Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Wed, 24 May 2023 16:02:07 +0200 Subject: [PATCH 05/87] add Froxlor.generateLoginLink() API call to allow generation of one-time-login links for customers, thx to INWX for supporting and sponsoring this feature Signed-off-by: Michael Kaufmann --- index.php | 55 +++++++++++++++- install/froxlor.sql.php | 11 +++- install/updates/froxlor/update_2.x.inc.php | 14 +++- lib/Froxlor/Api/Commands/Froxlor.php | 74 ++++++++++++++++++++++ lib/Froxlor/Api/FroxlorRPC.php | 4 +- lib/Froxlor/Cli/MasterCron.php | 3 + lib/Froxlor/Froxlor.php | 2 +- lib/tables.inc.php | 1 + lng/de.lng.php | 1 + lng/en.lng.php | 1 + 10 files changed, 160 insertions(+), 6 deletions(-) diff --git a/index.php b/index.php index d59146e3..de0b38f4 100644 --- a/index.php +++ b/index.php @@ -26,6 +26,7 @@ const AREA = 'login'; require __DIR__ . '/lib/init.php'; +use Froxlor\Api\FroxlorRPC; use Froxlor\CurrentUser; use Froxlor\Customer\Customer; use Froxlor\Database\Database; @@ -37,10 +38,10 @@ use Froxlor\PhpHelper; use Froxlor\Settings; use Froxlor\System\Crypt; use Froxlor\UI\Panel\UI; +use Froxlor\UI\Request; use Froxlor\UI\Response; use Froxlor\User; use Froxlor\Validate\Validate; -use Froxlor\Language; if ($action == '') { $action = 'login'; @@ -730,6 +731,58 @@ if ($action == 'resetpwd') { } } +// one-time link login +if ($action == 'll') { + if (!Froxlor::hasUpdates() && !Froxlor::hasDbUpdates()) { + $loginname = Request::get('ln'); + $hash = Request::get('h'); + if ($loginname && $hash) { + $sel_stmt = Database::prepare(" + SELECT * FROM `" . TABLE_PANEL_LOGINLINKS . "` + WHERE `loginname` = :loginname AND `hash` = :hash + "); + try { + $entry = Database::pexecute_first($sel_stmt, ['loginname' => $loginname, 'hash' => $hash]); + } catch (Exception $e) { + $entry = false; + } + if ($entry) { + // delete entry + $del_stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_LOGINLINKS . "` WHERE `loginname` = :loginname AND `hash` = :hash"); + Database::pexecute($del_stmt, ['loginname' => $loginname, 'hash' => $hash]); + if (time() <= $entry['valid_until']) { + $valid = true; + // validate source ip if specified + if (!empty($entry['allowed_from'])) { + $valid = false; + $ip_list = explode(",", $entry['allowed_from']); + if (FroxlorRPC::validateAllowedFrom($ip_list, $_SERVER['REMOTE_ADDR'])) { + $valid = true; + } + } + if ($valid) { + // login user / select only non-deactivated (in case the user got deactivated after generating the link) + $userinfo_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `loginname`= :loginname AND `deactivated` = 0"); + try { + $userinfo = Database::pexecute_first($userinfo_stmt, [ + "loginname" => $loginname + ]); + } catch (Exception $e) { + $userinfo = false; + } + if ($userinfo) { + $userinfo['userid'] = $userinfo['customerid']; + $userinfo['adminsession'] = 0; + finishLogin($userinfo); + } + } + } + } + } + } + Response::redirectTo('index.php'); +} + function finishLogin($userinfo) { if (isset($userinfo['userid']) && $userinfo['userid'] != '') { diff --git a/install/froxlor.sql.php b/install/froxlor.sql.php index a4cb7c5a..57901d03 100644 --- a/install/froxlor.sql.php +++ b/install/froxlor.sql.php @@ -744,7 +744,7 @@ opcache.validate_timestamps'), ('panel', 'logo_overridecustom', '0'), ('panel', 'settings_mode', '0'), ('panel', 'version', '2.0.19'), - ('panel', 'db_version', '202305230'); + ('panel', 'db_version', '202305240'); DROP TABLE IF EXISTS `panel_tasks`; @@ -1051,4 +1051,13 @@ CREATE TABLE `panel_usercolumns` ( KEY adminid (adminid), KEY customerid (customerid) ) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci; + +DROP TABLE IF EXISTS `panel_loginlinks`; +CREATE TABLE `panel_loginlinks` ( + `hash` varchar(500) NOT NULL, + `loginname` varchar(50) NOT NULL, + `valid_until` int(15) NOT NULL, + `allowed_from` text NOT NULL, + UNIQUE KEY `loginname` (`loginname`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci; FROXLORSQL; diff --git a/install/updates/froxlor/update_2.x.inc.php b/install/updates/froxlor/update_2.x.inc.php index 50f0f3cb..30eafde4 100644 --- a/install/updates/froxlor/update_2.x.inc.php +++ b/install/updates/froxlor/update_2.x.inc.php @@ -498,5 +498,17 @@ if (Froxlor::isDatabaseVersion('202304260')) { Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` DROP COLUMN `ismainbutsubto`;"); Update::lastStepStatus(0); - Froxlor::updateToDbVersion('202305230'); + Update::showUpdateStep("Creating new tables and fields"); + Database::query("DROP TABLE IF EXISTS `panel_loginlinks`;"); + $sql = "CREATE TABLE `panel_loginlinks` ( + `hash` varchar(500) NOT NULL, + `loginname` varchar(50) NOT NULL, + `valid_until` int(15) NOT NULL, + `allowed_from` text NOT NULL, + UNIQUE KEY `loginname` (`loginname`) + ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;"; + Database::query($sql); + Update::lastStepStatus(0); + + Froxlor::updateToDbVersion('202305240'); } diff --git a/lib/Froxlor/Api/Commands/Froxlor.php b/lib/Froxlor/Api/Commands/Froxlor.php index 690b5880..d7cb4920 100644 --- a/lib/Froxlor/Api/Commands/Froxlor.php +++ b/lib/Froxlor/Api/Commands/Froxlor.php @@ -37,6 +37,7 @@ use Froxlor\Settings; use Froxlor\SImExporter; use Froxlor\System\Cronjob; use Froxlor\System\Crypt; +use Froxlor\Validate\Validate; use PDO; use RecursiveDirectoryIterator; use RecursiveIteratorIterator; @@ -269,6 +270,79 @@ class Froxlor extends ApiCommand return $this->response(Crypt::generatePassword($length)); } + /** + * return a one-time login link URL for a given user + * + * @param int $customerid optional, required if $loginname is not specified, user to create link for + * @param string $loginname optional, required if $customerid is not specified, user to create link for + * @param int $valid_time optional, value in seconds how long the link will be valid, default is 10 seconds, valid values are numbers from 10 to 120 + * @param string $allowed_from optional, comma separated list of ip addresses or networks to allow login from via this link + * + * @access admin + * @return string json-encoded array [base => domain, uri => relative link] + * @throws Exception + */ + public function generateLoginLink() + { + if ($this->isAdmin()) { + $customer = $this->getCustomerData(); + + // cannot create link for deactivated users + if ((int)$customer['deactivated'] == 1) { + throw new Exception("Cannot generate link for deactivated user", 406); + } + + $valid_time = (int)$this->getParam('valid_time', true, 10); + $allowed_from = $this->getParam('allowed_from', true, ''); + + $valid_time = Validate::validate($valid_time, 'valid time', '/^(1[0-1][0-9]|120|[1-9][0-9])$/', 'invalid_validtime', [10], true); + + // validate allowed_from + if (!empty($allowed_from)) { + $ip_list = array_map('trim', explode(",", $allowed_from)); + $_check_list = $ip_list; + foreach ($_check_list as $idx => $ip) { + if (Validate::validate_ip2($ip, true, 'invalidip', true, true, true) == false) { + throw new Exception('Invalid ip address', 406); + } + // check for cidr + if (strpos($ip, '/') !== false) { + $ipparts = explode("/", $ip); + // shorten IP + $ip = inet_ntop(inet_pton($ipparts[0])); + // re-add cidr + $ip .= '/' . $ipparts[1]; + } else { + // shorten IP + $ip = inet_ntop(inet_pton($ip)); + } + $ip_list[$idx] = $ip; + } + $allowed_from = implode(",", array_unique($ip_list)); + } + + $hash = hash('sha256', openssl_random_pseudo_bytes(64 * 64)); + + $ins_stmt = Database::prepare(" + INSERT INTO `" . TABLE_PANEL_LOGINLINKS . "` + SET `hash` = :hash, `loginname` = :loginname, `valid_until` = :validuntil, `allowed_from` = :allowedfrom + ON DUPLICATE KEY UPDATE `hash` = :hash, `valid_until` = :validuntil, `allowed_from` = :allowedfrom + "); + Database::pexecute($ins_stmt, [ + 'hash' => $hash, + 'loginname' => $customer['loginname'], + 'validuntil' => time() + $valid_time, + 'allowedfrom' => $allowed_from + ]); + + return $this->response([ + 'base' => 'https://' . Settings::Get('system.hostname') . '/' . (Settings::Get('system.froxlordirectlyviahostname') != 1 ? basename(\Froxlor\Froxlor::getInstallDir()) . '/' : ''), + 'uri' => 'index.php?action=ll&ln=' . $customer['loginname'] . '&h=' . $hash + ]); + } + throw new Exception("Not allowed to execute given command.", 403); + } + /** * can be used to remotely run the integritiy checks froxlor implements * diff --git a/lib/Froxlor/Api/FroxlorRPC.php b/lib/Froxlor/Api/FroxlorRPC.php index 4a85872b..ed5398dd 100644 --- a/lib/Froxlor/Api/FroxlorRPC.php +++ b/lib/Froxlor/Api/FroxlorRPC.php @@ -112,11 +112,11 @@ class FroxlorRPC * * @return bool */ - private static function validateAllowedFrom(array $allowed_from, string $remote_addr): bool + public static function validateAllowedFrom(array $allowed_from, string $remote_addr): bool { // shorten IP for comparison $remote_addr = inet_ntop(inet_pton($remote_addr)); - // check for diret matches + // check for direct matches if (in_array($remote_addr, $allowed_from)) { return true; } diff --git a/lib/Froxlor/Cli/MasterCron.php b/lib/Froxlor/Cli/MasterCron.php index 72d43f70..ec85d230 100644 --- a/lib/Froxlor/Cli/MasterCron.php +++ b/lib/Froxlor/Cli/MasterCron.php @@ -166,6 +166,9 @@ final class MasterCron extends CliCommand FroxlorLogger::getInstanceOf()->setCronLog(0); } + // clean up possible old login-links + Database::query("DELETE FROM `" . TABLE_PANEL_LOGINLINKS . "` WHERE `valid_until` < UNIX_TIMESTAMP()"); + return $result; } diff --git a/lib/Froxlor/Froxlor.php b/lib/Froxlor/Froxlor.php index df17100a..39f4aab5 100644 --- a/lib/Froxlor/Froxlor.php +++ b/lib/Froxlor/Froxlor.php @@ -34,7 +34,7 @@ final class Froxlor const VERSION = '2.0.19'; // Database version (YYYYMMDDC where C is a daily counter) - const DBVERSION = '202305230'; + const DBVERSION = '202305240'; // Distribution branding-tag (used for Debian etc.) const BRANDING = ''; diff --git a/lib/tables.inc.php b/lib/tables.inc.php index 43c52b08..26214333 100644 --- a/lib/tables.inc.php +++ b/lib/tables.inc.php @@ -56,3 +56,4 @@ const TABLE_PANEL_FPMDAEMONS = 'panel_fpmdaemons'; const TABLE_PANEL_PLANS = 'panel_plans'; const TABLE_API_KEYS = 'api_keys'; const TABLE_PANEL_USERCOLUMNS = 'panel_usercolumns'; +const TABLE_PANEL_LOGINLINKS = 'panel_loginlinks'; diff --git a/lng/de.lng.php b/lng/de.lng.php index b899a717..6cf9fcf9 100644 --- a/lng/de.lng.php +++ b/lng/de.lng.php @@ -926,6 +926,7 @@ return [ '2fa_wrongcode' => 'Der angegebene Code ist nicht korrekt', 'gnupgextensionnotavailable' => 'Die PHP GnuPG Extension ist nicht verfügbar. PGP Schlüssel können nicht validiert werden.', 'invalidpgppublickey' => 'Der angegebene PGP Public Key ist ungültig', + 'invalid_validtime' => 'Wert der valid_time in Sekunden muss zwischen 10 und 120 liegen.', ], 'extras' => [ 'description' => 'Hier können Sie zusätzliche Extras einrichten, wie zum Beispiel einen Verzeichnisschutz.
Die Änderungen sind erst nach einer kurzen Zeit wirksam.', diff --git a/lng/en.lng.php b/lng/en.lng.php index d4cb30fa..9169ec37 100644 --- a/lng/en.lng.php +++ b/lng/en.lng.php @@ -995,6 +995,7 @@ return [ '2fa_wrongcode' => 'The code entered is not valid', 'gnupgextensionnotavailable' => 'The PHP GnuPG extension is not available. Unable to validate PGP Public Key', 'invalidpgppublickey' => 'The PGP Public Key is not valid', + 'invalid_validtime' => 'Valid time in seconds can only be between 10 and 120', ], 'extras' => [ 'description' => 'Here you can add some extras, for example directory protection.
The system will need some time to apply the new settings after every change.', From 8deaf6a0139309f25fc1e6ef6ab7eb37662b083f Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Thu, 25 May 2023 12:33:43 +0200 Subject: [PATCH 06/87] frontend implementation of Domains.duplicate() Signed-off-by: Michael Kaufmann --- admin_domains.php | 17 ++++++++ lib/Froxlor/UI/Callbacks/Text.php | 43 +++++++++++++++++++ .../admin/tablelisting.domains.php | 5 +++ lng/de.lng.php | 2 + lng/en.lng.php | 2 + templates/Froxlor/user/inline-form.html.twig | 2 +- 6 files changed, 70 insertions(+), 1 deletion(-) diff --git a/admin_domains.php b/admin_domains.php index c295387c..408e64bc 100644 --- a/admin_domains.php +++ b/admin_domains.php @@ -636,6 +636,23 @@ if ($page == 'domains' || $page == 'overview') { 'alert_msg' => lng('domains.import_description') ]); } + } elseif ($action == 'duplicate') { + if (isset($_POST['send']) && $_POST['send'] == 'send') { + try { + Domains::getLocal($userinfo, $_POST)->duplicate(); + } catch (Exception $e) { + Response::dynamicError($e->getMessage()); + } + Response::redirectTo($filename, [ + 'page' => $page, + 'searchfield' => 'd.domain_ace', + 'searchtext' => $_POST['domain'] ?? "" + ]); + } else { + Response::redirectTo($filename, [ + 'page' => 'overview' + ]); + } } } elseif ($page == 'domainssleditor') { require_once __DIR__ . '/ssl_editor.php'; diff --git a/lib/Froxlor/UI/Callbacks/Text.php b/lib/Froxlor/UI/Callbacks/Text.php index 3edfb72e..2ec9735e 100644 --- a/lib/Froxlor/UI/Callbacks/Text.php +++ b/lib/Froxlor/UI/Callbacks/Text.php @@ -25,10 +25,13 @@ namespace Froxlor\UI\Callbacks; +use Froxlor\CurrentUser; +use Froxlor\Database\Database; use Froxlor\Froxlor; use Froxlor\PhpHelper; use Froxlor\UI\Panel\UI; use Froxlor\User; +use PDO; class Text { @@ -105,4 +108,44 @@ class Text 'body' => $body ]; } + + public static function domainDuplicateModal(array $attributes): array + { + $linker = UI::getLinker(); + $result = $attributes['fields']; + + $customers = [ + 0 => lng('panel.please_choose') + ]; + $result_customers_stmt = Database::prepare(" + SELECT `customerid`, `loginname`, `name`, `firstname`, `company` + FROM `" . TABLE_PANEL_CUSTOMERS . "` " . (CurrentUser::getField('customers_see_all') ? '' : " WHERE `adminid` = :adminid ") . " + ORDER BY COALESCE(NULLIF(`name`,''), `company`) ASC + "); + $params = []; + if (CurrentUser::getField('customers_see_all') == '0') { + $params['adminid'] = CurrentUser::getField('adminid'); + } + Database::pexecute($result_customers_stmt, $params); + + while ($row_customer = $result_customers_stmt->fetch(PDO::FETCH_ASSOC)) { + $customers[$row_customer['customerid']] = User::getCorrectFullUserDetails($row_customer) . ' (' . $row_customer['loginname'] . ')'; + } + + $domdup_data = include Froxlor::getInstallDir() . '/lib/formfields/admin/domains/formfield.domains_duplicate.php'; + + $body = UI::twig()->render(UI::validateThemeTemplate('/user/inline-form.html.twig'), [ + 'formaction' => $linker->getLink(['section' => 'domains', 'page' => 'domains', 'action' => 'duplicate']), + 'formdata' => $domdup_data['domain_duplicate'], + 'editid' => $attributes['fields']['id'], + 'nosubmit' => 0 + ]); + return [ + 'entry' => $attributes['fields']['id'], + 'id' => 'ddModal' . $attributes['fields']['id'], + 'title' => lng('admin.domain_duplicate_named', [$attributes['fields']['domain']]), + 'action' => 'duplicate', + 'body' => $body + ]; + } } diff --git a/lib/tablelisting/admin/tablelisting.domains.php b/lib/tablelisting/admin/tablelisting.domains.php index 11f8ec5e..17aa75bc 100644 --- a/lib/tablelisting/admin/tablelisting.domains.php +++ b/lib/tablelisting/admin/tablelisting.domains.php @@ -161,6 +161,11 @@ return [ 'id' => ':id' ], ], + 'duplicate' => [ + 'icon' => 'fa-solid fa-clone', + 'title' => lng('admin.domain_duplicate'), + 'modal' => [Text::class, 'domainDuplicateModal'], + ], 'logfiles' => [ 'icon' => 'fa-solid fa-file', 'title' => lng('panel.viewlogs'), diff --git a/lng/de.lng.php b/lng/de.lng.php index b899a717..e6c25761 100644 --- a/lng/de.lng.php +++ b/lng/de.lng.php @@ -489,6 +489,8 @@ return [ 'adminguide' => 'Admin Guide', 'userguide' => 'User Guide', 'apiguide' => 'API Guide', + 'domain_duplicate' => 'Domain duplizieren', + 'domain_duplicate_named' => '%s duplizieren', ], 'apikeys' => [ 'no_api_keys' => 'Keine API Keys gefunden', diff --git a/lng/en.lng.php b/lng/en.lng.php index d4cb30fa..97f60ce4 100644 --- a/lng/en.lng.php +++ b/lng/en.lng.php @@ -500,6 +500,8 @@ return [ 'adminguide' => 'Admin guide', 'userguide' => 'User guide', 'apiguide' => 'API guide', + 'domain_duplicate' => 'Duplicate domain', + 'domain_duplicate_named' => 'Duplicate %s', ], 'apcuinfo' => [ 'clearcache' => 'Clear APCu cache', diff --git a/templates/Froxlor/user/inline-form.html.twig b/templates/Froxlor/user/inline-form.html.twig index 0df2fc4d..7c92faa1 100644 --- a/templates/Froxlor/user/inline-form.html.twig +++ b/templates/Froxlor/user/inline-form.html.twig @@ -1,2 +1,2 @@ {% import "Froxlor/form/form.html.twig" as form %} -{{ form.form(formdata, formaction|default('#'), formdata.title, editid|default(''), true, idprefix|default('')) }} +{{ form.form(formdata, formaction|default('#'), formdata.title, editid|default(''), nosubmit|default(true), idprefix|default('')) }} From 84599011cf2f3836c570eb904b889e0aaf95b701 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Fri, 26 May 2023 12:53:27 +0200 Subject: [PATCH 07/87] Allow editing/viewing of standard subdomain for customer, fixes #1121 Signed-off-by: Michael Kaufmann --- lib/Froxlor/Api/Commands/SubDomains.php | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/lib/Froxlor/Api/Commands/SubDomains.php b/lib/Froxlor/Api/Commands/SubDomains.php index 433871f0..3f95a2a1 100644 --- a/lib/Froxlor/Api/Commands/SubDomains.php +++ b/lib/Froxlor/Api/Commands/SubDomains.php @@ -865,7 +865,7 @@ class SubDomains extends ApiCommand implements ResourceEntity } /** - * lists all subdomain entries + * lists all customer domain/subdomain entries * * @param bool $with_ips * optional, default true @@ -910,17 +910,12 @@ class SubDomains extends ApiCommand implements ResourceEntity $custom_list_result = $_custom_list_result['list']; } $customer_ids = []; - $customer_stdsubs = []; foreach ($custom_list_result as $customer) { $customer_ids[] = $customer['customerid']; - $customer_stdsubs[$customer['customerid']] = $customer['standardsubdomain']; } if (empty($customer_ids)) { throw new Exception("Required resource unsatisfied.", 405); } - if (empty($customer_stdsubs)) { - throw new Exception("Required resource unsatisfied.", 405); - } $select_fields = [ '`d`.*' @@ -932,9 +927,6 @@ class SubDomains extends ApiCommand implements ResourceEntity $customer_ids = [ $this->getUserDetail('customerid') ]; - $customer_stdsubs = [ - $this->getUserDetail('customerid') => $this->getUserDetail('standardsubdomain') - ]; $select_fields = [ '`d`.`id`', @@ -963,7 +955,7 @@ class SubDomains extends ApiCommand implements ResourceEntity LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `pd` ON `pd`.`id`=`d`.`parentdomainid` WHERE `d`.`customerid` IN (" . implode(', ', $customer_ids) . ") AND `d`.`email_only` = '0' - AND `d`.`id` NOT IN (" . implode(', ', $customer_stdsubs) . ")" . $this->getSearchWhere($query_fields, true) . " GROUP BY `d`.`id` ORDER BY `parentdomainname` ASC, `d`.`parentdomainid` ASC " . $this->getOrderBy(true) . $this->getLimit()); + " . $this->getSearchWhere($query_fields, true) . " GROUP BY `d`.`id` ORDER BY `parentdomainname` ASC, `d`.`parentdomainid` ASC " . $this->getOrderBy(true) . $this->getLimit()); $result = []; Database::pexecute($domains_stmt, $query_fields, true, true); From 426f20447325a729e0ce897d8ecc8e6532358f1e Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Fri, 26 May 2023 13:15:01 +0200 Subject: [PATCH 08/87] specify default search-field for on-page listing-search/filter Signed-off-by: Michael Kaufmann --- lib/Froxlor/UI/Listing.php | 1 + lib/tablelisting/admin/tablelisting.admins.php | 1 + lib/tablelisting/admin/tablelisting.domains.php | 1 + lib/tablelisting/admin/tablelisting.fpmconfigs.php | 1 + lib/tablelisting/admin/tablelisting.ipsandports.php | 1 + lib/tablelisting/admin/tablelisting.mysqlserver.php | 1 + lib/tablelisting/admin/tablelisting.phpconfigs.php | 1 + lib/tablelisting/admin/tablelisting.plans.php | 1 + templates/Froxlor/table/table.html.twig | 2 +- 9 files changed, 9 insertions(+), 1 deletion(-) diff --git a/lib/Froxlor/UI/Listing.php b/lib/Froxlor/UI/Listing.php index 3d3be00a..c32f30f4 100644 --- a/lib/Froxlor/UI/Listing.php +++ b/lib/Froxlor/UI/Listing.php @@ -230,6 +230,7 @@ class Listing 'label' => $coldata['label'], 'checked' => in_array($column, $tabellisting['visible_columns']), 'searchable' => $coldata['searchable'] ?? true, + 'isdefaultsearchfield' => $coldata['isdefaultsearchfield'] ?? false, ]; } } diff --git a/lib/tablelisting/admin/tablelisting.admins.php b/lib/tablelisting/admin/tablelisting.admins.php index aaa82126..d9abf86d 100644 --- a/lib/tablelisting/admin/tablelisting.admins.php +++ b/lib/tablelisting/admin/tablelisting.admins.php @@ -48,6 +48,7 @@ return [ 'field' => 'loginname', 'callback' => [Impersonate::class, 'admin'], 'sortable' => true, + 'isdefaultsearchfield' => true, ], 'name' => [ 'label' => lng('customer.name'), diff --git a/lib/tablelisting/admin/tablelisting.domains.php b/lib/tablelisting/admin/tablelisting.domains.php index 17aa75bc..3c484e11 100644 --- a/lib/tablelisting/admin/tablelisting.domains.php +++ b/lib/tablelisting/admin/tablelisting.domains.php @@ -48,6 +48,7 @@ return [ 'd.domain_ace' => [ 'label' => lng('domains.domainname'), 'field' => 'domain_ace', + 'isdefaultsearchfield' => true, ], 'ipsandports' => [ 'label' => lng('admin.ipsandports.ipsandports'), diff --git a/lib/tablelisting/admin/tablelisting.fpmconfigs.php b/lib/tablelisting/admin/tablelisting.fpmconfigs.php index bae9c366..2d2ac0bc 100644 --- a/lib/tablelisting/admin/tablelisting.fpmconfigs.php +++ b/lib/tablelisting/admin/tablelisting.fpmconfigs.php @@ -41,6 +41,7 @@ return [ 'description' => [ 'label' => lng('admin.phpsettings.description'), 'field' => 'description', + 'isdefaultsearchfield' => true, ], 'configs' => [ 'label' => lng('admin.phpsettings.activephpconfigs'), diff --git a/lib/tablelisting/admin/tablelisting.ipsandports.php b/lib/tablelisting/admin/tablelisting.ipsandports.php index 47046c48..b5f920fd 100644 --- a/lib/tablelisting/admin/tablelisting.ipsandports.php +++ b/lib/tablelisting/admin/tablelisting.ipsandports.php @@ -37,6 +37,7 @@ return [ 'ip' => [ 'label' => lng('admin.ipsandports.ip'), 'field' => 'ip', + 'isdefaultsearchfield' => true, ], 'port' => [ 'label' => lng('admin.ipsandports.port'), diff --git a/lib/tablelisting/admin/tablelisting.mysqlserver.php b/lib/tablelisting/admin/tablelisting.mysqlserver.php index 53877395..01efcf40 100644 --- a/lib/tablelisting/admin/tablelisting.mysqlserver.php +++ b/lib/tablelisting/admin/tablelisting.mysqlserver.php @@ -40,6 +40,7 @@ return [ 'caption' => [ 'label' => lng('admin.mysqlserver.caption'), 'field' => 'caption', + 'isdefaultsearchfield' => true, ], 'host' => [ 'label' => lng('admin.mysqlserver.host'), diff --git a/lib/tablelisting/admin/tablelisting.phpconfigs.php b/lib/tablelisting/admin/tablelisting.phpconfigs.php index 207f90b4..a2f025b1 100644 --- a/lib/tablelisting/admin/tablelisting.phpconfigs.php +++ b/lib/tablelisting/admin/tablelisting.phpconfigs.php @@ -42,6 +42,7 @@ return [ 'c.description' => [ 'label' => lng('admin.phpsettings.description'), 'field' => 'description', + 'isdefaultsearchfield' => true, ], 'domains' => [ 'label' => lng('admin.phpsettings.activedomains'), diff --git a/lib/tablelisting/admin/tablelisting.plans.php b/lib/tablelisting/admin/tablelisting.plans.php index a4e08ed2..be4dd5ff 100644 --- a/lib/tablelisting/admin/tablelisting.plans.php +++ b/lib/tablelisting/admin/tablelisting.plans.php @@ -40,6 +40,7 @@ return [ 'p.name' => [ 'label' => lng('admin.plans.name'), 'field' => 'name', + 'isdefaultsearchfield' => true, ], 'p.description' => [ 'label' => lng('admin.plans.description'), diff --git a/templates/Froxlor/table/table.html.twig b/templates/Froxlor/table/table.html.twig index 939b9b00..32d9dcb7 100644 --- a/templates/Froxlor/table/table.html.twig +++ b/templates/Froxlor/table/table.html.twig @@ -111,7 +111,7 @@ From 0b685d569f66d1b631683e6673c11ee4e6090e90 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Fri, 26 May 2023 13:58:41 +0200 Subject: [PATCH 09/87] start to integrate domain-deactivated flag in UI Signed-off-by: Michael Kaufmann --- lib/Froxlor/Api/Commands/Domains.php | 18 +++++++++++++++--- lib/Froxlor/Api/Commands/SubDomains.php | 3 ++- lib/Froxlor/UI/Callbacks/Domain.php | 13 +++++++++---- lib/Froxlor/UI/Callbacks/Style.php | 3 ++- .../admin/domains/formfield.domains_edit.php | 8 +++++++- 5 files changed, 35 insertions(+), 10 deletions(-) diff --git a/lib/Froxlor/Api/Commands/Domains.php b/lib/Froxlor/Api/Commands/Domains.php index 1b4bf6f2..475f458e 100644 --- a/lib/Froxlor/Api/Commands/Domains.php +++ b/lib/Froxlor/Api/Commands/Domains.php @@ -76,7 +76,7 @@ class Domains extends ApiCommand implements ResourceEntity $query_fields = []; $result_stmt = Database::prepare(" SELECT - `d`.*, `c`.`loginname`, `c`.`deactivated`, `c`.`name`, `c`.`firstname`, `c`.`company`, `c`.`standardsubdomain`, `c`.`adminid` as customeradmin, + `d`.*, `c`.`loginname`, `c`.`deactivated` as `customer_deactivated`, `c`.`name`, `c`.`firstname`, `c`.`company`, `c`.`standardsubdomain`, `c`.`adminid` as customeradmin, `ad`.`id` AS `aliasdomainid`, `ad`.`domain` AS `aliasdomain` FROM `" . TABLE_PANEL_DOMAINS . "` `d` LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) @@ -1137,6 +1137,8 @@ class Domains extends ApiCommand implements ResourceEntity * (true), requires SSL * @param string $description * optional custom description (currently not used/shown in the frontend), default empty + * @param bool $deactivated + * optional, if 1 (true) the domain can be deactivated/suspended * * @access admin * @return string json-encoded array @@ -1232,6 +1234,7 @@ class Domains extends ApiCommand implements ResourceEntity $tlsv13_cipher_list = $result['tlsv13_cipher_list']; } $description = $this->getParam('description', true, $result['description']); + $deactivated = $this->getBoolParam('deactivated', true, $result['deactivated']); // count subdomain usage of source-domain $subdomains_stmt = Database::prepare(" @@ -1832,6 +1835,7 @@ class Domains extends ApiCommand implements ResourceEntity $update_data['honorcipherorder'] = $honorcipherorder; $update_data['sessiontickets'] = $sessiontickets; $update_data['description'] = $description; + $update_data['deactivated'] = $deactivated; $update_data['id'] = $id; $update_stmt = Database::prepare(" @@ -1878,11 +1882,17 @@ class Domains extends ApiCommand implements ResourceEntity `ssl_enabled` = :sslenabled, `ssl_honorcipherorder` = :honorcipherorder, `ssl_sessiontickets` = :sessiontickets, - `description` = :description + `description` = :description, + `deactivated` = :deactivated WHERE `id` = :id "); Database::pexecute($update_stmt, $update_data, true, true); + // activate/deactivate domain-based services + if ($deactivated != $result['deactivated']) { + // @TODO + } + $_update_data['customerid'] = $customerid; $_update_data['adminid'] = $adminid; $_update_data['phpenabled'] = $phpenabled; @@ -1900,6 +1910,7 @@ class Domains extends ApiCommand implements ResourceEntity $_update_data['honorcipherorder'] = $honorcipherorder; $_update_data['sessiontickets'] = $sessiontickets; $_update_data['parentdomainid'] = $id; + $_update_data['deactivated'] = $deactivated; // if php config is to be set for all subdomains, check here $update_phpconfig = ''; @@ -1932,7 +1943,8 @@ class Domains extends ApiCommand implements ResourceEntity `ssl_cipher_list` = :ssl_cipher_list, `tlsv13_cipher_list` = :tlsv13_cipher_list, `ssl_honorcipherorder` = :honorcipherorder, - `ssl_sessiontickets` = :sessiontickets + `ssl_sessiontickets` = :sessiontickets, + `deativated` = :deactivated " . $update_phpconfig . $upd_specialsettings . $updatechildren . $update_sslredirect . " WHERE `parentdomainid` = :parentdomainid "); diff --git a/lib/Froxlor/Api/Commands/SubDomains.php b/lib/Froxlor/Api/Commands/SubDomains.php index 3f95a2a1..be29ed3e 100644 --- a/lib/Froxlor/Api/Commands/SubDomains.php +++ b/lib/Froxlor/Api/Commands/SubDomains.php @@ -941,7 +941,8 @@ class SubDomains extends ApiCommand implements ResourceEntity '`d`.`parentdomainid`', '`d`.`letsencrypt`', '`d`.`registration_date`', - '`d`.`termination_date`' + '`d`.`termination_date`', + '`d`.`deactivated`' ]; } $query_fields = []; diff --git a/lib/Froxlor/UI/Callbacks/Domain.php b/lib/Froxlor/UI/Callbacks/Domain.php index 0bac2390..d56c83d6 100644 --- a/lib/Froxlor/UI/Callbacks/Domain.php +++ b/lib/Froxlor/UI/Callbacks/Domain.php @@ -51,6 +51,9 @@ class Domain public static function domainTarget(array $attributes) { if (empty($attributes['fields']['aliasdomain'])) { + if ($attributes['fields']['deactivated']) { + return lng('admin.deactivated'); + } // path or redirect if (preg_match('/^https?\:\/\//', $attributes['fields']['documentroot'])) { return [ @@ -80,7 +83,7 @@ class Domain } $result .= '' . $attributes['data'] . ''; // check for statistics if parentdomainid==0 to show stats-link for customers - if ((int)UI::getCurrentUser()['adminsession'] == 0 && $attributes['fields']['parentdomainid'] == 0) { + if ((int)UI::getCurrentUser()['adminsession'] == 0 && $attributes['fields']['parentdomainid'] == 0 && $attributes['fields']['deactivated'] == 0) { $statsapp = Settings::Get('system.traffictool'); $result .= ' '; } @@ -95,12 +98,12 @@ class Domain public static function canEdit(array $attributes): bool { - return (bool)$attributes['fields']['caneditdomain']; + return (bool)($attributes['fields']['caneditdomain'] && !$attributes['fields']['deactivated']); } public static function canViewLogs(array $attributes): bool { - if ((int)$attributes['fields']['email_only'] == 0) { + if ((int)$attributes['fields']['email_only'] == 0 && !$attributes['fields']['deactivated']) { if ((int)UI::getCurrentUser()['adminsession'] == 0 && (bool)UI::getCurrentUser()['logviewenabled']) { return true; } elseif ((int)UI::getCurrentUser()['adminsession'] == 1) { @@ -129,7 +132,8 @@ class Domain && UI::getCurrentUser()['dnsenabled'] == '1' && $attributes['fields']['caneditdomain'] == '1' && Settings::Get('system.bind_enable') == '1' - && Settings::Get('system.dnsenabled') == '1'; + && Settings::Get('system.dnsenabled') == '1' + && !$attributes['fields']['deactivated']; } public static function adminCanEditDNS(array $attributes): bool @@ -152,6 +156,7 @@ class Domain && (int)$attributes['fields']['caneditdomain'] == 1 && (int)$attributes['fields']['letsencrypt'] == 0 && (int)$attributes['fields']['email_only'] == 0 + && !$attributes['fields']['deactivated'] ) { return true; } diff --git a/lib/Froxlor/UI/Callbacks/Style.php b/lib/Froxlor/UI/Callbacks/Style.php index 7de6941b..6f19bee8 100644 --- a/lib/Froxlor/UI/Callbacks/Style.php +++ b/lib/Froxlor/UI/Callbacks/Style.php @@ -63,7 +63,8 @@ class Style $termination_css = 'bg-danger'; } } - return $attributes['fields']['deactivated'] ? 'bg-info' : $termination_css; + $deactivated = $attributes['fields']['deactivated'] || $attributes['fields']['customer_deactivated']; + return $deactivated ? 'bg-info' : $termination_css; } public static function resultCustomerLockedOrDeactivated(array $attributes): string diff --git a/lib/formfields/admin/domains/formfield.domains_edit.php b/lib/formfields/admin/domains/formfield.domains_edit.php index b6a9c308..00b00cbd 100644 --- a/lib/formfields/admin/domains/formfield.domains_edit.php +++ b/lib/formfields/admin/domains/formfield.domains_edit.php @@ -97,7 +97,13 @@ return [ 'type' => 'date', 'value' => $result['termination_date'], 'size' => 10 - ] + ], + 'deactivated' => [ + 'label' => lng('admin.deactivated'), + 'type' => 'checkbox', + 'value' => '1', + 'checked' => $result['deactivated'] + ], ] ], 'section_e' => [ From 63d81201de899fde18404fc3d2de243d967df5d9 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Fri, 26 May 2023 14:02:09 +0200 Subject: [PATCH 10/87] fix typo Signed-off-by: Michael Kaufmann --- lib/Froxlor/Api/Commands/Domains.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/Froxlor/Api/Commands/Domains.php b/lib/Froxlor/Api/Commands/Domains.php index 475f458e..22639b7d 100644 --- a/lib/Froxlor/Api/Commands/Domains.php +++ b/lib/Froxlor/Api/Commands/Domains.php @@ -1944,7 +1944,7 @@ class Domains extends ApiCommand implements ResourceEntity `tlsv13_cipher_list` = :tlsv13_cipher_list, `ssl_honorcipherorder` = :honorcipherorder, `ssl_sessiontickets` = :sessiontickets, - `deativated` = :deactivated + `deactivated` = :deactivated " . $update_phpconfig . $upd_specialsettings . $updatechildren . $update_sslredirect . " WHERE `parentdomainid` = :parentdomainid "); From ca5f36d91278f4ece572331722a6a87dd873dbd4 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Fri, 26 May 2023 21:24:08 +0200 Subject: [PATCH 11/87] corrected language index in system-settings, fixes #1145 Signed-off-by: Michael Kaufmann --- lng/de.lng.php | 8 ++------ lng/en.lng.php | 8 ++------ 2 files changed, 4 insertions(+), 12 deletions(-) diff --git a/lng/de.lng.php b/lng/de.lng.php index ff39aa19..616f92aa 100644 --- a/lng/de.lng.php +++ b/lng/de.lng.php @@ -2017,12 +2017,8 @@ Vielen Dank, Ihr Administrator', 'description' => 'Der Inhalt dieses Feldes wird direkt in den IP/Port-vHost-Container übernommen. Die folgenden Variablen können verwendet werden:
{DOMAIN}, {DOCROOT}, {CUSTOMER}, {IP}, {PORT}, {SCHEME}, {FPMSOCKET} (wenn zutreffend)

ACHTUNG: Der Code wird nicht auf Fehler geprüft. Etwaige Fehler werden also auch übernommen. Der Webserver könnte nicht mehr starten!', ], 'includedefault_sslvhostconf' => 'Nicht-SSL vHost-Einstellungen in SSL-vHost inkludieren', - 'apply_specialsettings_default' => [ - 'title' => 'Standardwert für "Übernehme Einstellungen für alle Subdomains (*.beispiel.de)\' Einstellung beim Bearbeiten einer Domain', - ], - 'apply_phpconfigs_default' => [ - 'title' => 'Standardwert für "PHP-Config für alle Subdomains übernehmen:\' Einstellung beim Bearbeiten einer Domain', - ], + 'apply_specialsettings_default' => 'Standardwert für "Übernehme Einstellungen für alle Subdomains (*.beispiel.de)" Einstellung beim Bearbeiten einer Domain', + 'apply_phpconfigs_default' => 'Standardwert für "PHP-Config für alle Subdomains übernehmen:" Einstellung beim Bearbeiten einer Domain', 'awstats' => [ 'logformat' => [ 'title' => 'LogFormat Einstellung', diff --git a/lng/en.lng.php b/lng/en.lng.php index f92730a0..45925fc2 100644 --- a/lng/en.lng.php +++ b/lng/en.lng.php @@ -2136,12 +2136,8 @@ Yours sincerely, your administrator', 'description' => 'The content of this field will be included into this ip/port vHost container directly. You can use the following variables:
{DOMAIN}, {DOCROOT}, {CUSTOMER}, {IP}, {PORT}, {SCHEME}, {FPMSOCKET} (if applicable)
Attention: The code won\'t be checked for any errors. If it contains errors, webserver might not start again!', ], 'includedefault_sslvhostconf' => 'Include non-SSL vHost-settings in SSL-vHost', - 'apply_specialsettings_default' => [ - 'title' => 'Default value for "Apply specialsettings to all subdomains (*.example.com)\' setting when editing a domain', - ], - 'apply_phpconfigs_default' => [ - 'title' => 'Default value for "Apply php-config to all subdomains:\' setting when editing a domain', - ], + 'apply_specialsettings_default' => 'Default value for "Apply specialsettings to all subdomains (*.example.com)" setting when editing a domain', + 'apply_phpconfigs_default' => 'Default value for "Apply php-config to all subdomains" setting when editing a domain', 'awstats' => [ 'logformat' => [ 'title' => 'LogFormat setting', From e1e7bc7b42b40d07887b92cbfe9d2d5c920e9bdd Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Mon, 5 Jun 2023 09:01:41 +0200 Subject: [PATCH 12/87] set fastcgi_ipcdir according to webserver after installation (regardless of using phpfpm) Signed-off-by: Michael Kaufmann --- lib/configfiles/bionic.xml | 2 ++ lib/configfiles/bookworm.xml | 2 ++ lib/configfiles/bullseye.xml | 2 ++ lib/configfiles/buster.xml | 2 ++ lib/configfiles/focal.xml | 4 +++- lib/configfiles/gentoo.xml | 2 ++ lib/configfiles/jammy.xml | 2 ++ 7 files changed, 15 insertions(+), 1 deletion(-) diff --git a/lib/configfiles/bionic.xml b/lib/configfiles/bionic.xml index 22dd1233..76ccc55c 100644 --- a/lib/configfiles/bionic.xml +++ b/lib/configfiles/bionic.xml @@ -10,11 +10,13 @@ + + diff --git a/lib/configfiles/bookworm.xml b/lib/configfiles/bookworm.xml index f82d87d4..d0d89f4b 100644 --- a/lib/configfiles/bookworm.xml +++ b/lib/configfiles/bookworm.xml @@ -10,11 +10,13 @@ + + diff --git a/lib/configfiles/bullseye.xml b/lib/configfiles/bullseye.xml index 2e8fe249..1b7d352d 100644 --- a/lib/configfiles/bullseye.xml +++ b/lib/configfiles/bullseye.xml @@ -10,11 +10,13 @@ + + diff --git a/lib/configfiles/buster.xml b/lib/configfiles/buster.xml index 17c988e8..82d2f4b2 100644 --- a/lib/configfiles/buster.xml +++ b/lib/configfiles/buster.xml @@ -10,11 +10,13 @@ + + diff --git a/lib/configfiles/focal.xml b/lib/configfiles/focal.xml index 862a80b6..96563815 100644 --- a/lib/configfiles/focal.xml +++ b/lib/configfiles/focal.xml @@ -9,12 +9,14 @@ - + + + + diff --git a/lib/configfiles/gentoo.xml b/lib/configfiles/gentoo.xml index aecee819..697c8924 100644 --- a/lib/configfiles/gentoo.xml +++ b/lib/configfiles/gentoo.xml @@ -17,11 +17,13 @@ + + diff --git a/lib/configfiles/jammy.xml b/lib/configfiles/jammy.xml index c7f7172e..1ffcf68b 100644 --- a/lib/configfiles/jammy.xml +++ b/lib/configfiles/jammy.xml @@ -10,11 +10,13 @@ + + From 981d819fd727318326e38a019292f65ce1c63c2d Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Tue, 6 Jun 2023 09:05:49 +0200 Subject: [PATCH 13/87] display notice if customer has no domains assigned yet to add subdomains; corrected subdomains-usage-check to exclude std-subdomain Signed-off-by: Michael Kaufmann --- customer_domains.php | 21 ++++++++++++++++++--- customer_email.php | 2 +- lib/Froxlor/Api/ApiCommand.php | 3 ++- lib/Froxlor/Cron/Http/Php/Fpm.php | 2 +- lib/Froxlor/CurrentUser.php | 20 +++++++++++++------- lng/de.lng.php | 1 + lng/en.lng.php | 1 + templates/Froxlor/user/table.html.twig | 2 +- 8 files changed, 38 insertions(+), 14 deletions(-) diff --git a/customer_domains.php b/customer_domains.php index 933edd13..45348e2f 100644 --- a/customer_domains.php +++ b/customer_domains.php @@ -51,7 +51,7 @@ $id = (int)Request::any('id'); if ($page == 'overview' || $page == 'domains') { if ($action == '') { - $log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "viewed customer_domains::domains"); + $log->logAction(FroxlorLogger::USR_ACTION, LOG_INFO, "viewed customer_domains::domains"); $parentdomain_id = (int)Request::any('pid', '0'); @@ -73,10 +73,17 @@ if ($page == 'overview' || $page == 'domains') { ]; } - UI::view('user/table.html.twig', [ + $table_tpl = 'table.html.twig'; + if ($collection->count() == 0) { + $table_tpl = 'table-note.html.twig'; + } + UI::view('user/' . $table_tpl, [ 'listing' => Listing::format($collection, $domain_list_data, 'domain_list'), 'actions_links' => $actions_links, - 'entity_info' => lng('domains.description') + 'entity_info' => lng('domains.description'), + // alert-box + 'type' => 'warning', + 'alert_msg' => lng('domains.nodomainsassignedbyadmin') ]); } elseif ($action == 'delete' && $id != 0) { try { @@ -139,6 +146,14 @@ if ($page == 'overview' || $page == 'domains') { $domains[$row['domain']] = $idna_convert->decode($row['domain']); } + // check of there are any domains to be used + if (count($domains) <= 0) { + // no, possible direct URL access, redirect to overview + Response::redirectTo($filename, [ + 'page' => $page + ]); + } + $aliasdomains[0] = lng('domains.noaliasdomain'); $domains_stmt = Database::prepare("SELECT `d`.`id`, `d`.`domain` FROM `" . TABLE_PANEL_DOMAINS . "` `d`, `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `d`.`aliasdomain` IS NULL diff --git a/customer_email.php b/customer_email.php index a9944734..ca311caa 100644 --- a/customer_email.php +++ b/customer_email.php @@ -84,7 +84,7 @@ if ($page == 'overview' || $page == 'emails') { if ($page == 'email_domain') { $email_domainid = Request::any('domainid', 0); if ($action == '') { - $log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "viewed customer_email::emails"); + $log->logAction(FroxlorLogger::USR_ACTION, LOG_INFO, "viewed customer_email::emails"); $sql_search = []; if ($email_domainid > 0) { diff --git a/lib/Froxlor/Api/ApiCommand.php b/lib/Froxlor/Api/ApiCommand.php index 210d28ac..327a1b4d 100644 --- a/lib/Froxlor/Api/ApiCommand.php +++ b/lib/Froxlor/Api/ApiCommand.php @@ -272,7 +272,8 @@ abstract class ApiCommand extends ApiParameter $ops = [ '<', '>', - '=' + '=', + '<>' ]; $first = true; foreach ($search as $field => $valoper) { diff --git a/lib/Froxlor/Cron/Http/Php/Fpm.php b/lib/Froxlor/Cron/Http/Php/Fpm.php index 1cf84901..3c96fe1b 100644 --- a/lib/Froxlor/Cron/Http/Php/Fpm.php +++ b/lib/Froxlor/Cron/Http/Php/Fpm.php @@ -289,7 +289,7 @@ pm.max_children = 1 } } - // now check if 'sendmail_path' has not beed set in the custom-php.ini + // now check if 'sendmail_path' has not been set in the custom-php.ini // if not we use our fallback-default as usual if (strpos($fpm_config, 'php_admin_value[sendmail_path]') === false) { $fpm_config .= 'php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f ' . $this->domain['email'] . "\n"; diff --git a/lib/Froxlor/CurrentUser.php b/lib/Froxlor/CurrentUser.php index 22a62082..6c814b47 100644 --- a/lib/Froxlor/CurrentUser.php +++ b/lib/Froxlor/CurrentUser.php @@ -25,10 +25,10 @@ namespace Froxlor; -use Froxlor\Database\Database; -use Froxlor\UI\Collection; use Froxlor\Api\Commands\Customers; use Froxlor\Api\Commands\SubDomains; +use Froxlor\Database\Database; +use Froxlor\UI\Collection; /** * Class to manage the current user / session @@ -151,15 +151,21 @@ class CurrentUser ]); $addition = $result['emaildomains'] != 0; } elseif ($resource == 'subdomains') { - $parentDomainCollection = (new Collection(SubDomains::class, $_SESSION['userinfo'], - ['sql_search' => ['d.parentdomainid' => 0]])); - $addition = $parentDomainCollection != 0; + $parentDomainCollection = (new Collection( + SubDomains::class, + $_SESSION['userinfo'], + ['sql_search' => [ + 'd.parentdomainid' => 0, + 'd.id' => ['op' => '<>', 'value' => $_SESSION['userinfo']['standardsubdomain']] + ] + ] + )); + $addition = $parentDomainCollection->count() != 0; } elseif ($resource == 'domains') { $customerCollection = (new Collection(Customers::class, $_SESSION['userinfo'])); - $addition = $customerCollection != 0; + $addition = $customerCollection->count() != 0; } return ($_SESSION['userinfo'][$resource . '_used'] < $_SESSION['userinfo'][$resource] || $_SESSION['userinfo'][$resource] == '-1') && $addition; } - } diff --git a/lng/de.lng.php b/lng/de.lng.php index 616f92aa..0c6e3353 100644 --- a/lng/de.lng.php +++ b/lng/de.lng.php @@ -699,6 +699,7 @@ return [ 'openbasedirenabled' => 'Openbasedir Einschränkung', 'hsts' => 'HSTS aktiviert', 'aliasdomainid' => 'ID der Alias-Domain', + 'nodomainsassignedbyadmin' => 'Diesem Account wurde noch keine Domain zugewiesen. Bitte kontaktiere deinen Administrator, wenn du der Meinung bist, das ist nicht korrekt.', ], 'emails' => [ 'description' => 'Hier können Sie Ihre E-Mail-Adressen einrichten.
Ein Konto ist wie Ihr Briefkasten vor der Haustür. Wenn jemand eine E-Mail an Sie schreibt, wird diese in dieses Konto gelegt.

Die Zugangsdaten lauten wie folgt: (Die Angaben in kursiver Schrift sind durch die jeweiligen Einträge zu ersetzen)

Hostname: Domainname
Benutzername: Kontoname / E-Mail-Adresse
Passwort: das gewählte Passwort', diff --git a/lng/en.lng.php b/lng/en.lng.php index 45925fc2..51f8f784 100644 --- a/lng/en.lng.php +++ b/lng/en.lng.php @@ -765,6 +765,7 @@ return [ 'openbasedirenabled' => 'Openbasedir restiction', 'hsts' => 'HSTS enabled', 'aliasdomainid' => 'ID of alias domain', + 'nodomainsassignedbyadmin' => 'Your account has currently no domains assigned to it. Please contact your administrator if you think this is wrong.', ], 'emails' => [ 'description' => 'Here you can create and change your email addresses.
An account is like your letterbox in front of your house. If someone sends you an email, it will be dropped into the account.

To download your emails use the following settings in your mailprogram: (The data in italics has to be changed to the equivalents you typed in!)
Hostname: domainname
Username: account name / e-mail address
password: the password you\'ve chosen', diff --git a/templates/Froxlor/user/table.html.twig b/templates/Froxlor/user/table.html.twig index 5ca36e4f..fac9e0d6 100644 --- a/templates/Froxlor/user/table.html.twig +++ b/templates/Froxlor/user/table.html.twig @@ -35,7 +35,7 @@ {% for link in actions_links %} - {{ link.label }} + {% if link.label is defined and link.label is not empty %}{{ link.label }}{% endif %} {% endfor %} {% endif %} From 20755bceadd8b20db613037f87c12748487ec971 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Tue, 6 Jun 2023 09:35:12 +0200 Subject: [PATCH 14/87] set version in 2.1.x branch to 2.1.0-alpha1 Signed-off-by: Michael Kaufmann --- lib/Froxlor/Froxlor.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/Froxlor/Froxlor.php b/lib/Froxlor/Froxlor.php index 935b1092..0c2fa9ee 100644 --- a/lib/Froxlor/Froxlor.php +++ b/lib/Froxlor/Froxlor.php @@ -31,7 +31,7 @@ final class Froxlor { // Main version variable - const VERSION = '2.0.20'; + const VERSION = '2.1.0-alpha1'; // Database version (YYYYMMDDC where C is a daily counter) const DBVERSION = '202305240'; From 9ed45ea7f8c7fef33a832211dfd0e2d0d04413b4 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Tue, 6 Jun 2023 09:46:31 +0200 Subject: [PATCH 15/87] make alpha to dev, version check does not know about 'alpha' Signed-off-by: Michael Kaufmann --- lib/Froxlor/Froxlor.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/Froxlor/Froxlor.php b/lib/Froxlor/Froxlor.php index 0c2fa9ee..549908e4 100644 --- a/lib/Froxlor/Froxlor.php +++ b/lib/Froxlor/Froxlor.php @@ -31,7 +31,7 @@ final class Froxlor { // Main version variable - const VERSION = '2.1.0-alpha1'; + const VERSION = '2.1.0-dev1'; // Database version (YYYYMMDDC where C is a daily counter) const DBVERSION = '202305240'; From 196ef9378a6c9f450f0e33563ff73c029f6c29f1 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Tue, 6 Jun 2023 10:10:32 +0200 Subject: [PATCH 16/87] deactivate/reactivate email-accounts for deactivated/reactivated domain; set deactivated-docroot by default to not have deactivated domains point to froxlor login but rather show a message Signed-off-by: Michael Kaufmann --- .gitignore | 1 + install/froxlor.sql.php | 2 +- install/updates/froxlor/update_2.x.inc.php | 9 ++++ lib/Froxlor/Api/Commands/Domains.php | 21 +++++++- lib/Froxlor/Install/Install/Core.php | 1 + templates/misc/deactivated/index.html | 56 ++++++++++++++++++++++ 6 files changed, 88 insertions(+), 2 deletions(-) create mode 100644 templates/misc/deactivated/index.html diff --git a/.gitignore b/.gitignore index bbad0ca0..a9416c61 100644 --- a/.gitignore +++ b/.gitignore @@ -13,6 +13,7 @@ logs/* *~ .well-known .idea +.DS_Store *.iml img/ vendor/ diff --git a/install/froxlor.sql.php b/install/froxlor.sql.php index 82f49de8..0e06cbe3 100644 --- a/install/froxlor.sql.php +++ b/install/froxlor.sql.php @@ -554,7 +554,7 @@ opcache.validate_timestamps'), ('system', 'defaultip', '1'), ('system', 'defaultsslip', ''), ('system', 'phpappendopenbasedir', '/tmp/'), - ('system', 'deactivateddocroot', ''), + ('system', 'deactivateddocroot', '/var/www/html/froxlor/templates/misc/deactivated/'), ('system', 'mailpwcleartext', '0'), ('system', 'last_tasks_run', '000000'), ('system', 'nameservers', ''), diff --git a/install/updates/froxlor/update_2.x.inc.php b/install/updates/froxlor/update_2.x.inc.php index bd443a0d..83906fb0 100644 --- a/install/updates/froxlor/update_2.x.inc.php +++ b/install/updates/froxlor/update_2.x.inc.php @@ -515,5 +515,14 @@ if (Froxlor::isDatabaseVersion('202304260')) { Database::query($sql); Update::lastStepStatus(0); + Update::showUpdateStep("Adjusting setting for deactivated webroot"); + $current_deactivated_webroot = Settings::Get('system.deactivateddocroot'); + if (empty($current_deactivated_webroot)) { + Settings::Set('system.deactivateddocroot', FileDir::makeCorrectDir(Froxlor::getInstallDir() . '/templates/misc/deactivated/')); + Update::lastStepStatus(0); + } else { + Update::lastStepStatus(1, 'Customized setting, not changing'); + } + Froxlor::updateToDbVersion('202305240'); } diff --git a/lib/Froxlor/Api/Commands/Domains.php b/lib/Froxlor/Api/Commands/Domains.php index 7fb7991c..d16030e1 100644 --- a/lib/Froxlor/Api/Commands/Domains.php +++ b/lib/Froxlor/Api/Commands/Domains.php @@ -1890,7 +1890,26 @@ class Domains extends ApiCommand implements ResourceEntity // activate/deactivate domain-based services if ($deactivated != $result['deactivated']) { - // @TODO + // deactivate email accounts + $yesno = ($deactivated ? 'N' : 'Y'); + $pop3 = ($deactivated ? '0' : (int)$result['pop3']); + $imap = ($deactivated ? '0' : (int)$result['imap']); + + $upd_stmt = Database::prepare(" + UPDATE `" . TABLE_MAIL_USERS . "` + SET `postfix`= :yesno, `pop3` = :pop3, `imap` = :imap + WHERE `customerid` = :customerid AND `domainid` = :domainid + "); + Database::pexecute($upd_stmt, [ + 'yesno' => $yesno, + 'pop3' => $pop3, + 'imap' => $imap, + 'customerid' => $customerid, + 'domainid' => $id + ]); + + $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] " . ($deactivated ? 'deactivated' : 'reactivated') . " domain '" . $result['domain'] . "'"); + Cronjob::inserttask(TaskId::REBUILD_VHOST); } $_update_data['customerid'] = $customerid; diff --git a/lib/Froxlor/Install/Install/Core.php b/lib/Froxlor/Install/Install/Core.php index 3ba10023..5eb04f9a 100644 --- a/lib/Froxlor/Install/Install/Core.php +++ b/lib/Froxlor/Install/Install/Core.php @@ -421,6 +421,7 @@ class Core $this->updateSetting($upd_stmt, $this->validatedData['activate_newsfeed'], 'admin', 'show_news_feed'); $this->updateSetting($upd_stmt, dirname(__FILE__, 5), 'system', 'letsencryptchallengepath'); + $this->updateSetting($upd_stmt, dirname(__FILE__, 5) . '/templates/misc/deactivated/', 'system', 'deactivateddocroot'); // insert the lastcronrun to be the installation date $this->updateSetting($upd_stmt, time(), 'system', 'lastcronrun'); diff --git a/templates/misc/deactivated/index.html b/templates/misc/deactivated/index.html new file mode 100644 index 00000000..a07df96f --- /dev/null +++ b/templates/misc/deactivated/index.html @@ -0,0 +1,56 @@ + + + + + + + froxlor - Deactivated page + + + +
+

Domain deactivated

+

+ This domain is managed using the froxlor Server Management Panel. + If you see this page, this domain has been deactivated by an administrator. +

+
    +
  • + + + + Please ask your provider/hoster if you think this is not correct +
    • +
+
+ + + + From 6e37b55ac619d6dbe71f9ddfdc62c55afaf4c117 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Tue, 6 Jun 2023 10:23:47 +0200 Subject: [PATCH 17/87] more integration of domain deactivated flag Signed-off-by: Michael Kaufmann --- customer_domains.php | 1 + lib/Froxlor/Api/Commands/Emails.php | 5 ++++- lib/Froxlor/Api/Commands/SubDomains.php | 3 +++ lib/Froxlor/CurrentUser.php | 3 ++- lng/de.lng.php | 3 ++- lng/en.lng.php | 3 ++- 6 files changed, 14 insertions(+), 4 deletions(-) diff --git a/customer_domains.php b/customer_domains.php index 45348e2f..2fba8e38 100644 --- a/customer_domains.php +++ b/customer_domains.php @@ -137,6 +137,7 @@ if ($page == 'overview' || $page == 'domains') { AND `parentdomainid` = '0' AND `email_only` = '0' AND `caneditdomain` = '1' + AND `deactivated` = '0' ORDER BY `domain` ASC"); Database::pexecute($stmt, [ "customerid" => $userinfo['customerid'] diff --git a/lib/Froxlor/Api/Commands/Emails.php b/lib/Froxlor/Api/Commands/Emails.php index 221efa9b..85c19a49 100644 --- a/lib/Froxlor/Api/Commands/Emails.php +++ b/lib/Froxlor/Api/Commands/Emails.php @@ -88,9 +88,12 @@ class Emails extends ApiCommand implements ResourceEntity $domain_check = $this->apiCall('SubDomains.get', [ 'domainname' => $domain ], true); - if ($domain_check['isemaildomain'] == 0) { + if ((int)$domain_check['isemaildomain'] == 0) { Response::standardError('maindomainnonexist', $domain, true); } + if ((int)$domain_check['deactivated'] == 1) { + Response::standardError('maindomaindeactivated', $domain, true); + } if (Settings::Get('catchall.catchall_enabled') != '1') { $iscatchall = 0; diff --git a/lib/Froxlor/Api/Commands/SubDomains.php b/lib/Froxlor/Api/Commands/SubDomains.php index fdc6e9c8..77cf0377 100644 --- a/lib/Froxlor/Api/Commands/SubDomains.php +++ b/lib/Froxlor/Api/Commands/SubDomains.php @@ -229,6 +229,9 @@ class SubDomains extends ApiCommand implements ResourceEntity } elseif ($completedomain_check && strtolower($completedomain_check['domain']) == strtolower($completedomain)) { // the domain does already exist as main-domain Response::standardError('domainexistalready', $completedomain, true); + } elseif ((int)$domain_check['deactivated'] == 1) { + // main domain is deactivated + Response::standardError('maindomaindeactivated', $domain, true); } // if allowed, check for 'is email domain'-flag diff --git a/lib/Froxlor/CurrentUser.php b/lib/Froxlor/CurrentUser.php index 6c814b47..45168176 100644 --- a/lib/Froxlor/CurrentUser.php +++ b/lib/Froxlor/CurrentUser.php @@ -144,7 +144,7 @@ class CurrentUser $result_stmt = Database::prepare(" SELECT COUNT(`id`) as emaildomains FROM `" . TABLE_PANEL_DOMAINS . "` - WHERE `customerid`= :cid AND `isemaildomain` = '1' + WHERE `customerid`= :cid AND `isemaildomain` = '1' AND `deactivated` = '0' "); $result = Database::pexecute_first($result_stmt, [ "cid" => $_SESSION['userinfo']['customerid'] @@ -156,6 +156,7 @@ class CurrentUser $_SESSION['userinfo'], ['sql_search' => [ 'd.parentdomainid' => 0, + 'd.deactivated' => 0, 'd.id' => ['op' => '<>', 'value' => $_SESSION['userinfo']['standardsubdomain']] ] ] diff --git a/lng/de.lng.php b/lng/de.lng.php index 0c6e3353..c02a5e2b 100644 --- a/lng/de.lng.php +++ b/lng/de.lng.php @@ -699,7 +699,7 @@ return [ 'openbasedirenabled' => 'Openbasedir Einschränkung', 'hsts' => 'HSTS aktiviert', 'aliasdomainid' => 'ID der Alias-Domain', - 'nodomainsassignedbyadmin' => 'Diesem Account wurde noch keine Domain zugewiesen. Bitte kontaktiere deinen Administrator, wenn du der Meinung bist, das ist nicht korrekt.', + 'nodomainsassignedbyadmin' => 'Diesem Account wurde noch keine (aktive) Domain zugewiesen. Bitte kontaktiere deinen Administrator, wenn du der Meinung bist, das ist nicht korrekt.', ], 'emails' => [ 'description' => 'Hier können Sie Ihre E-Mail-Adressen einrichten.
Ein Konto ist wie Ihr Briefkasten vor der Haustür. Wenn jemand eine E-Mail an Sie schreibt, wird diese in dieses Konto gelegt.

Die Zugangsdaten lauten wie folgt: (Die Angaben in kursiver Schrift sind durch die jeweiligen Einträge zu ersetzen)

Hostname: Domainname
Benutzername: Kontoname / E-Mail-Adresse
Passwort: das gewählte Passwort', @@ -770,6 +770,7 @@ return [ 'domainisaliasorothercustomer' => 'Die ausgewählte Aliasdomain ist entweder selbst eine Aliasdomain, hat nicht die gleiche IP/Port-Kombination oder gehört einem anderen Kunden.', 'emailexistalready' => 'Die E-Mail-Adresse "%s" existiert bereits.', 'maindomainnonexist' => 'Die Hauptdomain "%s" existiert nicht.', + 'maindomaindeactivated' => 'Die Hauptdomain "%s" ist deaktiviert.', 'destinationnonexist' => 'Bitte geben Sie Ihre Weiterleitungsadresse im Feld \'Nach\' ein.', 'destinationalreadyexistasmail' => 'Die Weiterleitung zu "%s" existiert bereits als aktive E-Mail-Adresse.', 'destinationalreadyexist' => 'Es existiert bereits eine Weiterleitung nach "%s".', diff --git a/lng/en.lng.php b/lng/en.lng.php index 51f8f784..234a8ca6 100644 --- a/lng/en.lng.php +++ b/lng/en.lng.php @@ -765,7 +765,7 @@ return [ 'openbasedirenabled' => 'Openbasedir restiction', 'hsts' => 'HSTS enabled', 'aliasdomainid' => 'ID of alias domain', - 'nodomainsassignedbyadmin' => 'Your account has currently no domains assigned to it. Please contact your administrator if you think this is wrong.', + 'nodomainsassignedbyadmin' => 'Your account has currently no (active) domains assigned to it. Please contact your administrator if you think this is wrong.', ], 'emails' => [ 'description' => 'Here you can create and change your email addresses.
An account is like your letterbox in front of your house. If someone sends you an email, it will be dropped into the account.

