Marius Cramer
2015-12-08 65625c129fd95d249f0accafd039e9119c0d8866
commit | author | age
146783 1 <?php
MC 2
3 /*
4 Copyright (c) 2007 - 2012, Till Brehm, projektfarm Gmbh
5 All rights reserved.
6
7 Redistribution and use in source and binary forms, with or without modification,
8 are permitted provided that the following conditions are met:
9
10     * Redistributions of source code must retain the above copyright notice,
11       this list of conditions and the following disclaimer.
12     * Redistributions in binary form must reproduce the above copyright notice,
13       this list of conditions and the following disclaimer in the documentation
14       and/or other materials provided with the distribution.
15     * Neither the name of ISPConfig nor the names of its contributors
16       may be used to endorse or promote products derived from this software without
17       specific prior written permission.
18
19 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
20 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
21 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22 IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
23 INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
24 BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
26 OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
27 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
28 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 */
30
31 class nginx_plugin {
32
33     var $plugin_name = 'nginx_plugin';
34     var $class_name = 'nginx_plugin';
35
36     // private variables
37     var $action = '';
38     var $ssl_certificate_changed = false;
39
40     //* This function is called during ispconfig installation to determine
41     //  if a symlink shall be created for this plugin.
42     function onInstall() {
43         global $conf;
44
45         if($conf['services']['web'] == true && !@is_link('/usr/local/ispconfig/server/plugins-enabled/apache2_plugin.inc.php')) {
46             return true;
47         } else {
48             return false;
49         }
50
51     }
52
53
54     /*
55          This function is called when the plugin is loaded
56     */
57
58     function onLoad() {
59         global $app;
60
61         /*
62         Register for the events
63         */
7fe908 64         $app->plugins->registerEvent('web_domain_insert', $this->plugin_name, 'ssl');
MC 65         $app->plugins->registerEvent('web_domain_update', $this->plugin_name, 'ssl');
66         $app->plugins->registerEvent('web_domain_delete', $this->plugin_name, 'ssl');
146783 67
7fe908 68         $app->plugins->registerEvent('web_domain_insert', $this->plugin_name, 'insert');
MC 69         $app->plugins->registerEvent('web_domain_update', $this->plugin_name, 'update');
70         $app->plugins->registerEvent('web_domain_delete', $this->plugin_name, 'delete');
146783 71
7fe908 72         $app->plugins->registerEvent('server_ip_insert', $this->plugin_name, 'server_ip');
MC 73         $app->plugins->registerEvent('server_ip_update', $this->plugin_name, 'server_ip');
74         $app->plugins->registerEvent('server_ip_delete', $this->plugin_name, 'server_ip');
146783 75
MC 76         /*
77         $app->plugins->registerEvent('webdav_user_insert',$this->plugin_name,'webdav');
78         $app->plugins->registerEvent('webdav_user_update',$this->plugin_name,'webdav');
79         $app->plugins->registerEvent('webdav_user_delete',$this->plugin_name,'webdav');
80         */
7fe908 81
MC 82         $app->plugins->registerEvent('client_delete', $this->plugin_name, 'client_delete');
83
84         $app->plugins->registerEvent('web_folder_user_insert', $this->plugin_name, 'web_folder_user');
85         $app->plugins->registerEvent('web_folder_user_update', $this->plugin_name, 'web_folder_user');
86         $app->plugins->registerEvent('web_folder_user_delete', $this->plugin_name, 'web_folder_user');
87
88         $app->plugins->registerEvent('web_folder_update', $this->plugin_name, 'web_folder_update');
89         $app->plugins->registerEvent('web_folder_delete', $this->plugin_name, 'web_folder_delete');
146783 90     }
MC 91
92     // Handle the creation of SSL certificates
7fe908 93     function ssl($event_name, $data) {
146783 94         global $app, $conf;
7fe908 95
146783 96         $app->uses('system');
MC 97
98         // load the server configuration options
99         $app->uses('getconf');
100         $web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
101         if ($web_config['CA_path']!='' && !file_exists($web_config['CA_path'].'/openssl.cnf'))
7fe908 102             $app->log("CA path error, file does not exist:".$web_config['CA_path'].'/openssl.cnf', LOGLEVEL_ERROR);
MC 103
146783 104         //* Only vhosts can have a ssl cert
MC 105         if($data["new"]["type"] != "vhost" && $data["new"]["type"] != "vhostsubdomain") return;
106
107         // if(!is_dir($data['new']['document_root'].'/ssl')) exec('mkdir -p '.$data['new']['document_root'].'/ssl');
108         if(!is_dir($data['new']['document_root'].'/ssl')) $app->system->mkdirpath($data['new']['document_root'].'/ssl');
7fe908 109
146783 110         $ssl_dir = $data['new']['document_root'].'/ssl';
MC 111         $domain = $data['new']['ssl_domain'];
112         $key_file = $ssl_dir.'/'.$domain.'.key.org';
113         $key_file2 = $ssl_dir.'/'.$domain.'.key';
114         $csr_file = $ssl_dir.'/'.$domain.'.csr';
115         $crt_file = $ssl_dir.'/'.$domain.'.crt';
116
117         //* Create a SSL Certificate
118         if($data['new']['ssl_action'] == 'create' && $conf['mirror_server_id'] == 0) {
7fe908 119
146783 120             $this->ssl_certificate_changed = true;
7fe908 121
146783 122             //* Rename files if they exist
MC 123             if(file_exists($key_file)){
7fe908 124                 $app->system->rename($key_file, $key_file.'.bak');
MC 125                 $app->system->chmod($key_file.'.bak', 0400);
146783 126             }
MC 127             if(file_exists($key_file2)){
7fe908 128                 $app->system->rename($key_file2, $key_file2.'.bak');
MC 129                 $app->system->chmod($key_file2.'.bak', 0400);
146783 130             }
7fe908 131             if(file_exists($csr_file)) $app->system->rename($csr_file, $csr_file.'.bak');
MC 132             if(file_exists($crt_file)) $app->system->rename($crt_file, $crt_file.'.bak');
133
146783 134             $rand_file = $ssl_dir.'/random_file';
7fe908 135             $rand_data = md5(uniqid(microtime(), 1));
146783 136             for($i=0; $i<1000; $i++) {
7fe908 137                 $rand_data .= md5(uniqid(microtime(), 1));
MC 138                 $rand_data .= md5(uniqid(microtime(), 1));
139                 $rand_data .= md5(uniqid(microtime(), 1));
140                 $rand_data .= md5(uniqid(microtime(), 1));
146783 141             }
MC 142             $app->system->file_put_contents($rand_file, $rand_data);
143
7fe908 144             $ssl_password = substr(md5(uniqid(microtime(), 1)), 0, 15);
146783 145
MC 146             $ssl_cnf = "        RANDFILE               = $rand_file
147
148         [ req ]
149         default_bits           = 2048
6068b7 150         default_md             = sha256
146783 151         default_keyfile        = keyfile.pem
MC 152         distinguished_name     = req_distinguished_name
153         attributes             = req_attributes
154         prompt                 = no
155         output_password        = $ssl_password
156
157         [ req_distinguished_name ]
158         C                      = ".trim($data['new']['ssl_country'])."
159         ST                     = ".trim($data['new']['ssl_state'])."
160         L                      = ".trim($data['new']['ssl_locality'])."
161         O                      = ".trim($data['new']['ssl_organisation'])."
162         OU                     = ".trim($data['new']['ssl_organisation_unit'])."
163         CN                     = $domain
164         emailAddress           = webmaster@".$data['new']['domain']."
165
166         [ req_attributes ]
167         challengePassword              = A challenge password";
168
169             $ssl_cnf_file = $ssl_dir.'/openssl.conf';
7fe908 170             $app->system->file_put_contents($ssl_cnf_file, $ssl_cnf);
146783 171
MC 172             $rand_file = escapeshellcmd($rand_file);
173             $key_file = escapeshellcmd($key_file);
8c82ef 174             $openssl_cmd_key_file = $key_file;
146783 175             if(substr($domain, 0, 2) == '*.' && strpos($key_file, '/ssl/\*.') !== false) $key_file = str_replace('/ssl/\*.', '/ssl/*.', $key_file); // wildcard certificate
MC 176             $key_file2 = escapeshellcmd($key_file2);
8c82ef 177             $openssl_cmd_key_file2 = $key_file2;
146783 178             if(substr($domain, 0, 2) == '*.' && strpos($key_file2, '/ssl/\*.') !== false) $key_file2 = str_replace('/ssl/\*.', '/ssl/*.', $key_file2); // wildcard certificate
MC 179             $ssl_days = 3650;
180             $csr_file = escapeshellcmd($csr_file);
8c82ef 181             $openssl_cmd_csr_file = $csr_file;
146783 182             if(substr($domain, 0, 2) == '*.' && strpos($csr_file, '/ssl/\*.') !== false) $csr_file = str_replace('/ssl/\*.', '/ssl/*.', $csr_file); // wildcard certificate
MC 183             $config_file = escapeshellcmd($ssl_cnf_file);
184             $crt_file = escapeshellcmd($crt_file);
8c82ef 185             $openssl_cmd_crt_file = $crt_file;
146783 186             if(substr($domain, 0, 2) == '*.' && strpos($crt_file, '/ssl/\*.') !== false) $crt_file = str_replace('/ssl/\*.', '/ssl/*.', $crt_file); // wildcard certificate
MC 187
188             if(is_file($ssl_cnf_file) && !is_link($ssl_cnf_file)) {
7fe908 189
8c82ef 190                 exec("openssl genrsa -des3 -rand $rand_file -passout pass:$ssl_password -out $openssl_cmd_key_file 2048");
6068b7 191                 exec("openssl req -new -sha256 -passin pass:$ssl_password -passout pass:$ssl_password -key $openssl_cmd_key_file -out $openssl_cmd_csr_file -days $ssl_days -config $config_file");
8c82ef 192                 exec("openssl rsa -passin pass:$ssl_password -in $openssl_cmd_key_file -out $openssl_cmd_key_file2");
146783 193
MC 194                 if(file_exists($web_config['CA_path'].'/openssl.cnf'))
195                 {
8c82ef 196                     exec("openssl ca -batch -out $openssl_cmd_crt_file -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -in $openssl_cmd_csr_file");
7fe908 197                     $app->log("Creating CA-signed SSL Cert for: $domain", LOGLEVEL_DEBUG);
8c82ef 198                     if (filesize($crt_file)==0 || !file_exists($crt_file)) $app->log("CA-Certificate signing failed.  openssl ca -out $openssl_cmd_crt_file -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -in $openssl_cmd_csr_file", LOGLEVEL_ERROR);
146783 199                 };
MC 200                 if (@filesize($crt_file)==0 || !file_exists($crt_file)){
8c82ef 201                     exec("openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $openssl_cmd_key_file -in $openssl_cmd_csr_file -out $openssl_cmd_crt_file -days $ssl_days -config $config_file ");
7fe908 202                     $app->log("Creating self-signed SSL Cert for: $domain", LOGLEVEL_DEBUG);
146783 203                 };
7fe908 204
146783 205             }
MC 206
7fe908 207             $app->system->chmod($key_file, 0400);
MC 208             $app->system->chmod($key_file2, 0400);
146783 209             @$app->system->unlink($config_file);
MC 210             @$app->system->unlink($rand_file);
211             $ssl_request = $app->db->quote($app->system->file_get_contents($csr_file));
212             $ssl_cert = $app->db->quote($app->system->file_get_contents($crt_file));
213             $ssl_key2 = $app->db->quote($app->system->file_get_contents($key_file2));
214             /* Update the DB of the (local) Server */
215             $app->db->query("UPDATE web_domain SET ssl_request = '$ssl_request', ssl_cert = '$ssl_cert', ssl_key = '$ssl_key2' WHERE domain = '".$data['new']['domain']."'");
216             $app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
217             /* Update also the master-DB of the Server-Farm */
218             $app->dbmaster->query("UPDATE web_domain SET ssl_request = '$ssl_request', ssl_cert = '$ssl_cert', ssl_key = '$ssl_key2' WHERE domain = '".$data['new']['domain']."'");
219             $app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
220         }
221
222         //* Save a SSL certificate to disk
223         if($data["new"]["ssl_action"] == 'save') {
224             $this->ssl_certificate_changed = true;
225             $ssl_dir = $data["new"]["document_root"]."/ssl";
226             $domain = ($data["new"]["ssl_domain"] != '')?$data["new"]["ssl_domain"]:$data["new"]["domain"];
227             $key_file = $ssl_dir.'/'.$domain.'.key.org';
228             $key_file2 = $ssl_dir.'/'.$domain.'.key';
229             $csr_file = $ssl_dir.'/'.$domain.".csr";
230             $crt_file = $ssl_dir.'/'.$domain.".crt";
231             //$bundle_file = $ssl_dir.'/'.$domain.".bundle";
7fe908 232
146783 233             //* Backup files
MC 234             if(file_exists($key_file)){
7fe908 235                 $app->system->copy($key_file, $key_file.'~');
MC 236                 $app->system->chmod($key_file.'~', 0400);
146783 237             }
MC 238             if(file_exists($key_file2)){
7fe908 239                 $app->system->copy($key_file2, $key_file2.'~');
MC 240                 $app->system->chmod($key_file2.'~', 0400);
146783 241             }
7fe908 242             if(file_exists($csr_file)) $app->system->copy($csr_file, $csr_file.'~');
MC 243             if(file_exists($crt_file)) $app->system->copy($crt_file, $crt_file.'~');
146783 244             //if(file_exists($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'~');
7fe908 245
146783 246             //* Write new ssl files
7fe908 247             if(trim($data["new"]["ssl_request"]) != '') $app->system->file_put_contents($csr_file, $data["new"]["ssl_request"]);
MC 248             if(trim($data["new"]["ssl_cert"]) != '') $app->system->file_put_contents($crt_file, $data["new"]["ssl_cert"]);
146783 249             //if(trim($data["new"]["ssl_bundle"]) != '') $app->system->file_put_contents($bundle_file,$data["new"]["ssl_bundle"]);
7fe908 250             if(trim($data["new"]["ssl_key"]) != '') $app->system->file_put_contents($key_file2, $data["new"]["ssl_key"]);
MC 251             $app->system->chmod($key_file2, 0400);
252
146783 253             // for nginx, bundle files have to be appended to the certificate file
7fe908 254             if(trim($data["new"]["ssl_bundle"]) != ''){
146783 255                 if(file_exists($crt_file)){
MC 256                     $crt_file_contents = trim($app->system->file_get_contents($crt_file));
257                 } else {
258                     $crt_file_contents = '';
259                 }
260                 if($crt_file_contents != '') $crt_file_contents .= "\n";
261                 $crt_file_contents .= $data["new"]["ssl_bundle"];
7fe908 262                 $app->system->file_put_contents($crt_file, $app->file->unix_nl($crt_file_contents));
146783 263                 unset($crt_file_contents);
MC 264             }
265             /* Update the DB of the (local) Server */
266             $app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
7fe908 267
146783 268             /* Update also the master-DB of the Server-Farm */
MC 269             $app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
7fe908 270             $app->log('Saving SSL Cert for: '.$domain, LOGLEVEL_DEBUG);
146783 271         }
MC 272
273         //* Delete a SSL certificate
274         if($data['new']['ssl_action'] == 'del') {
275             $ssl_dir = $data['new']['document_root'].'/ssl';
276             $domain = ($data["new"]["ssl_domain"] != '')?$data["new"]["ssl_domain"]:$data["new"]["domain"];
277             $csr_file = $ssl_dir.'/'.$domain.'.csr';
278             $crt_file = $ssl_dir.'/'.$domain.'.crt';
279             //$bundle_file = $ssl_dir.'/'.$domain.'.bundle';
280             if(file_exists($web_config['CA_path'].'/openssl.cnf') && !is_link($web_config['CA_path'].'/openssl.cnf'))
7fe908 281             {
8c82ef 282                 exec("openssl ca -batch -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -revoke ".escapeshellcmd($crt_file));
7fe908 283                 $app->log("Revoking CA-signed SSL Cert for: $domain", LOGLEVEL_DEBUG);
MC 284             };
146783 285             $app->system->unlink($csr_file);
MC 286             $app->system->unlink($crt_file);
287             //$app->system->unlink($bundle_file);
288             /* Update the DB of the (local) Server */
289             $app->db->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '' WHERE domain = '".$data['new']['domain']."'");
290             $app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
291             /* Update also the master-DB of the Server-Farm */
292             $app->dbmaster->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '' WHERE domain = '".$data['new']['domain']."'");
293             $app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = '".$data['new']['domain']."'");
7fe908 294             $app->log('Deleting SSL Cert for: '.$domain, LOGLEVEL_DEBUG);
146783 295         }
MC 296
297     }
298
299
7fe908 300     function insert($event_name, $data) {
146783 301         global $app, $conf;
MC 302
303         $this->action = 'insert';
304         // just run the update function
7fe908 305         $this->update($event_name, $data);
146783 306
MC 307
308     }
309
310
7fe908 311     function update($event_name, $data) {
146783 312         global $app, $conf;
7fe908 313
146783 314         //* Check if the apache plugin is enabled
MC 315         if(@is_link('/usr/local/ispconfig/server/plugins-enabled/apache2_plugin.inc.php')) {
7fe908 316             $app->log('The nginx plugin cannot be used together with the apache2 plugin.', LOGLEVEL_WARN);
146783 317             return 0;
MC 318         }
7fe908 319
146783 320         if($this->action != 'insert') $this->action = 'update';
MC 321
322         if($data['new']['type'] != 'vhost' && $data['new']['type'] != 'vhostsubdomain' && $data['new']['parent_domain_id'] > 0) {
323
324             $old_parent_domain_id = intval($data['old']['parent_domain_id']);
325             $new_parent_domain_id = intval($data['new']['parent_domain_id']);
326
327             // If the parent_domain_id has been changed, we will have to update the old site as well.
