Development

Navigation

← Previous Changeset
Next Changeset →

Changeset 999

Timestamp:

02/13/08 00:08:15 (7 months ago)

Author:

rats

Message:

* Fixed #808: webmail.mydomain.tld, pma.mydomain.tld
* Fixed #864: improve the detection of the disk usage of backups so users can't abuse
* Fixed #934: Prohibit creation of default subdomains

Files:

trunk/CHANGELOG (modified) (1 diff)
trunk/configs/apache/parts/dmn_entry.tpl (modified) (1 diff)
trunk/docs/Debian/INSTALL (modified) (2 diffs)
trunk/engine/quota/ispcp-dsk-quota (modified) (2 diffs)
trunk/engine/setup/ispcp-update (modified) (7 diffs)
trunk/gui/client/add_subdomain.php (modified) (3 diffs)
trunk/gui/client/manage_domains.php (modified) (1 diff)
trunk/gui/include/vfs.php (modified) (18 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

trunk/CHANGELOG

r998	r999
1	1	ispCP ω 1.0.0 Changelog
2	2	~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	3
	4	2008-02-13 Benedikt Heintel
	5	- CONFIGS:
	6	* Fixed #808: webmail.mydomain.tld, pma.mydomain.tld
	7	- ENGINE:
	8	* Fixed #864: improve the detection of the disk usage of backups so users can't abuse
	9	- GUI:
	10	* Fixed #934: Prohibit creation of default subdomains
3	11
4	12	2008-02-12 Christian Hernmarck

trunk/configs/apache/parts/dmn_entry.tpl

r964	r999
18	18
19	19	Alias /errors {WWW_DIR}/{DMN_NAME}/errors/
	20
	21	Redirect permanent /ftp http://{BASE_SERVER_VHOST}/ftp/
	22	Redirect permanent /pma http://{BASE_SERVER_VHOST}/pma/
	23	Redirect permanent /webmail http://{BASE_SERVER_VHOST}/webmail/
20	24
21	25	ErrorDocument 401 /errors/401.html

trunk/docs/Debian/INSTALL

r996	r999
63	63
64	64	3. Install the required modules
65		first update your system:
	65	First update your system:
66	66	# apt-get update && apt-get upgrade
67	67
…	…
92	92	(when you get to the rootkithunter screen, select two time 'yes')
93	93
	94	Now install needed Perl modules:
	95
	96	# cpan
	97	cpan> install FindBin
	98	cpan> install Net::LibIDN
	99	cpan> quit
	100
94	101	4. (optional) Check the ispcp.conf and adapt it to your requirements.
95	102	An overview over the variables you can find in the FAQ on

trunk/engine/quota/ispcp-dsk-quota

r955	r999
4	4	# Copyright (c) 2001-2006 by moleSoftware GmbH
5	5	# http://www.molesoftware.com
6		# Copyright (c) 2006-2007 by isp Control Panel
	6	# Copyright (c) 2006-2008 by isp Control Panel
7	7	# http://isp-control.net
8	8	#
…	…
106	106	my $size = 0;
107	107
108		my $s = `$cmd_du --exclude="backups/.bz2" --exclude="backups/.gz" -s -B1 $main::cfg{APACHE_WWW_DIR}/$domain_name`;
	108	my $s = `$cmd_du --exclude="backups/$domain_name-.bz2" --exclude="backups/$domain_name-.gz" -s -B1 $main::cfg{APACHE_WWW_DIR}/$domain_name`;
109	109
110	110	$s =~ /^(\d+)/; $size += $1;

