bayrepo/hestiacp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial

Browse Source
This commit is contained in:
Alexey Berezhok
2024-03-19 22:05:27 +03:00
commit 346a50856b
1572 changed files with 182163 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

133
web/edit/backup/exclusions/index.php Normal file
View File

@@ -0,0 +1,133 @@
<?php
use function Hestiacp\quoteshellarg\quoteshellarg;
ob_start();
$TAB = "BACKUP";
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Edit as someone else?
if ($_SESSION["userContext"] === "admin" && !empty($_GET["user"])) {
$user = quoteshellarg($_GET["user"]);
}
// List backup exclustions
exec(HESTIA_CMD . "v-list-user-backup-exclusions " . $user . " 'json'", $output, $return_var);
check_return_code($return_var, $output);
$data = json_decode(implode("", $output), true);
unset($output);
$v_web = $v_mail = $v_db = $v_userdir = "";
// Parse web
$v_username = $user;
foreach ($data["WEB"] as $key => $value) {
if (!empty($value)) {
$v_web .= $key . ":" . str_replace(",", ":", $value) . "\n";
} else {
$v_web .= $key . "\n";
}
}
// Parse mail
foreach ($data["MAIL"] as $key => $value) {
if (!empty($value)) {
$v_mail .= $key . ":" . $value . "\n";
} else {
$v_mail .= $key . "\n";
}
}
// Parse databases
foreach ($data["DB"] as $key => $value) {
if (!empty($value)) {
$v_db .= $key . ":" . $value . "\n";
} else {
$v_db .= $key . "\n";
}
}
// Parse user directories
foreach ($data["USER"] as $key => $value) {
if (!empty($value)) {
$v_userdir .= $key . ":" . $value . "\n";
} else {
$v_userdir .= $key . "\n";
}
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
$v_web = $_POST["v_web"] ?? "";
$v_web_tmp = str_replace("\r\n", ",", $_POST["v_web"]);
$v_web_tmp = rtrim($v_web_tmp, ",");
$v_web_tmp = "WEB=" . quoteshellarg($v_web_tmp);
$v_dns = $_POST["v_dns"] ?? "";
$v_dns_tmp = str_replace("\r\n", ",", $_POST["v_dns"]);
$v_dns_tmp = rtrim($v_dns_tmp, ",");
$v_dns_tmp = "DNS=" . quoteshellarg($v_dns_tmp);
$v_mail = $_POST["v_mail"] ?? "";
$v_mail_tmp = str_replace("\r\n", ",", $_POST["v_mail"]);
$v_mail_tmp = rtrim($v_mail_tmp, ",");
$v_mail_tmp = "MAIL=" . quoteshellarg($v_mail_tmp);
$v_db = $_POST["v_db"] ?? "";
$v_db_tmp = str_replace("\r\n", ",", $_POST["v_db"]);
$v_db_tmp = rtrim($v_db_tmp, ",");
$v_db_tmp = "DB=" . quoteshellarg($v_db_tmp);
$v_cron = $_POST["v_cron"] ?? "";
$v_cron_tmp = str_replace("\r\n", ",", $_POST["v_cron"]);
$v_cron_tmp = rtrim($v_cron_tmp, ",");
$v_cron_tmp = "CRON=" . quoteshellarg($v_cron_tmp);
$v_userdir = $_POST["v_userdir"] ?? "";
$v_userdir_tmp = str_replace("\r\n", ",", $_POST["v_userdir"]);
$v_userdir_tmp = rtrim($v_userdir_tmp, ",");
$v_userdir_tmp = "USER=" . quoteshellarg($v_userdir_tmp);
// Create temporary exeption list on a filesystem
exec("mktemp", $mktemp_output, $return_var);
$tmp = $mktemp_output[0];
$fp = fopen($tmp, "w");
fwrite(
$fp,
$v_web_tmp .
"\n" .
$v_dns_tmp .
"\n" .
$v_mail_tmp .
"\n" .
$v_db_tmp .
"\n" .
$v_userdir_tmp .
"\n",
);
fclose($fp);
unset($mktemp_output);
// Save changes
exec(
HESTIA_CMD . "v-update-user-backup-exclusions " . $user . " " . $tmp,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
// Render page
render_page($user, $TAB, "edit_backup_exclusions");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

98
web/edit/cron/index.php Normal file
View File

@@ -0,0 +1,98 @@
<?php
use function Hestiacp\quoteshellarg\quoteshellarg;
ob_start();
$TAB = "CRON";
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Edit as someone else?
if ($_SESSION["userContext"] === "admin" && !empty($_GET["user"])) {
$user = quoteshellarg($_GET["user"]);
}
// Check job id
if (empty($_GET["job"])) {
header("Location: /list/cron/");
exit();
}
// List cron job
$v_job = quoteshellarg($_GET["job"]);
exec(HESTIA_CMD . "v-list-cron-job " . $user . " " . $v_job . " 'json'", $output, $return_var);
check_return_code_redirect($return_var, $output, "/list/cron/");
$data = json_decode(implode("", $output), true);
unset($output);
// Parse cron job
$v_username = $user;
$v_job = $_GET["job"];
$v_min = $data[$v_job]["MIN"];
$v_hour = $data[$v_job]["HOUR"];
$v_day = $data[$v_job]["DAY"];
$v_month = $data[$v_job]["MONTH"];
$v_wday = $data[$v_job]["WDAY"];
$v_cmd = $data[$v_job]["CMD"];
$v_date = $data[$v_job]["DATE"];
$v_time = $data[$v_job]["TIME"];
$v_suspended = $data[$v_job]["SUSPENDED"];
if ($v_suspended == "yes") {
$v_status = "suspended";
} else {
$v_status = "active";
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
$v_username = $user;
$v_job = quoteshellarg($_GET["job"]);
$v_min = quoteshellarg($_POST["v_min"]);
$v_hour = quoteshellarg($_POST["v_hour"]);
$v_day = quoteshellarg($_POST["v_day"]);
$v_month = quoteshellarg($_POST["v_month"]);
$v_wday = quoteshellarg($_POST["v_wday"]);
$v_cmd = quoteshellarg($_POST["v_cmd"]);
// Save changes
exec(
HESTIA_CMD .
"v-change-cron-job " .
$user .
" " .
$v_job .
" " .
$v_min .
" " .
$v_hour .
" " .
$v_day .
" " .
$v_month .
" " .
$v_wday .
" " .
$v_cmd,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
$v_cmd = $_POST["v_cmd"];
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
// Render page
render_page($user, $TAB, "edit_cron");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

114
web/edit/db/index.php Normal file
View File

@@ -0,0 +1,114 @@
<?php
use function Hestiacp\quoteshellarg\quoteshellarg;
ob_start();
$TAB = "DB";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check database id
if (empty($_GET["database"])) {
header("Location: /list/db/");
exit();
}
// Edit as someone else?
if ($_SESSION["userContext"] === "admin" && !empty($_GET["user"])) {
$user = quoteshellarg($_GET["user"]);
$user_plain = htmlentities($_GET["user"]);
}
// List datbase
$v_database = $_GET["database"];
exec(
HESTIA_CMD . "v-list-database " . $user . " " . quoteshellarg($v_database) . " 'json'",
$output,
$return_var,
);
check_return_code_redirect($return_var, $output, "/list/db/");
$data = json_decode(implode("", $output), true);
unset($output);
// Parse database
$v_username = $user;
$v_dbuser = preg_replace("/^" . $user_plain . "_/", "", $data[$v_database]["DBUSER"]);
$v_password = "";
$v_host = $data[$v_database]["HOST"];
$v_type = $data[$v_database]["TYPE"];
$v_charset = $data[$v_database]["CHARSET"];
$v_date = $data[$v_database]["DATE"];
$v_time = $data[$v_database]["TIME"];
$v_suspended = $data[$v_database]["SUSPENDED"];
if ($v_suspended == "yes") {
$v_status = "suspended";
} else {
$v_status = "active";
}
// Check POST request
if (!empty($_POST["save"])) {
$v_username = $user;
// Check token
verify_csrf($_POST);
// Change database user
if ($v_dbuser != $_POST["v_dbuser"] && empty($_SESSION["error_msg"])) {
$cmd = implode(" ", [
HESTIA_CMD . "v-change-database-user",
// $user is already shell-quoted
$user,
quoteshellarg($v_database),
quoteshellarg($_POST["v_dbuser"]),
]);
exec($cmd, $output, $return_var);
check_return_code($return_var, $output);
unset($output);
}
// Change database password
if (!empty($_POST["v_password"]) && empty($_SESSION["error_msg"])) {
if (!validate_password($_POST["v_password"])) {
$_SESSION["error_msg"] = _("Password does not match the minimum requirements.");
} else {
$v_password = tempnam("/tmp", "vst");
$fp = fopen($v_password, "w");
fwrite($fp, $_POST["v_password"] . "\n");
fclose($fp);
exec(
HESTIA_CMD .
"v-change-database-password " .
$user .
" " .
quoteshellarg($v_database) .
" " .
$v_password,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($v_password);
$v_password = quoteshellarg($_POST["v_password"]);
}
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
// if the mysql username was changed, render_page() below will render with the OLD mysql username,
// to prvent that, make the browser refresh the page.
http_response_code(303);
header("Location: " . $_SERVER["REQUEST_URI"]);
die();
}
// Render page
render_page($user, $TAB, "edit_db");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