328             if($this->action == 'update' && $data['new']['parent_domain_id'] != $data['old']['parent_domain_id']) {
329                 $tmp = $app->db->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = '.$old_parent_domain_id." AND active = 'y'");
330                 $data['new'] = $tmp;
331                 $data['old'] = $tmp;
332                 $this->action = 'update';
7fe908 333                 $this->update($event_name, $data);
146783 334             }
MC 335
336             // This is not a vhost, so we need to update the parent record instead.
337             $tmp = $app->db->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = '.$new_parent_domain_id." AND active = 'y'");
338             $data['new'] = $tmp;
339             $data['old'] = $tmp;
340             $this->action = 'update';
341         }
342
343         // load the server configuration options
344         $app->uses('getconf');
345         $web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
346
347         //* Check if this is a chrooted setup
348         if($web_config['website_basedir'] != '' && @is_file($web_config['website_basedir'].'/etc/passwd')) {
349             $nginx_chrooted = true;
7fe908 350             $app->log('Info: nginx is chrooted.', LOGLEVEL_DEBUG);
146783 351         } else {
MC 352             $nginx_chrooted = false;
353         }
354
355         if($data['new']['document_root'] == '') {
7fe908 356             if($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain') $app->log('document_root not set', LOGLEVEL_WARN);
146783 357             return 0;
MC 358         }
64ea56 359
1e6ea5 360         if($app->system->is_allowed_user($data['new']['system_user'], $app->system->is_user($data['new']['system_user']), true) == false
TB 361             || $app->system->is_allowed_group($data['new']['system_group'], $app->system->is_group($data['new']['system_group']), true) == false) {
362             $app->log('Websites cannot be owned by the root user or group. User: '.$data['new']['system_user'].' Group: '.$data['new']['system_group'], LOGLEVEL_WARN);
146783 363             return 0;
MC 364         }
64ea56 365
146783 366         if(trim($data['new']['domain']) == '') {
7fe908 367             $app->log('domain is empty', LOGLEVEL_WARN);
146783 368             return 0;
MC 369         }
7fe908 370
MC 371         $web_folder = 'web';
372         $log_folder = 'log';
79d955 373         $old_web_folder = 'web';
MC 374         $old_log_folder = 'log';
7fe908 375         if($data['new']['type'] == 'vhostsubdomain') {
79d955 376             // new one
7fe908 377             $tmp = $app->db->queryOneRecord('SELECT `domain` FROM web_domain WHERE domain_id = '.intval($data['new']['parent_domain_id']));
MC 378             $subdomain_host = preg_replace('/^(.*)\.' . preg_quote($tmp['domain'], '/') . '$/', '$1', $data['new']['domain']);
379             if($subdomain_host == '') $subdomain_host = 'web'.$data['new']['domain_id'];
380             $web_folder = $data['new']['web_folder'];
381             $log_folder .= '/' . $subdomain_host;
382             unset($tmp);
79d955 383             
MC 384             if(isset($data['old']['parent_domain_id'])) {
385                 // old one
386                 $tmp = $app->db->queryOneRecord('SELECT `domain` FROM web_domain WHERE domain_id = '.intval($data['old']['parent_domain_id']));
387                 $subdomain_host = preg_replace('/^(.*)\.' . preg_quote($tmp['domain'], '/') . '$/', '$1', $data['old']['domain']);
388                 if($subdomain_host == '') $subdomain_host = 'web'.$data['old']['domain_id'];
389                 $old_web_folder = $data['old']['web_folder'];
390                 $old_log_folder .= '/' . $subdomain_host;
391                 unset($tmp);
392             }
7fe908 393         }
146783 394
MC 395         // Create group and user, if not exist
396         $app->uses('system');
7fe908 397
146783 398         if($web_config['connect_userid_to_webid'] == 'y') {
MC 399             //* Calculate the uid and gid
400             $connect_userid_to_webid_start = ($web_config['connect_userid_to_webid_start'] < 1000)?1000:intval($web_config['connect_userid_to_webid_start']);
401             $fixed_uid_gid = intval($connect_userid_to_webid_start + $data['new']['domain_id']);
402             $fixed_uid_param = '--uid '.$fixed_uid_gid;
403             $fixed_gid_param = '--gid '.$fixed_uid_gid;
7fe908 404
146783 405             //* Check if a ispconfigend user and group exists and create them
MC 406             if(!$app->system->is_group('ispconfigend')) {
407                 exec('groupadd --gid '.($connect_userid_to_webid_start + 10000).' ispconfigend');
408             }
409             if(!$app->system->is_user('ispconfigend')) {
410                 exec('useradd -g ispconfigend -d /usr/local/ispconfig --uid '.($connect_userid_to_webid_start + 10000).' ispconfigend');
411             }
412         } else {
413             $fixed_uid_param = '';
414             $fixed_gid_param = '';
415         }
416
417         $groupname = escapeshellcmd($data['new']['system_group']);
418         if($data['new']['system_group'] != '' && !$app->system->is_group($data['new']['system_group'])) {
419             exec('groupadd '.$fixed_gid_param.' '.$groupname);
420             if($nginx_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' groupadd '.$groupname);
7fe908 421             $app->log('Adding the group: '.$groupname, LOGLEVEL_DEBUG);
146783 422         }
MC 423
424         $username = escapeshellcmd($data['new']['system_user']);
425         if($data['new']['system_user'] != '' && !$app->system->is_user($data['new']['system_user'])) {
426             if($web_config['add_web_users_to_sshusers_group'] == 'y') {
427                 exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param -G sshusers $username -s /bin/false");
428                 if($nginx_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param -G sshusers $username -s /bin/false");
429             } else {
430                 exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param $username -s /bin/false");
431                 if($nginx_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param $username -s /bin/false");
432             }
7fe908 433             $app->log('Adding the user: '.$username, LOGLEVEL_DEBUG);
146783 434         }
MC 435
436         //* If the client of the site has been changed, we have a change of the document root
437         if($this->action == 'update' && $data['new']['document_root'] != $data['old']['document_root']) {
438
439             //* Get the old client ID
440             $old_client = $app->dbmaster->queryOneRecord('SELECT client_id FROM sys_group WHERE sys_group.groupid = '.intval($data['old']['sys_groupid']));
441             $old_client_id = intval($old_client['client_id']);
442             unset($old_client);
443
444             //* Remove the old symlinks
7fe908 445             $tmp_symlinks_array = explode(':', $web_config['website_symlinks']);
146783 446             if(is_array($tmp_symlinks_array)) {
MC 447                 foreach($tmp_symlinks_array as $tmp_symlink) {
7fe908 448                     $tmp_symlink = str_replace('[client_id]', $old_client_id, $tmp_symlink);
MC 449                     $tmp_symlink = str_replace('[website_domain]', $data['old']['domain'], $tmp_symlink);
146783 450                     // Remove trailing slash
MC 451                     if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1);
452                     // create the symlinks, if not exist
453                     if(is_link($tmp_symlink)) {
454                         exec('rm -f '.escapeshellcmd($tmp_symlink));
7fe908 455                         $app->log('Removed symlink: rm -f '.$tmp_symlink, LOGLEVEL_DEBUG);
146783 456                     }
MC 457                 }
458             }
459
460             if($data["new"]["type"] != "vhostsubdomain") {
461                 //* Move the site data
7fe908 462                 $tmp_docroot = explode('/', $data['new']['document_root']);
146783 463                 unset($tmp_docroot[count($tmp_docroot)-1]);
7fe908 464                 $new_dir = implode('/', $tmp_docroot);
146783 465
7fe908 466                 $tmp_docroot = explode('/', $data['old']['document_root']);
146783 467                 unset($tmp_docroot[count($tmp_docroot)-1]);
7fe908 468                 $old_dir = implode('/', $tmp_docroot);
146783 469
MC 470                 //* Check if there is already some data in the new docroot and rename it as we need a clean path to move the existing site to the new path
471                 if(@is_dir($data['new']['document_root'])) {
7fe908 472                     $app->system->web_folder_protection($data['new']['document_root'], false);
MC 473                     $app->system->rename($data['new']['document_root'], $data['new']['document_root'].'_bak_'.date('Y_m_d_H_i_s'));
474                     $app->log('Renaming existing directory in new docroot location. mv '.$data['new']['document_root'].' '.$data['new']['document_root'].'_bak_'.date('Y_m_d_H_i_s'), LOGLEVEL_DEBUG);
146783 475                 }
3fb802 476                 
TB 477                 //* Unmount the old log directory bfore we move the log dir
478                 exec('umount '.escapeshellcmd($old_dir.'/log'));
7fe908 479
146783 480                 //* Create new base directory, if it does not exist yet
MC 481                 if(!is_dir($new_dir)) $app->system->mkdirpath($new_dir);
7fe908 482                 $app->system->web_folder_protection($data['old']['document_root'], false);
146783 483                 exec('mv '.escapeshellarg($data['old']['document_root']).' '.escapeshellarg($new_dir));
MC 484                 //$app->system->rename($data['old']['document_root'],$new_dir);
7fe908 485                 $app->log('Moving site to new document root: mv '.$data['old']['document_root'].' '.$new_dir, LOGLEVEL_DEBUG);
146783 486
MC 487                 // Handle the change in php_open_basedir
7fe908 488                 $data['new']['php_open_basedir'] = str_replace($data['old']['document_root'], $data['new']['document_root'], $data['old']['php_open_basedir']);
146783 489
MC 490                 //* Change the owner of the website files to the new website owner
491                 exec('chown --recursive --from='.escapeshellcmd($data['old']['system_user']).':'.escapeshellcmd($data['old']['system_group']).' '.escapeshellcmd($data['new']['system_user']).':'.escapeshellcmd($data['new']['system_group']).' '.$new_dir);
492
493                 //* Change the home directory and group of the website user
494                 $command = 'killall -u '.escapeshellcmd($data['new']['system_user']).' ; usermod';
495                 $command .= ' --home '.escapeshellcmd($data['new']['document_root']);
496                 $command .= ' --gid '.escapeshellcmd($data['new']['system_group']);
497                 $command .= ' '.escapeshellcmd($data['new']['system_user']).' 2>/dev/null';
498                 exec($command);
499             }
500
501             if($nginx_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);
7fe908 502
146783 503             //* Change the log mount
074a57 504             /*
79d955 505             $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$old_log_folder.'    none    bind';
7fe908 506             $app->system->removeLine('/etc/fstab', $fstab_line);
79d955 507             $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$old_log_folder.'    none    bind,nobootwait';
ff5b86 508             $app->system->removeLine('/etc/fstab', $fstab_line);
074a57 509             $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$old_log_folder.'    none    bind,nobootwait';
TB 510             $app->system->removeLine('/etc/fstab', $fstab_line);
511             */
512             
513             $fstab_line_old = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$old_log_folder.'    none    bind';
514             
515             if($web_config['network_filesystem'] == 'y') {
516                 $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.'    none    bind,nobootwait,_netdev    0 0';
517                 $app->system->replaceLine('/etc/fstab', $fstab_line_old, $fstab_line, 0, 1);
518             } else {
519                 $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.'    none    bind,nobootwait    0 0';
520                 $app->system->replaceLine('/etc/fstab', $fstab_line_old, $fstab_line, 0, 1);
521             }
3fb802 522             
TB 523             exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/'.$log_folder));
146783 524
MC 525         }
526
527         //print_r($data);
528
529         // Check if the directories are there and create them if necessary.