trunk/engine/setup/ispcp-update

r996	r999
118	118	\t(2) VHCS 2.4.8 RC1
119	119	\t(3) ispCP OMEGA 1.0.0 RC2 (incl. b and c)
	120	\t(4) ispCP OMEAG 1.0.0 RC3
120	121	\t(0) abort
121	122	MSG
…	…
127	128	chop($rdata);
128	129
129		while ($rdata < 0 \|\| $rdata > 3) {
	130	while ($rdata < 0 \|\| $rdata > 4) {
130	131	print STDOUT "\tPlease select an item mentioned above: ";
131	132	$rdata = readline(\*STDIN);
…	…
324	325	exit_werror("SQL Update failed.");
325	326	}
	327
	328	# Delete vhcs2 Database
	329	($rs, $rdata) = doSQL("DROP DATABASE IF EXISTS `vhcs2`;");
	330	if ($rs != 0) {
	331	print STDOUT "failed!\n";
	332	exit_werror($rdata, $rs);
	333	}
326	334
327	335	print STDOUT "\tdone\n";
…	…
722	730	}
723	731
	732	sub patch_ispcp_rc3() {
	733	push_el(\@main::el, 'patch_ispcp_rc3()', 'Ending...');
	734
	735	print STDOUT "\tNothing to do yet!\n";
	736
	737	push_el(\@main::el, 'patch_ispcp_rc3()', 'Ending...');
	738	return 0;
	739	}
	740
724	741	sub prepare_update {
725	742	my ($rs, $rdata) = (undef, undef);
…	…
733	750	# Abort
734	751	if ($main::ua{'update'} eq 0) {
735		exit_werror("\tScript was aborted by user");
	752	exit_werror("\tScript was aborted by user.");
736	753	}
737	754	# VHCS update
…	…
755	772	return $rs if ($rs != 0);
756	773	}
757		# ispCP 1.0.0 RC2 Update
758		elsif ($main::ua{'update'} eq 3) {
	774	# ispCP 1.0.0 RC2/3 Update
	775	elsif ($main::ua{'update'} gt 3) {
759	776	stop_services("/tmp/vhcs2-backup-all.lock");
760	777
…	…
774	791	}
775	792
776		$rs = patch_ispcp_rc2();
	793	# ispCP 1.0.0 RC2
	794	if ($main::ua{'update'} eq 3) {
	795	$rs = patch_ispcp_rc2();
	796	}
	797	# ispCP 1.0.0 RC3
	798	elsif ($main::ua{'update'} eq 4) {
	799	$rs = patch_ispcp_rc3();
	800	}
	801
	802	if ($rs != 0) {
	803	print STDOUT "\t Update failed!\n";
	804	exit_werror("ispCP Update failed.");
	805	}
777	806	return $rs if ($rs != 0);
778	807

trunk/gui/client/add_subdomain.php

r880	r999
4	4	*
5	5	* @copyright 2001-2006 by moleSoftware GmbH
6		* @copyright 2006-2007 by ispCP \| http://isp-control.net
	6	* @copyright 2006-2008 by ispCP \| http://isp-control.net
7	7	* @link http://isp-control.net
8		* @author ispCP Team ~~(2007)~~
	8	* @author ispCP Team
9	9	*
10	10	* @license
…	…
110	110	$rs_domain = exec_query($sql, $query_domain, array($domain_name));
111	111
	112	# Prohibit www. mail. nsX. imap. pop. pop3. relay. smtp. ftp. pma. webmail.
	113	if ($sub_name == "www" \|\| $sub_name == "mail" \|\| preg_match('/^ns[0-9]{1,3}$/i', $sub_name) \|\|
	114	$sub_name == "imap" \|\| $sub_name == "pop" \|\| $sub_name == "pop3" \|\|
	115	$sub_name == "relay" \|\| $sub_name == "smtp" \|\| $sub_name == "ftp" \|\|
	116	$sub_name == "pma" \|\| $sub_name == "webmail") {
	117	return true;
	118	}
	119
112	120	if ($rs_subdomain->fields['cnt'] == 0 && $rs_domain->fields['cnt'] == 0)
113	121	return false;
…	…
248	256
249	257	if (subdmn_exists($sql, $user_id, $domain_id, $sub_name)) {
250		set_page_message(tr('Subdomain already exists!'));
	258	set_page_message(tr('Subdomain already exists or is not allowed!'));
251	259	} else if (!chk_subdname($sub_name . "." . $dmn_name)) {
252	260	set_page_message(tr('Wrong subdomain syntax!'));

trunk/gui/client/manage_domains.php

r811	r999
4	4	*
5	5	* @copyright 2001-2006 by moleSoftware GmbH
6		* @copyright 2006-2007 by ispCP \| http://isp-control.net
7		* @version SVN: $ID$
	6	* @copyright 2006-2008 by ispCP \| http://isp-control.net
8	7	* @link http://isp-control.net
9		* @author ispCP Team ~~(2007)~~
	8	* @author ispCP Team
10	9	*
11	10	* @license