355
web/edit/dns/index.php Normal file
View File

@@ -0,0 +1,355 @@
<?php
use function Hestiacp\quoteshellarg\quoteshellarg;
ob_start();
$TAB = "DNS";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check domain name
if (empty($_GET["domain"])) {
header("Location: /list/dns/");
exit();
}
// Edit as someone else?
if ($_SESSION["userContext"] === "admin" && !empty($_GET["user"])) {
$user = quoteshellarg($_GET["user"]);
$user_plain = htmlentities($_GET["user"]);
}
// List ip addresses
exec(HESTIA_CMD . "v-list-user-ips " . $user . " json", $output, $return_var);
$v_ips = json_decode(implode("", $output), true);
unset($output);
// List dns domain
if (!empty($_GET["domain"]) && empty($_GET["record_id"])) {
$v_domain = quoteshellarg($_GET["domain"]);
exec(
HESTIA_CMD . "v-list-dns-domain " . $user . " " . $v_domain . " json",
$output,
$return_var,
);
check_return_code_redirect($return_var, $output, "/list/dns/");
$data = json_decode(implode("", $output), true);
unset($output);
// Parse dns domain
$v_username = $user;
$v_domain = $_GET["domain"];
$v_ip = $data[$v_domain]["IP"];
$v_template = $data[$v_domain]["TPL"];
$v_ttl = $data[$v_domain]["TTL"];
$v_dnssec = $data[$v_domain]["DNSSEC"];
$v_exp = $data[$v_domain]["EXP"];
$v_soa = $data[$v_domain]["SOA"];
$v_date = $data[$v_domain]["DATE"];
$v_time = $data[$v_domain]["TIME"];
$v_suspended = $data[$v_domain]["SUSPENDED"];
if ($v_suspended == "yes") {
$v_status = "suspended";
} else {
$v_status = "active";
}
// List dns templates
exec(HESTIA_CMD . "v-list-dns-templates json", $output, $return_var);
$templates = json_decode(implode("", $output), true);
unset($output);
}
// List dns record
if (!empty($_GET["domain"]) && !empty($_GET["record_id"])) {
$v_domain = quoteshellarg($_GET["domain"]);
$v_record_id = quoteshellarg($_GET["record_id"]);
exec(
HESTIA_CMD . "v-list-dns-records " . $user . " " . $v_domain . " 'json'",
$output,
$return_var,
);
check_return_code_redirect($return_var, $output, "/list/dns/");
$data = json_decode(implode("", $output), true);
unset($output);
// Parse dns record
$v_username = $user;
$v_domain = $_GET["domain"];
$v_record_id = $_GET["record_id"];
$v_rec = $data[$v_record_id]["RECORD"];
$v_type = $data[$v_record_id]["TYPE"];
$v_val = $data[$v_record_id]["VALUE"];
$v_priority = $data[$v_record_id]["PRIORITY"];
$v_suspended = $data[$v_record_id]["SUSPENDED"];
if ($v_suspended == "yes") {
$v_status = "suspended";
} else {
$v_status = "active";
}
$v_date = $data[$v_record_id]["DATE"];
$v_time = $data[$v_record_id]["TIME"];
$v_ttl = $data[$v_record_id]["TTL"];
}
// Check POST request for dns domain
if (!empty($_POST["save"]) && !empty($_GET["domain"]) && empty($_GET["record_id"])) {
$v_domain = quoteshellarg($_POST["v_domain"]);
// Check token
verify_csrf($_POST);
// Change domain IP
if ($v_ip != $_POST["v_ip"] && empty($_SESSION["error_msg"])) {
$v_ip = quoteshellarg($_POST["v_ip"]);
exec(
HESTIA_CMD .
"v-change-dns-domain-ip " .
$user .
" " .
$v_domain .
" " .
$v_ip .
" 'no'",
$output,
$return_var,
);
check_return_code($return_var, $output);
$restart_dns = "yes";
unset($output);
}
// Change domain template
if ($v_template != $_POST["v_template"] && empty($_SESSION["error_msg"])) {
$v_template = quoteshellarg($_POST["v_template"]);
exec(
HESTIA_CMD .
"v-change-dns-domain-tpl " .
$user .
" " .
$v_domain .
" " .
$v_template .
" 'no'",
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
$restart_dns = "yes";
}
// Change SOA record
if ($v_soa != $_POST["v_soa"] && empty($_SESSION["error_msg"])) {
$v_soa = quoteshellarg($_POST["v_soa"]);
exec(
HESTIA_CMD .
"v-change-dns-domain-soa " .
$user .
" " .
$v_domain .
" " .
$v_soa .
" 'no'",
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
$restart_dns = "yes";
}
// Change expiration date
if ($v_exp != $_POST["v_exp"] && empty($_SESSION["error_msg"])) {
$v_exp = quoteshellarg($_POST["v_exp"]);
exec(
HESTIA_CMD .
"v-change-dns-domain-exp " .
$user .
" " .
$v_domain .
" " .
$v_exp .
" 'no'",
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
}
// Change domain ttl
if ($v_ttl != $_POST["v_ttl"] && empty($_SESSION["error_msg"])) {
$v_ttl = quoteshellarg($_POST["v_ttl"]);
exec(
HESTIA_CMD .
"v-change-dns-domain-ttl " .
$user .
" " .
$v_domain .
" " .
$v_ttl .
" 'no'",
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
$restart_dns = "yes";
}
// Change domain dnssec
if ($_POST["v_dnssec"] == "" && $v_dnssec == "yes" && empty($_SESSION["error_msg"])) {
exec(
HESTIA_CMD . "v-change-dns-domain-dnssec " . $user . " " . $v_domain . " 'no'",
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
$v_dnssec = "no";
$restart_dns = "yes";
}
// Change domain dnssec
if ($_POST["v_dnssec"] == "yes" && $v_dnssec !== "yes" && empty($_SESSION["error_msg"])) {
exec(
HESTIA_CMD . "v-change-dns-domain-dnssec " . $user . " " . $v_domain . " 'yes'",
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
$v_dnssec = "yes";
$restart_dns = "yes";
}
// Restart dns server
if (!empty($restart_dns) && empty($_SESSION["error_msg"])) {
exec(HESTIA_CMD . "v-restart-dns", $output, $return_var);
check_return_code($return_var, $output);
unset($output);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
// Restart dns server
if (empty($_SESSION["error_msg"])) {
exec(HESTIA_CMD . "v-restart-dns", $output, $return_var);
check_return_code($return_var, $output);
unset($output);
}
}
// Check POST request for dns record
if (!empty($_POST["save"]) && !empty($_GET["domain"]) && !empty($_GET["record_id"])) {
// Check token
verify_csrf($_POST);
// Protect input
$v_domain = quoteshellarg($_POST["v_domain"]);
$v_record_id = quoteshellarg($_POST["v_record_id"]);
// Change dns record
if (
$v_rec != $_POST["v_rec"] ||
$v_type != $_POST["v_type"] ||
$v_val != $_POST["v_val"] ||
$v_priority != $_POST["v_priority"] ||
($v_ttl != $_POST["v_ttl"] && empty($_SESSION["error_msg"]))
) {
$v_rec = quoteshellarg($_POST["v_rec"]);
$v_type = quoteshellarg($_POST["v_type"]);
$v_val = quoteshellarg($_POST["v_val"]);
$v_priority = quoteshellarg($_POST["v_priority"]);
$v_ttl = quoteshellarg($_POST["v_ttl"]);
exec(
HESTIA_CMD .
"v-change-dns-record " .
$user .
" " .
$v_domain .
" " .
$v_record_id .
" " .
$v_rec .
" " .
$v_type .
" " .
$v_val .
" " .
$v_priority .
" yes " .
$v_ttl,
$output,
$return_var,
);
check_return_code($return_var, $output);
$v_rec = $_POST["v_rec"];
$v_type = $_POST["v_type"];
$v_val = $_POST["v_val"];
unset($output);
$restart_dns = "yes";
}
// Change dns record id
if ($_GET["record_id"] != $_POST["v_record_id"] && empty($_SESSION["error_msg"])) {
$v_old_record_id = quoteshellarg($_GET["record_id"]);
exec(
HESTIA_CMD .
"v-change-dns-record-id " .
$user .
" " .
$v_domain .
" " .
$v_old_record_id .
" " .
$v_record_id,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
$restart_dns = "yes";
}
// Restart dns server
if (!empty($restart_dns) && empty($_SESSION["error_msg"])) {
exec(HESTIA_CMD . "v-restart-dns", $output, $return_var);
check_return_code($return_var, $output);
unset($output);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
// Change url if record id was changed
if (empty($_SESSION["error_msg"]) && $_GET["record_id"] != $_POST["v_record_id"]) {
header(
"Location: /edit/dns/?domain=" .
$_GET["domain"] .
"&record_id=" .
$_POST["v_record_id"],
);
exit();
}
}
// Render page
if (empty($_GET["record_id"])) {
// Display body for dns domain
render_page($user, $TAB, "edit_dns");
} else {
if (empty($data[$_GET["record_id"]])) {
header("Location: /list/dns/");
$_SESSION["error_msg"] = _("Error: unknown record ID.");
}
// Display body for dns record
render_page($user, $TAB, "edit_dns_rec");
}
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