7fe908 530         $app->system->web_folder_protection($data['new']['document_root'], false);
MC 531
146783 532         if(!is_dir($data['new']['document_root'].'/' . $web_folder)) $app->system->mkdirpath($data['new']['document_root'].'/' . $web_folder);
MC 533         if(!is_dir($data['new']['document_root'].'/' . $web_folder . '/error') and $data['new']['errordocs']) $app->system->mkdirpath($data['new']['document_root'].'/' . $web_folder . '/error');
534         //if(!is_dir($data['new']['document_root'].'/'.$log_folder)) exec('mkdir -p '.$data['new']['document_root'].'/'.$log_folder);
535         if(!is_dir($data['new']['document_root'].'/ssl')) $app->system->mkdirpath($data['new']['document_root'].'/ssl');
536         if(!is_dir($data['new']['document_root'].'/cgi-bin')) $app->system->mkdirpath($data['new']['document_root'].'/cgi-bin');
537         if(!is_dir($data['new']['document_root'].'/tmp')) $app->system->mkdirpath($data['new']['document_root'].'/tmp');
538         //if(!is_dir($data['new']['document_root'].'/webdav')) $app->system->mkdirpath($data['new']['document_root'].'/webdav');
7fe908 539
146783 540         //* Create the new private directory
MC 541         if(!is_dir($data['new']['document_root'].'/private')) {
542             $app->system->mkdirpath($data['new']['document_root'].'/private');
7fe908 543             $app->system->chmod($data['new']['document_root'].'/private', 0710);
MC 544             $app->system->chown($data['new']['document_root'].'/private', $username);
545             $app->system->chgrp($data['new']['document_root'].'/private', $groupname);
146783 546         }
7fe908 547
MC 548
146783 549         // Remove the symlink for the site, if site is renamed
MC 550         if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
551             if(is_dir('/var/log/ispconfig/httpd/'.$data['old']['domain'])) exec('rm -rf /var/log/ispconfig/httpd/'.$data['old']['domain']);
79d955 552             if(is_link($data['old']['document_root'].'/'.$old_log_folder)) $app->system->unlink($data['old']['document_root'].'/'.$old_log_folder);
7fe908 553
146783 554             //* remove old log mount
79d955 555             $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$old_log_folder.'    none    bind';
7fe908 556             $app->system->removeLine('/etc/fstab', $fstab_line);
MC 557
146783 558             //* Unmount log directory
79d955 559             exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$old_log_folder));
146783 560         }
7fe908 561
146783 562         //* Create the log dir if nescessary and mount it
MC 563         if(!is_dir($data['new']['document_root'].'/'.$log_folder) || !is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain']) || is_link($data['new']['document_root'].'/'.$log_folder)) {
564             if(is_link($data['new']['document_root'].'/'.$log_folder)) unlink($data['new']['document_root'].'/'.$log_folder);
565             if(!is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain'])) exec('mkdir -p /var/log/ispconfig/httpd/'.$data['new']['domain']);
566             $app->system->mkdirpath($data['new']['document_root'].'/'.$log_folder);
7fe908 567             $app->system->chown($data['new']['document_root'].'/'.$log_folder, 'root');
MC 568             $app->system->chgrp($data['new']['document_root'].'/'.$log_folder, 'root');
569             $app->system->chmod($data['new']['document_root'].'/'.$log_folder, 0755);
146783 570             exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/'.$log_folder));
MC 571             //* add mountpoint to fstab
ff5b86 572             $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.'    none    bind,nobootwait,_netdev    0 0';
7fe908 573             $app->system->replaceLine('/etc/fstab', $fstab_line, $fstab_line, 1, 1);
146783 574         }
7fe908 575
MC 576         $app->system->web_folder_protection($data['new']['document_root'], true);
146783 577
MC 578         // Get the client ID
579         $client = $app->dbmaster->queryOneRecord('SELECT client_id FROM sys_group WHERE sys_group.groupid = '.intval($data['new']['sys_groupid']));
580         $client_id = intval($client['client_id']);
581         unset($client);
582
583         // Remove old symlinks, if site is renamed
584         if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
7fe908 585             $tmp_symlinks_array = explode(':', $web_config['website_symlinks']);
146783 586             if(is_array($tmp_symlinks_array)) {
MC 587                 foreach($tmp_symlinks_array as $tmp_symlink) {
7fe908 588                     $tmp_symlink = str_replace('[client_id]', $client_id, $tmp_symlink);
MC 589                     $tmp_symlink = str_replace('[website_domain]', $data['old']['domain'], $tmp_symlink);
146783 590                     // Remove trailing slash
MC 591                     if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1);
592                     // remove the symlinks, if not exist
593                     if(is_link($tmp_symlink)) {
594                         exec('rm -f '.escapeshellcmd($tmp_symlink));
7fe908 595                         $app->log('Removed symlink: rm -f '.$tmp_symlink, LOGLEVEL_DEBUG);
146783 596                     }
MC 597                 }
598             }
599         }
600
601         // Create the symlinks for the sites
7fe908 602         $tmp_symlinks_array = explode(':', $web_config['website_symlinks']);
146783 603         if(is_array($tmp_symlinks_array)) {
MC 604             foreach($tmp_symlinks_array as $tmp_symlink) {
7fe908 605                 $tmp_symlink = str_replace('[client_id]', $client_id, $tmp_symlink);
MC 606                 $tmp_symlink = str_replace('[website_domain]', $data['new']['domain'], $tmp_symlink);
146783 607                 // Remove trailing slash
MC 608                 if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1);
609                 //* Remove symlink if target folder has been changed.
610                 if($data['old']['document_root'] != '' && $data['old']['document_root'] != $data['new']['document_root'] && is_link($tmp_symlink)) {
611                     $app->system->unlink($tmp_symlink);
612                 }
613                 // create the symlinks, if not exist
614                 if(!is_link($tmp_symlink)) {
7fe908 615                     //     exec("ln -s ".escapeshellcmd($data["new"]["document_root"])."/ ".escapeshellcmd($tmp_symlink));
146783 616                     if ($web_config["website_symlinks_rel"] == 'y') {
MC 617                         $this->create_relative_link(escapeshellcmd($data["new"]["document_root"]), escapeshellcmd($tmp_symlink));
618                     } else {
619                         exec("ln -s ".escapeshellcmd($data["new"]["document_root"])."/ ".escapeshellcmd($tmp_symlink));
620                     }
621
7fe908 622                     $app->log('Creating symlink: ln -s '.$data['new']['document_root'].'/ '.$tmp_symlink, LOGLEVEL_DEBUG);
146783 623                 }
MC 624             }
625         }
626
627
628
7fe908 629         // Install the Standard or Custom Error, Index and other related files
MC 630         // /usr/local/ispconfig/server/conf is for the standard files
631         // /usr/local/ispconfig/server/conf-custom is for the custom files
632         // setting a local var here
633
634         // normally $conf['templates'] = "/usr/local/ispconfig/server/conf";
146783 635         if($this->action == 'insert' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain')) {
7fe908 636
MC 637             // Copy the error pages
146783 638             if($data['new']['errordocs']) {
MC 639                 $error_page_path = escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/error/';
7fe908 640                 if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2))) {
MC 641                     exec('cp ' . $conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path);
146783 642                 }
MC 643                 else {
644                     if (file_exists($conf['rootpath'] . '/conf-custom/error/400.html')) {
645                         exec('cp '. $conf['rootpath'] . '/conf-custom/error/*.html '.$error_page_path);
646                     }
647                     else {
7fe908 648                         exec('cp ' . $conf['rootpath'] . '/conf/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path);
146783 649                     }
MC 650                 }
651                 exec('chmod -R a+r '.$error_page_path);
652             }
653
7fe908 654             if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2))) {
MC 655                 exec('cp ' . $conf['rootpath'] . '/conf-custom/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2).' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html');
656
657                 if(is_file($conf['rootpath'] . '/conf-custom/index/favicon.ico')) {
658                     exec('cp ' . $conf['rootpath'] . '/conf-custom/index/favicon.ico '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
659                 }
660                 if(is_file($conf['rootpath'] . '/conf-custom/index/robots.txt')) {
661                     exec('cp ' . $conf['rootpath'] . '/conf-custom/index/robots.txt '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
662                 }
4f1e6a 663                 //if(is_file($conf['rootpath'] . '/conf-custom/index/.htaccess')) {
TB 664                 //    exec('cp ' . $conf['rootpath'] . '/conf-custom/index/.htaccess '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
665                 //}
7fe908 666             }
146783 667             else {
MC 668                 if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html')) {
669                     exec('cp ' . $conf['rootpath'] . '/conf-custom/index/standard_index.html '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html');
670                 }
671                 else {
7fe908 672                     exec('cp ' . $conf['rootpath'] . '/conf/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2).' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html');
146783 673                     if(is_file($conf['rootpath'] . '/conf/index/favicon.ico')) exec('cp ' . $conf['rootpath'] . '/conf/index/favicon.ico '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
MC 674                     if(is_file($conf['rootpath'] . '/conf/index/robots.txt')) exec('cp ' . $conf['rootpath'] . '/conf/index/robots.txt '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
4f1e6a 675                     //if(is_file($conf['rootpath'] . '/conf/index/.htaccess')) exec('cp ' . $conf['rootpath'] . '/conf/index/.htaccess '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
146783 676                 }
MC 677             }
678             exec('chmod -R a+r '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
679
680             //** Copy the error documents on update when the error document checkbox has been activated and was deactivated before
681         } elseif ($this->action == 'update' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain') && $data['old']['errordocs'] == 0 && $data['new']['errordocs'] == 1) {
7fe908 682
146783 683             $error_page_path = escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/error/';
7fe908 684             if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2))) {
MC 685                 exec('cp ' . $conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path);
146783 686             }
MC 687             else {
688                 if (file_exists($conf['rootpath'] . '/conf-custom/error/400.html')) {
689                     exec('cp ' . $conf['rootpath'] . '/conf-custom/error/*.html '.$error_page_path);
690                 }
691                 else {
7fe908 692                     exec('cp ' . $conf['rootpath'] . '/conf/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path);
146783 693                 }
MC 694             }
695             exec('chmod -R a+r '.$error_page_path);
696             exec('chown -R '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.$error_page_path);
697         }  // end copy error docs
698
699         // Set the quota for the user, but only for vhosts, not vhostsubdomains
700         if($username != '' && $app->system->is_user($username) && $data['new']['type'] == 'vhost') {
701             if($data['new']['hd_quota'] > 0) {
702                 $blocks_soft = $data['new']['hd_quota'] * 1024;
703                 $blocks_hard = $blocks_soft + 1024;
704             } else {
705                 $blocks_soft = $blocks_hard = 0;
706             }
707             exec("setquota -u $username $blocks_soft $blocks_hard 0 0 -a &> /dev/null");
708             exec('setquota -T -u '.$username.' 604800 604800 -a &> /dev/null');
709         }
710
711         if($this->action == 'insert' || $data["new"]["system_user"] != $data["old"]["system_user"]) {
712             // Chown and chmod the directories below the document root
713             $this->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder);
714             // The document root itself has to be owned by root in normal level and by the web owner in security level 20
715             if($web_config['security_level'] == 20) {
716                 $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder);
717             } else {
718                 $this->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder);
719             }
720         }
721
722         //* add the nginx user to the client group if this is a vhost and security level is set to high, no matter if this is an insert or update and regardless of set_folder_permissions_on_update
723         if($data['new']['type'] == 'vhost' && $web_config['security_level'] == 20) $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['nginx_user']));
7fe908 724
146783 725         //* If the security level is set to high
MC 726         if(($this->action == 'insert' && $data['new']['type'] == 'vhost') or ($web_config['set_folder_permissions_on_update'] == 'y' && $data['new']['type'] == 'vhost')) {
7fe908 727
MC 728             $app->system->web_folder_protection($data['new']['document_root'], false);
729
146783 730             //* Check if we have the new private folder and create it if nescessary
MC 731             if(!is_dir($data['new']['document_root'].'/private')) $app->system->mkdir($data['new']['document_root'].'/private');
7fe908 732
146783 733             if($web_config['security_level'] == 20) {
7fe908 734
MC 735                 $app->system->chmod($data['new']['document_root'], 0755);
97b556 736                 $app->system->chmod($data['new']['document_root'].'/web', 0751);
146783 737                 //$app->system->chmod($data['new']['document_root'].'/webdav',0710);
7fe908 738                 $app->system->chmod($data['new']['document_root'].'/private', 0710);
MC 739                 $app->system->chmod($data['new']['document_root'].'/ssl', 0755);
146783 740
MC 741                 // make tmp directory writable for nginx and the website users
5aedfd 742                 $app->system->chmod($data['new']['document_root'].'/tmp', 0770);
7fe908 743
146783 744                 // Set Log directory to 755 to make the logs accessible by the FTP user
MC 745                 if(realpath($data['new']['document_root'].'/'.$log_folder . '/error.log') == '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log') {
7fe908 746                     $app->system->chmod($data['new']['document_root'].'/'.$log_folder, 0755);
146783 747                 }
7fe908 748
146783 749                 if($web_config['add_web_users_to_sshusers_group'] == 'y') {
MC 750                     $command = 'usermod';
751                     $command .= ' --groups sshusers';
752                     $command .= ' '.escapeshellcmd($data['new']['system_user']).' 2>/dev/null';
753                     $this->_exec($command);
754                 }
755
756                 //* if we have a chrooted nginx environment
757                 if($nginx_chrooted) {
758                     $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);
759
760                     //* add the nginx user to the client group in the chroot environment
761                     $tmp_groupfile = $app->system->server_conf['group_datei'];
762                     $app->system->server_conf['group_datei'] = $web_config['website_basedir'].'/etc/group';
763                     $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['nginx_user']));
764                     $app->system->server_conf['group_datei'] = $tmp_groupfile;
765                     unset($tmp_groupfile);
766                 }
7fe908 767
146783 768                 //* Chown all default directories
7fe908 769                 $app->system->chown($data['new']['document_root'], 'root');
MC 770                 $app->system->chgrp($data['new']['document_root'], 'root');
771                 $app->system->chown($data['new']['document_root'].'/cgi-bin', $username);
772                 $app->system->chgrp($data['new']['document_root'].'/cgi-bin', $groupname);
146783 773                 if(realpath($data['new']['document_root'].'/'.$log_folder . '/error.log') == '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log') {
7fe908 774                     $app->system->chown($data['new']['document_root'].'/'.$log_folder, 'root', false);
MC 775                     $app->system->chgrp($data['new']['document_root'].'/'.$log_folder, $groupname, false);
146783 776                 }
7fe908 777                 $app->system->chown($data['new']['document_root'].'/ssl', 'root');
MC 778                 $app->system->chgrp($data['new']['document_root'].'/ssl', 'root');
