diff --git a/.gitignore b/.gitignore index 176cc9ef..8fad738f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,6 @@ lib/classes/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer/*/ templates/* +logs/* install/update.log .buildpath .project diff --git a/lib/classes/webserver/class.WebserverBase.php b/lib/classes/webserver/class.WebserverBase.php new file mode 100644 index 00000000..d67b9868 --- /dev/null +++ b/lib/classes/webserver/class.WebserverBase.php @@ -0,0 +1,85 @@ + + * @author Froxlor team (2010-) + * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt + * @package Cron + * + * @since 0.9.31 + * + */ + +class WebserverBase { + + /** + * returns an array with all entries required for all + * webserver-vhost-configs + * + * @return array + */ + public static function getVhostsToCreate() { + + $query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`, + `d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`, + `c`.`documentroot` AS `customerroot`, `c`.`deactivated`, + `c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`, + `d`.`mod_fcgid_maxrequests` + FROM `".TABLE_PANEL_DOMAINS."` `d` + + LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`) + LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`) + + WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1' + ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC; + "; + + $result_domains_stmt = Database::query($query); + + $domains = array(); + while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) { + + // set whole domain + $domains[$domain['domain']] = $domain; + // set empty-defaults for non-ssl + $domains[$domain['domain']]['ssl'] = ''; + $domains[$domain['domain']]['ssl_cert_file'] = ''; + $domains[$domain['domain']]['ssl_key_file'] = ''; + $domains[$domain['domain']]['ssl_ca_file'] = ''; + $domains[$domain['domain']]['ssl_cert_chainfile'] = ''; + + // now, if the domain has an ssl ip/port assigned, get + // the corresponding information from the db + if (domainHasSslIpPort($domain['id'])) { + + $ip_stmt = Database::prepare(" + SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` + FROM `".TABLE_DOMAINTOIP."` `di`, `".TABLE_PANEL_IPSANDPORTS."` `p` + WHERE `p`.`id` = `di`.`id_ipandports` + AND `di`.`id_domain` = :domainid + AND `p`.`ssl` = '1' + "); + $ssl_ip = Database::pexecute_first($ip_stmt, array('domainid' => $domain['id'])); + + // set ssl info for domain + $domains[$domain['domain']]['ssl'] = '1'; + $domains[$domain['domain']]['ssl_cert_file'] = $ssl_ip['ssl_cert_file']; + $domains[$domain['domain']]['ssl_key_file'] = $ssl_ip['ssl_key_file']; + $domains[$domain['domain']]['ssl_ca_file'] = $ssl_ip['ssl_ca_file']; + $domains[$domain['domain']]['ssl_cert_chainfile'] = $ssl_ip['ssl_cert_chainfile']; + + } + } + + return $domains; + } + +} diff --git a/lib/functions/filedir/function.makeSecurePath.php b/lib/functions/filedir/function.makeSecurePath.php index c46a693f..5d3fc01a 100644 --- a/lib/functions/filedir/function.makeSecurePath.php +++ b/lib/functions/filedir/function.makeSecurePath.php @@ -26,12 +26,12 @@ */ function makeSecurePath($path) { - $search = Array( + $search = array( '#/+#', '#\.+#', '#\0+#' ); - $replace = Array( + $replace = array( '/', '.', '' @@ -41,5 +41,14 @@ function makeSecurePath($path) { // it might be escaped already $path = str_replace("\ ", " ", $path); $path = str_replace(" ", "\ ", $path); + + // check for bad characters, some are allowed with escaping + // but we generally don't want them in our directory-names, + // thx to aaronmueller for this snipped + $badchars = array(':', ';', '|', '&', '>', '<', '`', '$', '~', '?'); + foreach ($badchars as $bc) { + str_replace($bc, "", $path); + } + return $path; } diff --git a/logs/.keep b/logs/.keep new file mode 100644 index 00000000..e69de29b diff --git a/scripts/jobs/cron_tasks.inc.http.10.apache.php b/scripts/jobs/cron_tasks.inc.http.10.apache.php index 537bf099..c478168d 100644 --- a/scripts/jobs/cron_tasks.inc.http.10.apache.php +++ b/scripts/jobs/cron_tasks.inc.http.10.apache.php @@ -782,34 +782,11 @@ class apache /** * We compose the virtualhost entries for the domains */ - public function createVirtualHosts() - { - $query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`, - `d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`, - `c`.`documentroot` AS `customerroot`, `c`.`deactivated`, - `c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`, - `d`.`mod_fcgid_maxrequests`, `p`.`ssl` AS `ssl`, - `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` - FROM `".TABLE_PANEL_DOMAINS."` `d` - - LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`) - LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`) - - INNER JOIN ( - SELECT * FROM ( - SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` - FROM `".TABLE_DOMAINTOIP."