To download your emails use the following settings in your mailprogram: (The data in italics has to be changed to the equivalents you typed in!)
Hostname: domainname
Username: account name / e-mail address
password: the password you\'ve chosen', @@ -836,6 +836,7 @@ return [ 'domainisaliasorothercustomer' => 'The selected alias domain is either itself an alias domain, has a different ip/port combination or belongs to another customer.', 'emailexistalready' => 'The email-address %s already exists.', 'maindomainnonexist' => 'The main-domain %s does not exist.', + 'maindomaindeactivated' => 'The main-domain %s is deactivated.', 'destinationnonexist' => 'Please create your forwarder in the field \'Destination\'.', 'destinationalreadyexistasmail' => 'The forwarder to %s already exists as active email-address.', 'destinationalreadyexist' => 'You have already defined a forwarder to "%s"', From 03257f04cba9c12f787ee7816044da3aa7708556 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Tue, 6 Jun 2023 14:10:07 +0200 Subject: [PATCH 18/87] more integration of domain deactivated flag Signed-off-by: Michael Kaufmann --- lib/Froxlor/Api/Commands/Domains.php | 4 ++-- lib/Froxlor/Api/Commands/EmailAccounts.php | 4 ++++ lib/Froxlor/UI/Callbacks/Style.php | 6 +++--- lib/navigation/00.froxlor.main.php | 4 ++-- 4 files changed, 11 insertions(+), 7 deletions(-) diff --git a/lib/Froxlor/Api/Commands/Domains.php b/lib/Froxlor/Api/Commands/Domains.php index d16030e1..e916c072 100644 --- a/lib/Froxlor/Api/Commands/Domains.php +++ b/lib/Froxlor/Api/Commands/Domains.php @@ -1892,8 +1892,8 @@ class Domains extends ApiCommand implements ResourceEntity if ($deactivated != $result['deactivated']) { // deactivate email accounts $yesno = ($deactivated ? 'N' : 'Y'); - $pop3 = ($deactivated ? '0' : (int)$result['pop3']); - $imap = ($deactivated ? '0' : (int)$result['imap']); + $pop3 = ($deactivated ? '0' : (int)$customer['pop3']); + $imap = ($deactivated ? '0' : (int)$customer['imap']); $upd_stmt = Database::prepare(" UPDATE `" . TABLE_MAIL_USERS . "` diff --git a/lib/Froxlor/Api/Commands/EmailAccounts.php b/lib/Froxlor/Api/Commands/EmailAccounts.php index 605a6daa..e560fd0d 100644 --- a/lib/Froxlor/Api/Commands/EmailAccounts.php +++ b/lib/Froxlor/Api/Commands/EmailAccounts.php @@ -95,9 +95,13 @@ class EmailAccounts extends ApiCommand implements ResourceEntity $customer = $this->getCustomerData('email_accounts'); // check for imap||pop3 == 1, see #1298 + // d00p, 6.5.2023 @revert this - if a customer has resources which allow email accounts + // it implicitly allowed SMTP, e.g. sending of emails which also requires an account to exist + /* if ($customer['imap'] != '1' && $customer['pop3'] != '1') { Response::standardError('notallowedtouseaccounts', '', true); } + */ if (!empty($emailaddr)) { $idna_convert = new IdnaWrapper(); diff --git a/lib/Froxlor/UI/Callbacks/Style.php b/lib/Froxlor/UI/Callbacks/Style.php index 6f19bee8..1019151c 100644 --- a/lib/Froxlor/UI/Callbacks/Style.php +++ b/lib/Froxlor/UI/Callbacks/Style.php @@ -60,18 +60,18 @@ class Style $today = time(); $termination_css = 'bg-warning'; if ($cdate < $today) { - $termination_css = 'bg-danger'; + $termination_css = 'bg-danger text-light'; } } $deactivated = $attributes['fields']['deactivated'] || $attributes['fields']['customer_deactivated']; - return $deactivated ? 'bg-info' : $termination_css; + return $deactivated ? 'bg-info text-light' : $termination_css; } public static function resultCustomerLockedOrDeactivated(array $attributes): string { $row_css = ''; if ((int)$attributes['fields']['deactivated'] == 1) { - $row_css = 'bg-info'; + $row_css = 'bg-info text-light'; } elseif ( $attributes['fields']['loginfail_count'] >= Settings::Get('login.maxloginattempts') && $attributes['fields']['lastlogin_fail'] > (time() - Settings::Get('login.deactivatetime')) diff --git a/lib/navigation/00.froxlor.main.php b/lib/navigation/00.froxlor.main.php index d65819fb..45568057 100644 --- a/lib/navigation/00.froxlor.main.php +++ b/lib/navigation/00.froxlor.main.php @@ -186,7 +186,7 @@ return [ 'url' => 'admin_customers.php?page=customers', 'label' => lng('admin.customers'), 'required_resources' => 'customers', - 'add_shortlink' => CurrentUser::canAddResource('customers') ? 'admin_customers.php?page=customers&action=add' : null, + 'add_shortlink' => CurrentUser::isAdmin() && CurrentUser::canAddResource('customers') ? 'admin_customers.php?page=customers&action=add' : null, ], [ 'url' => 'admin_admins.php?page=admins', @@ -198,7 +198,7 @@ return [ 'url' => 'admin_domains.php?page=domains', 'label' => lng('admin.domains'), 'required_resources' => 'domains', - 'add_shortlink' => CurrentUser::canAddResource('domains') ? 'admin_domains.php?page=domains&action=add' : null, + 'add_shortlink' => CurrentUser::isAdmin() && CurrentUser::canAddResource('domains') ? 'admin_domains.php?page=domains&action=add' : null, ], [ 'url' => 'admin_domains.php?page=sslcertificates', From 0c3ac31231a8696cc206a9df8e43ffd5f331fdf4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maurice=20Preu=C3=9F=20=28envoyr=29?= Date: Tue, 6 Jun 2023 14:38:08 +0200 Subject: [PATCH 19/87] initial backup feature MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Maurice Preuß (envoyr) --- actions/admin/settings/230.backup.php | 124 +++++++++++ admin_backups.php | 75 +++++++ lib/Froxlor/Api/Commands/Backups.php | 201 ++++++++++++++++++ .../admin/backups/formfield.backups_add.php | 33 +++ .../admin/backups/formfield.backups_edit.php | 33 +++ .../backups/formfield.backups_restore.php | 33 +++ lib/formfields/admin/backups/index.html | 0 lib/navigation/00.froxlor.main.php | 6 + .../admin/tablelisting.backups.php | 122 +++++++++++ lib/tables.inc.php | 1 + lng/en.lng.php | 8 + 11 files changed, 636 insertions(+) create mode 100644 actions/admin/settings/230.backup.php create mode 100644 admin_backups.php create mode 100644 lib/Froxlor/Api/Commands/Backups.php create mode 100644 lib/formfields/admin/backups/formfield.backups_add.php create mode 100644 lib/formfields/admin/backups/formfield.backups_edit.php create mode 100644 lib/formfields/admin/backups/formfield.backups_restore.php create mode 100644 lib/formfields/admin/backups/index.html create mode 100644 lib/tablelisting/admin/tablelisting.backups.php diff --git a/actions/admin/settings/230.backup.php b/actions/admin/settings/230.backup.php new file mode 100644 index 00000000..87a211c7 --- /dev/null +++ b/actions/admin/settings/230.backup.php @@ -0,0 +1,124 @@ + + * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 + */ + +return [ + 'groups' => [ + 'backup' => [ + 'title' => lng('backup'), + 'icon' => 'fa-solid fa-sliders', + 'advanced_mode' => true, + 'fields' => [ + 'system_backup_enabled' => [ + 'label' => lng('serversettings.backup_enabled'), + 'settinggroup' => 'system', + 'varname' => 'diskquota_enabled', + 'type' => 'checkbox', + 'default' => false, + 'save_method' => 'storeSettingField', + 'overview_option' => true + ], + 'system_backup_type' => [ + 'label' => lng('serversettings.backup_type'), + 'settinggroup' => 'system', + 'varname' => 'backup_type', + 'type' => 'select', + 'default' => 'S3', + 'select_var' => [ + 'Local' => lng('serversettings.local'), + 'SFTP' => lng('serversettings.sftp'), + 'FTPS' => lng('serversettings.ftps'), + 'S3' => lng('serversettings.s3'), + ], + 'save_method' => 'storeSettingField', + 'overview_option' => true, + ], + 'system_backup_region' => [ + 'label' => lng('serversettings.backup_region'), + 'settinggroup' => 'system', + 'varname' => 'backup_region', + 'type' => 'text', + 'default' => 'eu-central-1', + 'save_method' => 'storeSettingField', + ], + 'system_backup_bucket' => [ + 'label' => lng('serversettings.backup_bucket'), + 'settinggroup' => 'system', + 'varname' => 'backup_bucket', + 'type' => 'text', + 'default' => '', + 'save_method' => 'storeSettingField', + ], + 'system_backup_destination_path' => [ + 'label' => lng('serversettings.backup_destination_path'), + 'settinggroup' => 'system', + 'varname' => 'backup_destination_path', + 'type' => 'text', + 'default' => 'backups', + 'save_method' => 'storeSettingField', + ], + 'system_backup_hostname' => [ + 'label' => lng('serversettings.backup_hostname'), + 'settinggroup' => 'system', + 'varname' => 'backup_hostname', + 'type' => 'text', + 'default' => '', + 'save_method' => 'storeSettingField', + ], + 'system_backup_username' => [ + 'label' => lng('serversettings.backup_username'), + 'settinggroup' => 'system', + 'varname' => 'backup_username', + 'type' => 'text', + 'default' => '', + 'save_method' => 'storeSettingField', + ], + 'system_backup_password' => [ + 'label' => lng('serversettings.backup_password'), + 'settinggroup' => 'system', + 'varname' => 'backup_password', + 'type' => 'password', + 'default' => '', + 'save_method' => 'storeSettingField', + ], + 'system_backup_pgp_public_key' => [ + 'label' => lng('serversettings.backup_pgp_public_key'), + 'settinggroup' => 'system', + 'varname' => 'backup_pgp_public_key', + 'type' => 'textarea', + 'default' => '', + 'save_method' => 'storeSettingField', + ], + 'system_backup_retention' => [ + 'label' => lng('serversettings.backup_retention'), + 'settinggroup' => 'system', + 'varname' => 'backup_retention', + 'type' => 'number', + 'default' => 3, + 'save_method' => 'storeSettingField', + ], + ] + ] + ] +]; diff --git a/admin_backups.php b/admin_backups.php new file mode 100644 index 00000000..d34933f0 --- /dev/null +++ b/admin_backups.php @@ -0,0 +1,75 @@ + + * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 + */ + +const AREA = 'admin'; +require __DIR__ . '/lib/init.php'; + +use Froxlor\Api\Commands\Backups; +use Froxlor\FroxlorLogger; +use Froxlor\UI\Collection; +use Froxlor\UI\Listing; +use Froxlor\UI\Panel\UI; +use Froxlor\UI\Request; +use Froxlor\UI\Response; + +$id = (int)Request::any('id'); + +if (($page == 'admins' || $page == 'overview') && $userinfo['change_serversettings'] == '1') { + if ($action == '') { + $log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "viewed admin_backups"); + + try { + $admin_list_data = include_once dirname(__FILE__) . '/lib/tablelisting/admin/tablelisting.backups.php'; + $collection = (new Collection(Backups::class, $userinfo)) + ->withPagination($admin_list_data['backups_list']['columns'], $admin_list_data['backups_list']['default_sorting']); + } catch (Exception $e) { + Response::dynamicError($e->getMessage()); + } + + UI::view('user/table.html.twig', [ + 'listing' => Listing::format($collection, $admin_list_data, 'backups_list'), + 'actions_links' => [ + [ + 'href' => $linker->getLink(['section' => 'backups', 'page' => $page, 'action' => 'add']), + 'label' => lng('admin.backups_add') + ], + [ + 'href' => $linker->getLink(['section' => 'backups', 'page' => $page, 'action' => 'restore']), + 'label' => lng('admin.backups_restore'), + 'icon' => 'fa-solid fa-file-import', + 'class' => 'btn-outline-secondary' + ] + ] + ]); + } elseif ($action == 'delete' && $id != 0) { + + } elseif ($action == 'add') { + + } elseif ($action == 'edit' && $id != 0) { + + } elseif ($action == 'restore') { + + } +} diff --git a/lib/Froxlor/Api/Commands/Backups.php b/lib/Froxlor/Api/Commands/Backups.php new file mode 100644 index 00000000..638b4912 --- /dev/null +++ b/lib/Froxlor/Api/Commands/Backups.php @@ -0,0 +1,201 @@ + + * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 + */ + +namespace Froxlor\Api\Commands; + +use Exception; +use Froxlor\Api\ApiCommand; +use Froxlor\Api\ResourceEntity; +use Froxlor\Database\Database; +use Froxlor\FroxlorLogger; +use Froxlor\Idna\IdnaWrapper; +use Froxlor\Settings; +use Froxlor\System\Crypt; +use Froxlor\UI\Response; +use Froxlor\User; +use Froxlor\Validate\Validate; +use PDO; + +/** + * @since 2.1.0 + */ +class Backups extends ApiCommand implements ResourceEntity +{ + + /** + * increase resource-usage + * + * @param int $adminid + * @param string $resource + * @param string $extra + * optional, default empty + * @param int $increase_by + * optional, default 1 + */ + public static function increaseUsage($adminid = 0, $resource = null, $extra = '', $increase_by = 1) + { + self::updateResourceUsage(TABLE_PANEL_BACKUPS, 'adminid', $adminid, '+', $resource, $extra, $increase_by); + } + + /** + * decrease resource-usage + * + * @param int $adminid + * @param string $resource + * @param string $extra + * optional, default empty + * @param int $decrease_by + * optional, default 1 + */ + public static function decreaseUsage($adminid = 0, $resource = null, $extra = '', $decrease_by = 1) + { + self::updateResourceUsage(TABLE_PANEL_BACKUPS, 'adminid', $adminid, '-', $resource, $extra, $decrease_by); + } + + /** + * lists all admin entries + * + * @param array $sql_search + * optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), + * LIKE is used if left empty and 'value' => searchvalue + * @param int $sql_limit + * optional specify number of results to be returned + * @param int $sql_offset + * optional specify offset for resultset + * @param array $sql_orderby + * optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more + * fields + * + * @access admin + * @return string json-encoded array count|list + * @throws Exception + */ + public function listing() + { + if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) { + $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list backups"); + $query_fields = []; + $result_stmt = Database::prepare(" + SELECT `b`.*, `a`.`loginname` as `adminname` + FROM `" . TABLE_PANEL_BACKUPS . "` `b` + LEFT JOIN `" . TABLE_PANEL_ADMINS . "` `a` USING(`adminid`) + "); + Database::pexecute($result_stmt, $query_fields, true, true); + $result = []; + while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) { + $result[] = $row; + } + return $this->response([ + 'count' => count($result), + 'list' => $result + ]); + } + throw new Exception("Not allowed to execute given command.", 403); + } + + /** + * returns the total number of backups for the given admin + * + * @access admin + * @return string json-encoded response message + * @throws Exception + */ + public function listingCount() + { + if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) { + $result_stmt = Database::prepare(" + SELECT COUNT(*) as num_backups + FROM `" . TABLE_PANEL_BACKUPS . "` + "); + $result = Database::pexecute_first($result_stmt, null, true, true); + if ($result) { + return $this->response($result['num_backups']); + } + $this->response(0); + } + throw new Exception("Not allowed to execute given command.", 403); + } + + /** + * create a new admin user + * + * @param string $name + * + * @access admin + * @return string json-encoded array + * @throws Exception + */ + public function add() + { + throw new Exception("Not allowed to execute given command.", 403); + } + + /** + * return an admin entry by either id or loginname + * + * @param int $id + * optional, the admin-id + * @param string $loginname + * optional, the loginname + * + * @access admin + * @return string json-encoded array + * @throws Exception + */ + public function get() + { + throw new Exception("Not allowed to execute given command.", 403); + } + + /** + * update an admin user by given id or loginname + * + * @param int $id + * required, the admin-id + * + * @access admin + * @return string json-encoded array + * @throws Exception + */ + public function update() + { + throw new Exception("Not allowed to execute given command.", 403); + } + + /** + * delete a admin entry by either id or loginname + * + * @param int $id + * required, the admin-id + * + * @access admin + * @return string json-encoded array + * @throws Exception + */ + public function delete() + { + throw new Exception("Not allowed to execute given command.", 403); + } +} diff --git a/lib/formfields/admin/backups/formfield.backups_add.php b/lib/formfields/admin/backups/formfield.backups_add.php new file mode 100644 index 00000000..2b2546ab --- /dev/null +++ b/lib/formfields/admin/backups/formfield.backups_add.php @@ -0,0 +1,33 @@ + + * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 + */ + +return [ + 'backups_add' => [ + 'title' => lng('backups.backups_add'), + 'image' => 'fa-solid fa-file-archive', + 'self_overview' => ['section' => 'backups', 'page' => 'backups'], + 'sections' => [] + ], +]; diff --git a/lib/formfields/admin/backups/formfield.backups_edit.php b/lib/formfields/admin/backups/formfield.backups_edit.php new file mode 100644 index 00000000..dea4d84f --- /dev/null +++ b/lib/formfields/admin/backups/formfield.backups_edit.php @@ -0,0 +1,33 @@ + + * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 + */ + +return [ + 'backups_edit' => [ + 'title' => lng('backups.backups_edit'), + 'image' => 'fa-solid fa-file-archive', + 'self_overview' => ['section' => 'backups', 'page' => 'admins'], + 'sections' => [] + ], +]; diff --git a/lib/formfields/admin/backups/formfield.backups_restore.php b/lib/formfields/admin/backups/formfield.backups_restore.php new file mode 100644 index 00000000..f146bdec --- /dev/null +++ b/lib/formfields/admin/backups/formfield.backups_restore.php @@ -0,0 +1,33 @@ + + * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 + */ + +return [ + 'backups_restore' => [ + 'title' => lng('backups.backups_restore'), + 'image' => 'fa-solid fa-file-archive', + 'self_overview' => ['section' => 'backups', 'page' => 'backups'], + 'sections' => [] + ], +]; diff --git a/lib/formfields/admin/backups/index.html b/lib/formfields/admin/backups/index.html new file mode 100644 index 00000000..e69de29b diff --git a/lib/navigation/00.froxlor.main.php b/lib/navigation/00.froxlor.main.php index d65819fb..b01e5f43 100644 --- a/lib/navigation/00.froxlor.main.php +++ b/lib/navigation/00.froxlor.main.php @@ -223,6 +223,12 @@ return [ 'required_resources' => 'customers', 'add_shortlink' => 'admin_plans.php?page=overview&action=add' ], + [ + 'url' => 'admin_backups.php?page=overview', + 'label' => lng('admin.backups.backups'), + 'required_resources' => 'change_serversettings', + 'add_shortlink' => 'admin_backups.php?page=overview&action=add' + ], [ 'url' => 'admin_settings.php?page=updatecounters', 'label' => lng('admin.updatecounters'), diff --git a/lib/tablelisting/admin/tablelisting.backups.php b/lib/tablelisting/admin/tablelisting.backups.php new file mode 100644 index 00000000..b5b2b20e --- /dev/null +++ b/lib/tablelisting/admin/tablelisting.backups.php @@ -0,0 +1,122 @@ + + * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 + */ + +use Froxlor\UI\Callbacks\Admin; +use Froxlor\UI\Callbacks\Customer; +use Froxlor\UI\Callbacks\Impersonate; +use Froxlor\UI\Callbacks\ProgressBar; +use Froxlor\UI\Callbacks\Style; +use Froxlor\UI\Callbacks\Text; +use Froxlor\UI\Listing; + +return [ + 'backups_list' => [ + 'title' => lng('admin.backups.backups'), + 'icon' => 'fa-solid fa-file-archive', + 'self_overview' => ['section' => 'admins', 'page' => 'admins'], + 'default_sorting' => ['loginname' => 'asc'], + 'columns' => [ + 'id' => [ + 'label' => 'ID', + 'field' => 'id', + 'sortable' => true, + ], + 'customerid' => [ + 'label' => lng('customerid'), + 'field' => 'customerid', + 'sortable' => true, + ], + 'loginname' => [ + 'label' => lng('login.username'), + 'field' => 'loginname', + 'callback' => [Impersonate::class, 'customer'], + 'sortable' => true, + ], + 'adminid' => [ + 'label' => lng('adminid'), + 'field' => 'adminid', + 'sortable' => true, + ], + 'adminname' => [ + 'label' => lng('admin.admin'), + 'field' => 'adminname', + 'callback' => [Impersonate::class, 'admin'], + 'sortable' => true, + ], + 'size' => [ + 'label' => lng('backup.size'), + 'field' => 'size', + 'sortable' => true, + ], + 'created_at' => [ + 'label' => lng('backup.created_at'), + 'field' => 'created_at', + 'sortable' => true, + ], + ], + 'visible_columns' => Listing::getVisibleColumnsForListing('admin_list', [ + 'id', + 'adminname', + 'loginname', + 'size', + 'created_at', + ]), + 'actions' => [ + 'show' => [ + 'icon' => 'fa-solid fa-eye', + 'title' => lng('usersettings.custom_notes.title'), + 'modal' => [Text::class, 'customerNoteDetailModal'], + 'visible' => [Customer::class, 'hasNote'] + ], + 'edit' => [ + 'icon' => 'fa-solid fa-edit', + 'title' => lng('panel.edit'), + 'href' => [ + 'section' => 'backups', + 'page' => 'backups', + 'action' => 'edit', + 'id' => ':id' + ], + ], + 'delete' => [ + 'icon' => 'fa-solid fa-trash', + 'title' => lng('panel.delete'), + 'class' => 'btn-danger', + 'href' => [ + 'section' => 'backups', + 'page' => 'backups', + 'action' => 'delete', + 'id' => ':id' + ], + 'visible' => [Admin::class, 'isNotMe'] + ], + ], + 'format_callback' => [ + [Style::class, 'deactivated'], + [Style::class, 'diskspaceWarning'], + [Style::class, 'trafficWarning'] + ] + ] +]; diff --git a/lib/tables.inc.php b/lib/tables.inc.php index 43c52b08..7476a9ab 100644 --- a/lib/tables.inc.php +++ b/lib/tables.inc.php @@ -32,6 +32,7 @@ const TABLE_MAIL_USERS = 'mail_users'; const TABLE_MAIL_VIRTUAL = 'mail_virtual'; const TABLE_PANEL_ACTIVATION = 'panel_activation'; const TABLE_PANEL_ADMINS = 'panel_admins'; +const TABLE_PANEL_BACKUPS = 'panel_backups'; const TABLE_PANEL_CUSTOMERS = 'panel_customers'; const TABLE_PANEL_DATABASES = 'panel_databases'; const TABLE_PANEL_DOMAINS = 'panel_domains'; diff --git a/lng/en.lng.php b/lng/en.lng.php index 0a05daf4..617af153 100644 --- a/lng/en.lng.php +++ b/lng/en.lng.php @@ -500,6 +500,9 @@ return [ 'adminguide' => 'Admin guide', 'userguide' => 'User guide', 'apiguide' => 'API guide', + 'backups' => [ + 'backups' => 'Backups', + ], ], 'apcuinfo' => [ 'clearcache' => 'Clear APCu cache', @@ -2420,4 +2423,9 @@ Yours sincerely, your administrator', 'config_note' => 'In order for froxlor to be able to communicate properly with the backend, you have to configure it.', 'config_now' => 'Configure now' ], + 'backup' => [ + 'backup' => 'Backup', + 'size' => 'Size', + 'created_at' => 'Created at', + ], ]; From 94051dc9eb14a9dd3e8779e869347b9ca0d7d6e6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maurice=20Preu=C3=9F=20=28envoyr=29?= Date: Tue, 6 Jun 2023 17:30:12 +0200 Subject: [PATCH 20/87] add backup settings and update cron fork MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Maurice Preuß (envoyr) --- actions/admin/settings/110.accounts.php | 2 +- actions/admin/settings/230.backup.php | 53 +++++++++------- install/froxlor.sql.php | 13 +++- install/updates/froxlor/update_2.x.inc.php | 47 ++++++++++++++ lib/Froxlor/Cli/MasterCron.php | 17 +++--- lib/Froxlor/Cron/Backup/BackupCron.php | 61 +++++++++++++++++++ lib/Froxlor/Cron/Forkable.php | 58 ++++++++++++++++++ .../System/{BackupCron.php => ExportCron.php} | 57 +++-------------- lib/Froxlor/Cron/Traffic/TrafficCron.php | 52 ++-------------- lib/Froxlor/Validate/Check.php | 26 ++++++++ 10 files changed, 259 insertions(+), 127 deletions(-) create mode 100644 lib/Froxlor/Cron/Backup/BackupCron.php create mode 100644 lib/Froxlor/Cron/Forkable.php rename lib/Froxlor/Cron/System/{BackupCron.php => ExportCron.php} (86%) diff --git a/actions/admin/settings/110.accounts.php b/actions/admin/settings/110.accounts.php index 7a0b92ab..3ba87597 100644 --- a/actions/admin/settings/110.accounts.php +++ b/actions/admin/settings/110.accounts.php @@ -236,7 +236,7 @@ return [ 'varname' => 'backupenabled', 'type' => 'checkbox', 'default' => false, - 'cronmodule' => 'froxlor/backup', + 'cronmodule' => 'froxlor/export', 'save_method' => 'storeSettingField' ], 'system_createstdsubdom_default' => [ diff --git a/actions/admin/settings/230.backup.php b/actions/admin/settings/230.backup.php index 87a211c7..01ba96ed 100644 --- a/actions/admin/settings/230.backup.php +++ b/actions/admin/settings/230.backup.php @@ -32,19 +32,20 @@ return [ 'fields' => [ 'system_backup_enabled' => [ 'label' => lng('serversettings.backup_enabled'), - 'settinggroup' => 'system', - 'varname' => 'diskquota_enabled', + 'settinggroup' => 'backup', + 'varname' => 'enabled', 'type' => 'checkbox', 'default' => false, 'save_method' => 'storeSettingField', - 'overview_option' => true + 'overview_option' => true, + 'cronmodule' => 'froxlor/backup' ], 'system_backup_type' => [ 'label' => lng('serversettings.backup_type'), - 'settinggroup' => 'system', - 'varname' => 'backup_type', + 'settinggroup' => 'backup', + 'varname' => 'type', 'type' => 'select', - 'default' => 'S3', + 'default' => 'Local', 'select_var' => [ 'Local' => lng('serversettings.local'), 'SFTP' => lng('serversettings.sftp'), @@ -56,66 +57,72 @@ return [ ], 'system_backup_region' => [ 'label' => lng('serversettings.backup_region'), - 'settinggroup' => 'system', - 'varname' => 'backup_region', + 'settinggroup' => 'backup', + 'varname' => 'region', 'type' => 'text', 'default' => 'eu-central-1', 'save_method' => 'storeSettingField', ], 'system_backup_bucket' => [ 'label' => lng('serversettings.backup_bucket'), - 'settinggroup' => 'system', - 'varname' => 'backup_bucket', + 'settinggroup' => 'backup', + 'varname' => 'bucket', 'type' => 'text', 'default' => '', 'save_method' => 'storeSettingField', ], 'system_backup_destination_path' => [ 'label' => lng('serversettings.backup_destination_path'), - 'settinggroup' => 'system', - 'varname' => 'backup_destination_path', + 'settinggroup' => 'backup', + 'varname' => 'destination_path', 'type' => 'text', - 'default' => 'backups', + 'string_type' => 'confdir', + 'default' => '/srv/backups/', 'save_method' => 'storeSettingField', ], 'system_backup_hostname' => [ 'label' => lng('serversettings.backup_hostname'), - 'settinggroup' => 'system', - 'varname' => 'backup_hostname', + 'settinggroup' => 'backup', + 'varname' => 'hostname', 'type' => 'text', 'default' => '', 'save_method' => 'storeSettingField', ], 'system_backup_username' => [ 'label' => lng('serversettings.backup_username'), - 'settinggroup' => 'system', - 'varname' => 'backup_username', + 'settinggroup' => 'backup', + 'varname' => 'username', 'type' => 'text', 'default' => '', 'save_method' => 'storeSettingField', ], 'system_backup_password' => [ 'label' => lng('serversettings.backup_password'), - 'settinggroup' => 'system', - 'varname' => 'backup_password', + 'settinggroup' => 'backup', + 'varname' => 'password', 'type' => 'password', 'default' => '', 'save_method' => 'storeSettingField', ], 'system_backup_pgp_public_key' => [ 'label' => lng('serversettings.backup_pgp_public_key'), - 'settinggroup' => 'system', - 'varname' => 'backup_pgp_public_key', + 'settinggroup' => 'backup', + 'varname' => 'pgp_public_key', 'type' => 'textarea', 'default' => '', 'save_method' => 'storeSettingField', + 'plausibility_check_method' => [ + '\\Froxlor\\Validate\\Check', + 'checkPgpPublicKeySetting' + ], ], 'system_backup_retention' => [ 'label' => lng('serversettings.backup_retention'), - 'settinggroup' => 'system', - 'varname' => 'backup_retention', + 'settinggroup' => 'backup', + 'varname' => 'retention', 'type' => 'number', 'default' => 3, + 'min' => 0, 'save_method' => 'storeSettingField', ], ] diff --git a/install/froxlor.sql.php b/install/froxlor.sql.php index 0e06cbe3..5c627a93 100644 --- a/install/froxlor.sql.php +++ b/install/froxlor.sql.php @@ -700,6 +700,16 @@ opcache.validate_timestamps'), ('system', 'traffictool', 'goaccess'), ('system', 'req_limit_per_interval', 60), ('system', 'req_limit_interval', 60), + ('backup', 'enabled', 0), + ('backup', 'type', 'Local'), + ('backup', 'region', ''), + ('backup', 'bucket', ''), + ('backup', 'destination_path', '/srv/backups/'), + ('backup', 'hostname', ''), + ('backup', 'username', ''), + ('backup', 'password', ''), + ('backup', 'pgp_public_key', ''), + ('backup', 'retention', '3'), ('api', 'enabled', '0'), ('api', 'customer_default', '1'), ('2fa', 'enabled', '1'), @@ -913,7 +923,8 @@ INSERT INTO `cronjobs_run` (`id`, `module`, `cronfile`, `cronclass`, `interval`, (3, 'froxlor/reports', 'usage_report', '\\Froxlor\\Cron\\Traffic\\ReportsCron', '1 DAY', '1', 'cron_usage_report'), (4, 'froxlor/core', 'mailboxsize', '\\Froxlor\\Cron\\System\\MailboxsizeCron', '6 HOUR', '1', 'cron_mailboxsize'), (5, 'froxlor/letsencrypt', 'letsencrypt', '\\Froxlor\\Cron\\Http\\LetsEncrypt\\AcmeSh', '5 MINUTE', '0', 'cron_letsencrypt'), - (6, 'froxlor/backup', 'backup', '\\Froxlor\\Cron\\System\\BackupCron', '1 DAY', '0', 'cron_backup'); + (6, 'froxlor/export', 'export', '\\Froxlor\\Cron\\System\\ExportCron', '1 DAY', '0', 'cron_export'); + (7, 'froxlor/backup', 'backup', '\\Froxlor\\Cron\\Backup\\BackupCron', '1 DAY', '0', 'cron_backup'); DROP TABLE IF EXISTS `ftp_quotalimits`; diff --git a/install/updates/froxlor/update_2.x.inc.php b/install/updates/froxlor/update_2.x.inc.php index 83906fb0..aa4eb8d4 100644 --- a/install/updates/froxlor/update_2.x.inc.php +++ b/install/updates/froxlor/update_2.x.inc.php @@ -524,5 +524,52 @@ if (Froxlor::isDatabaseVersion('202304260')) { Update::lastStepStatus(1, 'Customized setting, not changing'); } + Update::showUpdateStep("Creating new tables and fields for backups"); + Database::query("DROP TABLE IF EXISTS `panel_backups`;"); + $sql = "CREATE TABLE `panel_backups` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `adminid` int(11) NOT NULL, + `customerid` int(11) NOT NULL, + `loginname` varchar(255) NOT NULL, + `size` bigint(20) NOT NULL, + `created_at` int(15) NOT NULL, + PRIMARY KEY (`id`) + ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;"; + Database::query($sql); + Update::lastStepStatus(0); + + Update::showUpdateStep("Adding new backup settings"); + Settings::AddNew('backup.enabled', 0); + Settings::AddNew('backup.type', 'Local'); + Settings::AddNew('backup.region', ''); + Settings::AddNew('backup.bucket', ''); + Settings::AddNew('backup.destination_path', '/srv/backups/'); + Settings::AddNew('backup.hostname', ''); + Settings::AddNew('backup.username', ''); + Settings::AddNew('backup.password', ''); + Settings::AddNew('backup.pgp_public_key', ''); + Settings::AddNew('backup.retention', 3); + Update::lastStepStatus(0); + + Update::showUpdateStep("Adjusting cronjobs"); + Database::query(" + UPDATE `" . TABLE_PANEL_CRONRUNS . "` SET + `module`= 'froxlor/export', + `cronfile` = 'export', + `cronclass` = '\\Froxlor\\Cron\\System\\ExportCron', + `desc_lng_key` = 'cron_export' + WHERE `module` = 'froxlor/backup' + "); + Database::query(" + INSERT INTO `" . TABLE_PANEL_CRONRUNS . "` SET + `module`= 'froxlor/backup', + `cronfile` = 'backup', + `cronclass` = '\\Froxlor\\Cron\\Backup\\BackupCron', + `interval` = '1 DAY', + `isactive` = '0', + `desc_lng_key` = 'cron_backup' + "); + Update::lastStepStatus(0); + Froxlor::updateToDbVersion('202305240'); } diff --git a/lib/Froxlor/Cli/MasterCron.php b/lib/Froxlor/Cli/MasterCron.php index ec85d230..dd361d50 100644 --- a/lib/Froxlor/Cli/MasterCron.php +++ b/lib/Froxlor/Cli/MasterCron.php @@ -52,7 +52,7 @@ final class MasterCron extends CliCommand $this->setDescription('Regulary perform tasks created by froxlor'); $this->addArgument('job', InputArgument::IS_ARRAY, 'Job(s) to run'); $this->addOption('run-task', 'r', InputOption::VALUE_REQUIRED | InputOption::VALUE_IS_ARRAY, 'Run a specific task [1 = re-generate configs, 4 = re-generate dns zones, 10 = re-set quotas, 99 = re-create cron.d-file]') - ->addOption('force', 'f', InputOption::VALUE_NONE, 'Forces re-generating of config-files (webserver, nameserver, etc.)') + ->addOption('force', 'f', InputOption::VALUE_NONE, 'Forces given job or, if none given, forces re-generating of config-files (webserver, nameserver, etc.)') ->addOption('debug', 'd', InputOption::VALUE_NONE, 'Output debug information about what is going on to STDOUT.') ->addOption('no-fork', 'N', InputOption::VALUE_NONE, 'Do not fork to background (traffic cron only).'); } @@ -71,12 +71,13 @@ final class MasterCron extends CliCommand // handle force option if ($input->getOption('force')) { - // rebuild all config files - Cronjob::inserttask(TaskId::REBUILD_VHOST); - Cronjob::inserttask(TaskId::REBUILD_DNS); - Cronjob::inserttask(TaskId::CREATE_QUOTA); - Cronjob::inserttask(TaskId::REBUILD_CRON); - array_push($jobs, 'tasks'); + if (empty($jobs) || in_array('tasks', $jobs)) { + Cronjob::inserttask(TaskId::REBUILD_VHOST); + Cronjob::inserttask(TaskId::REBUILD_DNS); + Cronjob::inserttask(TaskId::CREATE_QUOTA); + Cronjob::inserttask(TaskId::REBUILD_CRON); + array_push($jobs, 'tasks'); + } define('CRON_IS_FORCED', 1); } // handle debug option @@ -91,7 +92,7 @@ final class MasterCron extends CliCommand if ($input->getOption('run-task')) { $tasks_to_run = $input->getOption('run-task'); foreach ($tasks_to_run as $ttr) { - if (in_array($ttr, [1, 4, 10, 99])) { + if (in_array($ttr, [TaskId::REBUILD_VHOST, TaskId::REBUILD_DNS, TaskId::CREATE_QUOTA, TaskId::REBUILD_CRON])) { Cronjob::inserttask($ttr); array_push($jobs, 'tasks'); } else { diff --git a/lib/Froxlor/Cron/Backup/BackupCron.php b/lib/Froxlor/Cron/Backup/BackupCron.php new file mode 100644 index 00000000..248cbe34 --- /dev/null +++ b/lib/Froxlor/Cron/Backup/BackupCron.php @@ -0,0 +1,61 @@ + + * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 + */ + +namespace Froxlor\Cron\Backup; + +use Froxlor\Cron\Forkable; +use Froxlor\Cron\FroxlorCron; + +class BackupCron extends FroxlorCron +{ + use Forkable; + + public static function run() + { + $users = ['web1', 'web2', 'web3', 'web4', 'web5', 'web6', 'web7', 'web8', 'web9', 'web10']; + + self::runFork([self::class, 'handle'], [ + [ + 'user' => '1', + 'data' => 'value1', + ], + [ + 'user' => '2', + 'data' => 'value2', + ] + ]); + } + + private static function handle($user, $data) + { + echo "BackupCron: started - creating customer backup for user $user\n"; + + echo $data . "\n"; + + sleep(rand(1, 3)); + + echo "BackupCron: finished - creating customer backup for user $user\n"; + } +} diff --git a/lib/Froxlor/Cron/Forkable.php b/lib/Froxlor/Cron/Forkable.php new file mode 100644 index 00000000..884dc6a9 --- /dev/null +++ b/lib/Froxlor/Cron/Forkable.php @@ -0,0 +1,58 @@ += $concurrentChildren) { + foreach($childrenPids as $key => $pid) { + $res = pcntl_waitpid($pid, $status, WNOHANG); + + // If the process has already exited + if($res == -1 || $res > 0) + unset($childrenPids[$key]); + } + + sleep(1); + } + } + } + while(pcntl_waitpid(0, $status) != -1); + } else { + if (!defined('CRON_NOFORK_FLAG')) { + if (extension_loaded('pcntl')) { + $msg = "PHP compiled with pcntl but pcntl_fork function is not available."; + } else { + $msg = "PHP compiled without pcntl."; + } + FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_WARNING, $msg . " Not forking " . self::class . ", this may take a long time!"); + } + foreach ($attributes as $closureAttributes) { + $closure(...$closureAttributes); + } + } + } +} diff --git a/lib/Froxlor/Cron/System/BackupCron.php b/lib/Froxlor/Cron/System/ExportCron.php similarity index 86% rename from lib/Froxlor/Cron/System/BackupCron.php rename to lib/Froxlor/Cron/System/ExportCron.php index eb67522c..1f2df748 100644 --- a/lib/Froxlor/Cron/System/BackupCron.php +++ b/lib/Froxlor/Cron/System/ExportCron.php @@ -25,59 +25,25 @@ namespace Froxlor\Cron\System; +use Exception; +use Froxlor\Cron\Forkable; use Froxlor\Cron\FroxlorCron; use Froxlor\Database\Database; use Froxlor\FileDir; use Froxlor\FroxlorLogger; use Froxlor\Settings; -class BackupCron extends FroxlorCron +class ExportCron extends FroxlorCron { + use Forkable; public static function run() { - // Check Backup-Lock - if (function_exists('pcntl_fork') && !defined('CRON_NOFORK_FLAG')) { - $BackupLock = FileDir::makeCorrectFile("/var/run/froxlor_cron_backup.lock"); - if (file_exists($BackupLock) && is_numeric($BackupPid = file_get_contents($BackupLock))) { - if (function_exists('posix_kill')) { - $BackupPidStatus = @posix_kill($BackupPid, 0); - } else { - system("kill -CHLD " . $BackupPid . " 1> /dev/null 2> /dev/null", $BackupPidStatus); - $BackupPidStatus = !$BackupPidStatus; - } - if ($BackupPidStatus) { - FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'Backup run already in progress'); - return 1; - } - } - // Create Backup Log and Fork - // We close the database - connection before we fork, so we don't share resources with the child - Database::needRoot(false); // this forces the connection to be set to null - $BackupPid = pcntl_fork(); - // Parent - if ($BackupPid) { - file_put_contents($BackupLock, $BackupPid); - // unnecessary to recreate database connection here - return 0; - } elseif ($BackupPid == 0) { - // Child - posix_setsid(); - // re-create db - Database::needRoot(false); - } else { - // Fork failed - return 1; - } - } elseif (!defined('CRON_NOFORK_FLAG')) { - if (extension_loaded('pcntl')) { - $msg = "PHP compiled with pcntl but pcntl_fork function is not available."; - } else { - $msg = "PHP compiled without pcntl."; - } - FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_WARNING, $msg . " Not forking backup-cron, this may take a long time!"); - } + self::runFork([self::class, 'handle']); + } + public static function handle() + { FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'BackupCron: started - creating customer backup'); $result_tasks_stmt = Database::query(" @@ -113,12 +79,6 @@ class BackupCron extends FroxlorCron 'id' => $row['id'] ]); } - - - if (function_exists('pcntl_fork') && !defined('CRON_NOFORK_FLAG')) { - @unlink($BackupLock); - die(); - } } /** @@ -128,6 +88,7 @@ class BackupCron extends FroxlorCron * * @return void * + * @throws Exception */ private static function createCustomerBackup($data = null, $customerdocroot = null, &$cronlog = null) { diff --git a/lib/Froxlor/Cron/Traffic/TrafficCron.php b/lib/Froxlor/Cron/Traffic/TrafficCron.php index f6528802..30d1bd1b 100644 --- a/lib/Froxlor/Cron/Traffic/TrafficCron.php +++ b/lib/Froxlor/Cron/Traffic/TrafficCron.php @@ -30,6 +30,7 @@ namespace Froxlor\Cron\Traffic; * @author Froxlor team (2010-) */ +use Froxlor\Cron\Forkable; use Froxlor\Cron\FroxlorCron; use Froxlor\Database\Database; use Froxlor\FileDir; @@ -42,51 +43,15 @@ use PDO; class TrafficCron extends FroxlorCron { + use Forkable; public static function run() { - // Check Traffic-Lock - if (function_exists('pcntl_fork') && !defined('CRON_NOFORK_FLAG')) { - $TrafficLock = FileDir::makeCorrectFile("/var/run/froxlor_cron_traffic.lock"); - if (file_exists($TrafficLock) && is_numeric($TrafficPid = file_get_contents($TrafficLock))) { - if (function_exists('posix_kill')) { - $TrafficPidStatus = @posix_kill($TrafficPid, 0); - } else { - system("kill -CHLD " . $TrafficPid . " 1> /dev/null 2> /dev/null", $TrafficPidStatus); - $TrafficPidStatus = !$TrafficPidStatus; - } - if ($TrafficPidStatus) { - FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'Traffic Run already in progress'); - return 1; - } - } - // Create Traffic Log and Fork - // We close the database - connection before we fork, so we don't share resources with the child - Database::needRoot(false); // this forces the connection to be set to null - $TrafficPid = pcntl_fork(); - // Parent - if ($TrafficPid) { - file_put_contents($TrafficLock, $TrafficPid); - // unnecessary to recreate database connection here - return 0; - } elseif ($TrafficPid == 0) { - // Child - posix_setsid(); - // re-create db - Database::needRoot(false); - } else { - // Fork failed - return 1; - } - } elseif (!defined('CRON_NOFORK_FLAG')) { - if (extension_loaded('pcntl')) { - $msg = "PHP compiled with pcntl but pcntl_fork function is not available."; - } else { - $msg = "PHP compiled without pcntl."; - } - FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, $msg . " Not forking traffic-cron, this may take a long time!"); - } + self::runFork([self::class, 'handle']); + } + public static function handle() + { /** * TRAFFIC AND DISKUSAGE MEASURE */ @@ -611,11 +576,6 @@ class TrafficCron extends FroxlorCron } Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = UNIX_TIMESTAMP() WHERE `settinggroup` = 'system' AND `varname` = 'last_traffic_run'"); - - if (function_exists('pcntl_fork') && !defined('CRON_NOFORK_FLAG')) { - @unlink($TrafficLock); - die(); - } } /** diff --git a/lib/Froxlor/Validate/Check.php b/lib/Froxlor/Validate/Check.php index cb113c72..2d5229b1 100644 --- a/lib/Froxlor/Validate/Check.php +++ b/lib/Froxlor/Validate/Check.php @@ -314,4 +314,30 @@ class Check } return $returnvalue; } + + public static function checkPgpPublicKeySetting($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues) + { + // if the field is empty, we don't need to check anything + if ($newfieldvalue === '') { + return [self::FORMFIELDS_PLAUSIBILITY_CHECK_OK]; + } + + // check if gnupg extension is loaded + if (!extension_loaded('gnupg')) { + return [ + self::FORMFIELDS_PLAUSIBILITY_CHECK_ERROR, + 'gnupgextensionnotavailable' + ]; + } + // check if the pgp public key is a valid key + putenv('GNUPGHOME='.sys_get_temp_dir()); + if (gnupg_import(gnupg_init(), $newfieldvalue) === false) { + return [ + self::FORMFIELDS_PLAUSIBILITY_CHECK_ERROR, + 'invalidpgppublickey' + ]; + } + + return [self::FORMFIELDS_PLAUSIBILITY_CHECK_OK]; + } } From 69c58d21be0b12150da8876ee35e2e48c5ad5866 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Tue, 6 Jun 2023 17:45:14 +0200 Subject: [PATCH 21/87] correctly fork export cron action with new Forkable-trait Signed-off-by: Michael Kaufmann --- lib/Froxlor/Cron/System/ExportCron.php | 64 +++++++++++++------------- 1 file changed, 31 insertions(+), 33 deletions(-) diff --git a/lib/Froxlor/Cron/System/ExportCron.php b/lib/Froxlor/Cron/System/ExportCron.php index 1f2df748..b05952b7 100644 --- a/lib/Froxlor/Cron/System/ExportCron.php +++ b/lib/Froxlor/Cron/System/ExportCron.php @@ -38,47 +38,45 @@ class ExportCron extends FroxlorCron use Forkable; public static function run() - { - self::runFork([self::class, 'handle']); - } - - public static function handle() { FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'BackupCron: started - creating customer backup'); $result_tasks_stmt = Database::query(" SELECT * FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '20' ORDER BY `id` ASC "); - - $del_stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_TASKS . "` WHERE `id` = :id"); - - $cronlog = FroxlorLogger::getInstanceOf(); $all_jobs = $result_tasks_stmt->fetchAll(); - foreach ($all_jobs as $row) { - if ($row['data'] != '') { - $row['data'] = json_decode($row['data'], true); - } - if (is_array($row['data'])) { - if (isset($row['data']['customerid']) && isset($row['data']['loginname']) && isset($row['data']['destdir'])) { - $row['data']['destdir'] = FileDir::makeCorrectDir($row['data']['destdir']); - $customerdocroot = FileDir::makeCorrectDir(Settings::Get('system.documentroot_prefix') . '/' . $row['data']['loginname'] . '/'); + self::runFork([self::class, 'handle'], $all_jobs); + } - // create folder if not exists - if (!file_exists($row['data']['destdir']) && $row['data']['destdir'] != '/' && $row['data']['destdir'] != Settings::Get('system.documentroot_prefix') && $row['data']['destdir'] != $customerdocroot) { - FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_NOTICE, 'Creating backup-destination path for customer: ' . escapeshellarg($row['data']['destdir'])); - FileDir::safe_exec('mkdir -p ' . escapeshellarg($row['data']['destdir'])); - } + public static function handle(array $row) + { + $del_stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_TASKS . "` WHERE `id` = :id"); + $cronlog = FroxlorLogger::getInstanceOf(); - self::createCustomerBackup($row['data'], $customerdocroot, $cronlog); - } - } - - // remove entry - Database::pexecute($del_stmt, [ - 'id' => $row['id'] - ]); + if ($row['data'] != '') { + $row['data'] = json_decode($row['data'], true); } + + if (is_array($row['data'])) { + if (isset($row['data']['customerid']) && isset($row['data']['loginname']) && isset($row['data']['destdir'])) { + $row['data']['destdir'] = FileDir::makeCorrectDir($row['data']['destdir']); + $customerdocroot = FileDir::makeCorrectDir(Settings::Get('system.documentroot_prefix') . '/' . $row['data']['loginname'] . '/'); + + // create folder if not exists + if (!file_exists($row['data']['destdir']) && $row['data']['destdir'] != '/' && $row['data']['destdir'] != Settings::Get('system.documentroot_prefix') && $row['data']['destdir'] != $customerdocroot) { + FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_NOTICE, 'Creating backup-destination path for customer: ' . escapeshellarg($row['data']['destdir'])); + FileDir::safe_exec('mkdir -p ' . escapeshellarg($row['data']['destdir'])); + } + + self::createCustomerBackup($row['data'], $customerdocroot, $cronlog); + } + } + + // remove entry + Database::pexecute($del_stmt, [ + 'id' => $row['id'] + ]); } /** @@ -193,13 +191,13 @@ class ExportCron extends FroxlorCron // create tar-file $backup_file = FileDir::makeCorrectFile($tmpdir . '/' . $data['loginname'] . '-backup_' . date('YmdHi', time()) . '.tar.gz' . (!empty($data['pgp_public_key']) ? '.gpg' : '')); $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'Creating backup-file "' . $backup_file . '"'); - if (!empty($data['pgp_public_key'])){ + if (!empty($data['pgp_public_key'])) { // pack all archives in tmp-dir to one archive and encrypt it with gpg $recipient_file = FileDir::makeCorrectFile($tmpdir . '/' . $data['loginname'] . '-recipients.gpg'); $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'Creating recipient-file "' . $recipient_file . '"'); file_put_contents($recipient_file, $data['pgp_public_key']); - $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> tar cfz - -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_backup_tar_data) . ' | gpg --encrypt --recipient-file '. escapeshellarg($recipient_file) .' --output ' . escapeshellarg($backup_file) . ' --trust-model always --batch --yes'); - FileDir::safe_exec('tar cfz - -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_backup_tar_data) . ' | gpg --encrypt --recipient-file '. escapeshellarg($recipient_file) .' --output ' . escapeshellarg($backup_file) . ' --trust-model always --batch --yes', $return_value, ['|']); + $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> tar cfz - -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_backup_tar_data) . ' | gpg --encrypt --recipient-file ' . escapeshellarg($recipient_file) . ' --output ' . escapeshellarg($backup_file) . ' --trust-model always --batch --yes'); + FileDir::safe_exec('tar cfz - -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_backup_tar_data) . ' | gpg --encrypt --recipient-file ' . escapeshellarg($recipient_file) . ' --output ' . escapeshellarg($backup_file) . ' --trust-model always --batch --yes', $return_value, ['|']); } else { // pack all archives in tmp-dir to one archive $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> tar cfz ' . escapeshellarg($backup_file) . ' -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_backup_tar_data)); From 4bfed71ac9b106c73f2383f81d06e6e179c16b14 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Tue, 6 Jun 2023 17:47:59 +0200 Subject: [PATCH 22/87] fix install sql Signed-off-by: Michael Kaufmann --- install/froxlor.sql.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/froxlor.sql.php b/install/froxlor.sql.php index 5c627a93..6df8754c 100644 --- a/install/froxlor.sql.php +++ b/install/froxlor.sql.php @@ -923,7 +923,7 @@ INSERT INTO `cronjobs_run` (`id`, `module`, `cronfile`, `cronclass`, `interval`, (3, 'froxlor/reports', 'usage_report', '\\Froxlor\\Cron\\Traffic\\ReportsCron', '1 DAY', '1', 'cron_usage_report'), (4, 'froxlor/core', 'mailboxsize', '\\Froxlor\\Cron\\System\\MailboxsizeCron', '6 HOUR', '1', 'cron_mailboxsize'), (5, 'froxlor/letsencrypt', 'letsencrypt', '\\Froxlor\\Cron\\Http\\LetsEncrypt\\AcmeSh', '5 MINUTE', '0', 'cron_letsencrypt'), - (6, 'froxlor/export', 'export', '\\Froxlor\\Cron\\System\\ExportCron', '1 DAY', '0', 'cron_export'); + (6, 'froxlor/export', 'export', '\\Froxlor\\Cron\\System\\ExportCron', '1 DAY', '0', 'cron_export'), (7, 'froxlor/backup', 'backup', '\\Froxlor\\Cron\\Backup\\BackupCron', '1 DAY', '0', 'cron_backup'); From 518160292157d7ab55088f5b7f0e5fe09a09d63d Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Tue, 6 Jun 2023 17:51:07 +0200 Subject: [PATCH 23/87] fix cronjobs test Signed-off-by: Michael Kaufmann --- tests/Cronjobs/CronjobsTest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/Cronjobs/CronjobsTest.php b/tests/Cronjobs/CronjobsTest.php index 633e537c..d7159554 100644 --- a/tests/Cronjobs/CronjobsTest.php +++ b/tests/Cronjobs/CronjobsTest.php @@ -24,7 +24,7 @@ class CronjobsTest extends TestCase $json_result = Cronjobs::getLocal($admin_userdata)->listingCount(); $result = json_decode($json_result, true)['data']; - $this->assertEquals(6, $result); + $this->assertEquals(7, $result); } public function testCustomerCronjobsListNotAllowed() From e958cfed84ce558469b8e0981603f26d46eda03d Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Wed, 7 Jun 2023 11:37:00 +0200 Subject: [PATCH 24/87] big renaming of CustomerBackup to DataDump / export for the real backup-feature to shine :P Signed-off-by: Michael Kaufmann --- actions/admin/settings/100.panel.php | 2 +- actions/admin/settings/110.accounts.php | 6 +- customer_extras.php | 34 +++--- install/froxlor.sql.php | 13 +- install/updates/froxlor/update_2.x.inc.php | 7 ++ .../{CustomerBackups.php => DataDump.php} | 112 +++++++++--------- lib/Froxlor/Cron/Forkable.php | 17 ++- lib/Froxlor/Cron/System/ExportCron.php | 44 +++---- lib/Froxlor/Cron/System/TasksCron.php | 2 +- lib/Froxlor/Cron/TaskId.php | 4 +- lib/Froxlor/System/Cronjob.php | 4 +- ...mfield.backup.php => formfield.export.php} | 27 ++--- lib/navigation/00.froxlor.main.php | 6 +- ...ng.backups.php => tablelisting.export.php} | 32 ++--- lng/cz.lng.php | 8 -- lng/de.lng.php | 43 +++---- lng/en.lng.php | 43 +++---- lng/es.lng.php | 16 +-- ...stomerBackupsTest.php => DataDumpTest.php} | 96 +++++++-------- tests/Cron/TaskIdTest.php | 2 +- 20 files changed, 257 insertions(+), 261 deletions(-) rename lib/Froxlor/Api/Commands/{CustomerBackups.php => DataDump.php} (68%) rename lib/formfields/customer/extras/{formfield.backup.php => formfield.export.php} (73%) rename lib/tablelisting/customer/{tablelisting.backups.php => tablelisting.export.php} (77%) rename tests/Backup/{CustomerBackupsTest.php => DataDumpTest.php} (52%) diff --git a/actions/admin/settings/100.panel.php b/actions/admin/settings/100.panel.php index b1ac1522..18a64def 100644 --- a/actions/admin/settings/100.panel.php +++ b/actions/admin/settings/100.panel.php @@ -265,7 +265,7 @@ return [ 'extras.directoryprotection' => lng('menue.extras.extras') . " / " . lng('menue.extras.directoryprotection'), 'extras.pathoptions' => lng('menue.extras.extras') . " / " . lng('menue.extras.pathoptions'), 'extras.logger' => lng('menue.extras.extras') . " / " . lng('menue.logger.logger'), - 'extras.backup' => lng('menue.extras.extras') . " / " . lng('menue.extras.backup'), + 'extras.export' => lng('menue.extras.extras') . " / " . lng('menue.extras.export'), 'traffic' => lng('menue.traffic.traffic'), 'traffic.http' => lng('menue.traffic.traffic') . " / HTTP", 'traffic.ftp' => lng('menue.traffic.traffic') . " / FTP", diff --git a/actions/admin/settings/110.accounts.php b/actions/admin/settings/110.accounts.php index 3ba87597..cff32356 100644 --- a/actions/admin/settings/110.accounts.php +++ b/actions/admin/settings/110.accounts.php @@ -230,10 +230,10 @@ return [ 'onlyif' => 1 ] ], - 'system_backupenabled' => [ - 'label' => lng('serversettings.backupenabled'), + 'system_exportenabled' => [ + 'label' => lng('serversettings.exportenabled'), 'settinggroup' => 'system', - 'varname' => 'backupenabled', + 'varname' => 'exportenabled', 'type' => 'checkbox', 'default' => false, 'cronmodule' => 'froxlor/export', diff --git a/customer_extras.php b/customer_extras.php index 05ee93d7..f5a850f2 100644 --- a/customer_extras.php +++ b/customer_extras.php @@ -26,7 +26,7 @@ const AREA = 'customer'; require __DIR__ . '/lib/init.php'; -use Froxlor\Api\Commands\CustomerBackups as CustomerBackups; +use Froxlor\Api\Commands\DataDump as DataDump; use Froxlor\Api\Commands\DirOptions as DirOptions; use Froxlor\Api\Commands\DirProtections as DirProtections; use Froxlor\Customer\Customer; @@ -282,18 +282,18 @@ if ($page == 'overview' || $page == 'htpasswds') { } } } -} elseif ($page == 'backup') { +} elseif ($page == 'export') { // redirect if this customer sub-page is hidden via settings - if (Settings::IsInList('panel.customer_hide_options', 'extras.backup')) { + if (Settings::IsInList('panel.customer_hide_options', 'extras.export')) { Response::redirectTo('customer_index.php'); } - if (Settings::Get('system.backupenabled') == 1) { + if (Settings::Get('system.exportenabled') == 1) { if ($action == 'abort') { if (isset($_POST['send']) && $_POST['send'] == 'send') { - $log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "customer_extras::backup - aborted scheduled backupjob"); + $log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "customer_extras::export - aborted scheduled data export job"); try { - CustomerBackups::getLocal($userinfo, $_POST)->delete(); + DataDump::getLocal($userinfo, $_POST)->delete(); } catch (Exception $e) { Response::dynamicError($e->getMessage()); } @@ -302,43 +302,43 @@ if ($page == 'overview' || $page == 'htpasswds') { 'action' => '' ]); } else { - HTML::askYesNo('extras_reallydelete_backup', $filename, [ - 'backup_job_entry' => $id, + HTML::askYesNo('extras_reallydelete_export', $filename, [ + 'job_entry' => $id, 'section' => 'extras', 'page' => $page, 'action' => $action ]); } } elseif ($action == '') { - $log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "viewed customer_extras::backup"); + $log->logAction(FroxlorLogger::USR_ACTION, LOG_INFO, "viewed customer_extras::export"); // check whether there is a backup-job for this customer try { - $backup_list_data = include_once dirname(__FILE__) . '/lib/tablelisting/customer/tablelisting.backups.php'; - $collection = (new Collection(CustomerBackups::class, $userinfo)); + $export_list_data = include_once dirname(__FILE__) . '/lib/tablelisting/customer/tablelisting.export.php'; + $collection = (new Collection(DataDump::class, $userinfo)); } catch (Exception $e) { Response::dynamicError($e->getMessage()); } if (isset($_POST['send']) && $_POST['send'] == 'send') { try { - CustomerBackups::getLocal($userinfo, $_POST)->add(); + DataDump::getLocal($userinfo, $_POST)->add(); } catch (Exception $e) { Response::dynamicError($e->getMessage()); } - Response::standardSuccess('backupscheduled'); + Response::standardSuccess('exportscheduled'); } else { $pathSelect = FileDir::makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid']); - $backup_data = include_once dirname(__FILE__) . '/lib/formfields/customer/extras/formfield.backup.php'; + $export_data = include_once dirname(__FILE__) . '/lib/formfields/customer/extras/formfield.export.php'; UI::view('user/form-datatable.html.twig', [ 'formaction' => $linker->getLink(['section' => 'extras']), - 'formdata' => $backup_data['backup'], - 'tabledata' => Listing::format($collection, $backup_list_data, 'backup_list'), + 'formdata' => $export_data['export'], + 'tabledata' => Listing::format($collection, $export_list_data, 'export_list'), ]); } } } else { - Response::standardError('backupfunctionnotenabled'); + Response::standardError('exportfunctionnotenabled'); } } diff --git a/install/froxlor.sql.php b/install/froxlor.sql.php index 6df8754c..cd6e0bdb 100644 --- a/install/froxlor.sql.php +++ b/install/froxlor.sql.php @@ -646,7 +646,7 @@ opcache.validate_timestamps'), ('system', 'letsencryptreuseold', 0), ('system', 'leenabled', '0'), ('system', 'leapiversion', '2'), - ('system', 'backupenabled', '0'), + ('system', 'exportenabled', '0'), ('system', 'dnsenabled', '0'), ('system', 'dns_server', 'Bind'), ('system', 'apacheglobaldiropt', ''), @@ -1071,4 +1071,15 @@ CREATE TABLE `panel_loginlinks` ( `allowed_from` text NOT NULL, UNIQUE KEY `loginname` (`loginname`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci; + +DROP TABLE IF EXISTS `panel_backups`; +CREATE TABLE `panel_backups` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `adminid` int(11) NOT NULL, + `customerid` int(11) NOT NULL, + `loginname` varchar(255) NOT NULL, + `size` bigint(20) NOT NULL, + `created_at` int(15) NOT NULL, + PRIMARY KEY (`id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci; FROXLORSQL; diff --git a/install/updates/froxlor/update_2.x.inc.php b/install/updates/froxlor/update_2.x.inc.php index aa4eb8d4..fd0d1217 100644 --- a/install/updates/froxlor/update_2.x.inc.php +++ b/install/updates/froxlor/update_2.x.inc.php @@ -571,5 +571,12 @@ if (Froxlor::isDatabaseVersion('202304260')) { "); Update::lastStepStatus(0); + Update::showUpdateStep("Adjusting system for data-export function"); + Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "`SET `varname` = 'exportenabled' WHERE `settinggroup`= 'system' AND `varname`= 'backupenabled"); + Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "`SET `value` = REPLACE(`value`, 'extras.backup', 'extras.export') WHERE `settinggroup` = 'panel' AND `varname` = 'customer_hide_options'"); + Database::query("DELETE FROM `" . TABLE_PANEL_USERCOLUMNS . "` WHERE `section` = 'backup_list'"); + Database::query("DELETE FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '20'"); + Update::lastStepStatus(0); + Froxlor::updateToDbVersion('202305240'); } diff --git a/lib/Froxlor/Api/Commands/CustomerBackups.php b/lib/Froxlor/Api/Commands/DataDump.php similarity index 68% rename from lib/Froxlor/Api/Commands/CustomerBackups.php rename to lib/Froxlor/Api/Commands/DataDump.php index 83360684..00579733 100644 --- a/lib/Froxlor/Api/Commands/CustomerBackups.php +++ b/lib/Froxlor/Api/Commands/DataDump.php @@ -41,22 +41,22 @@ use PDO; /** * @since 0.10.0 */ -class CustomerBackups extends ApiCommand implements ResourceEntity +class DataDump extends ApiCommand implements ResourceEntity { /** - * add a new customer backup job + * add a new data dump job * * @param string $path - * path to store the backup to + * path to store the dumped data to * @param string $pgp_public_key - * optional pgp public key to encrypt the backup, default is empty - * @param bool $backup_dbs - * optional whether to backup databases, default is 0 (false) - * @param bool $backup_mail - * optional whether to backup mail-data, default is 0 (false) - * @param bool $backup_web - * optional whether to backup web-data, default is 0 (false) + * optional pgp public key to encrypt the archive, default is empty + * @param bool $dump_dbs + * optional whether to include databases, default is 0 (false) + * @param bool $dump_mail + * optional whether to include mail-data, default is 0 (false) + * @param bool $dump_web + * optional whether to incoude web-data, default is 0 (false) * @param int $customerid * optional, required when called as admin (if $loginname is not specified) * @param string $loginname @@ -75,9 +75,9 @@ class CustomerBackups extends ApiCommand implements ResourceEntity // parameter $pgp_public_key = $this->getParam('pgp_public_key', true, ''); - $backup_dbs = $this->getBoolParam('backup_dbs', true, 0); - $backup_mail = $this->getBoolParam('backup_mail', true, 0); - $backup_web = $this->getBoolParam('backup_web', true, 0); + $dump_dbs = $this->getBoolParam('dump_dbs', true, 0); + $dump_mail = $this->getBoolParam('dump_mail', true, 0); + $dump_web = $this->getBoolParam('dump_web', true, 0); // get customer data $customer = $this->getCustomerData(); @@ -89,7 +89,7 @@ class CustomerBackups extends ApiCommand implements ResourceEntity // path cannot be the customers docroot if ($path == FileDir::makeCorrectDir($customer['documentroot'])) { - Response::standardError('backupfoldercannotbedocroot', '', true); + Response::standardError('dumpfoldercannotbedocroot', '', true); } // pgp public key validation @@ -105,16 +105,16 @@ class CustomerBackups extends ApiCommand implements ResourceEntity } } - if ($backup_dbs != '1') { - $backup_dbs = '0'; + if ($dump_dbs != '1') { + $dump_dbs = '0'; } - if ($backup_mail != '1') { - $backup_mail = '0'; + if ($dump_mail != '1') { + $dump_mail = '0'; } - if ($backup_web != '1') { - $backup_web = '0'; + if ($dump_web != '1') { + $dump_web = '0'; } $task_data = [ @@ -124,62 +124,62 @@ class CustomerBackups extends ApiCommand implements ResourceEntity 'loginname' => $customer['loginname'], 'destdir' => $path, 'pgp_public_key' => $pgp_public_key, - 'backup_dbs' => $backup_dbs, - 'backup_mail' => $backup_mail, - 'backup_web' => $backup_web + 'dump_dbs' => $dump_dbs, + 'dump_mail' => $dump_mail, + 'dump_web' => $dump_web ]; - // schedule backup job - Cronjob::inserttask(TaskId::CREATE_CUSTOMER_BACKUP, $task_data); + // schedule export job + Cronjob::inserttask(TaskId::CREATE_CUSTOMER_DATADUMP, $task_data); - $this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] added customer-backup job for '" . $customer['loginname'] . "'. Target directory: " . $userpath); + $this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] added customer data-dump job for '" . $customer['loginname'] . "'. Target directory: " . $userpath); return $this->response($task_data); } /** - * check whether backup is enabled systemwide and if accessible for customer (hide_options) + * check whether data dump is enabled systemwide and if accessible for customer (hide_options) * * @throws Exception */ private function validateAccess() { - if (Settings::Get('system.backupenabled') != 1) { + if (Settings::Get('system.exportenabled') != 1) { throw new Exception("You cannot access this resource", 405); } if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'extras')) { throw new Exception("You cannot access this resource", 405); } - if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'extras.backup')) { + if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'extras.export')) { throw new Exception("You cannot access this resource", 405); } } /** - * You cannot get a planned backup. - * Try CustomerBackups.listing() + * You cannot get a planned data export. + * Try DataDump.listing() */ public function get() { - throw new Exception('You cannot get a planned backup. Try CustomerBackups.listing()', 303); + throw new Exception('You cannot get a planned data export. Try DataDump.listing()', 303); } /** - * You cannot update a planned backup. + * You cannot update a planned data export. * You need to delete it and re-add it. */ public function update() { - throw new Exception('You cannot update a planned backup. You need to delete it and re-add it.', 303); + throw new Exception('You cannot update a planned data export. You need to delete it and re-add it.', 303); } /** - * list all planned backup-jobs, if called from an admin, list all planned backup-jobs of all customers you are + * list all planned data export jobs, if called from an admin, list all planned data export jobs of all customers you are * allowed to view, or specify id or loginname for one specific customer * * @param int $customerid - * optional, admin-only, select backup-jobs of a specific customer by id + * optional, admin-only, select data export jobs of a specific customer by id * @param string $loginname - * optional, admin-only, select backup-jobs of a specific customer by loginname + * optional, admin-only, select data export jobs of a specific customer by loginname * @param array $sql_search * optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), * LIKE is used if left empty and 'value' => searchvalue @@ -199,9 +199,9 @@ class CustomerBackups extends ApiCommand implements ResourceEntity { $this->validateAccess(); - $customer_ids = $this->getAllowedCustomerIds('extras.backup'); + $customer_ids = $this->getAllowedCustomerIds('extras.export'); - // check whether there is a backup-job for this customer + // check whether there is a data export job for this customer $query_fields = []; $sel_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '20'" . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit()); Database::pexecute($sel_stmt, $query_fields, true, true); @@ -212,7 +212,7 @@ class CustomerBackups extends ApiCommand implements ResourceEntity $result[] = $entry; } } - $this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] list customer-backups"); + $this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_INFO, "[API] list customer data dump jobs"); return $this->response([ 'count' => count($result), 'list' => $result @@ -220,12 +220,12 @@ class CustomerBackups extends ApiCommand implements ResourceEntity } /** - * returns the total number of planned backups + * returns the total number of planned data exports * * @param int $customerid - * optional, admin-only, select backup-jobs of a specific customer by id + * optional, admin-only, select data export jobs of a specific customer by id * @param string $loginname - * optional, admin-only, select backup-jobs of a specific customer by loginname + * optional, admin-only, select data export jobs of a specific customer by loginname * * @access admin, customer * @return string json-encoded response message @@ -235,9 +235,9 @@ class CustomerBackups extends ApiCommand implements ResourceEntity { $this->validateAccess(); - $customer_ids = $this->getAllowedCustomerIds('extras.backup'); + $customer_ids = $this->getAllowedCustomerIds('extras.export'); - // check whether there is a backup-job for this customer + // check whether there is a data export job for this customer $result_count = 0; $sel_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '20'"); Database::pexecute($sel_stmt, null, true, true); @@ -251,10 +251,10 @@ class CustomerBackups extends ApiCommand implements ResourceEntity } /** - * delete a planned backup-jobs by id, if called from an admin you need to specify the customerid/loginname + * delete a planned data export jobs by id, if called from an admin you need to specify the customerid/loginname * - * @param int $backup_job_entry - * id of backup job + * @param int $job_entry + * id of data export job * @param int $customerid * optional, required when called as admin (if $loginname is not specified) * @param string $loginname @@ -266,26 +266,26 @@ class CustomerBackups extends ApiCommand implements ResourceEntity */ public function delete() { - // get planned backups - $result = $this->apiCall('CustomerBackups.listing', $this->getParamList()); + // get planned exports + $result = $this->apiCall('DataDump.listing', $this->getParamList()); - $entry = $this->getParam('backup_job_entry'); - $customer_ids = $this->getAllowedCustomerIds('extras.backup'); + $entry = $this->getParam('job_entry'); + $customer_ids = $this->getAllowedCustomerIds('extras.export'); if ($result['count'] > 0 && $entry > 0) { // prepare statement $del_stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_TASKS . "` WHERE `id` = :tid"); // check for the correct job - foreach ($result['list'] as $backupjob) { - if ($backupjob['id'] == $entry && in_array($backupjob['data']['customerid'], $customer_ids)) { + foreach ($result['list'] as $exportjob) { + if ($exportjob['id'] == $entry && in_array($exportjob['data']['customerid'], $customer_ids)) { Database::pexecute($del_stmt, [ 'tid' => $entry ], true, true); - $this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] deleted planned customer-backup #" . $entry); + $this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] deleted planned customer data export job #" . $entry); return $this->response(true); } } } - throw new Exception('Backup job with id #' . $entry . ' could not be found', 404); + throw new Exception('Data export job with id #' . $entry . ' could not be found', 404); } } diff --git a/lib/Froxlor/Cron/Forkable.php b/lib/Froxlor/Cron/Forkable.php index 884dc6a9..dc928f8c 100644 --- a/lib/Froxlor/Cron/Forkable.php +++ b/lib/Froxlor/Cron/Forkable.php @@ -20,27 +20,26 @@ trait Forkable if ($pid == -1) { exit("Error forking...\n"); - } else if ($pid == 0) { + } elseif ($pid == 0) { // re-create db Database::needRoot(false); - $closure(...$closureAttributes); + $closure($closureAttributes); exit(); } else { $childrenPids[] = $pid; - while(count($childrenPids) >= $concurrentChildren) { - foreach($childrenPids as $key => $pid) { + while (count($childrenPids) >= $concurrentChildren) { + foreach ($childrenPids as $key => $pid) { $res = pcntl_waitpid($pid, $status, WNOHANG); - // If the process has already exited - if($res == -1 || $res > 0) + if ($res == -1 || $res > 0) { unset($childrenPids[$key]); + } } - sleep(1); } } } - while(pcntl_waitpid(0, $status) != -1); + while (pcntl_waitpid(0, $status) != -1); } else { if (!defined('CRON_NOFORK_FLAG')) { if (extension_loaded('pcntl')) { @@ -51,7 +50,7 @@ trait Forkable FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_WARNING, $msg . " Not forking " . self::class . ", this may take a long time!"); } foreach ($attributes as $closureAttributes) { - $closure(...$closureAttributes); + $closure($closureAttributes); } } } diff --git a/lib/Froxlor/Cron/System/ExportCron.php b/lib/Froxlor/Cron/System/ExportCron.php index b05952b7..8575013a 100644 --- a/lib/Froxlor/Cron/System/ExportCron.php +++ b/lib/Froxlor/Cron/System/ExportCron.php @@ -39,7 +39,7 @@ class ExportCron extends FroxlorCron public static function run() { - FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'BackupCron: started - creating customer backup'); + FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'ExportCron: started - creating customer data export'); $result_tasks_stmt = Database::query(" SELECT * FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '20' ORDER BY `id` ASC @@ -65,11 +65,11 @@ class ExportCron extends FroxlorCron // create folder if not exists if (!file_exists($row['data']['destdir']) && $row['data']['destdir'] != '/' && $row['data']['destdir'] != Settings::Get('system.documentroot_prefix') && $row['data']['destdir'] != $customerdocroot) { - FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_NOTICE, 'Creating backup-destination path for customer: ' . escapeshellarg($row['data']['destdir'])); + FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'Creating data export destination path for customer: ' . escapeshellarg($row['data']['destdir'])); FileDir::safe_exec('mkdir -p ' . escapeshellarg($row['data']['destdir'])); } - self::createCustomerBackup($row['data'], $customerdocroot, $cronlog); + self::createCustomerExport($row['data'], $customerdocroot, $cronlog); } } @@ -80,7 +80,7 @@ class ExportCron extends FroxlorCron } /** - * depending on the give choice, the customers web-data, email-data and databases are being backup'ed + * depending on the give choice, the customers web-data, email-data and databases are being exported * * @param array $data * @@ -88,19 +88,19 @@ class ExportCron extends FroxlorCron * * @throws Exception */ - private static function createCustomerBackup($data = null, $customerdocroot = null, &$cronlog = null) + private static function createCustomerExport($data = null, $customerdocroot = null, &$cronlog = null) { - $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'Creating Backup for user "' . $data['loginname'] . '"'); + $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_NOTICE, 'Creating data export for user "' . $data['loginname'] . '"'); // create tmp folder $tmpdir = FileDir::makeCorrectDir($data['destdir'] . '/.tmp/'); $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'Creating tmp-folder "' . $tmpdir . '"'); $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> mkdir -p ' . escapeshellarg($tmpdir)); FileDir::safe_exec('mkdir -p ' . escapeshellarg($tmpdir)); - $create_backup_tar_data = ""; + $create_export_tar_data = ""; // MySQL databases - if ($data['backup_dbs'] == 1) { + if ($data['dump_dbs'] == 1) { $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'Creating mysql-folder "' . FileDir::makeCorrectDir($tmpdir . '/mysql') . '"'); $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> mkdir -p ' . escapeshellarg(FileDir::makeCorrectDir($tmpdir . '/mysql'))); FileDir::safe_exec('mkdir -p ' . escapeshellarg(FileDir::makeCorrectDir($tmpdir . '/mysql'))); @@ -140,7 +140,7 @@ class ExportCron extends FroxlorCron } if ($has_dbs) { - $create_backup_tar_data .= './mysql '; + $create_export_tar_data .= './mysql '; } if (file_exists($mysqlcnf_file)) { @@ -151,7 +151,7 @@ class ExportCron extends FroxlorCron } // E-mail data - if ($data['backup_mail'] == 1) { + if ($data['dump_mail'] == 1) { $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'Creating mail-folder "' . FileDir::makeCorrectDir($tmpdir . '/mail') . '"'); FileDir::safe_exec('mkdir -p ' . escapeshellarg(FileDir::makeCorrectDir($tmpdir . '/mail'))); @@ -171,41 +171,41 @@ class ExportCron extends FroxlorCron if (!empty($tar_file_list)) { $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> tar cfvz ' . escapeshellarg(FileDir::makeCorrectFile($tmpdir . '/mail/' . $data['loginname'] . '-mail.tar.gz')) . ' -C ' . escapeshellarg($mail_homedir) . ' ' . trim($tar_file_list)); FileDir::safe_exec('tar cfz ' . escapeshellarg(FileDir::makeCorrectFile($tmpdir . '/mail/' . $data['loginname'] . '-mail.tar.gz')) . ' -C ' . escapeshellarg($mail_homedir) . ' ' . trim($tar_file_list)); - $create_backup_tar_data .= './mail '; + $create_export_tar_data .= './mail '; } } // Web data - if ($data['backup_web'] == 1) { + if ($data['dump_web'] == 1) { $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'Creating web-folder "' . FileDir::makeCorrectDir($tmpdir . '/web') . '"'); FileDir::safe_exec('mkdir -p ' . escapeshellarg(FileDir::makeCorrectDir($tmpdir . '/web'))); $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> tar cfz ' . escapeshellarg(FileDir::makeCorrectFile($tmpdir . '/web/' . $data['loginname'] . '-web.tar.gz')) . ' --exclude=' . escapeshellarg(str_replace($customerdocroot, "./", FileDir::makeCorrectFile($tmpdir . '/*'))) . ' --exclude=' . escapeshellarg(str_replace($customerdocroot, "./", substr(FileDir::makeCorrectDir($tmpdir), 0, -1))) . ' -C ' . escapeshellarg($customerdocroot) . ' .'); FileDir::safe_exec('tar cfz ' . escapeshellarg(FileDir::makeCorrectFile($tmpdir . '/web/' . $data['loginname'] . '-web.tar.gz')) . ' --exclude=' . escapeshellarg(str_replace($customerdocroot, "./", FileDir::makeCorrectFile($tmpdir . '/*'))) . ' --exclude=' . escapeshellarg(str_replace($customerdocroot, "./", substr(FileDir::makeCorrectFile($tmpdir), 0, -1))) . ' -C ' . escapeshellarg($customerdocroot) . ' .'); - $create_backup_tar_data .= './web '; + $create_export_tar_data .= './web '; } - if (!empty($create_backup_tar_data)) { + if (!empty($create_export_tar_data)) { // set owner to customer $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> chown -R ' . (int)$data['uid'] . ':' . (int)$data['gid'] . ' ' . escapeshellarg($tmpdir)); FileDir::safe_exec('chown -R ' . (int)$data['uid'] . ':' . (int)$data['gid'] . ' ' . escapeshellarg($tmpdir)); // create tar-file - $backup_file = FileDir::makeCorrectFile($tmpdir . '/' . $data['loginname'] . '-backup_' . date('YmdHi', time()) . '.tar.gz' . (!empty($data['pgp_public_key']) ? '.gpg' : '')); - $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'Creating backup-file "' . $backup_file . '"'); + $export_file = FileDir::makeCorrectFile($tmpdir . '/' . $data['loginname'] . '-export_' . date('YmdHi', time()) . '.tar.gz' . (!empty($data['pgp_public_key']) ? '.gpg' : '')); + $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'Creating export-file "' . $export_file . '"'); if (!empty($data['pgp_public_key'])) { // pack all archives in tmp-dir to one archive and encrypt it with gpg $recipient_file = FileDir::makeCorrectFile($tmpdir . '/' . $data['loginname'] . '-recipients.gpg'); $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, 'Creating recipient-file "' . $recipient_file . '"'); file_put_contents($recipient_file, $data['pgp_public_key']); - $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> tar cfz - -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_backup_tar_data) . ' | gpg --encrypt --recipient-file ' . escapeshellarg($recipient_file) . ' --output ' . escapeshellarg($backup_file) . ' --trust-model always --batch --yes'); - FileDir::safe_exec('tar cfz - -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_backup_tar_data) . ' | gpg --encrypt --recipient-file ' . escapeshellarg($recipient_file) . ' --output ' . escapeshellarg($backup_file) . ' --trust-model always --batch --yes', $return_value, ['|']); + $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> tar cfz - -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_export_tar_data) . ' | gpg --encrypt --recipient-file ' . escapeshellarg($recipient_file) . ' --output ' . escapeshellarg($export_file) . ' --trust-model always --batch --yes'); + FileDir::safe_exec('tar cfz - -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_export_tar_data) . ' | gpg --encrypt --recipient-file ' . escapeshellarg($recipient_file) . ' --output ' . escapeshellarg($export_file) . ' --trust-model always --batch --yes', $return_value, ['|']); } else { // pack all archives in tmp-dir to one archive - $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> tar cfz ' . escapeshellarg($backup_file) . ' -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_backup_tar_data)); - FileDir::safe_exec('tar cfz ' . escapeshellarg($backup_file) . ' -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_backup_tar_data)); + $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> tar cfz ' . escapeshellarg($export_file) . ' -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_export_tar_data)); + FileDir::safe_exec('tar cfz ' . escapeshellarg($export_file) . ' -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_export_tar_data)); } // move to destination directory - $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> mv ' . escapeshellarg($backup_file) . ' ' . escapeshellarg($data['destdir'])); - FileDir::safe_exec('mv ' . escapeshellarg($backup_file) . ' ' . escapeshellarg($data['destdir'])); + $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> mv ' . escapeshellarg($export_file) . ' ' . escapeshellarg($data['destdir'])); + FileDir::safe_exec('mv ' . escapeshellarg($export_file) . ' ' . escapeshellarg($data['destdir'])); // remove tmp-files $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'shell> rm -rf ' . escapeshellarg($tmpdir)); FileDir::safe_exec('rm -rf ' . escapeshellarg($tmpdir)); diff --git a/lib/Froxlor/Cron/System/TasksCron.php b/lib/Froxlor/Cron/System/TasksCron.php index 337d0bf9..60face00 100644 --- a/lib/Froxlor/Cron/System/TasksCron.php +++ b/lib/Froxlor/Cron/System/TasksCron.php @@ -46,7 +46,7 @@ class TasksCron extends FroxlorCron * LOOK INTO TASKS TABLE TO SEE IF THERE ARE ANY UNDONE JOBS */ self::$cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_INFO, "TasksCron: Searching for tasks to do"); - // no type 99 (regenerate cron.d-file) and no type 20 (customer backup) + // no type 99 (regenerate cron.d-file) and no type 20 (customer data export) // order by type descending to re-create bind and then webserver at the end $result_tasks_stmt = Database::query(" SELECT `id`, `type`, `data` FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` <> '99' AND `type` <> '20' ORDER BY `type` DESC, `id` ASC diff --git a/lib/Froxlor/Cron/TaskId.php b/lib/Froxlor/Cron/TaskId.php index d80e6c11..9aa065c0 100644 --- a/lib/Froxlor/Cron/TaskId.php +++ b/lib/Froxlor/Cron/TaskId.php @@ -82,9 +82,9 @@ final class TaskId const DELETE_DOMAIN_SSL = 12; /** - * TYPE=20 COSTUMERBACKUP + * TYPE=20 CUSTUMER DATA DUMP */ - const CREATE_CUSTOMER_BACKUP = 20; + const CREATE_CUSTOMER_DATADUMP = 20; /** * TYPE=99 REGENERATE CRON diff --git a/lib/Froxlor/System/Cronjob.php b/lib/Froxlor/System/Cronjob.php index 84c7d337..4a765049 100644 --- a/lib/Froxlor/System/Cronjob.php +++ b/lib/Froxlor/System/Cronjob.php @@ -211,10 +211,10 @@ class Cronjob 'type' => TaskId::DELETE_DOMAIN_SSL, 'data' => $data ]); - } elseif ($type == TaskId::CREATE_CUSTOMER_BACKUP && isset($params[0]) && is_array($params[0])) { + } elseif ($type == TaskId::CREATE_CUSTOMER_DATADUMP && isset($params[0]) && is_array($params[0])) { $data = json_encode($params[0]); Database::pexecute($ins_stmt, [ - 'type' => TaskId::CREATE_CUSTOMER_BACKUP, + 'type' => TaskId::CREATE_CUSTOMER_DATADUMP, 'data' => $data ]); } diff --git a/lib/formfields/customer/extras/formfield.backup.php b/lib/formfields/customer/extras/formfield.export.php similarity index 73% rename from lib/formfields/customer/extras/formfield.backup.php rename to lib/formfields/customer/extras/formfield.export.php index b8fe8898..d9a5a96c 100644 --- a/lib/formfields/customer/extras/formfield.backup.php +++ b/lib/formfields/customer/extras/formfield.export.php @@ -18,17 +18,16 @@ use Froxlor\Settings; return [ - 'backup' => [ - 'title' => lng('extras.backup'), + 'export' => [ + 'title' => lng('extras.export'), 'image' => 'fa-solid fa-server', 'sections' => [ 'section_a' => [ - 'title' => lng('extras.backup'), - 'image' => 'icons/backup_big.png', + 'title' => lng('extras.export'), 'fields' => [ 'path' => [ - 'label' => lng('panel.backuppath.title'), - 'desc' => lng('panel.backuppath.description') . '
' . (Settings::Get('panel.pathedit') != 'Dropdown' ? lng('panel.pathDescription') : null), + 'label' => lng('panel.exportpath.title'), + 'desc' => lng('panel.exportpath.description') . '
' . (Settings::Get('panel.pathedit') != 'Dropdown' ? lng('panel.pathDescription') : null), 'type' => $pathSelect['type'], 'select_var' => $pathSelect['select_var'] ?? '', 'selected' => $pathSelect['value'], @@ -36,8 +35,8 @@ return [ 'note' => $pathSelect['note'] ?? '', ], 'pgp_public_key' => [ - 'label' => lng('panel.backup_pgp_public_key.title'), - 'desc' => lng('panel.backup_pgp_public_key.description'), + 'label' => lng('panel.export_pgp_public_key.title'), + 'desc' => lng('panel.export_pgp_public_key.description'), 'type' => 'textarea', ], 'path_protection_info' => [ @@ -46,20 +45,20 @@ return [ 'value' => lng('extras.path_protection_info'), 'classes' => 'fw-bold text-danger' ], - 'backup_web' => [ - 'label' => lng('extras.backup_web'), + 'dump_web' => [ + 'label' => lng('extras.dump_web'), 'type' => 'checkbox', 'value' => '1', 'checked' => true ], - 'backup_mail' => [ - 'label' => lng('extras.backup_mail'), + 'dump_mail' => [ + 'label' => lng('extras.dump_mail'), 'type' => 'checkbox', 'value' => '1', 'checked' => true ], - 'backup_dbs' => [ - 'label' => lng('extras.backup_dbs'), + 'dump_dbs' => [ + 'label' => lng('extras.dump_dbs'), 'type' => 'checkbox', 'value' => '1', 'checked' => true diff --git a/lib/navigation/00.froxlor.main.php b/lib/navigation/00.froxlor.main.php index 7f19ab3e..012308e0 100644 --- a/lib/navigation/00.froxlor.main.php +++ b/lib/navigation/00.froxlor.main.php @@ -133,9 +133,9 @@ return [ 'show_element' => (Settings::Get('logger.enabled') == true) && (!Settings::IsInList('panel.customer_hide_options', 'extras.logger')) ], [ - 'url' => 'customer_extras.php?page=backup', - 'label' => lng('menue.extras.backup'), - 'show_element' => (Settings::Get('system.backupenabled') == true) && (!Settings::IsInList('panel.customer_hide_options', 'extras.backup')) + 'url' => 'customer_extras.php?page=export', + 'label' => lng('menue.extras.export'), + 'show_element' => (Settings::Get('system.exportenabled') == true) && (!Settings::IsInList('panel.customer_hide_options', 'extras.export')) ] ] ], diff --git a/lib/tablelisting/customer/tablelisting.backups.php b/lib/tablelisting/customer/tablelisting.export.php similarity index 77% rename from lib/tablelisting/customer/tablelisting.backups.php rename to lib/tablelisting/customer/tablelisting.export.php index 8b5f2b24..fe37c571 100644 --- a/lib/tablelisting/customer/tablelisting.backups.php +++ b/lib/tablelisting/customer/tablelisting.export.php @@ -28,10 +28,10 @@ use Froxlor\UI\Callbacks\Text; use Froxlor\UI\Listing; return [ - 'backup_list' => [ - 'title' => lng('error.customerhasongoingbackupjob'), + 'export_list' => [ + 'title' => lng('error.customerhasongoingexportjob'), 'icon' => 'fa-solid fa-server', - 'self_overview' => ['section' => 'extras', 'page' => 'backup'], + 'self_overview' => ['section' => 'extras', 'page' => 'export'], 'default_sorting' => ['destdir' => 'asc'], 'columns' => [ 'destdir' => [ @@ -44,28 +44,28 @@ return [ 'field' => 'data.pgp_public_key', 'callback' => [Text::class, 'boolean'] ], - 'backup_web' => [ - 'label' => lng('extras.backup_web'), - 'field' => 'data.backup_web', + 'dump_web' => [ + 'label' => lng('extras.dump_web'), + 'field' => 'data.dump_web', 'callback' => [Text::class, 'boolean'], ], - 'backup_mail' => [ - 'label' => lng('extras.backup_mail'), - 'field' => 'data.backup_mail', + 'dump_mail' => [ + 'label' => lng('extras.dump_mail'), + 'field' => 'data.dump_mail', 'callback' => [Text::class, 'boolean'], ], - 'backup_dbs' => [ - 'label' => lng('extras.backup_dbs'), - 'field' => 'data.backup_dbs', + 'dump_dbs' => [ + 'label' => lng('extras.dump_dbs'), + 'field' => 'data.dump_dbs', 'callback' => [Text::class, 'boolean'], ] ], - 'visible_columns' => Listing::getVisibleColumnsForListing('backup_list', [ + 'visible_columns' => Listing::getVisibleColumnsForListing('export_list', [ 'destdir', 'pgp_public_key', - 'backup_web', - 'backup_mail', - 'backup_dbs' + 'dump_web', + 'dump_mail', + 'dump_dbs' ]), 'actions' => [ 'delete' => [ diff --git a/lng/cz.lng.php b/lng/cz.lng.php index dc9671db..970c7e14 100644 --- a/lng/cz.lng.php +++ b/lng/cz.lng.php @@ -456,10 +456,6 @@ return [ 'directory_browsing' => 'Procházení obsahu adresáře', 'pathoptions_edit' => 'Upravit možnosti cesty', 'execute_perl' => 'Spustit perl/CGI', - 'backup' => 'Vytvořit zálohu', - 'backup_web' => 'Zálohovat web-data', - 'backup_mail' => 'Zálohovat mail-data', - 'backup_dbs' => 'Zálohovat databáze', ], 'ftp' => [ 'description' => 'Zde můžeš tvořit a upravovat tvé FTP-účty.
Změny jsou uskutečněny okamžitě a účty mohou být použity ihned.', @@ -549,7 +545,6 @@ return [ 'extras' => 'Extra', 'directoryprotection' => 'Ochrana adresáře', 'pathoptions' => 'Možnosti cesty', - 'backup' => 'Záloha', ], 'traffic' => [ 'traffic' => 'Provoz', @@ -815,9 +810,6 @@ return [ 'caa_entry' => [ 'title' => 'Generovat CAA DNS záznamy', ], - 'backupenabled' => [ - 'title' => 'Povolit zálohy pro zákazníky', - ], 'mail_smtp_passwd' => 'SMTP heslo', ], 'success' => [ diff --git a/lng/de.lng.php b/lng/de.lng.php index c02a5e2b..46b64892 100644 --- a/lng/de.lng.php +++ b/lng/de.lng.php @@ -527,7 +527,8 @@ return [ 'cron_usage_report' => 'Webspace- und Trafficreport', 'cron_mailboxsize' => 'Berechnung der Mailbox-Größen', 'cron_letsencrypt' => 'Aktualisierung der Let\'s Encrypt Zertifikate', - 'cron_backup' => 'Ausstehende Sicherungen erstellen', + 'cron_export' => 'Ausstehende Datenexporte erstellen', + 'cron_backup' => 'System- und Kunden-Sicherungen erstellen', ], 'cronjob' => [ 'cronjobsettings' => 'Cronjob-Einstellungen', @@ -775,7 +776,7 @@ return [ 'destinationalreadyexistasmail' => 'Die Weiterleitung zu "%s" existiert bereits als aktive E-Mail-Adresse.', 'destinationalreadyexist' => 'Es existiert bereits eine Weiterleitung nach "%s".', 'destinationiswrong' => 'Die Weiterleitungsadresse "%s" enthält ungültige Zeichen oder ist nicht vollständig.', - 'backupfoldercannotbedocroot' => 'Der Ordner für Backups darf nicht das Heimatverzeichnis sein, wählen Sie einen Ordner unterhalb des Heimatverzeichnisses, z.B. /backups', + 'dumpfoldercannotbedocroot' => 'Der Ordner für Daten-Export darf nicht das Heimatverzeichnis sein, wählen Sie einen Ordner unterhalb des Heimatverzeichnisses, z.B. /dumps', 'templatelanguagecombodefined' => 'Die gewählte Kombination aus Sprache und Vorlage ist bereits definiert.', 'templatelanguageinvalid' => 'Die gewählte Sprache existiert nicht', 'ipstillhasdomains' => 'Die IP/Port-Kombination, die Sie löschen wollen, ist noch bei einer oder mehreren Domains eingetragen. Bitte ändern Sie die Domains vorher auf eine andere IP/Port-Kombination, um diese löschen zu können.', @@ -892,8 +893,8 @@ return [ 'autoupdate_10' => 'Minimum unterstützte Version von PHP ist 7.4.0', 'autoupdate_11' => 'Webupdate ist deaktiviert', 'mailaccistobedeleted' => 'Ein vorheriges Konto mit dem gleichen Namen (%s) wird aktuell noch gelöscht und kann daher derzeit nicht angelegt werden', - 'customerhasongoingbackupjob' => 'Es gibt noch einen austehenden Backup-Job. Bitte haben Sie etwas Geduld.', - 'backupfunctionnotenabled' => 'Die Sicherungs-Funktion is nicht aktiviert', + 'customerhasongoingexportjob' => 'Es gibt noch einen austehenden Daten-Export. Bitte haben Sie etwas Geduld.', + 'exportfunctionnotenabled' => 'Die Datenexport-Funktion is nicht aktiviert', 'dns_domain_nodns' => 'DNS ist für diese Domain nicht aktiviert', 'dns_content_empty' => 'Keinen Inhalt angegeben', 'dns_content_invalid' => 'DNS Eintrag ungültig', @@ -950,10 +951,10 @@ return [ 'execute_perl' => 'Perl/CGI ausführen', 'htpasswdauthname' => 'Grund der Authentifizierung (AuthName)', 'directoryprotection_edit' => 'Verzeichnisschutz bearbeiten', - 'backup' => 'Sicherung erstellen', - 'backup_web' => 'Web-Daten sichern', - 'backup_mail' => 'E-Mail Daten sichern', - 'backup_dbs' => 'Datenbanken sichern', + 'export' => 'Datenexport erstellen', + 'dump_web' => 'Web-Daten hinzufügen', + 'dump_mail' => 'E-Mail Daten hinzufügen', + 'dump_dbs' => 'Datenbanken hinzufügen', 'path_protection_label' => 'Wichtig', 'path_protection_info' => 'Wir raten dringend dazu den angegebenen Pfad zu schützen, siehe "Extras" -> "Verzeichnisschutz"', ], @@ -1102,7 +1103,7 @@ Vielen Dank, Ihr Administrator', 'extras' => 'Extras', 'directoryprotection' => 'Verzeichnisschutz', 'pathoptions' => 'Pfadoptionen', - 'backup' => 'Sicherung', + 'export' => 'Datenexport', ], 'traffic' => [ 'traffic' => 'Traffic', @@ -1198,13 +1199,13 @@ Vielen Dank, Ihr Administrator', 'ftpdesc' => 'FTP-Beschreibung', 'letsencrypt' => 'Benutzt Let\'s encrypt', 'set' => 'Setzen', - 'backuppath' => [ - 'title' => 'Pfad zur Ablage der Backups', - 'description' => 'In diesem Ordner werden die Backups abgelegt. Wenn das Sichern von Web-Daten aktiviert ist, werden alle Dateien aus dem Heimatverzeichnis gesichert, exklusive des hier angegebenen Backup-Ordners.', + 'exportpath' => [ + 'title' => 'Pfad zur Ablage des Exports', + 'description' => 'In diesem Ordner werden die Export-Archive abgelegt. Wenn Web-Daten exportiert werden, werden alle Dateien aus dem Heimatverzeichnis gesichert, exklusive des hier angegebenen Ordners.', ], - 'backup_pgp_public_key' => [ + 'export_pgp_public_key' => [ 'title' => 'Öffentlicher PGP-Schlüssel', - 'description' => 'Der öffentliche PGP-Schlüssel, mit dem die Backups verschlüsselt werden sollen. Wenn kein Schlüssel angegeben ist, werden die Backups nicht verschlüsselt.', + 'description' => 'Der öffentliche PGP-Schlüssel, mit dem die Exporte verschlüsselt werden sollen. Wenn kein Schlüssel angegeben ist, werden die Exporte nicht verschlüsselt.', ], 'pgp_public_key' => 'Öffentlicher PGP-Schlüssel', 'none_value' => 'Keine', @@ -1273,7 +1274,7 @@ Vielen Dank, Ihr Administrator', 'email_reallydelete_forwarder' => 'Wollen Sie die Weiterleitung "%s" wirklich löschen?', 'extras_reallydelete' => 'Wollen Sie den Verzeichnisschutz für "%s" wirklich löschen?', 'extras_reallydelete_pathoptions' => 'Wollen Sie die Optionen für den Pfad "%s" wirklich löschen?', - 'extras_reallydelete_backup' => 'Wollen Sie die geplante Sicherung wirklich löschen?', + 'extras_reallydelete_export' => 'Wollen Sie den geplanten Daten-Export wirklich löschen?', 'ftp_reallydelete' => 'Wollen Sie das FTP-Benutzerkonto "%s" wirklich löschen?', 'mysql_reallydelete' => 'Wollen Sie die Datenbank "%s" wirklich löschen?
ACHTUNG! Alle Daten gehen unwiderruflich verloren!', 'admin_configs_reallyrebuild' => 'Wollen Sie wirklich alle Konfigurationsdateien neu erstellen lassen?', @@ -1925,9 +1926,9 @@ Vielen Dank, Ihr Administrator', 'title' => 'Zusätzliche CAA DNS Einträge', 'description' => 'DNS Certification Authority Authorization (CAA) verwendet das Domain Name System, um dem Besitzer einer Domain die Möglichkeit zu bieten, gewisse Zertifizierungsstellen (CAs) dazu zu berechtigen,
ein Zertifikat für die betroffene Domain auszustellen. CAA Records sollen verhindern, dass Zertifikate fälschlicherweise für eine Domain ausgestellt werden.

