Merge remote-tracking branch 'origin/0.9.31'

.gitignore

@@ -1,5 +1,6 @@
 lib/classes/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer/*/
 templates/*
+logs/*
 install/update.log
 .buildpath
 .project

lib/classes/webserver/class.WebserverBase.php

@@ -0,0 +1,85 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Michael Kaufmann <mkaufmann@nutime.de>
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Cron
+ *
+ * @since      0.9.31
+ *
+ */
+
+class WebserverBase {
+
+	/**
+	 * returns an array with all entries required for all
+	 * webserver-vhost-configs
+	 *
+	 * @return array
+	 */
+	public static function getVhostsToCreate() {
+
+		$query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`,
+				`d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`,
+				`c`.`documentroot` AS `customerroot`, `c`.`deactivated`,
+				`c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`,
+				`d`.`mod_fcgid_maxrequests`
+				FROM `".TABLE_PANEL_DOMAINS."` `d`
+
+				LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`)
+				LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`)
+
+				WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1'
+				ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;
+		";
+
+		$result_domains_stmt = Database::query($query);
+
+		$domains = array();
+		while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
+
+			// set whole domain
+			$domains[$domain['domain']] = $domain;
+			// set empty-defaults for non-ssl
+			$domains[$domain['domain']]['ssl'] = '';
+			$domains[$domain['domain']]['ssl_cert_file'] = '';
+			$domains[$domain['domain']]['ssl_key_file'] = '';
+			$domains[$domain['domain']]['ssl_ca_file'] = '';
+			$domains[$domain['domain']]['ssl_cert_chainfile'] = '';
+
+			// now, if the domain has an ssl ip/port assigned, get
+			// the corresponding information from the db
+			if (domainHasSslIpPort($domain['id'])) {
+
+				$ip_stmt = Database::prepare("
+						SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile`
+						FROM `".TABLE_DOMAINTOIP."` `di`, `".TABLE_PANEL_IPSANDPORTS."` `p`
+						WHERE `p`.`id` = `di`.`id_ipandports`
+						AND `di`.`id_domain` = :domainid
+						AND `p`.`ssl` = '1'
+						");
+				$ssl_ip = Database::pexecute_first($ip_stmt, array('domainid' => $domain['id']));
+
+				// set ssl info for domain
+				$domains[$domain['domain']]['ssl'] = '1';
+				$domains[$domain['domain']]['ssl_cert_file'] = $ssl_ip['ssl_cert_file'];
+				$domains[$domain['domain']]['ssl_key_file'] = $ssl_ip['ssl_key_file'];
+				$domains[$domain['domain']]['ssl_ca_file'] = $ssl_ip['ssl_ca_file'];
+				$domains[$domain['domain']]['ssl_cert_chainfile'] = $ssl_ip['ssl_cert_chainfile'];
+
+			}
+		}
+
+		return $domains;
+	}
+
+}

lib/functions/filedir/function.makeSecurePath.php

@@ -26,12 +26,12 @@
  */
 function makeSecurePath($path) {
 
-	$search = Array(
+	$search = array(
 		'#/+#',
 		'#\.+#',
 		'#\0+#'
 	);
-	$replace = Array(
+	$replace = array(
 		'/',
 		'.',
 		''
@@ -41,5 +41,14 @@ function makeSecurePath($path) {
 	// it might be escaped already
 	$path = str_replace("\ ", " ", $path);
 	$path = str_replace(" ", "\ ", $path);
+
+	// check for bad characters, some are allowed with escaping
+	// but we generally don't want them in our directory-names,
+	// thx to aaronmueller for this snipped
+	$badchars = array(':', ';', '|', '&', '>', '<', '`', '$', '~', '?');
+	foreach ($badchars as $bc) {
+		str_replace($bc, "", $path);
+	}
+
 	return $path;
 }

scripts/jobs/cron_tasks.inc.http.10.apache.php

@@ -782,34 +782,11 @@ class apache
 	/**
 	 *	We compose the virtualhost entries for the domains
 	 */
-	public function createVirtualHosts()
-	{
-		$query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`,
-			`d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`, 
-			`c`.`documentroot` AS `customerroot`, `c`.`deactivated`,
-			`c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`, 
-			`d`.`mod_fcgid_maxrequests`, `p`.`ssl` AS `ssl`,
-			`p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` 
-			  FROM `".TABLE_PANEL_DOMAINS."` `d`
-      
-			  LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`) 
-			  LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`)
-			  
-			  INNER JOIN (
-			    SELECT * FROM ( 
-			      SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` 
-			      FROM `".TABLE_DOMAINTOIP."` `di` , `".TABLE_PANEL_IPSANDPORTS."` `p` 
-			      WHERE `p`.`id` = `di`.`id_ipandports` 
-			      ORDER BY `p`.`ssl` DESC 
-			    ) AS my_table_tmp
-			    GROUP BY `id_domain`
-			  ) AS p ON p.`id_domain` = `d`.`id`
-			  
-			  WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1'
-			  ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;";
+	public function createVirtualHosts() {
+
+		$domains = WebserverBase::getVhostsToCreate();
+		foreach ($domains as $domain) {
 