trunk/gui/include/vfs.php

r766	r999
1	1	<?php
2	2	/**
3		* ~~ispCP (OMEGA) - Virtual Hosting Control System \| Omega Version~~
	3	* ispCP ω (OMEGA) a Virtual Hosting Control System
4	4	*
5		* @copyright 2001-2006 by moleSoftware GmbH
6		* @copyright 2006-2007 by ispCP \| http://isp-control.net
7		* @link http://isp-control.net
8		* @author ispCP Team (2007)
	5	* @copyright 2006-2008 by ispCP \| http://isp-control.net
	6	* @link http://isp-control.net
	7	* @author ispCP Team
9	8	*
10		* @license
11		* This program is free software; you can redistribute it and/or modify it under
12		* the terms of the MPL General Public License as published by the Free Software
13		* Foundation; either version 1.1 of the License, or (at your option) any later
14		* version.
15		* You should have received a copy of the MPL Mozilla Public License along with
16		* this program; if not, write to the Open Source Initiative (OSI)
17		* http://opensource.org \| osi@opensource.org
18		*
19		**/
	9	* @license
	10	* This program is free software; you can redistribute it and/or modify it under
	11	* the terms of the MPL General Public License as published by the Free Software
	12	* Foundation; either version 1.1 of the License, or (at your option) any later
	13	* version.
	14	* You should have received a copy of the MPL Mozilla Public License along with
	15	* this program; if not, write to the Open Source Initiative (OSI)
	16	* http://opensource.org \| osi@opensource.org
	17	*/
20	18
21	19	/*
…	…
26	24	* File types definition
27	25	*/
28		define('VFS_TYPE_DIR', 'd');
	26	define('VFS_TYPE_DIR', 'd');
29	27	define('VFS_TYPE_LINK', 'l');
30	28	define('VFS_TYPE_FILE', '-');
…	…
33	31	* Possible VFS Transfer modes
34	32	*/
35		define('VFS_ASCII', FTP_ASCII);
	33	define('VFS_ASCII', FTP_ASCII);
36	34	define('VFS_BINARY', FTP_BINARY);
37	35
…	…
43	41	*/
44	42	class vfs {
45
46	43	/**
47	44	* Domain name of this filesystem
…	…
88	85	* left as work for the caller.
89	86	*
90		* @param ~~string $domain~~ Domain name of the new VFS.
91		* @param ~~resource $db~~ Adodb database resource.
	87	* @param string $domain Domain name of the new VFS.
	88	* @param resource $db Adodb database resource.
92	89	* @return vfs
93	90	*/
…	…
101	98	* PHP5 constructor
102	99	*
103		* @param ~~string~~ $domain Domain name of the new VFS.
104		* @param ~~resource $db~~ Adodb database resource.
	100	* @param string $domain Domain name of the new VFS.
	101	* @param resource $db Adodb database resource.
105	102	* @return vfs
106	103	*/
107	104	function __construct($domain, &$db) {
108		global $cfg;
109		$this->_domain = $domain;
110		$this->_db =& $db;
	105	global $cfg;
	106	$this->_domain = $domain;
	107	$this->_db = &$db;
111	108
112	109	if (!defined("VFS_TMP_DIR")) {
113		define("VFS_TMP_DIR", $cfg['GUI_ROOT_DIR'] . '/phptmp');
	110	define("VFS_TMP_DIR", $cfg['GUI_ROOT_DIR'] . '/phptmp');
114	111	}
115	112	$_ENV['TMPDIR'] = VFS_TMP_DIR;
…	…
131	128	* handler, but we're a "black box" ;).
132	129	*
133		* @param resource $db Adodb database resource.
	130	* @param resource $db Adodb database resource.
134	131	*/
135	132	function setDb(&$db) {
136		$this->_db =& $db;
	133	$this->_db = &$db;
137	134	}
138	135
…	…
143	140	*/
144	141	function _createTmpUser() {
145		global $cfg;
146
	142	global $cfg;
147	143	// Get domain data
148	144	$query = 'select domain_uid, domain_gid
…	…
150	146	where domain_name = ?';
151	147	$rs = exec_query($this->_db, $query, array($this->_domain));
152		if ( !$rs ) {
153		return false;
154		}
155
	148	if (!$rs) {