Der Inhalt dieses Feldes wird direkt in die DNS Zone übernommen (eine Zeile pro CAA Record). Wenn Let\'s Encrypt für eine Domain aktiviert wurde und die obige Option aktiviert wurde, wird immer automatisch dieser Eintrag angefügt und muss nicht selber angegeben werden:
0 issue "letsencrypt.org" (Wenn wildcard aktiviert ist, wird statdessen issuewild benutzt).
Um Incident Reporting per Mail zu aktivieren, muss eine iodef Zeile angefügt werden. Ein Beispiel für einen Report an me@example.com wäre:
0 iodef "mailto:me@example.com"

ACHTUNG: Der Code wird nicht auf Fehler geprüft. Etwaige Fehler werden also auch übernommen. Die CAA finalen Einträge könnten daher falsch sein!', ], - 'backupenabled' => [ - 'title' => 'Backup für Kunden aktivieren', - 'description' => 'Wenn dies aktiviert ist, kann der Kunde Sicherungen planen (cron-backup) welche ein Archiv in sein Heimatverzeichnis ablegt (Unterordner vom Kunden wählbar)', + 'exportenabled' => [ + 'title' => 'Daten-Export für Kunden aktivieren', + 'description' => 'Wenn dies aktiviert ist, kann der Kunde Daten-Exporte planen (cron-export) welche ein Archiv in sein Heimatverzeichnis ablegen (Unterordner vom Kunden wählbar)', ], 'dnseditorenable' => [ 'title' => 'DNS Editor aktivieren', @@ -2097,8 +2098,8 @@ Vielen Dank, Ihr Administrator', 'settingssaved' => 'Die Einstellungen wurden erfolgreich gespeichert.', 'rebuildingconfigs' => 'Task für Neuerstellung der Konfigurationen wurde erfolgreich eingetragen', 'domain_import_successfully' => 'Erfolgreich %s Domains importiert.', - 'backupscheduled' => 'Ihre Sicherung wurde erfolgreich geplant. Bitte warten Sie nun, bis diese abgearbeitet wurde.', - 'backupaborted' => 'Die geplante Sicherung wurde abgebrochen', + 'exportscheduled' => 'Ihr Daten-Export wurde erfolgreich geplant. Bitte warten Sie nun, bis dieser bearbeitet wurde.', + 'exportaborted' => 'Der geplante Daten-Export wurde abgebrochen', 'dns_record_added' => 'Eintrag erfolgreich hinzugefügt', 'dns_record_deleted' => 'Eintrag erfolgreich entfernt', 'testmailsent' => 'Test E-Mail erfolgreich gesendet', @@ -2117,7 +2118,7 @@ Vielen Dank, Ihr Administrator', 'DELETE_EMAIL_DATA' => 'E-Mail-Dateien des Kunden löschen', 'DELETE_FTP_DATA' => 'Kunden FTP-Konto Dateien löschen', 'REBUILD_CRON' => 'Neuerstellung der cron.d-Datei', - 'CREATE_CUSTOMER_BACKUP' => 'Datensicherung für Kunde %s', + 'CREATE_CUSTOMER_DATADUMP' => 'Daten-Export für Kunde %s', 'DELETE_DOMAIN_PDNS' => 'Lösche Domain %s von PowerDNS Datenbank', 'DELETE_DOMAIN_SSL' => 'Lösche SSL Dateien von Domain %s', ], diff --git a/lng/en.lng.php b/lng/en.lng.php index c2a60b53..2a20e567 100644 --- a/lng/en.lng.php +++ b/lng/en.lng.php @@ -573,7 +573,8 @@ return [ 'cron_usage_report' => 'Web- and traffic-reports', 'cron_mailboxsize' => 'Mailbox-size calculation', 'cron_letsencrypt' => 'Let\'s Encrypt certificate updates', - 'cron_backup' => 'Process backup jobs', + 'cron_export' => 'Process data-export jobs', + 'cron_backup' => 'Process system- and customer backup jobs', ], 'cronjob' => [ 'cronjobsettings' => 'Cronjob settings', @@ -844,7 +845,7 @@ return [ 'destinationalreadyexistasmail' => 'The forwarder to %s already exists as active email-address.', 'destinationalreadyexist' => 'You have already defined a forwarder to "%s"', 'destinationiswrong' => 'The forwarder %s contains invalid character(s) or is incomplete.', - 'backupfoldercannotbedocroot' => 'The folder for backups cannot be your homedir, please chose a folder within your homedir, e.g. /backups', + 'dumpfoldercannotbedocroot' => 'The folder for data-dumps cannot be your homedir, please chose a folder within your homedir, e.g. /dumps', 'templatelanguagecombodefined' => 'The selected language/template combination has already been defined.', 'templatelanguageinvalid' => 'The selected language does not exist', 'ipstillhasdomains' => 'The IP/Port combination you want to delete still has domains assigned to it, please reassign those to other IP/Port combinations before deleting this IP/Port combination.', @@ -964,8 +965,8 @@ return [ 'autoupdate_10' => 'Minimum supported version of PHP is 7.4.0', 'autoupdate_11' => 'Webupdate is disabled', 'mailaccistobedeleted' => 'Another account with the same name (%s) is currently being deleted and can therefore not be added at this moment.', - 'customerhasongoingbackupjob' => 'There is already a backup job waiting to be processed, please be patient.', - 'backupfunctionnotenabled' => 'The backup function is not enabled', + 'customerhasongoingexportjob' => 'There is already a data export job waiting to be processed, please be patient.', + 'exportfunctionnotenabled' => 'The export function is not enabled', 'dns_domain_nodns' => 'DNS is not enabled for this domain', 'dns_content_empty' => 'No content given', 'dns_content_invalid' => 'DNS content invalid', @@ -1022,10 +1023,10 @@ return [ 'execute_perl' => 'Execute perl/CGI', 'htpasswdauthname' => 'Authentication reason (AuthName)', 'directoryprotection_edit' => 'Edit directory protection', - 'backup' => 'Create backup', - 'backup_web' => 'Backup web-data', - 'backup_mail' => 'Backup mail-data', - 'backup_dbs' => 'Backup databases', + 'export' => 'Create data dump', + 'dump_web' => 'Include web-data', + 'dump_mail' => 'Include mail-data', + 'dump_dbs' => 'Include databases', 'path_protection_label' => 'Important', 'path_protection_info' => 'We strongly recommend protecting the given path, see "Extras" -> "Directory protection"', ], @@ -1174,7 +1175,7 @@ Yours sincerely, your administrator', 'extras' => 'Extras', 'directoryprotection' => 'Directory protection', 'pathoptions' => 'Path options', - 'backup' => 'Backup', + 'export' => 'Data export', ], 'traffic' => [ 'traffic' => 'Traffic', @@ -1313,13 +1314,13 @@ Yours sincerely, your administrator', 'letsencrypt' => 'Using Let\'s encrypt', 'set' => 'Apply', 'shell' => 'Shell', - 'backuppath' => [ - 'title' => 'Destination path for the backup', - 'description' => 'This is the path where the backups will be stored. If backup of web-data is selected, all files from the homedir are stored excluding the backup-folder specified here.', + 'exportpath' => [ + 'title' => 'Destination path for the exported data', + 'description' => 'This is the path where the export-archive will be stored. If web-data is being included, all files from the homedir are stored excluding the folder specified here.', ], - 'backup_pgp_public_key' => [ + 'export_pgp_public_key' => [ 'title' => 'Public PGP key for encryption', - 'description' => 'This is the public PGP key which will be used to encrypt the backup. If you leave this field empty, the backup will not be encrypted.', + 'description' => 'This is the public PGP key which will be used to encrypt the export. If you leave this field empty, the export will not be encrypted.', ], 'pgp_public_key' => 'Public PGP key', 'none_value' => 'None', @@ -1388,7 +1389,7 @@ Yours sincerely, your administrator', 'email_reallydelete_forwarder' => 'Do you really want to delete the forwarder %s?', 'extras_reallydelete' => 'Do you really want to delete the directory protection for %s?', 'extras_reallydelete_pathoptions' => 'Do you really want to delete the path options for %s?', - 'extras_reallydelete_backup' => 'Do you really want to abort the planned backup job?', + 'extras_reallydelete_export' => 'Do you really want to abort the planned export job?', 'ftp_reallydelete' => 'Do you really want to delete the FTP-account %s?', 'mysql_reallydelete' => 'Do you really want to delete the database %s? This cannot be undone!', 'admin_configs_reallyrebuild' => 'Do you really want to rebuild all config files?', @@ -2047,9 +2048,9 @@ Yours sincerely, your administrator', 'title' => 'Additional CAA DNS records', 'description' => 'DNS Certification Authority Authorization (CAA) is an Internet security policy mechanism which allows domain name holders to indicate to certificate authorities
whether they are authorized to issue digital certificates for a particular domain name. It does this by means of a new "CAA" Domain Name System (DNS) resource record.

The content of this field will be included into the DNS zone directly (each line results in a CAA record).
If Let\'s Encrypt is enabled for this domain, this entry will always be added automatically and does not need to be added manually:
0 issue "letsencrypt.org" (If domain is a wildcard domain, issuewild will be used instead).
To enable Incident Reporting, you can add an iodef record. An example for sending such report to me@example.com would be:
0 iodef "mailto:me@example.com"

Attention: The code won\'t be checked for any errors. If it contains errors, your CAA records might not work!', ], - 'backupenabled' => [ - 'title' => 'Enable backup for customers', - 'description' => 'If activated, the customer will be able to schedule backup jobs (cron-backup) which generates an archive within his docroot (subdirectory chosable by customer)', + 'exportenabled' => [ + 'title' => 'Enable data export for customers', + 'description' => 'If activated, the customer will be able to schedule data export jobs (cron-export) which generates an archive within his docroot (subdirectory chosable by customer)', ], 'dnseditorenable' => [ 'title' => 'Enable DNS editor', @@ -2230,8 +2231,8 @@ Yours sincerely, your administrator', 'settingssaved' => 'The settings have been successfully saved.', 'rebuildingconfigs' => 'Successfully inserted tasks for rebuild configfiles', 'domain_import_successfully' => 'Successfully imported %s domains.', - 'backupscheduled' => 'Your backup job has been scheduled. Please wait for it to be processed', - 'backupaborted' => 'Your scheduled backup has been cancelled', + 'exportscheduled' => 'Your export job has been scheduled. Please wait for it to be processed', + 'exportaborted' => 'Your scheduled export has been cancelled', 'dns_record_added' => 'Record added successfully', 'dns_record_deleted' => 'Record deleted successfully', 'testmailsent' => 'Test mail sent successfully', @@ -2250,7 +2251,7 @@ Yours sincerely, your administrator', 'DELETE_EMAIL_DATA' => 'Delete customer e-mail data.', 'DELETE_FTP_DATA' => 'Delete customer ftp-account data.', 'REBUILD_CRON' => 'Rebuilding the cron.d-file', - 'CREATE_CUSTOMER_BACKUP' => 'Backup job for customer %s', + 'CREATE_CUSTOMER_DATADUMP' => 'Data export job for customer %s', 'DELETE_DOMAIN_PDNS' => 'Delete domain %s from PowerDNS database', 'DELETE_DOMAIN_SSL' => 'Delete ssl files of domain %s', ], diff --git a/lng/es.lng.php b/lng/es.lng.php index f5d5974d..29973803 100644 --- a/lng/es.lng.php +++ b/lng/es.lng.php @@ -837,7 +837,6 @@ return [ 'destinationalreadyexistasmail' => 'El remitente a %s ya existe como dirección de correo electrónico activa.', 'destinationalreadyexist' => 'Ya ha definido un reenviador para "%s".', 'destinationiswrong' => 'La %s la redirección contiene caracteres no válidos o está incompleta.', - 'backupfoldercannotbedocroot' => 'La carpeta para las copias de seguridad no puede ser su carpeta de inicio, elija una carpeta dentro de su carpeta de inicio, por ejemplo, /backups.', 'templatelanguagecombodefined' => 'La combinación idioma/plantilla seleccionada ya ha sido definida.', 'templatelanguageinvalid' => 'El idioma seleccionado no existe.', 'ipstillhasdomains' => 'La combinación IP/Puerto que desea eliminar todavía tiene dominios asignados, por favor reasígnelos a otras combinaciones IP/Puerto antes de eliminar esta combinación IP/Puerto.', @@ -958,7 +957,6 @@ return [ 'autoupdate_11' => 'Webupdate está desactivado', 'mailaccistobedeleted' => 'Otra cuenta con el mismo nombre (%s) está siendo eliminada y por lo tanto no puede ser añadida en este momento.', 'customerhasongoingbackupjob' => 'Ya hay un trabajo de copia de seguridad esperando a ser procesado, por favor sea paciente.', - 'backupfunctionnotenabled' => 'La función de copia de seguridad no está habilitada', 'dns_domain_nodns' => 'DNS no está habilitado para este dominio', 'dns_content_empty' => 'No hay contenido', 'dns_content_invalid' => 'El contenido DNS no es válido', @@ -1010,10 +1008,6 @@ return [ 'execute_perl' => 'Ejecutar perl/CGI', 'htpasswdauthname' => 'Razón de autenticación (AuthName)', 'directoryprotection_edit' => 'Editar protección de directorio', - 'backup' => 'Crear copia de seguridad', - 'backup_web' => 'Copia de seguridad de datos web', - 'backup_mail' => 'Copia de seguridad de los datos de correo', - 'backup_dbs' => 'Copia de seguridad de bases de datos', 'path_protection_label' => 'Importante', 'path_protection_info' => 'Le recomendamos encarecidamente que proteja la ruta indicada, consulte "Extras" -> "Protección de directorios".' ], @@ -1162,7 +1156,7 @@ Atentamente, su administrador' 'extras' => 'Extras', 'directoryprotection' => 'Protección de directorios', 'pathoptions' => 'Opciones de ruta', - 'backup' => 'Copia de seguridad' + 'export' => 'Exportación de datos' ], 'traffic' => [ 'traffic' => 'Tráfico', @@ -1371,7 +1365,6 @@ Atentamente, su administrador' 'email_reallydelete_forwarder' => '¿Realmente quieres borrar el forwarder %s?', 'extras_reallydelete' => '¿Realmente quieres borrar la protección de directorio de %s?', 'extras_reallydelete_pathoptions' => '¿Realmente quieres borrar las opciones de ruta de %s?', - 'extras_reallydelete_backup' => '¿Realmente quieres abortar el trabajo de copia de seguridad planificado?', 'ftp_reallydelete' => '¿Realmente quieres borrar la cuenta FTP %s?', 'mysql_reallydelete' => '¿Realmente quieres borrar la base de datos %s? Esto no se puede deshacer.', 'admin_configs_reallyrebuild' => '¿Realmente quieres reconstruir todos los archivos de configuración?', @@ -2030,10 +2023,6 @@ Atentamente, su administrador' 'title' => 'Registros DNS CAA adicionales', 'description' => 'DNS Certification Authority Authorization (CAA) es un mecanismo de política de seguridad en Internet que permite a los titulares de nombres de dominio indicar a las autoridades de certificación
si están autorizadas a emitir certificados digitales para un nombre de dominio concreto. Lo hace mediante un nuevo registro de recursos del Sistema de Nombres de Dominio (DNS) "CAA".

El contenido de este campo se incluirá en la zona DNS directamente (cada línea da lugar a un registro CAA).
Si Let\'s Encrypt está habilitado para este dominio, esta entrada siempre se añadirá automáticamente y no es necesario añadirla manualmente:
0issue "letsencrypt.org" (Si el dominio es un dominio comodín, se utilizará issuewild en su lugar).
Para habilitar el informe de incidentes, puede añadir un registro iodef. Un ejemplo para enviar dicho informe a me@example.com sería:
0iodef "mailto:me@example.com"

Atención: No se comprobará si el código contiene errores. Si contiene errores, ¡es posible que sus registros CAA no funcionen!' ], - 'backupenabled' => [ - 'title' => 'Activar copia de seguridad para clientes', - 'description' => 'Si se activa, el cliente podrá programar trabajos de copia de seguridad (cron-backup) que generan un archivo dentro de su docroot (subdirectorio a elección del cliente)' - ], 'dnseditorenable' => [ 'title' => 'Habilitar editor DNS', 'description' => 'Permite a los administradores y a los clientes gestionar las entradas DNS del dominio' @@ -2209,8 +2198,6 @@ Atentamente, su administrador' 'settingssaved' => 'La configuración se ha guardado correctamente.', 'rebuildingconfigs' => 'Tareas insertadas con éxito para reconstruir archivos de configuración', 'domain_import_successfully' => 'Se han importado correctamente los dominios %s.', - 'backupscheduled' => 'Se ha programado su tarea de copia de seguridad. Espere a que se procese.', - 'backupaborted' => 'Su copia de seguridad programada ha sido cancelada', 'dns_record_added' => 'Registro añadido correctamente', 'dns_record_deleted' => 'Registro eliminado correctamente', 'testmailsent' => 'Correo de prueba enviado correctamente', @@ -2229,7 +2216,6 @@ Atentamente, su administrador' 'DELETE_EMAIL_DATA' => 'Borrar datos de e-mail del cliente.', 'DELETE_FTP_DATA' => 'Borrar los datos de la cuenta ftp del cliente.', 'REBUILD_CRON' => 'Reconstruir el archivo cron.d', - 'CREATE_CUSTOMER_BACKUP' => 'Trabajo de copia de seguridad para el cliente %s', 'DELETE_DOMAIN_PDNS' => 'Borrar dominio %s de la base de datos PowerDNS', 'DELETE_DOMAIN_SSL' => 'Borrar archivos ssl de dominio %s' ], diff --git a/tests/Backup/CustomerBackupsTest.php b/tests/Backup/DataDumpTest.php similarity index 52% rename from tests/Backup/CustomerBackupsTest.php rename to tests/Backup/DataDumpTest.php index a2a4aca1..2e89118e 100644 --- a/tests/Backup/CustomerBackupsTest.php +++ b/tests/Backup/DataDumpTest.php @@ -4,22 +4,22 @@ use PHPUnit\Framework\TestCase; use Froxlor\Settings; use Froxlor\Database\Database; use Froxlor\Api\Commands\Customers; -use Froxlor\Api\Commands\CustomerBackups; +use Froxlor\Api\Commands\DataDump; /** * * @covers \Froxlor\Api\ApiCommand * @covers \Froxlor\Api\ApiParameter - * @covers \Froxlor\Api\Commands\CustomerBackups + * @covers \Froxlor\Api\Commands\DataDump */ -class CustomerBackupsTest extends TestCase +class DataDumpTest extends TestCase { - public function testAdminCustomerBackupsNotEnabled() + public function testAdminDataDumpNotEnabled() { global $admin_userdata; - Settings::Set('system.backupenabled', 0, true); + Settings::Set('system.exportenabled', 0, true); // get customer $json_result = Customers::getLocal($admin_userdata, array( @@ -28,18 +28,18 @@ class CustomerBackupsTest extends TestCase $customer_userdata = json_decode($json_result, true)['data']; $this->expectExceptionCode(405); $this->expectExceptionMessage("You cannot access this resource"); - CustomerBackups::getLocal($customer_userdata)->add(); + DataDump::getLocal($customer_userdata)->add(); } /** * - * @depends testAdminCustomerBackupsNotEnabled + * @depends testAdminDataDumpNotEnabled */ - public function testAdminCustomerBackupsExtrasHidden() + public function testAdminDataDumpExtrasHidden() { global $admin_userdata; - Settings::Set('system.backupenabled', 1, true); + Settings::Set('system.exportenabled', 1, true); Settings::Set('panel.customer_hide_options', 'extras', true); // get customer @@ -49,18 +49,18 @@ class CustomerBackupsTest extends TestCase $customer_userdata = json_decode($json_result, true)['data']; $this->expectExceptionCode(405); $this->expectExceptionMessage("You cannot access this resource"); - CustomerBackups::getLocal($customer_userdata)->add(); + DataDump::getLocal($customer_userdata)->add(); } /** * - * @depends testAdminCustomerBackupsExtrasHidden + * @depends testAdminDataDumpExtrasHidden */ - public function testAdminCustomerBackupsExtrasBackupHidden() + public function testAdminDataDumpExtrasExportHidden() { global $admin_userdata; - Settings::Set('panel.customer_hide_options', 'extras.backup', true); + Settings::Set('panel.customer_hide_options', 'extras.export', true); // get customer $json_result = Customers::getLocal($admin_userdata, array( @@ -69,14 +69,14 @@ class CustomerBackupsTest extends TestCase $customer_userdata = json_decode($json_result, true)['data']; $this->expectExceptionCode(405); $this->expectExceptionMessage("You cannot access this resource"); - CustomerBackups::getLocal($customer_userdata)->add(); + DataDump::getLocal($customer_userdata)->add(); } /** * - * @depends testAdminCustomerBackupsExtrasBackupHidden + * @depends testAdminDataDumpExtrasExportHidden */ - public function testCustomerCustomerBackupsAdd() + public function testCustomerDataDumpAdd() { global $admin_userdata; @@ -90,24 +90,24 @@ class CustomerBackupsTest extends TestCase $customer_userdata = json_decode($json_result, true)['data']; $data = [ - 'path' => '/my-backup', - 'backup_dbs' => 2, - 'backup_mail' => 3, - 'backup_web' => 4 + 'path' => '/my-dump', + 'dump_dbs' => 2, + 'dump_mail' => 3, + 'dump_web' => 4 ]; - $json_result = CustomerBackups::getLocal($customer_userdata, $data)->add(); + $json_result = DataDump::getLocal($customer_userdata, $data)->add(); $result = json_decode($json_result, true)['data']; - $this->assertEquals($customer_userdata['documentroot'] . 'my-backup/', $result['destdir']); - $this->assertEquals('1', $result['backup_dbs']); - $this->assertEquals('1', $result['backup_mail']); - $this->assertEquals('1', $result['backup_web']); + $this->assertEquals($customer_userdata['documentroot'] . 'my-dump/', $result['destdir']); + $this->assertEquals('1', $result['dump_dbs']); + $this->assertEquals('1', $result['dump_mail']); + $this->assertEquals('1', $result['dump_web']); } /** * - * @depends testCustomerCustomerBackupsAdd + * @depends testCustomerDataDumpAdd */ - public function testCustomerCustomerBackupsAddPathNotDocroot() + public function testCustomerDataDumpAddPathNotDocroot() { global $admin_userdata; @@ -122,49 +122,49 @@ class CustomerBackupsTest extends TestCase ]; $this->expectExceptionCode(400); - $this->expectExceptionMessage('The folder for backups cannot be your homedir, please chose a folder within your homedir, e.g. /backups'); - $json_result = CustomerBackups::getLocal($customer_userdata, $data)->add(); + $this->expectExceptionMessage('The folder for data-dumps cannot be your homedir, please chose a folder within your homedir, e.g. /dumps'); + $json_result = DataDump::getLocal($customer_userdata, $data)->add(); } - public function testAdminCustomerBackupsGet() + public function testAdminDataDumpGet() { global $admin_userdata; $this->expectExceptionCode(303); - CustomerBackups::getLocal($admin_userdata)->get(); + DataDump::getLocal($admin_userdata)->get(); } - public function testAdminCustomerBackupsUpdate() + public function testAdminDataDumpUpdate() { global $admin_userdata; $this->expectExceptionCode(303); - CustomerBackups::getLocal($admin_userdata)->update(); + DataDump::getLocal($admin_userdata)->update(); } /** * - * @depends testCustomerCustomerBackupsAdd + * @depends testCustomerDataDumpAdd */ - public function testAdminCustomerBackupsListing() + public function testAdminDataDumpListing() { global $admin_userdata; - $json_result = CustomerBackups::getLocal($admin_userdata)->listing(); + $json_result = DataDump::getLocal($admin_userdata)->listing(); $result = json_decode($json_result, true)['data']; $this->assertEquals(1, $result['count']); - $this->assertEquals('1', $result['list'][0]['data']['backup_dbs']); - $this->assertEquals('1', $result['list'][0]['data']['backup_mail']); - $this->assertEquals('1', $result['list'][0]['data']['backup_web']); + $this->assertEquals('1', $result['list'][0]['data']['dump_dbs']); + $this->assertEquals('1', $result['list'][0]['data']['dump_mail']); + $this->assertEquals('1', $result['list'][0]['data']['dump_web']); - $json_result = CustomerBackups::getLocal($admin_userdata)->listingCount(); + $json_result = DataDump::getLocal($admin_userdata)->listingCount(); $result = json_decode($json_result, true)['data']; $this->assertEquals(1, $result); } /** * - * @depends testCustomerCustomerBackupsAdd + * @depends testCustomerDataDumpAdd */ - public function testCustomerCustomerBackupsDelete() + public function testCustomerDataDumpDelete() { global $admin_userdata; @@ -175,18 +175,18 @@ class CustomerBackupsTest extends TestCase $customer_userdata = json_decode($json_result, true)['data']; $data = [ - 'backup_job_entry' => 1 + 'job_entry' => 1 ]; - $json_result = CustomerBackups::getLocal($customer_userdata, $data)->delete(); + $json_result = DataDump::getLocal($customer_userdata, $data)->delete(); $result = json_decode($json_result, true)['data']; $this->assertTrue($result); } /** * - * @depends testAdminCustomerBackupsListing + * @depends testAdminDataDumpListing */ - public function testCustomerCustomerBackupsDeleteNotFound() + public function testCustomerDataDumpDeleteNotFound() { global $admin_userdata; @@ -200,7 +200,7 @@ class CustomerBackupsTest extends TestCase 'backup_job_entry' => 1337 ]; $this->expectExceptionCode(404); - $this->expectExceptionMessage('Backup job with id #1337 could not be found'); - CustomerBackups::getLocal($customer_userdata, $data)->delete(); + $this->expectExceptionMessage('Data export job with id #1337 could not be found'); + DataDump::getLocal($customer_userdata, $data)->delete(); } } diff --git a/tests/Cron/TaskIdTest.php b/tests/Cron/TaskIdTest.php index 9b24eeec..ba0321a3 100644 --- a/tests/Cron/TaskIdTest.php +++ b/tests/Cron/TaskIdTest.php @@ -30,7 +30,7 @@ class TaskIDTest extends TestCase 'DELETE_DOMAIN_SSL' => 12, - 'CREATE_CUSTOMER_BACKUP' => 20, + 'CREATE_CUSTOMER_DATADUMP' => 20, 'REBUILD_CRON' => 99, ); From eb9dded947e4f7e246a578128818157d45f339a3 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Wed, 7 Jun 2023 11:40:42 +0200 Subject: [PATCH 25/87] forgot to save one parameter change in the unit-test Signed-off-by: Michael Kaufmann --- tests/Backup/DataDumpTest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/Backup/DataDumpTest.php b/tests/Backup/DataDumpTest.php index 2e89118e..97d33907 100644 --- a/tests/Backup/DataDumpTest.php +++ b/tests/Backup/DataDumpTest.php @@ -197,7 +197,7 @@ class DataDumpTest extends TestCase $customer_userdata = json_decode($json_result, true)['data']; $data = [ - 'backup_job_entry' => 1337 + 'job_entry' => 1337 ]; $this->expectExceptionCode(404); $this->expectExceptionMessage('Data export job with id #1337 could not be found'); From 5afe5a8c466a9100b9492fbc9eedee5cf56707b9 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Wed, 7 Jun 2023 11:49:57 +0200 Subject: [PATCH 26/87] minor bugfixes for data export / UI Signed-off-by: Michael Kaufmann --- customer_index.php | 4 ++-- lib/Froxlor/Api/Commands/DataDump.php | 2 +- lib/tablelisting/customer/tablelisting.export.php | 2 +- lng/es.lng.php | 1 - templates/Froxlor/user/form-datatable.html.twig | 2 +- 5 files changed, 5 insertions(+), 6 deletions(-) diff --git a/customer_index.php b/customer_index.php index 02b65683..4d0d2a6f 100644 --- a/customer_index.php +++ b/customer_index.php @@ -41,7 +41,7 @@ use Froxlor\System\Cronjob; use Froxlor\Cron\TaskId; if ($action == 'logout') { - $log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, 'logged out'); + $log->logAction(FroxlorLogger::USR_ACTION, LOG_INFO, 'logged out'); unset($_SESSION['userinfo']); CurrentUser::setData(); @@ -65,7 +65,7 @@ if ($action == 'logout') { } if ($page == 'overview') { - $log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "viewed customer_index"); + $log->logAction(FroxlorLogger::USR_ACTION, LOG_INFO, "viewed customer_index"); $domain_stmt = Database::prepare("SELECT `domain` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `customerid` = :customerid diff --git a/lib/Froxlor/Api/Commands/DataDump.php b/lib/Froxlor/Api/Commands/DataDump.php index 00579733..fef7099d 100644 --- a/lib/Froxlor/Api/Commands/DataDump.php +++ b/lib/Froxlor/Api/Commands/DataDump.php @@ -132,7 +132,7 @@ class DataDump extends ApiCommand implements ResourceEntity // schedule export job Cronjob::inserttask(TaskId::CREATE_CUSTOMER_DATADUMP, $task_data); - $this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] added customer data-dump job for '" . $customer['loginname'] . "'. Target directory: " . $userpath); + $this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] added customer data export job for '" . $customer['loginname'] . "'. Target directory: " . $userpath); return $this->response($task_data); } diff --git a/lib/tablelisting/customer/tablelisting.export.php b/lib/tablelisting/customer/tablelisting.export.php index fe37c571..d485bb4c 100644 --- a/lib/tablelisting/customer/tablelisting.export.php +++ b/lib/tablelisting/customer/tablelisting.export.php @@ -74,7 +74,7 @@ return [ 'class' => 'btn-warning', 'href' => [ 'section' => 'extras', - 'page' => 'backup', + 'page' => 'export', 'action' => 'abort', 'id' => ':id' ], diff --git a/lng/es.lng.php b/lng/es.lng.php index 29973803..ab50024e 100644 --- a/lng/es.lng.php +++ b/lng/es.lng.php @@ -956,7 +956,6 @@ return [ 'autoupdate_10' => 'La versión mínima soportada de PHP es 7.4.0', 'autoupdate_11' => 'Webupdate está desactivado', 'mailaccistobedeleted' => 'Otra cuenta con el mismo nombre (%s) está siendo eliminada y por lo tanto no puede ser añadida en este momento.', - 'customerhasongoingbackupjob' => 'Ya hay un trabajo de copia de seguridad esperando a ser procesado, por favor sea paciente.', 'dns_domain_nodns' => 'DNS no está habilitado para este dominio', 'dns_content_empty' => 'No hay contenido', 'dns_content_invalid' => 'El contenido DNS no es válido', diff --git a/templates/Froxlor/user/form-datatable.html.twig b/templates/Froxlor/user/form-datatable.html.twig index e04ebd2d..9343c9b9 100644 --- a/templates/Froxlor/user/form-datatable.html.twig +++ b/templates/Froxlor/user/form-datatable.html.twig @@ -4,7 +4,7 @@ {% if tabledata.table.tr is not empty and tabledata.table.tr is iterable %}
{% set type = 'warning' %} - {% set alert_msg = lng('error.customerhasongoingbackupjob') %} + {% set alert_msg = lng('error.customerhasongoingexportjob') %} {% include 'Froxlor/misc/alertbox.html.twig' %}
{% import "Froxlor/table/table.html.twig" as table %} From bfc816a51efde55be504c2e2c18b4766ba1943f2 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Wed, 7 Jun 2023 15:08:36 +0200 Subject: [PATCH 27/87] add php-configuration to domain-listing, fixes #1141; move backup-menu to 'System' instead of 'Resources' Signed-off-by: Michael Kaufmann --- lib/Froxlor/UI/Callbacks/Domain.php | 29 +++++++++++++++---- lib/navigation/00.froxlor.main.php | 12 ++++---- .../admin/tablelisting.domains.php | 8 +++++ 3 files changed, 37 insertions(+), 12 deletions(-) diff --git a/lib/Froxlor/UI/Callbacks/Domain.php b/lib/Froxlor/UI/Callbacks/Domain.php index d56c83d6..d476db9b 100644 --- a/lib/Froxlor/UI/Callbacks/Domain.php +++ b/lib/Froxlor/UI/Callbacks/Domain.php @@ -25,6 +25,7 @@ namespace Froxlor\UI\Callbacks; +use Froxlor\Database\Database; use Froxlor\Domain\Domain as DDomain; use Froxlor\FileDir; use Froxlor\Settings; @@ -79,11 +80,11 @@ class Domain { $result = ''; if ($attributes['fields']['parentdomainid'] != 0) { - $result = ''; + $result = ''; } $result .= '' . $attributes['data'] . ''; // check for statistics if parentdomainid==0 to show stats-link for customers - if ((int)UI::getCurrentUser()['adminsession'] == 0 && $attributes['fields']['parentdomainid'] == 0 && $attributes['fields']['deactivated'] == 0) { + if ((int)UI::getCurrentUser()['adminsession'] == 0 && $attributes['fields']['parentdomainid'] == 0 && $attributes['fields']['deactivated'] == 0) { $statsapp = Settings::Get('system.traffictool'); $result .= ' '; } @@ -189,13 +190,11 @@ class Domain // specified certificate for domain if ($attributes['fields']['domain_hascert'] == 1) { $result['icon'] .= ' text-success'; - } - // shared certificates (e.g. subdomain if domain where certificate is specified) + } // shared certificates (e.g. subdomain if domain where certificate is specified) elseif ($attributes['fields']['domain_hascert'] == 2) { $result['icon'] .= ' text-warning'; $result['title'] .= "\n" . lng('panel.ssleditor_infoshared'); - } - // no certificate specified, using global fallbacks (IPs and Ports or if empty SSL settings) + } // no certificate specified, using global fallbacks (IPs and Ports or if empty SSL settings) elseif ($attributes['fields']['domain_hascert'] == 0) { $result['icon'] .= ' text-danger'; $result['title'] .= "\n" . lng('panel.ssleditor_infoglobal'); @@ -217,4 +216,22 @@ class Domain } return lng('panel.empty'); } + + public static function getPhpConfigName(array $attributes): string + { + $sel_stmt = Database::prepare("SELECT `description` FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"); + $phpconfig = Database::pexecute_first($sel_stmt, ['id' => $attributes['data']]); + if ((int)UI::getCurrentUser()['adminsession'] == 1) { + $linker = UI::getLinker(); + $result = '' . $phpconfig['description'] . ''; + } else { + $result = $phpconfig['description']; + } + return $result; + } } diff --git a/lib/navigation/00.froxlor.main.php b/lib/navigation/00.froxlor.main.php index 012308e0..e27c22b1 100644 --- a/lib/navigation/00.froxlor.main.php +++ b/lib/navigation/00.froxlor.main.php @@ -223,12 +223,6 @@ return [ 'required_resources' => 'customers', 'add_shortlink' => 'admin_plans.php?page=overview&action=add' ], - [ - 'url' => 'admin_backups.php?page=overview', - 'label' => lng('admin.backups.backups'), - 'required_resources' => 'change_serversettings', - 'add_shortlink' => 'admin_backups.php?page=overview&action=add' - ], [ 'url' => 'admin_settings.php?page=updatecounters', 'label' => lng('admin.updatecounters'), @@ -268,6 +262,12 @@ return [ 'label' => lng('admin.cron.cronsettings'), 'required_resources' => 'change_serversettings' ], + [ + 'url' => 'admin_backups.php?page=overview', + 'label' => lng('admin.backups.backups'), + 'required_resources' => 'change_serversettings', + 'add_shortlink' => 'admin_backups.php?page=overview&action=add' + ], [ 'url' => 'admin_logger.php?page=log', 'label' => lng('menue.logger.logger'), diff --git a/lib/tablelisting/admin/tablelisting.domains.php b/lib/tablelisting/admin/tablelisting.domains.php index 3c484e11..a5f578ee 100644 --- a/lib/tablelisting/admin/tablelisting.domains.php +++ b/lib/tablelisting/admin/tablelisting.domains.php @@ -23,6 +23,7 @@ * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 */ +use Froxlor\Settings; use Froxlor\UI\Callbacks\Domain; use Froxlor\UI\Callbacks\Impersonate; use Froxlor\UI\Callbacks\Style; @@ -114,6 +115,13 @@ return [ 'field' => 'phpenabled', 'callback' => [Text::class, 'boolean'], ], + 'd.phpsettingid' => [ + 'label' => lng('admin.phpsettings.title'), + 'field' => 'phpsettingid', + 'searchable' => false, + 'callback' => [Domain::class, 'getPhpConfigName'], + 'visible' => (int)Settings::Get('system.mod_fcgid') == 1 || (int)Settings::Get('phpfpm.enabled') == 1 + ], 'd.openbasedir' => [ 'label' => lng('domains.openbasedirenabled'), 'field' => 'openbasedir', From 3445472049362ef9652ebc96107027db179b7eec Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Wed, 7 Jun 2023 16:18:05 +0200 Subject: [PATCH 28/87] combine change-password, change-theme and change-language into 'my profile' Signed-off-by: Michael Kaufmann --- admin_index.php | 167 +++++++------ customer_index.php | 223 +++++++++--------- lng/de.lng.php | 1 + lng/en.lng.php | 1 + .../Froxlor/user/change_language.html.twig | 34 --- .../Froxlor/user/change_password.html.twig | 57 ----- templates/Froxlor/user/change_theme.html.twig | 34 --- templates/Froxlor/user/profile.html.twig | 142 +++++++++++ templates/Froxlor/userarea.html.twig | 14 +- 9 files changed, 337 insertions(+), 336 deletions(-) delete mode 100644 templates/Froxlor/user/change_language.html.twig delete mode 100644 templates/Froxlor/user/change_password.html.twig delete mode 100644 templates/Froxlor/user/change_theme.html.twig create mode 100644 templates/Froxlor/user/profile.html.twig diff --git a/admin_index.php b/admin_index.php index f5479e4e..91ea51a5 100644 --- a/admin_index.php +++ b/admin_index.php @@ -31,6 +31,7 @@ use Froxlor\Api\Commands\Froxlor as Froxlor; use Froxlor\CurrentUser; use Froxlor\Database\Database; use Froxlor\FroxlorLogger; +use Froxlor\Language; use Froxlor\Settings; use Froxlor\System\Cronjob; use Froxlor\System\Crypt; @@ -38,7 +39,6 @@ use Froxlor\UI\Panel\UI; use Froxlor\UI\Request; use Froxlor\UI\Response; use Froxlor\Validate\Validate; -use Froxlor\Language; $id = (int)Request::any('id'); @@ -196,107 +196,104 @@ if ($page == 'overview') { 'outstanding_tasks' => $outstanding_tasks, 'cron_last_runs' => $cron_last_runs ]); -} elseif ($page == 'change_password') { - if (isset($_POST['send']) && $_POST['send'] == 'send') { - $old_password = Validate::validate($_POST['old_password'], 'old password'); +} elseif ($page == 'profile') { + $languages = Language::getLanguages(); - if (!Crypt::validatePasswordLogin($userinfo, $old_password, TABLE_PANEL_ADMINS, 'adminid')) { - Response::standardError('oldpasswordnotcorrect'); - } + if (!empty($_POST)) { + if ($_POST['send'] == 'changepassword') { + $old_password = Validate::validate($_POST['old_password'], 'old password'); - try { - $new_password = Crypt::validatePassword($_POST['new_password'], 'new password'); - $new_password_confirm = Crypt::validatePassword($_POST['new_password_confirm'], 'new password confirm'); - } catch (Exception $e) { - Response::dynamicError($e->getMessage()); - } + if (!Crypt::validatePasswordLogin($userinfo, $old_password, TABLE_PANEL_ADMINS, 'adminid')) { + Response::standardError('oldpasswordnotcorrect'); + } - if ($old_password == '') { - Response::standardError([ - 'stringisempty', - 'changepassword.old_password' - ]); - } elseif ($new_password == '') { - Response::standardError([ - 'stringisempty', - 'changepassword.new_password' - ]); - } elseif ($new_password_confirm == '') { - Response::standardError([ - 'stringisempty', - 'changepassword.new_password_confirm' - ]); - } elseif ($new_password != $new_password_confirm) { - Response::standardError('newpasswordconfirmerror'); - } else { try { - Admins::getLocal($userinfo, [ - 'id' => $userinfo['adminid'], - 'admin_password' => $new_password - ])->update(); + $new_password = Crypt::validatePassword($_POST['new_password'], 'new password'); + $new_password_confirm = Crypt::validatePassword($_POST['new_password_confirm'], 'new password confirm'); } catch (Exception $e) { Response::dynamicError($e->getMessage()); } - $log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, 'changed password'); + + if ($old_password == '') { + Response::standardError([ + 'stringisempty', + 'changepassword.old_password' + ]); + } elseif ($new_password == '') { + Response::standardError([ + 'stringisempty', + 'changepassword.new_password' + ]); + } elseif ($new_password_confirm == '') { + Response::standardError([ + 'stringisempty', + 'changepassword.new_password_confirm' + ]); + } elseif ($new_password != $new_password_confirm) { + Response::standardError('newpasswordconfirmerror'); + } else { + try { + Admins::getLocal($userinfo, [ + 'id' => $userinfo['adminid'], + 'admin_password' => $new_password + ])->update(); + } catch (Exception $e) { + Response::dynamicError($e->getMessage()); + } + $log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, 'changed password'); + Response::redirectTo($filename); + } + } elseif ($_POST['send'] == 'changetheme') { + if (Settings::Get('panel.allow_theme_change_admin') == 1) { + $theme = Validate::validate($_POST['theme'], 'theme'); + try { + Admins::getLocal($userinfo, [ + 'id' => $userinfo['adminid'], + 'theme' => $theme + ])->update(); + } catch (Exception $e) { + Response::dynamicError($e->getMessage()); + } + + $log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "changed his/her theme to '" . $theme . "'"); + } + Response::redirectTo($filename); + } elseif ($_POST['send'] == 'changelanguage') { + $def_language = Validate::validate($_POST['def_language'], 'default language'); + + if (isset($languages[$def_language])) { + try { + Admins::getLocal($userinfo, [ + 'id' => $userinfo['adminid'], + 'def_language' => $def_language + ])->update(); + CurrentUser::setField('language', $def_language); + } catch (Exception $e) { + Response::dynamicError($e->getMessage()); + } + } + $log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "changed his/her default language to '" . $def_language . "'"); Response::redirectTo($filename); } } else { - UI::view('user/change_password.html.twig'); - } -} elseif ($page == 'change_language') { - $languages = Language::getLanguages(); - if (isset($_POST['send']) && $_POST['send'] == 'send') { - $def_language = Validate::validate($_POST['def_language'], 'default language'); - - if (isset($languages[$def_language])) { - try { - Admins::getLocal($userinfo, [ - 'id' => $userinfo['adminid'], - 'def_language' => $def_language - ])->update(); - CurrentUser::setField('language', $def_language); - } catch (Exception $e) { - Response::dynamicError($e->getMessage()); - } + // change theme + $default_theme = Settings::Get('panel.default_theme'); + if ($userinfo['theme'] != '') { + $default_theme = $userinfo['theme']; } - $log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "changed his/her default language to '" . $def_language . "'"); - Response::redirectTo($filename); - } else { + $themes_avail = UI::getThemes(); + + // change language $default_lang = Settings::Get('panel.standardlanguage'); if ($userinfo['def_language'] != '') { $default_lang = $userinfo['def_language']; } - UI::view('user/change_language.html.twig', [ - 'languages' => $languages, - 'default_lang' => $default_lang - ]); - } -} elseif ($page == 'change_theme') { - if (isset($_POST['send']) && $_POST['send'] == 'send') { - $theme = Validate::validate($_POST['theme'], 'theme'); - try { - Admins::getLocal($userinfo, [ - 'id' => $userinfo['adminid'], - 'theme' => $theme - ])->update(); - } catch (Exception $e) { - Response::dynamicError($e->getMessage()); - } - - $log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "changed his/her theme to '" . $theme . "'"); - Response::redirectTo($filename); - } else { - $default_theme = Settings::Get('panel.default_theme'); - if ($userinfo['theme'] != '') { - $default_theme = $userinfo['theme']; - } - - $themes_avail = UI::getThemes(); - - UI::view('user/change_theme.html.twig', [ + UI::view('user/profile.html.twig', [ 'themes' => $themes_avail, - 'default_theme' => $default_theme + 'default_theme' => $default_theme, + 'languages' => $languages, + 'default_lang' => $default_lang, ]); } } elseif ($page == 'send_error_report' && Settings::Get('system.allow_error_report_admin') == '1') { diff --git a/customer_index.php b/customer_index.php index 4d0d2a6f..17b48486 100644 --- a/customer_index.php +++ b/customer_index.php @@ -27,18 +27,18 @@ const AREA = 'customer'; require __DIR__ . '/lib/init.php'; use Froxlor\Api\Commands\Customers as Customers; +use Froxlor\Cron\TaskId; use Froxlor\CurrentUser; use Froxlor\Database\Database; use Froxlor\Froxlor; use Froxlor\FroxlorLogger; +use Froxlor\Language; use Froxlor\Settings; +use Froxlor\System\Cronjob; use Froxlor\System\Crypt; use Froxlor\UI\Panel\UI; use Froxlor\UI\Response; use Froxlor\Validate\Validate; -use Froxlor\Language; -use Froxlor\System\Cronjob; -use Froxlor\Cron\TaskId; if ($action == 'logout') { $log->logAction(FroxlorLogger::USR_ACTION, LOG_INFO, 'logged out'); @@ -115,13 +115,13 @@ if ($page == 'overview') { if ($usages) { $userinfo['diskspace_bytes_used'] = $usages['webspace'] * 1024; - $userinfo['mailspace_used'] = $usages['mail'] * 1024; + $userinfo['mailspace_used'] = $usages['mail'] * 1024; $userinfo['dbspace_used'] = $usages['mysql'] * 1024; $userinfo['total_bytes_used'] = ($usages['webspace'] + $usages['mail'] + $usages['mysql']) * 1024; } else { $userinfo['diskspace_bytes_used'] = 0; $userinfo['total_bytes_used'] = 0; - $userinfo['mailspace_used'] = 0; + $userinfo['mailspace_used'] = 0; $userinfo['dbspace_used'] = 0; } @@ -130,141 +130,138 @@ if ($page == 'overview') { 'domains' => $domainArray, 'stdsubdomain' => $stdsubdomain ]); -} elseif ($page == 'change_password') { - if (isset($_POST['send']) && $_POST['send'] == 'send') { - $old_password = Validate::validate($_POST['old_password'], 'old password'); +} elseif ($page == 'profile') { + $languages = Language::getLanguages(); - if (!Crypt::validatePasswordLogin($userinfo, $old_password, TABLE_PANEL_CUSTOMERS, 'customerid')) { - Response::standardError('oldpasswordnotcorrect'); - } + if (!empty($_POST)) { + if ($_POST['send'] == 'changepassword') { + $old_password = Validate::validate($_POST['old_password'], 'old password'); - try { - $new_password = Crypt::validatePassword($_POST['new_password'], 'new password'); - $new_password_confirm = Crypt::validatePassword($_POST['new_password_confirm'], 'new password confirm'); - } catch (Exception $e) { - Response::dynamicError($e->getMessage()); - } + if (!Crypt::validatePasswordLogin($userinfo, $old_password, TABLE_PANEL_CUSTOMERS, 'customerid')) { + Response::standardError('oldpasswordnotcorrect'); + } - if ($old_password == '') { - Response::standardError([ - 'stringisempty', - 'changepassword.old_password' - ]); - } elseif ($new_password == '') { - Response::standardError([ - 'stringisempty', - 'changepassword.new_password' - ]); - } elseif ($new_password_confirm == '') { - Response::standardError([ - 'stringisempty', - 'changepassword.new_password_confirm' - ]); - } elseif ($new_password != $new_password_confirm) { - Response::standardError('newpasswordconfirmerror'); - } else { - // Update user password try { - Customers::getLocal($userinfo, [ - 'id' => $userinfo['customerid'], - 'new_customer_password' => $new_password - ])->update(); + $new_password = Crypt::validatePassword($_POST['new_password'], 'new password'); + $new_password_confirm = Crypt::validatePassword($_POST['new_password_confirm'], 'new password confirm'); } catch (Exception $e) { Response::dynamicError($e->getMessage()); } - $log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, 'changed password'); - // Update ftp password - if (isset($_POST['change_main_ftp']) && $_POST['change_main_ftp'] == 'true') { - $cryptPassword = Crypt::makeCryptPassword($new_password); - $stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "` + if ($old_password == '') { + Response::standardError([ + 'stringisempty', + 'changepassword.old_password' + ]); + } elseif ($new_password == '') { + Response::standardError([ + 'stringisempty', + 'changepassword.new_password' + ]); + } elseif ($new_password_confirm == '') { + Response::standardError([ + 'stringisempty', + 'changepassword.new_password_confirm' + ]); + } elseif ($new_password != $new_password_confirm) { + Response::standardError('newpasswordconfirmerror'); + } else { + // Update user password + try { + Customers::getLocal($userinfo, [ + 'id' => $userinfo['customerid'], + 'new_customer_password' => $new_password + ])->update(); + } catch (Exception $e) { + Response::dynamicError($e->getMessage()); + } + $log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, 'changed password'); + + // Update ftp password + if (isset($_POST['change_main_ftp']) && $_POST['change_main_ftp'] == 'true') { + $cryptPassword = Crypt::makeCryptPassword($new_password); + $stmt = Database::prepare("UPDATE `" . TABLE_FTP_USERS . "` SET `password` = :password WHERE `customerid` = :customerid AND `username` = :username"); - $params = [ - "password" => $cryptPassword, - "customerid" => $userinfo['customerid'], - "username" => $userinfo['loginname'] - ]; - Database::pexecute($stmt, $params); - $log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, 'changed main ftp password'); - } + $params = [ + "password" => $cryptPassword, + "customerid" => $userinfo['customerid'], + "username" => $userinfo['loginname'] + ]; + Database::pexecute($stmt, $params); + $log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, 'changed main ftp password'); + } - // Update statistics password - if (isset($_POST['change_stats']) && $_POST['change_stats'] == 'true') { - $new_stats_password = Crypt::makeCryptPassword($new_password, true); + // Update statistics password + if (isset($_POST['change_stats']) && $_POST['change_stats'] == 'true') { + $new_stats_password = Crypt::makeCryptPassword($new_password, true); - $stmt = Database::prepare("UPDATE `" . TABLE_PANEL_HTPASSWDS . "` + $stmt = Database::prepare("UPDATE `" . TABLE_PANEL_HTPASSWDS . "` SET `password` = :password WHERE `customerid` = :customerid AND `username` = :username"); - $params = [ - "password" => $new_stats_password, - "customerid" => $userinfo['customerid'], - "username" => $userinfo['loginname'] - ]; - Database::pexecute($stmt, $params); - Cronjob::inserttask(TaskId::REBUILD_VHOST); - } + $params = [ + "password" => $new_stats_password, + "customerid" => $userinfo['customerid'], + "username" => $userinfo['loginname'] + ]; + Database::pexecute($stmt, $params); + Cronjob::inserttask(TaskId::REBUILD_VHOST); + } + Response::redirectTo($filename); + } + } elseif ($_POST['send'] == 'changetheme') { + if (Settings::Get('panel.allow_theme_change_customer') == 1) { + $theme = Validate::validate($_POST['theme'], 'theme'); + try { + Customers::getLocal($userinfo, [ + 'id' => $userinfo['customerid'], + 'theme' => $theme + ])->update(); + } catch (Exception $e) { + Response::dynamicError($e->getMessage()); + } + + $log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "changed default theme to '" . $theme . "'"); + } + Response::redirectTo($filename); + } elseif ($_POST['send'] == 'changelanguage') { + $def_language = Validate::validate($_POST['def_language'], 'default language'); + if (isset($languages[$def_language])) { + try { + Customers::getLocal($userinfo, [ + 'id' => $userinfo['customerid'], + 'def_language' => $def_language + ])->update(); + CurrentUser::setField('language', $def_language); + } catch (Exception $e) { + Response::dynamicError($e->getMessage()); + } + } + $log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "changed default language to '" . $def_language . "'"); Response::redirectTo($filename); } } else { - UI::view('user/change_password.html.twig'); - } -} elseif ($page == 'change_language') { - $languages = Language::getLanguages(); - if (isset($_POST['send']) && $_POST['send'] == 'send') { - $def_language = Validate::validate($_POST['def_language'], 'default language'); - if (isset($languages[$def_language])) { - try { - Customers::getLocal($userinfo, [ - 'id' => $userinfo['customerid'], - 'def_language' => $def_language - ])->update(); - CurrentUser::setField('language', $def_language); - } catch (Exception $e) { - Response::dynamicError($e->getMessage()); - } + // change theme + $default_theme = Settings::Get('panel.default_theme'); + if ($userinfo['theme'] != '') { + $default_theme = $userinfo['theme']; } - $log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "changed default language to '" . $def_language . "'"); - Response::redirectTo($filename); - } else { + $themes_avail = UI::getThemes(); + + // change language $default_lang = Settings::Get('panel.standardlanguage'); if ($userinfo['def_language'] != '') { $default_lang = $userinfo['def_language']; } - UI::view('user/change_language.html.twig', [ - 'languages' => $languages, - 'default_lang' => $default_lang - ]); - } -} elseif ($page == 'change_theme') { - if (isset($_POST['send']) && $_POST['send'] == 'send') { - $theme = Validate::validate($_POST['theme'], 'theme'); - try { - Customers::getLocal($userinfo, [ - 'id' => $userinfo['customerid'], - 'theme' => $theme - ])->update(); - } catch (Exception $e) { - Response::dynamicError($e->getMessage()); - } - - $log->logAction(FroxlorLogger::USR_ACTION, LOG_NOTICE, "changed default theme to '" . $theme . "'"); - Response::redirectTo($filename); - } else { - $default_theme = Settings::Get('panel.default_theme'); - if ($userinfo['theme'] != '') { - $default_theme = $userinfo['theme']; - } - - $themes_avail = UI::getThemes(); - - UI::view('user/change_theme.html.twig', [ + UI::view('user/profile.html.twig', [ 'themes' => $themes_avail, - 'default_theme' => $default_theme + 'default_theme' => $default_theme, + 'languages' => $languages, + 'default_lang' => $default_lang, ]); } } elseif ($page == 'send_error_report' && Settings::Get('system.allow_error_report_customer') == '1') { diff --git a/lng/de.lng.php b/lng/de.lng.php index 46b64892..ce712eb4 100644 --- a/lng/de.lng.php +++ b/lng/de.lng.php @@ -1236,6 +1236,7 @@ Vielen Dank, Ihr Administrator', 'description' => 'Wähle das zu durchsuchende Feld aus' ], 'upload_import' => 'Hochladen und importieren', + 'profile' => 'Mein Profil', ], 'phpfpm' => [ 'vhost_httpuser' => 'Lokaler Benutzer für PHP-FPM (Froxlor-Vhost)', diff --git a/lng/en.lng.php b/lng/en.lng.php index 2a20e567..8994dbc0 100644 --- a/lng/en.lng.php +++ b/lng/en.lng.php @@ -1351,6 +1351,7 @@ Yours sincerely, your administrator', 'description' => 'Select the field you want to search in' ], 'upload_import' => 'Upload and import', + 'profile' => 'My profile', ], 'phpfpm' => [ 'vhost_httpuser' => 'Local user to use for PHP-FPM (Froxlor vHost)', diff --git a/templates/Froxlor/user/change_language.html.twig b/templates/Froxlor/user/change_language.html.twig deleted file mode 100644 index c035f1f9..00000000 --- a/templates/Froxlor/user/change_language.html.twig +++ /dev/null @@ -1,34 +0,0 @@ -{% extends "Froxlor/userarea.html.twig" %} - -{% block content %} -
-
-
-
-
-
{{ lng('menue.main.changelanguage') }}
- -
- - -
-
- -
- - - - -
-
-
-
-
-{% endblock %} diff --git a/templates/Froxlor/user/change_password.html.twig b/templates/Froxlor/user/change_password.html.twig deleted file mode 100644 index 49d49761..00000000 --- a/templates/Froxlor/user/change_password.html.twig +++ /dev/null @@ -1,57 +0,0 @@ -{% extends "Froxlor/userarea.html.twig" %} - -{% block content %} -
-
-
-
-
-
{{ lng('menue.main.changepassword') }}
- -
- - -
-
- - -
-
- - -
- - {% if userinfo.adminsession == 0 %} - -
- -
- - -
-
- -
- -
- - -
-
- - {% endif %} -
- -
- - - - -
-
-
-
-
-{% endblock %} diff --git a/templates/Froxlor/user/change_theme.html.twig b/templates/Froxlor/user/change_theme.html.twig deleted file mode 100644 index 12ecae79..00000000 --- a/templates/Froxlor/user/change_theme.html.twig +++ /dev/null @@ -1,34 +0,0 @@ -{% extends "Froxlor/userarea.html.twig" %} - -{% block content %} -
-
-
-
-
-
{{ lng('menue.main.changetheme') }}
- -
- - -
-
- -
- - - - -
-
-
-
-
-{% endblock %} diff --git a/templates/Froxlor/user/profile.html.twig b/templates/Froxlor/user/profile.html.twig new file mode 100644 index 00000000..842120eb --- /dev/null +++ b/templates/Froxlor/user/profile.html.twig @@ -0,0 +1,142 @@ +{% extends "Froxlor/userarea.html.twig" %} + +{% block content %} +