153
web/edit/firewall/index.php Normal file
View File

@@ -0,0 +1,153 @@
<?php
use function Hestiacp\quoteshellarg\quoteshellarg;
ob_start();
$TAB = "FIREWALL";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check ip argument
if (empty($_GET["rule"])) {
header("Location: /list/firewall/");
exit();
}
// List rule
$v_rule = quoteshellarg($_GET["rule"]);
exec(HESTIA_CMD . "v-list-firewall-rule " . $v_rule . " 'json'", $output, $return_var);
check_return_code_redirect($return_var, $output, "/list/firewall");
$data = json_decode(implode("", $output), true);
unset($output);
// Parse rule
$v_rule = $_GET["rule"];
$v_action = $data[$v_rule]["ACTION"];
$v_protocol = $data[$v_rule]["PROTOCOL"];
$v_port = $data[$v_rule]["PORT"];
$v_ip = $data[$v_rule]["IP"];
$v_comment = $data[$v_rule]["COMMENT"];
$v_date = $data[$v_rule]["DATE"];
$v_time = $data[$v_rule]["TIME"];
$v_suspended = $data[$v_rule]["SUSPENDED"];
if ($v_suspended == "yes") {
$v_status = "suspended";
} else {
$v_status = "active";
}
// Get ipset lists
exec(HESTIA_CMD . "v-list-firewall-ipset 'json'", $output, $return_var);
check_return_code($return_var, $output);
$data = json_decode(implode("", $output), true);
unset($output);
$ipset_lists = [];
foreach ($data as $key => $value) {
if (isset($value["SUSPENDED"]) && $value["SUSPENDED"] === "yes") {
continue;
}
if (isset($value["IP_VERSION"]) && $value["IP_VERSION"] !== "v4") {
continue;
}
array_push($ipset_lists, ["name" => $key]);
}
$ipset_lists_json = json_encode($ipset_lists);
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Check empty fields
if (empty($_POST["v_action"])) {
$errors[] = _("Action");
}
if (empty($_POST["v_protocol"])) {
$errors[] = _("Protocol");
}
if (empty($_POST["v_port"]) && strlen($_POST["v_port"]) == 0) {
$errors[] = _("Port");
}
if (empty($_POST["v_ip"])) {
$errors[] = _("IP Address");
}
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ($i == 0) {
$error_msg = $error;
} else {
$error_msg = $error_msg . ", " . $error;
}
}
$_SESSION["error_msg"] = sprintf(_('Field "%s" can not be blank.'), $error_msg);
}
if (empty($_SESSION["error_msg"])) {
$v_rule = quoteshellarg($_GET["rule"]);
$v_action = quoteshellarg($_POST["v_action"]);
$v_protocol = quoteshellarg($_POST["v_protocol"]);
$v_port = str_replace(" ", ",", $_POST["v_port"]);
$v_port = preg_replace("/\,+/", ",", $v_port);
$v_port = trim($v_port, ",");
$v_port = quoteshellarg($v_port);
$v_ip = quoteshellarg($_POST["v_ip"]);
$v_comment = quoteshellarg($_POST["v_comment"]);
// Change Status
exec(
HESTIA_CMD .
"v-change-firewall-rule " .
$v_rule .
" " .
$v_action .
" " .
$v_ip .
" " .
$v_port .
" " .
$v_protocol .
" " .
$v_comment,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
$v_rule = $_GET["v_rule"];
$v_action = $_POST["v_action"];
$v_protocol = $_POST["v_protocol"];
$v_port = str_replace(" ", ",", $_POST["v_port"]);
$v_port = preg_replace("/\,+/", ",", $v_port);
$v_port = trim($v_port, ",");
$v_ip = $_POST["v_ip"];
$v_comment = $_POST["v_comment"];
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
} else {
$v_rule = $_GET["v_rule"];
$v_action = $_POST["v_action"];
$v_protocol = $_POST["v_protocol"];
$v_port = str_replace(" ", ",", $_POST["v_port"]);
$v_port = preg_replace("/\,+/", ",", $v_port);
$v_port = trim($v_port, ",");
$v_ip = $_POST["v_ip"];
$v_comment = $_POST["v_comment"];
}
}
// Render page
render_page($user, $TAB, "edit_firewall");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

106
web/edit/ip/index.php Normal file
View File

@@ -0,0 +1,106 @@
<?php
use function Hestiacp\quoteshellarg\quoteshellarg;
ob_start();
$TAB = "IP";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check ip argument
if (empty($_GET["ip"])) {
header("Location: /list/ip/");
exit();
}
// List ip
$v_ip = quoteshellarg($_GET["ip"]);
exec(HESTIA_CMD . "v-list-sys-ip " . $v_ip . " 'json'", $output, $return_var);
check_return_code_redirect($return_var, $output, "/list/ip");
$data = json_decode(implode("", $output), true);
unset($output);
// Parse ip
$v_username = $user;
$v_ip = $_GET["ip"];
$v_netmask = $data[$v_ip]["NETMASK"];
$v_interface = $data[$v_ip]["INTERFACE"];
$v_name = $data[$v_ip]["NAME"];
$v_nat = $data[$v_ip]["NAT"];
$v_ipstatus = $data[$v_ip]["STATUS"];
if ($v_ipstatus == "dedicated") {
$v_dedicated = "yes";
}
$v_owner = $data[$v_ip]["OWNER"];
$v_date = $data[$v_ip]["DATE"];
$v_time = $data[$v_ip]["TIME"];
// List users
exec(HESTIA_CMD . "v-list-sys-users 'json'", $output, $return_var);
$users = json_decode(implode("", $output), true);
unset($output);
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
$v_ip = quoteshellarg($_POST["v_ip"]);
// Change Status
if ($v_ipstatus == "shared" && empty($_POST["v_shared"]) && empty($_SESSION["error_msg"])) {
exec(HESTIA_CMD . "v-change-sys-ip-status " . $v_ip . " 'dedicated'", $output, $return_var);
check_return_code($return_var, $output);
unset($output);
$v_dedicated = "yes";
}
if ($v_ipstatus == "dedicated" && !empty($_POST["v_shared"]) && empty($_SESSION["error_msg"])) {
exec(HESTIA_CMD . "v-change-sys-ip-status " . $v_ip . " 'shared'", $output, $return_var);
check_return_code($return_var, $output);
unset($output);
unset($v_dedicated);
}
// Change owner
if ($v_owner != $_POST["v_owner"] && empty($_SESSION["error_msg"])) {
$v_owner = quoteshellarg($_POST["v_owner"]);
exec(HESTIA_CMD . "v-change-sys-ip-owner " . $v_ip . " " . $v_owner, $output, $return_var);
check_return_code($return_var, $output);
$v_owner = $_POST["v_owner"];
unset($output);
}
// Change associated domain
if ($v_name != $_POST["v_name"] && empty($_SESSION["error_msg"])) {
$v_name = quoteshellarg($_POST["v_name"]);
exec(HESTIA_CMD . "v-change-sys-ip-name " . $v_ip . " " . $v_name, $output, $return_var);
check_return_code($return_var, $output);
unset($output);
}
// Change NAT address
if ($v_nat != $_POST["v_nat"] && empty($_SESSION["error_msg"])) {
$v_nat = quoteshellarg($_POST["v_nat"]);
exec(HESTIA_CMD . "v-change-sys-ip-nat " . $v_ip . " " . $v_nat, $output, $return_var);
check_return_code($return_var, $output);
unset($output);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
// Render page
render_page($user, $TAB, "edit_ip");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

1181
web/edit/mail/index.php Normal file
View File

File diff suppressed because it is too large Load Diff

336
web/edit/package/index.php Normal file
View File

@@ -0,0 +1,336 @@
<?php
use function Hestiacp\quoteshellarg\quoteshellarg;
ob_start();
$TAB = "PACKAGE";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check package argument
if (empty($_GET["package"])) {
header("Location: /list/package/");
exit();
}
// Prevent editing of system package
if ($_GET["package"] === "system") {
header("Location: /list/package/");
exit();
}
// List package
$v_package = quoteshellarg($_GET["package"]);
exec(HESTIA_CMD . "v-list-user-package " . $v_package . " 'json'", $output, $return_var);
check_return_code_redirect($return_var, $output, "/list/package/");
$data = json_decode(implode("", $output), true);
unset($output);
// Parse package
$v_package = $_GET["package"];
$v_package_new = $_GET["package"];
$v_web_template = $data[$v_package]["WEB_TEMPLATE"];
$v_backend_template = $data[$v_package]["BACKEND_TEMPLATE"];
$v_proxy_template = $data[$v_package]["PROXY_TEMPLATE"];
$v_dns_template = $data[$v_package]["DNS_TEMPLATE"];
$v_web_domains = $data[$v_package]["WEB_DOMAINS"];
$v_web_aliases = $data[$v_package]["WEB_ALIASES"];
$v_dns_domains = $data[$v_package]["DNS_DOMAINS"];
$v_dns_records = $data[$v_package]["DNS_RECORDS"];
$v_mail_domains = $data[$v_package]["MAIL_DOMAINS"];
$v_mail_accounts = $data[$v_package]["MAIL_ACCOUNTS"];
$v_ratelimit = $data[$v_package]["RATE_LIMIT"];
$v_databases = $data[$v_package]["DATABASES"];
$v_cron_jobs = $data[$v_package]["CRON_JOBS"];
$v_disk_quota = $data[$v_package]["DISK_QUOTA"];
$v_bandwidth = $data[$v_package]["BANDWIDTH"];
$v_shell = $data[$v_package]["SHELL"];
$v_ns = $data[$v_package]["NS"];
$nameservers = explode(",", $v_ns);
if (empty($nameservers[0])) {
$v_ns1 = "";
} else {
$v_ns1 = $nameservers[0];
}
if (empty($nameservers[1])) {
$v_ns2 = "";
} else {
$v_ns2 = $nameservers[1];
}
if (empty($nameservers[2])) {
$v_ns3 = "";
} else {
$v_ns3 = $nameservers[2];
}
if (empty($nameservers[3])) {
$v_ns4 = "";
} else {
$v_ns4 = $nameservers[3];
}
if (empty($nameservers[4])) {
$v_ns5 = "";
} else {
$v_ns5 = $nameservers[4];
}
if (empty($nameservers[5])) {
$v_ns6 = "";
} else {
$v_ns6 = $nameservers[5];
}
if (empty($nameservers[6])) {
$v_ns7 = "";
} else {
$v_ns7 = $nameservers[6];
}
if (empty($nameservers[7])) {
$v_ns8 = "";
} else {
$v_ns8 = $nameservers[7];
}
$v_backups = $data[$v_package]["BACKUPS"];
$v_date = $data[$v_package]["DATE"];
$v_time = $data[$v_package]["TIME"];
$v_status = "active";
// List web templates
exec(HESTIA_CMD . "v-list-web-templates json", $output, $return_var);
$web_templates = json_decode(implode("", $output), true);
unset($output);
// List backend templates
if (!empty($_SESSION["WEB_BACKEND"])) {
exec(HESTIA_CMD . "v-list-web-templates-backend json", $output, $return_var);
$backend_templates = json_decode(implode("", $output), true);
unset($output);
}
// List proxy templates
if (!empty($_SESSION["PROXY_SYSTEM"])) {
exec(HESTIA_CMD . "v-list-web-templates-proxy json", $output, $return_var);
$proxy_templates = json_decode(implode("", $output), true);
unset($output);
}
// List dns templates
exec(HESTIA_CMD . "v-list-dns-templates json", $output, $return_var);
$dns_templates = json_decode(implode("", $output), true);
unset($output);
// List shels
exec(HESTIA_CMD . "v-list-sys-shells json", $output, $return_var);
$shells = json_decode(implode("", $output), true);
unset($output);
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Check empty fields
if (empty($_POST["v_package"])) {
$errors[] = _("Package");
}
if (empty($_POST["v_web_template"])) {
$errors[] = _("Web Template");
}
if (!empty($_SESSION["WEB_BACKEND"])) {
if (empty($_POST["v_backend_template"])) {
$errors[] = _("Backend Template");
}
}
if (!empty($_SESSION["PROXY_SYSTEM"])) {
if (empty($_POST["v_proxy_template"])) {
$errors[] = _("Proxy Template");
}
}
if (empty($_POST["v_dns_template"])) {
$errors[] = _("DNS Template");
}
if (empty($_POST["v_shell"])) {
$errrors[] = _("Shell");
}
if (!isset($_POST["v_web_domains"])) {
$errors[] = _("Web Domains");
}
if (!isset($_POST["v_web_aliases"])) {
$errors[] = _("Web Aliases");
}
if (!isset($_POST["v_dns_domains"])) {
$errors[] = _("DNS Zones");
}
if (!isset($_POST["v_dns_records"])) {
$errors[] = _("DNS Records");
}
if (!isset($_POST["v_mail_domains"])) {
$errors[] = _("Mail Domains");
}
if (!isset($_POST["v_mail_accounts"])) {
$errors[] = _("Mail Accounts");
}
if (!isset($_POST["v_ratelimit"])) {
$errors[] = _("Rate Limit");
}
if (!isset($_POST["v_databases"])) {
$errors[] = _("Databases");
}
if (!isset($_POST["v_cron_jobs"])) {
$errors[] = _("Cron Jobs");
}
if (!isset($_POST["v_backups"])) {
$errors[] = _("Backups");
}
if (!isset($_POST["v_disk_quota"])) {
$errors[] = _("Quota");
}
if (!isset($_POST["v_bandwidth"])) {
$errors[] = _("Bandwidth");
}
// Check if name server entries are blank if DNS server is installed
if (isset($_SESSION["DNS_SYSTEM"]) && !empty($_SESSION["DNS_SYSTEM"])) {
if (empty($_POST["v_ns1"])) {
$errors[] = _("Nameserver 1");
}
if (empty($_POST["v_ns2"])) {
$errors[] = _("Nameserver 2");
}
}
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ($i == 0) {
$error_msg = $error;
} else {
$error_msg = $error_msg . ", " . $error;
}
}
$_SESSION["error_msg"] = sprintf(_('Field "%s" can not be blank.'), $error_msg);
}
// Protect input
$v_package = quoteshellarg($_POST["v_package"]);
$v_package_new = quoteshellarg($_POST["v_package_new"]);
$v_web_template = quoteshellarg($_POST["v_web_template"]);
if (!empty($_SESSION["WEB_BACKEND"])) {
$v_backend_template = quoteshellarg($_POST["v_backend_template"]);
}
if (!empty($_SESSION["PROXY_SYSTEM"])) {
$v_proxy_template = quoteshellarg($_POST["v_proxy_template"]);
}
$v_dns_template = quoteshellarg($_POST["v_dns_template"]);
if (!empty($_POST["v_shell"])) {
$v_shell = quoteshellarg($_POST["v_shell"]);
} else {
$v_shell = "nologin";
}
$v_web_domains = quoteshellarg($_POST["v_web_domains"]);
$v_web_aliases = quoteshellarg($_POST["v_web_aliases"]);
$v_dns_domains = quoteshellarg($_POST["v_dns_domains"]);
$v_dns_records = quoteshellarg($_POST["v_dns_records"]);
$v_mail_domains = quoteshellarg($_POST["v_mail_domains"]);
$v_mail_accounts = quoteshellarg($_POST["v_mail_accounts"]);
$v_ratelimit = quoteshellarg($_POST["v_ratelimit"]);
$v_databases = quoteshellarg($_POST["v_databases"]);
$v_cron_jobs = quoteshellarg($_POST["v_cron_jobs"]);
$v_backups = quoteshellarg($_POST["v_backups"]);
$v_disk_quota = quoteshellarg($_POST["v_disk_quota"]);
$v_bandwidth = quoteshellarg($_POST["v_bandwidth"]);
$v_ns1 = !empty($_POST["v_ns1"]) ? trim($_POST["v_ns1"], ".") : "";
$v_ns2 = !empty($_POST["v_ns2"]) ? trim($_POST["v_ns2"], ".") : "";
$v_ns3 = !empty($_POST["v_ns3"]) ? trim($_POST["v_ns3"], ".") : "";
$v_ns4 = !empty($_POST["v_ns4"]) ? trim($_POST["v_ns4"], ".") : "";
$v_ns5 = !empty($_POST["v_ns5"]) ? trim($_POST["v_ns5"], ".") : "";
$v_ns6 = !empty($_POST["v_ns6"]) ? trim($_POST["v_ns6"], ".") : "";
$v_ns7 = !empty($_POST["v_ns7"]) ? trim($_POST["v_ns7"], ".") : "";
$v_ns8 = !empty($_POST["v_ns8"]) ? trim($_POST["v_ns8"], ".") : "";
$v_ns = $v_ns1 . "," . $v_ns2;
if (!empty($v_ns3)) {
$v_ns .= "," . $v_ns3;
}
if (!empty($v_ns4)) {
$v_ns .= "," . $v_ns4;
}
if (!empty($v_ns5)) {
$v_ns .= "," . $v_ns5;
}
if (!empty($v_ns6)) {
$v_ns .= "," . $v_ns6;
}
if (!empty($v_ns7)) {
$v_ns .= "," . $v_ns7;
}
if (!empty($v_ns8)) {
$v_ns .= "," . $v_ns8;
}
$v_ns = quoteshellarg($v_ns);
$v_time = quoteshellarg(date("H:i:s"));
$v_date = quoteshellarg(date("Y-m-d"));
// Save package file on a fs
$pkg = "WEB_TEMPLATE=" . $v_web_template . "\n";
$pkg .= "BACKEND_TEMPLATE=" . $v_backend_template . "\n";
$pkg .= "PROXY_TEMPLATE=" . $v_proxy_template . "\n";
$pkg .= "DNS_TEMPLATE=" . $v_dns_template . "\n";
$pkg .= "WEB_DOMAINS=" . $v_web_domains . "\n";
$pkg .= "WEB_ALIASES=" . $v_web_aliases . "\n";
$pkg .= "DNS_DOMAINS=" . $v_dns_domains . "\n";
$pkg .= "DNS_RECORDS=" . $v_dns_records . "\n";
$pkg .= "MAIL_DOMAINS=" . $v_mail_domains . "\n";
$pkg .= "MAIL_ACCOUNTS=" . $v_mail_accounts . "\n";
$pkg .= "RATE_LIMIT=" . $v_ratelimit . "\n";
$pkg .= "DATABASES=" . $v_databases . "\n";
$pkg .= "CRON_JOBS=" . $v_cron_jobs . "\n";
$pkg .= "DISK_QUOTA=" . $v_disk_quota . "\n";
$pkg .= "BANDWIDTH=" . $v_bandwidth . "\n";
$pkg .= "NS=" . $v_ns . "\n";
$pkg .= "SHELL=" . $v_shell . "\n";
$pkg .= "BACKUPS=" . $v_backups . "\n";
$pkg .= "TIME=" . $v_time . "\n";
$pkg .= "DATE=" . $v_date . "\n";
$tmpfile = tempnam("/tmp/", "hst_");
$fp = fopen($tmpfile, "w");
fwrite($fp, $pkg);
exec(
HESTIA_CMD . "v-add-user-package " . $tmpfile . " " . $v_package . " yes",
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
fclose($fp);
unlink($tmpfile);
// Propagate new package
exec(HESTIA_CMD . "v-update-user-package " . $v_package . " 'json'", $output, $return_var);
check_return_code($return_var, $output);
unset($output);
if ($v_package_new != $v_package) {
exec(
HESTIA_CMD . "v-rename-user-package " . $v_package . " " . $v_package_new,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
// Render page
render_page($user, $TAB, "edit_package");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

59
web/edit/server/apache2/index.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " apache2 " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
$v_config_path = "/etc/apache2/apache2.conf";
$v_service_name = strtoupper("apache2");
// Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_httpd");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

78
web/edit/server/bind9/index.php Normal file
View File

@@ -0,0 +1,78 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update options
if (!empty($_POST["v_options"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_options"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " bind9-opt " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Update config
if (empty($_SESSION["error_msg"]) && !empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " bind9 " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
$v_options_path = "/etc/bind/named.conf.options";
$v_config_path = "/etc/bind/named.conf";
$v_service_name = strtoupper("bind9");
// Read config
$v_options = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_options_path);
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_bind9");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

59
web/edit/server/clamav-daemon/index.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " clamd " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
$v_config_path = shell_exec(HESTIA_CMD . "v-list-sys-clamd-config plain");
$v_service_name = strtoupper("clamav");
// Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_service");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

31
web/edit/server/cron/index.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Set success message
$_SESSION["ok_msg"] = _("Info (read-only mode): Crontab can only be edited via SSH.");
}
$v_config_path = "/etc/crontab";
$v_service_name = strtoupper("cron");
// Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_service");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

31
web/edit/server/crond/index.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Set success message
$_SESSION["ok_msg"] = _("Info (read-only mode): Crontab can only be edited via SSH.");
}
$v_config_path = "/etc/crontab";
$v_service_name = strtoupper("cron");
// Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_service");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

232
web/edit/server/dovecot/index.php Normal file
View File

@@ -0,0 +1,232 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " dovecot " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Update config1
if (empty($_SESSION["error_msg"]) && !empty($_POST["v_config1"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config1"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " dovecot-1 " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Update config2
if (empty($_SESSION["error_msg"]) && !empty($_POST["v_config2"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config2"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " dovecot-2 " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Update config3
if (empty($_SESSION["error_msg"]) && !empty($_POST["v_config3"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config3"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " dovecot-3 " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Update config4
if (empty($_SESSION["error_msg"]) && !empty($_POST["v_config4"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config4"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " dovecot-4 " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Update config5
if (empty($_SESSION["error_msg"]) && !empty($_POST["v_config5"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config5"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " dovecot-5 " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Update config6
if (empty($_SESSION["error_msg"]) && !empty($_POST["v_config6"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config6"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " dovecot-6 " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Update config7
if (empty($_SESSION["error_msg"]) && !empty($_POST["v_config7"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config7"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " dovecot-7 " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Update config8
if (empty($_SESSION["error_msg"]) && !empty($_POST["v_config8"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config8"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " dovecot-8 " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
// List config
exec(HESTIA_CMD . "v-list-sys-dovecot-config json", $output, $return_var);
$data = json_decode(implode("", $output), true);
unset($output);
$v_config_path = $data["CONFIG"]["config_path"];
$v_config_path1 = $data["CONFIG"]["config_path1"];
$v_config_path2 = $data["CONFIG"]["config_path2"];
$v_config_path3 = $data["CONFIG"]["config_path3"];
$v_config_path4 = $data["CONFIG"]["config_path4"];
$v_config_path5 = $data["CONFIG"]["config_path5"];
$v_config_path6 = $data["CONFIG"]["config_path6"];
$v_config_path7 = $data["CONFIG"]["config_path7"];
$v_config_path8 = $data["CONFIG"]["config_path8"];
$v_service_name = strtoupper("dovecot");
// Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
if (!empty($v_config_path1)) {
$v_config1 = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path1);
}
if (!empty($v_config_path2)) {
$v_config2 = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path2);
}
if (!empty($v_config_path3)) {
$v_config3 = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path3);
}
if (!empty($v_config_path4)) {
$v_config4 = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path4);
}
if (!empty($v_config_path5)) {
$v_config5 = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path5);
}
if (!empty($v_config_path6)) {
$v_config6 = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path6);
}
if (!empty($v_config_path7)) {
$v_config7 = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path7);
}
if (!empty($v_config_path8)) {
$v_config8 = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path8);
}
// Render page
render_page($user, $TAB, "edit_server_dovecot");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

59
web/edit/server/exim/index.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " exim " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
$v_config_path = "/etc/exim/exim.conf";
$v_service_name = strtoupper("exim");
// Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_service");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

59
web/edit/server/exim4/index.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " exim4 " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
$v_config_path = "/etc/exim4/exim4.conf.template";
$v_service_name = strtoupper("exim");
// Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_service");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

59
web/edit/server/fail2ban/index.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " fail2ban " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
$v_config_path = "/etc/fail2ban/jail.local";
$v_service_name = strtoupper("fail2ban");
// Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_service");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

59
web/edit/server/httpd/index.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " httpd " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
$v_config_path = "/etc/httpd/conf/httpd.conf";
$v_service_name = strtoupper("httpd");
// Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_httpd");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

1748
web/edit/server/index.php Normal file
View File

File diff suppressed because it is too large Load Diff

9
web/edit/server/iptables/index.php Normal file
View File

@@ -0,0 +1,9 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
header("Location: /list/firewall");
exit();

68
web/edit/server/mariadb/index.php Normal file
View File

@@ -0,0 +1,68 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " mariadb " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
// List config
exec(HESTIA_CMD . "v-list-sys-mysql-config json", $output, $return_var);
$data = json_decode(implode("", $output), true);
unset($output);
$v_max_user_connections = $data["CONFIG"]["max_user_connections"];
$v_max_connections = $data["CONFIG"]["max_connections"];
$v_wait_timeout = $data["CONFIG"]["wait_timeout"];
$v_interactive_timeout = $data["CONFIG"]["interactive_timeout"];
$v_max_allowed_packet = $data["CONFIG"]["max_allowed_packet"];
$v_config_path = $data["CONFIG"]["config_path"];
$v_service_name = strtoupper("mariadb");
# Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_mysql");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

68
web/edit/server/mysql/index.php Normal file
View File

@@ -0,0 +1,68 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " mysql " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
// List config
exec(HESTIA_CMD . "v-list-sys-mysql-config json", $output, $return_var);
$data = json_decode(implode("", $output), true);
unset($output);
$v_max_user_connections = $data["CONFIG"]["max_user_connections"];
$v_max_connections = $data["CONFIG"]["max_connections"];
$v_wait_timeout = $data["CONFIG"]["wait_timeout"];
$v_interactive_timeout = $data["CONFIG"]["interactive_timeout"];
$v_max_allowed_packet = $data["CONFIG"]["max_allowed_packet"];
$v_config_path = $data["CONFIG"]["config_path"];
$v_service_name = strtoupper("mysql");
# Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_mysql");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