779                 $app->system->chown($data['new']['document_root'].'/tmp', $username);
780                 $app->system->chgrp($data['new']['document_root'].'/tmp', $groupname);
781                 $app->system->chown($data['new']['document_root'].'/web', $username);
782                 $app->system->chgrp($data['new']['document_root'].'/web', $groupname);
783                 $app->system->chown($data['new']['document_root'].'/web/error', $username);
784                 $app->system->chgrp($data['new']['document_root'].'/web/error', $groupname);
785                 $app->system->chown($data['new']['document_root'].'/web/stats', $username);
786                 $app->system->chgrp($data['new']['document_root'].'/web/stats', $groupname);
146783 787                 //$app->system->chown($data['new']['document_root'].'/webdav',$username);
MC 788                 //$app->system->chgrp($data['new']['document_root'].'/webdav',$groupname);
7fe908 789                 $app->system->chown($data['new']['document_root'].'/private', $username);
MC 790                 $app->system->chgrp($data['new']['document_root'].'/private', $groupname);
146783 791
MC 792                 // If the security Level is set to medium
793             } else {
794
7fe908 795                 $app->system->chmod($data['new']['document_root'], 0755);
MC 796                 $app->system->chmod($data['new']['document_root'].'/web', 0755);
146783 797                 //$app->system->chmod($data['new']['document_root'].'/webdav',0755);
7fe908 798                 $app->system->chmod($data['new']['document_root'].'/ssl', 0755);
MC 799                 $app->system->chmod($data['new']['document_root'].'/cgi-bin', 0755);
800
146783 801                 // make temp directory writable for nginx and the website users
5aedfd 802                 $app->system->chmod($data['new']['document_root'].'/tmp', 0770);
7fe908 803
146783 804                 // Set Log directory to 755 to make the logs accessible by the FTP user
MC 805                 if(realpath($data['new']['document_root'].'/'.$log_folder . '/error.log') == '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log') {
7fe908 806                     $app->system->chmod($data['new']['document_root'].'/'.$log_folder, 0755);
146783 807                 }
7fe908 808
MC 809                 $app->system->chown($data['new']['document_root'], 'root');
810                 $app->system->chgrp($data['new']['document_root'], 'root');
811                 $app->system->chown($data['new']['document_root'].'/cgi-bin', $username);
812                 $app->system->chgrp($data['new']['document_root'].'/cgi-bin', $groupname);
146783 813                 if(realpath($data['new']['document_root'].'/'.$log_folder . '/error.log') == '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log') {
7fe908 814                     $app->system->chown($data['new']['document_root'].'/'.$log_folder, 'root', false);
MC 815                     $app->system->chgrp($data['new']['document_root'].'/'.$log_folder, $groupname, false);
146783 816                 }
7fe908 817
MC 818                 $app->system->chown($data['new']['document_root'].'/ssl', 'root');
819                 $app->system->chgrp($data['new']['document_root'].'/ssl', 'root');
820                 $app->system->chown($data['new']['document_root'].'/tmp', $username);
821                 $app->system->chgrp($data['new']['document_root'].'/tmp', $groupname);
822                 $app->system->chown($data['new']['document_root'].'/web', $username);
823                 $app->system->chgrp($data['new']['document_root'].'/web', $groupname);
824                 $app->system->chown($data['new']['document_root'].'/web/error', $username);
825                 $app->system->chgrp($data['new']['document_root'].'/web/error', $groupname);
826                 $app->system->chown($data['new']['document_root'].'/web/stats', $username);
827                 $app->system->chgrp($data['new']['document_root'].'/web/stats', $groupname);
146783 828                 //$app->system->chown($data['new']['document_root'].'/webdav',$username);
MC 829                 //$app->system->chgrp($data['new']['document_root'].'/webdav',$groupname);
830             }
831         } elseif(($this->action == 'insert' && $data['new']['type'] == 'vhostsubdomain') or ($web_config['set_folder_permissions_on_update'] == 'y' && $data['new']['type'] == 'vhostsubdomain')) {
832             if($web_config['security_level'] == 20) {
7fe908 833                 $app->system->chmod($data['new']['document_root'].'/' . $web_folder, 0710);
MC 834                 $app->system->chown($data['new']['document_root'].'/' . $web_folder, $username);
835                 $app->system->chgrp($data['new']['document_root'].'/' . $web_folder, $groupname);
836                 $app->system->chown($data['new']['document_root'].'/' . $web_folder . '/error', $username);
837                 $app->system->chgrp($data['new']['document_root'].'/' . $web_folder . '/error', $groupname);
838                 $app->system->chown($data['new']['document_root'].'/' . $web_folder . '/stats', $username);
839                 $app->system->chgrp($data['new']['document_root'].'/' . $web_folder . '/stats', $groupname);
840             } else {
841                 $app->system->chmod($data['new']['document_root'].'/' . $web_folder, 0755);
842                 $app->system->chown($data['new']['document_root'].'/' . $web_folder, $username);
843                 $app->system->chgrp($data['new']['document_root'].'/' . $web_folder, $groupname);
844                 $app->system->chown($data['new']['document_root'].'/' . $web_folder . '/error', $username);
845                 $app->system->chgrp($data['new']['document_root'].'/' . $web_folder . '/error', $groupname);
846                 $app->system->chown($data['new']['document_root'].'/' . $web_folder . '/stats', $username);
847                 $app->system->chgrp($data['new']['document_root'].'/' . $web_folder . '/stats', $groupname);
848             }
849         }
850
146783 851         //* Protect web folders
7fe908 852         $app->system->web_folder_protection($data['new']['document_root'], true);
MC 853
146783 854         if($data['new']['type'] == 'vhost') {
7fe908 855             // Change the ownership of the error log to the root user
MC 856             if(!@is_file('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log')) exec('touch '.escapeshellcmd('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log'));
857             $app->system->chown('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log', 'root');
858             $app->system->chgrp('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log', 'root');
859         }
146783 860
MC 861         // Change the ownership of the error log to the owner of the website
862         /*
863         if(!@is_file($data['new']['document_root'].'/log/error.log')) exec('touch '.escapeshellcmd($data['new']['document_root']).'/log/error.log');
864         $app->system->chown($data['new']['document_root'].'/log/error.log',$username);
865         $app->system->chgrp($data['new']['document_root'].'/log/error.log',$groupname);
866         */
867
868
869         /*
870         //* Write the custom php.ini file, if custom_php_ini filed is not empty
871         $custom_php_ini_dir = $web_config['website_basedir'].'/conf/'.$data['new']['system_user'];
872         if(!is_dir($web_config['website_basedir'].'/conf')) mkdir($web_config['website_basedir'].'/conf');
873         if(trim($data['new']['custom_php_ini']) != '') {
874             $has_custom_php_ini = true;
875             if(!is_dir($custom_php_ini_dir)) $app->system->mkdirpath($custom_php_ini_dir);
876             $php_ini_content = '';
877             if($data['new']['php'] == 'mod') {
878                 $master_php_ini_path = $web_config['php_ini_path_apache'];
879             } else {
880                 if($data["new"]['php'] == 'fast-cgi' && file_exists($fastcgi_config["fastcgi_phpini_path"])) {
881                     $master_php_ini_path = $fastcgi_config["fastcgi_phpini_path"];
882                 } else {
883                     $master_php_ini_path = $web_config['php_ini_path_cgi'];
884                 }
885             }
886             if($master_php_ini_path != '' && substr($master_php_ini_path,-7) == 'php.ini' && is_file($master_php_ini_path)) {
887                 $php_ini_content .= $app->system->file_get_contents($master_php_ini_path)."\n";
888             }
889             $php_ini_content .= str_replace("\r",'',trim($data['new']['custom_php_ini']));
890             $app->system->file_put_contents($custom_php_ini_dir.'/php.ini',$php_ini_content);
891         } else {
892             $has_custom_php_ini = false;
893             if(is_file($custom_php_ini_dir.'/php.ini')) $app->system->unlink($custom_php_ini_dir.'/php.ini');
894         }
895         */
896
897         //* Create the vhost config file
898         $app->load('tpl');
899
900         $tpl = new tpl();
901         $tpl->newTemplate('nginx_vhost.conf.master');
902
903         $vhost_data = $data['new'];
904         //unset($vhost_data['ip_address']);
905         $vhost_data['web_document_root'] = $data['new']['document_root'].'/' . $web_folder;
906         $vhost_data['web_document_root_www'] = $web_config['website_basedir'].'/'.$data['new']['domain'].'/' . $web_folder;
907         $vhost_data['web_basedir'] = $web_config['website_basedir'];
7fe908 908
146783 909         // IPv6
MC 910         if($data['new']['ipv6_address'] != ''){
911             $tpl->setVar('ipv6_enabled', 1);
912             if ($conf['serverconfig']['web']['vhost_rewrite_v6'] == 'y') {
913                 if (isset($conf['serverconfig']['server']['v6_prefix']) && $conf['serverconfig']['server']['v6_prefix'] <> '') {
7fe908 914                     $explode_v6prefix=explode(':', $conf['serverconfig']['server']['v6_prefix']);
MC 915                     $explode_v6=explode(':', $data['new']['ipv6_address']);
146783 916
MC 917                     for ( $i = 0; $i <= count($explode_v6prefix)-3; $i++ ) {
7fe908 918                         $explode_v6[$i] = $explode_v6prefix[$i];
146783 919                     }
7fe908 920                     $data['new']['ipv6_address'] = implode(':', $explode_v6);
146783 921                     $vhost_data['ipv6_address'] = $data['new']['ipv6_address'];
MC 922                 }
923             }
924         }
7fe908 925
146783 926         // PHP-FPM
MC 927         // Support for multiple PHP versions
928         /*
929         if(trim($data['new']['fastcgi_php_version']) != ''){
930             $default_php_fpm = false;
931             list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($data['new']['fastcgi_php_version']));
932             if(substr($custom_php_fpm_ini_dir,-1) != '/') $custom_php_fpm_ini_dir .= '/';
933         } else {
934             $default_php_fpm = true;
935         }
936         */
937         if($data['new']['php'] != 'no'){
938             if(trim($data['new']['fastcgi_php_version']) != ''){
939                 $default_php_fpm = false;
940                 list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($data['new']['fastcgi_php_version']));
7fe908 941                 if(substr($custom_php_fpm_ini_dir, -1) != '/') $custom_php_fpm_ini_dir .= '/';
146783 942             } else {
MC 943                 $default_php_fpm = true;
944             }
945         } else {
946             if(trim($data['old']['fastcgi_php_version']) != '' && $data['old']['php'] != 'no'){
947                 $default_php_fpm = false;
948                 list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($data['old']['fastcgi_php_version']));
7fe908 949                 if(substr($custom_php_fpm_ini_dir, -1) != '/') $custom_php_fpm_ini_dir .= '/';
146783 950             } else {
MC 951                 $default_php_fpm = true;
952             }
953         }
7fe908 954
146783 955         if($default_php_fpm){
MC 956             $pool_dir = escapeshellcmd($web_config['php_fpm_pool_dir']);
957         } else {
958             $pool_dir = $custom_php_fpm_pool_dir;
959         }
7fe908 960         if(substr($pool_dir, -1) != '/') $pool_dir .= '/';
146783 961         $pool_name = 'web'.$data['new']['domain_id'];
MC 962         $socket_dir = escapeshellcmd($web_config['php_fpm_socket_dir']);
7fe908 963         if(substr($socket_dir, -1) != '/') $socket_dir .= '/';
MC 964
146783 965         if($data['new']['php_fpm_use_socket'] == 'y'){
MC 966             $use_tcp = 0;
967             $use_socket = 1;
968         } else {
969             $use_tcp = 1;
970             $use_socket = 0;
971         }
972         $tpl->setVar('use_tcp', $use_tcp);
973         $tpl->setVar('use_socket', $use_socket);
974         $fpm_socket = $socket_dir.$pool_name.'.sock';
975         $tpl->setVar('fpm_socket', $fpm_socket);
7fe908 976         $tpl->setVar('rnd_php_dummy_file', '/'.md5(uniqid(microtime(), 1)).'.htm');
146783 977         $vhost_data['fpm_port'] = $web_config['php_fpm_start_port'] + $data['new']['domain_id'] - 1;
7fe908 978
146783 979         // backwards compatibility; since ISPConfig 3.0.5, the PHP mode for nginx is called 'php-fpm' instead of 'fast-cgi'. The following line makes sure that old web sites that have 'fast-cgi' in the database still get PHP-FPM support.
MC 980         if($vhost_data['php'] == 'fast-cgi') $vhost_data['php'] = 'php-fpm';
7fe908 981
146783 982         // Custom rewrite rules
MC 983         /*
984         $final_rewrite_rules = array();
985         $custom_rewrite_rules = $data['new']['rewrite_rules'];
986         // Make sure we only have Unix linebreaks
987         $custom_rewrite_rules = str_replace("\r\n", "\n", $custom_rewrite_rules);
988         $custom_rewrite_rules = str_replace("\r", "\n", $custom_rewrite_rules);
989         $custom_rewrite_rule_lines = explode("\n", $custom_rewrite_rules);
990         if(is_array($custom_rewrite_rule_lines) && !empty($custom_rewrite_rule_lines)){
991             foreach($custom_rewrite_rule_lines as $custom_rewrite_rule_line){
992                 $final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
993             }
994         }
995         $tpl->setLoop('rewrite_rules', $final_rewrite_rules);
996         */
7fe908 997
146783 998         // Custom rewrite rules
MC 999         $final_rewrite_rules = array();
7fe908 1000
146783 1001         if(isset($data['new']['rewrite_rules']) && trim($data['new']['rewrite_rules']) != '') {
MC 1002             $custom_rewrite_rules = trim($data['new']['rewrite_rules']);
1003             $custom_rewrites_are_valid = true;
1004             // use this counter to make sure all curly brackets are properly closed
1005             $if_level = 0;
1006             // Make sure we only have Unix linebreaks
1007             $custom_rewrite_rules = str_replace("\r\n", "\n", $custom_rewrite_rules);
1008             $custom_rewrite_rules = str_replace("\r", "\n", $custom_rewrite_rules);
1009             $custom_rewrite_rule_lines = explode("\n", $custom_rewrite_rules);
1010             if(is_array($custom_rewrite_rule_lines) && !empty($custom_rewrite_rule_lines)){
1011                 foreach($custom_rewrite_rule_lines as $custom_rewrite_rule_line){
1012                     // ignore comments
7fe908 1013                     if(substr(ltrim($custom_rewrite_rule_line), 0, 1) == '#'){
146783 1014                         $final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
MC 1015                         continue;
1016                     }
1017                     // empty lines
1018                     if(trim($custom_rewrite_rule_line) == ''){
1019                         $final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
1020                         continue;
1021                     }
1022                     // rewrite
1023                     if(preg_match('@^\s*rewrite\s+(^/)?\S+(\$)?\s+\S+(\s+(last|break|redirect|permanent|))?\s*;\s*$@', $custom_rewrite_rule_line)){
1024                         $final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
1025                         continue;
1026                     }
b5b613 1027                     if(preg_match('@^\s*rewrite\s+(^/)?(\'[^\']+\'|"[^"]+")+(\$)?\s+(\'[^\']+\'|"[^"]+")+(\s+(last|break|redirect|permanent|))?\s*;\s*$@', $custom_rewrite_rule_line)){
FT 1028                         $final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
1029                         continue;
1030                     }
1031                     if(preg_match('@^\s*rewrite\s+(^/)?(\'[^\']+\'|"[^"]+")+(\$)?\s+\S+(\s+(last|break|redirect|permanent|))?\s*;\s*$@', $custom_rewrite_rule_line)){
1032                         $final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
1033                         continue;
1034                     }
1035                     if(preg_match('@^\s*rewrite\s+(^/)?\S+(\$)?\s+(\'[^\']+\'|"[^"]+")+(\s+(last|break|redirect|permanent|))?\s*;\s*$@', $custom_rewrite_rule_line)){
1036                         $final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
1037                         continue;
1038                     }
146783 1039                     // if
MC 1040                     if(preg_match('@^\s*if\s+\(\s*\$\S+(\s+(\!?(=|~|~\*))\s+(\S+|\".+\"))?\s*\)\s*\{\s*$@', $custom_rewrite_rule_line)){
1041                         $final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
1042                         $if_level += 1;
1043                         continue;
1044                     }
1045                     // if - check for files, directories, etc.