{{ lng('panel.profile') }}

+ +
+
+ {# change password #} +
+
+
+
{{ lng('menue.main.changepassword') }}
+ +
+ + +
+
+ + +
+
+ + +
+ + {% if userinfo.adminsession == 0 %} + +
+ +
+ + +
+
+ +
+ +
+ + +
+
+ + {% endif %} +
+ +
+ + + + +
+
+
+
+ {% if (get_setting('panel.allow_theme_change_admin') == '1' and userinfo.adminsession == 1) or (get_setting('panel.allow_theme_change_customer') == '1' and userinfo.adminsession == 0) %} +
+ {# change theme #} +
+
+
+
{{ lng('menue.main.changetheme') }}
+ +
+ + +
+
+ +
+ + + + +
+
+
+
+ {% endif %} +
+ {# change language #} +
+
+
+
{{ lng('menue.main.changelanguage') }}
+ +
+ + +
+
+ +
+ + + + +
+
+
+
+ +
+{% endblock %} diff --git a/templates/Froxlor/userarea.html.twig b/templates/Froxlor/userarea.html.twig index 815df808..ddcccda5 100644 --- a/templates/Froxlor/userarea.html.twig +++ b/templates/Froxlor/userarea.html.twig @@ -51,25 +51,13 @@
  • - {{ lng('login.password') }} -
    • -
  • - {{ lng('login.language') }} + {{ lng('panel.profile') }}
    • {% if get_setting('2fa.enabled') == 1 %}
  • {{ lng('2fa.2fa') }}
    • {% endif %} - {% if get_setting('panel.allow_theme_change_admin') == '1' and userinfo.adminsession == 1 %} -
  • - {{ lng('panel.theme') }} -
    • - {% elseif get_setting('panel.allow_theme_change_customer') == '1' and userinfo.adminsession == 0 %} -
  • - {{ lng('panel.theme') }} -
    • - {% endif %} {% if get_setting('api.enabled') == 1 and userinfo.api_allowed == 1 %}
  • From 981d7f3d9a0c771d0130e76637b08521cfea3492 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Wed, 7 Jun 2023 17:58:29 +0200 Subject: [PATCH 29/87] dblayout enhancements for backup-feature; added preconfig and updates for 2.1.x Signed-off-by: Michael Kaufmann --- install/froxlor.sql.php | 26 ++++ ...{update_2.x.inc.php => update_2.0.inc.php} | 83 ----------- install/updates/froxlor/update_2.1.inc.php | 138 ++++++++++++++++++ ...nfig_2.x.inc.php => preconfig_2.0.inc.php} | 2 +- .../updates/preconfig/preconfig_2.1.inc.php | 43 ++++++ install/updatesql.php | 3 +- lib/Froxlor/Cron/Backup/BackupCron.php | 8 +- 7 files changed, 214 insertions(+), 89 deletions(-) rename install/updates/froxlor/{update_2.x.inc.php => update_2.0.inc.php} (86%) create mode 100644 install/updates/froxlor/update_2.1.inc.php rename install/updates/preconfig/{preconfig_2.x.inc.php => preconfig_2.0.inc.php} (99%) create mode 100644 install/updates/preconfig/preconfig_2.1.inc.php diff --git a/install/froxlor.sql.php b/install/froxlor.sql.php index cd6e0bdb..1b5e4ea6 100644 --- a/install/froxlor.sql.php +++ b/install/froxlor.sql.php @@ -223,6 +223,8 @@ CREATE TABLE `panel_customers` ( `api_allowed` tinyint(1) NOT NULL default '1', `logviewenabled` tinyint(1) NOT NULL default '0', `allowed_mysqlserver` text NOT NULL, + `backup` int(11) NOT NULL default '1', + `access_backups` tinyint(1) NOT NULL default '1', PRIMARY KEY (`customerid`), UNIQUE KEY `loginname` (`loginname`) ) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci ROW_FORMAT=DYNAMIC; @@ -1063,6 +1065,7 @@ CREATE TABLE `panel_usercolumns` ( KEY customerid (customerid) ) ENGINE=InnoDB CHARSET=utf8 COLLATE=utf8_general_ci; + DROP TABLE IF EXISTS `panel_loginlinks`; CREATE TABLE `panel_loginlinks` ( `hash` varchar(500) NOT NULL, @@ -1072,6 +1075,27 @@ CREATE TABLE `panel_loginlinks` ( UNIQUE KEY `loginname` (`loginname`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci; + +DROP TABLE IF EXISTS `panel_backup_storages`; +CREATE TABLE `panel_backup_storages` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `description` varchar(255) NOT NULL, + `type` varchar(255) NOT NULL DEFAULT 'local', + `region` varchar(255) NULL, + `bucket` varchar(255) NULL, + `destination_path` varchar(255) NOT NULL, + `hostname` varchar(255) NULL, + `username` varchar(255) NULL, + `password` varchar(255) NULL, + `pgp_public_key` varchar(255) NULL, + `retention` int(3) NOT NULL DEFAULT 3, + PRIMARY KEY (`id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci; + +INSERT INTO `panel_backup_storages` (`id`, `description`, `destination_path`) VALUES + (1, 'Local backup storage', '/var/customers/backups'); + + DROP TABLE IF EXISTS `panel_backups`; CREATE TABLE `panel_backups` ( `id` int(11) NOT NULL AUTO_INCREMENT, @@ -1079,6 +1103,8 @@ CREATE TABLE `panel_backups` ( `customerid` int(11) NOT NULL, `loginname` varchar(255) NOT NULL, `size` bigint(20) NOT NULL, + `storage_id` int(11) NOT NULL, + `filename` varchar(255) NOT NULL, `created_at` int(15) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci; diff --git a/install/updates/froxlor/update_2.x.inc.php b/install/updates/froxlor/update_2.0.inc.php similarity index 86% rename from install/updates/froxlor/update_2.x.inc.php rename to install/updates/froxlor/update_2.0.inc.php index fd0d1217..7e3541df 100644 --- a/install/updates/froxlor/update_2.x.inc.php +++ b/install/updates/froxlor/update_2.0.inc.php @@ -497,86 +497,3 @@ if (Froxlor::isFroxlorVersion('2.0.19')) { Update::showUpdateStep("Updating from 2.0.19 to 2.0.20", false); Froxlor::updateToVersion('2.0.20'); } - -if (Froxlor::isDatabaseVersion('202304260')) { - Update::showUpdateStep("Cleaning domains table"); - Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` DROP COLUMN `ismainbutsubto`;"); - Update::lastStepStatus(0); - - Update::showUpdateStep("Creating new tables and fields"); - Database::query("DROP TABLE IF EXISTS `panel_loginlinks`;"); - $sql = "CREATE TABLE `panel_loginlinks` ( - `hash` varchar(500) NOT NULL, - `loginname` varchar(50) NOT NULL, - `valid_until` int(15) NOT NULL, - `allowed_from` text NOT NULL, - UNIQUE KEY `loginname` (`loginname`) - ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;"; - Database::query($sql); - Update::lastStepStatus(0); - - Update::showUpdateStep("Adjusting setting for deactivated webroot"); - $current_deactivated_webroot = Settings::Get('system.deactivateddocroot'); - if (empty($current_deactivated_webroot)) { - Settings::Set('system.deactivateddocroot', FileDir::makeCorrectDir(Froxlor::getInstallDir() . '/templates/misc/deactivated/')); - Update::lastStepStatus(0); - } else { - Update::lastStepStatus(1, 'Customized setting, not changing'); - } - - Update::showUpdateStep("Creating new tables and fields for backups"); - Database::query("DROP TABLE IF EXISTS `panel_backups`;"); - $sql = "CREATE TABLE `panel_backups` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `adminid` int(11) NOT NULL, - `customerid` int(11) NOT NULL, - `loginname` varchar(255) NOT NULL, - `size` bigint(20) NOT NULL, - `created_at` int(15) NOT NULL, - PRIMARY KEY (`id`) - ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;"; - Database::query($sql); - Update::lastStepStatus(0); - - Update::showUpdateStep("Adding new backup settings"); - Settings::AddNew('backup.enabled', 0); - Settings::AddNew('backup.type', 'Local'); - Settings::AddNew('backup.region', ''); - Settings::AddNew('backup.bucket', ''); - Settings::AddNew('backup.destination_path', '/srv/backups/'); - Settings::AddNew('backup.hostname', ''); - Settings::AddNew('backup.username', ''); - Settings::AddNew('backup.password', ''); - Settings::AddNew('backup.pgp_public_key', ''); - Settings::AddNew('backup.retention', 3); - Update::lastStepStatus(0); - - Update::showUpdateStep("Adjusting cronjobs"); - Database::query(" - UPDATE `" . TABLE_PANEL_CRONRUNS . "` SET - `module`= 'froxlor/export', - `cronfile` = 'export', - `cronclass` = '\\Froxlor\\Cron\\System\\ExportCron', - `desc_lng_key` = 'cron_export' - WHERE `module` = 'froxlor/backup' - "); - Database::query(" - INSERT INTO `" . TABLE_PANEL_CRONRUNS . "` SET - `module`= 'froxlor/backup', - `cronfile` = 'backup', - `cronclass` = '\\Froxlor\\Cron\\Backup\\BackupCron', - `interval` = '1 DAY', - `isactive` = '0', - `desc_lng_key` = 'cron_backup' - "); - Update::lastStepStatus(0); - - Update::showUpdateStep("Adjusting system for data-export function"); - Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "`SET `varname` = 'exportenabled' WHERE `settinggroup`= 'system' AND `varname`= 'backupenabled"); - Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "`SET `value` = REPLACE(`value`, 'extras.backup', 'extras.export') WHERE `settinggroup` = 'panel' AND `varname` = 'customer_hide_options'"); - Database::query("DELETE FROM `" . TABLE_PANEL_USERCOLUMNS . "` WHERE `section` = 'backup_list'"); - Database::query("DELETE FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '20'"); - Update::lastStepStatus(0); - - Froxlor::updateToDbVersion('202305240'); -} diff --git a/install/updates/froxlor/update_2.1.inc.php b/install/updates/froxlor/update_2.1.inc.php new file mode 100644 index 00000000..6d304094 --- /dev/null +++ b/install/updates/froxlor/update_2.1.inc.php @@ -0,0 +1,138 @@ + + * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 + */ + +use Froxlor\Database\Database; +use Froxlor\FileDir; +use Froxlor\Froxlor; +use Froxlor\Install\Update; +use Froxlor\Settings; + +if (!defined('_CRON_UPDATE')) { + if (!defined('AREA') || (defined('AREA') && AREA != 'admin') || !isset($userinfo['loginname']) || (isset($userinfo['loginname']) && $userinfo['loginname'] == '')) { + header('Location: ../../../../index.php'); + exit(); + } +} + +if (Froxlor::isDatabaseVersion('202304260')) { + Update::showUpdateStep("Cleaning domains table"); + Database::query("ALTER TABLE `" . TABLE_PANEL_DOMAINS . "` DROP COLUMN `ismainbutsubto`;"); + Update::lastStepStatus(0); + + Update::showUpdateStep("Creating new tables and fields"); + Database::query("DROP TABLE IF EXISTS `panel_loginlinks`;"); + $sql = "CREATE TABLE `panel_loginlinks` ( + `hash` varchar(500) NOT NULL, + `loginname` varchar(50) NOT NULL, + `valid_until` int(15) NOT NULL, + `allowed_from` text NOT NULL, + UNIQUE KEY `loginname` (`loginname`) + ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;"; + Database::query($sql); + Update::lastStepStatus(0); + + Update::showUpdateStep("Adjusting setting for deactivated webroot"); + $current_deactivated_webroot = Settings::Get('system.deactivateddocroot'); + if (empty($current_deactivated_webroot)) { + Settings::Set('system.deactivateddocroot', FileDir::makeCorrectDir(Froxlor::getInstallDir() . '/templates/misc/deactivated/')); + Update::lastStepStatus(0); + } else { + Update::lastStepStatus(1, 'Customized setting, not changing'); + } + + Update::showUpdateStep("Creating new tables and fields for backups"); + Database::query("DROP TABLE IF EXISTS `panel_backup_storages`;"); + $sql = "CREATE TABLE `panel_backup_storages` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `description` varchar(255) NOT NULL, + `type` varchar(255) NOT NULL DEFAULT 'local', + `region` varchar(255) NULL, + `bucket` varchar(255) NULL, + `destination_path` varchar(255) NOT NULL, + `hostname` varchar(255) NULL, + `username` varchar(255) NULL, + `password` varchar(255) NULL, + `pgp_public_key` varchar(255) NULL, + `retention` int(3) NOT NULL DEFAULT 3, + PRIMARY KEY (`id`) + ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;"; + Database::query($sql); + Database::query(" + INSERT INTO `panel_backup_storages` (`id`, `description`, `destination_path`) VALUES + (1, 'Local backup storage', '/var/customers/backups'); + "); + Database::query("DROP TABLE IF EXISTS `panel_backups`;"); + $sql = "CREATE TABLE `panel_backups` ( + `id` int(11) NOT NULL AUTO_INCREMENT, + `adminid` int(11) NOT NULL, + `customerid` int(11) NOT NULL, + `loginname` varchar(255) NOT NULL, + `size` bigint(20) NOT NULL, + `storage_id` int(11) NOT NULL, + `filename` varchar(255) NOT NULL, + `created_at` int(15) NOT NULL, + PRIMARY KEY (`id`) + ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;"; + Database::query($sql); + // add customer backup-target-storage + Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` ADD `backup` int(11) NOT NULL default '1' AFTER `allowed_mysqlserver`;"); + Database::query("ALTER TABLE `" . TABLE_PANEL_CUSTOMERS . "` ADD `access_backups` tinyint(1) NOT NULL default '1' AFTER `backup`;"); + Update::lastStepStatus(0); + + Update::showUpdateStep("Adding new backup settings"); + Settings::AddNew('backup.enabled', 0); + Settings::AddNew('backup.default_storage', 1); + Settings::AddNew('backup.default_customer_access', 1); + Update::lastStepStatus(0); + + Update::showUpdateStep("Adjusting cronjobs"); + Database::query(" + UPDATE `" . TABLE_PANEL_CRONRUNS . "` SET + `module`= 'froxlor/export', + `cronfile` = 'export', + `cronclass` = '\\Froxlor\\Cron\\System\\ExportCron', + `desc_lng_key` = 'cron_export' + WHERE `module` = 'froxlor/backup' + "); + Database::query(" + INSERT INTO `" . TABLE_PANEL_CRONRUNS . "` SET + `module`= 'froxlor/backup', + `cronfile` = 'backup', + `cronclass` = '\\Froxlor\\Cron\\Backup\\BackupCron', + `interval` = '1 DAY', + `isactive` = '0', + `desc_lng_key` = 'cron_backup' + "); + Update::lastStepStatus(0); + + Update::showUpdateStep("Adjusting system for data-export function"); + Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "`SET `varname` = 'exportenabled' WHERE `settinggroup`= 'system' AND `varname`= 'backupenabled"); + Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "`SET `value` = REPLACE(`value`, 'extras.backup', 'extras.export') WHERE `settinggroup` = 'panel' AND `varname` = 'customer_hide_options'"); + Database::query("DELETE FROM `" . TABLE_PANEL_USERCOLUMNS . "` WHERE `section` = 'backup_list'"); + Database::query("DELETE FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = '20'"); + Update::lastStepStatus(0); + + Froxlor::updateToDbVersion('202305240'); +} diff --git a/install/updates/preconfig/preconfig_2.x.inc.php b/install/updates/preconfig/preconfig_2.0.inc.php similarity index 99% rename from install/updates/preconfig/preconfig_2.x.inc.php rename to install/updates/preconfig/preconfig_2.0.inc.php index 5eb3d97d..6dd0dc33 100644 --- a/install/updates/preconfig/preconfig_2.x.inc.php +++ b/install/updates/preconfig/preconfig_2.0.inc.php @@ -30,7 +30,7 @@ use Froxlor\Install\Update; use Froxlor\Settings; $preconfig = [ - 'title' => '2.x updates', + 'title' => '2.0.x updates', 'fields' => [] ]; $return = []; diff --git a/install/updates/preconfig/preconfig_2.1.inc.php b/install/updates/preconfig/preconfig_2.1.inc.php new file mode 100644 index 00000000..88529296 --- /dev/null +++ b/install/updates/preconfig/preconfig_2.1.inc.php @@ -0,0 +1,43 @@ + + * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 + */ + +use Froxlor\Froxlor; +use Froxlor\FileDir; +use Froxlor\Config\ConfigParser; +use Froxlor\Install\Update; +use Froxlor\Settings; + +$preconfig = [ + 'title' => '2.1.x updates', + 'fields' => [] +]; +$return = []; + +if (Update::versionInUpdate($current_version, '2.1.0-dev1')) { + +} + +$preconfig['fields'] = $return; +return $preconfig; diff --git a/install/updatesql.php b/install/updatesql.php index f759d159..47b45a44 100644 --- a/install/updatesql.php +++ b/install/updatesql.php @@ -53,7 +53,8 @@ try { if (Froxlor::isFroxlor()) { include_once(FileDir::makeCorrectFile(dirname(__FILE__) . '/updates/froxlor/update_0.10.inc.php')); - include_once(FileDir::makeCorrectFile(dirname(__FILE__) . '/updates/froxlor/update_2.x.inc.php')); + include_once(FileDir::makeCorrectFile(dirname(__FILE__) . '/updates/froxlor/update_2.0.inc.php')); + include_once(FileDir::makeCorrectFile(dirname(__FILE__) . '/updates/froxlor/update_2.1.inc.php')); // Check Froxlor - database integrity (only happens after all updates are done, so we know the db-layout is okay) Update::showUpdateStep("Checking database integrity"); diff --git a/lib/Froxlor/Cron/Backup/BackupCron.php b/lib/Froxlor/Cron/Backup/BackupCron.php index 248cbe34..cd162e58 100644 --- a/lib/Froxlor/Cron/Backup/BackupCron.php +++ b/lib/Froxlor/Cron/Backup/BackupCron.php @@ -48,14 +48,14 @@ class BackupCron extends FroxlorCron ]); } - private static function handle($user, $data) + private static function handle(array $userdata) { - echo "BackupCron: started - creating customer backup for user $user\n"; + echo "BackupCron: started - creating customer backup for user " . $userdata['user'] . "\n"; - echo $data . "\n"; + echo $userdata['data'] . "\n"; sleep(rand(1, 3)); - echo "BackupCron: finished - creating customer backup for user $user\n"; + echo "BackupCron: finished - creating customer backup for user " . $userdata['user'] . "\n"; } } From a9c613e71c19b15783404d164d7d519a0f08b115 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maurice=20Preu=C3=9F=20=28envoyr=29?= Date: Wed, 7 Jun 2023 20:51:53 +0200 Subject: [PATCH 30/87] update backups MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Maurice Preuß (envoyr) --- admin_backups.php | 86 +++++- install/updates/froxlor/update_2.1.inc.php | 8 +- lib/Froxlor/Api/Commands/BackupStorages.php | 256 ++++++++++++++++++ .../formfield.backup_storage_add.php | 90 ++++++ .../formfield.backup_storage_edit.php | 97 +++++++ .../admin/backup_storages/index.html | 0 .../admin/backups/formfield.backups_add.php | 2 +- .../backups/formfield.backups_restore.php | 2 +- .../admin/tablelisting.backup_storages.php | 129 +++++++++ .../admin/tablelisting.backups.php | 4 +- lib/tables.inc.php | 1 + 11 files changed, 666 insertions(+), 9 deletions(-) create mode 100644 lib/Froxlor/Api/Commands/BackupStorages.php create mode 100644 lib/formfields/admin/backup_storages/formfield.backup_storage_add.php create mode 100644 lib/formfields/admin/backup_storages/formfield.backup_storage_edit.php create mode 100644 lib/formfields/admin/backup_storages/index.html create mode 100644 lib/tablelisting/admin/tablelisting.backup_storages.php diff --git a/admin_backups.php b/admin_backups.php index d34933f0..8c7f29df 100644 --- a/admin_backups.php +++ b/admin_backups.php @@ -27,6 +27,7 @@ const AREA = 'admin'; require __DIR__ . '/lib/init.php'; use Froxlor\Api\Commands\Backups; +use Froxlor\Api\Commands\BackupStorages; use Froxlor\FroxlorLogger; use Froxlor\UI\Collection; use Froxlor\UI\Listing; @@ -36,7 +37,7 @@ use Froxlor\UI\Response; $id = (int)Request::any('id'); -if (($page == 'admins' || $page == 'overview') && $userinfo['change_serversettings'] == '1') { +if (($page == 'backups' || $page == 'overview') && $userinfo['change_serversettings'] == '1') { if ($action == '') { $log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "viewed admin_backups"); @@ -60,6 +61,12 @@ if (($page == 'admins' || $page == 'overview') && $userinfo['change_serversettin 'label' => lng('admin.backups_restore'), 'icon' => 'fa-solid fa-file-import', 'class' => 'btn-outline-secondary' + ], + [ + 'href' => $linker->getLink(['section' => 'backups', 'page' => 'storages']), + 'label' => lng('admin.backup_storages'), + 'icon' => 'fa-solid fa-hard-drive', + 'class' => 'btn-outline-secondary' ] ] ]); @@ -72,4 +79,81 @@ if (($page == 'admins' || $page == 'overview') && $userinfo['change_serversettin } elseif ($action == 'restore') { } +} else if ($page == 'storages' && $userinfo['change_serversettings'] == '1') { + if ($action == '') { + $log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "viewed admin_backup_storage"); + + try { + $admin_list_data = include_once dirname(__FILE__) . '/lib/tablelisting/admin/tablelisting.backup_storages.php'; + $collection = (new Collection(BackupStorages::class, $userinfo)) + ->withPagination($admin_list_data['backup_storages_list']['columns'], $admin_list_data['backup_storages_list']['default_sorting']); + } catch (Exception $e) { + Response::dynamicError($e->getMessage()); + } + + UI::view('user/table.html.twig', [ + 'listing' => Listing::format($collection, $admin_list_data, 'backup_storages_list'), + 'actions_links' => [ + [ + 'href' => $linker->getLink(['section' => 'backups', 'page' => 'backups']), + 'label' => lng('admin.backups'), + 'icon' => 'fa-solid fa-reply' + ], + [ + 'href' => $linker->getLink(['section' => 'backups', 'page' => $page, 'action' => 'add']), + 'label' => lng('admin.backup_storage_add') + ] + ] + ]); + } elseif ($action == 'delete' && $id != 0) { + + } elseif ($action == 'add') { + if (isset($_POST['send']) && $_POST['send'] == 'send') { + try { + BackupStorages::getLocal($userinfo, $_POST)->add(); + } catch (Exception $e) { + Response::dynamicError($e->getMessage()); + } + Response::redirectTo($filename, [ + 'page' => $page + ]); + } else { + $admin_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/backup_storages/formfield.backup_storage_add.php'; + + UI::view('user/form.html.twig', [ + 'formaction' => $linker->getLink(['section' => 'backups']), + 'formdata' => $admin_add_data['backup_storage_add'] + ]); + } + } elseif ($action == 'edit' && $id != 0) { + try { + $json_result = BackupStorages::getLocal($userinfo, [ + 'id' => $id + ])->get(); + } catch (Exception $e) { + Response::dynamicError($e->getMessage()); + } + $result = json_decode($json_result, true)['data']; + + if ($result['id'] != '') { + if (isset($_POST['send']) && $_POST['send'] == 'send') { + try { + BackupStorages::getLocal($userinfo, $_POST)->update(); + } catch (Exception $e) { + Response::dynamicError($e->getMessage()); + } + Response::redirectTo($filename, [ + 'page' => $page + ]); + } else { + $backup_storage_edit_data = include_once dirname(__FILE__) . '/lib/formfields/admin/backup_storages/formfield.backup_storage_edit.php'; + + UI::view('user/form.html.twig', [ + 'formaction' => $linker->getLink(['section' => 'backups', 'id' => $id]), + 'formdata' => $backup_storage_edit_data['backup_storage_edit'], + 'editid' => $id + ]); + } + } + } } diff --git a/install/updates/froxlor/update_2.1.inc.php b/install/updates/froxlor/update_2.1.inc.php index 6d304094..f19b2d7f 100644 --- a/install/updates/froxlor/update_2.1.inc.php +++ b/install/updates/froxlor/update_2.1.inc.php @@ -63,8 +63,8 @@ if (Froxlor::isDatabaseVersion('202304260')) { } Update::showUpdateStep("Creating new tables and fields for backups"); - Database::query("DROP TABLE IF EXISTS `panel_backup_storages`;"); - $sql = "CREATE TABLE `panel_backup_storages` ( + Database::query("DROP TABLE IF EXISTS `". TABLE_PANEL_BACKUP_STORAGES ."`;"); + $sql = "CREATE TABLE `". TABLE_PANEL_BACKUP_STORAGES ."` ( `id` int(11) NOT NULL AUTO_INCREMENT, `description` varchar(255) NOT NULL, `type` varchar(255) NOT NULL DEFAULT 'local', @@ -83,8 +83,8 @@ if (Froxlor::isDatabaseVersion('202304260')) { INSERT INTO `panel_backup_storages` (`id`, `description`, `destination_path`) VALUES (1, 'Local backup storage', '/var/customers/backups'); "); - Database::query("DROP TABLE IF EXISTS `panel_backups`;"); - $sql = "CREATE TABLE `panel_backups` ( + Database::query("DROP TABLE IF EXISTS `". TABLE_PANEL_BACKUPS ."`;"); + $sql = "CREATE TABLE `". TABLE_PANEL_BACKUPS ."` ( `id` int(11) NOT NULL AUTO_INCREMENT, `adminid` int(11) NOT NULL, `customerid` int(11) NOT NULL, diff --git a/lib/Froxlor/Api/Commands/BackupStorages.php b/lib/Froxlor/Api/Commands/BackupStorages.php new file mode 100644 index 00000000..6cb1ccb5 --- /dev/null +++ b/lib/Froxlor/Api/Commands/BackupStorages.php @@ -0,0 +1,256 @@ + + * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 + */ + +namespace Froxlor\Api\Commands; + +use Exception; +use Froxlor\Api\ApiCommand; +use Froxlor\Api\ResourceEntity; +use Froxlor\Database\Database; +use Froxlor\FileDir; +use Froxlor\FroxlorLogger; +use Froxlor\UI\Response; +use Froxlor\Validate\Validate; +use PDO; + +/** + * @since 2.1.0 + */ +class BackupStorages extends ApiCommand implements ResourceEntity +{ + /** + * lists all backup storages entries + * + * @param array $sql_search + * optional array with index = fieldname, and value = array with 'op' => operator (one of <, > or =), + * LIKE is used if left empty and 'value' => searchvalue + * @param int $sql_limit + * optional specify number of results to be returned + * @param int $sql_offset + * optional specify offset for resultset + * @param array $sql_orderby + * optional array with index = fieldname and value = ASC|DESC to order the resultset by one or more + * fields + * + * @access admin + * @return string json-encoded array count|list + * @throws Exception + */ + public function listing() + { + if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) { + $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list backups"); + $query_fields = []; + $result_stmt = Database::prepare(" + SELECT * FROM `" . TABLE_PANEL_BACKUP_STORAGES . "` + "); + Database::pexecute($result_stmt, $query_fields, true, true); + $result = []; + while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) { + $result[] = $row; + } + return $this->response([ + 'count' => count($result), + 'list' => $result + ]); + } + throw new Exception("Not allowed to execute given command.", 403); + } + + /** + * returns the total number of backup storages + * + * @access admin + * @return string json-encoded response message + * @throws Exception + */ + public function listingCount() + { + if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) { + $result_stmt = Database::prepare(" + SELECT COUNT(*) as num_backup_storagess + FROM `" . TABLE_PANEL_BACKUP_STORAGES . "` + "); + $result = Database::pexecute_first($result_stmt, null, true, true); + if ($result) { + return $this->response($result['num_backup_storagess']); + } + $this->response(0); + } + throw new Exception("Not allowed to execute given command.", 403); + } + + /** + * create a backup storage by given id + * + * @param string $name + * + * @access admin + * @return string json-encoded array + * @throws Exception + */ + public function add() + { + if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) { + // + } + throw new Exception("Not allowed to execute given command.", 403); + } + + /** + * return an admin entry by id + * + * @param int $id + * optional, the backup-storage-id + * + * @access admin + * @return string json-encoded array + * @throws Exception + */ + public function get() + { + $id = $this->getParam('id'); + + if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) { + $result_stmt = Database::prepare(" + SELECT * FROM `" . TABLE_PANEL_BACKUP_STORAGES . "` + WHERE `id` = :id" + ); + $params = [ + 'id' => $id + ]; + $result = Database::pexecute_first($result_stmt, $params, true, true); + if ($result) { + $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] get backup storage for '" . $result['id'] . "'"); + return $this->response($result); + } + throw new Exception("Backup storage with " . $id . " could not be found", 404); + } + throw new Exception("Not allowed to execute given command.", 403); + } + + /** + * update a backup storage by given id + * + * @param int $id + * required, the backup-storage-id + * + * @access admin + * @return string json-encoded array + * @throws Exception + */ + public function update() + { + $id = $this->getParam('id'); + + if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) { + // validation + $result = $this->apiCall('BackupStorages.get', [ + 'id' => $id + ]); + + // parameters + $description = $this->getParam('description', true, $result['description']); + $type = $this->getParam('type', true, $result['type']); + $region = $this->getParam('region', true, $result['region']); + $bucket = $this->getParam('bucket', true, $result['bucket']); + $destination_path = $this->getParam('destination_path', true, $result['destination_path']); + $hostname = $this->getParam('hostname', true, $result['hostname']); + $username = $this->getParam('username', true, $result['username']); + $password = $this->getParam('password', true, 'password'); + $pgp_public_key = $this->getParam('pgp_public_key', true, $result['pgp_public_key']); + $retention = $this->getParam('retention', true, $result['retention']); + + // validation + $destination_path = FileDir::makeCorrectDir(Validate::validate($destination_path, 'destination_path', Validate::REGEX_DIR, '', [], true)); + + // pgp public key validation + if (!empty($pgp_public_key)) { + // check if gnupg extension is loaded + if (!extension_loaded('gnupg')) { + Response::standardError('gnupgextensionnotavailable', '', true); + } + // check if the pgp public key is a valid key + putenv('GNUPGHOME='.sys_get_temp_dir()); + if (gnupg_import(gnupg_init(), $pgp_public_key) === false) { + Response::standardError('invalidpgppublickey', '', true); + } + } + + // update + $stmt = Database::prepare(" + UPDATE `" . TABLE_PANEL_BACKUP_STORAGES . "` + SET `description` = :description, + `type` = :type, + `region` = :region, + `bucket` = :bucket, + `destination_path` = :destination_path, + `hostname` = :hostname, + `username` = :username, + `password` = :password, + `pgp_public_key` = :pgp_public_key, + `retention` = :retention + WHERE `id` = :id + "); + $params = [ + "id" => $id, + "description" => $description, + "type" => $type, + "region" => $region, + "bucket" => $bucket, + "destination_path" => $destination_path, + "hostname" => $hostname, + "username" => $username, + "password" => $password, + "pgp_public_key" => $pgp_public_key, + "retention" => $retention, + ]; + Database::pexecute($stmt, $params, true, true); + $this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] edited backup storage for '" . $result['id'] . "'"); + + // return + $result = $this->apiCall('BackupStorages.get', [ + 'id' => $id + ]); + return $this->response($result); + } + throw new Exception("Not allowed to execute given command.", 403); + } + + /** + * delete a backup-storage entry by either id + * + * @param int $id + * required, the backup-storage-id + * + * @access admin + * @return string json-encoded array + * @throws Exception + */ + public function delete() + { + throw new Exception("Not allowed to execute given command.", 403); + } +} diff --git a/lib/formfields/admin/backup_storages/formfield.backup_storage_add.php b/lib/formfields/admin/backup_storages/formfield.backup_storage_add.php new file mode 100644 index 00000000..a9a51647 --- /dev/null +++ b/lib/formfields/admin/backup_storages/formfield.backup_storage_add.php @@ -0,0 +1,90 @@ + + * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 + */ + +use Froxlor\Settings; + +return [ + 'backup_storage_add' => [ + 'title' => lng('backups.backup_storage_add'), + 'image' => 'fa-solid fa-file-archive', + 'self_overview' => ['section' => 'backups', 'page' => 'storages'], + 'sections' => [ + 'section_a' => [ + 'title' => lng('backup.backup_storage_create'), + 'fields' => [ + 'description' => [ + 'label' => lng('backup.backup_storage.description'), + 'type' => 'text' + ], + 'type' => [ + 'label' => lng('backup.backup_storage.type'), + 'type' => 'select', + 'selected' => 'local', + 'select_var' => [ + 'local' => lng('backup.backup_storage.type_local'), + 'ftp' => lng('backup.backup_storage.type_ftp'), + 'sftp' => lng('backup.backup_storage.type_sftp'), + 'rsync' => lng('backup.backup_storage.type_rsync'), + 's3' => lng('backup.backup_storage.type_s3'), + ] + ], + 'region' => [ + 'label' => lng('backup.backup_storage.region'), + 'type' => 'text' + ], + 'bucket' => [ + 'label' => lng('backup.backup_storage.bucket'), + 'type' => 'text' + ], + 'destination_path' => [ + 'label' => lng('backup.backup_storage.destination_path'), + 'type' => 'text' + ], + 'hostname' => [ + 'label' => lng('backup.backup_storage.hostname'), + 'type' => 'text' + ], + 'username' => [ + 'label' => lng('backup.backup_storage.username'), + 'type' => 'text' + ], + 'password' => [ + 'label' => lng('backup.backup_storage.password'), + 'type' => 'text' + ], + 'pgp_public_key' => [ + 'label' => lng('backup.backup_storage.pgp_public_key'), + 'type' => 'textarea', + ], + 'retention' => [ + 'label' => lng('backup.backup_storage.retention'), + 'type' => 'number', + 'min' => 0, + ] + ] + ] + ] + ], +]; diff --git a/lib/formfields/admin/backup_storages/formfield.backup_storage_edit.php b/lib/formfields/admin/backup_storages/formfield.backup_storage_edit.php new file mode 100644 index 00000000..ac283615 --- /dev/null +++ b/lib/formfields/admin/backup_storages/formfield.backup_storage_edit.php @@ -0,0 +1,97 @@ + + * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 + */ + +return [ + 'backup_storage_edit' => [ + 'title' => lng('backups.backup_storage_edit'), + 'image' => 'fa-solid fa-file-archive', + 'self_overview' => ['section' => 'backups', 'page' => 'storages'], + 'sections' => [ + 'section_a' => [ + 'title' => lng('backup.backup_storage_edit'), + 'fields' => [ + 'description' => [ + 'label' => lng('backup.backup_storage.description'), + 'type' => 'text', + 'value' => $result['description'] + ], + 'type' => [ + 'label' => lng('backup.backup_storage.type'), + 'type' => 'select', + 'selected' => $result['type'], + 'select_var' => [ + 'local' => lng('backup.backup_storage.type_local'), + 'ftp' => lng('backup.backup_storage.type_ftp'), + 'sftp' => lng('backup.backup_storage.type_sftp'), + 'rsync' => lng('backup.backup_storage.type_rsync'), + 's3' => lng('backup.backup_storage.type_s3'), + ] + ], + 'region' => [ + 'label' => lng('backup.backup_storage.region'), + 'type' => 'text', + 'value' => $result['region'] + ], + 'bucket' => [ + 'label' => lng('backup.backup_storage.bucket'), + 'type' => 'text', + 'value' => $result['bucket'] + ], + 'destination_path' => [ + 'label' => lng('backup.backup_storage.destination_path'), + 'type' => 'text', + 'value' => $result['destination_path'] + ], + 'hostname' => [ + 'label' => lng('backup.backup_storage.hostname'), + 'type' => 'text', + 'value' => $result['hostname'] + ], + 'username' => [ + 'label' => lng('backup.backup_storage.username'), + 'type' => 'text', + 'value' => $result['username'] + ], + 'password' => [ + 'label' => lng('backup.backup_storage.password'), + 'type' => 'password', + 'autocomplete' => 'off' + ], + 'pgp_public_key' => [ + 'label' => lng('backup.backup_storage.pgp_public_key'), + 'type' => 'textarea', + 'value' => $result['pgp_public_key'] + ], + 'retention' => [ + 'label' => lng('backup.backup_storage.retention'), + 'type' => 'number', + 'min' => 0, + 'value' => $result['retention'] + ] + ] + ] + ] + ], +]; diff --git a/lib/formfields/admin/backup_storages/index.html b/lib/formfields/admin/backup_storages/index.html new file mode 100644 index 00000000..e69de29b diff --git a/lib/formfields/admin/backups/formfield.backups_add.php b/lib/formfields/admin/backups/formfield.backups_add.php index 2b2546ab..9aba2c5d 100644 --- a/lib/formfields/admin/backups/formfield.backups_add.php +++ b/lib/formfields/admin/backups/formfield.backups_add.php @@ -27,7 +27,7 @@ return [ 'backups_add' => [ 'title' => lng('backups.backups_add'), 'image' => 'fa-solid fa-file-archive', - 'self_overview' => ['section' => 'backups', 'page' => 'backups'], + 'self_overview' => ['section' => 'backups', 'page' => 'storages'], 'sections' => [] ], ]; diff --git a/lib/formfields/admin/backups/formfield.backups_restore.php b/lib/formfields/admin/backups/formfield.backups_restore.php index f146bdec..36b13fcf 100644 --- a/lib/formfields/admin/backups/formfield.backups_restore.php +++ b/lib/formfields/admin/backups/formfield.backups_restore.php @@ -27,7 +27,7 @@ return [ 'backups_restore' => [ 'title' => lng('backups.backups_restore'), 'image' => 'fa-solid fa-file-archive', - 'self_overview' => ['section' => 'backups', 'page' => 'backups'], + 'self_overview' => ['section' => 'backups', 'page' => 'storages'], 'sections' => [] ], ]; diff --git a/lib/tablelisting/admin/tablelisting.backup_storages.php b/lib/tablelisting/admin/tablelisting.backup_storages.php new file mode 100644 index 00000000..b0811ec8 --- /dev/null +++ b/lib/tablelisting/admin/tablelisting.backup_storages.php @@ -0,0 +1,129 @@ + + * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 + */ + +use Froxlor\UI\Callbacks\Admin; +use Froxlor\UI\Callbacks\Customer; +use Froxlor\UI\Callbacks\Impersonate; +use Froxlor\UI\Callbacks\ProgressBar; +use Froxlor\UI\Callbacks\Style; +use Froxlor\UI\Callbacks\Text; +use Froxlor\UI\Listing; + +return [ + 'backup_storages_list' => [ + 'title' => lng('backup.backup_storages.list'), + 'icon' => 'fa-solid fa-file-archive', + 'self_overview' => ['section' => 'backups', 'page' => 'storages'], + 'default_sorting' => ['loginname' => 'asc'], + 'columns' => [ + 'id' => [ + 'label' => 'ID', + 'field' => 'id', + 'sortable' => true, + ], + 'description' => [ + 'label' => lng('description'), + 'field' => 'description', + 'sortable' => true, + ], + 'type' => [ + 'label' => lng('type'), + 'field' => 'type', + 'sortable' => true, + ], + 'region' => [ + 'label' => lng('region'), + 'field' => 'region', + 'sortable' => true, + ], + 'bucket' => [ + 'label' => lng('bucket'), + 'field' => 'bucket', + 'sortable' => true, + ], + 'destination_path' => [ + 'label' => lng('destination_path'), + 'field' => 'destination_path', + 'sortable' => true, + ], + 'hostname' => [ + 'label' => lng('hostname'), + 'field' => 'hostname', + 'sortable' => true, + ], + 'username' => [ + 'label' => lng('username'), + 'field' => 'username', + 'sortable' => true, + ], + 'retention' => [ + 'label' => lng('retention'), + 'field' => 'retention', + 'sortable' => true, + ], + ], + 'visible_columns' => Listing::getVisibleColumnsForListing('admin_list', [ + 'id', + 'description', + 'type', + 'retention', + ]), + 'actions' => [ + 'show' => [ + 'icon' => 'fa-solid fa-eye', + 'title' => lng('usersettings.custom_notes.title'), + 'modal' => [Text::class, 'customerNoteDetailModal'], + 'visible' => [Customer::class, 'hasNote'] + ], + 'edit' => [ + 'icon' => 'fa-solid fa-edit', + 'title' => lng('panel.edit'), + 'href' => [ + 'section' => 'backups', + 'page' => 'storages', + 'action' => 'edit', + 'id' => ':id' + ], + ], + 'delete' => [ + 'icon' => 'fa-solid fa-trash', + 'title' => lng('panel.delete'), + 'class' => 'btn-danger', + 'href' => [ + 'section' => 'backups', + 'page' => 'storages', + 'action' => 'delete', + 'id' => ':id' + ], + 'visible' => [Admin::class, 'isNotMe'] + ], + ], + 'format_callback' => [ + [Style::class, 'deactivated'], + [Style::class, 'diskspaceWarning'], + [Style::class, 'trafficWarning'] + ] + ] +]; diff --git a/lib/tablelisting/admin/tablelisting.backups.php b/lib/tablelisting/admin/tablelisting.backups.php index b5b2b20e..96db9d1d 100644 --- a/lib/tablelisting/admin/tablelisting.backups.php +++ b/lib/tablelisting/admin/tablelisting.backups.php @@ -95,7 +95,7 @@ return [ 'title' => lng('panel.edit'), 'href' => [ 'section' => 'backups', - 'page' => 'backups', + 'page' => 'storages', 'action' => 'edit', 'id' => ':id' ], @@ -106,7 +106,7 @@ return [ 'class' => 'btn-danger', 'href' => [ 'section' => 'backups', - 'page' => 'backups', + 'page' => 'storages', 'action' => 'delete', 'id' => ':id' ], diff --git a/lib/tables.inc.php b/lib/tables.inc.php index f385091d..2e8d1fa9 100644 --- a/lib/tables.inc.php +++ b/lib/tables.inc.php @@ -33,6 +33,7 @@ const TABLE_MAIL_VIRTUAL = 'mail_virtual'; const TABLE_PANEL_ACTIVATION = 'panel_activation'; const TABLE_PANEL_ADMINS = 'panel_admins'; const TABLE_PANEL_BACKUPS = 'panel_backups'; +const TABLE_PANEL_BACKUP_STORAGES = 'panel_backup_storages'; const TABLE_PANEL_CUSTOMERS = 'panel_customers'; const TABLE_PANEL_DATABASES = 'panel_databases'; const TABLE_PANEL_DOMAINS = 'panel_domains'; From 6f5e49de795e26b5c94366baf3a44df34dfba6bb Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Wed, 7 Jun 2023 20:57:58 +0200 Subject: [PATCH 31/87] integrate backup/access_backup fields into Customers Signed-off-by: Michael Kaufmann --- admin_customers.php | 41 ++++++++++++ install/froxlor.sql.php | 11 +-- lib/Froxlor/Api/Commands/Customers.php | 67 +++++++++++++++++-- lib/Froxlor/UI/Callbacks/Backup.php | 50 ++++++++++++++ .../admin/customer/formfield.customer_add.php | 17 ++++- .../customer/formfield.customer_edit.php | 17 ++++- lib/navigation/00.froxlor.main.php | 3 +- .../admin/tablelisting.customers.php | 15 +++++ 8 files changed, 205 insertions(+), 16 deletions(-) create mode 100644 lib/Froxlor/UI/Callbacks/Backup.php diff --git a/admin_customers.php b/admin_customers.php index 4a403a79..ae4f434a 100644 --- a/admin_customers.php +++ b/admin_customers.php @@ -27,6 +27,7 @@ const AREA = 'admin'; require __DIR__ . '/lib/init.php'; use Froxlor\Api\Commands\Admins; +use Froxlor\Api\Commands\BackupStorages; use Froxlor\Api\Commands\Customers; use Froxlor\Api\Commands\MysqlServer; use Froxlor\CurrentUser; @@ -224,6 +225,26 @@ if (($page == 'customers' || $page == 'overview') && $userinfo['customers'] != ' $hosting_plans[$row['id']] = $row['name']; } + // backup storages + $backup_storages = []; + if (Settings::Get('backup.enabled') == '1' && $userinfo['change_serversettings'] == '1') { + $backup_storages = [ + 0 => lng('backup.storage_none') + ]; + try { + $result_json = BackupStorages::getLocal($userinfo)->listing(); + $result_decoded = json_decode($result_json, true)['data']['list']; + foreach ($result_decoded as $storagedata) { + $backup_storages[] = [ + 'label' => $storagedata['description'] . '(' . $storagedata['type'] . ')', + 'value' => $storagedata['id'] + ]; + } + } catch (Exception $e) { + /* just none */ + } + } + $customer_add_data = include_once dirname(__FILE__) . '/lib/formfields/admin/customer/formfield.customer_add.php'; UI::view('user/form.html.twig', [ @@ -306,6 +327,26 @@ if (($page == 'customers' || $page == 'overview') && $userinfo['customers'] != ' $hosting_plans[$row['id']] = $row['name']; } + // backup storages + $backup_storages = []; + if (Settings::Get('backup.enabled') == '1' && $userinfo['change_serversettings'] == '1') { + $backup_storages = [ + 0 => lng('backup.storage_none') + ]; + try { + $result_json = BackupStorages::getLocal($userinfo)->listing(); + $result_decoded = json_decode($result_json, true)['data']['list']; + foreach ($result_decoded as $storagedata) { + $backup_storages[] = [ + 'label' => $storagedata['description'] . '(' . $storagedata['type'] . ')', + 'value' => $storagedata['id'] + ]; + } + } catch (Exception $e) { + /* just none */ + } + } + $available_admins_stmt = Database::prepare(" SELECT * FROM `" . TABLE_PANEL_ADMINS . "` WHERE (`customers` = '-1' OR `customers` > `customers_used`) diff --git a/install/froxlor.sql.php b/install/froxlor.sql.php index 1b5e4ea6..61b7a58f 100644 --- a/install/froxlor.sql.php +++ b/install/froxlor.sql.php @@ -703,15 +703,8 @@ opcache.validate_timestamps'), ('system', 'req_limit_per_interval', 60), ('system', 'req_limit_interval', 60), ('backup', 'enabled', 0), - ('backup', 'type', 'Local'), - ('backup', 'region', ''), - ('backup', 'bucket', ''), - ('backup', 'destination_path', '/srv/backups/'), - ('backup', 'hostname', ''), - ('backup', 'username', ''), - ('backup', 'password', ''), - ('backup', 'pgp_public_key', ''), - ('backup', 'retention', '3'), + ('backup', 'default_storage', '1'), + ('backup', 'default_customer_access', '1'), ('api', 'enabled', '0'), ('api', 'customer_default', '1'), ('2fa', 'enabled', '1'), diff --git a/lib/Froxlor/Api/Commands/Customers.php b/lib/Froxlor/Api/Commands/Customers.php index b6ac3c89..20105077 100644 --- a/lib/Froxlor/Api/Commands/Customers.php +++ b/lib/Froxlor/Api/Commands/Customers.php @@ -274,6 +274,13 @@ class Customers extends ApiCommand implements ResourceEntity * @param array $allowed_mysqlserver * optional, array of IDs of defined mysql-servers the customer is allowed to use, * default is to allow the default dbserver (id=0) + * @param int $backup + * optional, either 0 to disable backup for this customer or a backup-storage-id + * where backups are to be stored, requires change_serversettings permissions, + * default is system-setting backup.default_storage + * @param bool $access_backup + * optional, where the customer is allowed to view backups, default is system-setting + * default_customer_access * * @access admin * @return string json-encoded array @@ -360,6 +367,24 @@ class Customers extends ApiCommand implements ResourceEntity $p_allowed_mysqlserver = []; } + if ($this->getUserDetail('change_serversettings')) { + $backup = $this->getParam('backup', true, Settings::Get('backup.default_storage')); + if ($backup > 0) { + try { + $this->apiCall('BackupStorages.get', [ + 'id' => $backup + ]); + } catch (Exception $e) { + // not found or other issue, set default + $backup = Settings::Get('backup.default_storage'); + } + } + $access_backup = $this->getBoolParam('access_backup', true, Settings::Get('backup.default_customer_access')); + } else { + $backup = Settings::Get('backup.default_storage'); + $access_backup = Settings::Get('backup.default_customer_access'); + } + // validation $name = Validate::validate($name, 'name', Validate::REGEX_DESC_TEXT, '', [], true); $firstname = Validate::validate($firstname, 'first name', Validate::REGEX_DESC_TEXT, '', [], true); @@ -534,7 +559,9 @@ class Customers extends ApiCommand implements ResourceEntity 'theme' => $_theme, 'custom_notes' => $custom_notes, 'custom_notes_show' => $custom_notes_show, - 'allowed_mysqlserver' => empty($allowed_mysqlserver) ? "" : json_encode($allowed_mysqlserver) + 'allowed_mysqlserver' => empty($allowed_mysqlserver) ? "" : json_encode($allowed_mysqlserver), + 'backup' => $backup, + 'access_backup' => $access_backup ]; $ins_stmt = Database::prepare(" @@ -577,7 +604,9 @@ class Customers extends ApiCommand implements ResourceEntity `theme` = :theme, `custom_notes` = :custom_notes, `custom_notes_show` = :custom_notes_show, - `allowed_mysqlserver`= :allowed_mysqlserver + `allowed_mysqlserver`= :allowed_mysqlserver, + `backup` = :backup, + `access_backup` = :access_backup "); Database::pexecute($ins_stmt, $ins_data, true, true); @@ -1025,6 +1054,13 @@ class Customers extends ApiCommand implements ResourceEntity * @param array $allowed_mysqlserver * optional, array of IDs of defined mysql-servers the customer is allowed to use, * default is to allow the default dbserver (id=0) + * @param int $backup + * optional, either 0 to disable backup for this customer or a backup-storage-id + * where backups are to be stored, requires change_serversettings permissions, + * default is system-setting backup.default_storage + * @param bool $access_backup + * optional, where the customer is allowed to view backups, default is system-setting + * default_customer_access * * @access admin, customer * @return string json-encoded array @@ -1086,6 +1122,24 @@ class Customers extends ApiCommand implements ResourceEntity $deactivated = $this->getBoolParam('deactivated', true, $result['deactivated']); $theme = $this->getParam('theme', true, $result['theme']); $allowed_mysqlserver = $this->getParam('allowed_mysqlserver', true, json_decode($result['allowed_mysqlserver'], true)); + + if ($this->isAdmin() && $this->getUserDetail('change_serversettings')) { + $backup = $this->getParam('backup', true, $result['backup']); + if ($backup > 0) { + try { + $this->apiCall('BackupStorages.get', [ + 'id' => $backup + ]); + } catch (Exception $e) { + // not found or other issue, dont update + $backup = $result['backup']; + } + } + $access_backup = $this->getBoolParam('access_backup', true, Settings::Get('backup.default_customer_access')); + } else { + $backup = $result['backup']; + $access_backup = $result['access_backup']; + } } else { // allowed parameters $def_language = $this->getParam('def_language', true, $result['def_language']); @@ -1118,6 +1172,7 @@ class Customers extends ApiCommand implements ResourceEntity if (! empty($allowed_mysqlserver)) { $allowed_mysqlserver = array_map('intval', $allowed_mysqlserver); } + } $def_language = Validate::validate($def_language, 'default language', '', '', [], true); $theme = Validate::validate($theme, 'theme', '', '', [], true); @@ -1390,7 +1445,9 @@ class Customers extends ApiCommand implements ResourceEntity 'custom_notes' => $custom_notes, 'custom_notes_show' => $custom_notes_show, 'api_allowed' => $api_allowed, - 'allowed_mysqlserver' => empty($allowed_mysqlserver) ? "" : json_encode($allowed_mysqlserver) + 'allowed_mysqlserver' => empty($allowed_mysqlserver) ? "" : json_encode($allowed_mysqlserver), + 'backup' => $backup, + 'access_backup' => $access_backup ]; $upd_data += $admin_upd_data; } @@ -1433,7 +1490,9 @@ class Customers extends ApiCommand implements ResourceEntity `custom_notes` = :custom_notes, `custom_notes_show` = :custom_notes_show, `api_allowed` = :api_allowed, - `allowed_mysqlserver` = :allowed_mysqlserver"; + `allowed_mysqlserver` = :allowed_mysqlserver, + `backup`= :backup, + `access_backup` = :access_backup"; $upd_query .= $admin_upd_query; } $upd_query .= " WHERE `customerid` = :customerid"; diff --git a/lib/Froxlor/UI/Callbacks/Backup.php b/lib/Froxlor/UI/Callbacks/Backup.php new file mode 100644 index 00000000..035da2f5 --- /dev/null +++ b/lib/Froxlor/UI/Callbacks/Backup.php @@ -0,0 +1,50 @@ + + * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 + */ + +namespace Froxlor\UI\Callbacks; + +use Froxlor\Database\Database; +use Froxlor\UI\Panel\UI; + +class Backup +{ + public static function backupStorageLink(array $attributes) + { + $sel_stmt = Database::prepare("SELECT `description` FROM `" . TABLE_PANEL_BACKUPSTORAGES . "` WHERE `id` = :id"); + $backupstorage = Database::pexecute_first($sel_stmt, ['id' => $attributes['data']]); + if ((int)UI::getCurrentUser()['adminsession'] == 1 && UI::getCurrentUser()['change_serversettings']) { + $linker = UI::getLinker(); + $result = '' . $backupstorage['description'] . ''; + } else { + $result = $backupstorage['description']; + } + return $result; + } +} diff --git a/lib/formfields/admin/customer/formfield.customer_add.php b/lib/formfields/admin/customer/formfield.customer_add.php index 53bb2c76..9afef260 100644 --- a/lib/formfields/admin/customer/formfield.customer_add.php +++ b/lib/formfields/admin/customer/formfield.customer_add.php @@ -89,7 +89,22 @@ return [ 'value' => '1', 'checked' => Settings::Get('api.enabled') == '1' && Settings::Get('api.customer_default'), 'visible' => Settings::Get('api.enabled') == '1' - ] + ], + 'backup' => [ + 'label' => lng('backup.backup_storage.title'), + 'desc' => lng('backup.backup_storage.description'), + 'type' => 'select', + 'select_var' => $backup_storages, + 'selected' => Settings::Get('backup.default_storage'), + 'visible' => Settings::Get('backup.enabled') == '1' && $userinfo['change_serversettings'] == '1' + ], + 'access_backup' => [ + 'label' => lng('backup.access_backup'), + 'type' => 'checkbox', + 'value' => '1', + 'checked' => Settings::Get('backup.enabled') == '1' && Settings::Get('backup.default_customer_access'), + 'visible' => Settings::Get('backup.enabled') == '1' && ($userinfo['change_serversettings'] == '1' || Settings::Get('backup.default_customer_access')) + ], ] ], 'section_b' => [ diff --git a/lib/formfields/admin/customer/formfield.customer_edit.php b/lib/formfields/admin/customer/formfield.customer_edit.php index 72d94408..0f95330f 100644 --- a/lib/formfields/admin/customer/formfield.customer_edit.php +++ b/lib/formfields/admin/customer/formfield.customer_edit.php @@ -87,7 +87,22 @@ return [ 'value' => '1', 'checked' => $result['api_allowed'], 'visible' => Settings::Get('api.enabled') == '1' - ] + ], + 'backup' => [ + 'label' => lng('backup.backup_storage.title'), + 'desc' => lng('backup.backup_storage.description'), + 'type' => 'select', + 'select_var' => $backup_storages, + 'selected' => $result['backup'], + 'visible' => Settings::Get('backup.enabled') == '1' && $userinfo['change_serversettings'] == '1' + ], + 'access_backup' => [ + 'label' => lng('backup.access_backup'), + 'type' => 'checkbox', + 'value' => '1', + 'checked' => $result['access_backup'], + 'visible' => Settings::Get('backup.enabled') == '1' && ($userinfo['change_serversettings'] == '1' || Settings::Get('backup.default_customer_access')) + ], ] ], 'section_b' => [ diff --git a/lib/navigation/00.froxlor.main.php b/lib/navigation/00.froxlor.main.php index e27c22b1..70066626 100644 --- a/lib/navigation/00.froxlor.main.php +++ b/lib/navigation/00.froxlor.main.php @@ -266,7 +266,8 @@ return [ 'url' => 'admin_backups.php?page=overview', 'label' => lng('admin.backups.backups'), 'required_resources' => 'change_serversettings', - 'add_shortlink' => 'admin_backups.php?page=overview&action=add' + 'add_shortlink' => 'admin_backups.php?page=overview&action=add', + 'show_element' => (Settings::Get('backup.enabled') == true) ], [ 'url' => 'admin_logger.php?page=log', diff --git a/lib/tablelisting/admin/tablelisting.customers.php b/lib/tablelisting/admin/tablelisting.customers.php index bfe663ce..a3ca05c3 100644 --- a/lib/tablelisting/admin/tablelisting.customers.php +++ b/lib/tablelisting/admin/tablelisting.customers.php @@ -23,6 +23,7 @@ * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 */ +use Froxlor\UI\Callbacks\Backup; use Froxlor\UI\Callbacks\Customer; use Froxlor\UI\Callbacks\Impersonate; use Froxlor\UI\Callbacks\ProgressBar; @@ -149,6 +150,20 @@ return [ 'class' => 'text-center', 'callback' => [Text::class, 'boolean'], ], + 'c.backup' => [ + 'label' => lng('backup.backup_storage.title'), + 'field' => 'backup', + 'class' => 'text-center', + 'callback' => [Backup::class, 'backupStorageLink'], + 'visible' => (bool)Settings::Get('backup.enabled'), + ], + 'c.access_backup' => [ + 'label' => lng('backup.access_backup'), + 'field' => 'access_backup', + 'class' => 'text-center', + 'callback' => [Text::class, 'boolean'], + 'visible' => (bool)Settings::Get('backup.enabled'), + ], ], 'visible_columns' => Listing::getVisibleColumnsForListing('customer_list', [ 'c.name', From 1cf5865bba79dd8e76e5748a080655f67e7a4a24 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Wed, 7 Jun 2023 21:08:04 +0200 Subject: [PATCH 32/87] minor fixes in customer-backup-flags integration Signed-off-by: Michael Kaufmann --- admin_customers.php | 10 ++---- lib/Froxlor/UI/Callbacks/Backup.php | 2 +- .../admin/customer/formfield.customer_add.php | 32 +++++++++---------- .../customer/formfield.customer_edit.php | 32 +++++++++---------- .../admin/tablelisting.customers.php | 1 + 5 files changed, 36 insertions(+), 41 deletions(-) diff --git a/admin_customers.php b/admin_customers.php index ae4f434a..05f9656a 100644 --- a/admin_customers.php +++ b/admin_customers.php @@ -235,10 +235,7 @@ if (($page == 'customers' || $page == 'overview') && $userinfo['customers'] != ' $result_json = BackupStorages::getLocal($userinfo)->listing(); $result_decoded = json_decode($result_json, true)['data']['list']; foreach ($result_decoded as $storagedata) { - $backup_storages[] = [ - 'label' => $storagedata['description'] . '(' . $storagedata['type'] . ')', - 'value' => $storagedata['id'] - ]; + $backup_storages[$storagedata['id']] = $storagedata['description'] . ' (' . $storagedata['type'] . ')'; } } catch (Exception $e) { /* just none */ @@ -337,10 +334,7 @@ if (($page == 'customers' || $page == 'overview') && $userinfo['customers'] != ' $result_json = BackupStorages::getLocal($userinfo)->listing(); $result_decoded = json_decode($result_json, true)['data']['list']; foreach ($result_decoded as $storagedata) { - $backup_storages[] = [ - 'label' => $storagedata['description'] . '(' . $storagedata['type'] . ')', - 'value' => $storagedata['id'] - ]; + $backup_storages[$storagedata['id']] = $storagedata['description'] . ' (' . $storagedata['type'] . ')'; } } catch (Exception $e) { /* just none */ diff --git a/lib/Froxlor/UI/Callbacks/Backup.php b/lib/Froxlor/UI/Callbacks/Backup.php index 035da2f5..e4b1b217 100644 --- a/lib/Froxlor/UI/Callbacks/Backup.php +++ b/lib/Froxlor/UI/Callbacks/Backup.php @@ -32,7 +32,7 @@ class Backup { public static function backupStorageLink(array $attributes) { - $sel_stmt = Database::prepare("SELECT `description` FROM `" . TABLE_PANEL_BACKUPSTORAGES . "` WHERE `id` = :id"); + $sel_stmt = Database::prepare("SELECT `description` FROM `" . TABLE_PANEL_BACKUP_STORAGES . "` WHERE `id` = :id"); $backupstorage = Database::pexecute_first($sel_stmt, ['id' => $attributes['data']]); if ((int)UI::getCurrentUser()['adminsession'] == 1 && UI::getCurrentUser()['change_serversettings']) { $linker = UI::getLinker(); diff --git a/lib/formfields/admin/customer/formfield.customer_add.php b/lib/formfields/admin/customer/formfield.customer_add.php index 9afef260..5210307a 100644 --- a/lib/formfields/admin/customer/formfield.customer_add.php +++ b/lib/formfields/admin/customer/formfield.customer_add.php @@ -90,21 +90,6 @@ return [ 'checked' => Settings::Get('api.enabled') == '1' && Settings::Get('api.customer_default'), 'visible' => Settings::Get('api.enabled') == '1' ], - 'backup' => [ - 'label' => lng('backup.backup_storage.title'), - 'desc' => lng('backup.backup_storage.description'), - 'type' => 'select', - 'select_var' => $backup_storages, - 'selected' => Settings::Get('backup.default_storage'), - 'visible' => Settings::Get('backup.enabled') == '1' && $userinfo['change_serversettings'] == '1' - ], - 'access_backup' => [ - 'label' => lng('backup.access_backup'), - 'type' => 'checkbox', - 'value' => '1', - 'checked' => Settings::Get('backup.enabled') == '1' && Settings::Get('backup.default_customer_access'), - 'visible' => Settings::Get('backup.enabled') == '1' && ($userinfo['change_serversettings'] == '1' || Settings::Get('backup.default_customer_access')) - ], ] ], 'section_b' => [ @@ -321,7 +306,22 @@ return [ 'type' => 'checkbox', 'value' => '1', 'checked' => true - ] + ], + 'backup' => [ + 'label' => lng('backup.backup_storage.title'), + 'desc' => lng('backup.backup_storage.description'), + 'type' => 'select', + 'select_var' => $backup_storages, + 'selected' => Settings::Get('backup.default_storage'), + 'visible' => Settings::Get('backup.enabled') == '1' && $userinfo['change_serversettings'] == '1' + ], + 'access_backup' => [ + 'label' => lng('backup.access_backup'), + 'type' => 'checkbox', + 'value' => '1', + 'checked' => Settings::Get('backup.enabled') == '1' && Settings::Get('backup.default_customer_access'), + 'visible' => Settings::Get('backup.enabled') == '1' && ($userinfo['change_serversettings'] == '1' || Settings::Get('backup.default_customer_access')) + ], ] ] ] diff --git a/lib/formfields/admin/customer/formfield.customer_edit.php b/lib/formfields/admin/customer/formfield.customer_edit.php index 0f95330f..7ef5f62d 100644 --- a/lib/formfields/admin/customer/formfield.customer_edit.php +++ b/lib/formfields/admin/customer/formfield.customer_edit.php @@ -88,21 +88,6 @@ return [ 'checked' => $result['api_allowed'], 'visible' => Settings::Get('api.enabled') == '1' ], - 'backup' => [ - 'label' => lng('backup.backup_storage.title'), - 'desc' => lng('backup.backup_storage.description'), - 'type' => 'select', - 'select_var' => $backup_storages, - 'selected' => $result['backup'], - 'visible' => Settings::Get('backup.enabled') == '1' && $userinfo['change_serversettings'] == '1' - ], - 'access_backup' => [ - 'label' => lng('backup.access_backup'), - 'type' => 'checkbox', - 'value' => '1', - 'checked' => $result['access_backup'], - 'visible' => Settings::Get('backup.enabled') == '1' && ($userinfo['change_serversettings'] == '1' || Settings::Get('backup.default_customer_access')) - ], ] ], 'section_b' => [ @@ -329,7 +314,22 @@ return [ 'type' => 'checkbox', 'value' => '1', 'checked' => $result['logviewenabled'] - ] + ], + 'backup' => [ + 'label' => lng('backup.backup_storage.title'), + 'desc' => lng('backup.backup_storage.description'), + 'type' => 'select', + 'select_var' => $backup_storages, + 'selected' => $result['backup'], + 'visible' => Settings::Get('backup.enabled') == '1' && $userinfo['change_serversettings'] == '1' + ], + 'access_backup' => [ + 'label' => lng('backup.access_backup'), + 'type' => 'checkbox', + 'value' => '1', + 'checked' => $result['access_backup'], + 'visible' => Settings::Get('backup.enabled') == '1' && ($userinfo['change_serversettings'] == '1' || Settings::Get('backup.default_customer_access')) + ], ] ], 'section_d' => [ diff --git a/lib/tablelisting/admin/tablelisting.customers.php b/lib/tablelisting/admin/tablelisting.customers.php index a3ca05c3..f96b3273 100644 --- a/lib/tablelisting/admin/tablelisting.customers.php +++ b/lib/tablelisting/admin/tablelisting.customers.php @@ -23,6 +23,7 @@ * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 */ +use Froxlor\Settings; use Froxlor\UI\Callbacks\Backup; use Froxlor\UI\Callbacks\Customer; use Froxlor\UI\Callbacks\Impersonate; From c668c180d5ab91ed81cba662756144bf21c8168e Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Wed, 7 Jun 2023 21:14:01 +0200 Subject: [PATCH 33/87] fix access_backup*s* paramter name Signed-off-by: Michael Kaufmann --- lib/Froxlor/Api/Commands/Customers.php | 20 +++++++++---------- .../admin/customer/formfield.customer_add.php | 4 ++-- .../customer/formfield.customer_edit.php | 6 +++--- .../admin/tablelisting.customers.php | 6 +++--- 4 files changed, 18 insertions(+), 18 deletions(-) diff --git a/lib/Froxlor/Api/Commands/Customers.php b/lib/Froxlor/Api/Commands/Customers.php index 20105077..d299b462 100644 --- a/lib/Froxlor/Api/Commands/Customers.php +++ b/lib/Froxlor/Api/Commands/Customers.php @@ -278,7 +278,7 @@ class Customers extends ApiCommand implements ResourceEntity * optional, either 0 to disable backup for this customer or a backup-storage-id * where backups are to be stored, requires change_serversettings permissions, * default is system-setting backup.default_storage - * @param bool $access_backup + * @param bool $access_backups * optional, where the customer is allowed to view backups, default is system-setting * default_customer_access * @@ -379,10 +379,10 @@ class Customers extends ApiCommand implements ResourceEntity $backup = Settings::Get('backup.default_storage'); } } - $access_backup = $this->getBoolParam('access_backup', true, Settings::Get('backup.default_customer_access')); + $access_backups = $this->getBoolParam('access_backups', true, Settings::Get('backup.default_customer_access')); } else { $backup = Settings::Get('backup.default_storage'); - $access_backup = Settings::Get('backup.default_customer_access'); + $access_backups = Settings::Get('backup.default_customer_access'); } // validation @@ -561,7 +561,7 @@ class Customers extends ApiCommand implements ResourceEntity 'custom_notes_show' => $custom_notes_show, 'allowed_mysqlserver' => empty($allowed_mysqlserver) ? "" : json_encode($allowed_mysqlserver), 'backup' => $backup, - 'access_backup' => $access_backup + 'access_backups' => $access_backups ]; $ins_stmt = Database::prepare(" @@ -606,7 +606,7 @@ class Customers extends ApiCommand implements ResourceEntity `custom_notes_show` = :custom_notes_show, `allowed_mysqlserver`= :allowed_mysqlserver, `backup` = :backup, - `access_backup` = :access_backup + `access_backups` = :access_backups "); Database::pexecute($ins_stmt, $ins_data, true, true); @@ -1058,7 +1058,7 @@ class Customers extends ApiCommand implements ResourceEntity * optional, either 0 to disable backup for this customer or a backup-storage-id * where backups are to be stored, requires change_serversettings permissions, * default is system-setting backup.default_storage - * @param bool $access_backup + * @param bool $access_backups * optional, where the customer is allowed to view backups, default is system-setting * default_customer_access * @@ -1135,10 +1135,10 @@ class Customers extends ApiCommand implements ResourceEntity $backup = $result['backup']; } } - $access_backup = $this->getBoolParam('access_backup', true, Settings::Get('backup.default_customer_access')); + $access_backups = $this->getBoolParam('access_backups', true, Settings::Get('backup.default_customer_access')); } else { $backup = $result['backup']; - $access_backup = $result['access_backup']; + $access_backups = $result['access_backups']; } } else { // allowed parameters @@ -1447,7 +1447,7 @@ class Customers extends ApiCommand implements ResourceEntity 'api_allowed' => $api_allowed, 'allowed_mysqlserver' => empty($allowed_mysqlserver) ? "" : json_encode($allowed_mysqlserver), 'backup' => $backup, - 'access_backup' => $access_backup + 'access_backups' => $access_backups ]; $upd_data += $admin_upd_data; } @@ -1492,7 +1492,7 @@ class Customers extends ApiCommand implements ResourceEntity `api_allowed` = :api_allowed, `allowed_mysqlserver` = :allowed_mysqlserver, `backup`= :backup, - `access_backup` = :access_backup"; + `access_backups` = :access_backups"; $upd_query .= $admin_upd_query; } $upd_query .= " WHERE `customerid` = :customerid"; diff --git a/lib/formfields/admin/customer/formfield.customer_add.php b/lib/formfields/admin/customer/formfield.customer_add.php index 5210307a..8df804c4 100644 --- a/lib/formfields/admin/customer/formfield.customer_add.php +++ b/lib/formfields/admin/customer/formfield.customer_add.php @@ -315,8 +315,8 @@ return [ 'selected' => Settings::Get('backup.default_storage'), 'visible' => Settings::Get('backup.enabled') == '1' && $userinfo['change_serversettings'] == '1' ], - 'access_backup' => [ - 'label' => lng('backup.access_backup'), + 'access_backups' => [ + 'label' => lng('backup.access_backups'), 'type' => 'checkbox', 'value' => '1', 'checked' => Settings::Get('backup.enabled') == '1' && Settings::Get('backup.default_customer_access'), diff --git a/lib/formfields/admin/customer/formfield.customer_edit.php b/lib/formfields/admin/customer/formfield.customer_edit.php index 7ef5f62d..92f3d88f 100644 --- a/lib/formfields/admin/customer/formfield.customer_edit.php +++ b/lib/formfields/admin/customer/formfield.customer_edit.php @@ -323,11 +323,11 @@ return [ 'selected' => $result['backup'], 'visible' => Settings::Get('backup.enabled') == '1' && $userinfo['change_serversettings'] == '1' ], - 'access_backup' => [ - 'label' => lng('backup.access_backup'), + 'access_backups' => [ + 'label' => lng('backup.access_backups'), 'type' => 'checkbox', 'value' => '1', - 'checked' => $result['access_backup'], + 'checked' => $result['access_backups'], 'visible' => Settings::Get('backup.enabled') == '1' && ($userinfo['change_serversettings'] == '1' || Settings::Get('backup.default_customer_access')) ], ] diff --git a/lib/tablelisting/admin/tablelisting.customers.php b/lib/tablelisting/admin/tablelisting.customers.php index f96b3273..847b12f2 100644 --- a/lib/tablelisting/admin/tablelisting.customers.php +++ b/lib/tablelisting/admin/tablelisting.customers.php @@ -158,9 +158,9 @@ return [ 'callback' => [Backup::class, 'backupStorageLink'], 'visible' => (bool)Settings::Get('backup.enabled'), ], - 'c.access_backup' => [ - 'label' => lng('backup.access_backup'), - 'field' => 'access_backup', + 'c.access_backups' => [ + 'label' => lng('backup.access_backups'), + 'field' => 'access_backups', 'class' => 'text-center', 'callback' => [Text::class, 'boolean'], 'visible' => (bool)Settings::Get('backup.enabled'), From c3205d3672f80efc4dc2d0d7ace2595225f130ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maurice=20Preu=C3=9F=20=28envoyr=29?= Date: Wed, 7 Jun 2023 21:22:04 +0200 Subject: [PATCH 34/87] update backup storage api MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Maurice Preuß (envoyr) --- admin_backups.php | 29 +++- lib/Froxlor/Api/Commands/BackupStorages.php | 150 +++++++++++++++++++- 2 files changed, 172 insertions(+), 7 deletions(-) diff --git a/admin_backups.php b/admin_backups.php index 8c7f29df..08c6bac0 100644 --- a/admin_backups.php +++ b/admin_backups.php @@ -30,6 +30,7 @@ use Froxlor\Api\Commands\Backups; use Froxlor\Api\Commands\BackupStorages; use Froxlor\FroxlorLogger; use Froxlor\UI\Collection; +use Froxlor\UI\HTML; use Froxlor\UI\Listing; use Froxlor\UI\Panel\UI; use Froxlor\UI\Request; @@ -39,7 +40,7 @@ $id = (int)Request::any('id'); if (($page == 'backups' || $page == 'overview') && $userinfo['change_serversettings'] == '1') { if ($action == '') { - $log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "viewed admin_backups"); + $log->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "viewed admin_backups"); try { $admin_list_data = include_once dirname(__FILE__) . '/lib/tablelisting/admin/tablelisting.backups.php'; @@ -81,7 +82,7 @@ if (($page == 'backups' || $page == 'overview') && $userinfo['change_serversetti } } else if ($page == 'storages' && $userinfo['change_serversettings'] == '1') { if ($action == '') { - $log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "viewed admin_backup_storage"); + $log->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "list backup storages"); try { $admin_list_data = include_once dirname(__FILE__) . '/lib/tablelisting/admin/tablelisting.backup_storages.php'; @@ -106,7 +107,31 @@ if (($page == 'backups' || $page == 'overview') && $userinfo['change_serversetti ] ]); } elseif ($action == 'delete' && $id != 0) { + try { + $json_result = BackupStorages::getLocal($userinfo, [ + 'id' => $id + ])->get(); + } catch (Exception $e) { + Response::dynamicError($e->getMessage()); + } + $result = json_decode($json_result, true)['data']; + if ($result['id'] != '') { + if (isset($_POST['send']) && $_POST['send'] == 'send') { + BackupStorages::getLocal($userinfo, [ + 'id' => $id + ])->delete(); + Response::redirectTo($filename, [ + 'page' => $page + ]); + } else { + HTML::askYesNo('backup_backup_server_reallydelete', $filename, [ + 'id' => $id, + 'page' => $page, + 'action' => $action + ], $result['id']); + } + } } elseif ($action == 'add') { if (isset($_POST['send']) && $_POST['send'] == 'send') { try { diff --git a/lib/Froxlor/Api/Commands/BackupStorages.php b/lib/Froxlor/Api/Commands/BackupStorages.php index 6cb1ccb5..0ba24fe3 100644 --- a/lib/Froxlor/Api/Commands/BackupStorages.php +++ b/lib/Froxlor/Api/Commands/BackupStorages.php @@ -105,7 +105,26 @@ class BackupStorages extends ApiCommand implements ResourceEntity /** * create a backup storage by given id * - * @param string $name + * @param string $type + * required, backup storage type + * @param string $destination_path + * required, destination path for backup storage + * @param string $description + * description for backup storage + * @param string $region + * region for backup storage (used for S3) + * @param string $bucket + * bucket for backup storage (used for S3) + * @param string $hostname + * hostname for backup storage + * @param string $username + * username for backup storage (also used as access key for S3) + * @param string $password + * password for backup storage (also used as secret key for S3) + * @param string $pgp_public_key + * pgp public key for backup storage + * @param string $retention + * retention for backup storage * * @access admin * @return string json-encoded array @@ -114,7 +133,84 @@ class BackupStorages extends ApiCommand implements ResourceEntity public function add() { if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) { - // + // required parameters + $type = $this->getParam('type'); + $destination_path = $this->getParam('destination_path'); + + // parameters + $description = $this->getParam('description', true, null); + $region = $this->getParam('region', true, null); + $bucket = $this->getParam('bucket', true, null); + $hostname = $this->getParam('hostname', true, null); + $username = $this->getParam('username', true, null); + $password = $this->getParam('password', true, null); + $pgp_public_key = $this->getParam('pgp_public_key', true, null); + $retention = $this->getParam('retention', true, null); + + // validation + $destination_path = FileDir::makeCorrectDir(Validate::validate($destination_path, 'destination_path', Validate::REGEX_DIR, '', [], true)); + // TODO: add more validation + + // pgp public key validation + if (!empty($pgp_public_key)) { + // check if gnupg extension is loaded + if (!extension_loaded('gnupg')) { + Response::standardError('gnupgextensionnotavailable', '', true); + } + // check if the pgp public key is a valid key + putenv('GNUPGHOME='.sys_get_temp_dir()); + if (gnupg_import(gnupg_init(), $pgp_public_key) === false) { + Response::standardError('invalidpgppublickey', '', true); + } + } + + // store + $stmt = Database::prepare(" + INSERT INTO `" . TABLE_PANEL_BACKUP_STORAGES . "` ( + `description`, + `type`, + `region`, + `bucket`, + `destination_path`, + `hostname`, + `username`, + `password`, + `pgp_public_key`, + `retention` + ) VALUES ( + :description, + :type, + :region, + :bucket, + :destination_path, + :hostname, + :username, + :password, + :pgp_public_key, + :retention + ) + "); + $params = [ + "description" => $description, + "type" => $type, + "region" => $region, + "bucket" => $bucket, + "destination_path" => $destination_path, + "hostname" => $hostname, + "username" => $username, + "password" => $password, + "pgp_public_key" => $pgp_public_key, + "retention" => $retention, + ]; + Database::pexecute($stmt, $params, true, true); + $id = Database::lastInsertId(); + $this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] edited backup storage for '" . $result['id'] . "'"); + + // return + $result = $this->apiCall('BackupStorages.get', [ + 'id' => $id + ]); + return $this->response($result); } throw new Exception("Not allowed to execute given command.", 403); } @@ -155,7 +251,27 @@ class BackupStorages extends ApiCommand implements ResourceEntity * update a backup storage by given id * * @param int $id - * required, the backup-storage-id + * required, the backup-storage-id + * @param string $type + * backup storage type + * @param string $destination_path + * destination path for backup storage + * @param string $description + * description for backup storage + * @param string $region + * region for backup storage (used for S3) + * @param string $bucket + * bucket for backup storage (used for S3) + * @param string $hostname + * hostname for backup storage + * @param string $username + * username for backup storage (also used as access key for S3) + * @param string $password + * password for backup storage (also used as secret key for S3) + * @param string $pgp_public_key + * pgp public key for backup storage + * @param string $retention + * retention for backup storage * * @access admin * @return string json-encoded array @@ -179,12 +295,13 @@ class BackupStorages extends ApiCommand implements ResourceEntity $destination_path = $this->getParam('destination_path', true, $result['destination_path']); $hostname = $this->getParam('hostname', true, $result['hostname']); $username = $this->getParam('username', true, $result['username']); - $password = $this->getParam('password', true, 'password'); + $password = $this->getParam('password', true, $result['password']); $pgp_public_key = $this->getParam('pgp_public_key', true, $result['pgp_public_key']); $retention = $this->getParam('retention', true, $result['retention']); // validation $destination_path = FileDir::makeCorrectDir(Validate::validate($destination_path, 'destination_path', Validate::REGEX_DIR, '', [], true)); + // TODO: add more validation // pgp public key validation if (!empty($pgp_public_key)) { @@ -240,7 +357,7 @@ class BackupStorages extends ApiCommand implements ResourceEntity } /** - * delete a backup-storage entry by either id + * delete a backup-storage entry by id * * @param int $id * required, the backup-storage-id @@ -251,6 +368,29 @@ class BackupStorages extends ApiCommand implements ResourceEntity */ public function delete() { + $id = $this->getParam('id'); + + if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) { + // validation + $result = $this->apiCall('BackupStorages.get', [ + 'id' => $id + ]); + + // delete + $stmt = Database::prepare(" + DELETE FROM `" . TABLE_PANEL_BACKUP_STORAGES . "` + WHERE `id` = :id + "); + $params = [ + "id" => $id + ]; + Database::pexecute($stmt, $params, true, true); + $this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] deleted backup storage for '" . $result['id'] . "'"); + + // return + return $this->response(true); + } + throw new Exception("Not allowed to execute given command.", 403); } } From ddcd55a83d392954491456d92b2cee7e8e4ccaae Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Thu, 8 Jun 2023 11:56:58 +0200 Subject: [PATCH 35/87] more work on backup-storages Signed-off-by: Michael Kaufmann --- install/froxlor.sql.php | 2 +- install/updates/froxlor/update_0.10.inc.php | 6 +- install/updates/froxlor/update_2.1.inc.php | 1 + .../updates/preconfig/preconfig_2.1.inc.php | 14 +- lib/Froxlor/Api/Commands/BackupStorages.php | 171 ++++++++++++++---- lib/Froxlor/Api/Commands/Backups.php | 33 +--- lib/Froxlor/Cron/System/ExportCron.php | 4 +- .../formfield.backup_storage_add.php | 10 +- .../formfield.backup_storage_edit.php | 8 +- 9 files changed, 165 insertions(+), 84 deletions(-) diff --git a/install/froxlor.sql.php b/install/froxlor.sql.php index 61b7a58f..4453aea7 100644 --- a/install/froxlor.sql.php +++ b/install/froxlor.sql.php @@ -918,7 +918,7 @@ INSERT INTO `cronjobs_run` (`id`, `module`, `cronfile`, `cronclass`, `interval`, (3, 'froxlor/reports', 'usage_report', '\\Froxlor\\Cron\\Traffic\\ReportsCron', '1 DAY', '1', 'cron_usage_report'), (4, 'froxlor/core', 'mailboxsize', '\\Froxlor\\Cron\\System\\MailboxsizeCron', '6 HOUR', '1', 'cron_mailboxsize'), (5, 'froxlor/letsencrypt', 'letsencrypt', '\\Froxlor\\Cron\\Http\\LetsEncrypt\\AcmeSh', '5 MINUTE', '0', 'cron_letsencrypt'), - (6, 'froxlor/export', 'export', '\\Froxlor\\Cron\\System\\ExportCron', '1 DAY', '0', 'cron_export'), + (6, 'froxlor/export', 'export', '\\Froxlor\\Cron\\System\\ExportCron', '1 HOUR', '0', 'cron_export'), (7, 'froxlor/backup', 'backup', '\\Froxlor\\Cron\\Backup\\BackupCron', '1 DAY', '0', 'cron_backup'); diff --git a/install/updates/froxlor/update_0.10.inc.php b/install/updates/froxlor/update_0.10.inc.php index f1082917..d9c79e1f 100644 --- a/install/updates/froxlor/update_0.10.inc.php +++ b/install/updates/froxlor/update_0.10.inc.php @@ -23,11 +23,11 @@ * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 */ -use Froxlor\Froxlor; -use Froxlor\FileDir; use Froxlor\Database\Database; -use Froxlor\Settings; +use Froxlor\FileDir; +use Froxlor\Froxlor; use Froxlor\Install\Update; +use Froxlor\Settings; use Froxlor\System\Cronjob; use Froxlor\System\IPTools; diff --git a/install/updates/froxlor/update_2.1.inc.php b/install/updates/froxlor/update_2.1.inc.php index f19b2d7f..7d412fdb 100644 --- a/install/updates/froxlor/update_2.1.inc.php +++ b/install/updates/froxlor/update_2.1.inc.php @@ -113,6 +113,7 @@ if (Froxlor::isDatabaseVersion('202304260')) { `module`= 'froxlor/export', `cronfile` = 'export', `cronclass` = '\\Froxlor\\Cron\\System\\ExportCron', + `interval` = '1 HOUR', `desc_lng_key` = 'cron_export' WHERE `module` = 'froxlor/backup' "); diff --git a/install/updates/preconfig/preconfig_2.1.inc.php b/install/updates/preconfig/preconfig_2.1.inc.php index 88529296..95401f62 100644 --- a/install/updates/preconfig/preconfig_2.1.inc.php +++ b/install/updates/preconfig/preconfig_2.1.inc.php @@ -36,7 +36,19 @@ $preconfig = [ $return = []; if (Update::versionInUpdate($current_version, '2.1.0-dev1')) { - + // Backup + $description = 'Froxlor now comes with a backup capability (More info see [DOCS LINK].'; + $question = 'Would you like to enable the backup-feature (default: yes)'; + $return['panel_settings_mode'] = [ + 'type' => 'select', + 'select_var' => [ + 0 => 'No', + 1 => 'Yes' + ], + 'selected' => 1, + 'label' => $question, + 'prior_infotext' => $description + ]; } $preconfig['fields'] = $return; diff --git a/lib/Froxlor/Api/Commands/BackupStorages.php b/lib/Froxlor/Api/Commands/BackupStorages.php index 0ba24fe3..47aa4098 100644 --- a/lib/Froxlor/Api/Commands/BackupStorages.php +++ b/lib/Froxlor/Api/Commands/BackupStorages.php @@ -31,6 +31,7 @@ use Froxlor\Api\ResourceEntity; use Froxlor\Database\Database; use Froxlor\FileDir; use Froxlor\FroxlorLogger; +use Froxlor\Settings; use Froxlor\UI\Response; use Froxlor\Validate\Validate; use PDO; @@ -40,6 +41,14 @@ use PDO; */ class BackupStorages extends ApiCommand implements ResourceEntity { + const SUPPORTED_TYPES = [ + 'local', + 'ftp', + 'sftp', + 'rsync', + 's3', + ]; + /** * lists all backup storages entries * @@ -61,7 +70,7 @@ class BackupStorages extends ApiCommand implements ResourceEntity public function listing() { if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) { - $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list backups"); + $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] list backup storages"); $query_fields = []; $result_stmt = Database::prepare(" SELECT * FROM `" . TABLE_PANEL_BACKUP_STORAGES . "` @@ -103,28 +112,28 @@ class BackupStorages extends ApiCommand implements ResourceEntity } /** - * create a backup storage by given id + * create a backup storage * * @param string $type * required, backup storage type * @param string $destination_path * required, destination path for backup storage * @param string $description - * description for backup storage + * required, description for backup storage * @param string $region - * region for backup storage (used for S3) + * optional, required if type=s3. Region for backup storage (used for S3) * @param string $bucket - * bucket for backup storage (used for S3) + * optional, required if type=s3. Bucket for backup storage (used for S3) * @param string $hostname - * hostname for backup storage + * optional, required if type != local. Hostname for backup storage * @param string $username - * username for backup storage (also used as access key for S3) + * optional, required if type != local. Username for backup storage (also used as access key for S3) * @param string $password - * password for backup storage (also used as secret key for S3) + * optional, required if type != local. Password for backup storage (also used as secret key for S3) * @param string $pgp_public_key - * pgp public key for backup storage + * optional, pgp public key for backup storage * @param string $retention - * retention for backup storage + * optional, retention for backup storage (default 3) * * @access admin * @return string json-encoded array @@ -136,16 +145,39 @@ class BackupStorages extends ApiCommand implements ResourceEntity // required parameters $type = $this->getParam('type'); $destination_path = $this->getParam('destination_path'); + $description = $this->getParam('description'); + + // type related requirements + $optional_flags = [ + 'region' => true, + 'bucket' => true, + 'hostname' => true, + 'username' => true, + 'password' => true, + ]; + + if (!in_array($type, self::SUPPORTED_TYPES)) { + throw new Exception("Unsupported storage type: '" . $type . "'", 406); + } + + if ($type != 'local') { + $optional_flags['hostname'] = false; + $optional_flags['username'] = false; + $optional_flags['password'] = false; + } + if ($type == 's3') { + $optional_flags['region'] = false; + $optional_flags['bucket'] = false; + } // parameters - $description = $this->getParam('description', true, null); - $region = $this->getParam('region', true, null); - $bucket = $this->getParam('bucket', true, null); - $hostname = $this->getParam('hostname', true, null); - $username = $this->getParam('username', true, null); - $password = $this->getParam('password', true, null); + $region = $this->getParam('region', $optional_flags['region']); + $bucket = $this->getParam('bucket', $optional_flags['bucket']); + $hostname = $this->getParam('hostname', $optional_flags['hostname']); + $username = $this->getParam('username', $optional_flags['username']); + $password = $this->getParam('password', $optional_flags['password']); $pgp_public_key = $this->getParam('pgp_public_key', true, null); - $retention = $this->getParam('retention', true, null); + $retention = $this->getParam('retention', true, 3); // validation $destination_path = FileDir::makeCorrectDir(Validate::validate($destination_path, 'destination_path', Validate::REGEX_DIR, '', [], true)); @@ -158,7 +190,7 @@ class BackupStorages extends ApiCommand implements ResourceEntity Response::standardError('gnupgextensionnotavailable', '', true); } // check if the pgp public key is a valid key - putenv('GNUPGHOME='.sys_get_temp_dir()); + putenv('GNUPGHOME=' . sys_get_temp_dir()); if (gnupg_import(gnupg_init(), $pgp_public_key) === false) { Response::standardError('invalidpgppublickey', '', true); } @@ -204,22 +236,22 @@ class BackupStorages extends ApiCommand implements ResourceEntity ]; Database::pexecute($stmt, $params, true, true); $id = Database::lastInsertId(); - $this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] edited backup storage for '" . $result['id'] . "'"); // return $result = $this->apiCall('BackupStorages.get', [ 'id' => $id ]); + $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] added backup storage '" . $result['description'] . "' (" . $result['type'] . ")"); return $this->response($result); } throw new Exception("Not allowed to execute given command.", 403); } /** - * return an admin entry by id + * return a backup storage entry by id * * @param int $id - * optional, the backup-storage-id + * the backup-storage-id * * @access admin * @return string json-encoded array @@ -239,7 +271,7 @@ class BackupStorages extends ApiCommand implements ResourceEntity ]; $result = Database::pexecute_first($result_stmt, $params, true, true); if ($result) { - $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] get backup storage for '" . $result['id'] . "'"); + $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] get backup storage '" . $result['description'] . "'"); return $this->response($result); } throw new Exception("Backup storage with " . $id . " could not be found", 404); @@ -251,27 +283,27 @@ class BackupStorages extends ApiCommand implements ResourceEntity * update a backup storage by given id * * @param int $id - * required, the backup-storage-id + * required, the backup-storage-id * @param string $type - * backup storage type + * optional, backup storage type * @param string $destination_path - * destination path for backup storage + * optional, destination path for backup storage * @param string $description - * description for backup storage + * required, description for backup storage * @param string $region - * region for backup storage (used for S3) + * optional, region for backup storage (used for S3) * @param string $bucket - * bucket for backup storage (used for S3) + * optional, bucket for backup storage (used for S3) * @param string $hostname - * hostname for backup storage + * optional, hostname for backup storage * @param string $username - * username for backup storage (also used as access key for S3) + * optional, username for backup storage (also used as access key for S3) * @param string $password - * password for backup storage (also used as secret key for S3) + * optional, password for backup storage (also used as secret key for S3) * @param string $pgp_public_key - * pgp public key for backup storage + * optional, pgp public key for backup storage * @param string $retention - * retention for backup storage + * optional, retention for backup storage (default 3) * * @access admin * @return string json-encoded array @@ -295,27 +327,61 @@ class BackupStorages extends ApiCommand implements ResourceEntity $destination_path = $this->getParam('destination_path', true, $result['destination_path']); $hostname = $this->getParam('hostname', true, $result['hostname']); $username = $this->getParam('username', true, $result['username']); - $password = $this->getParam('password', true, $result['password']); + $password = $this->getParam('password', true, ''); $pgp_public_key = $this->getParam('pgp_public_key', true, $result['pgp_public_key']); $retention = $this->getParam('retention', true, $result['retention']); + if (!in_array($type, self::SUPPORTED_TYPES)) { + throw new Exception("Unsupported storage type: '" . $type . "'", 406); + } + + if ($type != 'local') { + if (empty($hostname)) { + throw new Exception("Field 'hostname' cannot be empty", 406); + } + if (empty($username)) { + throw new Exception("Field 'username' cannot be empty", 406); + } + $password = Validate::validate($password, 'password', '', '', [], true); + } + if ($type == 's3') { + if (empty($region)) { + throw new Exception("Field 'region' cannot be empty", 406); + } + if (empty($bucket)) { + throw new Exception("Field 'bucket' cannot be empty", 406); + } + } + // validation $destination_path = FileDir::makeCorrectDir(Validate::validate($destination_path, 'destination_path', Validate::REGEX_DIR, '', [], true)); // TODO: add more validation // pgp public key validation - if (!empty($pgp_public_key)) { + if (!empty($pgp_public_key) && $pgp_public_key != $result['pgp_public_key']) { // check if gnupg extension is loaded if (!extension_loaded('gnupg')) { Response::standardError('gnupgextensionnotavailable', '', true); } // check if the pgp public key is a valid key - putenv('GNUPGHOME='.sys_get_temp_dir()); + putenv('GNUPGHOME=' . sys_get_temp_dir()); if (gnupg_import(gnupg_init(), $pgp_public_key) === false) { Response::standardError('invalidpgppublickey', '', true); } } + if (!empty($password)) { + $stmt = Database::prepare("UPDATE `" . TABLE_PANEL_BACKUP_STORAGES . "` + SET `password` = :password + WHERE `id` = :id + "); + Database::pexecute($stmt, [ + "id" => $id, + "password" => $password + ], true, true); + $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] updated password for backup-storage '" . $result['description'] . "'"); + } + // update $stmt = Database::prepare(" UPDATE `" . TABLE_PANEL_BACKUP_STORAGES . "` @@ -326,7 +392,6 @@ class BackupStorages extends ApiCommand implements ResourceEntity `destination_path` = :destination_path, `hostname` = :hostname, `username` = :username, - `password` = :password, `pgp_public_key` = :pgp_public_key, `retention` = :retention WHERE `id` = :id @@ -340,12 +405,11 @@ class BackupStorages extends ApiCommand implements ResourceEntity "destination_path" => $destination_path, "hostname" => $hostname, "username" => $username, - "password" => $password, "pgp_public_key" => $pgp_public_key, "retention" => $retention, ]; Database::pexecute($stmt, $params, true, true); - $this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] edited backup storage for '" . $result['id'] . "'"); + $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] edited backup storage '" . $result['description'] . "'"); // return $result = $this->apiCall('BackupStorages.get', [ @@ -376,6 +440,33 @@ class BackupStorages extends ApiCommand implements ResourceEntity 'id' => $id ]); + // validate no-one's using it + + // settings + if ($id == Settings::Get('backup.default_storage')) { + throw new Exception("Given backup storage is currently set as default storage and cannot be deleted.", 406); + } + // customers + $sel_stmt = Database::prepare(" + SELECT COUNT(*) as num_storage_users + FROM `" . TABLE_PANEL_CUSTOMERS . "` + WHERE `backup` = :id + "); + $storage_users_result = Database::pexecute_first($sel_stmt, ['id' => $id]); + if ($storage_users_result && $storage_users_result['num_storage_users'] > 0) { + throw new Exception("Given backup storage is currently assigned to " . $storage_users_result['num_storage_users'] . " customers and cannot be deleted.", 406); + } + // existing backups + $sel_stmt = Database::prepare(" + SELECT COUNT(*) as num_storage_backups + FROM `" . TABLE_PANEL_BACKUPS . "` + WHERE `storage_id` = :id + "); + $storage_backups_result = Database::pexecute_first($sel_stmt, ['id' => $id]); + if ($storage_backups_result && $storage_backups_result['num_storage_backups'] > 0) { + throw new Exception("Given backup storage has still " . $storage_backups_result['num_storage_backups'] . " backups on it and cannot be deleted.", 406); + } + // delete $stmt = Database::prepare(" DELETE FROM `" . TABLE_PANEL_BACKUP_STORAGES . "` @@ -385,7 +476,7 @@ class BackupStorages extends ApiCommand implements ResourceEntity "id" => $id ]; Database::pexecute($stmt, $params, true, true); - $this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] deleted backup storage for '" . $result['id'] . "'"); + $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] deleted backup storage '" . $result['description'] . "'"); // return return $this->response(true); diff --git a/lib/Froxlor/Api/Commands/Backups.php b/lib/Froxlor/Api/Commands/Backups.php index 638b4912..72c13f18 100644 --- a/lib/Froxlor/Api/Commands/Backups.php +++ b/lib/Froxlor/Api/Commands/Backups.php @@ -43,37 +43,6 @@ use PDO; */ class Backups extends ApiCommand implements ResourceEntity { - - /** - * increase resource-usage - * - * @param int $adminid - * @param string $resource - * @param string $extra - * optional, default empty - * @param int $increase_by - * optional, default 1 - */ - public static function increaseUsage($adminid = 0, $resource = null, $extra = '', $increase_by = 1) - { - self::updateResourceUsage(TABLE_PANEL_BACKUPS, 'adminid', $adminid, '+', $resource, $extra, $increase_by); - } - - /** - * decrease resource-usage - * - * @param int $adminid - * @param string $resource - * @param string $extra - * optional, default empty - * @param int $decrease_by - * optional, default 1 - */ - public static function decreaseUsage($adminid = 0, $resource = null, $extra = '', $decrease_by = 1) - { - self::updateResourceUsage(TABLE_PANEL_BACKUPS, 'adminid', $adminid, '-', $resource, $extra, $decrease_by); - } - /** * lists all admin entries * @@ -95,7 +64,7 @@ class Backups extends ApiCommand implements ResourceEntity public function listing() { if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) { - $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list backups"); + $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] list backups"); $query_fields = []; $result_stmt = Database::prepare(" SELECT `b`.*, `a`.`loginname` as `adminname` diff --git a/lib/Froxlor/Cron/System/ExportCron.php b/lib/Froxlor/Cron/System/ExportCron.php index 8575013a..8def5b7d 100644 --- a/lib/Froxlor/Cron/System/ExportCron.php +++ b/lib/Froxlor/Cron/System/ExportCron.php @@ -46,7 +46,9 @@ class ExportCron extends FroxlorCron "); $all_jobs = $result_tasks_stmt->fetchAll(); - self::runFork([self::class, 'handle'], $all_jobs); + if (!empty($all_jobs)) { + self::runFork([self::class, 'handle'], $all_jobs); + } } public static function handle(array $row) diff --git a/lib/formfields/admin/backup_storages/formfield.backup_storage_add.php b/lib/formfields/admin/backup_storages/formfield.backup_storage_add.php index a9a51647..28856194 100644 --- a/lib/formfields/admin/backup_storages/formfield.backup_storage_add.php +++ b/lib/formfields/admin/backup_storages/formfield.backup_storage_add.php @@ -36,7 +36,9 @@ return [ 'fields' => [ 'description' => [ 'label' => lng('backup.backup_storage.description'), - 'type' => 'text' + 'type' => 'text', + 'maxlength' => 200, + 'mandatory' => true, ], 'type' => [ 'label' => lng('backup.backup_storage.type'), @@ -48,7 +50,8 @@ return [ 'sftp' => lng('backup.backup_storage.type_sftp'), 'rsync' => lng('backup.backup_storage.type_rsync'), 's3' => lng('backup.backup_storage.type_s3'), - ] + ], + 'mandatory' => true, ], 'region' => [ 'label' => lng('backup.backup_storage.region'), @@ -72,7 +75,8 @@ return [ ], 'password' => [ 'label' => lng('backup.backup_storage.password'), - 'type' => 'text' + 'type' => 'password', + 'autocomplete' => 'off', ], 'pgp_public_key' => [ 'label' => lng('backup.backup_storage.pgp_public_key'), diff --git a/lib/formfields/admin/backup_storages/formfield.backup_storage_edit.php b/lib/formfields/admin/backup_storages/formfield.backup_storage_edit.php index ac283615..0ed8b6fa 100644 --- a/lib/formfields/admin/backup_storages/formfield.backup_storage_edit.php +++ b/lib/formfields/admin/backup_storages/formfield.backup_storage_edit.php @@ -35,7 +35,8 @@ return [ 'description' => [ 'label' => lng('backup.backup_storage.description'), 'type' => 'text', - 'value' => $result['description'] + 'value' => $result['description'], + 'mandatory' => true, ], 'type' => [ 'label' => lng('backup.backup_storage.type'), @@ -47,7 +48,8 @@ return [ 'sftp' => lng('backup.backup_storage.type_sftp'), 'rsync' => lng('backup.backup_storage.type_rsync'), 's3' => lng('backup.backup_storage.type_s3'), - ] + ], + 'mandatory' => true, ], 'region' => [ 'label' => lng('backup.backup_storage.region'), @@ -75,7 +77,7 @@ return [ 'value' => $result['username'] ], 'password' => [ - 'label' => lng('backup.backup_storage.password'), + 'label' => lng('backup.backup_storage.password') . ' (' . lng('panel.emptyfornochanges') . ')', 'type' => 'password', 'autocomplete' => 'off' ], From 8a30bc07f5d2dfa7cdd9b8dc3660321791803196 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Thu, 8 Jun 2023 12:13:24 +0200 Subject: [PATCH 36/87] exclude password fields from being filtered/escaped by AntiXSS, fixes #1150 Signed-off-by: Michael Kaufmann --- lib/Froxlor/PhpHelper.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/lib/Froxlor/PhpHelper.php b/lib/Froxlor/PhpHelper.php index f5ee8089..7e08e2b5 100644 --- a/lib/Froxlor/PhpHelper.php +++ b/lib/Froxlor/PhpHelper.php @@ -449,7 +449,15 @@ class PhpHelper 'ssl_specialsettings', 'default_vhostconf_domain', 'ssl_default_vhostconf_domain', - 'filecontent' + 'filecontent', + 'admin_password', + 'password', + 'new_customer_password', + 'privileged_password', + 'email_password', + 'directory_password', + 'ftp_password', + 'mysql_password', ]; if (!empty($global)) { $tmp = $global; From 105213fd3fd51387e5bb5bd6fbce734bcf8ede24 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maurice=20Preu=C3=9F=20=28envoyr=29?= Date: Thu, 8 Jun 2023 17:17:25 +0200 Subject: [PATCH 37/87] update backup cron MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Maurice Preuß (envoyr) --- admin_backups.php | 11 ++-- lib/Froxlor/Api/Commands/Backups.php | 59 ++++++++++++++----- lib/Froxlor/Api/Commands/SubDomains.php | 24 ++++---- lib/Froxlor/Cron/Backup/BackupCron.php | 53 ++++++++++++----- lib/navigation/00.froxlor.main.php | 4 -- .../admin/tablelisting.backup_storages.php | 10 +--- .../admin/tablelisting.backups.php | 40 +++++-------- templates/Froxlor/user/form.html.twig | 15 ++--- templates/Froxlor/user/table.html.twig | 17 ++---- 9 files changed, 128 insertions(+), 105 deletions(-) diff --git a/admin_backups.php b/admin_backups.php index 08c6bac0..cda3f6f0 100644 --- a/admin_backups.php +++ b/admin_backups.php @@ -38,7 +38,7 @@ use Froxlor\UI\Response; $id = (int)Request::any('id'); -if (($page == 'backups' || $page == 'overview') && $userinfo['change_serversettings'] == '1') { +if (($page == 'backups' || $page == 'overview')) { if ($action == '') { $log->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "viewed admin_backups"); @@ -53,10 +53,6 @@ if (($page == 'backups' || $page == 'overview') && $userinfo['change_serversetti UI::view('user/table.html.twig', [ 'listing' => Listing::format($collection, $admin_list_data, 'backups_list'), 'actions_links' => [ - [ - 'href' => $linker->getLink(['section' => 'backups', 'page' => $page, 'action' => 'add']), - 'label' => lng('admin.backups_add') - ], [ 'href' => $linker->getLink(['section' => 'backups', 'page' => $page, 'action' => 'restore']), 'label' => lng('admin.backups_restore'), @@ -67,7 +63,8 @@ if (($page == 'backups' || $page == 'overview') && $userinfo['change_serversetti 'href' => $linker->getLink(['section' => 'backups', 'page' => 'storages']), 'label' => lng('admin.backup_storages'), 'icon' => 'fa-solid fa-hard-drive', - 'class' => 'btn-outline-secondary' + 'class' => 'btn-outline-secondary', + 'visible' => $userinfo['change_serversettings'] == '1' ] ] ]); @@ -181,4 +178,6 @@ if (($page == 'backups' || $page == 'overview') && $userinfo['change_serversetti } } } +} else { + Response::dynamicError('403'); } diff --git a/lib/Froxlor/Api/Commands/Backups.php b/lib/Froxlor/Api/Commands/Backups.php index 72c13f18..49b48d7d 100644 --- a/lib/Froxlor/Api/Commands/Backups.php +++ b/lib/Froxlor/Api/Commands/Backups.php @@ -63,24 +63,55 @@ class Backups extends ApiCommand implements ResourceEntity */ public function listing() { - if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) { - $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] list backups"); - $query_fields = []; - $result_stmt = Database::prepare(" + if ($this->isAdmin()) { + // if we're an admin, list all backups of all the admins customers + // or optionally for one specific customer identified by id or loginname + $customerid = $this->getParam('customerid', true, 0); + $loginname = $this->getParam('loginname', true, ''); + + if (!empty($customerid) || !empty($loginname)) { + $result = $this->apiCall('Customers.get', [ + 'id' => $customerid, + 'loginname' => $loginname + ]); + $custom_list_result = [ + $result + ]; + } else { + $_custom_list_result = $this->apiCall('Customers.listing'); + $custom_list_result = $_custom_list_result['list']; + } + $customer_ids = []; + foreach ($custom_list_result as $customer) { + $customer_ids[] = $customer['customerid']; + } + if (empty($customer_ids)) { + throw new Exception("Required resource unsatisfied.", 405); + } + } else { + $customer_ids = [ + $this->getUserDetail('customerid') + ]; + } + + $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] list backups"); + $query_fields = []; + $result_stmt = Database::prepare(" SELECT `b`.*, `a`.`loginname` as `adminname` FROM `" . TABLE_PANEL_BACKUPS . "` `b` LEFT JOIN `" . TABLE_PANEL_ADMINS . "` `a` USING(`adminid`) + WHERE `b`.`customerid` IN (" . implode(', ', $customer_ids) . ") "); - Database::pexecute($result_stmt, $query_fields, true, true); - $result = []; - while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) { - $result[] = $row; - } - return $this->response([ - 'count' => count($result), - 'list' => $result - ]); + Database::pexecute($result_stmt, $query_fields, true, true); + $result = []; + while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) { + $result[] = $row; } + return $this->response([ + 'count' => count($result), + 'list' => $result + ]); + throw new Exception("Not allowed to execute given command.", 403); } @@ -93,7 +124,7 @@ class Backups extends ApiCommand implements ResourceEntity */ public function listingCount() { - if ($this->isAdmin() && $this->getUserDetail('change_serversettings') == 1) { + if ($this->isAdmin()) { $result_stmt = Database::prepare(" SELECT COUNT(*) as num_backups FROM `" . TABLE_PANEL_BACKUPS . "` diff --git a/lib/Froxlor/Api/Commands/SubDomains.php b/lib/Froxlor/Api/Commands/SubDomains.php index 77cf0377..e49c09cd 100644 --- a/lib/Froxlor/Api/Commands/SubDomains.php +++ b/lib/Froxlor/Api/Commands/SubDomains.php @@ -1059,17 +1059,19 @@ class SubDomains extends ApiCommand implements ResourceEntity $this->getUserDetail('customerid') => $this->getUserDetail('standardsubdomain') ]; } - // prepare select statement - $domains_stmt = Database::prepare(" - SELECT COUNT(*) as num_subdom - FROM `" . TABLE_PANEL_DOMAINS . "` `d` - WHERE `d`.`customerid` IN (" . implode(', ', $customer_ids) . ") - AND `d`.`email_only` = '0' - AND `d`.`id` NOT IN (" . implode(', ', $customer_stdsubs) . ") - "); - $result = Database::pexecute_first($domains_stmt, null, true, true); - if ($result) { - return $this->response($result['num_subdom']); + if (!empty($customer_ids)) { + // prepare select statement + $domains_stmt = Database::prepare(" + SELECT COUNT(*) as num_subdom + FROM `" . TABLE_PANEL_DOMAINS . "` `d` + WHERE `d`.`customerid` IN (" . implode(', ', $customer_ids) . ") + AND `d`.`email_only` = '0' + AND `d`.`id` NOT IN (" . implode(', ', $customer_stdsubs) . ") + "); + $result = Database::pexecute_first($domains_stmt, null, true, true); + if ($result) { + return $this->response($result['num_subdom']); + } } return $this->response(0); } diff --git a/lib/Froxlor/Cron/Backup/BackupCron.php b/lib/Froxlor/Cron/Backup/BackupCron.php index cd162e58..951cc266 100644 --- a/lib/Froxlor/Cron/Backup/BackupCron.php +++ b/lib/Froxlor/Cron/Backup/BackupCron.php @@ -27,6 +27,10 @@ namespace Froxlor\Cron\Backup; use Froxlor\Cron\Forkable; use Froxlor\Cron\FroxlorCron; +use Froxlor\Database\Database; +use Froxlor\FroxlorLogger; +use Froxlor\Settings; +use PDO; class BackupCron extends FroxlorCron { @@ -34,28 +38,45 @@ class BackupCron extends FroxlorCron public static function run() { - $users = ['web1', 'web2', 'web3', 'web4', 'web5', 'web6', 'web7', 'web8', 'web9', 'web10']; + if(!Settings::Get('backup.enabled')) { + FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'BackupCron: disabled - exiting'); + return -1; + } - self::runFork([self::class, 'handle'], [ - [ - 'user' => '1', - 'data' => 'value1', - ], - [ - 'user' => '2', - 'data' => 'value2', - ] - ]); + $stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_BACKUP_STORAGES . "`"); + Database::pexecute($stmt); + + $storages = []; + while ($storage = $stmt->fetch(PDO::FETCH_ASSOC)) { + $storages[$storage['id']] = $storage; + } + + $stmt = Database::prepare("SELECT + customerid, + loginname, + adminid, + backup, + guid, + documentroot + FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `backup` > 0 + "); + Database::pexecute($stmt); + + $customers = []; + while ($customer = $stmt->fetch(PDO::FETCH_ASSOC)) { + $customer['storage'] = $storages[$customer['backup']]; + $customers[] = $customer; + } + + self::runFork([self::class, 'handle'], $customers); } private static function handle(array $userdata) { - echo "BackupCron: started - creating customer backup for user " . $userdata['user'] . "\n"; + echo "BackupCron: started - creating customer backup for user " . $userdata['loginname'] . "\n"; - echo $userdata['data'] . "\n"; + echo json_encode($userdata['storage']) . "\n"; - sleep(rand(1, 3)); - - echo "BackupCron: finished - creating customer backup for user " . $userdata['user'] . "\n"; + echo "BackupCron: finished - creating customer backup for user " . $userdata['loginname'] . "\n"; } } diff --git a/lib/navigation/00.froxlor.main.php b/lib/navigation/00.froxlor.main.php index 70066626..76b0c1e0 100644 --- a/lib/navigation/00.froxlor.main.php +++ b/lib/navigation/00.froxlor.main.php @@ -244,7 +244,6 @@ return [ ], 'server' => [ 'label' => lng('admin.server'), - 'required_resources' => 'change_serversettings', 'icon' => 'fa-solid fa-server', 'elements' => [ [ @@ -265,14 +264,11 @@ return [ [ 'url' => 'admin_backups.php?page=overview', 'label' => lng('admin.backups.backups'), - 'required_resources' => 'change_serversettings', - 'add_shortlink' => 'admin_backups.php?page=overview&action=add', 'show_element' => (Settings::Get('backup.enabled') == true) ], [ 'url' => 'admin_logger.php?page=log', 'label' => lng('menue.logger.logger'), - 'required_resources' => 'change_serversettings', 'show_element' => (Settings::Get('logger.enabled') == true) ], [ diff --git a/lib/tablelisting/admin/tablelisting.backup_storages.php b/lib/tablelisting/admin/tablelisting.backup_storages.php index b0811ec8..4447faec 100644 --- a/lib/tablelisting/admin/tablelisting.backup_storages.php +++ b/lib/tablelisting/admin/tablelisting.backup_storages.php @@ -84,7 +84,7 @@ return [ 'sortable' => true, ], ], - 'visible_columns' => Listing::getVisibleColumnsForListing('admin_list', [ + 'visible_columns' => Listing::getVisibleColumnsForListing('backup_storages_list', [ 'id', 'description', 'type', @@ -94,8 +94,6 @@ return [ 'show' => [ 'icon' => 'fa-solid fa-eye', 'title' => lng('usersettings.custom_notes.title'), - 'modal' => [Text::class, 'customerNoteDetailModal'], - 'visible' => [Customer::class, 'hasNote'] ], 'edit' => [ 'icon' => 'fa-solid fa-edit', @@ -117,13 +115,7 @@ return [ 'action' => 'delete', 'id' => ':id' ], - 'visible' => [Admin::class, 'isNotMe'] ], ], - 'format_callback' => [ - [Style::class, 'deactivated'], - [Style::class, 'diskspaceWarning'], - [Style::class, 'trafficWarning'] - ] ] ]; diff --git a/lib/tablelisting/admin/tablelisting.backups.php b/lib/tablelisting/admin/tablelisting.backups.php index 96db9d1d..92341374 100644 --- a/lib/tablelisting/admin/tablelisting.backups.php +++ b/lib/tablelisting/admin/tablelisting.backups.php @@ -24,6 +24,7 @@ */ use Froxlor\UI\Callbacks\Admin; +use Froxlor\UI\Callbacks\Backup; use Froxlor\UI\Callbacks\Customer; use Froxlor\UI\Callbacks\Impersonate; use Froxlor\UI\Callbacks\ProgressBar; @@ -63,20 +64,32 @@ return [ 'label' => lng('admin.admin'), 'field' => 'adminname', 'callback' => [Impersonate::class, 'admin'], - 'sortable' => true, ], 'size' => [ 'label' => lng('backup.size'), 'field' => 'size', 'sortable' => true, + 'callback' => [Text::class, 'size'], + ], + 'storage_id' => [ + 'label' => lng('backup.backup_storage.title'), + 'field' => 'storage_id', + 'class' => 'text-center', + 'callback' => [Backup::class, 'backupStorageLink'], + ], + 'filename' => [ + 'label' => lng('backup.size'), + 'field' => 'filename', + 'sortable' => true, ], 'created_at' => [ 'label' => lng('backup.created_at'), 'field' => 'created_at', 'sortable' => true, + 'callback' => [Text::class, 'timestamp'], ], ], - 'visible_columns' => Listing::getVisibleColumnsForListing('admin_list', [ + 'visible_columns' => Listing::getVisibleColumnsForListing('backups_list', [ 'id', 'adminname', 'loginname', @@ -84,22 +97,6 @@ return [ 'created_at', ]), 'actions' => [ - 'show' => [ - 'icon' => 'fa-solid fa-eye', - 'title' => lng('usersettings.custom_notes.title'), - 'modal' => [Text::class, 'customerNoteDetailModal'], - 'visible' => [Customer::class, 'hasNote'] - ], - 'edit' => [ - 'icon' => 'fa-solid fa-edit', - 'title' => lng('panel.edit'), - 'href' => [ - 'section' => 'backups', - 'page' => 'storages', - 'action' => 'edit', - 'id' => ':id' - ], - ], 'delete' => [ 'icon' => 'fa-solid fa-trash', 'title' => lng('panel.delete'), @@ -110,13 +107,8 @@ return [ 'action' => 'delete', 'id' => ':id' ], - 'visible' => [Admin::class, 'isNotMe'] + 'visible' => [Admin::class, 'canChangeServerSettings'], ], - ], - 'format_callback' => [ - [Style::class, 'deactivated'], - [Style::class, 'diskspaceWarning'], - [Style::class, 'trafficWarning'] ] ] ]; diff --git a/templates/Froxlor/user/form.html.twig b/templates/Froxlor/user/form.html.twig index 96019b8d..2e960287 100644 --- a/templates/Froxlor/user/form.html.twig +++ b/templates/Froxlor/user/form.html.twig @@ -31,18 +31,13 @@
    {% if actions_links is iterable %} {% for link in actions_links %} - - {{ link.label }} - + {% if link.visible is not defined or (link.visible is defined and link.visible == true) %} + + {{ link.label }} + + {% endif %} {% endfor %} {% endif %} - {# TODO: eventually not used anymore because of using a documentation link - {% if entity_info is defined and entity_info is not empty %} - - {% endif %} - #}
    {% endif %} diff --git a/templates/Froxlor/user/table.html.twig b/templates/Froxlor/user/table.html.twig index fac9e0d6..feb119fc 100644 --- a/templates/Froxlor/user/table.html.twig +++ b/templates/Froxlor/user/table.html.twig @@ -33,19 +33,14 @@
    {% if actions_links is iterable %} {% for link in actions_links %} - - - {% if link.label is defined and link.label is not empty %}{{ link.label }}{% endif %} - + {% if link.visible is not defined or (link.visible is defined and link.visible == true) %} + + + {% if link.label is defined and link.label is not empty %}{{ link.label }}{% endif %} + + {% endif %} {% endfor %} {% endif %} - {# TODO: eventually not used anymore because of using a documentation link - {% if entity_info is defined and entity_info is not empty %} - - {% endif %} - #}
    {% endif %} {% endblock %} From f9f104847762ce2c6508c15d808062e2fc59430f Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Thu, 8 Jun 2023 17:30:12 +0200 Subject: [PATCH 38/87] corrected Backups.listingCount() for admins/reseller/customers accordingly to listing(); minor fixes Signed-off-by: Michael Kaufmann --- lib/Froxlor/Api/Commands/Backups.php | 99 +++++++++++++++------------- 1 file changed, 54 insertions(+), 45 deletions(-) diff --git a/lib/Froxlor/Api/Commands/Backups.php b/lib/Froxlor/Api/Commands/Backups.php index 49b48d7d..7804c416 100644 --- a/lib/Froxlor/Api/Commands/Backups.php +++ b/lib/Froxlor/Api/Commands/Backups.php @@ -30,12 +30,6 @@ use Froxlor\Api\ApiCommand; use Froxlor\Api\ResourceEntity; use Froxlor\Database\Database; use Froxlor\FroxlorLogger; -use Froxlor\Idna\IdnaWrapper; -use Froxlor\Settings; -use Froxlor\System\Crypt; -use Froxlor\UI\Response; -use Froxlor\User; -use Froxlor\Validate\Validate; use PDO; /** @@ -97,11 +91,11 @@ class Backups extends ApiCommand implements ResourceEntity $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] list backups"); $query_fields = []; $result_stmt = Database::prepare(" - SELECT `b`.*, `a`.`loginname` as `adminname` - FROM `" . TABLE_PANEL_BACKUPS . "` `b` - LEFT JOIN `" . TABLE_PANEL_ADMINS . "` `a` USING(`adminid`) - WHERE `b`.`customerid` IN (" . implode(', ', $customer_ids) . ") - "); + SELECT `b`.*, `a`.`loginname` as `adminname` + FROM `" . TABLE_PANEL_BACKUPS . "` `b` + LEFT JOIN `" . TABLE_PANEL_ADMINS . "` `a` USING(`adminid`) + WHERE `b`.`customerid` IN (" . implode(', ', $customer_ids) . ") + "); Database::pexecute($result_stmt, $query_fields, true, true); $result = []; while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) { @@ -111,8 +105,6 @@ class Backups extends ApiCommand implements ResourceEntity 'count' => count($result), 'list' => $result ]); - - throw new Exception("Not allowed to execute given command.", 403); } /** @@ -125,77 +117,94 @@ class Backups extends ApiCommand implements ResourceEntity public function listingCount() { if ($this->isAdmin()) { - $result_stmt = Database::prepare(" - SELECT COUNT(*) as num_backups - FROM `" . TABLE_PANEL_BACKUPS . "` - "); - $result = Database::pexecute_first($result_stmt, null, true, true); - if ($result) { - return $this->response($result['num_backups']); + // if we're an admin, list all backups of all the admins customers + // or optionally for one specific customer identified by id or loginname + $customerid = $this->getParam('customerid', true, 0); + $loginname = $this->getParam('loginname', true, ''); + + if (!empty($customerid) || !empty($loginname)) { + $result = $this->apiCall('Customers.get', [ + 'id' => $customerid, + 'loginname' => $loginname + ]); + $custom_list_result = [ + $result + ]; + } else { + $_custom_list_result = $this->apiCall('Customers.listing'); + $custom_list_result = $_custom_list_result['list']; } - $this->response(0); + $customer_ids = []; + foreach ($custom_list_result as $customer) { + $customer_ids[] = $customer['customerid']; + } + if (empty($customer_ids)) { + throw new Exception("Required resource unsatisfied.", 405); + } + } else { + $customer_ids = [ + $this->getUserDetail('customerid') + ]; } - throw new Exception("Not allowed to execute given command.", 403); + $result_stmt = Database::prepare(" + SELECT COUNT(*) as num_backups + FROM `" . TABLE_PANEL_BACKUPS . "` `b` + WHERE `b`.`customerid` IN (" . implode(', ', $customer_ids) . ") + "); + $result = Database::pexecute_first($result_stmt, null, true, true); + if ($result) { + return $this->response($result['num_backups']); + } + $this->response(0); } /** - * create a new admin user + * You cannot add a backup entry * - * @param string $name - * - * @access admin - * @return string json-encoded array * @throws Exception */ public function add() { - throw new Exception("Not allowed to execute given command.", 403); + throw new Exception('You cannot add a backup entry', 303); } /** - * return an admin entry by either id or loginname + * return a backup entry by id * * @param int $id - * optional, the admin-id - * @param string $loginname - * optional, the loginname + * optional, the backup-entry-id * - * @access admin + * @access admin, customers * @return string json-encoded array * @throws Exception */ public function get() { - throw new Exception("Not allowed to execute given command.", 403); + throw new Exception("@TODO", 303); } /** - * update an admin user by given id or loginname + * You cannot update a backup entry * - * @param int $id - * required, the admin-id - * - * @access admin - * @return string json-encoded array * @throws Exception */ public function update() { - throw new Exception("Not allowed to execute given command.", 403); + throw new Exception('You cannot update a backup entry', 303); } /** - * delete a admin entry by either id or loginname + * delete a backup entry by id * * @param int $id - * required, the admin-id + * required, the backup-entry-id * - * @access admin + * @access admin, customer * @return string json-encoded array * @throws Exception */ public function delete() { - throw new Exception("Not allowed to execute given command.", 403); + throw new Exception("@TODO", 303); } } From 94d9c3eedf31bc8447e3aa349e32880dde02ee52 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Sun, 11 Jun 2023 12:05:33 +0200 Subject: [PATCH 39/87] regenerate session-id after login / su-action Signed-off-by: Michael Kaufmann --- admin_customers.php | 1 + admin_index.php | 1 + index.php | 1 + 3 files changed, 3 insertions(+) diff --git a/admin_customers.php b/admin_customers.php index 05f9656a..6fe2cd18 100644 --- a/admin_customers.php +++ b/admin_customers.php @@ -94,6 +94,7 @@ if (($page == 'customers' || $page == 'overview') && $userinfo['customers'] != ' $result['switched_user'] = CurrentUser::getData(); $result['adminsession'] = 0; $result['userid'] = $result['customerid']; + session_regenerate_id(); CurrentUser::setData($result); $log->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "switched user and is now '" . $destination_user . "'"); diff --git a/admin_index.php b/admin_index.php index 91ea51a5..c1c18c7d 100644 --- a/admin_index.php +++ b/admin_index.php @@ -53,6 +53,7 @@ if ($action == 'logout') { if (is_array(CurrentUser::getField('switched_user'))) { $result = CurrentUser::getData(); $result = $result['switched_user']; + session_regenerate_id(); CurrentUser::setData($result); $target = (isset($_GET['target']) ? $_GET['target'] : 'index'); $redirect = "admin_" . $target . ".php"; diff --git a/index.php b/index.php index 2bdd947c..7860686e 100644 --- a/index.php +++ b/index.php @@ -786,6 +786,7 @@ if ($action == 'll') { function finishLogin($userinfo) { if (isset($userinfo['userid']) && $userinfo['userid'] != '') { + session_regenerate_id(); CurrentUser::setData($userinfo); $language = $userinfo['def_language'] ?? Settings::Get('panel.standardlanguage'); From eda87002176f34436c7452f3ac5879f608220e87 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Sun, 11 Jun 2023 12:06:06 +0200 Subject: [PATCH 40/87] add last successful login field to column-select for admins/admins overview Signed-off-by: Michael Kaufmann --- lib/tablelisting/admin/tablelisting.admins.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lib/tablelisting/admin/tablelisting.admins.php b/lib/tablelisting/admin/tablelisting.admins.php index d9abf86d..637f3d4c 100644 --- a/lib/tablelisting/admin/tablelisting.admins.php +++ b/lib/tablelisting/admin/tablelisting.admins.php @@ -95,6 +95,11 @@ return [ 'class' => 'text-center', 'callback' => [Text::class, 'boolean'], ], + 'lastlogin_succ' => [ + 'label' => lng('admin.lastlogin_succ'), + 'field' => 'lastlogin_succ', + 'callback' => [Text::class, 'timestamp'], + ], 'theme' => [ 'label' => lng('panel.theme'), 'field' => 'theme', From 257ef4c059f6d291b1d5fd4c3e299cb08a94122f Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Mon, 12 Jun 2023 10:39:04 +0200 Subject: [PATCH 41/87] allow more complex access-log formats to be displayed correctly on the UI, fixes #1139 Signed-off-by: Michael Kaufmann --- actions/admin/settings/130.webserver.php | 3 ++- lib/Froxlor/UI/Form.php | 2 +- lib/Froxlor/Validate/Form/Data.php | 6 +++++- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/actions/admin/settings/130.webserver.php b/actions/admin/settings/130.webserver.php index a4fd26d5..e9e62dbb 100644 --- a/actions/admin/settings/130.webserver.php +++ b/actions/admin/settings/130.webserver.php @@ -181,7 +181,8 @@ return [ 'label' => lng('serversettings.logfiles_format'), 'settinggroup' => 'system', 'varname' => 'logfiles_format', - 'type' => 'text', + 'type' => (strpos(Settings::Get('system.logfiles_format'), '"') !== false ? 'textarea' : 'text'), + 'string_regexp' => '/^[^\0\r\n<>]*$/i', 'default' => '', 'string_emptyallowed' => true, 'save_method' => 'storeSettingField', diff --git a/lib/Froxlor/UI/Form.php b/lib/Froxlor/UI/Form.php index 6cf40ab8..acf0cdd8 100644 --- a/lib/Froxlor/UI/Form.php +++ b/lib/Froxlor/UI/Form.php @@ -232,7 +232,7 @@ class Form if (((isset($fielddetails['visible']) && $fielddetails['visible']) || !isset($fielddetails['visible'])) && (!$only_enabledisable || ($only_enabledisable && isset($fielddetails['overview_option'])))) { $newfieldvalue = self::getFormFieldData($fieldname, $fielddetails, $input); if ($newfieldvalue != $fielddetails['value']) { - if (($error = \Froxlor\Validate\Form::validateFormField($fieldname, $fielddetails, $newfieldvalue)) != true) { + if (($error = \Froxlor\Validate\Form::validateFormField($fieldname, $fielddetails, $newfieldvalue)) !== true) { Response::standardError($error, $fieldname); } else { $changed_fields[$fieldname] = $newfieldvalue; diff --git a/lib/Froxlor/Validate/Form/Data.php b/lib/Froxlor/Validate/Form/Data.php index 3e376fb1..ac7cd0cd 100644 --- a/lib/Froxlor/Validate/Form/Data.php +++ b/lib/Froxlor/Validate/Form/Data.php @@ -319,7 +319,11 @@ class Data { $returnvalue = 'stringformaterror'; - if (preg_match('/^[^\0]*$/', $newfieldvalue)) { + if (isset($fielddata['string_regexp']) && $fielddata['string_regexp'] != '') { + if (preg_match($fielddata['string_regexp'], $newfieldvalue)) { + $returnvalue = true; + } + } else if (preg_match('/^[^\0]*$/', $newfieldvalue)) { $returnvalue = true; } From da7309c41ef19c39d01d1c8f26548c52391a3199 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Mon, 12 Jun 2023 12:15:52 +0200 Subject: [PATCH 42/87] integrate opcache-gui data from amnuts/opcache-gui as intended; refs #1151 Signed-off-by: Michael Kaufmann --- admin_opcacheinfo.php | 252 +++--------------------------------------- composer.json | 3 +- composer.lock | 64 ++++++++++- lng/de.lng.php | 3 + lng/en.lng.php | 3 +- 5 files changed, 85 insertions(+), 240 deletions(-) diff --git a/admin_opcacheinfo.php b/admin_opcacheinfo.php index 27654a44..82c4eb91 100644 --- a/admin_opcacheinfo.php +++ b/admin_opcacheinfo.php @@ -33,9 +33,9 @@ const AREA = 'admin'; require __DIR__ . '/lib/init.php'; use Froxlor\FroxlorLogger; +use Froxlor\UI\HTML; use Froxlor\UI\Panel\UI; use Froxlor\UI\Response; -use Froxlor\UI\HTML; if ($action == 'reset' && function_exists('opcache_reset') && $userinfo['change_serversettings'] == '1') { if ($_POST['send'] == 'send') { @@ -57,252 +57,30 @@ if ($action == 'reset' && function_exists('opcache_reset') && $userinfo['change_ } } -if (!function_exists('opcache_get_configuration')) { +if (!extension_loaded('Zend OPcache')) { Response::standardError(lng('error.no_opcacheinfo')); } +$ocEnabled = ini_get('opcache.enable'); +if (empty($ocEnabled)) { + Response::standardError(lng('error.inactive_opcacheinfo')); +} + if ($page == 'showinfo' && $userinfo['change_serversettings'] == '1') { $time = time(); $log->logAction(FroxlorLogger::ADM_ACTION, LOG_NOTICE, "viewed OPcache info"); - $optimizationLevels = [ - 1 << 0 => 'CSE, STRING construction', - 1 << 1 => 'Constant conversion and jumps', - 1 << 2 => '++, +=, series of jumps', - 1 << 3 => 'INIT_FCALL_BY_NAME -> DO_FCALL', - 1 << 4 => 'CFG based optimization', - 1 << 5 => 'DFA based optimization', - 1 << 6 => 'CALL GRAPH optimization', - 1 << 7 => 'SCCP (constant propagation)', - 1 << 8 => 'TMP VAR usage', - 1 << 9 => 'NOP removal', - 1 << 10 => 'Merge equal constants', - 1 << 11 => 'Adjust used stack', - 1 << 12 => 'Remove unused variables', - 1 << 13 => 'DCE (dead code elimination)', - 1 << 14 => '(unsafe) Collect constants', - 1 << 15 => 'Inline functions' - ]; - - $jitModes = [ - [ - 'flag' => 'CPU-specific optimization', - 'value' => [ - 'Disable CPU-specific optimization', - 'Enable use of AVX, if the CPU supports it' - ] - ], - [ - 'flag' => 'Register allocation', - 'value' => [ - 'Do not perform register allocation', - 'Perform block-local register allocation', - 'Perform global register allocation' - ] - ], - [ - 'flag' => 'Trigger', - 'value' => [ - 'Compile all functions on script load', - 'Compile functions on first execution', - 'Profile functions on first request and compile the hottest functions afterwards', - 'Profile on the fly and compile hot functions', - 'Currently unused', - 'Use tracing JIT. Profile on the fly and compile traces for hot code segments' - ] - ], - [ - 'flag' => 'Optimization level', - 'value' => [ - 'No JIT', - 'Minimal JIT (call standard VM handlers)', - 'Inline VM handlers', - 'Use type inference', - 'Use call graph', - 'Optimize whole script' - ] - ] - ]; - - $jitModeMapping = [ - 'tracing' => 1254, - 'on' => 1254, - 'function' => 1205 - ]; - - $status = opcache_get_status(false); - $config = opcache_get_configuration(); - $missingConfig = array_diff_key(ini_get_all('zend opcache', false), $config['directives']); - if (!empty($missingConfig)) { - $config['directives'] = array_merge($config['directives'], $missingConfig); - } - - $files = []; - if (!empty($status['scripts'])) { - uasort($status['scripts'], static function ($a, $b) { - return $a['hits'] <=> $b['hits']; - }); - foreach ($status['scripts'] as &$file) { - $file['full_path'] = str_replace('\\', '/', $file['full_path']); - $file['readable'] = [ - 'hits' => number_format($file['hits']), - 'memory_consumption' => bsize($file['memory_consumption']) - ]; - } - $files = array_values($status['scripts']); - } - - if ($config['directives']['opcache.file_cache_only'] || !empty($status['file_cache_only'])) { - $overview = false; - } else { - $status['opcache_statistics']['start_time'] = $status['opcache_statistics']['start_time'] ?? time(); - $status['opcache_statistics']['last_restart_time'] = $status['opcache_statistics']['last_restart_time'] ?? time(); - - $overview = array_merge( - $status['memory_usage'], - $status['opcache_statistics'], - [ - 'total_memory' => $config['directives']['opcache.memory_consumption'], - 'used_memory_percentage' => round(100 * ( - ($status['memory_usage']['used_memory'] + $status['memory_usage']['wasted_memory']) - / $config['directives']['opcache.memory_consumption'] - )), - 'hit_rate_percentage' => round($status['opcache_statistics']['opcache_hit_rate']), - 'used_key_percentage' => round(100 * ($status['opcache_statistics']['num_cached_keys'] - / $status['opcache_statistics']['max_cached_keys'] - )), - 'wasted_percentage' => round($status['memory_usage']['current_wasted_percentage'], 2), - 'readable' => [ - 'total_memory' => bsize($config['directives']['opcache.memory_consumption']), - 'used_memory' => bsize($status['memory_usage']['used_memory']), - 'free_memory' => bsize($status['memory_usage']['free_memory']), - 'wasted_memory' => bsize($status['memory_usage']['wasted_memory']), - 'num_cached_scripts' => number_format($status['opcache_statistics']['num_cached_scripts']), - 'hits' => number_format($status['opcache_statistics']['hits']), - 'misses' => number_format($status['opcache_statistics']['misses']), - 'blacklist_miss' => number_format($status['opcache_statistics']['blacklist_misses']), - 'num_cached_keys' => number_format($status['opcache_statistics']['num_cached_keys']), - 'max_cached_keys' => number_format($status['opcache_statistics']['max_cached_keys']), - 'interned' => null, - 'start_time' => (new DateTimeImmutable("@{$status['opcache_statistics']['start_time']}")) - ->setTimezone(new DateTimeZone(date_default_timezone_get())) - ->format('Y-m-d H:i:s'), - 'last_restart_time' => ($status['opcache_statistics']['last_restart_time'] == 0 - ? 'never' - : (new DateTimeImmutable("@{$status['opcache_statistics']['last_restart_time']}")) - ->setTimezone(new DateTimeZone(date_default_timezone_get())) - ->format('Y-m-d H:i:s') - ) - ] - ] - ); - } - - $preload = []; - if (!empty($status['preload_statistics']['scripts'])) { - $preload = $status['preload_statistics']['scripts']; - sort($preload, SORT_STRING); - if ($overview) { - $overview['preload_memory'] = $status['preload_statistics']['memory_consumption']; - $overview['readable']['preload_memory'] = bsize($status['preload_statistics']['memory_consumption']); - } - } - - if (!empty($status['interned_strings_usage'])) { - $overview['readable']['interned'] = [ - 'buffer_size' => bsize($status['interned_strings_usage']['buffer_size']), - 'strings_used_memory' => bsize($status['interned_strings_usage']['used_memory']), - 'strings_free_memory' => bsize($status['interned_strings_usage']['free_memory']), - 'number_of_strings' => number_format($status['interned_strings_usage']['number_of_strings']) - ]; - } - - if ($overview && !empty($status['jit'])) { - $overview['jit_buffer_used_percentage'] = ($status['jit']['buffer_size'] - ? round(100 * (($status['jit']['buffer_size'] - $status['jit']['buffer_free']) / $status['jit']['buffer_size'])) - : 0 - ); - $overview['readable'] = array_merge($overview['readable'], [ - 'jit_buffer_size' => bsize($status['jit']['buffer_size']), - 'jit_buffer_free' => bsize($status['jit']['buffer_free']) - ]); - } - - $directives = []; - ksort($config['directives']); - foreach ($config['directives'] as $k => $v) { - if (in_array($k, ['opcache.max_file_size', 'opcache.memory_consumption', 'opcache.jit_buffer_size']) && $v) { - $v = bsize($v) . " ({$v})"; - } elseif ($k === 'opcache.optimization_level') { - $levels = []; - foreach ($optimizationLevels as $level => $info) { - if ($level & $v) { - $levels[] = "{$info} [{$level}]"; - } - } - $v = $levels ?: 'none'; - } elseif ($k === 'opcache.jit') { - if ($v === '1') { - $v = 'on'; - } - if (isset($jitModeMapping[$v]) || is_numeric($v)) { - $levels = []; - foreach (str_split((string)($jitModeMapping[$v] ?? $v)) as $type => $level) { - $levels[] = "{$level}: {$jitModes[$type]['value'][$level]} ({$jitModes[$type]['flag']})"; - } - $v = [$v, $levels]; - } elseif (empty($v) || strtolower($v) === 'off') { - $v = 'Off'; - } - } - $directives[] = [ - 'k' => $k, - 'v' => $v - ]; - } - - $version = array_merge( - $config['version'], - [ - 'php' => phpversion(), - 'server' => $_SERVER['SERVER_SOFTWARE'] ?: '', - 'host' => (function_exists('gethostname') - ? gethostname() - : (php_uname('n') - ?: (empty($_SERVER['SERVER_NAME']) - ? $_SERVER['HOST_NAME'] - : $_SERVER['SERVER_NAME'] - ) - ) - ) - ] - ); + $opcache = (new \Amnuts\Opcache\Service())->getData(); UI::view('settings/opcacheinfo.html.twig', [ 'opcacheinfo' => [ - 'version' => $version, - 'overview' => $overview, - 'files' => $files, - 'preload' => $preload, - 'directives' => $directives, - 'blacklist' => $config['blacklist'], - 'functions' => get_extension_funcs('Zend OPcache') + 'version' => $opcache['version'], + 'overview' => $opcache['overview'], + 'files' => $opcache['files'], + 'preload' => $opcache['preload'], + 'directives' => $opcache['directives'], + 'blacklist' => $opcache['blacklist'], + 'functions' => $opcache['functions'], ] ]); } - -function bsize($size) -{ - $i = 0; - $val = ['b', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB']; - while (($size / 1024) > 1) { - $size /= 1024; - ++$i; - } - return sprintf( - '%.2f%s%s', - $size, - '', - $val[$i] - ); -} diff --git a/composer.json b/composer.json index aac3c0fd..cbc90494 100644 --- a/composer.json +++ b/composer.json @@ -54,7 +54,8 @@ "twig/twig": "^3.3", "erusev/parsedown": "^1.7", "symfony/console": "^5.4", - "pear/net_dns2": "^1.5" + "pear/net_dns2": "^1.5", + "amnuts/opcache-gui": "^3.4" }, "require-dev": { "phpunit/phpunit": "^9", diff --git a/composer.lock b/composer.lock index 9cf44dfa..d34f97e9 100644 --- a/composer.lock +++ b/composer.lock @@ -4,8 +4,70 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "2de39e6b85579ce1f0c2f7a16d57ede3", + "content-hash": "9ce9c044d979a2358438b876c3c73561", "packages": [ + { + "name": "amnuts/opcache-gui", + "version": "3.4.0", + "source": { + "type": "git", + "url": "https://github.com/amnuts/opcache-gui.git", + "reference": "a4af194185bcda734cf3e15e877b217153fffd2b" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/amnuts/opcache-gui/zipball/a4af194185bcda734cf3e15e877b217153fffd2b", + "reference": "a4af194185bcda734cf3e15e877b217153fffd2b", + "shasum": "" + }, + "require": { + "ext-json": "*", + "ext-zend-opcache": "*", + "php": ">=7.1.0" + }, + "type": "library", + "autoload": { + "psr-4": { + "Amnuts\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Andrew Collington", + "email": "andy@amnuts.com", + "homepage": "https://blog.amnuts.com/", + "role": "Developer" + }, + { + "name": "Contributors", + "homepage": "https://github.com/amnuts/opcache-gui/graphs/contributors" + } + ], + "description": "A clean, effective and responsive interface for Zend OPcache, with real(ish)-time monitoring, filtering and the ability to invalidate files", + "keywords": [ + "Opcache", + "cache", + "gui", + "interface", + "opcodes" + ], + "support": { + "email": "andy@amnuts.com", + "issues": "https://github.com/amnuts/opcache-gui/issues", + "source": "https://github.com/amnuts/opcache-gui/tree/3.4.0" + }, + "funding": [ + { + "url": "https://github.com/amnuts", + "type": "github" + } + ], + "time": "2022-08-02T23:08:34+00:00" + }, { "name": "erusev/parsedown", "version": "1.7.4", diff --git a/lng/de.lng.php b/lng/de.lng.php index ce712eb4..4dfd7818 100644 --- a/lng/de.lng.php +++ b/lng/de.lng.php @@ -879,6 +879,9 @@ return [ 'moveofcustomerfailed' => 'Das Verschieben des Kunden ist fehlgeschlagen. Alle übrigen Änderungen wurden durchgeführt und gespeichert.