	149	return false;
	150	}
156	151	// Generate a random userid and password
157		$user ~~= uniqid('tmp_').'@'.~~$this->_domain;
158		$this->_passwd = uniqid('tmp_',true);
	152	$user = uniqid('tmp_') . '@' . $this->_domain;
	153	$this->_passwd = uniqid('tmp_', true);
159	154	$passwd = crypt_user_ftp_pass($this->_passwd);
160
161	155	// Create the temporary user
162	156	$query = <<<SQL_QUERY
…	…
166	160	(?, ?, ?, ?, ?, ?)
167	161	SQL_QUERY;
168		$rs = exec_query($this->_db, $query, array(
169		$user, $passwd, $rs->fields['domain_uid'], $rs->fields['domain_gid'],
170		$cfg['FTP_SHELL'], $cfg['FTP_HOMEDIR'].'/' . $this->_domain
171		));
172		if ( !$rs ) {
173		return false;
174		}
175
	162	$rs = exec_query($this->_db, $query, array($user, $passwd, $rs->fields['domain_uid'], $rs->fields['domain_gid'],
	163	$cfg['FTP_SHELL'], $cfg['FTP_HOMEDIR'] . '/' . $this->_domain
	164	));
	165	if (!$rs) {
	166	return false;
	167	}
176	168	// All ok
177		$this->_user = $user;
	169	$this->_user = $user;
178	170	return true;
179	171	}
…	…
197	189	* Open the virtual file system
198	190	*
199		* @return boolean Returns TRUE on succes or FALSE on failure.
	191	* @return boolean Returns TRUE on succes or FALSE on failure.
200	192	*/
201	193	function open() {
202	194	// Check if we're already open
203		if ( ~~is_resource($this->_handle)~~ ) {
	195	if (is_resource($this->_handle)) {
204	196	return true;
205	197	}
206
207	198	// Check if we have a valid ispcp database
208		if ( !$this->_db ) {
209		return false;
210		}
211
212
	199	if (!$this->_db) {
	200	return false;
	201	}
213	202	// Create the temporary ftp account
214	203	$result = $this->_createTmpUser();
215		if ( !$result ) {
216		return false;
217		}
218
	204	if (!$result) {
	205	return false;
	206	}
219	207	// 'localhost' for testing purposes. I have to study if a better
220	208	// $this->_domain would work on all situations
221	209	$this->_handle = @ftp_connect('localhost');
222		if ( ~~!is_resource($this->_handle)~~ ) {
	210	if (!is_resource($this->_handle)) {
223	211	$this->close();
224	212	return false;
225	213	}
226
227	214	// Perform actual login
228		$response = @ftp_login( $this->_handle, $this->_user, $this->_passwd);
229		if ( ~~!$response~~ ) {
	215	$response = @ftp_login($this->_handle, $this->_user, $this->_passwd);
	216	if (!$response) {
230	217	$this->close();
231	218	return false;
232	219	}
233
234	220	// All went ok! :)
235	221	return true;
…	…
238	224	/**
239	225	* Closes the virtual file system
240		*
241	226	*/
242	227	function close() {
…	…
258	243	* either in short (default) or long mode.
259	244	*
260		* @param string $dirname VFS directory path.
261		* @return array Returns an array of directory entries or FALSE on error.
	245	* @param string $dirname VFS directory path.
	246	* @return array Returns an array of directory entries or FALSE on error.
262	247	*/
263	248	function ls($dirname) {
264	249	// Ensure that we're open
265		if ( !$this->open() ) {
266		return false;
267		}
268
	250	if (!$this->open()) {
	251	return false;
	252	}
269	253	// Path is always relative to the root vfs
270		if (substr($dirname,0,1) != '/') {
	254	if (substr($dirname, 0, 1) != '/') {
271	255	$dirname = '/' . $dirname;
272	256	}
273
274	257	// No security implications, the FTP server handles
275	258	// this for us
276		$list = ftp_rawlist( ~~$this->_handle, '-a '.$dirname, false~~ );
277		if ( ~~!$list~~ ) {
	259	$list = ftp_rawlist($this->_handle, '-a ' . $dirname, false);
	260	if (!$list) {
278	261	return false;
279	262	}