1046                     if(preg_match('@^\s*if\s+\(\s*\!?-(f|d|e|x)\s+\S+\s*\)\s*\{\s*$@', $custom_rewrite_rule_line)){
1047                         $final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
1048                         $if_level += 1;
1049                         continue;
1050                     }
1051                     // break
1052                     if(preg_match('@^\s*break\s*;\s*$@', $custom_rewrite_rule_line)){
1053                         $final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
1054                         continue;
1055                     }
1056                     // return code [ text ]
1057                     if(preg_match('@^\s*return\s+\d\d\d.*;\s*$@', $custom_rewrite_rule_line)){
1058                         $final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
1059                         continue;
1060                     }
1061                     // return code URL
1062                     // return URL
1063                     if(preg_match('@^\s*return(\s+\d\d\d)?\s+(http|https|ftp)\://([a-zA-Z0-9\.\-]+(\:[a-zA-Z0-9\.&%\$\-]+)*\@)*((25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[1-9])\.(25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[1-9]|0)\.(25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[1-9]|0)\.(25[0-5]|2[0-4][0-9]|[0-1]{1}[0-9]{2}|[1-9]{1}[0-9]{1}|[0-9])|localhost|([a-zA-Z0-9\-]+\.)*[a-zA-Z0-9\-]+\.(com|edu|gov|int|mil|net|org|biz|arpa|info|name|pro|aero|coop|museum|[a-zA-Z]{2}))(\:[0-9]+)*(/($|[a-zA-Z0-9\.\,\?\'\\\+&%\$#\=~_\-]+))*\s*;\s*$@', $custom_rewrite_rule_line)){
1064                         $final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
1065                         continue;
1066                     }
1067                     // set
1068                     if(preg_match('@^\s*set\s+\$\S+\s+\S+\s*;\s*$@', $custom_rewrite_rule_line)){
1069                         $final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
1070                         continue;
1071                     }
1072                     // closing curly bracket
1073                     if(trim($custom_rewrite_rule_line) == '}'){
1074                         $final_rewrite_rules[] = array('rewrite_rule' => $custom_rewrite_rule_line);
1075                         $if_level -= 1;
1076                         continue;
1077                     }
1078                     $custom_rewrites_are_valid = false;
1079                     break;
1080                 }
1081             }
1082             if(!$custom_rewrites_are_valid || $if_level != 0){
1083                 $final_rewrite_rules = array();
1084             }
1085         }
1086         $tpl->setLoop('rewrite_rules', $final_rewrite_rules);
7fe908 1087
146783 1088         // Custom nginx directives
MC 1089         $final_nginx_directives = array();
1090         $nginx_directives = $data['new']['nginx_directives'];
1091         // Make sure we only have Unix linebreaks
1092         $nginx_directives = str_replace("\r\n", "\n", $nginx_directives);
1093         $nginx_directives = str_replace("\r", "\n", $nginx_directives);
1094         $nginx_directive_lines = explode("\n", $nginx_directives);
1095         if(is_array($nginx_directive_lines) && !empty($nginx_directive_lines)){
c02d3f 1096             $trans = array('{DOCROOT}' => $vhost_data['web_document_root_www'], '{FASTCGIPASS}' => 'fastcgi_pass '.($data['new']['php_fpm_use_socket'] == 'y'? 'unix:'.$fpm_socket : '127.0.0.1:'.$vhost_data['fpm_port']).';');
146783 1097             foreach($nginx_directive_lines as $nginx_directive_line){
c02d3f 1098                 $final_nginx_directives[] = array('nginx_directive' => strtr($nginx_directive_line, $trans));
146783 1099             }
MC 1100         }
1101         $tpl->setLoop('nginx_directives', $final_nginx_directives);
1102
1103         // Check if a SSL cert exists
1104         $ssl_dir = $data['new']['document_root'].'/ssl';
1105         $domain = $data['new']['ssl_domain'];
1106         $key_file = $ssl_dir.'/'.$domain.'.key';
1107         $crt_file = $ssl_dir.'/'.$domain.'.crt';
018c55 1108
146783 1109         if($domain!='' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0)  && (@filesize($key_file)>0)) {
MC 1110             $vhost_data['ssl_enabled'] = 1;
7fe908 1111             $app->log('Enable SSL for: '.$domain, LOGLEVEL_DEBUG);
146783 1112         } else {
MC 1113             $vhost_data['ssl_enabled'] = 0;
7fe908 1114             $app->log('SSL Disabled. '.$domain, LOGLEVEL_DEBUG);
146783 1115         }
MC 1116
1117         // Set SEO Redirect
1118         if($data['new']['seo_redirect'] != ''){
1119             $vhost_data['seo_redirect_enabled'] = 1;
1120             $tmp_seo_redirects = $this->get_seo_redirects($data['new']);
1121             if(is_array($tmp_seo_redirects) && !empty($tmp_seo_redirects)){
1122                 foreach($tmp_seo_redirects as $key => $val){
1123                     $vhost_data[$key] = $val;
1124                 }
1125             } else {
1126                 $vhost_data['seo_redirect_enabled'] = 0;
1127             }
1128         } else {
1129             $vhost_data['seo_redirect_enabled'] = 0;
1130         }
7fe908 1131
MC 1132
146783 1133
MC 1134         // Rewrite rules
1135         $own_rewrite_rules = array();
1136         $rewrite_rules = array();
1137         $local_rewrite_rules = array();
1138         if($data['new']['redirect_type'] != '' && $data['new']['redirect_path'] != '') {
7fe908 1139             if(substr($data['new']['redirect_path'], -1) != '/') $data['new']['redirect_path'] .= '/';
MC 1140             if(substr($data['new']['redirect_path'], 0, 8) == '[scheme]'){
146783 1141                 if($data['new']['redirect_type'] != 'proxy'){
7fe908 1142                     $data['new']['redirect_path'] = '$scheme'.substr($data['new']['redirect_path'], 8);
146783 1143                 } else {
7fe908 1144                     $data['new']['redirect_path'] = 'http'.substr($data['new']['redirect_path'], 8);
146783 1145                 }
MC 1146             }
7fe908 1147
146783 1148             // Custom proxy directives
MC 1149             if($data['new']['redirect_type'] == 'proxy' && trim($data['new']['proxy_directives'] != '')){
1150                 $final_proxy_directives = array();
1151                 $proxy_directives = $data['new']['proxy_directives'];
1152                 // Make sure we only have Unix linebreaks
1153                 $proxy_directives = str_replace("\r\n", "\n", $proxy_directives);
1154                 $proxy_directives = str_replace("\r", "\n", $proxy_directives);
1155                 $proxy_directive_lines = explode("\n", $proxy_directives);
1156                 if(is_array($proxy_directive_lines) && !empty($proxy_directive_lines)){
1157                     foreach($proxy_directive_lines as $proxy_directive_line){
1158                         $final_proxy_directives[] = array('proxy_directive' => $proxy_directive_line);
1159                     }
1160                 }
1161             } else {
1162                 $final_proxy_directives = false;
1163             }
1164
1165             switch($data['new']['subdomain']) {
7fe908 1166             case 'www':
MC 1167                 $exclude_own_hostname = '';
1168                 if(substr($data['new']['redirect_path'], 0, 1) == '/'){ // relative path
1169                     if($data['new']['redirect_type'] == 'proxy'){
1170                         $vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
1171                         $vhost_data['web_document_root_www'] .= substr($data['new']['redirect_path'], 0, -1);
1172                         break;
1173                     }
1174                     $rewrite_exclude = '(?!/\b('.substr($data['new']['redirect_path'], 1, -1).(substr($data['new']['redirect_path'], 1, -1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').')\b)/';
1175                 } else { // URL - check if URL is local
1176                     $tmp_redirect_path = $data['new']['redirect_path'];
1177                     if(substr($tmp_redirect_path, 0, 7) == '$scheme') $tmp_redirect_path = 'http'.substr($tmp_redirect_path, 7);
1178                     $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
1179                     if(($tmp_redirect_path_parts['host'] == $data['new']['domain'] || $tmp_redirect_path_parts['host'] == 'www.'.$data['new']['domain']) && ($tmp_redirect_path_parts['port'] == '80' || $tmp_redirect_path_parts['port'] == '443' || !isset($tmp_redirect_path_parts['port']))){
1180                         // URL is local
1181                         if(substr($tmp_redirect_path_parts['path'], -1) == '/') $tmp_redirect_path_parts['path'] = substr($tmp_redirect_path_parts['path'], 0, -1);
1182                         if(substr($tmp_redirect_path_parts['path'], 0, 1) != '/') $tmp_redirect_path_parts['path'] = '/'.$tmp_redirect_path_parts['path'];
1183                         //$rewrite_exclude = '((?!'.$tmp_redirect_path_parts['path'].'))';
1184                         if($data['new']['redirect_type'] == 'proxy'){
1185                             $vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
1186                             $vhost_data['web_document_root_www'] .= $tmp_redirect_path_parts['path'];
1187                             break;
1188                         } else {
1189                             $rewrite_exclude = '(?!/\b('.substr($tmp_redirect_path_parts['path'], 1).(substr($tmp_redirect_path_parts['path'], 1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').')\b)/';
1190                             $exclude_own_hostname = $tmp_redirect_path_parts['host'];
1191                         }
1192                     } else {
1193                         // external URL
1194                         $rewrite_exclude = '(.?)/';
1195                         if($data['new']['redirect_type'] == 'proxy'){
1196                             $vhost_data['use_proxy'] = 'y';
1197                             $rewrite_subdir = $tmp_redirect_path_parts['path'];
1198                             if(substr($rewrite_subdir, 0, 1) == '/') $rewrite_subdir = substr($rewrite_subdir, 1);
1199                             if(substr($rewrite_subdir, -1) != '/') $rewrite_subdir .= '/';
1200                             if($rewrite_subdir == '/') $rewrite_subdir = '';
1201                         }
1202                     }
1203                     unset($tmp_redirect_path);
1204                     unset($tmp_redirect_path_parts);
1205                 }
1206                 $own_rewrite_rules[] = array( 'rewrite_domain'  => '^'.$this->_rewrite_quote($data['new']['domain']),
1207                     'rewrite_type'   => ($data['new']['redirect_type'] == 'no')?'':$data['new']['redirect_type'],
1208                     'rewrite_target'  => $data['new']['redirect_path'],
1209                     'rewrite_exclude' => $rewrite_exclude,
1210                     'rewrite_subdir' => $rewrite_subdir,
1211                     'exclude_own_hostname' => $exclude_own_hostname,
1212                     'proxy_directives' => $final_proxy_directives,
1213                     'use_rewrite' => ($data['new']['redirect_type'] == 'proxy' ? false:true),
1214                     'use_proxy' => ($data['new']['redirect_type'] == 'proxy' ? true:false));
1215                 break;
1216             case '*':
1217                 $exclude_own_hostname = '';
1218                 if(substr($data['new']['redirect_path'], 0, 1) == '/'){ // relative path
1219                     if($data['new']['redirect_type'] == 'proxy'){
1220                         $vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
1221                         $vhost_data['web_document_root_www'] .= substr($data['new']['redirect_path'], 0, -1);
1222                         break;
1223                     }
1224                     $rewrite_exclude = '(?!/\b('.substr($data['new']['redirect_path'], 1, -1).(substr($data['new']['redirect_path'], 1, -1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').')\b)/';
1225                 } else { // URL - check if URL is local
1226                     $tmp_redirect_path = $data['new']['redirect_path'];
1227                     if(substr($tmp_redirect_path, 0, 7) == '$scheme') $tmp_redirect_path = 'http'.substr($tmp_redirect_path, 7);
1228                     $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
1229
1230                     //if($is_serveralias && ($tmp_redirect_path_parts['port'] == '80' || $tmp_redirect_path_parts['port'] == '443' || !isset($tmp_redirect_path_parts['port']))){
1231                     if($this->url_is_local($tmp_redirect_path_parts['host'], $data['new']['domain_id']) && ($tmp_redirect_path_parts['port'] == '80' || $tmp_redirect_path_parts['port'] == '443' || !isset($tmp_redirect_path_parts['port']))){
1232                         // URL is local
1233                         if(substr($tmp_redirect_path_parts['path'], -1) == '/') $tmp_redirect_path_parts['path'] = substr($tmp_redirect_path_parts['path'], 0, -1);
1234                         if(substr($tmp_redirect_path_parts['path'], 0, 1) != '/') $tmp_redirect_path_parts['path'] = '/'.$tmp_redirect_path_parts['path'];
1235                         //$rewrite_exclude = '((?!'.$tmp_redirect_path_parts['path'].'))';
1236                         if($data['new']['redirect_type'] == 'proxy'){
1237                             $vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
1238                             $vhost_data['web_document_root_www'] .= $tmp_redirect_path_parts['path'];
1239                             break;
1240                         } else {
1241                             $rewrite_exclude = '(?!/\b('.substr($tmp_redirect_path_parts['path'], 1).(substr($tmp_redirect_path_parts['path'], 1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').')\b)/';
1242                             $exclude_own_hostname = $tmp_redirect_path_parts['host'];
1243                         }
1244                     } else {
1245                         // external URL
1246                         $rewrite_exclude = '(.?)/';
1247                         if($data['new']['redirect_type'] == 'proxy'){
1248                             $vhost_data['use_proxy'] = 'y';
1249                             $rewrite_subdir = $tmp_redirect_path_parts['path'];
1250                             if(substr($rewrite_subdir, 0, 1) == '/') $rewrite_subdir = substr($rewrite_subdir, 1);
1251                             if(substr($rewrite_subdir, -1) != '/') $rewrite_subdir .= '/';
1252                             if($rewrite_subdir == '/') $rewrite_subdir = '';
1253                         }
1254                     }
1255                     unset($tmp_redirect_path);
1256                     unset($tmp_redirect_path_parts);
1257                 }
1258                 $own_rewrite_rules[] = array( 'rewrite_domain'  => '(^|\.)'.$this->_rewrite_quote($data['new']['domain']),
1259                     'rewrite_type'   => ($data['new']['redirect_type'] == 'no')?'':$data['new']['redirect_type'],
1260                     'rewrite_target'  => $data['new']['redirect_path'],
1261                     'rewrite_exclude' => $rewrite_exclude,
1262                     'rewrite_subdir' => $rewrite_subdir,
1263                     'exclude_own_hostname' => $exclude_own_hostname,
1264                     'proxy_directives' => $final_proxy_directives,
1265                     'use_rewrite' => ($data['new']['redirect_type'] == 'proxy' ? false:true),
1266                     'use_proxy' => ($data['new']['redirect_type'] == 'proxy' ? true:false));
1267                 break;
1268             default:
1269                 if(substr($data['new']['redirect_path'], 0, 1) == '/'){ // relative path
146783 1270                     $exclude_own_hostname = '';
7fe908 1271                     if($data['new']['redirect_type'] == 'proxy'){
MC 1272                         $vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
1273                         $vhost_data['web_document_root_www'] .= substr($data['new']['redirect_path'], 0, -1);
1274                         break;
1275                     }
1276                     $rewrite_exclude = '(?!/\b('.substr($data['new']['redirect_path'], 1, -1).(substr($data['new']['redirect_path'], 1, -1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').')\b)/';
1277                 } else { // URL - check if URL is local