    Fehlermeldung: %s', 'domain_import_error' => 'Der folgende Fehler trat beim Importieren der Domains auf: %s', 'fcgidandphpfpmnogoodtogether' => 'FCGID und PHP-FPM können nicht gleichzeitig aktiviert werden.', + 'no_apcuinfo' => 'Keine APCu Cache Informationen verfügbar. APCu scheint nicht installiert zu sein.', + 'no_opcacheinfo' => 'Keine OPCache Informationen verfügbar. OPCache scheint nicht installiert zu sein.', + 'inactive_opcacheinfo' => 'OPCache ist installiert, aber nicht aktiviert.', 'nowildcardwithletsencrypt' => 'Let\'s Encrypt kann mittels ACME Wildcard-Domains nur via DNS validieren, sorry. Bitte den ServerAlias auf WWW setzen oder deaktivieren', 'customized_version' => 'Es scheint als wäre die Froxlor Installation angepasst worden. Kein Support, sorry.', 'autoupdate_0' => 'Unbekannter Fehler', diff --git a/lng/en.lng.php b/lng/en.lng.php index 8994dbc0..a5e84bd5 100644 --- a/lng/en.lng.php +++ b/lng/en.lng.php @@ -950,7 +950,8 @@ return [ 'domain_import_error' => 'Following error occurred while importing domains: %s', 'fcgidandphpfpmnogoodtogether' => 'FCGID and PHP-FPM cannot be activated at the same time', 'no_apcuinfo' => 'No cache info available. APCu does not appear to be running.', - 'no_opcacheinfo' => 'No cache info available. OPCache does not appear to be running.', + 'no_opcacheinfo' => 'No OPCache info available. OPCache does not appear to be loaded.', + 'inactive_opcacheinfo' => 'OPCache seems to be installed but not activated.', 'nowildcardwithletsencrypt' => 'Let\'s Encrypt cannot handle wildcard-domains using ACME in froxlor (requires dns-challenge), sorry. Please set the ServerAlias to WWW or disable it completely', 'customized_version' => 'It looks like your Froxlor installation has been modified, no support sorry.', 'autoupdate_0' => 'Unknown error', From e357f7e9c31fa90bc014c20a9f5948aae138348a Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Mon, 12 Jun 2023 13:06:18 +0200 Subject: [PATCH 43/87] beautification Signed-off-by: Michael Kaufmann --- admin_apcuinfo.php | 2 +- admin_opcacheinfo.php | 4 ++-- admin_settings.php | 4 ++-- lib/Froxlor/UI/Response.php | 18 ++++++++++-------- 4 files changed, 15 insertions(+), 13 deletions(-) diff --git a/admin_apcuinfo.php b/admin_apcuinfo.php index aba02807..f4a7e340 100644 --- a/admin_apcuinfo.php +++ b/admin_apcuinfo.php @@ -62,7 +62,7 @@ if ($action == 'delete' && function_exists('apcu_clear_cache') && $userinfo['cha } if (!function_exists('apcu_cache_info') || !function_exists('apcu_sma_info')) { - Response::standardError(lng('error.no_apcuinfo')); + Response::standardError('no_apcuinfo'); } if ($page == 'showinfo' && $userinfo['change_serversettings'] == '1') { diff --git a/admin_opcacheinfo.php b/admin_opcacheinfo.php index 82c4eb91..eddace9e 100644 --- a/admin_opcacheinfo.php +++ b/admin_opcacheinfo.php @@ -58,12 +58,12 @@ if ($action == 'reset' && function_exists('opcache_reset') && $userinfo['change_ } if (!extension_loaded('Zend OPcache')) { - Response::standardError(lng('error.no_opcacheinfo')); + Response::standardError('no_opcacheinfo'); } $ocEnabled = ini_get('opcache.enable'); if (empty($ocEnabled)) { - Response::standardError(lng('error.inactive_opcacheinfo')); + Response::standardError('inactive_opcacheinfo'); } if ($page == 'showinfo' && $userinfo['change_serversettings'] == '1') { diff --git a/admin_settings.php b/admin_settings.php index 18a1d60a..b3c84e72 100644 --- a/admin_settings.php +++ b/admin_settings.php @@ -70,7 +70,7 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') { // check if the session timeout is too low #815 if (isset($_POST['session_sessiontimeout']) && $_POST['session_sessiontimeout'] < 60) { - Response::standardError(lng('error.session_timeout'), lng('error.session_timeout_desc')); + Response::standardError(['session_timeout', 'session_timeout_desc']); } try { @@ -132,7 +132,7 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') { } } } else { - Response::standardError(lng('error.no_phpinfo')); + Response::standardError('error.no_phpinfo'); } UI::view('settings/phpinfo.html.twig', [ 'phpversion' => PHP_VERSION, diff --git a/lib/Froxlor/UI/Response.php b/lib/Froxlor/UI/Response.php index e8dd0279..a12b3683 100644 --- a/lib/Froxlor/UI/Response.php +++ b/lib/Froxlor/UI/Response.php @@ -32,7 +32,7 @@ class Response { /** - * Sends an header ( 'Location ...' ) to the browser. + * Sends a header ( 'Location ...' ) to the browser. * * @param string $destination * Destination @@ -74,18 +74,18 @@ class Response $linker->filename = $path . $destination; } header('Location: ' . $linker->getLink()); - exit(); + exit; } elseif ($get_variables == null) { $linker = new Linker($destination); header('Location: ' . $linker->getLink()); - exit(); + exit; } return false; } /** - * Prints one ore more errormessages on screen + * Prints one or more errormessages on screen * * @param array $errors * Errormessages @@ -93,8 +93,9 @@ class Response * A %s in the errormessage will be replaced by this string. * @param bool $throw_exception * - * @author Florian Lippert (2003-2009) + * @throws Exception * @author Ron Brand + * @author Florian Lippert (2003-2009) */ public static function standardError($errors = '', $replacer = '', $throw_exception = false) { @@ -115,7 +116,7 @@ class Response $error = ''; foreach ($errors as $single_error) { if (strpos($single_error, ".") === false) { - $single_error = 'error.'.$single_error; + $single_error = 'error.' . $single_error; } $single_error = lng($single_error, [htmlentities($replacer)]); if (empty($error)) { @@ -157,7 +158,7 @@ class Response } /** - * Prints one ore more errormessages on screen + * Prints one or more errormessages on screen * * @param array $success_message * Errormessages @@ -166,12 +167,13 @@ class Response * @param array $params * @param bool $throw_exception * + * @throws Exception * @author Florian Lippert (2003-2009) */ public static function standardSuccess($success_message = '', $replacer = '', $params = [], $throw_exception = false) { if (strpos($success_message, ".") === false) { - $success_message = 'success.'.$success_message; + $success_message = 'success.' . $success_message; } $success_message = lng($success_message, [htmlentities($replacer)]); From 03b5a921ff308eeab21bf9d240f27783c8591965 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Fri, 7 Jul 2023 09:46:31 +0200 Subject: [PATCH 44/87] validate generated config-json parameter string Signed-off-by: Michael Kaufmann --- admin_configfiles.php | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/admin_configfiles.php b/admin_configfiles.php index ac4630db..0770c8a7 100644 --- a/admin_configfiles.php +++ b/admin_configfiles.php @@ -33,6 +33,7 @@ use Froxlor\Settings; use Froxlor\UI\Panel\UI; use Froxlor\UI\Request; use Froxlor\UI\Response; +use Froxlor\Validate\Validate; if ($userinfo['change_serversettings'] == '1') { if ($action == 'setconfigured') { @@ -91,6 +92,7 @@ if ($userinfo['change_serversettings'] == '1') { } if ($distribution != "" && isset($_POST['finish'])) { + $valid_keys = ['http', 'dns', 'smtp', 'mail', 'ftp', 'system', 'distro']; unset($_POST['finish']); unset($_POST['csrf_token']); $params = $_POST; @@ -99,6 +101,20 @@ if ($userinfo['change_serversettings'] == '1') { foreach ($_POST['system'] as $sysdaemon) { $params['system'][] = $sysdaemon; } + // validate params + foreach ($params as $key => $value) { + if (!in_array($key, $valid_keys)) { + unset($params[$key]); + continue; + } + if (!is_array($value)) { + $params[$key] = Validate::validate($value, $key); + } else { + foreach ($value as $subkey => $subvalue) { + $params[$key][$subkey] = Validate::validate($subvalue, $key.'.'.$subkey); + } + } + } $params_content = json_encode($params); $params_filename = FileDir::makeCorrectFile(Froxlor::getInstallDir() . 'install/' . Froxlor::genSessionId() . '.json'); file_put_contents($params_filename, $params_content); From f396bd51846a85b8835857ca11b9ef0264512397 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Mon, 10 Jul 2023 13:40:48 +0200 Subject: [PATCH 45/87] add otp security check to critical settings Signed-off-by: Michael Kaufmann --- actions/admin/settings/120.system.php | 3 +- actions/admin/settings/125.cronjob.php | 9 ++- actions/admin/settings/130.webserver.php | 6 +- actions/admin/settings/131.ssl.php | 3 +- actions/admin/settings/136.phpfpm.php | 12 ++-- actions/admin/settings/160.nameserver.php | 6 +- actions/admin/settings/180.dkim.php | 3 +- actions/admin/settings/210.security.php | 24 ++++--- actions/admin/settings/220.quota.php | 12 +++- admin_settings.php | 3 +- lib/Froxlor/CurrentUser.php | 64 +++++++++++++++++++ lib/Froxlor/Settings.php | 3 +- lib/Froxlor/UI/Form.php | 49 ++++++++++++++ lib/Froxlor/UI/HTML.php | 13 ++++ lib/config.example.inc.php | 5 ++ .../phpconfig/formfield.fpmconfig_add.php | 3 +- .../phpconfig/formfield.fpmconfig_edit.php | 3 +- .../phpconfig/formfield.phpconfig_add.php | 9 ++- .../phpconfig/formfield.phpconfig_edit.php | 9 ++- templates/Froxlor/form/otpquestion.html.twig | 31 +++++++++ 20 files changed, 235 insertions(+), 35 deletions(-) create mode 100644 templates/Froxlor/form/otpquestion.html.twig diff --git a/actions/admin/settings/120.system.php b/actions/admin/settings/120.system.php index 339ed9a0..09f3da7d 100644 --- a/actions/admin/settings/120.system.php +++ b/actions/admin/settings/120.system.php @@ -107,7 +107,8 @@ return [ 'varname' => 'enabled', 'type' => 'checkbox', 'default' => false, - 'save_method' => 'storeSettingField' + 'save_method' => 'storeSettingField', + 'required_otp' => true ], 'api_customer_default' => [ 'label' => lng('serversettings.api_customer_default'), diff --git a/actions/admin/settings/125.cronjob.php b/actions/admin/settings/125.cronjob.php index a04a8394..6c26bd11 100644 --- a/actions/admin/settings/125.cronjob.php +++ b/actions/admin/settings/125.cronjob.php @@ -46,7 +46,8 @@ return [ 'type' => 'text', 'string_regexp' => '/^[a-z0-9\/\._\- ]+$/i', 'default' => '/usr/bin/nice -n 5 /usr/bin/php -q', - 'save_method' => 'storeSettingField' + 'save_method' => 'storeSettingField', + 'required_otp' => true ], 'system_crondreload' => [ 'label' => lng('serversettings.system_crondreload'), @@ -55,7 +56,8 @@ return [ 'type' => 'text', 'string_regexp' => '/^[a-z0-9\/\._\- ]+$/i', 'default' => '/etc/init.d/cron reload', - 'save_method' => 'storeSettingField' + 'save_method' => 'storeSettingField', + 'required_otp' => true ], 'system_cron_allowautoupdate' => [ 'label' => lng('serversettings.system_cron_allowautoupdate'), @@ -63,7 +65,8 @@ return [ 'varname' => 'cron_allowautoupdate', 'type' => 'checkbox', 'default' => false, - 'save_method' => 'storeSettingField' + 'save_method' => 'storeSettingField', + 'required_otp' => true ] ] ] diff --git a/actions/admin/settings/130.webserver.php b/actions/admin/settings/130.webserver.php index e9e62dbb..84861fd9 100644 --- a/actions/admin/settings/130.webserver.php +++ b/actions/admin/settings/130.webserver.php @@ -308,7 +308,8 @@ return [ 'type' => 'text', 'string_regexp' => '/^[a-z0-9\/\._\- ]+$/i', 'default' => '/etc/init.d/apache2 reload', - 'save_method' => 'storeSettingField' + 'save_method' => 'storeSettingField', + 'required_otp' => true ], 'system_phpreload_command' => [ 'label' => lng('serversettings.phpreload_command'), @@ -320,7 +321,8 @@ return [ 'save_method' => 'storeSettingField', 'websrv_avail' => [ 'nginx' - ] + ], + 'required_otp' => true ], 'system_nginx_php_backend' => [ 'label' => lng('serversettings.nginx_php_backend'), diff --git a/actions/admin/settings/131.ssl.php b/actions/admin/settings/131.ssl.php index e2e00b0d..023f10a8 100644 --- a/actions/admin/settings/131.ssl.php +++ b/actions/admin/settings/131.ssl.php @@ -157,7 +157,8 @@ return [ 'string_type' => 'file', 'default' => '/root/.acme.sh/acme.sh', 'save_method' => 'storeSettingField', - 'advanced_mode' => true + 'advanced_mode' => true, + 'required_otp' => true ], 'system_letsencryptacmeconf' => [ 'label' => lng('serversettings.letsencryptacmeconf'), diff --git a/actions/admin/settings/136.phpfpm.php b/actions/admin/settings/136.phpfpm.php index a408c481..68e64517 100644 --- a/actions/admin/settings/136.phpfpm.php +++ b/actions/admin/settings/136.phpfpm.php @@ -126,7 +126,8 @@ return [ 'type' => 'textarea', 'default' => '', 'save_method' => 'storeSettingField', - 'advanced_mode' => true + 'advanced_mode' => true, + 'required_otp' => true ], 'phpfpm_ini_values' => [ 'label' => lng('phpfpm.ini_values'), @@ -135,7 +136,8 @@ return [ 'type' => 'textarea', 'default' => '', 'save_method' => 'storeSettingField', - 'advanced_mode' => true + 'advanced_mode' => true, + 'required_otp' => true ], 'phpfpm_ini_admin_flags' => [ 'label' => lng('phpfpm.ini_admin_flags'), @@ -144,7 +146,8 @@ return [ 'type' => 'textarea', 'default' => '', 'save_method' => 'storeSettingField', - 'advanced_mode' => true + 'advanced_mode' => true, + 'required_otp' => true ], 'phpfpm_ini_admin_values' => [ 'label' => lng('phpfpm.ini_admin_values'), @@ -153,7 +156,8 @@ return [ 'type' => 'textarea', 'default' => '', 'save_method' => 'storeSettingField', - 'advanced_mode' => true + 'advanced_mode' => true, + 'required_otp' => true ] ] ] diff --git a/actions/admin/settings/160.nameserver.php b/actions/admin/settings/160.nameserver.php index 5d6906b0..184d5991 100644 --- a/actions/admin/settings/160.nameserver.php +++ b/actions/admin/settings/160.nameserver.php @@ -80,7 +80,8 @@ return [ 'type' => 'text', 'string_regexp' => '/^[a-z0-9\/\._\- ]+$/i', 'default' => '/etc/init.d/bind9 reload', - 'save_method' => 'storeSettingField' + 'save_method' => 'storeSettingField', + 'required_otp' => true ], 'system_nameservers' => [ 'label' => lng('serversettings.nameservers'), @@ -111,7 +112,8 @@ return [ 'string_delimiter' => ',', 'string_emptyallowed' => true, 'default' => '', - 'save_method' => 'storeSettingField' + 'save_method' => 'storeSettingField', + 'required_otp' => true ], 'system_powerdns_mode' => [ 'label' => lng('serversettings.powerdns_mode'), diff --git a/actions/admin/settings/180.dkim.php b/actions/admin/settings/180.dkim.php index 7b2aada5..2feb67bc 100644 --- a/actions/admin/settings/180.dkim.php +++ b/actions/admin/settings/180.dkim.php @@ -137,7 +137,8 @@ return [ 'type' => 'text', 'string_regexp' => '/^[a-z0-9\/\._\- ]+$/i', 'default' => '/etc/init.d/dkim-filter restart', - 'save_method' => 'storeSettingField' + 'save_method' => 'storeSettingField', + 'required_otp' => true ] ] ] diff --git a/actions/admin/settings/210.security.php b/actions/admin/settings/210.security.php index cf0712a8..c45fa615 100644 --- a/actions/admin/settings/210.security.php +++ b/actions/admin/settings/210.security.php @@ -37,7 +37,8 @@ return [ 'varname' => 'unix_names', 'type' => 'checkbox', 'default' => true, - 'save_method' => 'storeSettingField' + 'save_method' => 'storeSettingField', + 'required_otp' => true ], 'system_mailpwcleartext' => [ 'label' => lng('serversettings.mailpwcleartext'), @@ -46,7 +47,8 @@ return [ 'type' => 'checkbox', 'default' => false, 'save_method' => 'storeSettingField', - 'advanced_mode' => true + 'advanced_mode' => true, + 'required_otp' => true ], 'system_passwordcryptfunc' => [ 'label' => lng('serversettings.passwordcryptfunc'), @@ -59,7 +61,8 @@ return [ 'getAvailablePasswordHashes' ], 'save_method' => 'storeSettingField', - 'advanced_mode' => true + 'advanced_mode' => true, + 'required_otp' => true ], 'system_allow_error_report_admin' => [ 'label' => lng('serversettings.allow_error_report_admin'), @@ -67,7 +70,8 @@ return [ 'varname' => 'allow_error_report_admin', 'type' => 'checkbox', 'default' => false, - 'save_method' => 'storeSettingField' + 'save_method' => 'storeSettingField', + 'required_otp' => true ], 'system_allow_error_report_customer' => [ 'label' => lng('serversettings.allow_error_report_customer'), @@ -75,7 +79,8 @@ return [ 'varname' => 'allow_error_report_customer', 'type' => 'checkbox', 'default' => false, - 'save_method' => 'storeSettingField' + 'save_method' => 'storeSettingField', + 'required_otp' => true ], 'system_allow_customer_shell' => [ 'label' => lng('serversettings.allow_allow_customer_shell'), @@ -84,7 +89,8 @@ return [ 'type' => 'checkbox', 'default' => false, 'save_method' => 'storeSettingField', - 'advanced_mode' => true + 'advanced_mode' => true, + 'required_otp' => true ], 'system_available_shells' => [ 'label' => lng('serversettings.available_shells'), @@ -94,7 +100,8 @@ return [ 'string_emptyallowed' => true, 'default' => '', 'save_method' => 'storeSettingField', - 'advanced_mode' => true + 'advanced_mode' => true, + 'required_otp' => true ], 'system_froxlorusergroup' => [ 'label' => lng('serversettings.froxlorusergroup'), @@ -108,7 +115,8 @@ return [ 'checkLocalGroup' ], 'visible' => Settings::Get('system.nssextrausers'), - 'advanced_mode' => true + 'advanced_mode' => true, + 'required_otp' => true ], ] ] diff --git a/actions/admin/settings/220.quota.php b/actions/admin/settings/220.quota.php index b7682bd1..8c0bbab3 100644 --- a/actions/admin/settings/220.quota.php +++ b/actions/admin/settings/220.quota.php @@ -44,24 +44,30 @@ return [ 'settinggroup' => 'system', 'varname' => 'diskquota_repquota_path', 'type' => 'text', + 'string_type' => 'file', 'default' => '/usr/sbin/repquota', - 'save_method' => 'storeSettingField' + 'save_method' => 'storeSettingField', + 'required_otp' => true ], 'system_diskquota_quotatool_path' => [ 'label' => lng('serversettings.diskquota_quotatool_path.description'), 'settinggroup' => 'system', 'varname' => 'diskquota_quotatool_path', 'type' => 'text', + 'string_type' => 'file', 'default' => '/usr/bin/quotatool', - 'save_method' => 'storeSettingField' + 'save_method' => 'storeSettingField', + 'required_otp' => true ], 'system_diskquota_customer_partition' => [ 'label' => lng('serversettings.diskquota_customer_partition.description'), 'settinggroup' => 'system', 'varname' => 'diskquota_customer_partition', 'type' => 'text', + 'string_type' => 'file', 'default' => '/dev/root', - 'save_method' => 'storeSettingField' + 'save_method' => 'storeSettingField', + 'required_otp' => true ] ] ] diff --git a/admin_settings.php b/admin_settings.php index b3c84e72..8d6fe497 100644 --- a/admin_settings.php +++ b/admin_settings.php @@ -77,7 +77,8 @@ if ($page == 'overview' && $userinfo['change_serversettings'] == '1') { if (Form::processForm($settings_data, $_POST, [ 'filename' => $filename, 'action' => $action, - 'page' => $page + 'page' => $page, + 'part' => $_part, ], $_part, $settings_all, $settings_part, $only_enabledisable)) { $log->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "rebuild configfiles due to changed setting"); Cronjob::inserttask(TaskId::REBUILD_VHOST); diff --git a/lib/Froxlor/CurrentUser.php b/lib/Froxlor/CurrentUser.php index 45168176..a6796b3a 100644 --- a/lib/Froxlor/CurrentUser.php +++ b/lib/Froxlor/CurrentUser.php @@ -25,10 +25,13 @@ namespace Froxlor; +use Exception; use Froxlor\Api\Commands\Customers; use Froxlor\Api\Commands\SubDomains; use Froxlor\Database\Database; use Froxlor\UI\Collection; +use Froxlor\UI\Response; +use RobThree\Auth\TwoFactorAuthException; /** * Class to manage the current user / session @@ -169,4 +172,65 @@ class CurrentUser return ($_SESSION['userinfo'][$resource . '_used'] < $_SESSION['userinfo'][$resource] || $_SESSION['userinfo'][$resource] == '-1') && $addition; } + + /** + * @throws TwoFactorAuthException + */ + public static function sendOtpEmail() + { + global $mail; + + if (self::getField('type_2fa') == 1) { + // generate code + $tfa = new FroxlorTwoFactorAuth('Froxlor ' . Settings::Get('system.hostname')); + $code = $tfa->getCode($tfa->createSecret()); + // set code for user + $table = TABLE_PANEL_CUSTOMERS; + $uid = 'customerid'; + if (self::isAdmin()) { + $table = TABLE_PANEL_ADMINS; + $uid = 'adminid'; + } + $stmt = Database::prepare("UPDATE $table SET `data_2fa` = :d2fa WHERE `$uid` = :uid"); + Database::pexecute($stmt, [ + "d2fa" => $code, + "uid" => self::getField($uid) + ]); + // build up & send email + $_mailerror = false; + $mailerr_msg = ""; + $replace_arr = [ + 'CODE' => $code + ]; + $mail_body = html_entity_decode(PhpHelper::replaceVariables(lng('mails.2fa.mailbody'), $replace_arr)); + + try { + $mail->Subject = lng('mails.2fa.subject'); + $mail->AltBody = $mail_body; + $mail->MsgHTML(str_replace("\n", "
    ", $mail_body)); + $mail->AddAddress(self::getField('email'), User::getCorrectUserSalutation(self::getData())); + $mail->Send(); + } catch (\PHPMailer\PHPMailer\Exception $e) { + $mailerr_msg = $e->errorMessage(); + $_mailerror = true; + } catch (Exception $e) { + $mailerr_msg = $e->getMessage(); + $_mailerror = true; + } + + if ($_mailerror) { + $rstlog = FroxlorLogger::getInstanceOf([ + 'loginname' => '2fa code-sending' + ]); + $rstlog->logAction(FroxlorLogger::ADM_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg); + Response::redirectTo('index.php', [ + 'showmessage' => '4', + 'customermail' => self::getField('email') + ]); + exit(); + } + + $mail->ClearAddresses(); + } + } } diff --git a/lib/Froxlor/Settings.php b/lib/Froxlor/Settings.php index d24a1c8a..dad81814 100644 --- a/lib/Froxlor/Settings.php +++ b/lib/Froxlor/Settings.php @@ -129,7 +129,8 @@ class Settings { // set defaults self::$conf = [ - 'enable_webupdate' => false + 'enable_webupdate' => false, + 'disable_otp_security_check' => false, ]; $configfile = Froxlor::getInstallDir() . '/lib/config.inc.php'; diff --git a/lib/Froxlor/UI/Form.php b/lib/Froxlor/UI/Form.php index acf0cdd8..17fafaa6 100644 --- a/lib/Froxlor/UI/Form.php +++ b/lib/Froxlor/UI/Form.php @@ -25,6 +25,8 @@ namespace Froxlor\UI; +use Froxlor\CurrentUser; +use Froxlor\FroxlorTwoFactorAuth; use Froxlor\Settings; use Froxlor\Validate\Check; @@ -183,6 +185,21 @@ class Form } } + // OTP security validation for sensitive settings + if (!Settings::Config('disable_otp_security_check') && isset($fielddata['required_otp']) && $do_show) { + $otp_enabled_system = (bool)Settings::Get('2fa.enabled'); + $otp_enabled_user = (int)CurrentUser::getField('type_2fa') != 0; + $do_show = !$fielddata['required_otp'] || ($otp_enabled_system && $otp_enabled_user); + if (!$do_show) { + $fielddata['note'] = lng('serversettings.option_required_otp'); + if (!$otp_enabled_system) { + $fielddata['note'] .= '
    ' . lng('2fa.2fa_not_activated'); + } elseif (!$otp_enabled_user) { + $fielddata['note'] .= '
    ' . lng('2fa.2fa_not_activated_for_user'); + } + } + } + if (!$do_show) { $fielddata['visible'] = false; } @@ -283,6 +300,38 @@ class Form } } } + if (!Settings::Config('disable_otp_security_check') && isset($fielddetails['required_otp']) && isset($changed_fields[$fieldname])) { + $otp_enabled_system = (bool)Settings::Get('2fa.enabled'); + $otp_enabled_user = (int)CurrentUser::getField('type_2fa') != 0; + $do_update = !$fielddetails['required_otp'] || ($otp_enabled_system && $otp_enabled_user); + if ($do_update) { + // setting that requires OTP verification + if (empty($input['otp_verification'])) { + // in case email 2fa is enabled, send it now + CurrentUser::sendOtpEmail(); + // build up form + if (is_array($url_params) && isset($url_params['filename'])) { + $filename = $url_params['filename']; + unset($url_params['filename']); + } else { + $filename = ''; + } + HTML::askOTP('please_enter_otp', $filename, array_merge($url_params, $submitted_fields)); + } else { + // validate given OTP code + $code = trim($input['otp_verification']); + $tfa = new FroxlorTwoFactorAuth('Froxlor ' . Settings::Get('system.hostname')); + $result = $tfa->verifyCode(CurrentUser::getField('data_2fa'), $code, 3); + if (!$result) { + Response::standardError('otpnotvalidated'); + } + } + } else { + // do not update this setting + unset($changed_fields[$fieldname]); + } + } + } } } diff --git a/lib/Froxlor/UI/HTML.php b/lib/Froxlor/UI/HTML.php index acf635a3..6fc398df 100644 --- a/lib/Froxlor/UI/HTML.php +++ b/lib/Froxlor/UI/HTML.php @@ -221,4 +221,17 @@ class HTML ]); exit(); } + + public static function askOTP(string $text, string $targetfile, array $params = [], string $replacer = '', array $back_link = []) + { + $text = lng('question.' . $text, [htmlspecialchars($replacer)]); + + Panel\UI::view('form/otpquestion.html.twig', [ + 'action' => $targetfile, + 'url_params' => $params, + 'question' => $text, + 'back_link' => $back_link + ]); + exit(); + } } diff --git a/lib/config.example.inc.php b/lib/config.example.inc.php index 7f34f735..cdec9462 100644 --- a/lib/config.example.inc.php +++ b/lib/config.example.inc.php @@ -11,4 +11,9 @@ return [ * updates the way the providers does it (e.g. automation, etc.) */ 'enable_webupdate' => false, + + /** + * @todo description + */ + 'disable_otp_security_check' => false, ]; diff --git a/lib/formfields/admin/phpconfig/formfield.fpmconfig_add.php b/lib/formfields/admin/phpconfig/formfield.fpmconfig_add.php index 0f8d005d..a2267655 100644 --- a/lib/formfields/admin/phpconfig/formfield.fpmconfig_add.php +++ b/lib/formfields/admin/phpconfig/formfield.fpmconfig_add.php @@ -44,7 +44,8 @@ return [ 'type' => 'text', 'maxlength' => 255, 'value' => 'service php7.4-fpm restart', - 'mandatory' => true + 'mandatory' => true, + 'required_otp' => true ], 'config_dir' => [ 'label' => lng('serversettings.phpfpm_settings.configdir'), diff --git a/lib/formfields/admin/phpconfig/formfield.fpmconfig_edit.php b/lib/formfields/admin/phpconfig/formfield.fpmconfig_edit.php index 49f5daf7..d52437f0 100644 --- a/lib/formfields/admin/phpconfig/formfield.fpmconfig_edit.php +++ b/lib/formfields/admin/phpconfig/formfield.fpmconfig_edit.php @@ -45,7 +45,8 @@ return [ 'type' => 'text', 'maxlength' => 255, 'value' => $result['reload_cmd'], - 'mandatory' => true + 'mandatory' => true, + 'required_otp' => true ], 'config_dir' => [ 'label' => lng('serversettings.phpfpm_settings.configdir'), diff --git a/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php b/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php index 1decbbd7..157171f0 100644 --- a/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php +++ b/lib/formfields/admin/phpconfig/formfield.phpconfig_add.php @@ -46,7 +46,8 @@ return [ 'label' => lng('admin.phpsettings.binary'), 'type' => 'text', 'maxlength' => 255, - 'value' => '/usr/bin/php-cgi' + 'value' => '/usr/bin/php-cgi', + 'required_otp' => true ], 'fpmconfig' => [ 'visible' => Settings::Get('phpfpm.enabled') == 1, @@ -61,7 +62,8 @@ return [ 'desc' => lng('admin.phpsettings.file_extensions_note'), 'type' => 'text', 'maxlength' => 255, - 'value' => 'php' + 'value' => 'php', + 'required_otp' => true ], 'mod_fcgid_starter' => [ 'visible' => Settings::Get('system.mod_fcgid') == 1, @@ -181,7 +183,8 @@ return [ 'cols' => 80, 'rows' => 20, 'value' => $result['phpsettings'], - 'mandatory' => true + 'mandatory' => true, + 'required_otp' => true ], 'allow_all_customers' => [ 'label' => lng('serversettings.phpfpm_settings.allow_all_customers.title'), diff --git a/lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php b/lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php index 11d59401..8216c27b 100644 --- a/lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php +++ b/lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php @@ -47,7 +47,8 @@ return [ 'label' => lng('admin.phpsettings.binary'), 'type' => 'text', 'maxlength' => 255, - 'value' => $result['binary'] + 'value' => $result['binary'], + 'required_otp' => true ], 'fpmconfig' => [ 'visible' => Settings::Get('phpfpm.enabled') == 1, @@ -62,7 +63,8 @@ return [ 'desc' => lng('admin.phpsettings.file_extensions_note'), 'type' => 'text', 'maxlength' => 255, - 'value' => $result['file_extensions'] + 'value' => $result['file_extensions'], + 'required_otp' => true ], 'mod_fcgid_starter' => [ 'visible' => Settings::Get('system.mod_fcgid') == 1, @@ -185,7 +187,8 @@ return [ 'cols' => 80, 'rows' => 20, 'value' => $result['phpsettings'], - 'mandatory' => true + 'mandatory' => true, + 'required_otp' => true ], 'allow_all_customers' => [ 'label' => lng('serversettings.phpfpm_settings.allow_all_customers.title'), diff --git a/templates/Froxlor/form/otpquestion.html.twig b/templates/Froxlor/form/otpquestion.html.twig new file mode 100644 index 00000000..06e5bc9a --- /dev/null +++ b/templates/Froxlor/form/otpquestion.html.twig @@ -0,0 +1,31 @@ +{% extends "Froxlor/userarea.html.twig" %} + +{% block content %} + +
    + + + +
    + +{% endblock %} From 067c9f8c76bf08ef1406cd9c7a887ac34d82d619 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Mon, 10 Jul 2023 13:52:49 +0200 Subject: [PATCH 46/87] add language strings for otp-validation Signed-off-by: Michael Kaufmann --- lib/Froxlor/UI/Form.php | 2 +- lng/de.lng.php | 3 +++ lng/en.lng.php | 3 +++ 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/Froxlor/UI/Form.php b/lib/Froxlor/UI/Form.php index 17fafaa6..e21fc727 100644 --- a/lib/Froxlor/UI/Form.php +++ b/lib/Froxlor/UI/Form.php @@ -191,7 +191,7 @@ class Form $otp_enabled_user = (int)CurrentUser::getField('type_2fa') != 0; $do_show = !$fielddata['required_otp'] || ($otp_enabled_system && $otp_enabled_user); if (!$do_show) { - $fielddata['note'] = lng('serversettings.option_required_otp'); + $fielddata['note'] = lng('serversettings.option_requires_otp'); if (!$otp_enabled_system) { $fielddata['note'] .= '
    ' . lng('2fa.2fa_not_activated'); } elseif (!$otp_enabled_user) { diff --git a/lng/de.lng.php b/lng/de.lng.php index 4dfd7818..f8054bdb 100644 --- a/lng/de.lng.php +++ b/lng/de.lng.php @@ -46,6 +46,8 @@ return [ '2fa_overview_desc' => 'Hier kann für das Konto eine Zwei-Faktor-Authentisierung aktiviert werden.

    Es kann entweder eine Authenticator-App (time-based one-time password / TOTP) genutzt werden oder ein Einmalpasswort, welches nach erfolgreichem Login an die hinterlegte E-Mail Adresse gesendet wird.', '2fa_email_desc' => 'Das Konto ist eingerichtet, um Einmalpasswörter per E-Mail zu erhalten. Zum Deaktivieren, klicke auf "2FA deaktivieren"', '2fa_ga_desc' => 'Das Konto ist eingerichtet, um zeitbasierte Einmalpasswörter via Authenticator-App zu erhalten. Um die gewünschte Authenticator-App einzurichten, scanne bitte den untenstehenden QR-Code. Zum Deaktivieren, klicke auf "2FA deaktivieren"', + '2fa_not_activated' => 'Zwei-Faktor Authentifizierung ist nicht aktiviert', + '2fa_not_activated_for_user' => 'Zwei-Faktor Authentifizierung ist für den aktuellen Benutzer nicht aktiviert', ], 'admin' => [ 'overview' => 'Übersicht', @@ -2090,6 +2092,7 @@ Vielen Dank, Ihr Administrator', 'title' => 'Rate-Limit-Intervall', 'description' => 'Zeit in Sekunden für die maximale Anzahl von HTTP-Anfragen, Standard ist "60".', ], + 'option_requires_otp' => 'Das Ändern dieser Einstellung erfordert OTP Validierung', ], 'spf' => [ 'use_spf' => 'Aktiviere SPF für Domains?', diff --git a/lng/en.lng.php b/lng/en.lng.php index a5e84bd5..39b69856 100644 --- a/lng/en.lng.php +++ b/lng/en.lng.php @@ -46,6 +46,8 @@ return [ '2fa_overview_desc' => 'Here you can activate a two-factor authentication for your account.