280	263	$len = count($list);
281		for( $i=0; $i<$len; $i++ ) {
282		$parts = preg_split("/[\s]+/",$list[$i],9);
283		$list[$i] = array(
284		'perms' => $parts[0],
285		'number' => $parts[1],
286		'owner' => $parts[2],
287		'group' => $parts[3],
288		'size' => $parts[4],
289		'month' => $parts[5],
290		'day' => $parts[6],
291		'time' => $parts[7],
292		'file' => $parts[8],
293		'type' => substr($parts[0],0,1),
294		);
	264	for($i = 0; $i < $len; $i++) {
	265	$parts = preg_split("/[\s]+/", $list[$i], 9);
	266	$list[$i] = array('perms' => $parts[0],
	267	'number' => $parts[1],
	268	'owner' => $parts[2],
	269	'group' => $parts[3],
	270	'size' => $parts[4],
	271	'month' => $parts[5],
	272	'day' => $parts[6],
	273	'time' => $parts[7],
	274	'file' => $parts[8],
	275	'type' => substr($parts[0], 0, 1),
	276	);
295	277	}
296	278
…	…
301	283	* Checks for file existance
302	284	*
303		* @param string $file VFS file path.
304		* @param int $type Type of the file to match. Must be either VFS_TYPE_DIR,
	285	* @param string $file VFS file path.
	286	* @param int $type Type of the file to match. Must be either VFS_TYPE_DIR,
305	287	* VFS_TYPE_LINK or VFS_TYPE_FILE.
306	288	* @return boolean Returns TRUE if file exists or FALSE if it doesn't exist.
307	289	*/
308		function exists($file, $type=null) {
	290	function exists($file, $type = null) {
309	291	// Ensure that we're open
310		if ( false === $this->open() ) {
311		return false;
312		}
313
	292	if (false === $this->open()) {
	293	return false;
	294	}
314	295	// Actually get the listing
315	296	$dirname = dirname($file);
316	297	$list = $this->ls($dirname);
317		if ( !$list )
318		return false;
319
	298	if (!$list)
	299	return false;
320	300	// We get filenames only from the listing
321	301	$file = basename($file);
322
323	302	// Try to match it
324	303	foreach($list as $entry) {
325	304	// Skip non-matching files
326		if ( ~~$entry['file'] != $file~~ ) {
	305	if ($entry['file'] != $file) {
327	306	continue;
328	307	}
329	308	// Check type
330		if ( ~~$type !== null && $entry['type'] != $type~~ )
	309	if ($type !== null && $entry['type'] != $type)
331	310	return false;
332
333	311	// Matched and same type (or no type specified)
334	312	return true;
…	…
340	318	* Retrieves a file from the virtual file system
341	319	*
342		* @param string $file VFS file path.
343		* @param ~~int~~ VFS transfer mode. Must be either VFS_ASCII or VFS_BINARY.
	320	* @param string $file VFS file path.
	321	* @param int $ VFS transfer mode. Must be either VFS_ASCII or VFS_BINARY.
344	322	* @return boolean Returns TRUE on succes or FALSE on failure.
345	323	*/
346		function get($file, $mode=VFS_ASCII) {
	324	function get($file, $mode = VFS_ASCII) {
347	325	// Ensure that we're open
348		if ( !$this->open() ) {
349		return false;
350		}
351
	326	if (!$this->open()) {
	327	return false;
	328	}
352	329	// Get a temporary file name
353	330	$tmp = tempnam(VFS_TMP_DIR, 'vfs_');
354	331	// Get the actual file
355		$res = ftp_get( $this->_handle, $tmp, $file, $mode);
356		if ( false === $res ) {
357		return false;
358		}
359
	332	$res = ftp_get($this->_handle, $tmp, $file, $mode);
	333	if (false === $res) {
	334	return false;
	335	}
360	336	// Retrieve file contents
361	337	$res = file_get_contents($tmp);
362
363	338	// Delete temporary file
364	339	unlink($tmp);
…	…
372	347	* @param string $file VFS file path.
373	348	* @param string $content File contents.
374		* @param int VFS transfer mode. Must be either VFS_ASCII or VFS_BINARY.