` `di` , `".TABLE_PANEL_IPSANDPORTS."` `p` - WHERE `p`.`id` = `di`.`id_ipandports` - ORDER BY `p`.`ssl` DESC - ) AS my_table_tmp - GROUP BY `id_domain` - ) AS p ON p.`id_domain` = `d`.`id` - - WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1' - ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;"; + public function createVirtualHosts() { + + $domains = WebserverBase::getVhostsToCreate(); + foreach ($domains as $domain) { - $result_domains_stmt = Database::query($query); - while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) { fwrite($this->debugHandler, ' apache::createVirtualHosts: creating vhost container for domain ' . $domain['id'] . ', customer ' . $domain['loginname'] . "\n"); $this->logger->logAction(CRON_ACTION, LOG_INFO, 'creating vhost container for domain ' . $domain['id'] . ', customer ' . $domain['loginname']); $vhosts_filename = $this->getVhostFilename($domain); diff --git a/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php b/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php index 410d3ced..f485b839 100644 --- a/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php +++ b/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php @@ -287,36 +287,10 @@ class lighttpd { } - protected function createLighttpdHosts($ipid, $ssl, $vhost_filename) - { - $query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`, - `d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`, - `c`.`documentroot` AS `customerroot`, `c`.`deactivated`, - `c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`, - `d`.`mod_fcgid_maxrequests`, `p`.`ssl` AS `ssl`, - `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` - FROM `".TABLE_PANEL_DOMAINS."` `d` + protected function createLighttpdHosts($ipid, $ssl, $vhost_filename) { - LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`) - LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`) - - INNER JOIN ( - SELECT * FROM ( - SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` - FROM `".TABLE_DOMAINTOIP."` `di` , `".TABLE_PANEL_IPSANDPORTS."` `p` - WHERE `p`.`id` = `di`.`id_ipandports` - AND `p`.`id` = '".(int)$ipid."' - ORDER BY `p`.`ssl` DESC - ) AS my_table_tmp - GROUP BY `id_domain` - ) AS p ON p.`id_domain` = `d`.`id` - - WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1' - ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;"; - - $included_vhosts = array(); - $result_domains_stmt = Database::query($query); - while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) { + $domains = WebserverBase::getVhostsToCreate(); + foreach ($domains as $domain) { if (is_dir($this->settings['system']['apacheconf_vhost'])) { safe_exec('mkdir -p '.escapeshellarg(makeCorrectDir($this->settings['system']['apacheconf_vhost'].'/vhosts/'))); diff --git a/scripts/jobs/cron_tasks.inc.http.30.nginx.php b/scripts/jobs/cron_tasks.inc.http.30.nginx.php index 3298030a..f3c9485a 100644 --- a/scripts/jobs/cron_tasks.inc.http.30.nginx.php +++ b/scripts/jobs/cron_tasks.inc.http.30.nginx.php @@ -247,34 +247,13 @@ class nginx $this->_createStandardErrorHandler(); } - protected function createNginxHosts() - { - $query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`, - `d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`, - `c`.`documentroot` AS `customerroot`, `c`.`deactivated`, - `c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`, - `d`.`mod_fcgid_maxrequests`, `p`.`ssl` AS `ssl`, - `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` - FROM `".TABLE_PANEL_DOMAINS."` `d` - - LEFT JOIN `".TABLE_PANEL_CUSTOMERS."` `c` USING(`customerid`) - LEFT JOIN `".TABLE_PANEL_DOMAINS."` `pd` ON (`pd`.`id` = `d`.`parentdomainid`) - - INNER JOIN ( - SELECT * FROM ( - SELECT `di`.`id_domain` , `p`.`ssl`, `p`.`ssl_cert_file`, `p`.`ssl_key_file`, `p`.`ssl_ca_file`, `p`.`ssl_cert_chainfile` - FROM `".TABLE_DOMAINTOIP."` `di` , `".TABLE_PANEL_IPSANDPORTS."` `p` - WHERE `p`.`id` = `di`.`id_ipandports` - ORDER BY `p`.`ssl` DESC - ) AS my_table_tmp - GROUP BY `id_domain` - ) AS p ON p.`id_domain` = `d`.`id` - - WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1' - ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;"; + /** + * create vhosts + */ + protected function createNginxHosts() { - $result_domains_stmt = Database::query($query); - while ($domain = $result_domains_stmt->fetch(PDO::FETCH_ASSOC)) { + $domains = WebserverBase::getVhostsToCreate(); + foreach ($domains as $domain) { if (is_dir($this->settings['system']['apacheconf_vhost'])) { safe_exec('mkdir -p '.escapeshellarg(makeCorrectDir($this->settings['system']['apacheconf_vhost'])));