    You can either use an authenticator-app (time-based one-time password / TOTP) or let froxlor send you an email to your account-address after each successful login with a one-time password.', '2fa_email_desc' => 'Your account is set up to use one-time passwords via e-mail. To deactivate, click on "Deactivate 2FA"', '2fa_ga_desc' => 'Your account is set up to use time-based one-time passwords via authenticator-app. Please scan the QR code below with your desired authenticator app to generate the codes. To deactivate, click on "Deactivate 2FA"', + '2fa_not_activated' => 'Two-factor authentication is not enabled', + '2fa_not_activated_for_user' => 'Two-factor authentication is not enabled for the current user', ], 'admin' => [ 'overview' => 'Overview', @@ -2215,6 +2217,7 @@ Yours sincerely, your administrator', 'title' => 'Rate-limit interval', 'description' => 'Specify the time in seconds for the number of HTTP requests, default is "60"', ], + 'option_requires_otp' => 'This setting requires an OTP validation', ], 'spf' => [ 'use_spf' => 'Activate SPF for domains?', From 1662745991e43ab54084ef5271eaf63c8a87c6e0 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Sun, 16 Jul 2023 16:44:46 +0200 Subject: [PATCH 47/87] validate non-empy admin-name in Admins.update() Signed-off-by: Michael Kaufmann --- lib/Froxlor/Api/ApiParameter.php | 28 ++++++++++++++-------------- lib/Froxlor/Api/Commands/Admins.php | 12 ++++++++++++ lib/Froxlor/Validate/Validate.php | 2 +- 3 files changed, 27 insertions(+), 15 deletions(-) diff --git a/lib/Froxlor/Api/ApiParameter.php b/lib/Froxlor/Api/ApiParameter.php index 6fbb1643..fdefb549 100644 --- a/lib/Froxlor/Api/ApiParameter.php +++ b/lib/Froxlor/Api/ApiParameter.php @@ -39,12 +39,12 @@ abstract class ApiParameter /** * - * @param array $params + * @param array|null $params * optional, array of parameters (var=>value) for the command * * @throws Exception */ - public function __construct($params = null) + public function __construct(array $params = null) { if (!is_null($params)) { $params = $this->trimArray($params); @@ -57,7 +57,7 @@ abstract class ApiParameter * * @param array $input * - * @return array + * @return string|array */ private function trimArray($input) { @@ -79,9 +79,9 @@ abstract class ApiParameter /** * get specific parameter which also has and unlimited-field * - * @param string $param + * @param string|null $param * parameter to get out of the request-parameter list - * @param string $ul_field + * @param string|null $ul_field * parameter to get out of the request-parameter list * @param bool $optional * default: false @@ -91,7 +91,7 @@ abstract class ApiParameter * @return mixed * @throws Exception */ - protected function getUlParam($param = null, $ul_field = null, $optional = false, $default = 0) + protected function getUlParam(string $param = null, string $ul_field = null, bool $optional = false, $default = 0) { $param_value = (int)$this->getParam($param, $optional, $default); $ul_field_value = $this->getBoolParam($ul_field, true, 0); @@ -102,11 +102,11 @@ abstract class ApiParameter } /** - * get specific parameter from the parameterlist; + * get specific parameter from the parameter list; * check for existence and != empty if needed. * Maybe more in the future * - * @param string $param + * @param string|null $param * parameter to get out of the request-parameter list * @param bool $optional * default: false @@ -116,7 +116,7 @@ abstract class ApiParameter * @return mixed * @throws Exception */ - protected function getParam($param = null, $optional = false, $default = '') + protected function getParam(string $param = null, bool $optional = false, $default = '') { // does it exist? if (!isset($this->cmd_params[$param])) { @@ -128,7 +128,7 @@ abstract class ApiParameter return $default; } // is it empty? - test really on string, as value 0 is being seen as empty by php - if ($this->cmd_params[$param] === "") { + if (!is_array($this->cmd_params[$param]) && trim($this->cmd_params[$param]) === "") { if ($optional === false) { // get module + function for better error-messages $inmod = $this->getModFunctionString(); @@ -142,7 +142,7 @@ abstract class ApiParameter /** * returns "module::function()" for better error-messages (missing parameter etc.) - * makes debugging a whole lot more comfortable + * makes debugging a lot more comfortable * * @param int $level * depth of backtrace, default 2 @@ -152,7 +152,7 @@ abstract class ApiParameter * * @return string */ - private function getModFunctionString($level = 1, $max_level = 5, $trace = null) + private function getModFunctionString(int $level = 1, int $max_level = 5, $trace = null) { // which class called us $_class = get_called_class(); @@ -174,7 +174,7 @@ abstract class ApiParameter /** * getParam wrapper for boolean parameter * - * @param string $param + * @param string|null $param * parameter to get out of the request-parameter list * @param bool $optional * default: false @@ -183,7 +183,7 @@ abstract class ApiParameter * * @return string */ - protected function getBoolParam($param = null, $optional = false, $default = false) + protected function getBoolParam(string $param = null, bool $optional = false, $default = false) { $_default = '0'; if ($default) { diff --git a/lib/Froxlor/Api/Commands/Admins.php b/lib/Froxlor/Api/Commands/Admins.php index 10175ddf..8f919a9c 100644 --- a/lib/Froxlor/Api/Commands/Admins.php +++ b/lib/Froxlor/Api/Commands/Admins.php @@ -584,6 +584,18 @@ class Admins extends ApiCommand implements ResourceEntity $theme = Settings::Get('panel.default_theme'); } + if (empty(trim($name))) { + Response::standardError([ + 'stringisempty', + 'admin.name' + ], '', true); + } + if (empty(trim($email))) { + Response::standardError([ + 'stringisempty', + 'admin.email' + ], '', true); + } if (!Validate::validateEmail($email)) { Response::standardError('emailiswrong', $email, true); } else { diff --git a/lib/Froxlor/Validate/Validate.php b/lib/Froxlor/Validate/Validate.php index ae57e5ab..794d217a 100644 --- a/lib/Froxlor/Validate/Validate.php +++ b/lib/Froxlor/Validate/Validate.php @@ -260,7 +260,7 @@ class Validate } /** - * Returns if an emailaddress is in correct format or not + * Returns if an email-address is in correct format or not * * @param string $email The email address to check * From b791cd5c3ea4e54d7da1554531add29c3b4609ee Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Sun, 16 Jul 2023 17:09:45 +0200 Subject: [PATCH 48/87] fix optional-flag for IpsAndPorts.add() and IpsAndPorts.update() Signed-off-by: Michael Kaufmann --- lib/Froxlor/Api/Commands/IpsAndPorts.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/Froxlor/Api/Commands/IpsAndPorts.php b/lib/Froxlor/Api/Commands/IpsAndPorts.php index 0aac2182..ffb6600b 100644 --- a/lib/Froxlor/Api/Commands/IpsAndPorts.php +++ b/lib/Froxlor/Api/Commands/IpsAndPorts.php @@ -175,9 +175,9 @@ class IpsAndPorts extends ApiCommand implements ResourceEntity $docroot = Validate::validate($this->getParam('docroot', true, ''), 'docroot', Validate::REGEX_DIR, '', [], true); if ((int)Settings::Get('system.use_ssl') == 1) { - $ssl = !empty($this->getBoolParam('ssl', true, 0)) ? intval($this->getBoolParam('ssl', true, 0)) : 0; - $ssl_cert_file = Validate::validate($this->getParam('ssl_cert_file', $ssl, ''), 'ssl_cert_file', '', '', [], true); - $ssl_key_file = Validate::validate($this->getParam('ssl_key_file', $ssl, ''), 'ssl_key_file', '', '', [], true); + $ssl = (bool)$this->getBoolParam('ssl', true, 0); + $ssl_cert_file = Validate::validate($this->getParam('ssl_cert_file', !$ssl, ''), 'ssl_cert_file', '', '', [], true); + $ssl_key_file = Validate::validate($this->getParam('ssl_key_file', !$ssl, ''), 'ssl_key_file', '', '', [], true); $ssl_ca_file = Validate::validate($this->getParam('ssl_ca_file', true, ''), 'ssl_ca_file', '', '', [], true); $ssl_cert_chainfile = Validate::validate($this->getParam('ssl_cert_chainfile', true, ''), 'ssl_cert_chainfile', '', '', [], true); $sslss = $this->getParam('ssl_specialsettings', true, ''); @@ -414,9 +414,9 @@ class IpsAndPorts extends ApiCommand implements ResourceEntity $docroot = Validate::validate($this->getParam('docroot', true, $result['docroot']), 'docroot', Validate::REGEX_DIR, '', [], true); if ((int)Settings::Get('system.use_ssl') == 1) { - $ssl = $this->getBoolParam('ssl', true, $result['ssl']); - $ssl_cert_file = Validate::validate($this->getParam('ssl_cert_file', $ssl, $result['ssl_cert_file']), 'ssl_cert_file', '', '', [], true); - $ssl_key_file = Validate::validate($this->getParam('ssl_key_file', $ssl, $result['ssl_key_file']), 'ssl_key_file', '', '', [], true); + $ssl = (bool)$this->getBoolParam('ssl', true, $result['ssl']); + $ssl_cert_file = Validate::validate($this->getParam('ssl_cert_file', !$ssl, $result['ssl_cert_file']), 'ssl_cert_file', '', '', [], true); + $ssl_key_file = Validate::validate($this->getParam('ssl_key_file', !$ssl, $result['ssl_key_file']), 'ssl_key_file', '', '', [], true); $ssl_ca_file = Validate::validate($this->getParam('ssl_ca_file', true, $result['ssl_ca_file']), 'ssl_ca_file', '', '', [], true); $ssl_cert_chainfile = Validate::validate($this->getParam('ssl_cert_chainfile', true, $result['ssl_cert_chainfile']), 'ssl_cert_chainfile', '', '', [], true); $sslss = $this->getParam('ssl_specialsettings', true, $result['ssl_specialsettings']); From 947df2079f424a6fdb8464fe225d1ba01431a5ab Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Fri, 21 Jul 2023 08:54:29 +0200 Subject: [PATCH 49/87] rework path to certificates non-ecc/ecc, regardless of current setting Signed-off-by: Michael Kaufmann --- lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php | 65 +++++++++++--------- 1 file changed, 36 insertions(+), 29 deletions(-) diff --git a/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php b/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php index 9c5d4d10..514dcc3d 100644 --- a/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php +++ b/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php @@ -236,9 +236,12 @@ class AcmeSh extends FroxlorCron return false; } - private static function checkFsFilesAreNewer($domain, $cert_date = 0) + private static function checkFsFilesAreNewer($domain, $cert_date = 0): bool { - $certificate_folder = self::getWorkingDirFromEnv(strtolower($domain)); + $certificate_folder = self::getCertificateFolder(strtolower($domain)); + if (empty($certificate_folder)) { + return false; + } $ssl_file = FileDir::makeCorrectFile($certificate_folder . '/' . strtolower($domain) . '.cer'); if (is_dir($certificate_folder) && file_exists($ssl_file) && is_readable($ssl_file)) { @@ -250,9 +253,13 @@ class AcmeSh extends FroxlorCron return false; } - public static function getWorkingDirFromEnv($domain = "", $forced_noecc = false) + public static function getWorkingDirFromEnv($domain = "", $forced_ecc = false): string { - if (Settings::Get('system.leecc') > 0 && !$forced_noecc) { + // first try without _ecc either if it's enabled currently or not as + // it might have been at some point so there is a chance we have certificates + // with and without _ecc - the method getCertificateFolder() will check both + // possibilities + if ($forced_ecc) { $domain .= "_ecc"; } $env_file = FileDir::makeCorrectFile(dirname(self::getAcmeSh()) . '/acme.sh.env'); @@ -262,7 +269,7 @@ class AcmeSh extends FroxlorCron cut -d'"' -f2 EOC; exec('grep "LE_WORKING_DIR" ' . escapeshellarg($env_file) . ' | ' . $cut, $output); - if (is_array($output) && !empty($output) && isset($output[0]) && !empty($output[0])) { + if (is_array($output) && !empty($output) && !empty($output[0])) { return FileDir::makeCorrectDir($output[0] . "/" . $domain); } } @@ -635,35 +642,21 @@ EOC; */ private static function readCertificateToVar($domain, &$return, &$cronlog) { - $certificate_folder = self::getWorkingDirFromEnv($domain); - $certificate_folder_noecc = null; - if (Settings::Get('system.leecc') > 0) { - $certificate_folder_noecc = self::getWorkingDirFromEnv($domain, true); - } - $certificate_folder = FileDir::makeCorrectDir($certificate_folder); + $certificate_folder = self::getCertificateFolder($domain); - if (is_dir($certificate_folder) || is_dir($certificate_folder_noecc)) { - foreach ( - [ - 'crt' => $domain . '.cer', - 'key' => $domain . '.key', - 'chain' => 'ca.cer', - 'fullchain' => 'fullchain.cer', - 'csr' => $domain . '.csr' - ] as $index => $sslfile - ) { + if (!empty($certificate_folder)) { + $certificate_files = [ + 'crt' => $domain . '.cer', + 'key' => $domain . '.key', + 'chain' => 'ca.cer', + 'fullchain' => 'fullchain.cer', + 'csr' => $domain . '.csr' + ]; + foreach ($certificate_files as $index => $sslfile) { $ssl_file = FileDir::makeCorrectFile($certificate_folder . '/' . $sslfile); if (file_exists($ssl_file)) { $return[$index] = file_get_contents($ssl_file); } else { - if (!empty($certificate_folder_noecc)) { - $ssl_file_fb = FileDir::makeCorrectFile($certificate_folder_noecc . '/' . $sslfile); - if (file_exists($ssl_file_fb)) { - $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_WARNING, "ECC certificates activated but found only non-ecc file"); - $return[$index] = file_get_contents($ssl_file_fb); - continue; - } - } $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_ERR, "Could not find file '" . $sslfile . "' in '" . $certificate_folder . "'"); $return[$index] = null; } @@ -672,4 +665,18 @@ EOC; $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_ERR, "Could not find certificate-folder '" . $certificate_folder . "'"); } } + + private static function getCertificateFolder(string $domain): string + { + $certificate_folder = self::getWorkingDirFromEnv(strtolower($domain)); + if (file_exists($certificate_folder)) { + return $certificate_folder; + } + $certificate_folder_ecc = self::getWorkingDirFromEnv($domain, true); + if (file_exists($certificate_folder_ecc)) { + return $certificate_folder_ecc; + } + FroxlorLogger::getInstanceOf()->logAction(FroxlorLogger::CRON_ACTION, LOG_ERR, "Could not find certificate-folder for domain '" . $domain . "'"); + return ""; + } } From 6616bd9a3859a7c23dcc0bc1e217fc5b25f2f079 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Sat, 22 Jul 2023 13:00:11 +0200 Subject: [PATCH 50/87] adjust proftpd config for debian 12 bookworm Signed-off-by: Michael Kaufmann --- lib/configfiles/bookworm.xml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/lib/configfiles/bookworm.xml b/lib/configfiles/bookworm.xml index d0d89f4b..fb4d0ab3 100644 --- a/lib/configfiles/bookworm.xml +++ b/lib/configfiles/bookworm.xml @@ -2602,7 +2602,6 @@ ServerName " FTP Server" ServerType standalone DeferWelcome off -MultilineRFC2228 on DefaultServer on ShowSymlinks on @@ -2941,7 +2940,6 @@ SQLNamedQuery get-quota-limit SELECT "ftp_users.username AS name, ftp_quotalimit SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used,bytes_out_used, bytes_xfer_used, files_in_used, files_out_used,files_xfer_used FROM ftp_quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'" SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used= files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name= '%{6}' AND quota_type = '%{7}'" ftp_quotatallies SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}, %{7}" ftp_quotatallies - ]]> @@ -2957,7 +2955,7 @@ TLSRSACertificateFile /etc/ssl/certs/proftpd.crt TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key TLSECCertificateFile /etc/ssl/certs/proftpd_ec.crt TLSECCertificateKeyFile /etc/ssl/private/proftpd_ec.key -TLSOptions NoCertRequest NoSessionReuseRequired +TLSOptions NoSessionReuseRequired TLSVerifyClient off # Are clients required to use FTP over TLS when talking to this server? From 5f05478c762642aed326c914976fc403fe2147b5 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Mon, 24 Jul 2023 10:38:44 +0200 Subject: [PATCH 51/87] improve/update proftpd configuration template; fixes #1148 Signed-off-by: Michael Kaufmann --- lib/Froxlor/Cli/ConfigServices.php | 2 +- lib/configfiles/bionic.xml | 41 +++++++++++++++++++++++++----- lib/configfiles/bookworm.xml | 37 ++++++++++++++++++++++++--- lib/configfiles/bullseye.xml | 41 +++++++++++++++++++++++++----- lib/configfiles/buster.xml | 41 +++++++++++++++++++++++++----- lib/configfiles/focal.xml | 41 +++++++++++++++++++++++++----- lib/configfiles/gentoo.xml | 37 ++++++++++++++++++++++----- lib/configfiles/jammy.xml | 41 +++++++++++++++++++++++++----- 8 files changed, 241 insertions(+), 40 deletions(-) diff --git a/lib/Froxlor/Cli/ConfigServices.php b/lib/Froxlor/Cli/ConfigServices.php index 155c0afd..4fa1fcda 100644 --- a/lib/Froxlor/Cli/ConfigServices.php +++ b/lib/Froxlor/Cli/ConfigServices.php @@ -42,7 +42,7 @@ final class ConfigServices extends CliCommand { private $yes_to_all_supported = [ - /* 'bookworm', */ + 'bookworm', 'bionic', 'bullseye', 'buster', diff --git a/lib/configfiles/bionic.xml b/lib/configfiles/bionic.xml index 76ccc55c..f031ec18 100644 --- a/lib/configfiles/bionic.xml +++ b/lib/configfiles/bionic.xml @@ -1529,7 +1529,7 @@ user = password = dbname = hosts = -query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' +query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' AND deactivated = 0 ]]> @@ -3962,7 +3962,6 @@ ServerName " FTP Server" ServerType standalone DeferWelcome off -MultilineRFC2228 on DefaultServer on ShowSymlinks on @@ -4299,7 +4298,6 @@ SQLNamedQuery get-quota-limit SELECT "ftp_users.username AS name, ftp_quotalimit SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used,bytes_out_used, bytes_xfer_used, files_in_used, files_out_used,files_xfer_used FROM ftp_quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'" SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used= files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name= '%{6}' AND quota_type = '%{7}'" ftp_quotatallies SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}, %{7}" ftp_quotatallies - ]]> @@ -4310,16 +4308,16 @@ SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6} TLSEngine on TLSLog /var/log/proftpd/tls.log -TLSProtocol TLSv1 TLSv1.1 TLSv1.2 +TLSProtocol TLSv1.2 TLSv1.3 TLSRSACertificateFile /etc/ssl/certs/proftpd.crt TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key TLSECCertificateFile /etc/ssl/certs/proftpd_ec.crt TLSECCertificateKeyFile /etc/ssl/private/proftpd_ec.key -TLSOptions NoCertRequest NoSessionReuseRequired +TLSOptions NoSessionReuseRequired TLSVerifyClient off # Are clients required to use FTP over TLS when talking to this server? -#TLSRequired on +TLSRequired on # Allow SSL/TLS renegotiations when the client requests them, but # do not force the renegotiations. Some clients do not support @@ -4332,6 +4330,37 @@ TLSVerifyClient off ]]> + + +From 127.0.0.1 + + +MaxLoginAttempts 3 + + + BanEngine off + + + BanEngine on + +BanLog /var/log/proftpd/ban.log +BanTable /etc/proftpd/ban.tab +BanMessage "User %u was banned." +BanOnEvent ClientConnectRate 5/00:00:02 12:00:00 "Stop connecting frequently" +BanOnEvent MaxLoginAttempts 3/00:30:00 12:00:00 +BanOnEvent AnonRejectPasswords 1/01:00:00 99:99:99 +BanControlsACLs all allow user root + + + +BanEngine off +DelayEngine off + + ]]> + + diff --git a/lib/configfiles/bookworm.xml b/lib/configfiles/bookworm.xml index fb4d0ab3..88f60b44 100644 --- a/lib/configfiles/bookworm.xml +++ b/lib/configfiles/bookworm.xml @@ -1488,7 +1488,7 @@ user = password = dbname = hosts = -query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' +query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' AND deactivated = 0 ]]> @@ -2950,7 +2950,7 @@ SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6} TLSEngine on TLSLog /var/log/proftpd/tls.log -TLSProtocol TLSv1 TLSv1.1 TLSv1.2 +TLSProtocol TLSv1.2 TLSv1.3 TLSRSACertificateFile /etc/ssl/certs/proftpd.crt TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key TLSECCertificateFile /etc/ssl/certs/proftpd_ec.crt @@ -2959,7 +2959,7 @@ TLSOptions NoSessionReuseRequired TLSVerifyClient off # Are clients required to use FTP over TLS when talking to this server? -#TLSRequired on +TLSRequired on # Allow SSL/TLS renegotiations when the client requests them, but # do not force the renegotiations. Some clients do not support @@ -2972,6 +2972,37 @@ TLSVerifyClient off ]]> + + +From 127.0.0.1 + + +MaxLoginAttempts 3 + + + BanEngine off + + + BanEngine on + +BanLog /var/log/proftpd/ban.log +BanTable /etc/proftpd/ban.tab +BanMessage "User %u was banned." +BanOnEvent ClientConnectRate 5/00:00:02 12:00:00 "Stop connecting frequently" +BanOnEvent MaxLoginAttempts 3/00:30:00 12:00:00 +BanOnEvent AnonRejectPasswords 1/01:00:00 99:99:99 +BanControlsACLs all allow user root + + + +BanEngine off +DelayEngine off + + ]]> + + diff --git a/lib/configfiles/bullseye.xml b/lib/configfiles/bullseye.xml index 1b7d352d..0db23717 100644 --- a/lib/configfiles/bullseye.xml +++ b/lib/configfiles/bullseye.xml @@ -1488,7 +1488,7 @@ user = password = dbname = hosts = -query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' +query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' AND deactivated = 0 ]]> @@ -4172,7 +4172,6 @@ ServerName " FTP Server" ServerType standalone DeferWelcome off -MultilineRFC2228 on DefaultServer on ShowSymlinks on @@ -4511,7 +4510,6 @@ SQLNamedQuery get-quota-limit SELECT "ftp_users.username AS name, ftp_quotalimit SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used,bytes_out_used, bytes_xfer_used, files_in_used, files_out_used,files_xfer_used FROM ftp_quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'" SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used= files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name= '%{6}' AND quota_type = '%{7}'" ftp_quotatallies SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}, %{7}" ftp_quotatallies - ]]> @@ -4522,16 +4520,16 @@ SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6} TLSEngine on TLSLog /var/log/proftpd/tls.log -TLSProtocol TLSv1 TLSv1.1 TLSv1.2 +TLSProtocol TLSv1.2 TLSv1.3 TLSRSACertificateFile /etc/ssl/certs/proftpd.crt TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key TLSECCertificateFile /etc/ssl/certs/proftpd_ec.crt TLSECCertificateKeyFile /etc/ssl/private/proftpd_ec.key -TLSOptions NoCertRequest NoSessionReuseRequired +TLSOptions NoSessionReuseRequired TLSVerifyClient off # Are clients required to use FTP over TLS when talking to this server? -#TLSRequired on +TLSRequired on # Allow SSL/TLS renegotiations when the client requests them, but # do not force the renegotiations. Some clients do not support @@ -4544,6 +4542,37 @@ TLSVerifyClient off ]]> + + +From 127.0.0.1 + + +MaxLoginAttempts 3 + + + BanEngine off + + + BanEngine on + +BanLog /var/log/proftpd/ban.log +BanTable /etc/proftpd/ban.tab +BanMessage "User %u was banned." +BanOnEvent ClientConnectRate 5/00:00:02 12:00:00 "Stop connecting frequently" +BanOnEvent MaxLoginAttempts 3/00:30:00 12:00:00 +BanOnEvent AnonRejectPasswords 1/01:00:00 99:99:99 +BanControlsACLs all allow user root + + + +BanEngine off +DelayEngine off + + ]]> + + diff --git a/lib/configfiles/buster.xml b/lib/configfiles/buster.xml index 82d2f4b2..91a2f359 100644 --- a/lib/configfiles/buster.xml +++ b/lib/configfiles/buster.xml @@ -1488,7 +1488,7 @@ user = password = dbname = hosts = -query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' +query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' AND deactivated = 0 ]]> @@ -4165,7 +4165,6 @@ ServerName " FTP Server" ServerType standalone DeferWelcome off -MultilineRFC2228 on DefaultServer on ShowSymlinks on @@ -4502,7 +4501,6 @@ SQLNamedQuery get-quota-limit SELECT "ftp_users.username AS name, ftp_quotalimit SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used,bytes_out_used, bytes_xfer_used, files_in_used, files_out_used,files_xfer_used FROM ftp_quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'" SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used= files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name= '%{6}' AND quota_type = '%{7}'" ftp_quotatallies SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}, %{7}" ftp_quotatallies - ]]> @@ -4513,16 +4511,16 @@ SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6} TLSEngine on TLSLog /var/log/proftpd/tls.log -TLSProtocol TLSv1 TLSv1.1 TLSv1.2 +TLSProtocol TLSv1.2 TLSv1.3 TLSRSACertificateFile /etc/ssl/certs/proftpd.crt TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key TLSECCertificateFile /etc/ssl/certs/proftpd_ec.crt TLSECCertificateKeyFile /etc/ssl/private/proftpd_ec.key -TLSOptions NoCertRequest NoSessionReuseRequired +TLSOptions NoSessionReuseRequired TLSVerifyClient off # Are clients required to use FTP over TLS when talking to this server? -#TLSRequired on +TLSRequired on # Allow SSL/TLS renegotiations when the client requests them, but # do not force the renegotiations. Some clients do not support @@ -4535,6 +4533,37 @@ TLSVerifyClient off ]]> + + +From 127.0.0.1 + + +MaxLoginAttempts 3 + + + BanEngine off + + + BanEngine on + +BanLog /var/log/proftpd/ban.log +BanTable /etc/proftpd/ban.tab +BanMessage "User %u was banned." +BanOnEvent ClientConnectRate 5/00:00:02 12:00:00 "Stop connecting frequently" +BanOnEvent MaxLoginAttempts 3/00:30:00 12:00:00 +BanOnEvent AnonRejectPasswords 1/01:00:00 99:99:99 +BanControlsACLs all allow user root + + + +BanEngine off +DelayEngine off + + ]]> + + diff --git a/lib/configfiles/focal.xml b/lib/configfiles/focal.xml index 96563815..2707b002 100644 --- a/lib/configfiles/focal.xml +++ b/lib/configfiles/focal.xml @@ -1517,7 +1517,7 @@ user = password = dbname = hosts = -query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' +query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' AND deactivated = 0 ]]> @@ -3393,7 +3393,6 @@ ServerName " FTP Server" ServerType standalone DeferWelcome off -MultilineRFC2228 on DefaultServer on ShowSymlinks on @@ -3730,7 +3729,6 @@ SQLNamedQuery get-quota-limit SELECT "ftp_users.username AS name, ftp_quotalimit SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used,bytes_out_used, bytes_xfer_used, files_in_used, files_out_used,files_xfer_used FROM ftp_quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'" SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used= files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name= '%{6}' AND quota_type = '%{7}'" ftp_quotatallies SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}, %{7}" ftp_quotatallies - ]]> @@ -3741,16 +3739,16 @@ SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6} TLSEngine on TLSLog /var/log/proftpd/tls.log -TLSProtocol TLSv1 TLSv1.1 TLSv1.2 +TLSProtocol TLSv1.2 TLSv1.3 TLSRSACertificateFile /etc/ssl/certs/proftpd.crt TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key TLSECCertificateFile /etc/ssl/certs/proftpd_ec.crt TLSECCertificateKeyFile /etc/ssl/private/proftpd_ec.key -TLSOptions NoCertRequest NoSessionReuseRequired +TLSOptions NoSessionReuseRequired TLSVerifyClient off # Are clients required to use FTP over TLS when talking to this server? -#TLSRequired on +TLSRequired on # Allow SSL/TLS renegotiations when the client requests them, but # do not force the renegotiations. Some clients do not support @@ -3763,6 +3761,37 @@ TLSVerifyClient off ]]> + + +From 127.0.0.1 + + +MaxLoginAttempts 3 + + + BanEngine off + + + BanEngine on + +BanLog /var/log/proftpd/ban.log +BanTable /etc/proftpd/ban.tab +BanMessage "User %u was banned." +BanOnEvent ClientConnectRate 5/00:00:02 12:00:00 "Stop connecting frequently" +BanOnEvent MaxLoginAttempts 3/00:30:00 12:00:00 +BanOnEvent AnonRejectPasswords 1/01:00:00 99:99:99 +BanControlsACLs all allow user root + + + +BanEngine off +DelayEngine off + + ]]> + + diff --git a/lib/configfiles/gentoo.xml b/lib/configfiles/gentoo.xml index 697c8924..68d539e6 100644 --- a/lib/configfiles/gentoo.xml +++ b/lib/configfiles/gentoo.xml @@ -1,6 +1,6 @@ - @@ -1473,7 +1473,7 @@ user = password = dbname = hosts = -query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' +query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' AND deactivated = 0 ]]> @@ -3421,7 +3421,6 @@ MaxInstances 50 # General settings DeferWelcome on -MultilineRFC2228 on ShowSymlinks on AllowOverwrite on AllowStoreRestart on @@ -3487,10 +3486,10 @@ SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6} TLSEngine on TLSLog /var/log/proftpd-tls.log -TLSProtocol TLSv1 TLSv1.1 TLSv1.2 +TLSProtocol TLSv1.2 TLSv1.3 #TLSTimeoutHandshake 120 # Really important for WinClients and some clients -TLSOptions NoCertRequest NoSessionReuseRequired +TLSOptions NoSessionReuseRequired TLSRSACertificateFile /etc/ssl/certs/proftpd.crt TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key TLSECCertificateFile /etc/ssl/certs/proftpd_ec.crt @@ -3499,7 +3498,7 @@ TLSECCertificateKeyFile /etc/ssl/private/proftpd_ec.key # Authenticate client that want to use FTP over TLS? TLSVerifyClient off # Uncomment the following line to force tls login -#TLSRequired on +TLSRequired on # LOG settings @@ -3517,6 +3516,32 @@ ExtendedLog /var/log/proftpd-access.log WRITE,READ write # make proftpd faster / do not perform ident and reverse dns lookup UseReverseDNS off + + +From 127.0.0.1 + + +MaxLoginAttempts 3 + + + BanEngine off + + + BanEngine on + +BanLog /var/log/proftpd-ban.log +BanTable /etc/proftpd/ban.tab +BanMessage "User %u was banned." +BanOnEvent ClientConnectRate 5/00:00:02 12:00:00 "Stop connecting frequently" +BanOnEvent MaxLoginAttempts 3/00:30:00 12:00:00 +BanOnEvent AnonRejectPasswords 1/01:00:00 99:99:99 +BanControlsACLs all allow user root + + + +BanEngine off +DelayEngine off + ]]> diff --git a/lib/configfiles/jammy.xml b/lib/configfiles/jammy.xml index 1ffcf68b..ab44b42d 100644 --- a/lib/configfiles/jammy.xml +++ b/lib/configfiles/jammy.xml @@ -1517,7 +1517,7 @@ user = password = dbname = hosts = -query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' +query = SELECT domain FROM panel_domains WHERE domain = '%s' AND isemaildomain = '1' AND deactivated = 0 ]]> @@ -3385,7 +3385,6 @@ ServerName " FTP Server" ServerType standalone DeferWelcome off -MultilineRFC2228 on DefaultServer on ShowSymlinks on @@ -3722,7 +3721,6 @@ SQLNamedQuery get-quota-limit SELECT "ftp_users.username AS name, ftp_quotalimit SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used,bytes_out_used, bytes_xfer_used, files_in_used, files_out_used,files_xfer_used FROM ftp_quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'" SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used= files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name= '%{6}' AND quota_type = '%{7}'" ftp_quotatallies SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}, %{7}" ftp_quotatallies - ]]> @@ -3733,16 +3731,16 @@ SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6} TLSEngine on TLSLog /var/log/proftpd/tls.log -TLSProtocol TLSv1 TLSv1.1 TLSv1.2 +TLSProtocol TLSv1.2 TLSv1.3 TLSRSACertificateFile /etc/ssl/certs/proftpd.crt TLSRSACertificateKeyFile /etc/ssl/private/proftpd.key TLSECCertificateFile /etc/ssl/certs/proftpd_ec.crt TLSECCertificateKeyFile /etc/ssl/private/proftpd_ec.key -TLSOptions NoCertRequest NoSessionReuseRequired +TLSOptions NoSessionReuseRequired TLSVerifyClient off # Are clients required to use FTP over TLS when talking to this server? -#TLSRequired on +TLSRequired on # Allow SSL/TLS renegotiations when the client requests them, but # do not force the renegotiations. Some clients do not support @@ -3755,6 +3753,37 @@ TLSVerifyClient off ]]> + + +From 127.0.0.1 + + +MaxLoginAttempts 3 + + + BanEngine off + + + BanEngine on + +BanLog /var/log/proftpd/ban.log +BanTable /etc/proftpd/ban.tab +BanMessage "User %u was banned." +BanOnEvent ClientConnectRate 5/00:00:02 12:00:00 "Stop connecting frequently" +BanOnEvent MaxLoginAttempts 3/00:30:00 12:00:00 +BanOnEvent AnonRejectPasswords 1/01:00:00 99:99:99 +BanControlsACLs all allow user root + + + +BanEngine off +DelayEngine off + + ]]> + + From e071365cd63260b5d5ad45226ccf8d6ab3dc17a0 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Mon, 24 Jul 2023 14:28:08 +0200 Subject: [PATCH 52/87] improve description of resources assignment in admins and customers Signed-off-by: Michael Kaufmann --- lib/formfields/admin/admin/formfield.admin_add.php | 11 +++++++++++ lib/formfields/admin/admin/formfield.admin_edit.php | 11 +++++++++++ .../admin/customer/formfield.customer_add.php | 9 +++++++++ .../admin/customer/formfield.customer_edit.php | 9 +++++++++ lng/de.lng.php | 1 + lng/en.lng.php | 1 + 6 files changed, 42 insertions(+) diff --git a/lib/formfields/admin/admin/formfield.admin_add.php b/lib/formfields/admin/admin/formfield.admin_add.php index 6ade1bfc..71a428b3 100644 --- a/lib/formfields/admin/admin/formfield.admin_add.php +++ b/lib/formfields/admin/admin/formfield.admin_add.php @@ -120,6 +120,7 @@ return [ ], 'customers' => [ 'label' => lng('admin.customers'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 9, @@ -133,6 +134,7 @@ return [ ], 'domains' => [ 'label' => lng('admin.domains'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 9, @@ -146,6 +148,7 @@ return [ ], 'diskspace' => [ 'label' => lng('customer.diskspace') . ' (' . lng('customer.mib') . ')', + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 6, @@ -153,6 +156,7 @@ return [ ], 'traffic' => [ 'label' => lng('customer.traffic') . ' (' . lng('customer.gib') . ')', + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 4, @@ -160,6 +164,7 @@ return [ ], 'subdomains' => [ 'label' => lng('customer.subdomains'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 9, @@ -167,6 +172,7 @@ return [ ], 'emails' => [ 'label' => lng('customer.emails'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 9, @@ -174,6 +180,7 @@ return [ ], 'email_accounts' => [ 'label' => lng('customer.accounts'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 9, @@ -181,6 +188,7 @@ return [ ], 'email_forwarders' => [ 'label' => lng('customer.forwarders'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 9, @@ -188,6 +196,7 @@ return [ ], 'email_quota' => [ 'label' => lng('customer.email_quota') . ' (' . lng('customer.mib') . ')', + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 9, @@ -196,12 +205,14 @@ return [ ], 'ftps' => [ 'label' => lng('customer.ftps'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 9 ], 'mysqls' => [ 'label' => lng('customer.mysqls'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 9, diff --git a/lib/formfields/admin/admin/formfield.admin_edit.php b/lib/formfields/admin/admin/formfield.admin_edit.php index d5cf9493..ef15245d 100644 --- a/lib/formfields/admin/admin/formfield.admin_edit.php +++ b/lib/formfields/admin/admin/formfield.admin_edit.php @@ -132,6 +132,7 @@ return [ ], 'customers' => [ 'label' => lng('admin.customers'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['customers']) ? '0' : $result['customers'], 'maxlength' => 9, @@ -145,6 +146,7 @@ return [ ], 'domains' => [ 'label' => lng('admin.domains'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['domains']) ? '0' : $result['domains'], 'maxlength' => 9, @@ -158,6 +160,7 @@ return [ ], 'diskspace' => [ 'label' => lng('customer.diskspace') . ' (' . lng('customer.mib') . ')', + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['diskspace']) ? '0' : $result['diskspace'], 'maxlength' => 6, @@ -165,6 +168,7 @@ return [ ], 'traffic' => [ 'label' => lng('customer.traffic') . ' (' . lng('customer.gib') . ')', + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['traffic']) ? '0' : $result['traffic'], 'maxlength' => 4, @@ -172,6 +176,7 @@ return [ ], 'subdomains' => [ 'label' => lng('customer.subdomains'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['subdomains']) ? '0' : $result['subdomains'], 'maxlength' => 9, @@ -179,6 +184,7 @@ return [ ], 'emails' => [ 'label' => lng('customer.emails'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['emails']) ? '0' : $result['emails'], 'maxlength' => 9, @@ -186,6 +192,7 @@ return [ ], 'email_accounts' => [ 'label' => lng('customer.accounts'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['email_accounts']) ? '0' : $result['email_accounts'], 'maxlength' => 9, @@ -193,6 +200,7 @@ return [ ], 'email_forwarders' => [ 'label' => lng('customer.forwarders'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['email_forwarders']) ? '0' : $result['email_forwarders'], 'maxlength' => 9, @@ -200,6 +208,7 @@ return [ ], 'email_quota' => [ 'label' => lng('customer.email_quota') . ' (' . lng('customer.mib') . ')', + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['email_quota']) ? '0' : $result['email_quota'], 'maxlength' => 9, @@ -208,12 +217,14 @@ return [ ], 'ftps' => [ 'label' => lng('customer.ftps'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['ftps']) ? '0' : $result['ftps'], 'maxlength' => 9 ], 'mysqls' => [ 'label' => lng('customer.mysqls'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['mysqls']) ? '0' : $result['mysqls'], 'maxlength' => 9, diff --git a/lib/formfields/admin/customer/formfield.customer_add.php b/lib/formfields/admin/customer/formfield.customer_add.php index 8df804c4..91579890 100644 --- a/lib/formfields/admin/customer/formfield.customer_add.php +++ b/lib/formfields/admin/customer/formfield.customer_add.php @@ -187,6 +187,7 @@ return [ 'fields' => [ 'diskspace' => [ 'label' => lng('customer.diskspace') . ' (' . lng('customer.mib') . ')', + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 16, @@ -194,6 +195,7 @@ return [ ], 'traffic' => [ 'label' => lng('customer.traffic') . ' (' . lng('customer.gib') . ')', + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 14, @@ -201,6 +203,7 @@ return [ ], 'subdomains' => [ 'label' => lng('customer.subdomains'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 9, @@ -208,6 +211,7 @@ return [ ], 'emails' => [ 'label' => lng('customer.emails'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 9, @@ -215,6 +219,7 @@ return [ ], 'email_accounts' => [ 'label' => lng('customer.accounts'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 9, @@ -222,6 +227,7 @@ return [ ], 'email_forwarders' => [ 'label' => lng('customer.forwarders'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 9, @@ -229,6 +235,7 @@ return [ ], 'email_quota' => [ 'label' => lng('customer.email_quota') . ' (' . lng('customer.mib') . ')', + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 9, @@ -251,12 +258,14 @@ return [ ], 'ftps' => [ 'label' => lng('customer.ftps'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 9 ], 'mysqls' => [ 'label' => lng('customer.mysqls'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => 0, 'maxlength' => 9, diff --git a/lib/formfields/admin/customer/formfield.customer_edit.php b/lib/formfields/admin/customer/formfield.customer_edit.php index 92f3d88f..f873e731 100644 --- a/lib/formfields/admin/customer/formfield.customer_edit.php +++ b/lib/formfields/admin/customer/formfield.customer_edit.php @@ -198,6 +198,7 @@ return [ 'fields' => [ 'diskspace' => [ 'label' => lng('customer.diskspace') . ' (' . lng('customer.mib') . ')', + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['diskspace']) ? '0' : $result['diskspace'], 'maxlength' => 16, @@ -205,6 +206,7 @@ return [ ], 'traffic' => [ 'label' => lng('customer.traffic') . ' (' . lng('customer.gib') . ')', + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['traffic']) ? '0' : $result['traffic'], 'maxlength' => 14, @@ -212,6 +214,7 @@ return [ ], 'subdomains' => [ 'label' => lng('customer.subdomains'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['subdomains']) ? '0' : $result['subdomains'], 'maxlength' => 9, @@ -219,6 +222,7 @@ return [ ], 'emails' => [ 'label' => lng('customer.emails'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['emails']) ? '0' : $result['emails'], 'maxlength' => 9, @@ -226,6 +230,7 @@ return [ ], 'email_accounts' => [ 'label' => lng('customer.accounts'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['email_accounts']) ? '0' : $result['email_accounts'], 'maxlength' => 9, @@ -233,6 +238,7 @@ return [ ], 'email_forwarders' => [ 'label' => lng('customer.forwarders'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['email_forwarders']) ? '0' : $result['email_forwarders'], 'maxlength' => 9, @@ -240,6 +246,7 @@ return [ ], 'email_quota' => [ 'label' => lng('customer.email_quota') . ' (' . lng('customer.mib') . ')', + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['email_quota']) ? '0' : $result['email_quota'], 'maxlength' => 9, @@ -262,6 +269,7 @@ return [ ], 'ftps' => [ 'label' => lng('customer.ftps'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['ftps']) ? '0' : $result['ftps'], 'maxlength' => 9, @@ -269,6 +277,7 @@ return [ ], 'mysqls' => [ 'label' => lng('customer.mysqls'), + 'desc' => lng('panel.use_checkbox_for_unlimited'), 'type' => 'textul', 'value' => empty($result['mysqls']) ? '0' : $result['mysqls'], 'maxlength' => 9, diff --git a/lng/de.lng.php b/lng/de.lng.php index f8054bdb..9c5eb363 100644 --- a/lng/de.lng.php +++ b/lng/de.lng.php @@ -1242,6 +1242,7 @@ Vielen Dank, Ihr Administrator', ], 'upload_import' => 'Hochladen und importieren', 'profile' => 'Mein Profil', + 'use_checkbox_for_unlimited' => 'Der Wert "0" deaktiviert die Resource. Die Checkbox rechts erlaubt "unlimitierte" Nutzung.', ], 'phpfpm' => [ 'vhost_httpuser' => 'Lokaler Benutzer für PHP-FPM (Froxlor-Vhost)', diff --git a/lng/en.lng.php b/lng/en.lng.php index 39b69856..5f755c5c 100644 --- a/lng/en.lng.php +++ b/lng/en.lng.php @@ -1355,6 +1355,7 @@ Yours sincerely, your administrator', ], 'upload_import' => 'Upload and import', 'profile' => 'My profile', + 'use_checkbox_for_unlimited' => 'The value "0" deactivates this resource. The checkbox on the right allows "unlimited" usage.', ], 'phpfpm' => [ 'vhost_httpuser' => 'Local user to use for PHP-FPM (Froxlor vHost)', From 8d66a4aec413264ed0fb8b461dd632fc067266a6 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Mon, 24 Jul 2023 14:59:05 +0200 Subject: [PATCH 53/87] readd missing email quota information on customers dashboard, fixes #1159 Signed-off-by: Michael Kaufmann --- customer_index.php | 5 +++++ templates/Froxlor/user/index.html.twig | 3 +++ 2 files changed, 8 insertions(+) diff --git a/customer_index.php b/customer_index.php index 17b48486..00fbf3f7 100644 --- a/customer_index.php +++ b/customer_index.php @@ -113,6 +113,11 @@ if ($page == 'overview') { $userinfo['traffic_bytes'] = ($userinfo['traffic'] > -1) ? $userinfo['traffic'] * 1024 : -1; $userinfo['traffic_bytes_used'] = $userinfo['traffic_used'] * 1024; + if (Settings::Get('system.mail_quota_enabled')) { + $userinfo['email_quota_bytes'] = ($userinfo['email_quota'] > -1) ? $userinfo['email_quota'] * 1024 : -1; + $userinfo['email_quota_bytes_used'] = $userinfo['email_quota_used'] * 1024; + } + if ($usages) { $userinfo['diskspace_bytes_used'] = $usages['webspace'] * 1024; $userinfo['mailspace_used'] = $usages['mail'] * 1024; diff --git a/templates/Froxlor/user/index.html.twig b/templates/Froxlor/user/index.html.twig index 0933c4b8..8c3ef479 100644 --- a/templates/Froxlor/user/index.html.twig +++ b/templates/Froxlor/user/index.html.twig @@ -41,6 +41,9 @@ {{ dashboard.ditem('customer.emails', userinfo.emails, userinfo.emails_used) }} {{ dashboard.ditem('customer.accounts', userinfo.email_accounts, userinfo.email_accounts_used, null, false, userinfo.mailspace_used) }} {{ dashboard.ditem('customer.forwarders', userinfo.email_forwarders, userinfo.email_forwarders_used) }} + {% if get_setting('system.mail_quota_enabled') and userinfo.email_quota != '0' %} + {{ dashboard.ditem('customer.email_quota', userinfo.email_quota_bytes, userinfo.email_quota_bytes_used, null, true) }} + {% endif %} {{ dashboard.ditem('customer.ftps', userinfo.ftps, userinfo.ftps_used) }} {% endif %} From 6d42968d1a1f42a45f96b52df5e80226b67eee59 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Mon, 24 Jul 2023 15:23:15 +0200 Subject: [PATCH 54/87] added abbility to enable/disable login for ftp users; fixes #1146 Signed-off-by: Michael Kaufmann --- lib/Froxlor/Api/Commands/Ftps.php | 16 ++++++++++++++-- lib/Froxlor/UI/Callbacks/Style.php | 5 +++++ lib/Froxlor/UI/Callbacks/Text.php | 8 ++++++++ .../customer/ftp/formfield.ftp_add.php | 8 +++++++- .../customer/ftp/formfield.ftp_edit.php | 8 +++++++- lib/tablelisting/customer/tablelisting.ftps.php | 15 +++++++++++++-- 6 files changed, 54 insertions(+), 6 deletions(-) diff --git a/lib/Froxlor/Api/Commands/Ftps.php b/lib/Froxlor/Api/Commands/Ftps.php index 41dc8cb9..e29ebf99 100644 --- a/lib/Froxlor/Api/Commands/Ftps.php +++ b/lib/Froxlor/Api/Commands/Ftps.php @@ -72,6 +72,8 @@ class Ftps extends ApiCommand implements ResourceEntity * optional whether to add additional usernames to the group * @param bool $is_defaultuser * optional whether this is the standard default ftp user which is being added so no usage is decreased + * @param bool $login_enabled + * optional whether to allow login (default) or not * * @access admin, customer * @return string json-encoded array @@ -84,6 +86,7 @@ class Ftps extends ApiCommand implements ResourceEntity } $is_defaultuser = $this->getBoolParam('is_defaultuser', true, 0); + $login_enabled = $this->getBoolParam('login_enabled', true, 1); if (($this->getUserDetail('ftps_used') < $this->getUserDetail('ftps') || $this->getUserDetail('ftps') == '-1') || $this->isAdmin() && $is_defaultuser == 1) { // required parameters @@ -176,13 +179,14 @@ class Ftps extends ApiCommand implements ResourceEntity $stmt = Database::prepare("INSERT INTO `" . TABLE_FTP_USERS . "` (`customerid`, `username`, `description`, `password`, `homedir`, `login_enabled`, `uid`, `gid`, `shell`) - VALUES (:customerid, :username, :description, :password, :homedir, 'y', :guid, :guid, :shell)"); + VALUES (:customerid, :username, :description, :password, :homedir, :loginenabled, :guid, :guid, :shell)"); $params = [ "customerid" => $customer['customerid'], "username" => $username, "description" => $description, "password" => $cryptPassword, "homedir" => $path, + "loginenabled" => $login_enabled ? 'Y' : 'N', "guid" => $customer['guid'], "shell" => $shell ]; @@ -389,6 +393,8 @@ class Ftps extends ApiCommand implements ResourceEntity * optional, description for ftp-user * @param string $shell * optional, default /bin/false (not changeable when deactivated) + * @param bool $login_enabled + * optional whether to allow login (default) or not * @param int $customerid * optional, required when called as admin (if $loginname is not specified) * @param string $loginname @@ -419,6 +425,7 @@ class Ftps extends ApiCommand implements ResourceEntity $password = $this->getParam('ftp_password', true, ''); $description = $this->getParam('ftp_description', true, $result['description']); $shell = $this->getParam('shell', true, $result['shell']); + $login_enabled = $this->getBoolParam('login_enabled', true, ($result['login_enabled'] == 'Y' ? 1 : 0)); // validation $password = Validate::validate($password, 'password', '', '', [], true); @@ -430,6 +437,10 @@ class Ftps extends ApiCommand implements ResourceEntity $shell = "/bin/false"; } + if ($login_enabled != 1) { + $login_enabled = 0; + } + // get needed customer info to reduce the ftp-user-counter by one $customer = $this->getCustomerData(); @@ -480,13 +491,14 @@ class Ftps extends ApiCommand implements ResourceEntity $stmt = Database::prepare(" UPDATE `" . TABLE_FTP_USERS . "` - SET `description` = :desc, `shell` = :shell + SET `description` = :desc, `shell` = :shell, `login_enabled` = :loginenabled WHERE `customerid` = :customerid AND `id` = :id "); Database::pexecute($stmt, [ "desc" => $description, "shell" => $shell, + "loginenabled" => $login_enabled ? 'Y' : 'N', "customerid" => $customer['customerid'], "id" => $id ], true, true); diff --git a/lib/Froxlor/UI/Callbacks/Style.php b/lib/Froxlor/UI/Callbacks/Style.php index 1019151c..315fbb47 100644 --- a/lib/Froxlor/UI/Callbacks/Style.php +++ b/lib/Froxlor/UI/Callbacks/Style.php @@ -34,6 +34,11 @@ class Style return $attributes['fields']['deactivated'] ? 'bg-danger' : ''; } + public static function loginDisabled(array $attributes): string + { + return $attributes['fields']['login_enabled'] == 'N' ? 'bg-danger' : ''; + } + public static function resultIntegrityBad(array $attributes): string { return $attributes['fields']['result'] ? '' : 'bg-warning'; diff --git a/lib/Froxlor/UI/Callbacks/Text.php b/lib/Froxlor/UI/Callbacks/Text.php index 2ec9735e..22bbf91f 100644 --- a/lib/Froxlor/UI/Callbacks/Text.php +++ b/lib/Froxlor/UI/Callbacks/Text.php @@ -43,6 +43,14 @@ class Text ]; } + public static function yesno(array $attributes): array + { + return [ + 'macro' => 'boolean', + 'data' => $attributes['data'] == 'Y' + ]; + } + public static function customerfullname(array $attributes): string { return User::getCorrectFullUserDetails($attributes['fields'], true); diff --git a/lib/formfields/customer/ftp/formfield.ftp_add.php b/lib/formfields/customer/ftp/formfield.ftp_add.php index c2320cd2..32e0e1ab 100644 --- a/lib/formfields/customer/ftp/formfield.ftp_add.php +++ b/lib/formfields/customer/ftp/formfield.ftp_add.php @@ -79,7 +79,13 @@ return [ 'type' => 'select', 'select_var' => $shells, 'selected' => '/bin/false' - ] + ], + 'login_enabled' => [ + 'label' => lng('panel.active'), + 'type' => 'checkbox', + 'value' => '1', + 'checked' => true + ], ] ] ] diff --git a/lib/formfields/customer/ftp/formfield.ftp_edit.php b/lib/formfields/customer/ftp/formfield.ftp_edit.php index 6375d568..e7659746 100644 --- a/lib/formfields/customer/ftp/formfield.ftp_edit.php +++ b/lib/formfields/customer/ftp/formfield.ftp_edit.php @@ -65,7 +65,13 @@ return [ 'type' => 'select', 'select_var' => $shells, 'selected' => $result['shell'] ?? '/bin/false' - ] + ], + 'login_enabled' => [ + 'label' => lng('panel.active'), + 'type' => 'checkbox', + 'value' => '1', + 'checked' => $result['login_enabled'] == 'Y', + ], ] ] ] diff --git a/lib/tablelisting/customer/tablelisting.ftps.php b/lib/tablelisting/customer/tablelisting.ftps.php index 4eed75ea..3d58af12 100644 --- a/lib/tablelisting/customer/tablelisting.ftps.php +++ b/lib/tablelisting/customer/tablelisting.ftps.php @@ -25,6 +25,8 @@ use Froxlor\Settings; use Froxlor\UI\Callbacks\Ftp; +use Froxlor\UI\Callbacks\Style; +use Froxlor\UI\Callbacks\Text; use Froxlor\UI\Listing; return [ @@ -51,13 +53,19 @@ return [ 'label' => lng('panel.shell'), 'field' => 'shell', 'visible' => Settings::Get('system.allow_customer_shell') == '1' + ], + 'login_enabled' => [ + 'label' => lng('panel.active'), + 'field' => 'login_enabled', + 'callback' => [Text::class, 'yesno'], ] ], 'visible_columns' => Listing::getVisibleColumnsForListing('ftp_list', [ 'username', 'description', 'homedir', - 'shell' + 'shell', + 'login_enabled', ]), 'actions' => [ 'edit' => [ @@ -81,6 +89,9 @@ return [ 'id' => ':id' ], ] - ] + ], + 'format_callback' => [ + [Style::class, 'loginDisabled'] + ], ] ]; From bbd1dca30e013a57dadc3f5dd59b105e75c929e1 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Mon, 24 Jul 2023 20:43:06 +0200 Subject: [PATCH 55/87] make password-suggestion as next-to like we always do Signed-off-by: Michael Kaufmann --- .../customer/ftp/formfield.ftp_add.php | 17 ++++++++++------- .../customer/ftp/formfield.ftp_edit.php | 17 ++++++++++------- 2 files changed, 20 insertions(+), 14 deletions(-) diff --git a/lib/formfields/customer/ftp/formfield.ftp_add.php b/lib/formfields/customer/ftp/formfield.ftp_add.php index 32e0e1ab..2d7418a5 100644 --- a/lib/formfields/customer/ftp/formfield.ftp_add.php +++ b/lib/formfields/customer/ftp/formfield.ftp_add.php @@ -59,13 +59,16 @@ return [ 'label' => lng('login.password'), 'type' => 'password', 'autocomplete' => 'off', - 'mandatory' => true - ], - 'ftp_password_suggestion' => [ - 'label' => lng('customer.generated_pwd'), - 'type' => 'text', - 'visible' => (Settings::Get('panel.password_regex') == ''), - 'value' => Crypt::generatePassword() + 'mandatory' => true, + 'next_to' => [ + 'ftp_password_suggestion' => [ + 'next_to_prefix' => lng('customer.generated_pwd') . ':', + 'type' => 'text', + 'visible' => (Settings::Get('panel.password_regex') == ''), + 'value' => Crypt::generatePassword(), + 'readonly' => true + ] + ] ], 'sendinfomail' => [ 'label' => lng('customer.sendinfomail'), diff --git a/lib/formfields/customer/ftp/formfield.ftp_edit.php b/lib/formfields/customer/ftp/formfield.ftp_edit.php index e7659746..b89d9240 100644 --- a/lib/formfields/customer/ftp/formfield.ftp_edit.php +++ b/lib/formfields/customer/ftp/formfield.ftp_edit.php @@ -51,13 +51,16 @@ return [ 'label' => lng('login.password'), 'desc' => lng('ftp.editpassdescription'), 'type' => 'password', - 'autocomplete' => 'off' - ], - 'ftp_password_suggestion' => [ - 'label' => lng('customer.generated_pwd'), - 'type' => 'text', - 'visible' => (Settings::Get('panel.password_regex') == ''), - 'value' => Crypt::generatePassword() + 'autocomplete' => 'off', + 'next_to' => [ + 'ftp_password_suggestion' => [ + 'next_to_prefix' => lng('customer.generated_pwd') . ':', + 'type' => 'text', + 'visible' => (Settings::Get('panel.password_regex') == ''), + 'value' => Crypt::generatePassword(), + 'readonly' => true + ] + ] ], 'shell' => [ 'visible' => Settings::Get('system.allow_customer_shell') == '1', From 9d113afc831f21b643a0dc36ec9e8c5bca4d9e5e Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Wed, 26 Jul 2023 10:13:50 +0200 Subject: [PATCH 56/87] send email notification to admin for non-successful let's encrypt results; fixes #1162 Signed-off-by: Michael Kaufmann --- lib/Froxlor/Api/ApiCommand.php | 1 + lib/Froxlor/Api/Commands/Customers.php | 5 +- lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php | 17 ++++++- lib/Froxlor/FileDir.php | 2 +- lib/Froxlor/System/Cronjob.php | 49 +++++++++----------- 5 files changed, 41 insertions(+), 33 deletions(-) diff --git a/lib/Froxlor/Api/ApiCommand.php b/lib/Froxlor/Api/ApiCommand.php index 327a1b4d..c2a17f50 100644 --- a/lib/Froxlor/Api/ApiCommand.php +++ b/lib/Froxlor/Api/ApiCommand.php @@ -397,6 +397,7 @@ abstract class ApiCommand extends ApiParameter $nat_fields = [ '`c`.`loginname`', + '`c`.`name`', '`a`.`loginname`', '`adminname`', '`databasename`', diff --git a/lib/Froxlor/Api/Commands/Customers.php b/lib/Froxlor/Api/Commands/Customers.php index d299b462..d23d3d24 100644 --- a/lib/Froxlor/Api/Commands/Customers.php +++ b/lib/Froxlor/Api/Commands/Customers.php @@ -100,7 +100,7 @@ class Customers extends ApiCommand implements ResourceEntity AND `id`<> :stdd "); $usages_stmt = Database::prepare(" - SELECT * FROM `" . TABLE_PANEL_DISKSPACE . "` + SELECT webspace, mail, mysql FROM `" . TABLE_PANEL_DISKSPACE . "` WHERE `customerid` = :cid ORDER BY `stamp` DESC LIMIT 1 "); @@ -109,11 +109,10 @@ class Customers extends ApiCommand implements ResourceEntity while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) { if ($show_usages) { // get number of domains - Database::pexecute($domains_stmt, [ + $domains = Database::pexecute_first($domains_stmt, [ 'cid' => $row['customerid'], 'stdd' => $row['standardsubdomain'] ]); - $domains = $domains_stmt->fetch(PDO::FETCH_ASSOC); $row['domains'] = intval($domains['domains']); // get disk-space usages for web, mysql and mail $usages = Database::pexecute_first($usages_stmt, [ diff --git a/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php b/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php index 514dcc3d..659fb551 100644 --- a/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php +++ b/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php @@ -556,6 +556,10 @@ EOC; Settings::Set('system.le_froxlor_enabled', 0); } $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_WARNING, "Let's Encrypt deactivated for domain " . $domain); + if (!defined('CRON_IS_FORCED') && !defined('CRON_DEBUG_FLAG')) { + // email info to admin that lets encrypt has been disabled for this domain + Cronjob::notifyMailToAdmin("Let's Encrypt has been deactivated for domain '" . $domain . "' due to failed dns validation (wrong or no IP address)"); + } } } } @@ -586,11 +590,20 @@ EOC; $acmesh_cmd .= " --debug"; } - $acme_result = FileDir::safe_exec($acmesh_cmd); + $exit_code = null; + $acme_result = FileDir::safe_exec($acmesh_cmd, $exit_code); // debug output of acme.sh run $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, implode("\n", $acme_result)); - self::certToDb($certrow, $cronlog, $acme_result); + if ($exit_code != 0) { + $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, "Non-successful exit-code returned :("); + if (!defined('CRON_IS_FORCED') && !defined('CRON_DEBUG_FLAG')) { + Cronjob::notifyMailToAdmin("Let's Encrypt certificate could not be obtained for: " . implode(", ", $domains) . "\n\n" . implode("\n", $acme_result)); + } + } else { + $cronlog->logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, "Successful exit-code returned - storing certificate"); + self::certToDb($certrow, $cronlog, $acme_result); + } } } diff --git a/lib/Froxlor/FileDir.php b/lib/Froxlor/FileDir.php index 2502a4a9..41250b1d 100644 --- a/lib/Froxlor/FileDir.php +++ b/lib/Froxlor/FileDir.php @@ -219,7 +219,7 @@ class FileDir } // execute the command and return output - $return = ''; + $return = []; // ------------------------------------------------------------------------------- if ($return_value == false) { diff --git a/lib/Froxlor/System/Cronjob.php b/lib/Froxlor/System/Cronjob.php index 4a765049..a131052c 100644 --- a/lib/Froxlor/System/Cronjob.php +++ b/lib/Froxlor/System/Cronjob.php @@ -310,42 +310,37 @@ class Cronjob } /** - * Cronjob function to end a cronjob in a critical condition - * but not without sending a notification mail to the admin + * Send notification to system admin via email * * @param string $message * @param string $subject * * @return void */ - public static function dieWithMail(string $message, string $subject = "[froxlor] Cronjob error") + public static function notifyMailToAdmin(string $message, string $subject = "[froxlor] Important notice") { - if (Settings::Get('system.send_cron_errors') == '1') { - $_mail = new Mailer(true); - $_mailerror = false; - $mailerr_msg = ""; - try { - $_mail->Subject = $subject; - $_mail->AltBody = $message; - $_mail->MsgHTML(nl2br($message)); - $_mail->AddAddress(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname')); - $_mail->Send(); - } catch (\PHPMailer\PHPMailer\Exception $e) { - $mailerr_msg = $e->errorMessage(); - $_mailerror = true; - } catch (Exception $e) { - $mailerr_msg = $e->getMessage(); - $_mailerror = true; - } - - $_mail->ClearAddresses(); - - if ($_mailerror) { - echo 'Error sending mail: ' . $mailerr_msg . "\n"; - } + $mail = new Mailer(true); + $mailerror = false; + $mailerr_msg = ""; + try { + $mail->Subject = $subject; + $mail->AltBody = $message; + $mail->MsgHTML(nl2br($message)); + $mail->AddAddress(Settings::Get('panel.adminmail'), Settings::Get('panel.adminmail_defname')); + $mail->Send(); + } catch (\PHPMailer\PHPMailer\Exception $e) { + $mailerr_msg = $e->errorMessage(); + $mailerror = true; + } catch (Exception $e) { + $mailerr_msg = $e->getMessage(); + $mailerror = true; } - die($message); + $mail->ClearAddresses(); + + if ($mailerror) { + echo 'Error sending mail: ' . $mailerr_msg . "\n"; + } } /** From d1043b464540fbe0de48f519c5f54e70fbed161d Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Wed, 26 Jul 2023 11:18:14 +0200 Subject: [PATCH 57/87] Allow customers to enable separate log-file for (sub)domains; fixes #1117 Signed-off-by: Michael Kaufmann --- customer_domains.php | 17 ++++++++ lib/Froxlor/Api/Commands/SubDomains.php | 41 +++++++++++++++++-- .../domains/formfield.domains_add.php | 13 +++++- .../domains/formfield.domains_edit.php | 13 +++++- lng/de.lng.php | 1 + lng/en.lng.php | 1 + .../Froxlor/src/js/components/domains.js | 2 +- 7 files changed, 82 insertions(+), 6 deletions(-) diff --git a/customer_domains.php b/customer_domains.php index 2fba8e38..944b4143 100644 --- a/customer_domains.php +++ b/customer_domains.php @@ -389,6 +389,23 @@ if ($page == 'overview' || $page == 'domains') { } else { Response::standardError('domains_canteditdomain'); } + } elseif ($action == 'jqSpeciallogfileNote') { + $domainid = intval($_POST['id']); + $newval = intval($_POST['newval']); + try { + $json_result = SubDomains::getLocal($userinfo, [ + 'id' => $domainid + ])->get(); + } catch (Exception $e) { + Response::dynamicError($e->getMessage()); + } + $result = json_decode($json_result, true)['data']; + if ($newval != $result['speciallogfile']) { + echo json_encode(['changed' => true, 'info' => lng('admin.speciallogwarning')]); + exit(); + } + echo 0; + exit(); } } elseif ($page == 'domainssleditor') { require_once __DIR__ . '/ssl_editor.php'; diff --git a/lib/Froxlor/Api/Commands/SubDomains.php b/lib/Froxlor/Api/Commands/SubDomains.php index e49c09cd..1711c3ef 100644 --- a/lib/Froxlor/Api/Commands/SubDomains.php +++ b/lib/Froxlor/Api/Commands/SubDomains.php @@ -67,6 +67,8 @@ class SubDomains extends ApiCommand implements ResourceEntity * optional, php-settings-id, if empty the $domain value is used * @param int $redirectcode * optional, redirect-code-id from TABLE_PANEL_REDIRECTCODES + * @param int $speciallogfile + * optional, whether to create an exclusive web-logfile for this domain (1) or not (0) or inherit value from parentdomain (2, default) * @param bool $sslenabled * optional, whether or not SSL is enabled for this domain, regardless of the assigned ssl-ips, default * 1 (true) @@ -107,6 +109,7 @@ class SubDomains extends ApiCommand implements ResourceEntity $openbasedir_path = $this->getParam('openbasedir_path', true, 0); $phpsettingid = $this->getParam('phpsettingid', true, 0); $redirectcode = $this->getParam('redirectcode', true, Settings::Get('customredirect.default')); + $speciallogfile = intval($this->getParam('speciallogfile', true, 2)); $isemaildomain = $this->getParam('isemaildomain', true, 0); if (Settings::Get('system.use_ssl')) { $sslenabled = $this->getBoolParam('sslenabled', true, 1); @@ -276,6 +279,11 @@ class SubDomains extends ApiCommand implements ResourceEntity $ssl_redirect = 2; } + // validate speciallogfile value + if ($speciallogfile < 0 || $speciallogfile > 2) { + $speciallogfile = 2; // inherit from parent-domain + } + // get the phpsettingid from parentdomain, #107 $phpsid_stmt = Database::prepare(" SELECT `phpsettingid` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `id` = :id @@ -354,7 +362,7 @@ class SubDomains extends ApiCommand implements ResourceEntity "openbasedir" => $domain_check['openbasedir'], "openbasedir_path" => $openbasedir_path, "phpenabled" => $domain_check['phpenabled'], - "speciallogfile" => $domain_check['speciallogfile'], + "speciallogfile" => $speciallogfile == 2 ? $domain_check['speciallogfile'] : $speciallogfile, "specialsettings" => $domain_check['specialsettings'], "ssl_specialsettings" => $domain_check['ssl_specialsettings'], "include_specialsettings" => $domain_check['include_specialsettings'], @@ -591,6 +599,11 @@ class SubDomains extends ApiCommand implements ResourceEntity * optional, php-settings-id, if empty the $domain value is used * @param int $redirectcode * optional, redirect-code-id from TABLE_PANEL_REDIRECTCODES + * @param bool $speciallogfile + * optional, whether to create an exclusive web-logfile for this domain + * @param bool $speciallogverified + * optional, when setting $speciallogfile to false, this needs to be set to true to confirm the action, + * default 0 (false) * @param bool $sslenabled * optional, whether or not SSL is enabled for this domain, regardless of the assigned ssl-ips, default * 1 (true) @@ -648,6 +661,8 @@ class SubDomains extends ApiCommand implements ResourceEntity $openbasedir_path = $this->getParam('openbasedir_path', true, $result['openbasedir_path']); $phpsettingid = $this->getParam('phpsettingid', true, $result['phpsettingid']); $redirectcode = $this->getParam('redirectcode', true, Domain::getDomainRedirectId($id)); + $speciallogfile = $this->getBoolParam('speciallogfile', true, $result['speciallogfile']); + $speciallogverified = $this->getBoolParam('speciallogverified', true, 0); if (Settings::Get('system.use_ssl')) { $sslenabled = $this->getBoolParam('sslenabled', true, $result['ssl_enabled']); $ssl_redirect = $this->getBoolParam('ssl_redirect', true, $result['ssl_redirect']); @@ -757,6 +772,10 @@ class SubDomains extends ApiCommand implements ResourceEntity $ssl_redirect = 2; } + if ($speciallogfile != $result['speciallogfile'] && $speciallogverified != '1') { + $speciallogfile = $result['speciallogfile']; + } + // is-email-domain flag changed - remove mail accounts and mail-addresses if (($result['isemaildomain'] == '1') && $isemaildomain == '0') { $params = [ @@ -789,7 +808,21 @@ class SubDomains extends ApiCommand implements ResourceEntity Domain::updateRedirectOfDomain($id, $redirectcode); } - if ($path != $result['documentroot'] || $isemaildomain != $result['isemaildomain'] || $wwwserveralias != $result['wwwserveralias'] || $iswildcarddomain != $result['iswildcarddomain'] || $aliasdomain != (int)$result['aliasdomain'] || $openbasedir_path != $result['openbasedir_path'] || $ssl_redirect != $result['ssl_redirect'] || $letsencrypt != $result['letsencrypt'] || $hsts_maxage != $result['hsts'] || $hsts_sub != $result['hsts_sub'] || $hsts_preload != $result['hsts_preload'] || $phpsettingid != $result['phpsettingid'] || $http2 != $result['http2']) { + if ($path != $result['documentroot'] + || $isemaildomain != $result['isemaildomain'] + || $wwwserveralias != $result['wwwserveralias'] + || $iswildcarddomain != $result['iswildcarddomain'] + || $aliasdomain != (int)$result['aliasdomain'] + || $openbasedir_path != $result['openbasedir_path'] + || $ssl_redirect != $result['ssl_redirect'] + || $letsencrypt != $result['letsencrypt'] + || $hsts_maxage != $result['hsts'] + || $hsts_sub != $result['hsts_sub'] + || $hsts_preload != $result['hsts_preload'] + || $phpsettingid != $result['phpsettingid'] + || $http2 != $result['http2'] + || ($speciallogfile != $result['speciallogfile'] && $speciallogverified == '1') + ) { $stmt = Database::prepare(" UPDATE `" . TABLE_PANEL_DOMAINS . "` SET `documentroot` = :documentroot, @@ -805,7 +838,8 @@ class SubDomains extends ApiCommand implements ResourceEntity `hsts` = :hsts, `hsts_sub` = :hsts_sub, `hsts_preload` = :hsts_preload, - `phpsettingid` = :phpsettingid + `phpsettingid` = :phpsettingid, + `speciallogfile` = :speciallogfile WHERE `customerid`= :customerid AND `id`= :id "); $params = [ @@ -823,6 +857,7 @@ class SubDomains extends ApiCommand implements ResourceEntity "hsts_sub" => $hsts_sub, "hsts_preload" => $hsts_preload, "phpsettingid" => $phpsettingid, + "speciallogfile" => $speciallogfile, "customerid" => $customer['customerid'], "id" => $id ]; diff --git a/lib/formfields/customer/domains/formfield.domains_add.php b/lib/formfields/customer/domains/formfield.domains_add.php index 029516de..610cf45a 100644 --- a/lib/formfields/customer/domains/formfield.domains_add.php +++ b/lib/formfields/customer/domains/formfield.domains_add.php @@ -89,7 +89,18 @@ return [ 'type' => 'select', 'select_var' => $phpconfigs, 'selected' => (int)Settings::Get('phpfpm.enabled') == 1 ? Settings::Get('phpfpm.defaultini') : Settings::Get('system.mod_fcgid_defaultini') - ] + ], + 'speciallogfile' => [ + 'label' => lng('admin.speciallogfile.title'), + 'desc' => lng('admin.speciallogfile.description'), + 'type' => 'select', + 'select_var' => [ + 0 => lng('panel.no'), + 1 => lng('panel.yes'), + 2 => lng('domain.inherited') + ], + 'selected' => 2 + ], ] ], 'section_bssl' => [ diff --git a/lib/formfields/customer/domains/formfield.domains_edit.php b/lib/formfields/customer/domains/formfield.domains_edit.php index 6d89369c..cd7d1553 100644 --- a/lib/formfields/customer/domains/formfield.domains_edit.php +++ b/lib/formfields/customer/domains/formfield.domains_edit.php @@ -104,7 +104,18 @@ return [ 'type' => 'select', 'select_var' => $phpconfigs, 'selected' => $result['phpsettingid'] - ] + ], + 'speciallogfile' => [ + 'label' => lng('admin.speciallogfile.title'), + 'desc' => lng('admin.speciallogfile.description'), + 'type' => 'checkbox', + 'value' => '1', + 'checked' => $result['speciallogfile'] + ], + 'speciallogverified' => [ + 'type' => 'hidden', + 'value' => '0' + ], ] ], 'section_bssl' => [ diff --git a/lng/de.lng.php b/lng/de.lng.php index 9c5eb363..46be6c99 100644 --- a/lng/de.lng.php +++ b/lng/de.lng.php @@ -647,6 +647,7 @@ return [ ], 'domain' => [ 'openbasedirpath' => 'OpenBasedir-Pfad', + 'inherited' => 'Gleich wie Elterndomain', 'docroot' => 'Oben angegebener Pfad', 'homedir' => 'Heimverzeichnis', 'docparent' => 'Elternverzeichnis des oben angegebenen Pfads', diff --git a/lng/en.lng.php b/lng/en.lng.php index 5f755c5c..2f3b0471 100644 --- a/lng/en.lng.php +++ b/lng/en.lng.php @@ -714,6 +714,7 @@ return [ ], 'domain' => [ 'openbasedirpath' => 'OpenBasedir-path', + 'inherited' => 'Same as parent-domain', 'docroot' => 'Path from field above', 'homedir' => 'Home directory', 'docparent' => 'Parent-directory of path from field above', diff --git a/templates/Froxlor/src/js/components/domains.js b/templates/Froxlor/src/js/components/domains.js index fe5611fc..8d7512a5 100644 --- a/templates/Froxlor/src/js/components/domains.js +++ b/templates/Froxlor/src/js/components/domains.js @@ -36,7 +36,7 @@ $(function() { $('#speciallogfile').removeClass('is-invalid'); $('#speciallogverified').val(0); $.ajax({ - url: "admin_domains.php?page=overview&action=jqSpeciallogfileNote", + url: window.location.pathname.substring(1) + "?page=overview&action=jqSpeciallogfileNote", type: "POST", data: { id: $('input[name=id]').val(), newval: +$('#speciallogfile').is(':checked') From c52d9bbd0307b673c12f6a91a7da3553083a190a Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Thu, 27 Jul 2023 11:08:27 +0200 Subject: [PATCH 58/87] work on backup storages Signed-off-by: Michael Kaufmann --- actions/admin/settings/230.backup.php | 90 +++------- admin_customers.php | 4 +- composer.json | 1 + composer.lock | 131 +++++++-------- install/froxlor.sql.php | 6 +- install/updates/froxlor/update_2.1.inc.php | 6 +- lib/Froxlor/Api/Commands/BackupStorages.php | 4 +- lib/Froxlor/Api/Commands/Backups.php | 3 +- lib/Froxlor/Backup/Backup.php | 53 ++++++ lib/Froxlor/Backup/Storages/Ftp.php | 98 +++++++++++ lib/Froxlor/Backup/Storages/Local.php | 60 +++++++ lib/Froxlor/Backup/Storages/Rsync.php | 42 +++++ lib/Froxlor/Backup/Storages/S3.php | 42 +++++ lib/Froxlor/Backup/Storages/Sftp.php | 42 +++++ lib/Froxlor/Backup/Storages/Storage.php | 155 ++++++++++++++++++ .../Backup/Storages/StorageFactory.php | 12 ++ lib/Froxlor/Cron/Backup/BackupCron.php | 17 +- 17 files changed, 623 insertions(+), 143 deletions(-) create mode 100644 lib/Froxlor/Backup/Backup.php create mode 100644 lib/Froxlor/Backup/Storages/Ftp.php create mode 100644 lib/Froxlor/Backup/Storages/Local.php create mode 100644 lib/Froxlor/Backup/Storages/Rsync.php create mode 100644 lib/Froxlor/Backup/Storages/S3.php create mode 100644 lib/Froxlor/Backup/Storages/Sftp.php create mode 100644 lib/Froxlor/Backup/Storages/Storage.php create mode 100644 lib/Froxlor/Backup/Storages/StorageFactory.php diff --git a/actions/admin/settings/230.backup.php b/actions/admin/settings/230.backup.php index 01ba96ed..63ebdbc0 100644 --- a/actions/admin/settings/230.backup.php +++ b/actions/admin/settings/230.backup.php @@ -30,7 +30,7 @@ return [ 'icon' => 'fa-solid fa-sliders', 'advanced_mode' => true, 'fields' => [ - 'system_backup_enabled' => [ + 'backup_enabled' => [ 'label' => lng('serversettings.backup_enabled'), 'settinggroup' => 'backup', 'varname' => 'enabled', @@ -40,74 +40,39 @@ return [ 'overview_option' => true, 'cronmodule' => 'froxlor/backup' ], - 'system_backup_type' => [ - 'label' => lng('serversettings.backup_type'), + 'backup_default_storage' => [ + 'label' => lng('serversettings.backup_default_storage'), 'settinggroup' => 'backup', - 'varname' => 'type', + 'varname' => 'default_storage', 'type' => 'select', - 'default' => 'Local', - 'select_var' => [ - 'Local' => lng('serversettings.local'), - 'SFTP' => lng('serversettings.sftp'), - 'FTPS' => lng('serversettings.ftps'), - 'S3' => lng('serversettings.s3'), + 'default' => '1', + 'option_options_method' => [ + '\\Froxlor\\Backup\\Backup', + 'getBackupStorages' ], - 'save_method' => 'storeSettingField', - 'overview_option' => true, + 'save_method' => 'storeSettingField' ], - 'system_backup_region' => [ - 'label' => lng('serversettings.backup_region'), + 'backup_default_retention' => [ + 'label' => lng('serversettings.backup_default_retention'), 'settinggroup' => 'backup', - 'varname' => 'region', - 'type' => 'text', - 'default' => 'eu-central-1', + 'varname' => 'default_retention', + 'type' => 'number', + 'default' => 3, + 'min' => 0, 'save_method' => 'storeSettingField', ], - 'system_backup_bucket' => [ - 'label' => lng('serversettings.backup_bucket'), + 'backup_default_customer_access' => [ + 'label' => lng('serversettings.backup_default_customer_access'), 'settinggroup' => 'backup', - 'varname' => 'bucket', - 'type' => 'text', - 'default' => '', + 'varname' => 'default_customer_access', + 'type' => 'checkbox', + 'default' => true, 'save_method' => 'storeSettingField', ], - 'system_backup_destination_path' => [ - 'label' => lng('serversettings.backup_destination_path'), + 'backup_default_pgp_public_key' => [ + 'label' => lng('serversettings.backup_default_pgp_public_key'), 'settinggroup' => 'backup', - 'varname' => 'destination_path', - 'type' => 'text', - 'string_type' => 'confdir', - 'default' => '/srv/backups/', - 'save_method' => 'storeSettingField', - ], - 'system_backup_hostname' => [ - 'label' => lng('serversettings.backup_hostname'), - 'settinggroup' => 'backup', - 'varname' => 'hostname', - 'type' => 'text', - 'default' => '', - 'save_method' => 'storeSettingField', - ], - 'system_backup_username' => [ - 'label' => lng('serversettings.backup_username'), - 'settinggroup' => 'backup', - 'varname' => 'username', - 'type' => 'text', - 'default' => '', - 'save_method' => 'storeSettingField', - ], - 'system_backup_password' => [ - 'label' => lng('serversettings.backup_password'), - 'settinggroup' => 'backup', - 'varname' => 'password', - 'type' => 'password', - 'default' => '', - 'save_method' => 'storeSettingField', - ], - 'system_backup_pgp_public_key' => [ - 'label' => lng('serversettings.backup_pgp_public_key'), - 'settinggroup' => 'backup', - 'varname' => 'pgp_public_key', + 'varname' => 'default_pgp_public_key', 'type' => 'textarea', 