	349	* @param int $ VFS transfer mode. Must be either VFS_ASCII or VFS_BINARY.
375	350	* @return boolean Returns TRUE on success or FALSE on failure.
376	351	*/
377		function put($file, $content, $mode=VFS_ASCII) {
378
	352	function put($file, $content, $mode = VFS_ASCII) {
379	353	// Ensure that we're open
380		if ( !$this->open() ) {
381		return false;
382		}
383
	354	if (!$this->open()) {
	355	return false;
	356	}
384	357	// Get a temporary file name
385	358	$tmp = tempnam(VFS_TMP_DIR, 'vfs_');
386
387	359	// Save temporary file
388	360	$res = file_put_contents($tmp, $content);
389		if ( false === $res ) {
390		return false;
391		}
392
	361	if (false === $res) {
	362	return false;
	363	}
393	364	// Upload it
394		$res = ftp_put( $this->_handle, $file, $tmp, $mode);
395		if ( !$res ) {
396		return false;
397		}
398
	365	$res = ftp_put($this->_handle, $file, $tmp, $mode);
	366	if (!$res) {
	367	return false;
	368	}
399	369	// Remove temp file
400	370	unlink($tmp);
…	…
402	372	return true;
403	373	}
404
405	374	}
406	375
…	…
409	378	*/
410	379	if (!function_exists('file_put_contents')) {
411		function file_put_contents($filename, $content)
412		{
413		// Make sure that we have a string to write
414		if (!is_scalar($content)) {
415		user_error('file_put_contents() The 2nd parameter should be a string',
416		E_USER_WARNING);
417		return false;
418		}
419
420		// Get the data size
421		$length = strlen($content);
422
423		// Open the file for writing
424		if (($fh = @fopen($filename, 'wb')) === false) {
425		user_error('file_put_contents() failed to open stream: Permission denied',
426		E_USER_WARNING);
427		return false;
428		}
429
430		// Write to the file
431		$bytes = 0;
432		if (($bytes = @fwrite($fh, $content)) === false) {
433		$errormsg = sprintf('file_put_contents() Failed to write %d bytes to %s',
434		$length,
435		$filename);
436		user_error($errormsg, E_USER_WARNING);
437		return false;
438		}
439
440		// Close the handle
441		@fclose($fh);
442
443		// Check all the data was written
444		if ($bytes != $length) {
445		$errormsg = sprintf('file_put_contents() Only %d of %d bytes written, possibly out of free disk space.',
446		$bytes,
447		$length);
448		user_error($errormsg, E_USER_WARNING);
449		return false;
450		}
451
452		// Return length
453		return $bytes;
454		}
	380	function file_put_contents($filename, $content) {
	381	// Make sure that we have a string to write
	382	if (!is_scalar($content)) {
	383	user_error('file_put_contents() The 2nd parameter should be a string',
	384	E_USER_WARNING);
	385	return false;
	386	}
	387	// Get the data size
	388	$length = strlen($content);
	389	// Open the file for writing
	390	if (($fh = @fopen($filename, 'wb')) === false) {
	391	user_error('file_put_contents() failed to open stream: Permission denied',
	392	E_USER_WARNING);
	393	return false;
	394	}
	395	// Write to the file
	396	$bytes = 0;
	397	if (($bytes = @fwrite($fh, $content)) === false) {
	398	$errormsg = sprintf('file_put_contents() Failed to write %d bytes to %s',
	399	$length,
	400	$filename);
	401	user_error($errormsg, E_USER_WARNING);
	402	return false;
	403	}
	404	// Close the handle
	405	@fclose($fh);
	406	// Check all the data was written
	407	if ($bytes != $length) {
	408	$errormsg = sprintf('file_put_contents() Only %d of %d bytes written, possibly out of free disk space.',
	409	$bytes,
	410	$length);
	411	user_error($errormsg, E_USER_WARNING);
	412	return false;
	413	}
	414	// Return length
	415	return $bytes;
	416	}
455	417	}
456	418
457
458	419	?>

Download in other formats: