Initial

web/restart/service/index.php

@@ -0,0 +1,31 @@
+<?php
+use function Hestiacp\quoteshellarg\quoteshellarg;
+
+// Init
+ob_start();
+include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
+
+// Check token
+verify_csrf($_GET);
+
+if ($_SESSION["userContext"] === "admin") {
+	if (!empty($_GET["srv"])) {
+		if ($_GET["srv"] == "iptables") {
+			exec(HESTIA_CMD . "v-update-firewall", $output, $return_var);
+		} else {
+			$v_service = quoteshellarg($_GET["srv"]);
+			exec(HESTIA_CMD . "v-restart-service " . $v_service . " yes", $output, $return_var);
+		}
+	}
+	if ($return_var != 0) {
+		$error = implode("<br>", $output);
+		if (empty($error)) {
+			$error = _('Restart "%s" failed', $v_service);
+		}
+		$_SESSION["error_msg"] = $error;
+	}
+	unset($output);
+}
+
+header("Location: /list/server/");
+exit();

web/restart/system/index.php

@@ -0,0 +1,34 @@
+<?php
+
+// Init
+ob_start();
+include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
+
+// Check token
+verify_csrf($_GET);
+
+// If the stored reset token matches the current request one it means that we need
+// to prevent the action because the browser automatically reloaded the page when
+// the server turned on. This will prevent duplicate restarts.
+$reset_token_dir = "/var/tmp/";
+if (isset($_GET["system_reset_token"]) && is_numeric($_GET["system_reset_token"])) {
+	clearstatcache();
+	$reset_token_file = $reset_token_dir . "hst_reset_" . $_GET["system_reset_token"];
+	if (file_exists($reset_token_file)) {
+		unlink($reset_token_file);
+		sleep(5);
+		header("location: /list/server/");
+		exit();
+	}
+	if ($_SESSION["userContext"] === "admin") {
+		if (!empty($_GET["hostname"])) {
+			touch($reset_token_file);
+			$_SESSION["error_msg"] = _("The system is going down for reboot NOW!");
+			exec(HESTIA_CMD . "v-restart-system yes", $output, $return_var);
+		}
+		unset($output);
+	}
+}
+
+header("Location: /list/server/");
+exit();