1278                     $tmp_redirect_path = $data['new']['redirect_path'];
1279                     if(substr($tmp_redirect_path, 0, 7) == '$scheme') $tmp_redirect_path = 'http'.substr($tmp_redirect_path, 7);
1280                     $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
1281                     if($tmp_redirect_path_parts['host'] == $data['new']['domain'] && ($tmp_redirect_path_parts['port'] == '80' || $tmp_redirect_path_parts['port'] == '443' || !isset($tmp_redirect_path_parts['port']))){
1282                         // URL is local
1283                         if(substr($tmp_redirect_path_parts['path'], -1) == '/') $tmp_redirect_path_parts['path'] = substr($tmp_redirect_path_parts['path'], 0, -1);
1284                         if(substr($tmp_redirect_path_parts['path'], 0, 1) != '/') $tmp_redirect_path_parts['path'] = '/'.$tmp_redirect_path_parts['path'];
1285                         //$rewrite_exclude = '((?!'.$tmp_redirect_path_parts['path'].'))';
146783 1286                         if($data['new']['redirect_type'] == 'proxy'){
MC 1287                             $vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
7fe908 1288                             $vhost_data['web_document_root_www'] .= $tmp_redirect_path_parts['path'];
146783 1289                             break;
MC 1290                         } else {
7fe908 1291                             $rewrite_exclude = '(?!/\b('.substr($tmp_redirect_path_parts['path'], 1).(substr($tmp_redirect_path_parts['path'], 1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').')\b)/';
MC 1292                             $exclude_own_hostname = $tmp_redirect_path_parts['host'];
146783 1293                         }
7fe908 1294                     } else {
MC 1295                         // external URL
1296                         $rewrite_exclude = '(.?)/';
146783 1297                         if($data['new']['redirect_type'] == 'proxy'){
7fe908 1298                             $vhost_data['use_proxy'] = 'y';
MC 1299                             $rewrite_subdir = $tmp_redirect_path_parts['path'];
1300                             if(substr($rewrite_subdir, 0, 1) == '/') $rewrite_subdir = substr($rewrite_subdir, 1);
1301                             if(substr($rewrite_subdir, -1) != '/') $rewrite_subdir .= '/';
1302                             if($rewrite_subdir == '/') $rewrite_subdir = '';
146783 1303                         }
MC 1304                     }
7fe908 1305                     unset($tmp_redirect_path);
MC 1306                     unset($tmp_redirect_path_parts);
1307                 }
1308                 $own_rewrite_rules[] = array( 'rewrite_domain'  => '^'.$this->_rewrite_quote($data['new']['domain']),
1309                     'rewrite_type'   => ($data['new']['redirect_type'] == 'no')?'':$data['new']['redirect_type'],
1310                     'rewrite_target'  => $data['new']['redirect_path'],
1311                     'rewrite_exclude' => $rewrite_exclude,
1312                     'rewrite_subdir' => $rewrite_subdir,
1313                     'exclude_own_hostname' => $exclude_own_hostname,
1314                     'proxy_directives' => $final_proxy_directives,
1315                     'use_rewrite' => ($data['new']['redirect_type'] == 'proxy' ? false:true),
1316                     'use_proxy' => ($data['new']['redirect_type'] == 'proxy' ? true:false));
146783 1317             }
MC 1318         }
1319
1320         $tpl->setVar($vhost_data);
7fe908 1321
146783 1322         $server_alias = array();
7fe908 1323
146783 1324         // get autoalias
MC 1325         $auto_alias = $web_config['website_autoalias'];
1326         if($auto_alias != '') {
1327             // get the client username
1328             $client = $app->db->queryOneRecord("SELECT `username` FROM `client` WHERE `client_id` = '" . intval($client_id) . "'");
1329             $aa_search = array('[client_id]', '[website_id]', '[client_username]', '[website_domain]');
1330             $aa_replace = array($client_id, $data['new']['domain_id'], $client['username'], $data['new']['domain']);
1331             $auto_alias = str_replace($aa_search, $aa_replace, $auto_alias);
1332             unset($client);
1333             unset($aa_search);
1334             unset($aa_replace);
1335             $server_alias[] .= $auto_alias.' ';
1336         }
7fe908 1337
146783 1338         switch($data['new']['subdomain']) {
7fe908 1339         case 'www':
MC 1340             $server_alias[] = 'www.'.$data['new']['domain'].' ';
1341             break;
1342         case '*':
1343             $server_alias[] = '*.'.$data['new']['domain'].' ';
1344             break;
146783 1345         }
MC 1346
1347         // get alias domains (co-domains and subdomains)
1348         $aliases = $app->db->queryAllRecords('SELECT * FROM web_domain WHERE parent_domain_id = '.$data['new']['domain_id']." AND active = 'y' AND type != 'vhostsubdomain'");
1349         $alias_seo_redirects = array();
1350         if(is_array($aliases)) {
1351             foreach($aliases as $alias) {
7fe908 1352
146783 1353                 // Custom proxy directives
MC 1354                 if($alias['redirect_type'] == 'proxy' && trim($alias['proxy_directives'] != '')){
1355                     $final_proxy_directives = array();
1356                     $proxy_directives = $alias['proxy_directives'];
1357                     // Make sure we only have Unix linebreaks
1358                     $proxy_directives = str_replace("\r\n", "\n", $proxy_directives);
1359                     $proxy_directives = str_replace("\r", "\n", $proxy_directives);
1360                     $proxy_directive_lines = explode("\n", $proxy_directives);
1361                     if(is_array($proxy_directive_lines) && !empty($proxy_directive_lines)){
1362                         foreach($proxy_directive_lines as $proxy_directive_line){
1363                             $final_proxy_directives[] = array('proxy_directive' => $proxy_directive_line);
1364                         }
1365                     }
1366                 } else {
1367                     $final_proxy_directives = false;
1368                 }
7fe908 1369
MC 1370                 if($alias['redirect_type'] == '' || $alias['redirect_path'] == '' || substr($alias['redirect_path'], 0, 1) == '/') {
146783 1371                     switch($alias['subdomain']) {
7fe908 1372                     case 'www':
MC 1373                         $server_alias[] = 'www.'.$alias['domain'].' '.$alias['domain'].' ';
1374                         break;
1375                     case '*':
1376                         $server_alias[] = '*.'.$alias['domain'].' '.$alias['domain'].' ';
1377                         break;
1378                     default:
1379                         $server_alias[] = $alias['domain'].' ';
1380                         break;
146783 1381                     }
7fe908 1382                     $app->log('Add server alias: '.$alias['domain'], LOGLEVEL_DEBUG);
MC 1383
146783 1384                     // Add SEO redirects for alias domains
MC 1385                     if($alias['seo_redirect'] != '' && $data['new']['seo_redirect'] != '*_to_www_domain_tld' && $data['new']['seo_redirect'] != '*_to_domain_tld' && ($alias['type'] == 'alias' || ($alias['type'] == 'subdomain' && $data['new']['seo_redirect'] != '*_domain_tld_to_www_domain_tld' && $data['new']['seo_redirect'] != '*_domain_tld_to_domain_tld'))){
1386                         $tmp_seo_redirects = $this->get_seo_redirects($alias, 'alias_');
1387                         if(is_array($tmp_seo_redirects) && !empty($tmp_seo_redirects)){
1388                             $alias_seo_redirects[] = $tmp_seo_redirects;
1389                         }
1390                     }
1391                 }
1392
7fe908 1393                 // Local Rewriting (inside vhost server {} container)
MC 1394                 if($alias['redirect_type'] != '' && substr($alias['redirect_path'], 0, 1) == '/' && $alias['redirect_type'] != 'proxy') {  // proxy makes no sense with local path
1395                     if(substr($alias['redirect_path'], -1) != '/') $alias['redirect_path'] .= '/';
1396                     $rewrite_exclude = '(?!/\b('.substr($alias['redirect_path'], 1, -1).(substr($alias['redirect_path'], 1, -1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').')\b)/';
1397                     switch($alias['subdomain']) {
1398                     case 'www':
1399                         // example.com
1400                         $local_rewrite_rules[] = array( 'local_redirect_origin_domain'  => $alias['domain'],
1401                             'local_redirect_operator' => '=',
1402                             'local_redirect_exclude' => $rewrite_exclude,
1403                             'local_redirect_target' => $alias['redirect_path'],
1404                             'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
1405
1406                         // www.example.com
1407                         $local_rewrite_rules[] = array( 'local_redirect_origin_domain'  => 'www.'.$alias['domain'],
1408                             'local_redirect_operator' => '=',
1409                             'local_redirect_exclude' => $rewrite_exclude,
1410                             'local_redirect_target' => $alias['redirect_path'],
1411                             'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
1412                         break;
1413                     case '*':
1414                         $local_rewrite_rules[] = array( 'local_redirect_origin_domain'  => '^('.str_replace('.', '\.', $alias['domain']).'|.+\.'.str_replace('.', '\.', $alias['domain']).')$',
1415                             'local_redirect_operator' => '~*',
1416                             'local_redirect_exclude' => $rewrite_exclude,
1417                             'local_redirect_target' => $alias['redirect_path'],
1418                             'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
1419                         break;
1420                     default:
1421                         $local_rewrite_rules[] = array( 'local_redirect_origin_domain'  => $alias['domain'],
1422                             'local_redirect_operator' => '=',
1423                             'local_redirect_exclude' => $rewrite_exclude,
1424                             'local_redirect_target' => $alias['redirect_path'],
1425                             'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
146783 1426                     }
MC 1427                 }
7fe908 1428
146783 1429                 // External Rewriting (extra server {} containers)
7fe908 1430                 if($alias['redirect_type'] != '' && $alias['redirect_path'] != '' && substr($alias['redirect_path'], 0, 1) != '/') {
MC 1431                     if(substr($alias['redirect_path'], -1) != '/') $alias['redirect_path'] .= '/';
1432                     if(substr($alias['redirect_path'], 0, 8) == '[scheme]'){
146783 1433                         if($alias['redirect_type'] != 'proxy'){
7fe908 1434                             $alias['redirect_path'] = '$scheme'.substr($alias['redirect_path'], 8);
146783 1435                         } else {
7fe908 1436                             $alias['redirect_path'] = 'http'.substr($alias['redirect_path'], 8);
146783 1437                         }
MC 1438                     }
1439
7fe908 1440                     switch($alias['subdomain']) {
MC 1441                     case 'www':
1442                         if($alias['redirect_type'] == 'proxy'){
1443                             $tmp_redirect_path = $alias['redirect_path'];
1444                             $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
1445                             $rewrite_subdir = $tmp_redirect_path_parts['path'];
1446                             if(substr($rewrite_subdir, 0, 1) == '/') $rewrite_subdir = substr($rewrite_subdir, 1);
1447                             if(substr($rewrite_subdir, -1) != '/') $rewrite_subdir .= '/';
1448                             if($rewrite_subdir == '/') $rewrite_subdir = '';
1449                         }
1450
1451                         if($alias['redirect_type'] != 'proxy'){
1452                             if(substr($alias['redirect_path'], -1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'], 0, -1);
1453                         }
1454                         // Add SEO redirects for alias domains
1455                         $alias_seo_redirects2 = array();
1456                         if($alias['seo_redirect'] != ''){
1457                             $tmp_seo_redirects = $this->get_seo_redirects($alias, 'alias_', 'none');
1458                             if(is_array($tmp_seo_redirects) && !empty($tmp_seo_redirects)){
1459                                 $alias_seo_redirects2[] = $tmp_seo_redirects;
146783 1460                             }
7fe908 1461                         }
MC 1462                         $rewrite_rules[] = array( 'rewrite_domain'  => $alias['domain'],
1463                             'rewrite_type'   => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type'],
1464                             'rewrite_target'  => $alias['redirect_path'],
1465                             'rewrite_subdir' => $rewrite_subdir,
1466                             'proxy_directives' => $final_proxy_directives,
1467                             'use_rewrite' => ($alias['redirect_type'] == 'proxy' ? false:true),
1468                             'use_proxy' => ($alias['redirect_type'] == 'proxy' ? true:false),
1469                             'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));
1470
1471                         // Add SEO redirects for alias domains
1472                         $alias_seo_redirects2 = array();
1473                         if($alias['seo_redirect'] != ''){
1474                             $tmp_seo_redirects = $this->get_seo_redirects($alias, 'alias_', 'www');
1475                             if(is_array($tmp_seo_redirects) && !empty($tmp_seo_redirects)){
1476                                 $alias_seo_redirects2[] = $tmp_seo_redirects;
146783 1477                             }
7fe908 1478                         }
MC 1479                         $rewrite_rules[] = array( 'rewrite_domain'  => 'www.'.$alias['domain'],
1480                             'rewrite_type'   => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type'],
1481                             'rewrite_target'  => $alias['redirect_path'],
1482                             'rewrite_subdir' => $rewrite_subdir,
1483                             'proxy_directives' => $final_proxy_directives,
1484                             'use_rewrite' => ($alias['redirect_type'] == 'proxy' ? false:true),
1485                             'use_proxy' => ($alias['redirect_type'] == 'proxy' ? true:false),
1486                             'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));
1487                         break;
1488                     case '*':
1489                         if($alias['redirect_type'] == 'proxy'){
1490                             $tmp_redirect_path = $alias['redirect_path'];
1491                             $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
1492                             $rewrite_subdir = $tmp_redirect_path_parts['path'];
1493                             if(substr($rewrite_subdir, 0, 1) == '/') $rewrite_subdir = substr($rewrite_subdir, 1);
1494                             if(substr($rewrite_subdir, -1) != '/') $rewrite_subdir .= '/';
1495                             if($rewrite_subdir == '/') $rewrite_subdir = '';
1496                         }
1497
1498                         if($alias['redirect_type'] != 'proxy'){
1499                             if(substr($alias['redirect_path'], -1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'], 0, -1);
1500                         }
1501                         // Add SEO redirects for alias domains
1502                         $alias_seo_redirects2 = array();
1503                         if($alias['seo_redirect'] != ''){
1504                             $tmp_seo_redirects = $this->get_seo_redirects($alias, 'alias_');
1505                             if(is_array($tmp_seo_redirects) && !empty($tmp_seo_redirects)){
1506                                 $alias_seo_redirects2[] = $tmp_seo_redirects;
146783 1507                             }
7fe908 1508                         }
MC 1509                         $rewrite_rules[] = array( 'rewrite_domain'  => $alias['domain'].' *.'.$alias['domain'],
1510                             'rewrite_type'   => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type'],
1511                             'rewrite_target'  => $alias['redirect_path'],
1512                             'rewrite_subdir' => $rewrite_subdir,
1513                             'proxy_directives' => $final_proxy_directives,
1514                             'use_rewrite' => ($alias['redirect_type'] == 'proxy' ? false:true),
1515                             'use_proxy' => ($alias['redirect_type'] == 'proxy' ? true:false),
1516                             'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));
1517                         break;
1518                     default:
1519                         if($alias['redirect_type'] == 'proxy'){
1520                             $tmp_redirect_path = $alias['redirect_path'];
1521                             $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
1522                             $rewrite_subdir = $tmp_redirect_path_parts['path'];
1523                             if(substr($rewrite_subdir, 0, 1) == '/') $rewrite_subdir = substr($rewrite_subdir, 1);
1524                             if(substr($rewrite_subdir, -1) != '/') $rewrite_subdir .= '/';
1525                             if($rewrite_subdir == '/') $rewrite_subdir = '';
1526                         }
1527
1528                         if($alias['redirect_type'] != 'proxy'){
1529                             if(substr($alias['redirect_path'], -1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'], 0, -1);
1530                         }
1531                         if(substr($alias['domain'], 0, 2) === '*.') $domain_rule = '*.'.substr($alias['domain'], 2);
1532                         else $domain_rule = $alias['domain'];
1533                         // Add SEO redirects for alias domains
1534                         $alias_seo_redirects2 = array();
1535                         if($alias['seo_redirect'] != ''){
1536                             if(substr($alias['domain'], 0, 2) === '*.'){
146783 1537                                 $tmp_seo_redirects = $this->get_seo_redirects($alias, 'alias_');
7fe908 1538                             } else {
MC 1539                                 $tmp_seo_redirects = $this->get_seo_redirects($alias, 'alias_', 'none');
146783 1540                             }
7fe908 1541                             if(is_array($tmp_seo_redirects) && !empty($tmp_seo_redirects)){
MC 1542                                 $alias_seo_redirects2[] = $tmp_seo_redirects;
146783 1543                             }
7fe908 1544                         }
MC 1545                         $rewrite_rules[] = array( 'rewrite_domain'  => $domain_rule,
1546                             'rewrite_type'   => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type'],
1547                             'rewrite_target'  => $alias['redirect_path'],
1548                             'rewrite_subdir' => $rewrite_subdir,
1549                             'proxy_directives' => $final_proxy_directives,
1550                             'use_rewrite' => ($alias['redirect_type'] == 'proxy' ? false:true),
1551                             'use_proxy' => ($alias['redirect_type'] == 'proxy' ? true:false),
1552                             'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));
146783 1553                     }
MC 1554                 }
1555             }
1556         }
1557
1558         //* If we have some alias records
1559         if(count($server_alias) > 0) {
1560             $server_alias_str = '';
1561             $n = 0;
1562
1563             foreach($server_alias as $tmp_alias) {
1564                 $server_alias_str .= $tmp_alias;
1565             }
1566             unset($tmp_alias);
1567
7fe908 1568             $tpl->setVar('alias', trim($server_alias_str));
146783 1569         } else {
7fe908 1570             $tpl->setVar('alias', '');
146783 1571         }
MC 1572
1573         if(count($rewrite_rules) > 0) {
7fe908 1574             $tpl->setLoop('redirects', $rewrite_rules);
146783 1575         }
MC 1576         if(count($own_rewrite_rules) > 0) {
7fe908 1577             $tpl->setLoop('own_redirects', $own_rewrite_rules);
146783 1578         }
MC 1579         if(count($local_rewrite_rules) > 0) {
7fe908 1580             $tpl->setLoop('local_redirects', $local_rewrite_rules);
146783 1581         }
MC 1582         if(count($alias_seo_redirects) > 0) {
7fe908 1583             $tpl->setLoop('alias_seo_redirects', $alias_seo_redirects);
146783 1584         }
7fe908 1585
146783 1586         //* Create basic http auth for website statistics
MC 1587         $tpl->setVar('stats_auth_passwd_file', $data['new']['document_root']."/web/stats/.htpasswd_stats");
7fe908 1588
146783 1589         // Create basic http auth for other directories
MC 1590         $basic_auth_locations = $this->_create_web_folder_auth_configuration($data['new']);
1591         if(is_array($basic_auth_locations) && !empty($basic_auth_locations)) $tpl->setLoop('basic_auth_locations', $basic_auth_locations);
1592
1593         $vhost_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost');
1594         //* Make a backup copy of vhost file
7fe908 1595         if(file_exists($vhost_file)) copy($vhost_file, $vhost_file.'~');
MC 1596
146783 1597         //* Write vhost file
7fe908 1598         $app->system->file_put_contents($vhost_file, $this->nginx_merge_locations($tpl->grab()));
MC 1599         $app->log('Writing the vhost file: '.$vhost_file, LOGLEVEL_DEBUG);
146783 1600         unset($tpl);
MC 1601
1602         //* Set the symlink to enable the vhost
1603         //* First we check if there is a old type of symlink and remove it
1604         $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost');
1605         if(is_link($vhost_symlink)) unlink($vhost_symlink);
7fe908 1606
146783 1607         //* Remove old or changed symlinks
MC 1608         if($data['new']['subdomain'] != $data['old']['subdomain'] or $data['new']['active'] == 'n') {
1609             $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost');
1610             if(is_link($vhost_symlink)) {
1611                 $app->system->unlink($vhost_symlink);
7fe908 1612                 $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
146783 1613             }
MC 1614             $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost');
1615             if(is_link($vhost_symlink)) {
1616                 $app->system->unlink($vhost_symlink);
7fe908 1617                 $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
146783 1618             }
MC 1619         }
7fe908 1620
146783 1621         //* New symlink
MC 1622         if($data['new']['subdomain'] == '*') {
1623             $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost');
1624         } else {
1625             $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost');
1626         }
1627         if($data['new']['active'] == 'y' && !is_link($vhost_symlink)) {
7fe908 1628             symlink($vhost_file, $vhost_symlink);
MC 1629             $app->log('Creating symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
146783 1630         }
MC 1631
1632         // remove old symlink and vhost file, if domain name of the site has changed
1633         if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
1634             $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost');
1635             if(is_link($vhost_symlink)) {
1636                 $app->system->unlink($vhost_symlink);
7fe908 1637                 $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
146783 1638             }
MC 1639             $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost');
1640             if(is_link($vhost_symlink)) {
1641                 $app->system->unlink($vhost_symlink);
7fe908 1642                 $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
146783 1643             }
MC 1644             $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost');
1645             if(is_link($vhost_symlink)) {
1646                 $app->system->unlink($vhost_symlink);
7fe908 1647                 $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
146783 1648             }
MC 1649             $vhost_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost');
1650             $app->system->unlink($vhost_file);
7fe908 1651             $app->log('Removing file: '.$vhost_file, LOGLEVEL_DEBUG);
146783 1652         }
7fe908 1653
146783 1654         // create password file for stats directory
MC 1655         if(!is_file($data['new']['document_root'].'/web/stats/.htpasswd_stats') || $data['new']['stats_password'] != $data['old']['stats_password']) {
1656             if(trim($data['new']['stats_password']) != '') {
1657                 $htp_file = 'admin:'.trim($data['new']['stats_password']);
7fe908 1658                 $app->system->file_put_contents($data['new']['document_root'].'/web/stats/.htpasswd_stats', $htp_file);
MC 1659                 $app->system->chmod($data['new']['document_root'].'/web/stats/.htpasswd_stats', 0755);
146783 1660                 unset($htp_file);
MC 1661             }
1662         }
7fe908 1663
146783 1664         //* Create awstats configuration
MC 1665         if($data['new']['stats_type'] == 'awstats' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain')) {
7fe908 1666             $this->awstats_update($data, $web_config);
146783 1667         }
7fe908 1668
MC 1669         $this->php_fpm_pool_update($data, $web_config, $pool_dir, $pool_name, $socket_dir);
1670
146783 1671         if($web_config['check_apache_config'] == 'y') {
MC 1672             //* Test if nginx starts with the new configuration file
7fe908 1673             $nginx_online_status_before_restart = $this->_checkTcp('localhost', 80);
MC 1674             $app->log('nginx status is: '.($nginx_online_status_before_restart === true? 'running' : 'down'), LOGLEVEL_DEBUG);
146783 1675
7fe908 1676             $retval = $app->services->restartService('httpd', 'restart'); // $retval['retval'] is 0 on success and > 0 on failure
MC 1677             $app->log('nginx restart return value is: '.$retval['retval'], LOGLEVEL_DEBUG);
1678
146783 1679             // wait a few seconds, before we test the apache status again
MC 1680             sleep(2);
7fe908 1681
146783 1682             //* Check if nginx restarted successfully if it was online before
7fe908 1683             $nginx_online_status_after_restart = $this->_checkTcp('localhost', 80);
MC 1684             $app->log('nginx online status after restart is: '.($nginx_online_status_after_restart === true? 'running' : 'down'), LOGLEVEL_DEBUG);
1685             if($nginx_online_status_before_restart && !$nginx_online_status_after_restart || $retval['retval'] > 0) {
1686                 $app->log('nginx did not restart after the configuration change for website '.$data['new']['domain'].'. Reverting the configuration. Saved non-working config as '.$vhost_file.'.err', LOGLEVEL_WARN);
146783 1687                 if(is_array($retval['output']) && !empty($retval['output'])){
7fe908 1688                     $app->log('Reason for nginx restart failure: '.implode("\n", $retval['output']), LOGLEVEL_WARN);
146783 1689                     $app->dbmaster->datalogError(implode("\n", $retval['output']));
MC 1690                 } else {
1691                     // if no output is given, check again
1692                     exec('nginx -t 2>&1', $tmp_output, $tmp_retval);
1693                     if($tmp_retval > 0 && is_array($tmp_output) && !empty($tmp_output)){
7fe908 1694                         $app->log('Reason for nginx restart failure: '.implode("\n", $tmp_output), LOGLEVEL_WARN);
146783 1695                         $app->dbmaster->datalogError(implode("\n", $tmp_output));
MC 1696                     }
1697                     unset($tmp_output, $tmp_retval);
1698                 }
7fe908 1699                 $app->system->copy($vhost_file, $vhost_file.'.err');
MC 1700
146783 1701                 if(is_file($vhost_file.'~')) {
MC 1702                     //* Copy back the last backup file
7fe908 1703                     $app->system->copy($vhost_file.'~', $vhost_file);
146783 1704                 } else {
MC 1705                     //* There is no backup file, so we create a empty vhost file with a warning message inside
7fe908 1706                     $app->system->file_put_contents($vhost_file, "# nginx did not start after modifying this vhost file.\n# Please check file $vhost_file.err for syntax errors.");
146783 1707                 }
7fe908 1708
146783 1709                 if($this->ssl_certificate_changed === true) {
MC 1710
1711                     $ssl_dir = $data['new']['document_root'].'/ssl';
1712                     $domain = $data['new']['ssl_domain'];
1713                     $key_file = $ssl_dir.'/'.$domain.'.key.org';
1714                     $key_file2 = $ssl_dir.'/'.$domain.'.key';
1715                     $csr_file = $ssl_dir.'/'.$domain.'.csr';
1716                     $crt_file = $ssl_dir.'/'.$domain.'.crt';
1717                     //$bundle_file = $ssl_dir.'/'.$domain.'.bundle';
7fe908 1718
146783 1719                     //* Backup the files that might have caused the error
MC 1720                     if(is_file($key_file)){
7fe908 1721                         $app->system->copy($key_file, $key_file.'.err');
MC 1722                         $app->system->chmod($key_file.'.err', 0400);
146783 1723                     }
MC 1724                     if(is_file($key_file2)){
7fe908 1725                         $app->system->copy($key_file2, $key_file2.'.err');
MC 1726                         $app->system->chmod($key_file2.'.err', 0400);
146783 1727                     }
7fe908 1728                     if(is_file($csr_file)) $app->system->copy($csr_file, $csr_file.'.err');
MC 1729                     if(is_file($crt_file)) $app->system->copy($crt_file, $crt_file.'.err');
146783 1730                     //if(is_file($bundle_file)) $app->system->copy($bundle_file,$bundle_file.'.err');
7fe908 1731
146783 1732                     //* Restore the ~ backup files
7fe908 1733                     if(is_file($key_file.'~')) $app->system->copy($key_file.'~', $key_file);
MC 1734                     if(is_file($key_file2.'~')) $app->system->copy($key_file2.'~', $key_file2);
1735                     if(is_file($crt_file.'~')) $app->system->copy($crt_file.'~', $crt_file);
1736                     if(is_file($csr_file.'~')) $app->system->copy($csr_file.'~', $csr_file);
146783 1737                     //if(is_file($bundle_file.'~')) $app->system->copy($bundle_file.'~',$bundle_file);
7fe908 1738
MC 1739                     $app->log('nginx did not restart after the configuration change for website '.$data['new']['domain'].' Reverting the SSL configuration. Saved non-working SSL files with .err extension.', LOGLEVEL_WARN);
146783 1740                 }
7fe908 1741
MC 1742                 $app->services->restartService('httpd', 'restart');
146783 1743             }
MC 1744         } else {
1745             //* We do not check the nginx config after changes (is faster)
7fe908 1746             $app->services->restartServiceDelayed('httpd', 'reload');
146783 1747         }
7fe908 1748
MC 1749         //* The vhost is written and apache has been restarted, so we
146783 1750         // can reset the ssl changed var to false and cleanup some files
MC 1751         $this->ssl_certificate_changed = false;
7fe908 1752
146783 1753         $ssl_dir = $data['new']['document_root'].'/ssl';
MC 1754         $domain = $data['new']['ssl_domain'];
1755         $key_file = $ssl_dir.'/'.$domain.'.key.org';
1756         $key_file2 = $ssl_dir.'/'.$domain.'.key';
1757         $csr_file = $ssl_dir.'/'.$domain.'.csr';
1758         $crt_file = $ssl_dir.'/'.$domain.'.crt';
1759         //$bundle_file = $ssl_dir.'/'.$domain.'.bundle';
7fe908 1760
146783 1761         if(@is_file($key_file.'~')) $app->system->unlink($key_file.'~');
MC 1762         if(@is_file($key2_file.'~')) $app->system->unlink($key2_file.'~');
1763         if(@is_file($crt_file.'~')) $app->system->unlink($crt_file.'~');
1764         if(@is_file($csr_file.'~')) $app->system->unlink($csr_file.'~');
1765         //if(@is_file($bundle_file.'~')) $app->system->unlink($bundle_file.'~');
7fe908 1766
146783 1767         // Remove the backup copy of the config file.