68
web/edit/server/mysqld/index.php Normal file
View File

@@ -0,0 +1,68 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " mysqld " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
// List config
exec(HESTIA_CMD . "v-list-sys-mysql-config json", $output, $return_var);
$data = json_decode(implode("", $output), true);
unset($output);
$v_max_user_connections = $data["CONFIG"]["max_user_connections"];
$v_max_connections = $data["CONFIG"]["max_connections"];
$v_wait_timeout = $data["CONFIG"]["wait_timeout"];
$v_interactive_timeout = $data["CONFIG"]["interactive_timeout"];
$v_max_allowed_packet = $data["CONFIG"]["max_allowed_packet"];
$v_config_path = $data["CONFIG"]["config_path"];
$v_service_name = strtoupper("mysql");
# Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_mysql");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

59
web/edit/server/named/index.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " named " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
$v_config_path = "/etc/named.conf";
$v_service_name = strtoupper("named");
// Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_service");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

73
web/edit/server/nginx/index.php Normal file
View File

@@ -0,0 +1,73 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " nginx " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
// List config
exec(HESTIA_CMD . "v-list-sys-nginx-config json", $output, $return_var);
$data = json_decode(implode("", $output), true);
unset($output);
$v_worker_processes = $data["CONFIG"]["worker_processes"];
$v_worker_connections = $data["CONFIG"]["worker_connections"];
$v_send_timeout = $data["CONFIG"]["send_timeout"];
$v_proxy_connect_timeout = $data["CONFIG"]["proxy_connect_timeout"];
$v_proxy_send_timeout = $data["CONFIG"]["proxy_send_timeout"];
$v_proxy_read_timeout = $data["CONFIG"]["proxy_read_timeout"];
$v_client_max_body_size = $data["CONFIG"]["client_max_body_size"];
$v_gzip = $data["CONFIG"]["gzip"];
$v_gzip_comp_level = $data["CONFIG"]["gzip_comp_level"];
$v_charset = $data["CONFIG"]["charset"];
$v_config_path = $data["CONFIG"]["config_path"];
$v_service_name = strtoupper("nginx");
// Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_nginx");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

69
web/edit/server/php-fpm/index.php Normal file
View File

@@ -0,0 +1,69 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " php " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
// List config
exec(HESTIA_CMD . "v-list-sys-php-config json", $output, $return_var);
$data = json_decode(implode("", $output), true);
unset($output);
$v_memory_limit = $data["CONFIG"]["memory_limit"];
$v_max_execution_time = $data["CONFIG"]["max_execution_time"];
$v_max_input_time = $data["CONFIG"]["max_input_time"];
$v_upload_max_filesize = $data["CONFIG"]["upload_max_filesize"];
$v_post_max_size = $data["CONFIG"]["post_max_size"];
$v_display_errors = $data["CONFIG"]["display_errors"];
$v_error_reporting = $data["CONFIG"]["error_reporting"];
$v_config_path = $data["CONFIG"]["config_path"];
# Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_php");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

69
web/edit/server/php/index.php Normal file
View File

@@ -0,0 +1,69 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " php " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
// List config
exec(HESTIA_CMD . "v-list-sys-php-config json", $output, $return_var);
$data = json_decode(implode("", $output), true);
unset($output);
$v_memory_limit = $data["CONFIG"]["memory_limit"];
$v_max_execution_time = $data["CONFIG"]["max_execution_time"];
$v_max_input_time = $data["CONFIG"]["max_input_time"];
$v_upload_max_filesize = $data["CONFIG"]["upload_max_filesize"];
$v_post_max_size = $data["CONFIG"]["post_max_size"];
$v_display_errors = $data["CONFIG"]["display_errors"];
$v_error_reporting = $data["CONFIG"]["error_reporting"];
$v_config_path = $data["CONFIG"]["config_path"];
# Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_php");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

69
web/edit/server/php5-fpm/index.php Normal file
View File

@@ -0,0 +1,69 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " php " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
// List config
exec(HESTIA_CMD . "v-list-sys-php-config json", $output, $return_var);
$data = json_decode(implode("", $output), true);
unset($output);
$v_memory_limit = $data["CONFIG"]["memory_limit"];
$v_max_execution_time = $data["CONFIG"]["max_execution_time"];
$v_max_input_time = $data["CONFIG"]["max_input_time"];
$v_upload_max_filesize = $data["CONFIG"]["upload_max_filesize"];
$v_post_max_size = $data["CONFIG"]["post_max_size"];
$v_display_errors = $data["CONFIG"]["display_errors"];
$v_error_reporting = $data["CONFIG"]["error_reporting"];
$v_config_path = $data["CONFIG"]["config_path"];
# Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_php");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

87
web/edit/server/postgresql/index.php Normal file
View File

@@ -0,0 +1,87 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update option
if (!empty($_POST["v_options"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_options"]));
fclose($fp);
exec(
HESTIA_CMD .
"v-change-sys-service-config " .
$new_conf .
" postgresql-hba " .
$v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Update config
if (empty($_SESSION["error_msg"]) && !empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " postgresql " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
// List config
exec(HESTIA_CMD . "v-list-sys-pgsql-config json", $output, $return_var);
$data = json_decode(implode("", $output), true);
unset($output);
$v_options_path = $data["CONFIG"]["pg_hba_path"];
$v_config_path = $data["CONFIG"]["config_path"];
$v_service_name = strtoupper("postgresql");
// Read config
$v_options = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_options_path);
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_pgsql");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

59
web/edit/server/proftpd/index.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " proftpd " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
$v_config_path = shell_exec(HESTIA_CMD . "v-list-sys-proftpd-config plain");
$v_service_name = strtoupper("proftpd");
// Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_service");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

59
web/edit/server/spamassassin/index.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " spamassassin " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
$v_config_path = shell_exec(HESTIA_CMD . "v-list-sys-spamd-config plain");
$v_service_name = strtoupper("spamassassin");
// Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_service");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

59
web/edit/server/spamd/index.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " spamd " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
$v_config_path = shell_exec(HESTIA_CMD . "v-list-sys-spamd-config plain");
$v_service_name = strtoupper("spamassassin");
// Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_service");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

59
web/edit/server/ssh/index.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " ssh " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
$v_config_path = "/etc/ssh/sshd_config";
$v_service_name = strtoupper("ssh");
// Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_service");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

59
web/edit/server/vsftpd/index.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Check POST request
if (!empty($_POST["save"])) {
//verify token
verify_csrf($_POST);
// Set restart flag
$v_restart = "yes";
if (empty($_POST["v_restart"])) {
$v_restart = "no";
}
// Update config
if (!empty($_POST["v_config"])) {
exec("mktemp", $mktemp_output, $return_var);
$new_conf = $mktemp_output[0];
$fp = fopen($new_conf, "w");
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_config"]));
fclose($fp);
exec(
HESTIA_CMD . "v-change-sys-service-config " . $new_conf . " vsftpd " . $v_restart,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($new_conf);
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
$v_config_path = shell_exec(HESTIA_CMD . "v-list-sys-vsftpd-config plain");
$v_service_name = strtoupper("vsftpd");
// Read config
$v_config = shell_exec(HESTIA_CMD . "v-open-fs-config " . $v_config_path);
// Render page
render_page($user, $TAB, "edit_server_service");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

104
web/edit/server/whitelabel/index.php Normal file
View File

@@ -0,0 +1,104 @@
<?php
use function Hestiacp\quoteshellarg\quoteshellarg;
$TAB = "SERVER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
if (!empty($_POST)) {
if (!empty($_POST["v_app_name"]) && $_SESSION["APP_NAME"] != $_POST["v_app_name"]) {
exec(
HESTIA_CMD .
"v-change-sys-config-value APP_NAME " .
quoteshellarg($_POST["v_app_name"]),
$output,
$return_var,
);
}
if (!empty($_POST["v_title"]) && $_SESSION["TITLE"] != $_POST["v_title"]) {
exec(
HESTIA_CMD . "v-change-sys-config-value TITLE " . quoteshellarg($_POST["v_title"]),
$output,
$return_var,
);
}
if (
!empty($_POST["v_subject_email"]) &&
$_SESSION["SUBJECT_EMAIL"] != $_POST["v_subject_email"]
) {
exec(
HESTIA_CMD .
"v-change-sys-config-value SUBJECT_EMAIL " .
quoteshellarg($_POST["v_subject_email"]),
$output,
$return_var,
);
}
if (!empty($_POST["v_hide_docs"]) && $_SESSION["HIDE_DOCS"] != $_POST["v_hide_docs"]) {
exec(
HESTIA_CMD .
"v-change-sys-config-value HIDE_DOCS " .
quoteshellarg($_POST["v_hide_docs"]),
$output,
$return_var,
);
}
if (!empty($_POST["v_from_name"]) && $_SESSION["FROM_NAME"] != $_POST["v_from_name"]) {
exec(
HESTIA_CMD .
"v-change-sys-config-value FROM_NAME " .
quoteshellarg($_POST["v_from_name"]),
$output,
$return_var,
);
}
if (!empty($_POST["v_from_email"]) && $_SESSION["FROM_EMAIL"] != $_POST["v_from_email"]) {
exec(
HESTIA_CMD .
"v-change-sys-config-value FROM_EMAIL " .
quoteshellarg($_POST["v_from_email"]),
$output,
$return_var,
);
}
if (!empty($_POST["v_hide_docs"]) && $_SESSION["HIDE_DOCS"] != $_POST["v_hide_docs"]) {
exec(
HESTIA_CMD .
"v-change-sys-config-value HIDE_DOCS " .
quoteshellarg($_POST["v_hide_docs"]),
$output,
$return_var,
);
}
}
// Check system configuration
exec(HESTIA_CMD . "v-list-sys-config json", $output, $return_var);
$data = json_decode(implode("", $output), true);
unset($output);
$sys_arr = $data["config"];
foreach ($sys_arr as $key => $value) {
$_SESSION[$key] = $value;
}
$v_title = $_SESSION["TITLE"];
$v_app_name = $_SESSION["APP_NAME"];
$v_hide_docs = $_SESSION["HIDE_DOCS"];
$v_from_name = $_SESSION["FROM_NAME"];
$v_from_email = $_SESSION["FROM_EMAIL"];
$v_subject_email = $_SESSION["SUBJECT_EMAIL"];
// Render page
render_page($user, $TAB, "edit_whitelabel");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

567
web/edit/user/index.php Normal file
View File

@@ -0,0 +1,567 @@
<?php
use function Hestiacp\quoteshellarg\quoteshellarg;
ob_start();
$TAB = "USER";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user argument
if (empty($_GET["user"])) {
header("Location: /list/user/");
exit();
}
// Edit as someone else?
if ($_SESSION["userContext"] === "admin" && !empty($_GET["user"])) {
$user = $_GET["user"];
$v_username = $_GET["user"];
} else {
$user = $_SESSION["user"];
$v_username = $_SESSION["user"];
}
// Prevent other users with admin privileges from editing properties of default 'admin' user
if (
($_SESSION["userContext"] === "admin" && $_SESSION["look"] != "" && $user == "admin") ||
($_SESSION["userContext"] === "admin" &&
!isset($_SESSION["look"]) &&
$user == "admin" &&
$_SESSION["user"] != "admin")
) {
header("Location: /list/user/");
exit();
}
// Check token
verify_csrf($_GET);
// List user
exec(HESTIA_CMD . "v-list-user " . quoteshellarg($v_username) . " json", $output, $return_var);
check_return_code_redirect($return_var, $output, "/list/user/");
$data = json_decode(implode("", $output), true);
unset($output);
// Parse user
$v_password = "";
$v_email = $data[$v_username]["CONTACT"];
$v_package = $data[$v_username]["PACKAGE"];
$v_language = $data[$v_username]["LANGUAGE"];
$v_user_theme = $data[$v_username]["THEME"];
$v_sort_order = $data[$v_username]["PREF_UI_SORT"];
$v_name = $data[$v_username]["NAME"];
$v_shell = $data[$v_username]["SHELL"];
$v_twofa = $data[$v_username]["TWOFA"];
$v_qrcode = $data[$v_username]["QRCODE"];
$v_phpcli = $data[$v_username]["PHPCLI"];
$v_role = $data[$v_username]["ROLE"];
$v_login_disabled = $data[$v_username]["LOGIN_DISABLED"];
$v_login_use_iplist = $data[$v_username]["LOGIN_USE_IPLIST"];
$v_login_allowed_ips = $data[$v_username]["LOGIN_ALLOW_IPS"];
$v_ns = $data[$v_username]["NS"];
$nameservers = explode(",", $v_ns);
if (empty($nameservers[0])) {
$v_ns1 = "";
} else {
$v_ns1 = $nameservers[0];
}
if (empty($nameservers[1])) {
$v_ns2 = "";
} else {
$v_ns2 = $nameservers[1];
}
if (empty($nameservers[2])) {
$v_ns3 = "";
} else {
$v_ns3 = $nameservers[2];
}
if (empty($nameservers[3])) {
$v_ns4 = "";
} else {
$v_ns4 = $nameservers[3];
}
if (empty($nameservers[4])) {
$v_ns5 = "";
} else {
$v_ns5 = $nameservers[4];
}
if (empty($nameservers[5])) {
$v_ns6 = "";
} else {
$v_ns6 = $nameservers[5];
}
if (empty($nameservers[6])) {
$v_ns7 = "";
} else {
$v_ns7 = $nameservers[6];
}
if (empty($nameservers[7])) {
$v_ns8 = "";
} else {
$v_ns8 = $nameservers[7];
}
$v_suspended = $data[$v_username]["SUSPENDED"];
if ($v_suspended == "yes") {
$v_status = "suspended";
} else {
$v_status = "active";
}
$v_time = $data[$v_username]["TIME"];
$v_date = $data[$v_username]["DATE"];
if (empty($v_phpcli)) {
$v_phpcli = substr(DEFAULT_PHP_VERSION, 4);
}
// List packages
exec(HESTIA_CMD . "v-list-user-packages json", $output, $return_var);
$packages = json_decode(implode("", $output), true);
unset($output);
// List languages
exec(HESTIA_CMD . "v-list-sys-languages json", $output, $return_var);
$language = json_decode(implode("", $output), true);
foreach ($language as $lang) {
$languages[$lang] = translate_json($lang);
}
asort($languages);
unset($output);
// List themes
exec(HESTIA_CMD . "v-list-sys-themes json", $output, $return_var);
$themes = json_decode(implode("", $output), true);
unset($output);
// List shells
exec(HESTIA_CMD . "v-list-sys-shells json", $output, $return_var);
$shells = json_decode(implode("", $output), true);
unset($output);
//List PHP Versions
// List supported php versions
exec(HESTIA_CMD . "v-list-sys-php json", $output, $return_var);
$php_versions = json_decode(implode("", $output), true);
unset($output);
// Check POST request
if (!empty($_POST["save"])) {
// Check token
verify_csrf($_POST);
// Change password
if (!empty($_POST["v_password"]) && empty($_SESSION["error_msg"])) {
// Check password length
$pw_len = strlen($_POST["v_password"]);
if (!validate_password($_POST["v_password"])) {
$_SESSION["error_msg"] = _("Password does not match the minimum requirements.");
}
if (empty($_SESSION["error_msg"])) {
$v_password = tempnam("/tmp", "vst");
$fp = fopen($v_password, "w");
fwrite($fp, $_POST["v_password"] . "\n");
fclose($fp);
exec(
HESTIA_CMD .
"v-change-user-password " .
quoteshellarg($v_username) .
" " .
$v_password,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
unlink($v_password);
$v_password = quoteshellarg($_POST["v_password"]);
}
}
// Enable twofa
if (!empty($_POST["v_twofa"]) && empty($v_twofa) && empty($_SESSION["error_msg"])) {
exec(HESTIA_CMD . "v-add-user-2fa " . quoteshellarg($v_username), $output, $return_var);
check_return_code($return_var, $output);
unset($output);
// List user
exec(
HESTIA_CMD . "v-list-user " . quoteshellarg($v_username) . " json",
$output,
$return_var,
);
check_return_code($return_var, $output);
$data = json_decode(implode("", $output), true);
unset($output);
// Parse user twofa
$v_twofa = $data[$v_username]["TWOFA"];
$v_qrcode = $data[$v_username]["QRCODE"];
}
// Disable twofa
if (empty($_POST["v_twofa"]) && !empty($v_twofa) && empty($_SESSION["error_msg"])) {
exec(HESTIA_CMD . "v-delete-user-2fa " . quoteshellarg($v_username), $output, $return_var);
check_return_code($return_var, $output);
unset($output);
$v_twofa = "";
$v_qrcode = "";
}
// Change default sort order
if ($v_sort_order != $_POST["v_sort_order"] && empty($_SESSION["error_msg"])) {
$v_sort_order = quoteshellarg($_POST["v_sort_order"]);
exec(
HESTIA_CMD .
"v-change-user-sort-order " .
quoteshellarg($v_username) .
" " .
$v_sort_order,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($_SESSION["userSortOrder"]);
$_SESSION["userSortOrder"] = $v_sort_order;
unset($output);
}
// Update Control Panel login disabled status (admin only)
if (empty($_SESSION["error_msg"])) {
if (empty($_POST["v_login_disabled"])) {
$_POST["v_login_disabled"] = "";
}
if ($_POST["v_login_disabled"] != $v_login_disabled) {
if ($_POST["v_login_disabled"] == "on") {
$_POST["v_login_disabled"] = "yes";
} else {
$_POST["v_login_disabled"] = "no";
}
exec(
HESTIA_CMD .
"v-change-user-config-value " .
quoteshellarg($v_username) .
" LOGIN_DISABLED " .
quoteshellarg($_POST["v_login_disabled"]),
$output,
$return_var,
);
check_return_code($return_var, $output);
$data[$user]["LOGIN_DISABLED"] = $_POST["v_login_disabled"];
unset($output);
}
}
// Update IP whitelist option
if (empty($_SESSION["error_msg"])) {
if (empty($_POST["v_login_use_iplist"])) {
$_POST["v_login_use_iplist"] = "";
}
if ($_POST["v_login_use_iplist"] != $v_login_use_iplist) {
if ($_POST["v_login_use_iplist"] == "on") {
$_POST["v_login_use_iplist"] = "yes";