-		$result_domains_stmt = Database::query($query);
-		while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
 			fwrite($this->debugHandler, '  apache::createVirtualHosts: creating vhost container for domain ' . $domain['id'] . ', customer ' . $domain['loginname'] . "\n");
 			$this->logger->logAction(CRON_ACTION, LOG_INFO, 'creating vhost container for domain ' . $domain['id'] . ', customer ' . $domain['loginname']);
 			$vhosts_filename = $this->getVhostFilename($domain);

scripts/jobs/cron_tasks.inc.http.20.lighttpd.php

@@ -287,36 +287,10 @@ class lighttpd
 	{
 	}
 
-	protected function createLighttpdHosts($ipid, $ssl, $vhost_filename)
-	{
-		$query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`,
-			`d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`,
-			`c`.`documentroot` AS `customerroot`, `c`.`deactivated`,
-			`c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`,
-			`d`.`mod_fcgid_maxrequests`, `p`.`ssl` AS `ssl`,
-			`p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile`
-			  FROM `".TABLE_PANEL_DOMAINS."` `d`
+	protected function createLighttpdHosts($ipid, $ssl, $vhost_filename) {
 
-			  LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`)
-			  LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`)
-
-			  INNER JOIN (
-			    SELECT * FROM (
-			      SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile`
-			      FROM `".TABLE_DOMAINTOIP."` `di` , `".TABLE_PANEL_IPSANDPORTS."` `p`
-			      WHERE `p`.`id` = `di`.`id_ipandports`
-			      AND `p`.`id` = '".(int)$ipid."'
-			      ORDER BY `p`.`ssl` DESC
-			    ) AS my_table_tmp
-			    GROUP BY `id_domain`
-			  ) AS p ON p.`id_domain` = `d`.`id`
-
-			  WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1'
-			  ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;";
-
-		$included_vhosts = array();
-		$result_domains_stmt = Database::query($query);
-		while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
+		$domains = WebserverBase::getVhostsToCreate();
+		foreach ($domains as $domain) {
 
 			if (is_dir($this->settings['system']['apacheconf_vhost'])) {
 				safe_exec('mkdir -p '.escapeshellarg(makeCorrectDir($this->settings['system']['apacheconf_vhost'].'/vhosts/')));

scripts/jobs/cron_tasks.inc.http.30.nginx.php

@@ -247,34 +247,13 @@ class nginx
 		$this->_createStandardErrorHandler();
 	}
 
-	protected function createNginxHosts()
-	{
-		$query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`,
-			`d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`, 
-			`c`.`documentroot` AS `customerroot`, `c`.`deactivated`,
-			`c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`, 
-			`d`.`mod_fcgid_maxrequests`, `p`.`ssl` AS `ssl`,
-			`p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` 
-			  FROM `".TABLE_PANEL_DOMAINS."` `d`
-      
-			  LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`) 
-			  LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`)
-			  
-			  INNER JOIN (
-			    SELECT * FROM ( 
-			      SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` 
-			      FROM `".TABLE_DOMAINTOIP."` `di` , `".TABLE_PANEL_IPSANDPORTS."` `p` 
-			      WHERE `p`.`id` = `di`.`id_ipandports` 
-			      ORDER BY `p`.`ssl` DESC 
-			    ) AS my_table_tmp
-			    GROUP BY `id_domain`
-			  ) AS p ON p.`id_domain` = `d`.`id`
-			  
-			  WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1'
-			  ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;";
+	/**
+	 * create vhosts
+	 */
+	protected function createNginxHosts() {
 
-		$result_domains_stmt = Database::query($query);
-		while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) {
+		$domains = WebserverBase::getVhostsToCreate();
+		foreach ($domains as $domain) {
 
 			if (is_dir($this->settings['system']['apacheconf_vhost'])) {
 				safe_exec('mkdir -p '.escapeshellarg(makeCorrectDir($this->settings['system']['apacheconf_vhost'])));