'default' => '', 'save_method' => 'storeSettingField', @@ -116,15 +81,6 @@ return [ 'checkPgpPublicKeySetting' ], ], - 'system_backup_retention' => [ - 'label' => lng('serversettings.backup_retention'), - 'settinggroup' => 'backup', - 'varname' => 'retention', - 'type' => 'number', - 'default' => 3, - 'min' => 0, - 'save_method' => 'storeSettingField', - ], ] ] ] diff --git a/admin_customers.php b/admin_customers.php index 6fe2cd18..c7813e3b 100644 --- a/admin_customers.php +++ b/admin_customers.php @@ -236,7 +236,7 @@ if (($page == 'customers' || $page == 'overview') && $userinfo['customers'] != ' $result_json = BackupStorages::getLocal($userinfo)->listing(); $result_decoded = json_decode($result_json, true)['data']['list']; foreach ($result_decoded as $storagedata) { - $backup_storages[$storagedata['id']] = $storagedata['description'] . ' (' . $storagedata['type'] . ')'; + $backup_storages[$storagedata['id']] = "[" . $storagedata['type'] . "] " . html_entity_decode($storagedata['description']); } } catch (Exception $e) { /* just none */ @@ -335,7 +335,7 @@ if (($page == 'customers' || $page == 'overview') && $userinfo['customers'] != ' $result_json = BackupStorages::getLocal($userinfo)->listing(); $result_decoded = json_decode($result_json, true)['data']['list']; foreach ($result_decoded as $storagedata) { - $backup_storages[$storagedata['id']] = $storagedata['description'] . ' (' . $storagedata['type'] . ')'; + $backup_storages[$storagedata['id']] = "[" . $storagedata['type'] . "] " . html_entity_decode($storagedata['description']); } } catch (Exception $e) { /* just none */ diff --git a/composer.json b/composer.json index cbc90494..7da177d4 100644 --- a/composer.json +++ b/composer.json @@ -46,6 +46,7 @@ "ext-fileinfo": "*", "ext-gmp": "*", "ext-gd": "*", + "ext-ftp": "*", "phpmailer/phpmailer": "~6.0", "monolog/monolog": "^1.24", "robthree/twofactorauth": "^1.6", diff --git a/composer.lock b/composer.lock index d34f97e9..14e4df9b 100644 --- a/composer.lock +++ b/composer.lock @@ -561,16 +561,16 @@ }, { "name": "symfony/console", - "version": "v5.4.22", + "version": "v5.4.24", "source": { "type": "git", "url": "https://github.com/symfony/console.git", - "reference": "3cd51fd2e6c461ca678f84d419461281bd87a0a8" + "reference": "560fc3ed7a43e6d30ea94a07d77f9a60b8ed0fb8" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/console/zipball/3cd51fd2e6c461ca678f84d419461281bd87a0a8", - "reference": "3cd51fd2e6c461ca678f84d419461281bd87a0a8", + "url": "https://api.github.com/repos/symfony/console/zipball/560fc3ed7a43e6d30ea94a07d77f9a60b8ed0fb8", + "reference": "560fc3ed7a43e6d30ea94a07d77f9a60b8ed0fb8", "shasum": "" }, "require": { @@ -640,7 +640,7 @@ "terminal" ], "support": { - "source": "https://github.com/symfony/console/tree/v5.4.22" + "source": "https://github.com/symfony/console/tree/v5.4.24" }, "funding": [ { @@ -656,7 +656,7 @@ "type": "tidelift" } ], - "time": "2023-03-25T09:27:28+00:00" + "time": "2023-05-26T05:13:16+00:00" }, { "name": "symfony/deprecation-contracts", @@ -1547,16 +1547,16 @@ }, { "name": "twig/twig", - "version": "v3.5.1", + "version": "v3.7.0", "source": { "type": "git", "url": "https://github.com/twigphp/Twig.git", - "reference": "a6e0510cc793912b451fd40ab983a1d28f611c15" + "reference": "5cf942bbab3df42afa918caeba947f1b690af64b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/twigphp/Twig/zipball/a6e0510cc793912b451fd40ab983a1d28f611c15", - "reference": "a6e0510cc793912b451fd40ab983a1d28f611c15", + "url": "https://api.github.com/repos/twigphp/Twig/zipball/5cf942bbab3df42afa918caeba947f1b690af64b", + "reference": "5cf942bbab3df42afa918caeba947f1b690af64b", "shasum": "" }, "require": { @@ -1565,15 +1565,10 @@ "symfony/polyfill-mbstring": "^1.3" }, "require-dev": { - "psr/container": "^1.0", + "psr/container": "^1.0|^2.0", "symfony/phpunit-bridge": "^4.4.9|^5.0.9|^6.0" }, "type": "library", - "extra": { - "branch-alias": { - "dev-master": "3.5-dev" - } - }, "autoload": { "psr-4": { "Twig\\": "src/" @@ -1607,7 +1602,7 @@ ], "support": { "issues": "https://github.com/twigphp/Twig/issues", - "source": "https://github.com/twigphp/Twig/tree/v3.5.1" + "source": "https://github.com/twigphp/Twig/tree/v3.7.0" }, "funding": [ { @@ -1619,20 +1614,20 @@ "type": "tidelift" } ], - "time": "2023-02-08T07:49:20+00:00" + "time": "2023-07-26T07:16:09+00:00" }, { "name": "voku/anti-xss", - "version": "4.1.41", + "version": "4.1.42", "source": { "type": "git", "url": "https://github.com/voku/anti-xss.git", - "reference": "55a403436494e44a2547a8d42de68e6cad4bca1d" + "reference": "bca1f8607e55a3c5077483615cd93bd8f11bd675" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/voku/anti-xss/zipball/55a403436494e44a2547a8d42de68e6cad4bca1d", - "reference": "55a403436494e44a2547a8d42de68e6cad4bca1d", + "url": "https://api.github.com/repos/voku/anti-xss/zipball/bca1f8607e55a3c5077483615cd93bd8f11bd675", + "reference": "bca1f8607e55a3c5077483615cd93bd8f11bd675", "shasum": "" }, "require": { @@ -1678,7 +1673,7 @@ ], "support": { "issues": "https://github.com/voku/anti-xss/issues", - "source": "https://github.com/voku/anti-xss/tree/4.1.41" + "source": "https://github.com/voku/anti-xss/tree/4.1.42" }, "funding": [ { @@ -1702,7 +1697,7 @@ "type": "tidelift" } ], - "time": "2023-02-12T15:56:55+00:00" + "time": "2023-07-03T14:40:46+00:00" }, { "name": "voku/portable-ascii", @@ -2151,16 +2146,16 @@ }, { "name": "nikic/php-parser", - "version": "v4.15.4", + "version": "v4.16.0", "source": { "type": "git", "url": "https://github.com/nikic/PHP-Parser.git", - "reference": "6bb5176bc4af8bcb7d926f88718db9b96a2d4290" + "reference": "19526a33fb561ef417e822e85f08a00db4059c17" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/6bb5176bc4af8bcb7d926f88718db9b96a2d4290", - "reference": "6bb5176bc4af8bcb7d926f88718db9b96a2d4290", + "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/19526a33fb561ef417e822e85f08a00db4059c17", + "reference": "19526a33fb561ef417e822e85f08a00db4059c17", "shasum": "" }, "require": { @@ -2201,22 +2196,22 @@ ], "support": { "issues": "https://github.com/nikic/PHP-Parser/issues", - "source": "https://github.com/nikic/PHP-Parser/tree/v4.15.4" + "source": "https://github.com/nikic/PHP-Parser/tree/v4.16.0" }, - "time": "2023-03-05T19:49:14+00:00" + "time": "2023-06-25T14:52:30+00:00" }, { "name": "pdepend/pdepend", - "version": "2.13.0", + "version": "2.14.0", "source": { "type": "git", "url": "https://github.com/pdepend/pdepend.git", - "reference": "31be7cd4f305f3f7b52af99c1cb13fc938d1cfad" + "reference": "1121d4b04af06e33e9659bac3a6741b91cab1de1" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/pdepend/pdepend/zipball/31be7cd4f305f3f7b52af99c1cb13fc938d1cfad", - "reference": "31be7cd4f305f3f7b52af99c1cb13fc938d1cfad", + "url": "https://api.github.com/repos/pdepend/pdepend/zipball/1121d4b04af06e33e9659bac3a6741b91cab1de1", + "reference": "1121d4b04af06e33e9659bac3a6741b91cab1de1", "shasum": "" }, "require": { @@ -2250,9 +2245,15 @@ "BSD-3-Clause" ], "description": "Official version of pdepend to be handled with Composer", + "keywords": [ + "PHP Depend", + "PHP_Depend", + "dev", + "pdepend" + ], "support": { "issues": "https://github.com/pdepend/pdepend/issues", - "source": "https://github.com/pdepend/pdepend/tree/2.13.0" + "source": "https://github.com/pdepend/pdepend/tree/2.14.0" }, "funding": [ { @@ -2260,7 +2261,7 @@ "type": "tidelift" } ], - "time": "2023-02-28T20:56:15+00:00" + "time": "2023-05-26T13:15:18+00:00" }, { "name": "phar-io/manifest", @@ -2582,16 +2583,16 @@ }, { "name": "phpstan/phpstan", - "version": "1.10.14", + "version": "1.10.26", "source": { "type": "git", "url": "https://github.com/phpstan/phpstan.git", - "reference": "d232901b09e67538e5c86a724be841bea5768a7c" + "reference": "5d660cbb7e1b89253a47147ae44044f49832351f" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpstan/zipball/d232901b09e67538e5c86a724be841bea5768a7c", - "reference": "d232901b09e67538e5c86a724be841bea5768a7c", + "url": "https://api.github.com/repos/phpstan/phpstan/zipball/5d660cbb7e1b89253a47147ae44044f49832351f", + "reference": "5d660cbb7e1b89253a47147ae44044f49832351f", "shasum": "" }, "require": { @@ -2640,7 +2641,7 @@ "type": "tidelift" } ], - "time": "2023-04-19T13:47:27+00:00" + "time": "2023-07-19T12:44:37+00:00" }, { "name": "phpunit/php-code-coverage", @@ -2962,16 +2963,16 @@ }, { "name": "phpunit/phpunit", - "version": "9.6.7", + "version": "9.6.10", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/phpunit.git", - "reference": "c993f0d3b0489ffc42ee2fe0bd645af1538a63b2" + "reference": "a6d351645c3fe5a30f5e86be6577d946af65a328" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/c993f0d3b0489ffc42ee2fe0bd645af1538a63b2", - "reference": "c993f0d3b0489ffc42ee2fe0bd645af1538a63b2", + "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/a6d351645c3fe5a30f5e86be6577d946af65a328", + "reference": "a6d351645c3fe5a30f5e86be6577d946af65a328", "shasum": "" }, "require": { @@ -3045,7 +3046,7 @@ "support": { "issues": "https://github.com/sebastianbergmann/phpunit/issues", "security": "https://github.com/sebastianbergmann/phpunit/security/policy", - "source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.7" + "source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.10" }, "funding": [ { @@ -3061,7 +3062,7 @@ "type": "tidelift" } ], - "time": "2023-04-14T08:58:40+00:00" + "time": "2023-07-10T04:04:23+00:00" }, { "name": "sebastian/cli-parser", @@ -3363,16 +3364,16 @@ }, { "name": "sebastian/diff", - "version": "4.0.4", + "version": "4.0.5", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/diff.git", - "reference": "3461e3fccc7cfdfc2720be910d3bd73c69be590d" + "reference": "74be17022044ebaaecfdf0c5cd504fc9cd5a7131" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/diff/zipball/3461e3fccc7cfdfc2720be910d3bd73c69be590d", - "reference": "3461e3fccc7cfdfc2720be910d3bd73c69be590d", + "url": "https://api.github.com/repos/sebastianbergmann/diff/zipball/74be17022044ebaaecfdf0c5cd504fc9cd5a7131", + "reference": "74be17022044ebaaecfdf0c5cd504fc9cd5a7131", "shasum": "" }, "require": { @@ -3417,7 +3418,7 @@ ], "support": { "issues": "https://github.com/sebastianbergmann/diff/issues", - "source": "https://github.com/sebastianbergmann/diff/tree/4.0.4" + "source": "https://github.com/sebastianbergmann/diff/tree/4.0.5" }, "funding": [ { @@ -3425,7 +3426,7 @@ "type": "github" } ], - "time": "2020-10-26T13:10:38+00:00" + "time": "2023-05-07T05:35:17+00:00" }, { "name": "sebastian/environment", @@ -4227,16 +4228,16 @@ }, { "name": "symfony/dependency-injection", - "version": "v5.4.22", + "version": "v5.4.25", "source": { "type": "git", "url": "https://github.com/symfony/dependency-injection.git", - "reference": "e1b7c1432efb4ad1dd89d62906187271e2601ed9" + "reference": "f0410c30a6c86bbce6c719c2b5cfc343362b982e" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/dependency-injection/zipball/e1b7c1432efb4ad1dd89d62906187271e2601ed9", - "reference": "e1b7c1432efb4ad1dd89d62906187271e2601ed9", + "url": "https://api.github.com/repos/symfony/dependency-injection/zipball/f0410c30a6c86bbce6c719c2b5cfc343362b982e", + "reference": "f0410c30a6c86bbce6c719c2b5cfc343362b982e", "shasum": "" }, "require": { @@ -4296,7 +4297,7 @@ "description": "Allows you to standardize and centralize the way objects are constructed in your application", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/dependency-injection/tree/v5.4.22" + "source": "https://github.com/symfony/dependency-injection/tree/v5.4.25" }, "funding": [ { @@ -4312,20 +4313,20 @@ "type": "tidelift" } ], - "time": "2023-03-10T10:02:45+00:00" + "time": "2023-06-24T09:45:28+00:00" }, { "name": "symfony/filesystem", - "version": "v5.4.21", + "version": "v5.4.25", "source": { "type": "git", "url": "https://github.com/symfony/filesystem.git", - "reference": "e75960b1bbfd2b8c9e483e0d74811d555ca3de9f" + "reference": "0ce3a62c9579a53358d3a7eb6b3dfb79789a6364" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/filesystem/zipball/e75960b1bbfd2b8c9e483e0d74811d555ca3de9f", - "reference": "e75960b1bbfd2b8c9e483e0d74811d555ca3de9f", + "url": "https://api.github.com/repos/symfony/filesystem/zipball/0ce3a62c9579a53358d3a7eb6b3dfb79789a6364", + "reference": "0ce3a62c9579a53358d3a7eb6b3dfb79789a6364", "shasum": "" }, "require": { @@ -4360,7 +4361,7 @@ "description": "Provides basic utilities for the filesystem", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/filesystem/tree/v5.4.21" + "source": "https://github.com/symfony/filesystem/tree/v5.4.25" }, "funding": [ { @@ -4376,7 +4377,7 @@ "type": "tidelift" } ], - "time": "2023-02-14T08:03:56+00:00" + "time": "2023-05-31T13:04:02+00:00" }, { "name": "symfony/polyfill-php81", diff --git a/install/froxlor.sql.php b/install/froxlor.sql.php index 4453aea7..39621cbb 100644 --- a/install/froxlor.sql.php +++ b/install/froxlor.sql.php @@ -705,6 +705,8 @@ opcache.validate_timestamps'), ('backup', 'enabled', 0), ('backup', 'default_storage', '1'), ('backup', 'default_customer_access', '1'), + ('backup', 'default_pgp_public_key', ''), + ('backup', 'default_retention', '3'), ('api', 'enabled', '0'), ('api', 'customer_default', '1'), ('2fa', 'enabled', '1'), @@ -1079,8 +1081,8 @@ CREATE TABLE `panel_backup_storages` ( `destination_path` varchar(255) NOT NULL, `hostname` varchar(255) NULL, `username` varchar(255) NULL, - `password` varchar(255) NULL, - `pgp_public_key` varchar(255) NULL, + `password` text, + `pgp_public_key` text, `retention` int(3) NOT NULL DEFAULT 3, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci; diff --git a/install/updates/froxlor/update_2.1.inc.php b/install/updates/froxlor/update_2.1.inc.php index 7d412fdb..53432dd9 100644 --- a/install/updates/froxlor/update_2.1.inc.php +++ b/install/updates/froxlor/update_2.1.inc.php @@ -73,8 +73,8 @@ if (Froxlor::isDatabaseVersion('202304260')) { `destination_path` varchar(255) NOT NULL, `hostname` varchar(255) NULL, `username` varchar(255) NULL, - `password` varchar(255) NULL, - `pgp_public_key` varchar(255) NULL, + `password` text, + `pgp_public_key` text, `retention` int(3) NOT NULL DEFAULT 3, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci;"; @@ -105,6 +105,8 @@ if (Froxlor::isDatabaseVersion('202304260')) { Settings::AddNew('backup.enabled', 0); Settings::AddNew('backup.default_storage', 1); Settings::AddNew('backup.default_customer_access', 1); + Settings::AddNew('backup.default_pgp_public_key', ''); + Settings::AddNew('backup.default_retention', 3); Update::lastStepStatus(0); Update::showUpdateStep("Adjusting cronjobs"); diff --git a/lib/Froxlor/Api/Commands/BackupStorages.php b/lib/Froxlor/Api/Commands/BackupStorages.php index 47aa4098..2952162e 100644 --- a/lib/Froxlor/Api/Commands/BackupStorages.php +++ b/lib/Froxlor/Api/Commands/BackupStorages.php @@ -73,8 +73,8 @@ class BackupStorages extends ApiCommand implements ResourceEntity $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] list backup storages"); $query_fields = []; $result_stmt = Database::prepare(" - SELECT * FROM `" . TABLE_PANEL_BACKUP_STORAGES . "` - "); + SELECT * FROM `" . TABLE_PANEL_BACKUP_STORAGES . "` ". $this->getSearchWhere($query_fields) . $this->getOrderBy() . $this->getLimit() + ); Database::pexecute($result_stmt, $query_fields, true, true); $result = []; while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) { diff --git a/lib/Froxlor/Api/Commands/Backups.php b/lib/Froxlor/Api/Commands/Backups.php index 7804c416..b5f556e1 100644 --- a/lib/Froxlor/Api/Commands/Backups.php +++ b/lib/Froxlor/Api/Commands/Backups.php @@ -95,7 +95,8 @@ class Backups extends ApiCommand implements ResourceEntity FROM `" . TABLE_PANEL_BACKUPS . "` `b` LEFT JOIN `" . TABLE_PANEL_ADMINS . "` `a` USING(`adminid`) WHERE `b`.`customerid` IN (" . implode(', ', $customer_ids) . ") - "); + " . $this->getSearchWhere($query_fields, true) . $this->getOrderBy() . $this->getLimit() + ); Database::pexecute($result_stmt, $query_fields, true, true); $result = []; while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) { diff --git a/lib/Froxlor/Backup/Backup.php b/lib/Froxlor/Backup/Backup.php new file mode 100644 index 00000000..005df682 --- /dev/null +++ b/lib/Froxlor/Backup/Backup.php @@ -0,0 +1,53 @@ + + * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 + */ + +namespace Froxlor\Backup; + +use Froxlor\Database\Database; +use PDO; + +class Backup +{ + /** + * returns an array of existing backup-storages + * in our database for the settings-array + * + * @return array + */ + public static function getBackupStorages(): array + { + $storages_array = [ + 0 => lng('backup.storage_none') + ]; + // get all storages + $result_stmt = Database::query("SELECT id, type, description FROM `" . TABLE_PANEL_BACKUP_STORAGES . "` ORDER BY type, description"); + while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) { + if (!isset($storages_array[$row['id']]) && !in_array($row['id'], $storages_array)) { + $storages_array[$row['id']] = "[" . $row['type'] . "] " . html_entity_decode($row['description']); + } + } + return $storages_array; + } +} diff --git a/lib/Froxlor/Backup/Storages/Ftp.php b/lib/Froxlor/Backup/Storages/Ftp.php new file mode 100644 index 00000000..3e63065e --- /dev/null +++ b/lib/Froxlor/Backup/Storages/Ftp.php @@ -0,0 +1,98 @@ +sData['storage']['hostname'] ?? ''; + $username = $this->sData['storage']['username'] ?? ''; + $password = $this->sData['storage']['password'] ?? ''; + if (!empty($hostname) && !empty($username) && !empty($password)) { + $tmp = explode(":", $hostname); + $hostname = $tmp[0]; + $port = $tmp[1] ?? 21; + $this->ftp_conn = ftp_connect($hostname, $port); + if ($this->ftp_conn === false) { + throw new Exception('Unable to connect to ftp-server "' . $hostname . ':' . $port . '"'); + } + if (!ftp_login($this->ftp_conn, $username, $password)) { + throw new Exception('Unable to login to ftp-server "' . $hostname . ':' . $port . '"'); + } + return $this->changeToCorrectDirectory(); + } + throw new Exception('Empty hostname for FTP backup storage'); + } + + /** + * @param string $filename + * @param string $tmp_source_directory + * @return bool + * @throws Exception + */ + protected function putFile(string $filename, string $tmp_source_directory): bool + { + $source = FileDir::makeCorrectFile($tmp_source_directory . "/" . $filename); + $target = basename($filename); + if (file_exists($source) && !file_exists($target)) { + return ftp_put($this->ftp_conn, $target, $source, FTP_BINARY); + } + return false; + } + + /** + * @param string $filename + * @return bool + * @throws Exception + */ + protected function rmFile(string $filename): bool + { + $target = basename($filename); + if (ftp_size($this->ftp_conn, $target) >= 0) { + return ftp_delete($this->ftp_conn, $target); + } + return true; + } + + /** + * @return bool + */ + public function shutdown(): bool + { + return ftp_close($this->ftp_conn); + } + + /** + * @return bool + * @throws Exception + */ + private function changeToCorrectDirectory(): bool + { + $dirs = explode("/", $this->getDestinationDirectory()); + array_shift($dirs); + if (count($dirs) > 0 && !empty($dirs[0])) { + foreach ($dirs as $dir) { + if (empty($dir)) { + continue; + } + if (!@ftp_chdir($this->ftp_conn, $dir)) { + ftp_mkdir($this->ftp_conn, $dir); + ftp_chmod($this->ftp_conn, 0700, $dir); + ftp_chdir($this->ftp_conn, $dir); + } + } + return true; + } + return ftp_chdir($this->ftp_conn, "/"); + } +} diff --git a/lib/Froxlor/Backup/Storages/Local.php b/lib/Froxlor/Backup/Storages/Local.php new file mode 100644 index 00000000..b43df89f --- /dev/null +++ b/lib/Froxlor/Backup/Storages/Local.php @@ -0,0 +1,60 @@ +getDestinationDirectory())) { + return mkdir($this->getDestinationDirectory(), 0700, true); + } + return true; + } + + /** + * @param string $filename + * @param string $tmp_source_directory + * @return bool + * @throws Exception + */ + protected function putFile(string $filename, string $tmp_source_directory): bool + { + $source = FileDir::makeCorrectFile($tmp_source_directory . "/" . $filename); + $target = FileDir::makeCorrectFile($this->getDestinationDirectory() . "/" . $filename); + if (file_exists($source) && !file_exists($target)) { + return rename($source, $target); + } + return false; + } + + /** + * @param string $filename + * @return bool + * @throws Exception + */ + protected function rmFile(string $filename): bool + { + $target = FileDir::makeCorrectFile($this->getDestinationDirectory() . "/" . $filename); + if (file_exists($target)) { + return @unlink($target); + } + return true; + } + + /** + * @return bool + */ + public function shutdown(): bool + { + return true; + } +} diff --git a/lib/Froxlor/Backup/Storages/Rsync.php b/lib/Froxlor/Backup/Storages/Rsync.php new file mode 100644 index 00000000..de37a1cb --- /dev/null +++ b/lib/Froxlor/Backup/Storages/Rsync.php @@ -0,0 +1,42 @@ +sData = $storage_data; + $this->tmpDirectory = sys_get_temp_dir(); + } + + /** + * Validate sData, open connection to target storage, etc. + * + * @return bool + */ + abstract public function init(): bool; + + /** + * Disconnect / clean up connection if needed + * + * @return bool + */ + abstract public function shutdown(): bool; + + /** + * prepare files to back up (e.g. create archive or similar) and fill $filesToStore + * + * @return void + */ + public function prepareFiles(): void + { + $this->filesToStore = []; + + // create archive of web, mail and database data + + // create json-info-file + } + + /** + * @param string $filename + * @param string $tmp_source_directory + * @return bool + */ + abstract protected function putFile(string $filename, string $tmp_source_directory): bool; + + /** + * @param string $filename + * @return bool + */ + abstract protected function rmFile(string $filename): bool; + + /** + * @return bool + * @throws Exception + */ + public function removeOld(): bool + { + // retention in days + $retention = $this->sData['storage']['retention'] ?? 3; + // keep date + $keepDate = new \DateTime(); + $keepDate->setTime(0, 0, 0, 1); + // subtract retention days + $keepDate->sub(new \DateInterval('P' . $retention . 'D')); + // select target backups to remove for this storage-id and customer + $sel_stmt = Database::prepare(" + SELECT * FROM `" . TABLE_PANEL_BACKUPS . "` + WHERE `created_at` < :keepdate + AND `storage_id` = :sid + AND `customerid` = :cid + "); + Database::pexecute($sel_stmt, [ + 'keepdate' => $keepDate->format('U'), + 'sid' => $this->sData['backup'], + 'cid' => $this->sData['customerid'] + ]); + while ($oldBackup = $sel_stmt->fetch(\PDO::FETCH_ASSOC)) { + $this->rmFile($oldBackup['filename']); + } + } + + /** + * @return string + * @throws Exception + */ + public function getDestinationDirectory(): string + { + return FileDir::makeCorrectDir($this->sData['storage']['destination_path'] ?? "/"); + } + + /** + * Create backup-archive/file from $filesToStore and call putFile() + * + * @return bool + * @throws Exception + */ + public function createFromFiles(): bool + { + if (empty($this->filesToStore)) { + return false; + } + + $filename = FileDir::makeCorrectFile("/backup-" . $this->sData['loginname'] . "-" . date('c') . ".tar.gz"); + + // @todo create archive $filename from $filesToStore + + // determine filesize (use stat locally here b/c files are possibly large and php's filesize() can't handle them) + $sizeCheckFile = FileDir::makeCorrectFile($this->tmpDirectory . "/" . $filename); + $fileSizeOutput = FileDir::safe_exec('/usr/bin/stat -c "%s" ' . escapeshellarg($sizeCheckFile)); + $fileSize = (int)array_shift($fileSizeOutput); + + // add entry to database and upload/store file + $this->addEntry($filename, $fileSize); + return $this->putFile($filename, $this->tmpDirectory); + } + + /** + * @param string $filename + * @param int $fileSize + * @return void + * @throws Exception + */ + private function addEntry(string $filename, int $fileSize): void + { + $ins_stmt = Database::prepare(" + INSERT INTO `" . TABLE_PANEL_BACKUPS . "` SET + `adminid` = :adminid, + `customerid` = :customerid, + `loginname` = :loginname, + `size` = :size, + `storage_id` = :sid, + `filename` = :filename, + `created_at` = UNIX_TIMESTAMP() + "); + Database::pexecute($ins_stmt, [ + 'adminid' => $this->sData['adminid'], + 'customerid' => $this->sData['customerid'], + 'loginname' => $this->sData['loginname'], + 'size' => $fileSize, + 'sid' => $this->sData['backup'], + 'filename' => $filename + ]); + } +} diff --git a/lib/Froxlor/Backup/Storages/StorageFactory.php b/lib/Froxlor/Backup/Storages/StorageFactory.php new file mode 100644 index 00000000..bd2b7f4e --- /dev/null +++ b/lib/Froxlor/Backup/Storages/StorageFactory.php @@ -0,0 +1,12 @@ +logAction(FroxlorLogger::CRON_ACTION, LOG_DEBUG, 'BackupCron: disabled - exiting'); return -1; } @@ -71,11 +73,22 @@ class BackupCron extends FroxlorCron self::runFork([self::class, 'handle'], $customers); } + /** + * @throws Exception + */ private static function handle(array $userdata) { echo "BackupCron: started - creating customer backup for user " . $userdata['loginname'] . "\n"; - echo json_encode($userdata['storage']) . "\n"; + $backupStorage = StorageFactory::fromType($userdata['storage']['type'], $userdata); + // initialize storage + $backupStorage->init(); + // do what is required to obtain files/archives and move/upload + $backupStorage->prepareFiles(); + // upload/move to target + $backupStorage->createFromFiles(); + // remove by retention + $backupStorage->removeOld(); echo "BackupCron: finished - creating customer backup for user " . $userdata['loginname'] . "\n"; } From ab82695806acf17e4610984735304a17128f2bb7 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Thu, 27 Jul 2023 11:25:03 +0200 Subject: [PATCH 59/87] adjustments in installation for debian 12 and fcgid / disabling mod_php; thx to Konstantin Signed-off-by: Michael Kaufmann --- lib/Froxlor/Install/Install/Core.php | 6 +++++- lib/configfiles/bookworm.xml | 4 ++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/lib/Froxlor/Install/Install/Core.php b/lib/Froxlor/Install/Install/Core.php index 5eb04f9a..839f856a 100644 --- a/lib/Froxlor/Install/Install/Core.php +++ b/lib/Froxlor/Install/Install/Core.php @@ -449,7 +449,11 @@ class Core $reload = "service php" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION . "-fpm restart"; $config_dir = "/etc/php/" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION . "/fpm/pool.d/"; // fcgid - $binary = "/usr/bin/php" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION . "-cgi"; + if ($this->validatedData['distribution'] == 'bookworm') { + $binary = "/usr/bin/php-cgi" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION; + } else { + $binary = "/usr/bin/php" . PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION . "-cgi"; + } } $db_user->query("UPDATE `" . TABLE_PANEL_FPMDAEMONS . "` SET `reload_cmd` = '" . $reload . "', `config_dir` = '" . $config_dir . "' WHERE `id` ='1';"); $db_user->query("UPDATE `" . TABLE_PANEL_PHPCONFIGS . "` SET `binary` = '" . $binary . "';"); diff --git a/lib/configfiles/bookworm.xml b/lib/configfiles/bookworm.xml index 88f60b44..1499ec17 100644 --- a/lib/configfiles/bookworm.xml +++ b/lib/configfiles/bookworm.xml @@ -3348,7 +3348,7 @@ aliases: files - + @@ -3381,7 +3381,7 @@ aliases: files {{settings.phpfpm.enabled_ownvhost}} - + From a86c8535e076f54d7c8be8cc36f99abf5a608f12 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Thu, 27 Jul 2023 16:58:22 +0200 Subject: [PATCH 60/87] fix tablelisting of backup-storages Signed-off-by: Michael Kaufmann --- admin_backups.php | 6 +++--- .../admin/backup_storages/formfield.backup_storage_add.php | 1 + lib/tablelisting/admin/tablelisting.backup_storages.php | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/admin_backups.php b/admin_backups.php index cda3f6f0..0004da5b 100644 --- a/admin_backups.php +++ b/admin_backups.php @@ -82,15 +82,15 @@ if (($page == 'backups' || $page == 'overview')) { $log->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "list backup storages"); try { - $admin_list_data = include_once dirname(__FILE__) . '/lib/tablelisting/admin/tablelisting.backup_storages.php'; + $backup_storage_list_data = include_once dirname(__FILE__) . '/lib/tablelisting/admin/tablelisting.backup_storages.php'; $collection = (new Collection(BackupStorages::class, $userinfo)) - ->withPagination($admin_list_data['backup_storages_list']['columns'], $admin_list_data['backup_storages_list']['default_sorting']); + ->withPagination($backup_storage_list_data['backup_storages_list']['columns'], $backup_storage_list_data['backup_storages_list']['default_sorting']); } catch (Exception $e) { Response::dynamicError($e->getMessage()); } UI::view('user/table.html.twig', [ - 'listing' => Listing::format($collection, $admin_list_data, 'backup_storages_list'), + 'listing' => Listing::format($collection, $backup_storage_list_data, 'backup_storages_list'), 'actions_links' => [ [ 'href' => $linker->getLink(['section' => 'backups', 'page' => 'backups']), diff --git a/lib/formfields/admin/backup_storages/formfield.backup_storage_add.php b/lib/formfields/admin/backup_storages/formfield.backup_storage_add.php index 28856194..7ea3bf5b 100644 --- a/lib/formfields/admin/backup_storages/formfield.backup_storage_add.php +++ b/lib/formfields/admin/backup_storages/formfield.backup_storage_add.php @@ -81,6 +81,7 @@ return [ 'pgp_public_key' => [ 'label' => lng('backup.backup_storage.pgp_public_key'), 'type' => 'textarea', + 'value' => Settings::Get('backup.default_pgp_public_key') ], 'retention' => [ 'label' => lng('backup.backup_storage.retention'), diff --git a/lib/tablelisting/admin/tablelisting.backup_storages.php b/lib/tablelisting/admin/tablelisting.backup_storages.php index 4447faec..716fa1fd 100644 --- a/lib/tablelisting/admin/tablelisting.backup_storages.php +++ b/lib/tablelisting/admin/tablelisting.backup_storages.php @@ -36,7 +36,7 @@ return [ 'title' => lng('backup.backup_storages.list'), 'icon' => 'fa-solid fa-file-archive', 'self_overview' => ['section' => 'backups', 'page' => 'storages'], - 'default_sorting' => ['loginname' => 'asc'], + 'default_sorting' => ['description' => 'asc'], 'columns' => [ 'id' => [ 'label' => 'ID', From bb60df07096073ba591a9cef82bd1c8a3c39b982 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Fri, 28 Jul 2023 12:20:06 +0200 Subject: [PATCH 61/87] more work on backup feature Signed-off-by: Michael Kaufmann --- lib/Froxlor/Backup/Storages/Ftp.php | 16 +- lib/Froxlor/Backup/Storages/Local.php | 12 +- lib/Froxlor/Backup/Storages/Rsync.php | 9 +- lib/Froxlor/Backup/Storages/S3.php | 9 +- lib/Froxlor/Backup/Storages/Sftp.php | 9 +- lib/Froxlor/Backup/Storages/Storage.php | 144 ++++++++++++++++-- .../Backup/Storages/StorageFactory.php | 27 ++++ .../admin/tablelisting.backup_storages.php | 2 + 8 files changed, 200 insertions(+), 28 deletions(-) diff --git a/lib/Froxlor/Backup/Storages/Ftp.php b/lib/Froxlor/Backup/Storages/Ftp.php index 3e63065e..1108ec46 100644 --- a/lib/Froxlor/Backup/Storages/Ftp.php +++ b/lib/Froxlor/Backup/Storages/Ftp.php @@ -35,19 +35,23 @@ class Ftp extends Storage } /** + * Move/Upload file from tmp-source-directory. The file should be moved or deleted afterward. + * Must return the (relative) path including filename to the backup. + * * @param string $filename * @param string $tmp_source_directory - * @return bool + * @return string * @throws Exception */ - protected function putFile(string $filename, string $tmp_source_directory): bool + protected function putFile(string $filename, string $tmp_source_directory): string { $source = FileDir::makeCorrectFile($tmp_source_directory . "/" . $filename); - $target = basename($filename); - if (file_exists($source) && !file_exists($target)) { - return ftp_put($this->ftp_conn, $target, $source, FTP_BINARY); + if (file_exists($source) && ftp_size($this->ftp_conn, $filename) == -1) { + if (ftp_put($this->ftp_conn, $filename, $source, FTP_BINARY)) { + return FileDir::makeCorrectFile($this->getDestinationDirectory() . '/' . $filename); + } } - return false; + return ""; } /** diff --git a/lib/Froxlor/Backup/Storages/Local.php b/lib/Froxlor/Backup/Storages/Local.php index b43df89f..7c5d0bfb 100644 --- a/lib/Froxlor/Backup/Storages/Local.php +++ b/lib/Froxlor/Backup/Storages/Local.php @@ -21,19 +21,23 @@ class Local extends Storage } /** + * Move/Upload file from tmp-source-directory. The file should be moved or deleted afterward. + * Must return the (relative) path including filename to the backup. + * * @param string $filename * @param string $tmp_source_directory - * @return bool + * @return string * @throws Exception */ - protected function putFile(string $filename, string $tmp_source_directory): bool + protected function putFile(string $filename, string $tmp_source_directory): string { $source = FileDir::makeCorrectFile($tmp_source_directory . "/" . $filename); $target = FileDir::makeCorrectFile($this->getDestinationDirectory() . "/" . $filename); if (file_exists($source) && !file_exists($target)) { - return rename($source, $target); + rename($source, $target); + return $target; } - return false; + return ""; } /** diff --git a/lib/Froxlor/Backup/Storages/Rsync.php b/lib/Froxlor/Backup/Storages/Rsync.php index de37a1cb..687a372a 100644 --- a/lib/Froxlor/Backup/Storages/Rsync.php +++ b/lib/Froxlor/Backup/Storages/Rsync.php @@ -14,13 +14,16 @@ class Rsync extends Storage } /** + * Move/Upload file from tmp-source-directory. The file should be moved or deleted afterward. + * Must return the (relative) path including filename to the backup. + * * @param string $filename * @param string $tmp_source_directory - * @return bool + * @return string */ - protected function putFile(string $filename, string $tmp_source_directory): bool + protected function putFile(string $filename, string $tmp_source_directory): string { - // TODO: Implement putFiles() method. + return ""; } /** diff --git a/lib/Froxlor/Backup/Storages/S3.php b/lib/Froxlor/Backup/Storages/S3.php index 9c7001e3..2e45e262 100644 --- a/lib/Froxlor/Backup/Storages/S3.php +++ b/lib/Froxlor/Backup/Storages/S3.php @@ -14,13 +14,16 @@ class S3 extends Storage } /** + * Move/Upload file from tmp-source-directory. The file should be moved or deleted afterward. + * Must return the (relative) path including filename to the backup. + * * @param string $filename * @param string $tmp_source_directory - * @return bool + * @return string */ - protected function putFile(string $filename, string $tmp_source_directory): bool + protected function putFile(string $filename, string $tmp_source_directory): string { - // TODO: Implement putFiles() method. + return ""; } /** diff --git a/lib/Froxlor/Backup/Storages/Sftp.php b/lib/Froxlor/Backup/Storages/Sftp.php index 17bd0e6a..eff8a1af 100644 --- a/lib/Froxlor/Backup/Storages/Sftp.php +++ b/lib/Froxlor/Backup/Storages/Sftp.php @@ -14,13 +14,16 @@ class Sftp extends Storage } /** + * Move/Upload file from tmp-source-directory. The file should be moved or deleted afterward. + * Must return the (relative) path including filename to the backup. + * * @param string $filename * @param string $tmp_source_directory - * @return bool + * @return string */ - protected function putFile(string $filename, string $tmp_source_directory): bool + protected function putFile(string $filename, string $tmp_source_directory): string { - // TODO: Implement putFiles() method. + return ""; } /** diff --git a/lib/Froxlor/Backup/Storages/Storage.php b/lib/Froxlor/Backup/Storages/Storage.php index d5f72442..24f04519 100644 --- a/lib/Froxlor/Backup/Storages/Storage.php +++ b/lib/Froxlor/Backup/Storages/Storage.php @@ -13,10 +13,13 @@ abstract class Storage protected array $filesToStore; + /** + * @throws Exception + */ public function __construct(array $storage_data) { $this->sData = $storage_data; - $this->tmpDirectory = sys_get_temp_dir(); + $this->tmpDirectory = FileDir::makeCorrectDir(sys_get_temp_dir() . '/backup-' . $this->sData['loginname']); } /** @@ -37,22 +40,126 @@ abstract class Storage * prepare files to back up (e.g. create archive or similar) and fill $filesToStore * * @return void + * @throws Exception */ public function prepareFiles(): void { $this->filesToStore = []; + $tmpdir = FileDir::makeCorrectDir($this->tmpDirectory . '/.tmp/'); + FileDir::safe_exec('mkdir -p ' . escapeshellarg($tmpdir)); + // create archive of web, mail and database data + $this->prepareWebData(); + $this->prepareDatabaseData(); + $this->prepareMailData(); // create json-info-file } /** + * @throws Exception + */ + private function prepareWebData(): void + { + $tmpdir = FileDir::makeCorrectDir($this->tmpDirectory . '/.tmp/web'); + FileDir::safe_exec('mkdir -p ' . escapeshellarg($tmpdir)); + FileDir::safe_exec('tar cfz ' . escapeshellarg(FileDir::makeCorrectFile($tmpdir . '/' . $this->sData['loginname'] . '-web.tar.gz')) . ' -C ' . escapeshellarg($this->sData['documentroot']) . ' .'); + $this->filesToStore[] = FileDir::makeCorrectFile($tmpdir . '/' . $this->sData['loginname'] . '-web.tar.gz'); + } + + /** + * @throws Exception + */ + private function prepareDatabaseData(): void + { + $tmpdir = FileDir::makeCorrectDir($this->tmpDirectory . '/.tmp/mysql'); + FileDir::safe_exec('mkdir -p ' . escapeshellarg($tmpdir)); + + // get all customer database-names + $sel_stmt = Database::prepare(" + SELECT `databasename`, `dbserver` FROM `" . TABLE_PANEL_DATABASES . "` + WHERE `customerid` = :cid ORDER BY `dbserver` + "); + Database::pexecute($sel_stmt, [ + 'cid' => $this->sData['customerid'] + ]); + + $has_dbs = false; + $current_dbserver = -1; + while ($row = $sel_stmt->fetch()) { + // Get sql_root data for the specific database-server the database resides on + if ($current_dbserver != $row['dbserver']) { + Database::needRoot(true, $row['dbserver']); + Database::needSqlData(); + $sql_root = Database::getSqlData(); + Database::needRoot(false); + // create temporary mysql-defaults file for the connection-credentials/details + $mysqlcnf_file = tempnam("/tmp", "frx"); + $mysqlcnf = "[mysqldump]\npassword=" . $sql_root['passwd'] . "\nhost=" . $sql_root['host'] . "\n"; + if (!empty($sql_root['port'])) { + $mysqlcnf .= "port=" . $sql_root['port'] . "\n"; + } elseif (!empty($sql_root['socket'])) { + $mysqlcnf .= "socket=" . $sql_root['socket'] . "\n"; + } + file_put_contents($mysqlcnf_file, $mysqlcnf); + } + $bool_false = false; + FileDir::safe_exec('mysqldump --defaults-file=' . escapeshellarg($mysqlcnf_file) . ' -u ' . escapeshellarg($sql_root['user']) . ' ' . $row['databasename'] . ' > ' . FileDir::makeCorrectFile($tmpdir . '/' . $row['databasename'] . '_' . date('YmdHi', time()) . '.sql'), $bool_false, [ + '>' + ]); + $has_dbs = true; + $current_dbserver = $row['dbserver']; + } + + if ($has_dbs) { + $this->filesToStore[] = $tmpdir; + } + + if (@file_exists($mysqlcnf_file)) { + @unlink($mysqlcnf_file); + } + } + + private function prepareMailData(): void + { + $tmpdir = FileDir::makeCorrectDir($this->tmpDirectory . '/.tmp/mail'); + FileDir::safe_exec('mkdir -p ' . escapeshellarg($tmpdir)); + + // get all customer mail-accounts + $sel_stmt = Database::prepare(" + SELECT `homedir`, `maildir` FROM `" . TABLE_MAIL_USERS . "` + WHERE `customerid` = :cid + "); + Database::pexecute($sel_stmt, [ + 'cid' => $this->sData['customerid'] + ]); + + $tar_file_list = ""; + $mail_homedir = ""; + while ($row = $sel_stmt->fetch()) { + $tar_file_list .= escapeshellarg("./" . $row['maildir']) . " "; + if (empty($mail_homedir)) { + // this should be equal for all entries + $mail_homedir = $row['homedir']; + } + } + + if (!empty($tar_file_list)) { + FileDir::safe_exec('tar cfz ' . escapeshellarg(FileDir::makeCorrectFile($tmpdir . '/' . $this->sData['loginname'] . '-mail.tar.gz')) . ' -C ' . escapeshellarg($mail_homedir) . ' ' . trim($tar_file_list)); + $this->filesToStore[] = FileDir::makeCorrectFile($tmpdir . '/' . $this->sData['loginname'] . '-mail.tar.gz'); + } + } + + /** + * Move/Upload file from tmp-source-directory. The file should be moved or deleted afterward. + * Must return the (relative) path including filename to the backup. + * * @param string $filename * @param string $tmp_source_directory - * @return bool + * @return string */ - abstract protected function putFile(string $filename, string $tmp_source_directory): bool; + abstract protected function putFile(string $filename, string $tmp_source_directory): string; /** * @param string $filename @@ -91,6 +198,8 @@ abstract class Storage } /** + * Returns the storage configured destination path for all backups + * * @return string * @throws Exception */ @@ -111,18 +220,35 @@ abstract class Storage return false; } - $filename = FileDir::makeCorrectFile("/backup-" . $this->sData['loginname'] . "-" . date('c') . ".tar.gz"); + $filename = FileDir::makeCorrectFile($this->tmpDirectory . "/backup-" . $this->sData['loginname'] . "-" . date('c') . ".tar.gz"); + $tmpdir = FileDir::makeCorrectDir($this->tmpDirectory . '/.tmp/'); + $create_export_tar_data = implode(" ", $this->filesToStore); + FileDir::safe_exec('chown -R ' . (int)$this->sData['guid'] . ':' . (int)$this->sData['guid'] . ' ' . escapeshellarg($tmpdir)); - // @todo create archive $filename from $filesToStore + if (!empty($data['pgp_public_key'])) { + // pack all archives in tmp-dir to one archive and encrypt it with gpg + $recipient_file = FileDir::makeCorrectFile($this->tmpDirectory . '/' . $this->sData['loginname'] . '-recipients.gpg'); + file_put_contents($recipient_file, $data['pgp_public_key']); + $return_value = []; + FileDir::safe_exec('tar cfz - -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_export_tar_data) . ' | gpg --encrypt --recipient-file ' . escapeshellarg($recipient_file) . ' --output ' . escapeshellarg($filename) . ' --trust-model always --batch --yes', $return_value, ['|']); + } else { + // pack all archives in tmp-dir to one archive + FileDir::safe_exec('tar cfz ' . escapeshellarg($filename) . ' -C ' . escapeshellarg($tmpdir) . ' ' . trim($create_export_tar_data)); + } // determine filesize (use stat locally here b/c files are possibly large and php's filesize() can't handle them) - $sizeCheckFile = FileDir::makeCorrectFile($this->tmpDirectory . "/" . $filename); - $fileSizeOutput = FileDir::safe_exec('/usr/bin/stat -c "%s" ' . escapeshellarg($sizeCheckFile)); + $fileSizeOutput = FileDir::safe_exec('/usr/bin/stat -c "%s" ' . escapeshellarg($filename)); $fileSize = (int)array_shift($fileSizeOutput); // add entry to database and upload/store file - $this->addEntry($filename, $fileSize); - return $this->putFile($filename, $this->tmpDirectory); + + FileDir::safe_exec('rm -rf ' . escapeshellarg($tmpdir)); + $fileDest = $this->putFile(basename($filename), $this->tmpDirectory); + if (!empty($fileDest)) { + $this->addEntry($fileDest, $fileSize); + return true; + } + return false; } /** diff --git a/lib/Froxlor/Backup/Storages/StorageFactory.php b/lib/Froxlor/Backup/Storages/StorageFactory.php index bd2b7f4e..73e28a90 100644 --- a/lib/Froxlor/Backup/Storages/StorageFactory.php +++ b/lib/Froxlor/Backup/Storages/StorageFactory.php @@ -2,6 +2,9 @@ namespace Froxlor\Backup\Storages; +use Exception; +use Froxlor\Database\Database; + class StorageFactory { public static function fromType(string $type, array $storage_data): Storage @@ -9,4 +12,28 @@ class StorageFactory $type = "\\Froxlor\\Backup\\Storages\\" . ucfirst($type); return new $type($storage_data); } + + /** + * @throws Exception + */ + public static function fromStorageId(int $storage_id, array $user_data): Storage + { + $storage = self::readStorageData($storage_id); + $storage_data = $user_data; + $storage_data['storage'] = $storage; + return self::fromType($storage['type'], $storage_data); + } + + /** + * @throws Exception + */ + private static function readStorageData(int $storage_id): array + { + $stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_BACKUP_STORAGES . "` WHERE `id` = :bid"); + $storage = Database::pexecute_first($stmt, ['bid' => $storage_id]); + if (empty($storage)) { + throw new Exception("Invalid/empty backup-storage. Unable to continue"); + } + return $storage; + } } diff --git a/lib/tablelisting/admin/tablelisting.backup_storages.php b/lib/tablelisting/admin/tablelisting.backup_storages.php index 716fa1fd..c1c32bd0 100644 --- a/lib/tablelisting/admin/tablelisting.backup_storages.php +++ b/lib/tablelisting/admin/tablelisting.backup_storages.php @@ -26,6 +26,7 @@ use Froxlor\UI\Callbacks\Admin; use Froxlor\UI\Callbacks\Customer; use Froxlor\UI\Callbacks\Impersonate; +use Froxlor\UI\Callbacks\PHPConf; use Froxlor\UI\Callbacks\ProgressBar; use Froxlor\UI\Callbacks\Style; use Froxlor\UI\Callbacks\Text; @@ -115,6 +116,7 @@ return [ 'action' => 'delete', 'id' => ':id' ], + 'visible' => [PHPConf::class, 'isNotDefault'] ], ], ] From 20aa162fccff5eadb417490d2f10526d7081a435 Mon Sep 17 00:00:00 2001 From: overgrow Date: Fri, 28 Jul 2023 14:18:53 +0200 Subject: [PATCH 62/87] Added support DNS TLSA record (#1165) Co-authored-by: netcarlos --- lib/Froxlor/Api/Commands/DomainZones.php | 2 ++ lib/formfields/formfield.dns_add.php | 1 + lng/en.lng.php | 1 + 3 files changed, 4 insertions(+) diff --git a/lib/Froxlor/Api/Commands/DomainZones.php b/lib/Froxlor/Api/Commands/DomainZones.php index 3975fd4a..eebe6b8d 100644 --- a/lib/Froxlor/Api/Commands/DomainZones.php +++ b/lib/Froxlor/Api/Commands/DomainZones.php @@ -302,6 +302,8 @@ class DomainZones extends ApiCommand implements ResourceEntity } } elseif ($type == 'SSHFP' && !empty($content)) { $content = $content; + } elseif ($type == 'TLSA' && !empty($content)) { + $content = $content; } elseif ($type == 'TXT' && !empty($content)) { // check that TXT content is enclosed in " " $content = Dns::encloseTXTContent($content); diff --git a/lib/formfields/formfield.dns_add.php b/lib/formfields/formfield.dns_add.php index b7c07da0..8e31f1b1 100644 --- a/lib/formfields/formfield.dns_add.php +++ b/lib/formfields/formfield.dns_add.php @@ -51,6 +51,7 @@ return [ 'RP' => 'RP', 'SRV' => 'SRV', 'SSHFP' => 'SSHFP', + 'TLSA' => 'TLSA', 'TXT' => 'TXT' ], 'selected' => $type diff --git a/lng/en.lng.php b/lng/en.lng.php index 2f3b0471..4403ace9 100644 --- a/lng/en.lng.php +++ b/lng/en.lng.php @@ -709,6 +709,7 @@ return [ 'RP' => 'Responsible Person record
    Structure: mailbox[replace @ with a dot] txt-record-name
    Example: team.froxlor.org. froxlor.org.', 'SRV' => 'Service location record, used for newer protocols instead of creating protocol-specific records such as MX.
    Structure: priority weight port target
    Example: 0 5 5060 sipserver.example.com.
    Note: For priority, use field above', 'SSHFP' => 'The SSHFP resource record is used to publish secure shell (SSH) key fingerprints in the DNS.
    Structure: algorithm type fingerprint
    Algorithms: 0: reserved, 1: RSA, 2: DSA, 3: ECDSA, 4: Ed25519, 6: Ed448
    Types: 0: reserved, 1: SHA-1, 2: SHA-256
    Example: 2 1 123456789abcdef67890123456789abcdef67890', + 'TLSA' => 'TLSA (TLS Authentication) record is used to publish fingerprint of a TLS/SSL certificate. It is commonly used for DANE.
    TLSA records can only be trusted if DNSSEC is enabled on your domain.
    Structure: usage selector type fingerprint
    Certificate usage: 0: PKIX-T, 1: PKIX-EE, 2: DANE-TA, 3: DANE-EE
    Selector: 0: Use full certificate, 1: Use subject public key
    Matching type: 0: Full: No Hash, 1: SHA-256 Hash, 2:SHA-512 Hash
    Example: 3 1 1 123456789abcdef67890123456789abcdef123456789abcdef123456789abcde', 'TXT' => 'Free definable, descriptive text.' ] ], From 52a06bf8060157fee0d7d97e376b34872c45af52 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Fri, 28 Jul 2023 14:51:35 +0200 Subject: [PATCH 63/87] validate allowed php configurations to be none-empty if php is enabled for the customer Signed-off-by: Michael Kaufmann --- lib/Froxlor/Api/Commands/Customers.php | 7 +++++++ lng/de.lng.php | 1 + lng/en.lng.php | 1 + 3 files changed, 9 insertions(+) diff --git a/lib/Froxlor/Api/Commands/Customers.php b/lib/Froxlor/Api/Commands/Customers.php index d23d3d24..722d78c1 100644 --- a/lib/Froxlor/Api/Commands/Customers.php +++ b/lib/Froxlor/Api/Commands/Customers.php @@ -424,6 +424,10 @@ class Customers extends ApiCommand implements ResourceEntity } $allowed_phpconfigs = array_map('intval', $allowed_phpconfigs); + if (empty($allowed_phpconfigs) && $phpenabled == 1) { + Response::standardError('customerphpenabledbutnoconfig', '', true); + } + $allowed_mysqlserver = array(); if (! empty($p_allowed_mysqlserver) && is_array($p_allowed_mysqlserver)) { foreach ($p_allowed_mysqlserver as $allowed_ms) { @@ -1163,6 +1167,9 @@ class Customers extends ApiCommand implements ResourceEntity if (!empty($allowed_phpconfigs)) { $allowed_phpconfigs = array_map('intval', $allowed_phpconfigs); } + if (empty($allowed_phpconfigs) && $phpenabled == 1) { + Response::standardError('customerphpenabledbutnoconfig', '', true); + } // add permission for allowed mysql usage if customer was not allowed to use mysql prior if ($result['mysqls'] == 0 && ($mysqls == -1 || $mysqls > 0)) { diff --git a/lng/de.lng.php b/lng/de.lng.php index 46be6c99..269837c1 100644 --- a/lng/de.lng.php +++ b/lng/de.lng.php @@ -938,6 +938,7 @@ return [ 'gnupgextensionnotavailable' => 'Die PHP GnuPG Extension ist nicht verfügbar. PGP Schlüssel können nicht validiert werden.', 'invalidpgppublickey' => 'Der angegebene PGP Public Key ist ungültig', 'invalid_validtime' => 'Wert der valid_time in Sekunden muss zwischen 10 und 120 liegen.', + 'customerphpenabledbutnoconfig' => 'Kunde hat PHP aktiviert aber keine PHP-Konfiguration wurde gewählt.', ], 'extras' => [ 'description' => 'Hier können Sie zusätzliche Extras einrichten, wie zum Beispiel einen Verzeichnisschutz.
    Die Änderungen sind erst nach einer kurzen Zeit wirksam.', diff --git a/lng/en.lng.php b/lng/en.lng.php index 4403ace9..263759f6 100644 --- a/lng/en.lng.php +++ b/lng/en.lng.php @@ -1009,6 +1009,7 @@ return [ 'gnupgextensionnotavailable' => 'The PHP GnuPG extension is not available. Unable to validate PGP Public Key', 'invalidpgppublickey' => 'The PGP Public Key is not valid', 'invalid_validtime' => 'Valid time in seconds can only be between 10 and 120', + 'customerphpenabledbutnoconfig' => 'Customer has PHP activated but no PHP-configuration was selected.', ], 'extras' => [ 'description' => 'Here you can add some extras, for example directory protection.
    The system will need some time to apply the new settings after every change.', From fcfd44f726f4f70e2193783bc4a6db5b2893effa Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Fri, 11 Aug 2023 12:09:23 +0200 Subject: [PATCH 64/87] correctly redirect to last-page if session is timed out and remove passing script/qrystr url parameters Signed-off-by: Michael Kaufmann --- admin_admins.php | 1 + admin_customers.php | 2 +- admin_index.php | 2 +- index.php | 19 ++++++++++++------- lib/Froxlor/UI/Panel/UI.php | 3 ++- lib/init.php | 15 ++++++++------- 6 files changed, 25 insertions(+), 17 deletions(-) diff --git a/admin_admins.php b/admin_admins.php index 13b38bab..98a522f2 100644 --- a/admin_admins.php +++ b/admin_admins.php @@ -77,6 +77,7 @@ if (($page == 'admins' || $page == 'overview') && $userinfo['change_serversettin $result['switched_user'] = CurrentUser::getData(); $result['adminsession'] = 1; $result['userid'] = $result['adminid']; + session_regenerate_id(true); CurrentUser::setData($result); $log->logAction( diff --git a/admin_customers.php b/admin_customers.php index c7813e3b..1adf7dd6 100644 --- a/admin_customers.php +++ b/admin_customers.php @@ -94,7 +94,7 @@ if (($page == 'customers' || $page == 'overview') && $userinfo['customers'] != ' $result['switched_user'] = CurrentUser::getData(); $result['adminsession'] = 0; $result['userid'] = $result['customerid']; - session_regenerate_id(); + session_regenerate_id(true); CurrentUser::setData($result); $log->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "switched user and is now '" . $destination_user . "'"); diff --git a/admin_index.php b/admin_index.php index c1c18c7d..0cca79fa 100644 --- a/admin_index.php +++ b/admin_index.php @@ -53,7 +53,7 @@ if ($action == 'logout') { if (is_array(CurrentUser::getField('switched_user'))) { $result = CurrentUser::getData(); $result = $result['switched_user']; - session_regenerate_id(); + session_regenerate_id(true); CurrentUser::setData($result); $target = (isset($_GET['target']) ? $_GET['target'] : 'index'); $redirect = "admin_" . $target . ".php"; diff --git a/index.php b/index.php index 7860686e..827bdbf9 100644 --- a/index.php +++ b/index.php @@ -434,8 +434,13 @@ if ($action == '2fa_entercode') { if (isset($_REQUEST['qrystr']) && $_REQUEST['qrystr'] != "") { $lastqrystr = urlencode($_REQUEST['qrystr']); } - $_SESSION['lastscript'] = $lastscript; - $_SESSION['lastqrystr'] = $lastqrystr; + + if (!empty($lastscript)) { + $_SESSION['lastscript'] = $lastscript; + } + if (!empty($lastqrystr)) { + $_SESSION['lastqrystr'] = $lastqrystr; + } UI::view('login/login.html.twig', [ 'pagetitle' => 'Login', @@ -634,7 +639,7 @@ if ($action == 'forgotpwd') { UI::view('login/fpwd.html.twig', [ 'pagetitle' => lng('login.presend'), - 'formaction' => 'index.php?action='.$action, + 'formaction' => 'index.php?action=' . $action, 'message' => $message, ]); } @@ -786,7 +791,7 @@ if ($action == 'll') { function finishLogin($userinfo) { if (isset($userinfo['userid']) && $userinfo['userid'] != '') { - session_regenerate_id(); + session_regenerate_id(true); CurrentUser::setData($userinfo); $language = $userinfo['def_language'] ?? Settings::Get('panel.standardlanguage'); @@ -800,7 +805,7 @@ function finishLogin($userinfo) } $qryparams = []; - if (isset($_SESSION['lastqrystr']) && !empty($_SESSION['lastqrystr'])) { + if (!empty($_SESSION['lastqrystr'])) { parse_str(urldecode($_SESSION['lastqrystr']), $qryparams); unset($_SESSION['lastqrystr']); } @@ -809,7 +814,7 @@ function finishLogin($userinfo) if (Froxlor::hasUpdates() || Froxlor::hasDbUpdates()) { Response::redirectTo('admin_updates.php?page=overview'); } else { - if (isset($_SESSION['lastscript']) && !empty($_SESSION['lastscript'])) { + if (!empty($_SESSION['lastscript'])) { $lastscript = $_SESSION['lastscript']; unset($_SESSION['lastscript']); if (preg_match("/customer\_/", $lastscript) === 1) { @@ -824,7 +829,7 @@ function finishLogin($userinfo) } } } else { - if (isset($_SESSION['lastscript']) && !empty($_SESSION['lastscript'])) { + if (!empty($_SESSION['lastscript'])) { $lastscript = $_SESSION['lastscript']; unset($_SESSION['lastscript']); Response::redirectTo($lastscript, $qryparams); diff --git a/lib/Froxlor/UI/Panel/UI.php b/lib/Froxlor/UI/Panel/UI.php index 7440d70b..97e20028 100644 --- a/lib/Froxlor/UI/Panel/UI.php +++ b/lib/Froxlor/UI/Panel/UI.php @@ -290,7 +290,8 @@ class UI ]; } - public static function validateThemeTemplate(string $name, string $theme = "") { + public static function validateThemeTemplate(string $name, string $theme = "") + { if (empty(trim($theme))) { $theme = self::getTheme(); } diff --git a/lib/init.php b/lib/init.php index 254d0726..7835ef56 100644 --- a/lib/init.php +++ b/lib/init.php @@ -181,8 +181,10 @@ if (@file_exists('templates/' . $theme . '/config.json')) { } // check for existence of variant in theme -if (is_array($_themeoptions) && (!array_key_exists('variants', $_themeoptions) || !array_key_exists($themevariant, - $_themeoptions['variants']))) { +if (is_array($_themeoptions) && (!array_key_exists('variants', $_themeoptions) || !array_key_exists( + $themevariant, + $_themeoptions['variants'] +))) { $themevariant = "default"; } @@ -216,12 +218,11 @@ UI::twig()->addGlobal('header_logo', $header_logo); if (!CurrentUser::hasSession() && AREA != 'login') { unset($_SESSION['userinfo']); CurrentUser::setData(); - session_destroy(); - $params = [ - "script" => basename($_SERVER["SCRIPT_NAME"]), - "qrystr" => $_SERVER["QUERY_STRING"] + $_SESSION = [ + "lastscript" => basename($_SERVER["SCRIPT_NAME"]), + "lastqrystr" => $_SERVER["QUERY_STRING"] ]; - Response::redirectTo('index.php', $params); + Response::redirectTo('index.php'); exit(); } From cb8b969dddf4cdf99a730a08e37d73549890e369 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Fri, 11 Aug 2023 12:13:33 +0200 Subject: [PATCH 65/87] forgot to save one file for the last commit Signed-off-by: Michael Kaufmann --- customer_index.php | 1 + 1 file changed, 1 insertion(+) diff --git a/customer_index.php b/customer_index.php index 00fbf3f7..9ea4ca83 100644 --- a/customer_index.php +++ b/customer_index.php @@ -52,6 +52,7 @@ if ($action == 'logout') { if (is_array(CurrentUser::getField('switched_user'))) { $result = CurrentUser::getData(); $result = $result['switched_user']; + session_regenerate_id(true); CurrentUser::setData($result); $target = (isset($_GET['target']) ? $_GET['target'] : 'index'); $redirect = "admin_" . $target . ".php"; From 9d4205acf681f136290be69eb6b830b68f7e0009 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Fri, 11 Aug 2023 13:57:21 +0200 Subject: [PATCH 66/87] correct validation of hostingplan name and description Signed-off-by: Michael Kaufmann --- lib/Froxlor/Api/Commands/HostingPlans.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/Froxlor/Api/Commands/HostingPlans.php b/lib/Froxlor/Api/Commands/HostingPlans.php index 971307b5..ce5f4832 100644 --- a/lib/Froxlor/Api/Commands/HostingPlans.php +++ b/lib/Froxlor/Api/Commands/HostingPlans.php @@ -200,8 +200,8 @@ class HostingPlans extends ApiCommand implements ResourceEntity $value_arr['logviewenabled'] = $this->getBoolParam('logviewenabled', true, 0); // validation - $name = Validate::validate(trim($name), 'name', '', '', [], true); - $description = Validate::validate(str_replace("\r\n", "\n", $description), 'description', Validate::REGEX_DESC_TEXT); + $name = Validate::validate(trim($name), 'name', Validate::REGEX_DESC_TEXT, '', [], true); + $description = Validate::validate(str_replace("\r\n", "\n", $description), 'description', Validate::REGEX_CONF_TEXT); if (Settings::Get('system.mail_quota_enabled') != '1') { $value_arr['email_quota'] = -1; @@ -382,8 +382,8 @@ class HostingPlans extends ApiCommand implements ResourceEntity $value_arr['logviewenabled'] = $this->getBoolParam('logviewenabled', true, $result['logviewenabled']); // validation - $name = Validate::validate(trim($name), 'name', '', '', [], true); - $description = Validate::validate(str_replace("\r\n", "\n", $description), 'description', Validate::REGEX_DESC_TEXT); + $name = Validate::validate(trim($name), 'name', Validate::REGEX_DESC_TEXT, '', [], true); + $description = Validate::validate(str_replace("\r\n", "\n", $description), 'description', Validate::REGEX_CONF_TEXT); if (Settings::Get('system.mail_quota_enabled') != '1') { $value_arr['email_quota'] = -1; From d53f9b8e58ce8e2e3d2fb8cc4ec2f74bd38d5117 Mon Sep 17 00:00:00 2001 From: Daniel Date: Sat, 12 Aug 2023 15:03:16 +0800 Subject: [PATCH 67/87] Add config-diff CLI Command (#1168) --------- Co-authored-by: Michael Kaufmann --- bin/froxlor-cli | 2 + lib/Froxlor/Cli/ConfigDiff.php | 178 +++++++++++++++++++++++++++++++++ 2 files changed, 180 insertions(+) create mode 100644 lib/Froxlor/Cli/ConfigDiff.php diff --git a/bin/froxlor-cli b/bin/froxlor-cli index eb5e214e..6301a426 100755 --- a/bin/froxlor-cli +++ b/bin/froxlor-cli @@ -26,6 +26,7 @@ declare(strict_types=1); +use Froxlor\Cli\ConfigDiff; use Symfony\Component\Console\Application; use Froxlor\Cli\RunApiCommand; use Froxlor\Cli\ConfigServices; @@ -61,4 +62,5 @@ $application->add(new InstallCommand()); $application->add(new MasterCron()); $application->add(new UserCommand()); $application->add(new ValidateAcmeWebroot()); +$application->add(new ConfigDiff()); $application->run(); diff --git a/lib/Froxlor/Cli/ConfigDiff.php b/lib/Froxlor/Cli/ConfigDiff.php new file mode 100644 index 00000000..590c7faf --- /dev/null +++ b/lib/Froxlor/Cli/ConfigDiff.php @@ -0,0 +1,178 @@ + + * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 + */ + +namespace Froxlor\Cli; + +use Froxlor\Config\ConfigParser; +use Froxlor\FileDir; +use Froxlor\Froxlor; +use Symfony\Component\Console\Input\InputArgument; +use Symfony\Component\Console\Input\InputInterface; +use Symfony\Component\Console\Input\InputOption; +use Symfony\Component\Console\Output\OutputInterface; + +final class ConfigDiff extends CliCommand +{ + protected function configure(): void + { + $this->setName('froxlor:config-diff') + ->setDescription('Shows differences in config templates between OS versions') + ->addArgument('from', InputArgument::OPTIONAL, 'OS version to compare against') + ->addArgument('to', InputArgument::OPTIONAL, 'OS version to compare from') + ->addOption('list', 'l', InputOption::VALUE_NONE, 'List all possible OS versions') + ->addOption('diff-params', 'p', InputOption::VALUE_REQUIRED, 'Additional parameters for `diff`'); + } + + protected function execute(InputInterface $input, OutputInterface $output): int + { + require Froxlor::getInstallDir() . '/lib/functions.php'; + + $parsers = $versions = []; + foreach (glob(Froxlor::getInstallDir() . '/lib/configfiles/*.xml') as $config) { + $name = str_replace(".xml", "", strtolower(basename($config))); + $parser = new ConfigParser($config); + $versions[$name] = $parser->getCompleteDistroName(); + $parsers[$name] = $parser; + } + asort($versions); + + if ($input->getOption('list') === true) { + $output->writeln('The following OS version templates are available:'); + foreach ($versions as $k => $v) { + $output->writeln(str_pad($k, 20) . $v); + } + return self::SUCCESS; + } + + if (!$input->hasArgument('from') || !array_key_exists($input->getArgument('from'), $versions)) { + $output->writeln('Missing or invalid "from" argument.'); + $output->writeln('Available versions: ' . implode(', ', array_keys($versions))); + return self::INVALID; + } + + if (!$input->hasArgument('to') || !array_key_exists($input->getArgument('to'), $versions)) { + $output->writeln('Missing or invalid "to" argument.'); + $output->writeln('Available versions: ' . implode(', ', array_keys($versions))); + return self::INVALID; + } + + // Make sure diff is installed + $check_diff_installed = FileDir::safe_exec('which diff'); + if (count($check_diff_installed) === 0) { + $output->writeln('Unable to find "diff" installation on your system.'); + return self::INVALID; + } + + $parser_from = $parsers[$input->getArgument('from')]; + $parser_to = $parsers[$input->getArgument('to')]; + $tmp_from = tempnam(sys_get_temp_dir(), 'froxlor_config_diff_from'); + $tmp_to = tempnam(sys_get_temp_dir(), 'froxlor_config_diff_to'); + $files = []; + $titles_by_key = []; + + // Aggregate content for each config file + foreach ([[$parser_from, 'from'], [$parser_to, 'to']] as $todo) { + foreach ($todo[0]->getServices() as $service_type => $service) { + foreach ($service->getDaemons() as $daemon_name => $daemon) { + foreach ($daemon->getConfig() as $instruction) { + if ($instruction['type'] !== 'file') { + continue; + } + + if (isset($instruction['subcommands'])) { + foreach ($instruction['subcommands'] as $subinstruction) { + if ($subinstruction['type'] !== 'file') { + continue; + } + + $content = $subinstruction['content']; + } + } else { + $content = $instruction['content']; + } + + if (!isset($content)) { + throw new \Exception("Cannot find content for {$instruction['name']}"); + } + + $key = "{$service_type}_{$daemon_name}_{$instruction['name']}"; + $titles_by_key[$key] = "{$service->title} : {$daemon->title} : {$instruction['name']}"; + if (!isset($files[$key])) { + $files[$key] = ['from' => '', 'to' => '']; + } + $files[$key][$todo[1]] = $this->filterContent($content); + } + } + } + } + ksort($files); + + $diff_params = ''; + if ($input->hasOption('diff-params') && trim($input->getOption('diff-params')) !== '') { + $diff_params = trim($input->getOption('diff-params')); + } + + // Run diff on each file and output, if anything changed + foreach ($files as $file_key => $content) { + file_put_contents($tmp_from, $content['from']); + file_put_contents($tmp_to, $content['to']); + $diff_output = FileDir::safe_exec("{$check_diff_installed[0]} {$diff_params} {$tmp_from} {$tmp_to}"); + + if (count($diff_output) === 0) { + continue; + } + + $output->writeln('# ' . $titles_by_key[$file_key] . ''); + $output->writeln(implode("\n", $diff_output) . "\n"); + unset($diff_output); + } + + // Remove tmp files again + unlink($tmp_from); + unlink($tmp_to); + + return self::SUCCESS; + } + + private function filterContent(string $content): string + { + $new_content = ''; + + foreach (explode("\n", $content) as $n) { + $n = trim($n); + if (!$n) { + continue; + } + + if (str_starts_with($n, '#')) { + continue; + } + + $new_content .= $n . "\n"; + } + + return $new_content; + } +} From 22aa19786478929511698d4cb3d39f06d477cbdb Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Sat, 12 Aug 2023 09:04:58 +0200 Subject: [PATCH 68/87] remove shortcode for --diff-params in configdiff command Signed-off-by: Michael Kaufmann --- lib/Froxlor/Cli/ConfigDiff.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/Froxlor/Cli/ConfigDiff.php b/lib/Froxlor/Cli/ConfigDiff.php index 590c7faf..82340b6c 100644 --- a/lib/Froxlor/Cli/ConfigDiff.php +++ b/lib/Froxlor/Cli/ConfigDiff.php @@ -42,7 +42,7 @@ final class ConfigDiff extends CliCommand ->addArgument('from', InputArgument::OPTIONAL, 'OS version to compare against') ->addArgument('to', InputArgument::OPTIONAL, 'OS version to compare from') ->addOption('list', 'l', InputOption::VALUE_NONE, 'List all possible OS versions') - ->addOption('diff-params', 'p', InputOption::VALUE_REQUIRED, 'Additional parameters for `diff`'); + ->addOption('diff-params', '', InputOption::VALUE_REQUIRED, 'Additional parameters for `diff`, e.g. --diff-params="--color=always"'); } protected function execute(InputInterface $input, OutputInterface $output): int From a0406932c3cc8d5951256c8b9dfa459e76c40c38 Mon Sep 17 00:00:00 2001 From: Daniel Date: Sun, 13 Aug 2023 14:19:32 +0800 Subject: [PATCH 69/87] Fix"Add" shortcut link in email address navigation (#1169) Seems to have changed when adding the domain-filter overview for email addresses, but not updated in the navigation. --- lib/navigation/00.froxlor.main.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/navigation/00.froxlor.main.php b/lib/navigation/00.froxlor.main.php index 76b0c1e0..a3df4464 100644 --- a/lib/navigation/00.froxlor.main.php +++ b/lib/navigation/00.froxlor.main.php @@ -38,7 +38,7 @@ return [ 'url' => 'customer_email.php?page=emails', 'label' => lng('menue.email.emails'), 'required_resources' => 'emails', - 'add_shortlink' => CurrentUser::canAddResource('emails') ? 'customer_email.php?page=emails&action=add' : null, + 'add_shortlink' => CurrentUser::canAddResource('emails') ? 'customer_email.php?page=email_domain&action=add' : null, ], [ 'url' => Settings::Get('panel.webmail_url'), From 5d04b8c829af4d1f7921ef1ac6b0ad226e7d0ae0 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Sat, 2 Sep 2023 15:53:15 +0200 Subject: [PATCH 70/87] only check non-admin resources if user is not an admin in navigation Signed-off-by: Michael Kaufmann --- lib/navigation/00.froxlor.main.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/navigation/00.froxlor.main.php b/lib/navigation/00.froxlor.main.php index a3df4464..36b93357 100644 --- a/lib/navigation/00.froxlor.main.php +++ b/lib/navigation/00.froxlor.main.php @@ -38,7 +38,7 @@ return [ 'url' => 'customer_email.php?page=emails', 'label' => lng('menue.email.emails'), 'required_resources' => 'emails', - 'add_shortlink' => CurrentUser::canAddResource('emails') ? 'customer_email.php?page=email_domain&action=add' : null, + 'add_shortlink' => !CurrentUser::isAdmin() && CurrentUser::canAddResource('emails') ? 'customer_email.php?page=email_domain&action=add' : null, ], [ 'url' => Settings::Get('panel.webmail_url'), @@ -60,7 +60,7 @@ return [ 'url' => 'customer_mysql.php?page=mysqls', 'label' => lng('menue.mysql.databases'), 'required_resources' => 'mysqls', - 'add_shortlink' => CurrentUser::canAddResource('mysqls')? 'customer_mysql.php?page=mysqls&action=add' : null, + 'add_shortlink' => !CurrentUser::isAdmin() && CurrentUser::canAddResource('mysqls')? 'customer_mysql.php?page=mysqls&action=add' : null, ], [ 'url' => Settings::Get('panel.phpmyadmin_url'), @@ -81,7 +81,7 @@ return [ [ 'url' => 'customer_domains.php?page=domains', 'label' => lng('menue.domains.settings'), - 'add_shortlink' => CurrentUser::canAddResource('subdomains') ? 'customer_domains.php?page=domains&action=add' : null, + 'add_shortlink' => !CurrentUser::isAdmin() && CurrentUser::canAddResource('subdomains') ? 'customer_domains.php?page=domains&action=add' : null, ], [ 'url' => 'customer_domains.php?page=sslcertificates', @@ -98,7 +98,7 @@ return [ [ 'url' => 'customer_ftp.php?page=accounts', 'label' => lng('menue.ftp.accounts'), - 'add_shortlink' => CurrentUser::canAddResource('ftps') ? 'customer_ftp.php?page=accounts&action=add' : null, + 'add_shortlink' => !CurrentUser::isAdmin() && CurrentUser::canAddResource('ftps') ? 'customer_ftp.php?page=accounts&action=add' : null, ], [ 'url' => Settings::Get('panel.webftp_url'), From 338b85594763f4fccf5f9383b3b729c591000dae Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Sat, 2 Sep 2023 17:11:06 +0200 Subject: [PATCH 71/87] check for existing userinfo if settings are being imported via cli Signed-off-by: Michael Kaufmann --- lib/Froxlor/Domain/IpAddr.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/Froxlor/Domain/IpAddr.php b/lib/Froxlor/Domain/IpAddr.php index 1c6f5cdf..c53eeac7 100644 --- a/lib/Froxlor/Domain/IpAddr.php +++ b/lib/Froxlor/Domain/IpAddr.php @@ -55,6 +55,7 @@ class IpAddr /** * @return array + * @throws \Exception */ public static function getSslIpPortCombinations(): array { @@ -75,7 +76,7 @@ class IpAddr $additional_conditions_params = []; $additional_conditions_array = []; - if ($userinfo['ip'] != '-1') { + if (!empty($userinfo) && $userinfo['ip'] != '-1') { $admin_ip_stmt = Database::prepare(" SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = IN (:ipid) "); From 9d2077ddee366ea301490d4d2d82892b22632aed Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Mon, 4 Sep 2023 10:54:59 +0200 Subject: [PATCH 72/87] more work on backup-storages; add backup cli-command Signed-off-by: Michael Kaufmann --- bin/froxlor-cli | 2 + composer.json | 3 +- composer.lock | 1024 +++++++++++++++++--- install/froxlor.sql.php | 3 +- install/updates/froxlor/update_2.0.inc.php | 15 + install/updates/froxlor/update_2.1.inc.php | 9 +- lib/Froxlor/Api/Commands/FpmDaemons.php | 4 +- lib/Froxlor/Backup/Storages/S3.php | 33 +- lib/Froxlor/Backup/Storages/Storage.php | 4 +- lib/Froxlor/Cli/BackupCommand.php | 129 +++ 10 files changed, 1075 insertions(+), 151 deletions(-) create mode 100644 lib/Froxlor/Cli/BackupCommand.php diff --git a/bin/froxlor-cli b/bin/froxlor-cli index 6301a426..4f4b7ef8 100755 --- a/bin/froxlor-cli +++ b/bin/froxlor-cli @@ -26,6 +26,7 @@ declare(strict_types=1); +use Froxlor\Cli\BackupCommand; use Froxlor\Cli\ConfigDiff; use Symfony\Component\Console\Application; use Froxlor\Cli\RunApiCommand; @@ -62,5 +63,6 @@ $application->add(new InstallCommand()); $application->add(new MasterCron()); $application->add(new UserCommand()); $application->add(new ValidateAcmeWebroot()); +$application->add(new BackupCommand()); $application->add(new ConfigDiff()); $application->run(); diff --git a/composer.json b/composer.json index 7da177d4..e005badd 100644 --- a/composer.json +++ b/composer.json @@ -56,7 +56,8 @@ "erusev/parsedown": "^1.7", "symfony/console": "^5.4", "pear/net_dns2": "^1.5", - "amnuts/opcache-gui": "^3.4" + "amnuts/opcache-gui": "^3.4", + "aws/aws-sdk-php": "^3.280" }, "require-dev": { "phpunit/phpunit": "^9", diff --git a/composer.lock b/composer.lock index 14e4df9b..b1c79df5 100644 --- a/composer.lock +++ b/composer.lock @@ -4,20 +4,20 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "9ce9c044d979a2358438b876c3c73561", + "content-hash": "b3c285b81c9729ba8e2bac6f3b586e9c", "packages": [ { "name": "amnuts/opcache-gui", - "version": "3.4.0", + "version": "3.5.1", "source": { "type": "git", "url": "https://github.com/amnuts/opcache-gui.git", - "reference": "a4af194185bcda734cf3e15e877b217153fffd2b" + "reference": "c4af1edefef3494dd483de5b168af4f08179fda5" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/amnuts/opcache-gui/zipball/a4af194185bcda734cf3e15e877b217153fffd2b", - "reference": "a4af194185bcda734cf3e15e877b217153fffd2b", + "url": "https://api.github.com/repos/amnuts/opcache-gui/zipball/c4af1edefef3494dd483de5b168af4f08179fda5", + "reference": "c4af1edefef3494dd483de5b168af4f08179fda5", "shasum": "" }, "require": { @@ -58,7 +58,7 @@ "support": { "email": "andy@amnuts.com", "issues": "https://github.com/amnuts/opcache-gui/issues", - "source": "https://github.com/amnuts/opcache-gui/tree/3.4.0" + "source": "https://github.com/amnuts/opcache-gui/tree/3.5.1" }, "funding": [ { @@ -66,7 +66,156 @@ "type": "github" } ], - "time": "2022-08-02T23:08:34+00:00" + "time": "2023-08-25T18:02:59+00:00" + }, + { + "name": "aws/aws-crt-php", + "version": "v1.2.2", + "source": { + "type": "git", + "url": "https://github.com/awslabs/aws-crt-php.git", + "reference": "2f1dc7b7eda080498be96a4a6d683a41583030e9" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/awslabs/aws-crt-php/zipball/2f1dc7b7eda080498be96a4a6d683a41583030e9", + "reference": "2f1dc7b7eda080498be96a4a6d683a41583030e9", + "shasum": "" + }, + "require": { + "php": ">=5.5" + }, + "require-dev": { + "phpunit/phpunit": "^4.8.35||^5.6.3||^9.5", + "yoast/phpunit-polyfills": "^1.0" + }, + "suggest": { + "ext-awscrt": "Make sure you install awscrt native extension to use any of the functionality." + }, + "type": "library", + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "Apache-2.0" + ], + "authors": [ + { + "name": "AWS SDK Common Runtime Team", + "email": "aws-sdk-common-runtime@amazon.com" + } + ], + "description": "AWS Common Runtime for PHP", + "homepage": "https://github.com/awslabs/aws-crt-php", + "keywords": [ + "amazon", + "aws", + "crt", + "sdk" + ], + "support": { + "issues": "https://github.com/awslabs/aws-crt-php/issues", + "source": "https://github.com/awslabs/aws-crt-php/tree/v1.2.2" + }, + "time": "2023-07-20T16:49:55+00:00" + }, + { + "name": "aws/aws-sdk-php", + "version": "3.280.2", + "source": { + "type": "git", + "url": "https://github.com/aws/aws-sdk-php.git", + "reference": "d68b83b3bc39b70bf33e9b8b5166facbe3e4fe9b" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/aws/aws-sdk-php/zipball/d68b83b3bc39b70bf33e9b8b5166facbe3e4fe9b", + "reference": "d68b83b3bc39b70bf33e9b8b5166facbe3e4fe9b", + "shasum": "" + }, + "require": { + "aws/aws-crt-php": "^1.0.4", + "ext-json": "*", + "ext-pcre": "*", + "ext-simplexml": "*", + "guzzlehttp/guzzle": "^6.5.8 || ^7.4.5", + "guzzlehttp/promises": "^1.4.0 || ^2.0", + "guzzlehttp/psr7": "^1.9.1 || ^2.4.5", + "mtdowling/jmespath.php": "^2.6", + "php": ">=7.2.5", + "psr/http-message": "^1.0 || ^2.0" + }, + "require-dev": { + "andrewsville/php-token-reflection": "^1.4", + "aws/aws-php-sns-message-validator": "~1.0", + "behat/behat": "~3.0", + "composer/composer": "^1.10.22", + "dms/phpunit-arraysubset-asserts": "^0.4.0", + "doctrine/cache": "~1.4", + "ext-dom": "*", + "ext-openssl": "*", + "ext-pcntl": "*", + "ext-sockets": "*", + "nette/neon": "^2.3", + "paragonie/random_compat": ">= 2", + "phpunit/phpunit": "^5.6.3 || ^8.5 || ^9.5", + "psr/cache": "^1.0", + "psr/simple-cache": "^1.0", + "sebastian/comparator": "^1.2.3 || ^4.0", + "yoast/phpunit-polyfills": "^1.0" + }, + "suggest": { + "aws/aws-php-sns-message-validator": "To validate incoming SNS notifications", + "doctrine/cache": "To use the DoctrineCacheAdapter", + "ext-curl": "To send requests using cURL", + "ext-openssl": "Allows working with CloudFront private distributions and verifying received SNS messages", + "ext-sockets": "To use client-side monitoring" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "3.0-dev" + } + }, + "autoload": { + "files": [ + "src/functions.php" + ], + "psr-4": { + "Aws\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "Apache-2.0" + ], + "authors": [ + { + "name": "Amazon Web Services", + "homepage": "http://aws.amazon.com" + } + ], + "description": "AWS SDK for PHP - Use Amazon Web Services in your PHP project", + "homepage": "http://aws.amazon.com/sdkforphp", + "keywords": [ + "amazon", + "aws", + "cloud", + "dynamodb", + "ec2", + "glacier", + "s3", + "sdk" + ], + "support": { + "forum": "https://forums.aws.amazon.com/forum.jspa?forumID=80", + "issues": "https://github.com/aws/aws-sdk-php/issues", + "source": "https://github.com/aws/aws-sdk-php/tree/3.280.2" + }, + "time": "2023-09-01T18:06:10+00:00" }, { "name": "erusev/parsedown", @@ -174,6 +323,331 @@ }, "time": "2019-12-31T12:16:30+00:00" }, + { + "name": "guzzlehttp/guzzle", + "version": "7.8.0", + "source": { + "type": "git", + "url": "https://github.com/guzzle/guzzle.git", + "reference": "1110f66a6530a40fe7aea0378fe608ee2b2248f9" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/guzzle/guzzle/zipball/1110f66a6530a40fe7aea0378fe608ee2b2248f9", + "reference": "1110f66a6530a40fe7aea0378fe608ee2b2248f9", + "shasum": "" + }, + "require": { + "ext-json": "*", + "guzzlehttp/promises": "^1.5.3 || ^2.0.1", + "guzzlehttp/psr7": "^1.9.1 || ^2.5.1", + "php": "^7.2.5 || ^8.0", + "psr/http-client": "^1.0", + "symfony/deprecation-contracts": "^2.2 || ^3.0" + }, + "provide": { + "psr/http-client-implementation": "1.0" + }, + "require-dev": { + "bamarni/composer-bin-plugin": "^1.8.1", + "ext-curl": "*", + "php-http/client-integration-tests": "dev-master#2c025848417c1135031fdf9c728ee53d0a7ceaee as 3.0.999", + "php-http/message-factory": "^1.1", + "phpunit/phpunit": "^8.5.29 || ^9.5.23", + "psr/log": "^1.1 || ^2.0 || ^3.0" + }, + "suggest": { + "ext-curl": "Required for CURL handler support", + "ext-intl": "Required for Internationalized Domain Name (IDN) support", + "psr/log": "Required for using the Log middleware" + }, + "type": "library", + "extra": { + "bamarni-bin": { + "bin-links": true, + "forward-command": false + } + }, + "autoload": { + "files": [ + "src/functions_include.php" + ], + "psr-4": { + "GuzzleHttp\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + }, + { + "name": "Michael Dowling", + "email": "mtdowling@gmail.com", + "homepage": "https://github.com/mtdowling" + }, + { + "name": "Jeremy Lindblom", + "email": "jeremeamia@gmail.com", + "homepage": "https://github.com/jeremeamia" + }, + { + "name": "George Mponos", + "email": "gmponos@gmail.com", + "homepage": "https://github.com/gmponos" + }, + { + "name": "Tobias Nyholm", + "email": "tobias.nyholm@gmail.com", + "homepage": "https://github.com/Nyholm" + }, + { + "name": "Márk Sági-Kazár", + "email": "mark.sagikazar@gmail.com", + "homepage": "https://github.com/sagikazarmark" + }, + { + "name": "Tobias Schultze", + "email": "webmaster@tubo-world.de", + "homepage": "https://github.com/Tobion" + } + ], + "description": "Guzzle is a PHP HTTP client library", + "keywords": [ + "client", + "curl", + "framework", + "http", + "http client", + "psr-18", + "psr-7", + "rest", + "web service" + ], + "support": { + "issues": "https://github.com/guzzle/guzzle/issues", + "source": "https://github.com/guzzle/guzzle/tree/7.8.0" + }, + "funding": [ + { + "url": "https://github.com/GrahamCampbell", + "type": "github" + }, + { + "url": "https://github.com/Nyholm", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/guzzle", + "type": "tidelift" + } + ], + "time": "2023-08-27T10:20:53+00:00" + }, + { + "name": "guzzlehttp/promises", + "version": "2.0.1", + "source": { + "type": "git", + "url": "https://github.com/guzzle/promises.git", + "reference": "111166291a0f8130081195ac4556a5587d7f1b5d" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/guzzle/promises/zipball/111166291a0f8130081195ac4556a5587d7f1b5d", + "reference": "111166291a0f8130081195ac4556a5587d7f1b5d", + "shasum": "" + }, + "require": { + "php": "^7.2.5 || ^8.0" + }, + "require-dev": { + "bamarni/composer-bin-plugin": "^1.8.1", + "phpunit/phpunit": "^8.5.29 || ^9.5.23" + }, + "type": "library", + "extra": { + "bamarni-bin": { + "bin-links": true, + "forward-command": false + } + }, + "autoload": { + "psr-4": { + "GuzzleHttp\\Promise\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + }, + { + "name": "Michael Dowling", + "email": "mtdowling@gmail.com", + "homepage": "https://github.com/mtdowling" + }, + { + "name": "Tobias Nyholm", + "email": "tobias.nyholm@gmail.com", + "homepage": "https://github.com/Nyholm" + }, + { + "name": "Tobias Schultze", + "email": "webmaster@tubo-world.de", + "homepage": "https://github.com/Tobion" + } + ], + "description": "Guzzle promises library", + "keywords": [ + "promise" + ], + "support": { + "issues": "https://github.com/guzzle/promises/issues", + "source": "https://github.com/guzzle/promises/tree/2.0.1" + }, + "funding": [ + { + "url": "https://github.com/GrahamCampbell", + "type": "github" + }, + { + "url": "https://github.com/Nyholm", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/promises", + "type": "tidelift" + } + ], + "time": "2023-08-03T15:11:55+00:00" + }, + { + "name": "guzzlehttp/psr7", + "version": "2.6.1", + "source": { + "type": "git", + "url": "https://github.com/guzzle/psr7.git", + "reference": "be45764272e8873c72dbe3d2edcfdfcc3bc9f727" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/guzzle/psr7/zipball/be45764272e8873c72dbe3d2edcfdfcc3bc9f727", + "reference": "be45764272e8873c72dbe3d2edcfdfcc3bc9f727", + "shasum": "" + }, + "require": { + "php": "^7.2.5 || ^8.0", + "psr/http-factory": "^1.0", + "psr/http-message": "^1.1 || ^2.0", + "ralouphie/getallheaders": "^3.0" + }, + "provide": { + "psr/http-factory-implementation": "1.0", + "psr/http-message-implementation": "1.0" + }, + "require-dev": { + "bamarni/composer-bin-plugin": "^1.8.1", + "http-interop/http-factory-tests": "^0.9", + "phpunit/phpunit": "^8.5.29 || ^9.5.23" + }, + "suggest": { + "laminas/laminas-httphandlerrunner": "Emit PSR-7 responses" + }, + "type": "library", + "extra": { + "bamarni-bin": { + "bin-links": true, + "forward-command": false + } + }, + "autoload": { + "psr-4": { + "GuzzleHttp\\Psr7\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + }, + { + "name": "Michael Dowling", + "email": "mtdowling@gmail.com", + "homepage": "https://github.com/mtdowling" + }, + { + "name": "George Mponos", + "email": "gmponos@gmail.com", + "homepage": "https://github.com/gmponos" + }, + { + "name": "Tobias Nyholm", + "email": "tobias.nyholm@gmail.com", + "homepage": "https://github.com/Nyholm" + }, + { + "name": "Márk Sági-Kazár", + "email": "mark.sagikazar@gmail.com", + "homepage": "https://github.com/sagikazarmark" + }, + { + "name": "Tobias Schultze", + "email": "webmaster@tubo-world.de", + "homepage": "https://github.com/Tobion" + }, + { + "name": "Márk Sági-Kazár", + "email": "mark.sagikazar@gmail.com", + "homepage": "https://sagikazarmark.hu" + } + ], + "description": "PSR-7 message implementation that also provides common utility methods", + "keywords": [ + "http", + "message", + "psr-7", + "request", + "response", + "stream", + "uri", + "url" + ], + "support": { + "issues": "https://github.com/guzzle/psr7/issues", + "source": "https://github.com/guzzle/psr7/tree/2.6.1" + }, + "funding": [ + { + "url": "https://github.com/GrahamCampbell", + "type": "github" + }, + { + "url": "https://github.com/Nyholm", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/guzzlehttp/psr7", + "type": "tidelift" + } + ], + "time": "2023-08-27T10:13:57+00:00" + }, { "name": "monolog/monolog", "version": "1.27.1", @@ -260,6 +734,72 @@ ], "time": "2022-06-09T08:53:42+00:00" }, + { + "name": "mtdowling/jmespath.php", + "version": "2.7.0", + "source": { + "type": "git", + "url": "https://github.com/jmespath/jmespath.php.git", + "reference": "bbb69a935c2cbb0c03d7f481a238027430f6440b" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/jmespath/jmespath.php/zipball/bbb69a935c2cbb0c03d7f481a238027430f6440b", + "reference": "bbb69a935c2cbb0c03d7f481a238027430f6440b", + "shasum": "" + }, + "require": { + "php": "^7.2.5 || ^8.0", + "symfony/polyfill-mbstring": "^1.17" + }, + "require-dev": { + "composer/xdebug-handler": "^3.0.3", + "phpunit/phpunit": "^8.5.33" + }, + "bin": [ + "bin/jp.php" + ], + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "2.7-dev" + } + }, + "autoload": { + "files": [ + "src/JmesPath.php" + ], + "psr-4": { + "JmesPath\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Graham Campbell", + "email": "hello@gjcampbell.co.uk", + "homepage": "https://github.com/GrahamCampbell" + }, + { + "name": "Michael Dowling", + "email": "mtdowling@gmail.com", + "homepage": "https://github.com/mtdowling" + } + ], + "description": "Declaratively specify how to extract elements from a JSON document", + "keywords": [ + "json", + "jsonpath" + ], + "support": { + "issues": "https://github.com/jmespath/jmespath.php/issues", + "source": "https://github.com/jmespath/jmespath.php/tree/2.7.0" + }, + "time": "2023-08-25T10:54:48+00:00" + }, { "name": "pear/net_dns2", "version": "v1.5.3", @@ -313,16 +853,16 @@ }, { "name": "phpmailer/phpmailer", - "version": "v6.8.0", + "version": "v6.8.1", "source": { "type": "git", "url": "https://github.com/PHPMailer/PHPMailer.git", - "reference": "df16b615e371d81fb79e506277faea67a1be18f1" + "reference": "e88da8d679acc3824ff231fdc553565b802ac016" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/df16b615e371d81fb79e506277faea67a1be18f1", - "reference": "df16b615e371d81fb79e506277faea67a1be18f1", + "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/e88da8d679acc3824ff231fdc553565b802ac016", + "reference": "e88da8d679acc3824ff231fdc553565b802ac016", "shasum": "" }, "require": { @@ -332,13 +872,13 @@ "php": ">=5.5.0" }, "require-dev": { - "dealerdirect/phpcodesniffer-composer-installer": "^0.7.2", + "dealerdirect/phpcodesniffer-composer-installer": "^1.0", "doctrine/annotations": "^1.2.6 || ^1.13.3", "php-parallel-lint/php-console-highlighter": "^1.0.0", "php-parallel-lint/php-parallel-lint": "^1.3.2", "phpcompatibility/php-compatibility": "^9.3.5", "roave/security-advisories": "dev-latest", - "squizlabs/php_codesniffer": "^3.7.1", + "squizlabs/php_codesniffer": "^3.7.2", "yoast/phpunit-polyfills": "^1.0.4" }, "suggest": { @@ -381,7 +921,7 @@ "description": "PHPMailer is a full-featured email creation and transfer class for PHP", "support": { "issues": "https://github.com/PHPMailer/PHPMailer/issues", - "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.8.0" + "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.8.1" }, "funding": [ { @@ -389,7 +929,7 @@ "type": "github" } ], - "time": "2023-03-06T14:43:22+00:00" + "time": "2023-08-29T08:26:30+00:00" }, { "name": "psr/container", @@ -439,6 +979,166 @@ }, "time": "2021-11-05T16:50:12+00:00" }, + { + "name": "psr/http-client", + "version": "1.0.2", + "source": { + "type": "git", + "url": "https://github.com/php-fig/http-client.git", + "reference": "0955afe48220520692d2d09f7ab7e0f93ffd6a31" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/php-fig/http-client/zipball/0955afe48220520692d2d09f7ab7e0f93ffd6a31", + "reference": "0955afe48220520692d2d09f7ab7e0f93ffd6a31", + "shasum": "" + }, + "require": { + "php": "^7.0 || ^8.0", + "psr/http-message": "^1.0 || ^2.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + }, + "autoload": { + "psr-4": { + "Psr\\Http\\Client\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "PHP-FIG", + "homepage": "https://www.php-fig.org/" + } + ], + "description": "Common interface for HTTP clients", + "homepage": "https://github.com/php-fig/http-client", + "keywords": [ + "http", + "http-client", + "psr", + "psr-18" + ], + "support": { + "source": "https://github.com/php-fig/http-client/tree/1.0.2" + }, + "time": "2023-04-10T20:12:12+00:00" + }, + { + "name": "psr/http-factory", + "version": "1.0.2", + "source": { + "type": "git", + "url": "https://github.com/php-fig/http-factory.git", + "reference": "e616d01114759c4c489f93b099585439f795fe35" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/php-fig/http-factory/zipball/e616d01114759c4c489f93b099585439f795fe35", + "reference": "e616d01114759c4c489f93b099585439f795fe35", + "shasum": "" + }, + "require": { + "php": ">=7.0.0", + "psr/http-message": "^1.0 || ^2.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + }, + "autoload": { + "psr-4": { + "Psr\\Http\\Message\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "PHP-FIG", + "homepage": "https://www.php-fig.org/" + } + ], + "description": "Common interfaces for PSR-7 HTTP message factories", + "keywords": [ + "factory", + "http", + "message", + "psr", + "psr-17", + "psr-7", + "request", + "response" + ], + "support": { + "source": "https://github.com/php-fig/http-factory/tree/1.0.2" + }, + "time": "2023-04-10T20:10:41+00:00" + }, + { + "name": "psr/http-message", + "version": "2.0", + "source": { + "type": "git", + "url": "https://github.com/php-fig/http-message.git", + "reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/php-fig/http-message/zipball/402d35bcb92c70c026d1a6a9883f06b2ead23d71", + "reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71", + "shasum": "" + }, + "require": { + "php": "^7.2 || ^8.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "2.0.x-dev" + } + }, + "autoload": { + "psr-4": { + "Psr\\Http\\Message\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "PHP-FIG", + "homepage": "https://www.php-fig.org/" + } + ], + "description": "Common interface for HTTP messages", + "homepage": "https://github.com/php-fig/http-message", + "keywords": [ + "http", + "http-message", + "psr", + "psr-7", + "request", + "response" + ], + "support": { + "source": "https://github.com/php-fig/http-message/tree/2.0" + }, + "time": "2023-04-04T09:54:51+00:00" + }, { "name": "psr/log", "version": "1.1.4", @@ -489,6 +1189,50 @@ }, "time": "2021-05-03T11:20:27+00:00" }, + { + "name": "ralouphie/getallheaders", + "version": "3.0.3", + "source": { + "type": "git", + "url": "https://github.com/ralouphie/getallheaders.git", + "reference": "120b605dfeb996808c31b6477290a714d356e822" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/ralouphie/getallheaders/zipball/120b605dfeb996808c31b6477290a714d356e822", + "reference": "120b605dfeb996808c31b6477290a714d356e822", + "shasum": "" + }, + "require": { + "php": ">=5.6" + }, + "require-dev": { + "php-coveralls/php-coveralls": "^2.1", + "phpunit/phpunit": "^5 || ^6.5" + }, + "type": "library", + "autoload": { + "files": [ + "src/getallheaders.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Ralph Khattar", + "email": "ralph.khattar@gmail.com" + } + ], + "description": "A polyfill for getallheaders.", + "support": { + "issues": "https://github.com/ralouphie/getallheaders/issues", + "source": "https://github.com/ralouphie/getallheaders/tree/develop" + }, + "time": "2019-03-08T08:55:37+00:00" + }, { "name": "robthree/twofactorauth", "version": "1.8.2", @@ -561,16 +1305,16 @@ }, { "name": "symfony/console", - "version": "v5.4.24", + "version": "v5.4.28", "source": { "type": "git", "url": "https://github.com/symfony/console.git", - "reference": "560fc3ed7a43e6d30ea94a07d77f9a60b8ed0fb8" + "reference": "f4f71842f24c2023b91237c72a365306f3c58827" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/console/zipball/560fc3ed7a43e6d30ea94a07d77f9a60b8ed0fb8", - "reference": "560fc3ed7a43e6d30ea94a07d77f9a60b8ed0fb8", + "url": "https://api.github.com/repos/symfony/console/zipball/f4f71842f24c2023b91237c72a365306f3c58827", + "reference": "f4f71842f24c2023b91237c72a365306f3c58827", "shasum": "" }, "require": { @@ -640,7 +1384,7 @@ "terminal" ], "support": { - "source": "https://github.com/symfony/console/tree/v5.4.24" + "source": "https://github.com/symfony/console/tree/v5.4.28" }, "funding": [ { @@ -656,7 +1400,7 @@ "type": "tidelift" } ], - "time": "2023-05-26T05:13:16+00:00" + "time": "2023-08-07T06:12:30+00:00" }, { "name": "symfony/deprecation-contracts", @@ -727,16 +1471,16 @@ }, { "name": "symfony/polyfill-ctype", - "version": "v1.27.0", + "version": "v1.28.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-ctype.git", - "reference": "5bbc823adecdae860bb64756d639ecfec17b050a" + "reference": "ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/5bbc823adecdae860bb64756d639ecfec17b050a", - "reference": "5bbc823adecdae860bb64756d639ecfec17b050a", + "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb", + "reference": "ea208ce43cbb04af6867b4fdddb1bdbf84cc28cb", "shasum": "" }, "require": { @@ -751,7 +1495,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "1.27-dev" + "dev-main": "1.28-dev" }, "thanks": { "name": "symfony/polyfill", @@ -789,7 +1533,7 @@ "portable" ], "support": { - "source": "https://github.com/symfony/polyfill-ctype/tree/v1.27.0" + "source": "https://github.com/symfony/polyfill-ctype/tree/v1.28.0" }, "funding": [ { @@ -805,20 +1549,20 @@ "type": "tidelift" } ], - "time": "2022-11-03T14:55:06+00:00" + "time": "2023-01-26T09:26:14+00:00" }, { "name": "symfony/polyfill-iconv", - "version": "v1.27.0", + "version": "v1.28.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-iconv.git", - "reference": "927013f3aac555983a5059aada98e1907d842695" + "reference": "6de50471469b8c9afc38164452ab2b6170ee71c1" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-iconv/zipball/927013f3aac555983a5059aada98e1907d842695", - "reference": "927013f3aac555983a5059aada98e1907d842695", + "url": "https://api.github.com/repos/symfony/polyfill-iconv/zipball/6de50471469b8c9afc38164452ab2b6170ee71c1", + "reference": "6de50471469b8c9afc38164452ab2b6170ee71c1", "shasum": "" }, "require": { @@ -833,7 +1577,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "1.27-dev" + "dev-main": "1.28-dev" }, "thanks": { "name": "symfony/polyfill", @@ -872,7 +1616,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-iconv/tree/v1.27.0" + "source": "https://github.com/symfony/polyfill-iconv/tree/v1.28.0" }, "funding": [ { @@ -888,20 +1632,20 @@ "type": "tidelift" } ], - "time": "2022-11-03T14:55:06+00:00" + "time": "2023-01-26T09:26:14+00:00" }, { "name": "symfony/polyfill-intl-grapheme", - "version": "v1.27.0", + "version": "v1.28.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-intl-grapheme.git", - "reference": "511a08c03c1960e08a883f4cffcacd219b758354" + "reference": "875e90aeea2777b6f135677f618529449334a612" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-intl-grapheme/zipball/511a08c03c1960e08a883f4cffcacd219b758354", - "reference": "511a08c03c1960e08a883f4cffcacd219b758354", + "url": "https://api.github.com/repos/symfony/polyfill-intl-grapheme/zipball/875e90aeea2777b6f135677f618529449334a612", + "reference": "875e90aeea2777b6f135677f618529449334a612", "shasum": "" }, "require": { @@ -913,7 +1657,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "1.27-dev" + "dev-main": "1.28-dev" }, "thanks": { "name": "symfony/polyfill", @@ -953,7 +1697,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-intl-grapheme/tree/v1.27.0" + "source": "https://github.com/symfony/polyfill-intl-grapheme/tree/v1.28.0" }, "funding": [ { @@ -969,20 +1713,20 @@ "type": "tidelift" } ], - "time": "2022-11-03T14:55:06+00:00" + "time": "2023-01-26T09:26:14+00:00" }, { "name": "symfony/polyfill-intl-normalizer", - "version": "v1.27.0", + "version": "v1.28.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-intl-normalizer.git", - "reference": "19bd1e4fcd5b91116f14d8533c57831ed00571b6" + "reference": "8c4ad05dd0120b6a53c1ca374dca2ad0a1c4ed92" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-intl-normalizer/zipball/19bd1e4fcd5b91116f14d8533c57831ed00571b6", - "reference": "19bd1e4fcd5b91116f14d8533c57831ed00571b6", + "url": "https://api.github.com/repos/symfony/polyfill-intl-normalizer/zipball/8c4ad05dd0120b6a53c1ca374dca2ad0a1c4ed92", + "reference": "8c4ad05dd0120b6a53c1ca374dca2ad0a1c4ed92", "shasum": "" }, "require": { @@ -994,7 +1738,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "1.27-dev" + "dev-main": "1.28-dev" }, "thanks": { "name": "symfony/polyfill", @@ -1037,7 +1781,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-intl-normalizer/tree/v1.27.0" + "source": "https://github.com/symfony/polyfill-intl-normalizer/tree/v1.28.0" }, "funding": [ { @@ -1053,20 +1797,20 @@ "type": "tidelift" } ], - "time": "2022-11-03T14:55:06+00:00" + "time": "2023-01-26T09:26:14+00:00" }, { "name": "symfony/polyfill-mbstring", - "version": "v1.27.0", + "version": "v1.28.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-mbstring.git", - "reference": "8ad114f6b39e2c98a8b0e3bd907732c207c2b534" + "reference": "42292d99c55abe617799667f454222c54c60e229" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/8ad114f6b39e2c98a8b0e3bd907732c207c2b534", - "reference": "8ad114f6b39e2c98a8b0e3bd907732c207c2b534", + "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/42292d99c55abe617799667f454222c54c60e229", + "reference": "42292d99c55abe617799667f454222c54c60e229", "shasum": "" }, "require": { @@ -1081,7 +1825,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "1.27-dev" + "dev-main": "1.28-dev" }, "thanks": { "name": "symfony/polyfill", @@ -1120,7 +1864,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.27.0" + "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.28.0" }, "funding": [ { @@ -1136,20 +1880,20 @@ "type": "tidelift" } ], - "time": "2022-11-03T14:55:06+00:00" + "time": "2023-07-28T09:04:16+00:00" }, { "name": "symfony/polyfill-php72", - "version": "v1.27.0", + "version": "v1.28.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-php72.git", - "reference": "869329b1e9894268a8a61dabb69153029b7a8c97" + "reference": "70f4aebd92afca2f865444d30a4d2151c13c3179" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-php72/zipball/869329b1e9894268a8a61dabb69153029b7a8c97", - "reference": "869329b1e9894268a8a61dabb69153029b7a8c97", + "url": "https://api.github.com/repos/symfony/polyfill-php72/zipball/70f4aebd92afca2f865444d30a4d2151c13c3179", + "reference": "70f4aebd92afca2f865444d30a4d2151c13c3179", "shasum": "" }, "require": { @@ -1158,7 +1902,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "1.27-dev" + "dev-main": "1.28-dev" }, "thanks": { "name": "symfony/polyfill", @@ -1196,7 +1940,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-php72/tree/v1.27.0" + "source": "https://github.com/symfony/polyfill-php72/tree/v1.28.0" }, "funding": [ { @@ -1212,20 +1956,20 @@ "type": "tidelift" } ], - "time": "2022-11-03T14:55:06+00:00" + "time": "2023-01-26T09:26:14+00:00" }, { "name": "symfony/polyfill-php73", - "version": "v1.27.0", + "version": "v1.28.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-php73.git", - "reference": "9e8ecb5f92152187c4799efd3c96b78ccab18ff9" + "reference": "fe2f306d1d9d346a7fee353d0d5012e401e984b5" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-php73/zipball/9e8ecb5f92152187c4799efd3c96b78ccab18ff9", - "reference": "9e8ecb5f92152187c4799efd3c96b78ccab18ff9", + "url": "https://api.github.com/repos/symfony/polyfill-php73/zipball/fe2f306d1d9d346a7fee353d0d5012e401e984b5", + "reference": "fe2f306d1d9d346a7fee353d0d5012e401e984b5", "shasum": "" }, "require": { @@ -1234,7 +1978,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "1.27-dev" + "dev-main": "1.28-dev" }, "thanks": { "name": "symfony/polyfill", @@ -1275,7 +2019,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-php73/tree/v1.27.0" + "source": "https://github.com/symfony/polyfill-php73/tree/v1.28.0" }, "funding": [ { @@ -1291,20 +2035,20 @@ "type": "tidelift" } ], - "time": "2022-11-03T14:55:06+00:00" + "time": "2023-01-26T09:26:14+00:00" }, { "name": "symfony/polyfill-php80", - "version": "v1.27.0", + "version": "v1.28.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-php80.git", - "reference": "7a6ff3f1959bb01aefccb463a0f2cd3d3d2fd936" + "reference": "6caa57379c4aec19c0a12a38b59b26487dcfe4b5" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/7a6ff3f1959bb01aefccb463a0f2cd3d3d2fd936", - "reference": "7a6ff3f1959bb01aefccb463a0f2cd3d3d2fd936", + "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/6caa57379c4aec19c0a12a38b59b26487dcfe4b5", + "reference": "6caa57379c4aec19c0a12a38b59b26487dcfe4b5", "shasum": "" }, "require": { @@ -1313,7 +2057,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "1.27-dev" + "dev-main": "1.28-dev" }, "thanks": { "name": "symfony/polyfill", @@ -1358,7 +2102,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-php80/tree/v1.27.0" + "source": "https://github.com/symfony/polyfill-php80/tree/v1.28.0" }, "funding": [ { @@ -1374,7 +2118,7 @@ "type": "tidelift" } ], - "time": "2022-11-03T14:55:06+00:00" + "time": "2023-01-26T09:26:14+00:00" }, { "name": "symfony/service-contracts", @@ -1461,16 +2205,16 @@ }, { "name": "symfony/string", - "version": "v5.4.22", + "version": "v5.4.26", "source": { "type": "git", "url": "https://github.com/symfony/string.git", - "reference": "8036a4c76c0dd29e60b6a7cafcacc50cf088ea62" + "reference": "1181fe9270e373537475e826873b5867b863883c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/string/zipball/8036a4c76c0dd29e60b6a7cafcacc50cf088ea62", - "reference": "8036a4c76c0dd29e60b6a7cafcacc50cf088ea62", + "url": "https://api.github.com/repos/symfony/string/zipball/1181fe9270e373537475e826873b5867b863883c", + "reference": "1181fe9270e373537475e826873b5867b863883c", "shasum": "" }, "require": { @@ -1527,7 +2271,7 @@ "utf8" ], "support": { - "source": "https://github.com/symfony/string/tree/v5.4.22" + "source": "https://github.com/symfony/string/tree/v5.4.26" }, "funding": [ { @@ -1543,20 +2287,20 @@ "type": "tidelift" } ], - "time": "2023-03-14T06:11:53+00:00" + "time": "2023-06-28T12:46:07+00:00" }, { "name": "twig/twig", - "version": "v3.7.0", + "version": "v3.7.1", "source": { "type": "git", "url": "https://github.com/twigphp/Twig.git", - "reference": "5cf942bbab3df42afa918caeba947f1b690af64b" + "reference": "a0ce373a0ca3bf6c64b9e3e2124aca502ba39554" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/twigphp/Twig/zipball/5cf942bbab3df42afa918caeba947f1b690af64b", - "reference": "5cf942bbab3df42afa918caeba947f1b690af64b", + "url": "https://api.github.com/repos/twigphp/Twig/zipball/a0ce373a0ca3bf6c64b9e3e2124aca502ba39554", + "reference": "a0ce373a0ca3bf6c64b9e3e2124aca502ba39554", "shasum": "" }, "require": { @@ -1566,7 +2310,7 @@ }, "require-dev": { "psr/container": "^1.0|^2.0", - "symfony/phpunit-bridge": "^4.4.9|^5.0.9|^6.0" + "symfony/phpunit-bridge": "^5.4.9|^6.3" }, "type": "library", "autoload": { @@ -1602,7 +2346,7 @@ ], "support": { "issues": "https://github.com/twigphp/Twig/issues", - "source": "https://github.com/twigphp/Twig/tree/v3.7.0" + "source": "https://github.com/twigphp/Twig/tree/v3.7.1" }, "funding": [ { @@ -1614,7 +2358,7 @@ "type": "tidelift" } ], - "time": "2023-07-26T07:16:09+00:00" + "time": "2023-08-28T11:09:02+00:00" }, { "name": "voku/anti-xss", @@ -2146,16 +2890,16 @@ }, { "name": "nikic/php-parser", - "version": "v4.16.0", + "version": "v4.17.1", "source": { "type": "git", "url": "https://github.com/nikic/PHP-Parser.git", - "reference": "19526a33fb561ef417e822e85f08a00db4059c17" + "reference": "a6303e50c90c355c7eeee2c4a8b27fe8dc8fef1d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/19526a33fb561ef417e822e85f08a00db4059c17", - "reference": "19526a33fb561ef417e822e85f08a00db4059c17", + "url": "https://api.github.com/repos/nikic/PHP-Parser/zipball/a6303e50c90c355c7eeee2c4a8b27fe8dc8fef1d", + "reference": "a6303e50c90c355c7eeee2c4a8b27fe8dc8fef1d", "shasum": "" }, "require": { @@ -2196,9 +2940,9 @@ ], "support": { "issues": "https://github.com/nikic/PHP-Parser/issues", - "source": "https://github.com/nikic/PHP-Parser/tree/v4.16.0" + "source": "https://github.com/nikic/PHP-Parser/tree/v4.17.1" }, - "time": "2023-06-25T14:52:30+00:00" + "time": "2023-08-13T19:53:39+00:00" }, { "name": "pdepend/pdepend", @@ -2583,16 +3327,16 @@ }, { "name": "phpstan/phpstan", - "version": "1.10.26", + "version": "1.10.32", "source": { "type": "git", "url": "https://github.com/phpstan/phpstan.git", - "reference": "5d660cbb7e1b89253a47147ae44044f49832351f" + "reference": "c47e47d3ab03137c0e121e77c4d2cb58672f6d44" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpstan/zipball/5d660cbb7e1b89253a47147ae44044f49832351f", - "reference": "5d660cbb7e1b89253a47147ae44044f49832351f", + "url": "https://api.github.com/repos/phpstan/phpstan/zipball/c47e47d3ab03137c0e121e77c4d2cb58672f6d44", + "reference": "c47e47d3ab03137c0e121e77c4d2cb58672f6d44", "shasum": "" }, "require": { @@ -2641,20 +3385,20 @@ "type": "tidelift" } ], - "time": "2023-07-19T12:44:37+00:00" + "time": "2023-08-24T21:54:50+00:00" }, { "name": "phpunit/php-code-coverage", - "version": "9.2.26", + "version": "9.2.27", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/php-code-coverage.git", - "reference": "443bc6912c9bd5b409254a40f4b0f4ced7c80ea1" + "reference": "b0a88255cb70d52653d80c890bd7f38740ea50d1" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/443bc6912c9bd5b409254a40f4b0f4ced7c80ea1", - "reference": "443bc6912c9bd5b409254a40f4b0f4ced7c80ea1", + "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/b0a88255cb70d52653d80c890bd7f38740ea50d1", + "reference": "b0a88255cb70d52653d80c890bd7f38740ea50d1", "shasum": "" }, "require": { @@ -2710,7 +3454,8 @@ ], "support": { "issues": "https://github.com/sebastianbergmann/php-code-coverage/issues", - "source": "https://github.com/sebastianbergmann/php-code-coverage/tree/9.2.26" + "security": "https://github.com/sebastianbergmann/php-code-coverage/security/policy", + "source": "https://github.com/sebastianbergmann/php-code-coverage/tree/9.2.27" }, "funding": [ { @@ -2718,7 +3463,7 @@ "type": "github" } ], - "time": "2023-03-06T12:58:08+00:00" + "time": "2023-07-26T13:44:30+00:00" }, { "name": "phpunit/php-file-iterator", @@ -2963,16 +3708,16 @@ }, { "name": "phpunit/phpunit", - "version": "9.6.10", + "version": "9.6.11", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/phpunit.git", - "reference": "a6d351645c3fe5a30f5e86be6577d946af65a328" + "reference": "810500e92855eba8a7a5319ae913be2da6f957b0" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/a6d351645c3fe5a30f5e86be6577d946af65a328", - "reference": "a6d351645c3fe5a30f5e86be6577d946af65a328", + "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/810500e92855eba8a7a5319ae913be2da6f957b0", + "reference": "810500e92855eba8a7a5319ae913be2da6f957b0", "shasum": "" }, "require": { @@ -3046,7 +3791,7 @@ "support": { "issues": "https://github.com/sebastianbergmann/phpunit/issues", "security": "https://github.com/sebastianbergmann/phpunit/security/policy", - "source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.10" + "source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.11" }, "funding": [ { @@ -3062,7 +3807,7 @@ "type": "tidelift" } ], - "time": "2023-07-10T04:04:23+00:00" + "time": "2023-08-19T07:10:56+00:00" }, { "name": "sebastian/cli-parser", @@ -3570,16 +4315,16 @@ }, { "name": "sebastian/global-state", - "version": "5.0.5", + "version": "5.0.6", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/global-state.git", - "reference": "0ca8db5a5fc9c8646244e629625ac486fa286bf2" + "reference": "bde739e7565280bda77be70044ac1047bc007e34" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/global-state/zipball/0ca8db5a5fc9c8646244e629625ac486fa286bf2", - "reference": "0ca8db5a5fc9c8646244e629625ac486fa286bf2", + "url": "https://api.github.com/repos/sebastianbergmann/global-state/zipball/bde739e7565280bda77be70044ac1047bc007e34", + "reference": "bde739e7565280bda77be70044ac1047bc007e34", "shasum": "" }, "require": { @@ -3622,7 +4367,7 @@ ], "support": { "issues": "https://github.com/sebastianbergmann/global-state/issues", - "source": "https://github.com/sebastianbergmann/global-state/tree/5.0.5" + "source": "https://github.com/sebastianbergmann/global-state/tree/5.0.6" }, "funding": [ { @@ -3630,7 +4375,7 @@ "type": "github" } ], - "time": "2022-02-14T08:28:10+00:00" + "time": "2023-08-02T09:26:13+00:00" }, { "name": "sebastian/lines-of-code", @@ -4149,16 +4894,16 @@ }, { "name": "symfony/config", - "version": "v5.4.21", + "version": "v5.4.26", "source": { "type": "git", "url": "https://github.com/symfony/config.git", - "reference": "2a6b1111d038adfa15d52c0871e540f3b352d1e4" + "reference": "8109892f27beed9252bd1f1c1880aeb4ad842650" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/config/zipball/2a6b1111d038adfa15d52c0871e540f3b352d1e4", - "reference": "2a6b1111d038adfa15d52c0871e540f3b352d1e4", + "url": "https://api.github.com/repos/symfony/config/zipball/8109892f27beed9252bd1f1c1880aeb4ad842650", + "reference": "8109892f27beed9252bd1f1c1880aeb4ad842650", "shasum": "" }, "require": { @@ -4208,7 +4953,7 @@ "description": "Helps you find, load, combine, autofill and validate configuration values of any kind", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/config/tree/v5.4.21" + "source": "https://github.com/symfony/config/tree/v5.4.26" }, "funding": [ { @@ -4224,20 +4969,20 @@ "type": "tidelift" } ], - "time": "2023-02-14T08:03:56+00:00" + "time": "2023-07-19T20:21:11+00:00" }, { "name": "symfony/dependency-injection", - "version": "v5.4.25", + "version": "v5.4.28", "source": { "type": "git", "url": "https://github.com/symfony/dependency-injection.git", - "reference": "f0410c30a6c86bbce6c719c2b5cfc343362b982e" + "reference": "addc22fed594f9ce04e73ef6a9d3e2416f77192d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/dependency-injection/zipball/f0410c30a6c86bbce6c719c2b5cfc343362b982e", - "reference": "f0410c30a6c86bbce6c719c2b5cfc343362b982e", + "url": "https://api.github.com/repos/symfony/dependency-injection/zipball/addc22fed594f9ce04e73ef6a9d3e2416f77192d", + "reference": "addc22fed594f9ce04e73ef6a9d3e2416f77192d", "shasum": "" }, "require": { @@ -4297,7 +5042,7 @@ "description": "Allows you to standardize and centralize the way objects are constructed in your application", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/dependency-injection/tree/v5.4.25" + "source": "https://github.com/symfony/dependency-injection/tree/v5.4.28" }, "funding": [ { @@ -4313,7 +5058,7 @@ "type": "tidelift" } ], - "time": "2023-06-24T09:45:28+00:00" + "time": "2023-08-14T10:47:38+00:00" }, { "name": "symfony/filesystem", @@ -4381,16 +5126,16 @@ }, { "name": "symfony/polyfill-php81", - "version": "v1.27.0", + "version": "v1.28.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-php81.git", - "reference": "707403074c8ea6e2edaf8794b0157a0bfa52157a" + "reference": "7581cd600fa9fd681b797d00b02f068e2f13263b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-php81/zipball/707403074c8ea6e2edaf8794b0157a0bfa52157a", - "reference": "707403074c8ea6e2edaf8794b0157a0bfa52157a", + "url": "https://api.github.com/repos/symfony/polyfill-php81/zipball/7581cd600fa9fd681b797d00b02f068e2f13263b", + "reference": "7581cd600fa9fd681b797d00b02f068e2f13263b", "shasum": "" }, "require": { @@ -4399,7 +5144,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-main": "1.27-dev" + "dev-main": "1.28-dev" }, "thanks": { "name": "symfony/polyfill", @@ -4440,7 +5185,7 @@ "shim" ], "support": { - "source": "https://github.com/symfony/polyfill-php81/tree/v1.27.0" + "source": "https://github.com/symfony/polyfill-php81/tree/v1.28.0" }, "funding": [ { @@ -4456,7 +5201,7 @@ "type": "tidelift" } ], - "time": "2022-11-03T14:55:06+00:00" + "time": "2023-01-26T09:26:14+00:00" }, { "name": "theseer/tokenizer", @@ -4530,7 +5275,8 @@ "ext-openssl": "*", "ext-fileinfo": "*", "ext-gmp": "*", - "ext-gd": "*" + "ext-gd": "*", + "ext-ftp": "*" }, "platform-dev": { "ext-pcntl": "*" diff --git a/install/froxlor.sql.php b/install/froxlor.sql.php index 39621cbb..ad268f7d 100644 --- a/install/froxlor.sql.php +++ b/install/froxlor.sql.php @@ -564,7 +564,7 @@ opcache.validate_timestamps'), ('system', 'mod_fcgid', '0'), ('system', 'apacheconf_vhost', '/etc/apache2/sites-enabled/'), ('system', 'apacheconf_diroptions', '/etc/apache2/sites-enabled/'), - ('system', 'apacheconf_htpasswddir', '/etc/apache2/htpasswd/'), + ('system', 'apacheconf_htpasswddir', '/etc/apache2/froxlor-htpasswd/'), ('system', 'webalizer_quiet', '2'), ('system', 'last_archive_run', '000000'), ('system', 'mod_fcgid_configdir', '/var/www/php-fcgi-scripts'), @@ -707,6 +707,7 @@ opcache.validate_timestamps'), ('backup', 'default_customer_access', '1'), ('backup', 'default_pgp_public_key', ''), ('backup', 'default_retention', '3'), + ('backup', 'backup_tmp_dir', '/var/customers/backup/'), ('api', 'enabled', '0'), ('api', 'customer_default', '1'), ('2fa', 'enabled', '1'), diff --git a/install/updates/froxlor/update_2.0.inc.php b/install/updates/froxlor/update_2.0.inc.php index 7e3541df..a9633ecc 100644 --- a/install/updates/froxlor/update_2.0.inc.php +++ b/install/updates/froxlor/update_2.0.inc.php @@ -497,3 +497,18 @@ if (Froxlor::isFroxlorVersion('2.0.19')) { Update::showUpdateStep("Updating from 2.0.19 to 2.0.20", false); Froxlor::updateToVersion('2.0.20'); } + +if (Froxlor::isFroxlorVersion('2.0.20')) { + Update::showUpdateStep("Updating from 2.0.20 to 2.0.21", false); + Froxlor::updateToVersion('2.0.21'); +} + +if (Froxlor::isFroxlorVersion('2.0.21')) { + Update::showUpdateStep("Updating from 2.0.21 to 2.0.22", false); + Froxlor::updateToVersion('2.0.22'); +} + +if (Froxlor::isFroxlorVersion('2.0.22')) { + Update::showUpdateStep("Updating from 2.0.22 to 2.0.23", false); + Froxlor::updateToVersion('2.0.23'); +} diff --git a/install/updates/froxlor/update_2.1.inc.php b/install/updates/froxlor/update_2.1.inc.php index 53432dd9..4ffa9bcb 100644 --- a/install/updates/froxlor/update_2.1.inc.php +++ b/install/updates/froxlor/update_2.1.inc.php @@ -63,8 +63,8 @@ if (Froxlor::isDatabaseVersion('202304260')) { } Update::showUpdateStep("Creating new tables and fields for backups"); - Database::query("DROP TABLE IF EXISTS `". TABLE_PANEL_BACKUP_STORAGES ."`;"); - $sql = "CREATE TABLE `". TABLE_PANEL_BACKUP_STORAGES ."` ( + Database::query("DROP TABLE IF EXISTS `" . TABLE_PANEL_BACKUP_STORAGES . "`;"); + $sql = "CREATE TABLE `" . TABLE_PANEL_BACKUP_STORAGES . "` ( `id` int(11) NOT NULL AUTO_INCREMENT, `description` varchar(255) NOT NULL, `type` varchar(255) NOT NULL DEFAULT 'local', @@ -83,8 +83,8 @@ if (Froxlor::isDatabaseVersion('202304260')) { INSERT INTO `panel_backup_storages` (`id`, `description`, `destination_path`) VALUES (1, 'Local backup storage', '/var/customers/backups'); "); - Database::query("DROP TABLE IF EXISTS `". TABLE_PANEL_BACKUPS ."`;"); - $sql = "CREATE TABLE `". TABLE_PANEL_BACKUPS ."` ( + Database::query("DROP TABLE IF EXISTS `" . TABLE_PANEL_BACKUPS . "`;"); + $sql = "CREATE TABLE `" . TABLE_PANEL_BACKUPS . "` ( `id` int(11) NOT NULL AUTO_INCREMENT, `adminid` int(11) NOT NULL, `customerid` int(11) NOT NULL, @@ -107,6 +107,7 @@ if (Froxlor::isDatabaseVersion('202304260')) { Settings::AddNew('backup.default_customer_access', 1); Settings::AddNew('backup.default_pgp_public_key', ''); Settings::AddNew('backup.default_retention', 3); + Settings::AddNew('backup.backup_tmp_dir', '/var/customers/backup/'); Update::lastStepStatus(0); Update::showUpdateStep("Adjusting cronjobs"); diff --git a/lib/Froxlor/Api/Commands/FpmDaemons.php b/lib/Froxlor/Api/Commands/FpmDaemons.php index 26d4d493..d74daa6d 100644 --- a/lib/Froxlor/Api/Commands/FpmDaemons.php +++ b/lib/Froxlor/Api/Commands/FpmDaemons.php @@ -202,7 +202,7 @@ class FpmDaemons extends ApiCommand implements ResourceEntity // validation $description = Validate::validate($description, 'description', Validate::REGEX_DESC_TEXT, '', [], true); - $reload_cmd = Validate::validate($reload_cmd, 'reload_cmd', '/^[a-z0-9\/\._\- ]+$/i', '', [], true); + $reload_cmd = Validate::validate($reload_cmd, 'reload_cmd', '/^[a-z0-9\/\._\-@ ]+$/i', '', [], true); $sel_stmt = Database::prepare("SELECT `id` FROM `".TABLE_PANEL_FPMDAEMONS."` WHERE `reload_cmd` = :rc"); $dupcheck = Database::pexecute_first($sel_stmt, ['rc' => $reload_cmd]); if ($dupcheck && $dupcheck['id']) { @@ -327,7 +327,7 @@ class FpmDaemons extends ApiCommand implements ResourceEntity // validation $description = Validate::validate($description, 'description', Validate::REGEX_DESC_TEXT, '', [], true); - $reload_cmd = Validate::validate($reload_cmd, 'reload_cmd', '/^[a-z0-9\/\._\- ]+$/i', '', [], true); + $reload_cmd = Validate::validate($reload_cmd, 'reload_cmd', '/^[a-z0-9\/\._\-@ ]+$/i', '', [], true); $sel_stmt = Database::prepare("SELECT `id` FROM `".TABLE_PANEL_FPMDAEMONS."` WHERE `reload_cmd` = :rc"); $dupcheck = Database::pexecute_first($sel_stmt, ['rc' => $reload_cmd]); if ($dupcheck && $dupcheck['id'] != $id) { diff --git a/lib/Froxlor/Backup/Storages/S3.php b/lib/Froxlor/Backup/Storages/S3.php index 2e45e262..fa7c8f3e 100644 --- a/lib/Froxlor/Backup/Storages/S3.php +++ b/lib/Froxlor/Backup/Storages/S3.php @@ -2,15 +2,30 @@ namespace Froxlor\Backup\Storages; +use Aws\S3\S3Client; +use Froxlor\FileDir; + class S3 extends Storage { + private S3Client $s3_client; + /** * @return bool */ public function init(): bool { - // TODO: Implement init() method. + $raw_credentials = [ + 'credentials' => [ + 'key' => $this->sData['storage']['username'] ?? '', + 'secret' => $this->sData['storage']['password'] ?? '' + ], + 'endpoint' => $this->sData['storage']['hostname'] ?? '', + 'region' => $this->sData['storage']['region'] ?? '', + 'version' => 'latest', + 'use_path_style_endpoint' => true + ]; + $this->s3_client = new S3Client($raw_credentials); } /** @@ -23,7 +38,11 @@ class S3 extends Storage */ protected function putFile(string $filename, string $tmp_source_directory): string { - return ""; + $this->s3_client->putObject([ + 'Bucket' => $this->sData['storage']['bucket'], + 'Key' => $filename, + 'SourceFile' => FileDir::makeCorrectFile($tmp_source_directory . '/' . $filename), + ]); } /** @@ -32,7 +51,15 @@ class S3 extends Storage */ protected function rmFile(string $filename): bool { - // TODO: Implement removeOld() method. + $result = $this->s3_client->deleteObject([ + 'Bucket' => $this->sData['storage']['bucket'], + 'Key' => $filename, + ]); + + if ($result['DeleteMarker']) { + return true; + } + return false; } /** diff --git a/lib/Froxlor/Backup/Storages/Storage.php b/lib/Froxlor/Backup/Storages/Storage.php index 24f04519..fe035d9a 100644 --- a/lib/Froxlor/Backup/Storages/Storage.php +++ b/lib/Froxlor/Backup/Storages/Storage.php @@ -5,6 +5,7 @@ namespace Froxlor\Backup\Storages; use Exception; use Froxlor\Database\Database; use Froxlor\FileDir; +use Froxlor\Settings; abstract class Storage { @@ -19,7 +20,8 @@ abstract class Storage public function __construct(array $storage_data) { $this->sData = $storage_data; - $this->tmpDirectory = FileDir::makeCorrectDir(sys_get_temp_dir() . '/backup-' . $this->sData['loginname']); + $tmpDirectory = Settings::Get('backup.backup_tmp_dir') ?: sys_get_temp_dir(); + $this->tmpDirectory = FileDir::makeCorrectDir($tmpDirectory . '/backup-' . $this->sData['loginname']); } /** diff --git a/lib/Froxlor/Cli/BackupCommand.php b/lib/Froxlor/Cli/BackupCommand.php new file mode 100644 index 00000000..5d24cfda --- /dev/null +++ b/lib/Froxlor/Cli/BackupCommand.php @@ -0,0 +1,129 @@ + + * @license https://files.froxlor.org/misc/COPYING.txt GPLv2 + */ + +namespace Froxlor\Cli; + +use Exception; +use Froxlor\Backup\Storages\StorageFactory; +use Froxlor\Database\Database; +use Froxlor\Froxlor; +use Froxlor\Settings; +use Symfony\Component\Console\Input\InputInterface; +use Symfony\Component\Console\Input\InputOption; +use Symfony\Component\Console\Output\OutputInterface; + +final class BackupCommand extends CliCommand +{ + + protected function configure() + { + $this->setName('froxlor:backup'); + $this->setDescription('Various backup actions'); + $this->addOption('list', 'L', InputOption::VALUE_OPTIONAL, 'List backups (optionally pass a customer loginname to list backups of a specific user)') + ->addOption('create', 'c', InputOption::VALUE_REQUIRED, 'Manually run a backup task for given customer (loginname)') + ->addOption('delete', 'd', InputOption::VALUE_REQUIRED | InputOption::VALUE_IS_ARRAY, 'Remove given backup by id'); + } + + protected function execute(InputInterface $input, OutputInterface $output) + { + $result = $this->validateRequirements($input, $output); + + require Froxlor::getInstallDir() . '/lib/functions.php'; + + // set error-handler + @set_error_handler([ + '\\Froxlor\\Api\\Api', + 'phpErrHandler' + ]); + + if (!Settings::Get('backup.enabled')) { + $output->writeln('Backup feature not enabled.'); + $result = self::INVALID; + } + + if ($result == self::SUCCESS) { + + try { + $loginname = ""; + $userinfo = []; + if ($input->hasArgument('user')) { + $loginname = $input->getArgument('user'); + $userinfo = $this->getUserByName($loginname, false); + } + + $do_list = $input->getOption('list'); + $do_create = $input->getOption('create'); + $do_delete = $input->getOption('delete'); + + if ($do_list === false && $do_create === false && $do_delete === false) { + $output->writeln('No option given, nothing to do.'); + return self::INVALID; + } + + // list + if ($do_list !== false) { + if ($do_list === null) { + // all customers + } elseif ($do_list !== false) { + // specific customer + } + } elseif ($do_create !== false) { + $stmt = Database::prepare("SELECT + customerid, + loginname, + adminid, + backup, + guid, + documentroot + FROM `" . TABLE_PANEL_CUSTOMERS . "` + WHERE `backup` > 0 AND `loginname` = :loginname + "); + $customer = Database::pexecute_first($stmt, ['loginname' => $do_create]); + + if (empty($customer)) { + $output->writeln('Given customer not found or customer has backup=off'); + return self::INVALID; + } + + $backupStorage = StorageFactory::fromStorageId($customer['backup'], $customer); + $output->writeln("Initializing storage"); + $backupStorage->init(); + $output->writeln("Preparing files and folders"); + $backupStorage->prepareFiles(); + $output->writeln("Creating backup file"); + $backupStorage->createFromFiles(); + $output->writeln("Removing older backups by retention"); + $backupStorage->removeOld(); + $output->writeln('Backup created successfully'); + } + } catch (Exception $e) { + $output->writeln('' . $e->getMessage() . ''); + $result = self::FAILURE; + } + } + + return $result; + } +} From 4fcf0606c74e956edf53157ec62087da51da2782 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Tue, 5 Sep 2023 11:03:39 +0200 Subject: [PATCH 73/87] and again more work on backup-storages Signed-off-by: Michael Kaufmann --- actions/admin/settings/230.backup.php | 9 + admin_backups.php | 8 +- composer.json | 4 +- composer.lock | 229 +++++++++++++++++- install/froxlor.sql.php | 4 +- lib/Froxlor/Api/Commands/BackupStorages.php | 65 ++++- lib/Froxlor/Backup/Storages/S3.php | 7 +- lib/Froxlor/Backup/Storages/Sftp.php | 34 ++- .../formfield.backup_storage_add.php | 10 +- .../formfield.backup_storage_edit.php | 12 +- .../admin/tablelisting.backup_storages.php | 18 +- lng/de.lng.php | 35 +++ lng/en.lng.php | 30 +++ 13 files changed, 429 insertions(+), 36 deletions(-) diff --git a/actions/admin/settings/230.backup.php b/actions/admin/settings/230.backup.php index 63ebdbc0..6d2a1769 100644 --- a/actions/admin/settings/230.backup.php +++ b/actions/admin/settings/230.backup.php @@ -81,6 +81,15 @@ return [ 'checkPgpPublicKeySetting' ], ], + 'backup_backup_tmp_dir' => [ + 'label' => lng('serversettings.backup_tmp_dir'), + 'settinggroup' => 'backup', + 'varname' => 'backup_tmp_dir', + 'type' => 'text', + 'string_type' => 'dir', + 'default' => '/var/customers/backup/', + 'save_method' => 'storeSettingField' + ] ] ] ] diff --git a/admin_backups.php b/admin_backups.php index 0004da5b..d073cfd8 100644 --- a/admin_backups.php +++ b/admin_backups.php @@ -55,13 +55,13 @@ if (($page == 'backups' || $page == 'overview')) { 'actions_links' => [ [ 'href' => $linker->getLink(['section' => 'backups', 'page' => $page, 'action' => 'restore']), - 'label' => lng('admin.backups_restore'), + 'label' => lng('backup.backups_restore'), 'icon' => 'fa-solid fa-file-import', 'class' => 'btn-outline-secondary' ], [ 'href' => $linker->getLink(['section' => 'backups', 'page' => 'storages']), - 'label' => lng('admin.backup_storages'), + 'label' => lng('backup.backup_storages'), 'icon' => 'fa-solid fa-hard-drive', 'class' => 'btn-outline-secondary', 'visible' => $userinfo['change_serversettings'] == '1' @@ -94,12 +94,12 @@ if (($page == 'backups' || $page == 'overview')) { 'actions_links' => [ [ 'href' => $linker->getLink(['section' => 'backups', 'page' => 'backups']), - 'label' => lng('admin.backups'), + 'label' => lng('backup.backups'), 'icon' => 'fa-solid fa-reply' ], [ 'href' => $linker->getLink(['section' => 'backups', 'page' => $page, 'action' => 'add']), - 'label' => lng('admin.backup_storage_add') + 'label' => lng('backup.backup_storage.add') ] ] ]); diff --git a/composer.json b/composer.json index e005badd..6d590322 100644 --- a/composer.json +++ b/composer.json @@ -47,6 +47,7 @@ "ext-gmp": "*", "ext-gd": "*", "ext-ftp": "*", + "ext-gnupg": "*", "phpmailer/phpmailer": "~6.0", "monolog/monolog": "^1.24", "robthree/twofactorauth": "^1.6", @@ -57,7 +58,8 @@ "symfony/console": "^5.4", "pear/net_dns2": "^1.5", "amnuts/opcache-gui": "^3.4", - "aws/aws-sdk-php": "^3.280" + "aws/aws-sdk-php": "^3.280", + "phpseclib/phpseclib": "~3.0" }, "require-dev": { "phpunit/phpunit": "^9", diff --git a/composer.lock b/composer.lock index b1c79df5..016aa532 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "b3c285b81c9729ba8e2bac6f3b586e9c", + "content-hash": "c64c2e8e5669531310620aa423ad2ecd", "packages": [ { "name": "amnuts/opcache-gui", @@ -800,6 +800,123 @@ }, "time": "2023-08-25T10:54:48+00:00" }, + { + "name": "paragonie/constant_time_encoding", + "version": "v2.6.3", + "source": { + "type": "git", + "url": "https://github.com/paragonie/constant_time_encoding.git", + "reference": "58c3f47f650c94ec05a151692652a868995d2938" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/paragonie/constant_time_encoding/zipball/58c3f47f650c94ec05a151692652a868995d2938", + "reference": "58c3f47f650c94ec05a151692652a868995d2938", + "shasum": "" + }, + "require": { + "php": "^7|^8" + }, + "require-dev": { + "phpunit/phpunit": "^6|^7|^8|^9", + "vimeo/psalm": "^1|^2|^3|^4" + }, + "type": "library", + "autoload": { + "psr-4": { + "ParagonIE\\ConstantTime\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Paragon Initiative Enterprises", + "email": "security@paragonie.com", + "homepage": "https://paragonie.com", + "role": "Maintainer" + }, + { + "name": "Steve 'Sc00bz' Thomas", + "email": "steve@tobtu.com", + "homepage": "https://www.tobtu.com", + "role": "Original Developer" + } + ], + "description": "Constant-time Implementations of RFC 4648 Encoding (Base-64, Base-32, Base-16)", + "keywords": [ + "base16", + "base32", + "base32_decode", + "base32_encode", + "base64", + "base64_decode", + "base64_encode", + "bin2hex", + "encoding", + "hex", + "hex2bin", + "rfc4648" + ], + "support": { + "email": "info@paragonie.com", + "issues": "https://github.com/paragonie/constant_time_encoding/issues", + "source": "https://github.com/paragonie/constant_time_encoding" + }, + "time": "2022-06-14T06:56:20+00:00" + }, + { + "name": "paragonie/random_compat", + "version": "v9.99.100", + "source": { + "type": "git", + "url": "https://github.com/paragonie/random_compat.git", + "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/paragonie/random_compat/zipball/996434e5492cb4c3edcb9168db6fbb1359ef965a", + "reference": "996434e5492cb4c3edcb9168db6fbb1359ef965a", + "shasum": "" + }, + "require": { + "php": ">= 7" + }, + "require-dev": { + "phpunit/phpunit": "4.*|5.*", + "vimeo/psalm": "^1" + }, + "suggest": { + "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes." + }, + "type": "library", + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Paragon Initiative Enterprises", + "email": "security@paragonie.com", + "homepage": "https://paragonie.com" + } + ], + "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7", + "keywords": [ + "csprng", + "polyfill", + "pseudorandom", + "random" + ], + "support": { + "email": "info@paragonie.com", + "issues": "https://github.com/paragonie/random_compat/issues", + "source": "https://github.com/paragonie/random_compat" + }, + "time": "2020-10-15T08:29:30+00:00" + }, { "name": "pear/net_dns2", "version": "v1.5.3", @@ -931,6 +1048,116 @@ ], "time": "2023-08-29T08:26:30+00:00" }, + { + "name": "phpseclib/phpseclib", + "version": "3.0.21", + "source": { + "type": "git", + "url": "https://github.com/phpseclib/phpseclib.git", + "reference": "4580645d3fc05c189024eb3b834c6c1e4f0f30a1" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/4580645d3fc05c189024eb3b834c6c1e4f0f30a1", + "reference": "4580645d3fc05c189024eb3b834c6c1e4f0f30a1", + "shasum": "" + }, + "require": { + "paragonie/constant_time_encoding": "^1|^2", + "paragonie/random_compat": "^1.4|^2.0|^9.99.99", + "php": ">=5.6.1" + }, + "require-dev": { + "phpunit/phpunit": "*" + }, + "suggest": { + "ext-dom": "Install the DOM extension to load XML formatted public keys.", + "ext-gmp": "Install the GMP (GNU Multiple Precision) extension in order to speed up arbitrary precision integer arithmetic operations.", + "ext-libsodium": "SSH2/SFTP can make use of some algorithms provided by the libsodium-php extension.", + "ext-mcrypt": "Install the Mcrypt extension in order to speed up a few other cryptographic operations.", + "ext-openssl": "Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations." + }, + "type": "library", + "autoload": { + "files": [ + "phpseclib/bootstrap.php" + ], + "psr-4": { + "phpseclib3\\": "phpseclib/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Jim Wigginton", + "email": "terrafrost@php.net", + "role": "Lead Developer" + }, + { + "name": "Patrick Monnerat", + "email": "pm@datasphere.ch", + "role": "Developer" + }, + { + "name": "Andreas Fischer", + "email": "bantu@phpbb.com", + "role": "Developer" + }, + { + "name": "Hans-Jürgen Petrich", + "email": "petrich@tronic-media.com", + "role": "Developer" + }, + { + "name": "Graham Campbell", + "email": "graham@alt-three.com", + "role": "Developer" + } + ], + "description": "PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc.", + "homepage": "http://phpseclib.sourceforge.net", + "keywords": [ + "BigInteger", + "aes", + "asn.1", + "asn1", + "blowfish", + "crypto", + "cryptography", + "encryption", + "rsa", + "security", + "sftp", + "signature", + "signing", + "ssh", + "twofish", + "x.509", + "x509" + ], + "support": { + "issues": "https://github.com/phpseclib/phpseclib/issues", + "source": "https://github.com/phpseclib/phpseclib/tree/3.0.21" + }, + "funding": [ + { + "url": "https://github.com/terrafrost", + "type": "github" + }, + { + "url": "https://www.patreon.com/phpseclib", + "type": "patreon" + }, + { + "url": "https://tidelift.com/funding/github/packagist/phpseclib/phpseclib", + "type": "tidelift" + } + ], + "time": "2023-07-09T15:24:48+00:00" + }, { "name": "psr/container", "version": "1.1.2", diff --git a/install/froxlor.sql.php b/install/froxlor.sql.php index ad268f7d..29181ea5 100644 --- a/install/froxlor.sql.php +++ b/install/froxlor.sql.php @@ -698,7 +698,7 @@ opcache.validate_timestamps'), ('system', 'distribution', ''), ('system', 'update_channel', 'stable'), ('system', 'updatecheck_data', ''), - ('system', 'update_notify_last', '2.0.20'), + ('system', 'update_notify_last', '2.1.0-dev1'), ('system', 'traffictool', 'goaccess'), ('system', 'req_limit_per_interval', 60), ('system', 'req_limit_interval', 60), @@ -751,7 +751,7 @@ opcache.validate_timestamps'), ('panel', 'logo_overridetheme', '0'), ('panel', 'logo_overridecustom', '0'), ('panel', 'settings_mode', '0'), - ('panel', 'version', '2.0.20'), + ('panel', 'version', '2.1.0-dev1'), ('panel', 'db_version', '202305240'); diff --git a/lib/Froxlor/Api/Commands/BackupStorages.php b/lib/Froxlor/Api/Commands/BackupStorages.php index 2952162e..2f9a6e0b 100644 --- a/lib/Froxlor/Api/Commands/BackupStorages.php +++ b/lib/Froxlor/Api/Commands/BackupStorages.php @@ -35,6 +35,9 @@ use Froxlor\Settings; use Froxlor\UI\Response; use Froxlor\Validate\Validate; use PDO; +use phpseclib3\Crypt\Common\PublicKey; +use phpseclib3\Crypt\PublicKeyLoader; +use phpseclib3\Exception\NoKeyLoadedException; /** * @since 2.1.0 @@ -73,7 +76,7 @@ class BackupStorages extends ApiCommand implements ResourceEntity $this->logger()->logAction(FroxlorLogger::ADM_ACTION, LOG_INFO, "[API] list backup storages"); $query_fields = []; $result_stmt = Database::prepare(" - SELECT * FROM `" . TABLE_PANEL_BACKUP_STORAGES . "` ". $this->getSearchWhere($query_fields) . $this->getOrderBy() . $this->getLimit() + SELECT * FROM `" . TABLE_PANEL_BACKUP_STORAGES . "` " . $this->getSearchWhere($query_fields) . $this->getOrderBy() . $this->getLimit() ); Database::pexecute($result_stmt, $query_fields, true, true); $result = []; @@ -133,7 +136,7 @@ class BackupStorages extends ApiCommand implements ResourceEntity * @param string $pgp_public_key * optional, pgp public key for backup storage * @param string $retention - * optional, retention for backup storage (default 3) + * optional, retention for backup storage (default {backup.default_retention}) * * @access admin * @return string json-encoded array @@ -177,10 +180,36 @@ class BackupStorages extends ApiCommand implements ResourceEntity $username = $this->getParam('username', $optional_flags['username']); $password = $this->getParam('password', $optional_flags['password']); $pgp_public_key = $this->getParam('pgp_public_key', true, null); - $retention = $this->getParam('retention', true, 3); + $retention = $this->getParam('retention', true, Settings::Get('backup.default_retention')); // validation $destination_path = FileDir::makeCorrectDir(Validate::validate($destination_path, 'destination_path', Validate::REGEX_DIR, '', [], true)); + if ($type != 'local') { + if (!Validate::validateUrl($hostname)) { + Response::standardError('invalidhostname', '', true); + } + // check whether password is an ssh public key + $pwd_is_ssh_key = false; + try { + $key = PublicKeyLoader::loadPublicKey($password); + if ($key instanceof PublicKey) { + $pwd_is_ssh_key = true; + } + } catch (NoKeyLoadedException $e) { + /* nothing to do */ + } + if (!$pwd_is_ssh_key) { + // normal password + $password = Validate::validate($password, 'password', '', '', [], true); + } + } + if ($type == 's3') { + $region = Validate::validate($region, 'region', '', '', [], true); + $bucket = Validate::validate($bucket, 'bucket', '/(?!(^xn--|.+-s3alias$))^[a-z0-9][a-z0-9-]{1,61}[a-z0-9]$/', '', [], true); + } + if ($retention <= 0) { + $retention = Settings::Get('backup.default_retention'); + } // TODO: add more validation // pgp public key validation @@ -303,7 +332,7 @@ class BackupStorages extends ApiCommand implements ResourceEntity * @param string $pgp_public_key * optional, pgp public key for backup storage * @param string $retention - * optional, retention for backup storage (default 3) + * optional, retention for backup storage (default {backup.default_retention}) * * @access admin * @return string json-encoded array @@ -342,7 +371,23 @@ class BackupStorages extends ApiCommand implements ResourceEntity if (empty($username)) { throw new Exception("Field 'username' cannot be empty", 406); } - $password = Validate::validate($password, 'password', '', '', [], true); + // password change + if (!empty($password)) { + // check whether password is an ssh public key + $pwd_is_ssh_key = false; + try { + $key = PublicKeyLoader::loadPublicKey($password); + if ($key instanceof PublicKey) { + $pwd_is_ssh_key = true; + } + } catch (NoKeyLoadedException $e) { + /* nothing to do */ + } + if (!$pwd_is_ssh_key) { + // normal password + $password = Validate::validate($password, 'password', '', '', [], true); + } + } } if ($type == 's3') { if (empty($region)) { @@ -355,6 +400,16 @@ class BackupStorages extends ApiCommand implements ResourceEntity // validation $destination_path = FileDir::makeCorrectDir(Validate::validate($destination_path, 'destination_path', Validate::REGEX_DIR, '', [], true)); + if ($type != 'local' && !Validate::validateUrl($hostname)) { + Response::standardError('invalidhostname', '', true); + } + if ($type == 's3') { + $region = Validate::validate($region, 'region', '', '', [], true); + $bucket = Validate::validate($bucket, 'bucket', '/(?!(^xn--|.+-s3alias$))^[a-z0-9][a-z0-9-]{1,61}[a-z0-9]$/', '', [], true); + } + if ($retention <= 0) { + $retention = Settings::Get('backup.default_retention'); + } // TODO: add more validation // pgp public key validation diff --git a/lib/Froxlor/Backup/Storages/S3.php b/lib/Froxlor/Backup/Storages/S3.php index fa7c8f3e..ea75731c 100644 --- a/lib/Froxlor/Backup/Storages/S3.php +++ b/lib/Froxlor/Backup/Storages/S3.php @@ -35,13 +35,16 @@ class S3 extends Storage * @param string $filename * @param string $tmp_source_directory * @return string + * @throws \Exception */ protected function putFile(string $filename, string $tmp_source_directory): string { + $source = FileDir::makeCorrectFile($tmp_source_directory . "/" . $filename); + $target = FileDir::makeCorrectFile($this->getDestinationDirectory() . "/" . $filename); $this->s3_client->putObject([ 'Bucket' => $this->sData['storage']['bucket'], - 'Key' => $filename, - 'SourceFile' => FileDir::makeCorrectFile($tmp_source_directory . '/' . $filename), + 'Key' => $target, + 'SourceFile' => $source, ]); } diff --git a/lib/Froxlor/Backup/Storages/Sftp.php b/lib/Froxlor/Backup/Storages/Sftp.php index eff8a1af..1e417d52 100644 --- a/lib/Froxlor/Backup/Storages/Sftp.php +++ b/lib/Froxlor/Backup/Storages/Sftp.php @@ -2,15 +2,34 @@ namespace Froxlor\Backup\Storages; +use Exception; +use Froxlor\FileDir; +use phpseclib3\Net\SFTP as secSFTP; + class Sftp extends Storage { + private secSFTP $sftp_client; /** * @return bool */ public function init(): bool { - // TODO: Implement init() method. + $hostname = $this->sData['storage']['hostname'] ?? ''; + $username = $this->sData['storage']['username'] ?? ''; + $password = $this->sData['storage']['password'] ?? ''; + if (!empty($hostname) && !empty($username) && !empty($password)) { + $tmp = explode(":", $hostname); + $hostname = $tmp[0]; + $port = $tmp[1] ?? 22; + $this->sftp_client = new secSFTP($hostname, $port); + if ($this->sftp_client->isConnected()) { + // @todo login by either user/passwd or user/ssh-key + return true; + } + return false; + } + throw new Exception('Empty hostname for FTP backup storage'); } /** @@ -20,19 +39,27 @@ class Sftp extends Storage * @param string $filename * @param string $tmp_source_directory * @return string + * @throws Exception */ protected function putFile(string $filename, string $tmp_source_directory): string { - return ""; + $source = FileDir::makeCorrectFile($tmp_source_directory . "/" . $filename); + $target = FileDir::makeCorrectFile($this->getDestinationDirectory() . "/" . $filename); + $this->sftp_client->put($target, $source, secSFTP::SOURCE_LOCAL_FILE); } /** * @param string $filename * @return bool + * @throws Exception */ protected function rmFile(string $filename): bool { - // TODO: Implement removeOld() method. + $target = FileDir::makeCorrectFile($this->getDestinationDirectory() . "/" . $filename); + if ($this->sftp_client->file_exists($target)) { + return $this->sftp_client->delete($target); + } + return false; } /** @@ -40,6 +67,7 @@ class Sftp extends Storage */ public function shutdown(): bool { + $this->sftp_client->disconnect(); return true; } } diff --git a/lib/formfields/admin/backup_storages/formfield.backup_storage_add.php b/lib/formfields/admin/backup_storages/formfield.backup_storage_add.php index 7ea3bf5b..983f90a4 100644 --- a/lib/formfields/admin/backup_storages/formfield.backup_storage_add.php +++ b/lib/formfields/admin/backup_storages/formfield.backup_storage_add.php @@ -27,12 +27,12 @@ use Froxlor\Settings; return [ 'backup_storage_add' => [ - 'title' => lng('backups.backup_storage_add'), + 'title' => lng('backup.backup_storage.add'), 'image' => 'fa-solid fa-file-archive', 'self_overview' => ['section' => 'backups', 'page' => 'storages'], 'sections' => [ 'section_a' => [ - 'title' => lng('backup.backup_storage_create'), + 'title' => lng('backup.backup_storage.create'), 'fields' => [ 'description' => [ 'label' => lng('backup.backup_storage.description'), @@ -63,7 +63,8 @@ return [ ], 'destination_path' => [ 'label' => lng('backup.backup_storage.destination_path'), - 'type' => 'text' + 'type' => 'text', + 'mandatory' => true, ], 'hostname' => [ 'label' => lng('backup.backup_storage.hostname'), @@ -75,7 +76,7 @@ return [ ], 'password' => [ 'label' => lng('backup.backup_storage.password'), - 'type' => 'password', + 'type' => 'textarea', 'autocomplete' => 'off', ], 'pgp_public_key' => [ @@ -87,6 +88,7 @@ return [ 'label' => lng('backup.backup_storage.retention'), 'type' => 'number', 'min' => 0, + 'value' => Settings::Get('backup.default_retention') ] ] ] diff --git a/lib/formfields/admin/backup_storages/formfield.backup_storage_edit.php b/lib/formfields/admin/backup_storages/formfield.backup_storage_edit.php index 0ed8b6fa..8aaaa698 100644 --- a/lib/formfields/admin/backup_storages/formfield.backup_storage_edit.php +++ b/lib/formfields/admin/backup_storages/formfield.backup_storage_edit.php @@ -25,12 +25,12 @@ return [ 'backup_storage_edit' => [ - 'title' => lng('backups.backup_storage_edit'), + 'title' => lng('backup.backup_storage.edit'), 'image' => 'fa-solid fa-file-archive', 'self_overview' => ['section' => 'backups', 'page' => 'storages'], 'sections' => [ 'section_a' => [ - 'title' => lng('backup.backup_storage_edit'), + 'title' => lng('backup.backup_storage.edit'), 'fields' => [ 'description' => [ 'label' => lng('backup.backup_storage.description'), @@ -64,7 +64,8 @@ return [ 'destination_path' => [ 'label' => lng('backup.backup_storage.destination_path'), 'type' => 'text', - 'value' => $result['destination_path'] + 'value' => $result['destination_path'], + 'mandatory' => true, ], 'hostname' => [ 'label' => lng('backup.backup_storage.hostname'), @@ -77,8 +78,9 @@ return [ 'value' => $result['username'] ], 'password' => [ - 'label' => lng('backup.backup_storage.password') . ' (' . lng('panel.emptyfornochanges') . ')', - 'type' => 'password', + 'label' => lng('backup.backup_storage.password.title'), + 'desc' => lng('backup.backup_storage.password.description') . '
    (' . lng('panel.emptyfornochanges') . ')', + 'type' => 'textarea', 'autocomplete' => 'off' ], 'pgp_public_key' => [ diff --git a/lib/tablelisting/admin/tablelisting.backup_storages.php b/lib/tablelisting/admin/tablelisting.backup_storages.php index c1c32bd0..83b6506d 100644 --- a/lib/tablelisting/admin/tablelisting.backup_storages.php +++ b/lib/tablelisting/admin/tablelisting.backup_storages.php @@ -34,7 +34,7 @@ use Froxlor\UI\Listing; return [ 'backup_storages_list' => [ - 'title' => lng('backup.backup_storages.list'), + 'title' => lng('backup.backup_storage.list'), 'icon' => 'fa-solid fa-file-archive', 'self_overview' => ['section' => 'backups', 'page' => 'storages'], 'default_sorting' => ['description' => 'asc'], @@ -45,42 +45,42 @@ return [ 'sortable' => true, ], 'description' => [ - 'label' => lng('description'), + 'label' => lng('backup.backup_storage.description'), 'field' => 'description', 'sortable' => true, ], 'type' => [ - 'label' => lng('type'), + 'label' => lng('backup.backup_storage.type'), 'field' => 'type', 'sortable' => true, ], 'region' => [ - 'label' => lng('region'), + 'label' => lng('backup.backup_storage.region'), 'field' => 'region', 'sortable' => true, ], 'bucket' => [ - 'label' => lng('bucket'), + 'label' => lng('backup.backup_storage.bucket'), 'field' => 'bucket', 'sortable' => true, ], 'destination_path' => [ - 'label' => lng('destination_path'), + 'label' => lng('backup.backup_storage.destination_path.title'), 'field' => 'destination_path', 'sortable' => true, ], 'hostname' => [ - 'label' => lng('hostname'), + 'label' => lng('backup.backup_storage.hostname'), 'field' => 'hostname', 'sortable' => true, ], 'username' => [ - 'label' => lng('username'), + 'label' => lng('backup.backup_storage.username'), 'field' => 'username', 'sortable' => true, ], 'retention' => [ - 'label' => lng('retention'), + 'label' => lng('backup.backup_storage.retention'), 'field' => 'retention', 'sortable' => true, ], diff --git a/lng/de.lng.php b/lng/de.lng.php index 269837c1..3abeec91 100644 --- a/lng/de.lng.php +++ b/lng/de.lng.php @@ -2296,4 +2296,39 @@ Vielen Dank, Ihr Administrator', 'config_note' => 'Damit froxlor mit dem Backend vernünftig kommunizieren kann, musst du dieses noch konfigurieren.', 'config_now' => 'Jetzt konfigurieren' ], + 'backup' => [ + 'backup' => 'Backup', + 'backups' => 'Backups', + 'backups_restore' => 'Wiederherstellen', + 'backup_storages' => 'Speichermedien verwalten', + 'size' => 'Größe', + 'created_at' => 'Erstellt', + 'backup_storage' => [ + 'add' => 'Speichermedium hinzufügen', + 'create' => 'Neues Speichermedium erstellen', + 'edit' => 'Speichermedien bearbeiten', + 'list' => 'Speichermedien', + 'description' => 'Beschreibung', + 'type' => 'Typ', + 'type_local' => 'Lokales Dateisystem', + 'type_ftp' => 'FTP Server', + 'type_sftp' => 'SFTP auf entfernten Server', + 'type_rsync' => 'Rsync zu entfernten Server', + 'type_s3' => 'S3 Server', + 'region' => 'S3 Region', + 'bucket' => 'S3 Bucket', + 'destination_path' => [ + 'title' => 'Ziel-Pfad', + 'description' => 'Absoluter Pfad, wenn Speicher-Typ ist "lokal", sonst relativ zum Heimatverzeichnisses des Benutzers', + ], + 'hostname' => 'Ziel Hostname', + 'username' => 'Benutzername', + 'password' => [ + 'title' => 'Passwort oder SSH Public-key', + 'description' => 'Es kann entweder ein Passwort oder ein vollständiger SSH Public-Key angegeben werden' + ], + 'pgp_public_key' => 'PGP Public-key', + 'retention' => 'Backup-Aufbewahrung in Tagen', + ], + ], ]; diff --git a/lng/en.lng.php b/lng/en.lng.php index 263759f6..38224a84 100644 --- a/lng/en.lng.php +++ b/lng/en.lng.php @@ -2432,7 +2432,37 @@ Yours sincerely, your administrator', ], 'backup' => [ 'backup' => 'Backup', + 'backups' => 'Backups', + 'backups_restore' => 'Restore backups', + 'backup_storages' => 'Configure storages', 'size' => 'Size', 'created_at' => 'Created at', + 'backup_storage' => [ + 'add' => 'Add backup storage', + 'create' => 'Create new backup storage', + 'edit' => 'Edit backup storage', + 'list' => 'Backup storages', + 'description' => 'Storage description', + 'type' => 'Storage type', + 'type_local' => 'local filesystem', + 'type_ftp' => 'FTP server', + 'type_sftp' => 'SFTP to remote server', + 'type_rsync' => 'Rsync to remote server', + 'type_s3' => 'S3 server', + 'region' => 'S3 region', + 'bucket' => 'S3 bucket', + 'destination_path' => [ + 'title' => 'Destination path', + 'description' => 'Absolute path if storage type is "local", else relative to home-directory of given user', + ], + 'hostname' => 'Target hostname', + 'username' => 'Username', + 'password' => [ + 'title' => 'Password or ssh public-key', + 'description' => 'Can be either a password or a complete SSH public key' + ], + 'pgp_public_key' => 'PGP public key', + 'retention' => 'Backup retention in days', + ], ], ]; From 7e168f5a0e533e38a9e014031e65f8d73b1e49a5 Mon Sep 17 00:00:00 2001 From: Ruben Barkow-Kuder Date: Wed, 6 Sep 2023 10:47:48 +0200 Subject: [PATCH 74/87] Add tabindex to search (#1182) --- templates/Froxlor/src/js/components/search.js | 2 +- templates/Froxlor/userarea.html.twig | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) mode change 100644 => 100755 templates/Froxlor/src/js/components/search.js diff --git a/templates/Froxlor/src/js/components/search.js b/templates/Froxlor/src/js/components/search.js old mode 100644 new mode 100755 index e551b4ac..be898a41 --- a/templates/Froxlor/src/js/components/search.js +++ b/templates/Froxlor/src/js/components/search.js @@ -42,7 +42,7 @@ $(function() { Object.keys(data).forEach(key => { dropdown.append('
  • ' + key + '
    • '); data[key].forEach(item => { - dropdown.append('
  • ' + item.title + '
    • '); + dropdown.append('
  • ' + item.title + '
    • '); }); }); }, diff --git a/templates/Froxlor/userarea.html.twig b/templates/Froxlor/userarea.html.twig index ddcccda5..ac0bc9b1 100644 --- a/templates/Froxlor/userarea.html.twig +++ b/templates/Froxlor/userarea.html.twig @@ -80,7 +80,7 @@
- {% if userinfo.custom_notes is not empty and userinfo.custom_notes_show == 1 %} + {% if userinfo.custom_notes|markdown is not empty and userinfo.custom_notes_show == 1 %}
  • - {{ userinfo.custom_notes|nl2br|raw }} + {{ userinfo.custom_notes|markdown|raw }}
@@ -263,10 +263,10 @@
{% endif %} - {% if userinfo.custom_notes is not empty and userinfo.custom_notes_show == 1 %} + {% if userinfo.custom_notes|markdown is not empty and userinfo.custom_notes_show == 1 %}
  • - {{ userinfo.custom_notes|nl2br|raw }} + {{ userinfo.custom_notes|markdown|raw }}
    • {% endif %}