} else {
$_POST["v_login_use_iplist"] = "no";
}
exec(
HESTIA_CMD .
"v-change-user-config-value " .
quoteshellarg($v_username) .
" LOGIN_USE_IPLIST " .
quoteshellarg($_POST["v_login_use_iplist"]),
$output,
$return_var,
);
if ($_POST["v_login_use_iplist"] === "no") {
exec(
HESTIA_CMD .
"v-change-user-config-value " .
quoteshellarg($v_username) .
" LOGIN_ALLOW_IPS ''",
$output,
$return_var,
);
$v_login_allowed_ips = "";
} else {
exec(
HESTIA_CMD .
"v-change-user-config-value " .
quoteshellarg($v_username) .
" LOGIN_ALLOW_IPS " .
quoteshellarg($_POST["v_login_allowed_ips"]),
$output,
$return_var,
);
unset($v_login_allowed_ips);
$v_login_allowed_ips = $_POST["v_login_allowed_ips"];
}
check_return_code($return_var, $output);
$data[$user]["LOGIN_USE_IPLIST"] = $_POST["v_login_use_iplist"];
unset($output);
}
}
if ($_SESSION["userContext"] === "admin") {
// Change package (admin only)
if (
$v_package != $_POST["v_package"] &&
$_SESSION["userContext"] === "admin" &&
empty($_SESSION["error_msg"])
) {
$v_package = quoteshellarg($_POST["v_package"]);
exec(
HESTIA_CMD .
"v-change-user-package " .
quoteshellarg($v_username) .
" " .
$v_package,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
}
// Change phpcli (admin only)
if (
$v_phpcli != $_POST["v_phpcli"] &&
$_SESSION["userContext"] === "admin" &&
empty($_SESSION["error_msg"])
) {
$v_phpcli = quoteshellarg($_POST["v_phpcli"]);
exec(
HESTIA_CMD .
"v-change-user-php-cli " .
quoteshellarg($v_username) .
" " .
$v_phpcli,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
}
$_POST["v_role"] = $_POST["v_role"] ?? "";
if (
$v_role != $_POST["v_role"] &&
$_SESSION["userContext"] === "admin" &&
$v_username != "admin" &&
empty($_SESSION["error_msg"])
) {
if (!empty($_POST["v_role"])) {
$v_role = quoteshellarg($_POST["v_role"]);
exec(
HESTIA_CMD . "v-change-user-role " . quoteshellarg($v_username) . " " . $v_role,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
$v_role = $_POST["v_role"];
}
}
// Change shell (admin only)
if (!empty($_POST["v_shell"])) {
if (
$v_shell != $_POST["v_shell"] &&
$_SESSION["userContext"] === "admin" &&
empty($_SESSION["error_msg"])
) {
$v_shell = quoteshellarg($_POST["v_shell"]);
exec(
HESTIA_CMD .
"v-change-user-shell " .
quoteshellarg($v_username) .
" " .
$v_shell,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
}
}
}
// Change language
if ($v_language != $_POST["v_language"] && empty($_SESSION["error_msg"])) {
$v_language = quoteshellarg($_POST["v_language"]);
exec(
HESTIA_CMD . "v-change-user-language " . quoteshellarg($v_username) . " " . $v_language,
$output,
$return_var,
);
check_return_code($return_var, $output);
if (empty($_SESSION["error_msg"])) {
if ($_GET["user"] == $_SESSION["user"]) {
unset($_SESSION["language"]);
$_SESSION["language"] = $_POST["v_language"];
$refresh = $_SERVER["REQUEST_URI"];
header("Location: $refresh");
}
}
unset($output);
}
// Change contact email
if ($v_email != $_POST["v_email"] && empty($_SESSION["error_msg"])) {
if (!filter_var($_POST["v_email"], FILTER_VALIDATE_EMAIL)) {
$_SESSION["error_msg"] = _("Please enter a valid email address.");
} else {
$v_email = quoteshellarg($_POST["v_email"]);
exec(
HESTIA_CMD . "v-change-user-contact " . quoteshellarg($v_username) . " " . $v_email,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
}
}
// Change full name
if ($v_name != $_POST["v_name"]) {
if (empty($_POST["v_name"])) {
$_SESSION["error_msg"] = _("Please enter a valid contact name.");
} else {
$v_name = quoteshellarg($_POST["v_name"]);
exec(
HESTIA_CMD . "v-change-user-name " . quoteshellarg($v_username) . " " . $v_name,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
$v_name = $_POST["v_name"];
}
}
// Update theme
if (empty($_SESSION["error_msg"])) {
if (empty($_SESSION["userTheme"])) {
$_SESSION["userTheme"] = "";
}
if ($_POST["v_user_theme"] != $_SESSION["userTheme"]) {
exec(
HESTIA_CMD .
"v-change-user-theme " .
quoteshellarg($v_username) .
" " .
quoteshellarg($_POST["v_user_theme"]),
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
$v_user_theme = $_POST["v_user_theme"];
if ($_SESSION["user"] === $v_username) {
unset($_SESSION["userTheme"]);
$_SESSION["userTheme"] = $v_user_theme;
}
}
}
if (!empty($_SESSION["DNS_SYSTEM"])) {
if ($_SESSION["userContext"] === "admin") {
// Change NameServers
if (empty($_POST["v_ns1"])) {
$_POST["v_ns1"] = "";
}
if (empty($_POST["v_ns2"])) {
$_POST["v_ns2"] = "";
}
if (empty($_POST["v_ns3"])) {
$_POST["v_ns3"] = "";
}
if (empty($_POST["v_ns4"])) {
$_POST["v_ns4"] = "";
}
if (empty($_POST["v_ns5"])) {
$_POST["v_ns5"] = "";
}
if (empty($_POST["v_ns6"])) {
$_POST["v_ns6"] = "";
}
if (empty($_POST["v_ns7"])) {
$_POST["v_ns7"] = "";
}
if (empty($_POST["v_ns8"])) {
$_POST["v_ns8"] = "";
}
if (
$v_ns1 != $_POST["v_ns1"] ||
$v_ns2 != $_POST["v_ns2"] ||
$v_ns3 != $_POST["v_ns3"] ||
$v_ns4 != $_POST["v_ns4"] ||
$v_ns5 != $_POST["v_ns5"] ||
$v_ns6 != $_POST["v_ns6"] ||
$v_ns7 != $_POST["v_ns7"] ||
($v_ns8 != $_POST["v_ns8"] &&
empty($_SESSION["error_msg"] && !empty($_POST["v_ns1"]) && $_POST["v_ns2"]))
) {
$v_ns1 = quoteshellarg($_POST["v_ns1"]);
$v_ns2 = quoteshellarg($_POST["v_ns2"]);
$v_ns3 = quoteshellarg($_POST["v_ns3"]);
$v_ns4 = quoteshellarg($_POST["v_ns4"]);
$v_ns5 = quoteshellarg($_POST["v_ns5"]);
$v_ns6 = quoteshellarg($_POST["v_ns6"]);
$v_ns7 = quoteshellarg($_POST["v_ns7"]);
$v_ns8 = quoteshellarg($_POST["v_ns8"]);
$ns_cmd =
HESTIA_CMD .
"v-change-user-ns " .
quoteshellarg($v_username) .
" " .
$v_ns1 .
" " .
$v_ns2;
if (!empty($_POST["v_ns3"])) {
$ns_cmd = $ns_cmd . " " . $v_ns3;
}
if (!empty($_POST["v_ns4"])) {
$ns_cmd = $ns_cmd . " " . $v_ns4;
}
if (!empty($_POST["v_ns5"])) {
$ns_cmd = $ns_cmd . " " . $v_ns5;
}
if (!empty($_POST["v_ns6"])) {
$ns_cmd = $ns_cmd . " " . $v_ns6;
}
if (!empty($_POST["v_ns7"])) {
$ns_cmd = $ns_cmd . " " . $v_ns7;
}
if (!empty($_POST["v_ns8"])) {
$ns_cmd = $ns_cmd . " " . $v_ns8;
}
exec($ns_cmd, $output, $return_var);
check_return_code($return_var, $output);
unset($output);
$v_ns1 = str_replace("'", "", $v_ns1);
$v_ns2 = str_replace("'", "", $v_ns2);
$v_ns3 = str_replace("'", "", $v_ns3);
$v_ns4 = str_replace("'", "", $v_ns4);
$v_ns5 = str_replace("'", "", $v_ns5);
$v_ns6 = str_replace("'", "", $v_ns6);
$v_ns7 = str_replace("'", "", $v_ns7);
$v_ns8 = str_replace("'", "", $v_ns8);
}
}
}
// Set success message
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Changes have been saved.");
}
}
// Render page
render_page($user, $TAB, "edit_user");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);

1666
web/edit/web/index.php Normal file
View File

File diff suppressed because it is too large Load Diff