MC 1768         if(@is_file($vhost_file.'~')) $app->system->unlink($vhost_file.'~');
1769
1770         //* Unset action to clean it for next processed vhost.
1771         $this->action = '';
1772
1773     }
1774
7fe908 1775     function delete($event_name, $data) {
146783 1776         global $app, $conf;
MC 1777
1778         // load the server configuration options
1779         $app->uses('getconf');
1780         $app->uses('system');
1781         $web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
7fe908 1782
MC 1783         if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain') $app->system->web_folder_protection($data['old']['document_root'], false);
146783 1784
MC 1785         //* Check if this is a chrooted setup
1786         if($web_config['website_basedir'] != '' && @is_file($web_config['website_basedir'].'/etc/passwd')) {
1787             $nginx_chrooted = true;
1788         } else {
1789             $nginx_chrooted = false;
1790         }
7fe908 1791
146783 1792         //* Remove the mounts
MC 1793         $log_folder = 'log';
7fe908 1794         $web_folder = '';
MC 1795         if($data['old']['type'] == 'vhostsubdomain') {
1796             $tmp = $app->db->queryOneRecord('SELECT `domain`,`document_root` FROM web_domain WHERE domain_id = '.intval($data['old']['parent_domain_id']));
146783 1797             if($tmp['domain'] != ''){
MC 1798                 $subdomain_host = preg_replace('/^(.*)\.' . preg_quote($tmp['domain'], '/') . '$/', '$1', $data['old']['domain']);
1799             } else {
1800                 // get log folder from /etc/fstab
1801                 /*
1802                 $bind_mounts = $app->system->file_get_contents('/etc/fstab');
1803                 $bind_mount_lines = explode("\n", $bind_mounts);
1804                 if(is_array($bind_mount_lines) && !empty($bind_mount_lines)){
1805                     foreach($bind_mount_lines as $bind_mount_line){
1806                         $bind_mount_line = preg_replace('/\s+/', ' ', $bind_mount_line);
1807                         $bind_mount_parts = explode(' ', $bind_mount_line);
1808                         if(is_array($bind_mount_parts) && !empty($bind_mount_parts)){
1809                             if($bind_mount_parts[0] == '/var/log/ispconfig/httpd/'.$data['old']['domain'] && $bind_mount_parts[2] == 'none' && strpos($bind_mount_parts[3], 'bind') !== false){
1810                                 $subdomain_host = str_replace($data['old']['document_root'].'/log/', '', $bind_mount_parts[1]);
1811                             }
1812                         }
1813                     }
1814                 }
1815                 */
1816                 // we are deleting the parent domain, so we can delete everything in the log directory
1817                 $subdomain_hosts = array();
7fe908 1818                 $files = array_diff(scandir($data['old']['document_root'].'/'.$log_folder), array('.', '..'));
146783 1819                 if(is_array($files) && !empty($files)){
MC 1820                     foreach($files as $file){
1821                         if(is_dir($data['old']['document_root'].'/'.$log_folder.'/'.$file)){
1822                             $subdomain_hosts[] = $file;
1823                         }
1824                     }
1825                 }
1826             }
1827             if(is_array($subdomain_hosts) && !empty($subdomain_hosts)){
1828                 $log_folders = array();
1829                 foreach($subdomain_hosts as $subdomain_host){
1830                     $log_folders[] = $log_folder.'/'.$subdomain_host;
1831                 }
1832             } else {
1833                 if($subdomain_host == '') $subdomain_host = 'web'.$data['old']['domain_id'];
1834                 $log_folder .= '/' . $subdomain_host;
1835             }
1836             $web_folder = $data['old']['web_folder'];
7fe908 1837             unset($tmp);
146783 1838             unset($subdomain_hosts);
MC 1839         }
7fe908 1840
146783 1841         if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain'){
MC 1842             if(is_array($log_folders) && !empty($log_folders)){
1843                 foreach($log_folders as $log_folder){
1844                     //if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
1845                     exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');
1846                 }
1847             } else {
1848                 //if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
1849                 exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');
1850             }
1851         }
7fe908 1852
146783 1853         //* remove mountpoint from fstab
MC 1854         if(is_array($log_folders) && !empty($log_folders)){
1855             foreach($log_folders as $log_folder){
1856                 $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.'    none    bind';
7fe908 1857                 $app->system->removeLine('/etc/fstab', $fstab_line);
146783 1858             }
MC 1859         } else {
1860             $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.'    none    bind';
7fe908 1861             $app->system->removeLine('/etc/fstab', $fstab_line);
146783 1862         }
MC 1863         unset($log_folders);
1864
1865         if($data['old']['type'] != 'vhost' && $data['old']['type'] != 'vhostsubdomain' && $data['old']['parent_domain_id'] > 0) {
1866             //* This is a alias domain or subdomain, so we have to update the website instead
1867             $parent_domain_id = intval($data['old']['parent_domain_id']);
1868             $tmp = $app->db->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = '.$parent_domain_id." AND active = 'y'");
1869             $data['new'] = $tmp;
1870             $data['old'] = $tmp;
1871             $this->action = 'update';
1872             // just run the update function
7fe908 1873             $this->update($event_name, $data);
146783 1874
MC 1875         } else {
1876             //* This is a website
7fe908 1877             // Deleting the vhost file, symlink and the data directory
146783 1878             $vhost_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost');
7fe908 1879
146783 1880             $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost');
MC 1881             if(is_link($vhost_symlink)){
1882                 $app->system->unlink($vhost_symlink);
7fe908 1883                 $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
146783 1884             }
MC 1885             $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost');
1886             if(is_link($vhost_symlink)){
1887                 $app->system->unlink($vhost_symlink);
7fe908 1888                 $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
146783 1889             }
MC 1890             $vhost_symlink = escapeshellcmd($web_config['nginx_vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost');
1891             if(is_link($vhost_symlink)){
1892                 $app->system->unlink($vhost_symlink);
7fe908 1893                 $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
146783 1894             }
7fe908 1895
146783 1896             $app->system->unlink($vhost_file);
7fe908 1897             $app->log('Removing vhost file: '.$vhost_file, LOGLEVEL_DEBUG);
146783 1898
7fe908 1899             if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain') {
MC 1900                 $docroot = escapeshellcmd($data['old']['document_root']);
1901                 if($docroot != '' && !stristr($docroot, '..')) {
1902                     if($data['old']['type'] == 'vhost') {
1903                         // this is a vhost - we delete everything in here.
1904                         exec('rm -rf '.$docroot);
1905                     } elseif(!stristr($data['old']['web_folder'], '..')) {
1906                         // this is a vhost subdomain
1907                         // IMPORTANT: do some folder checks before we delete this!
1908                         $do_delete = true;
1909                         $delete_folder = preg_replace('/[\/]{2,}/', '/', $web_folder); // replace / occuring multiple times
1910                         if(substr($delete_folder, 0, 1) === '/') $delete_folder = substr($delete_folder, 1);
1911                         if(substr($delete_folder, -1) === '/') $delete_folder = substr($delete_folder, 0, -1);
146783 1912
7fe908 1913                         $path_elements = explode('/', $delete_folder);
146783 1914
7fe908 1915                         if($path_elements[0] == 'web' || $path_elements[0] === '') {
MC 1916                             // paths beginning with /web should NEVER EVER be deleted, empty paths should NEVER occur - but for safety reasons we check it here!
1917                             // we use strict check as otherwise directories named '0' may not be deleted
1918                             $do_delete = false;
1919                         } else {
1920                             // read all vhost subdomains with same parent domain
1921                             $used_paths = array();
1922                             $tmp = $app->db->queryAllRecords("SELECT `web_folder` FROM web_domain WHERE type = 'vhostsubdomain' AND parent_domain_id = ".intval($data['old']['parent_domain_id'])." AND domain_id != ".intval($data['old']['domain_id']));
1923                             foreach($tmp as $tmprec) {
1924                                 // we normalize the folder entries because we need to compare them
1925                                 $tmp_folder = preg_replace('/[\/]{2,}/', '/', $tmprec['web_folder']); // replace / occuring multiple times
1926                                 if(substr($tmp_folder, 0, 1) === '/') $tmp_folder = substr($tmp_folder, 1);
1927                                 if(substr($tmp_folder, -1) === '/') $tmp_folder = substr($tmp_folder, 0, -1);
146783 1928
7fe908 1929                                 // add this path and it's parent paths to used_paths array
MC 1930                                 while(strpos($tmp_folder, '/') !== false) {
1931                                     if(in_array($tmp_folder, $used_paths) == false) $used_paths[] = $tmp_folder;
1932                                     $tmp_folder = substr($tmp_folder, 0, strrpos($tmp_folder, '/'));
1933                                 }
1934                                 if(in_array($tmp_folder, $used_paths) == false) $used_paths[] = $tmp_folder;
1935                             }
1936                             unset($tmp);
146783 1937
7fe908 1938                             // loop and check if the path is still used and stop at first used one
MC 1939                             // set do_delete to false so nothing gets deleted if the web_folder itself is still used
1940                             $do_delete = false;
1941                             while(count($path_elements) > 0) {
1942                                 $tmp_folder = implode('/', $path_elements);
1943                                 if(in_array($tmp_folder, $used_paths) == true) break;
1944
1945                                 // this path is not used - set it as path to delete, strip the last element from the array and set do_delete to true
1946                                 $delete_folder = $tmp_folder;
1947                                 $do_delete = true;
1948                                 array_pop($path_elements);
1949                             }
1950                             unset($tmp_folder);
1951                             unset($used_paths);
1952                         }
1953
1954                         if($do_delete === true && $delete_folder !== '') exec('rm -rf '.$docroot.'/'.$delete_folder);
1955
1956                         unset($delete_folder);
1957                         unset($path_elements);
1958                     }
1959                 }
1960
1961                 //remove the php fastgi starter script if available
1962                 if ($data['old']['php'] == 'fast-cgi') {
1963                     $this->php_fpm_pool_delete($data, $web_config);
1964                     $fastcgi_starter_path = str_replace('[system_user]', $data['old']['system_user'], $web_config['fastcgi_starter_path']);
1965                     if($data['old']['type'] == 'vhost') {
1966                         if (is_dir($fastcgi_starter_path)) {
1967                             exec('rm -rf '.$fastcgi_starter_path);
1968                         }
1969                     } else {
1970                         $fcgi_starter_script = $fastcgi_starter_path.$web_config['fastcgi_starter_script'].'_web'.$data['old']['domain_id'];
1971                         if (file_exists($fcgi_starter_script)) {
1972                             exec('rm -f '.$fcgi_starter_script);
1973                         }
1974                     }
1975                 }
1976
1977                 // remove PHP-FPM pool
1978                 if ($data['old']['php'] == 'php-fpm') {
1979                     $this->php_fpm_pool_delete($data, $web_config);
1980                 }
1981
1982                 //remove the php cgi starter script if available
1983                 if ($data['old']['php'] == 'cgi') {
1984                     // TODO: fetch the date from the server-settings
1985                     $web_config['cgi_starter_path'] = $web_config['website_basedir'].'/php-cgi-scripts/[system_user]/';
1986
1987                     $cgi_starter_path = str_replace('[system_user]', $data['old']['system_user'], $web_config['cgi_starter_path']);
1988                     if($data['old']['type'] == 'vhost') {
1989                         if (is_dir($cgi_starter_path)) {
1990                             exec('rm -rf '.$cgi_starter_path);
1991                         }
1992                     } else {
1993                         $cgi_starter_script = $cgi_starter_path.'php-cgi-starter_web'.$data['old']['domain_id'];
1994                         if (file_exists($cgi_starter_script)) {
1995                             exec('rm -f '.$cgi_starter_script);
1996                         }
1997                     }
1998                 }
1999
2000                 $app->log('Removing website: '.$docroot, LOGLEVEL_DEBUG);
2001
2002                 // Delete the symlinks for the sites
2003                 $client = $app->db->queryOneRecord('SELECT client_id FROM sys_group WHERE sys_group.groupid = '.intval($data['old']['sys_groupid']));
2004                 $client_id = intval($client['client_id']);
2005                 unset($client);
2006                 $tmp_symlinks_array = explode(':', $web_config['website_symlinks']);
2007                 if(is_array($tmp_symlinks_array)) {
2008                     foreach($tmp_symlinks_array as $tmp_symlink) {
2009                         $tmp_symlink = str_replace('[client_id]', $client_id, $tmp_symlink);
2010                         $tmp_symlink = str_replace('[website_domain]', $data['old']['domain'], $tmp_symlink);
2011                         // Remove trailing slash
2012                         if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1);
2013                         // create the symlinks, if not exist
2014                         if(is_link($tmp_symlink)) {
2015                             $app->system->unlink($tmp_symlink);
2016                             $app->log('Removing symlink: '.$tmp_symlink, LOGLEVEL_DEBUG);
2017                         }
2018                     }
2019                 }
2020                 // end removing symlinks
2021             } else {
2022                 // vhost subdomain
146783 2023             }
7fe908 2024
MC 2025             // Delete the log file directory
2026             $vhost_logfile_dir = escapeshellcmd('/var/log/ispconfig/httpd/'.$data['old']['domain']);
2027             if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir, '..')) exec('rm -rf '.$vhost_logfile_dir);
2028             $app->log('Removing website logfile directory: '.$vhost_logfile_dir, LOGLEVEL_DEBUG);
2029
2030             if($data['old']['type'] == 'vhost') {
2031                 //delete the web user
2032                 $command = 'killall -u '.escapeshellcmd($data['old']['system_user']).' ; userdel';
2033                 $command .= ' '.escapeshellcmd($data['old']['system_user']);
2034                 exec($command);
2035                 if($nginx_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);
2036
2037             }
2038
2039             //* Remove the awstats configuration file
2040             if($data['old']['stats_type'] == 'awstats') {
2041                 $this->awstats_delete($data, $web_config);
2042             }
2043
2044             $app->services->restartServiceDelayed('httpd', 'reload');
146783 2045
MC 2046         }
7fe908 2047
MC 2048
2049         if($data['old']['type'] != 'vhost') $app->system->web_folder_protection($data['old']['document_root'], true);
146783 2050     }
MC 2051
2052     //* This function is called when a IP on the server is inserted, updated or deleted
7fe908 2053     function server_ip($event_name, $data) {
146783 2054         return;
MC 2055     }
7fe908 2056
146783 2057     //* Create or update the .htaccess folder protection
7fe908 2058     function web_folder_user($event_name, $data) {
146783 2059         global $app, $conf;
MC 2060
2061         $app->uses('system');
7fe908 2062
146783 2063         if($event_name == 'web_folder_user_delete') {
MC 2064             $folder_id = $data['old']['web_folder_id'];
2065         } else {
2066             $folder_id = $data['new']['web_folder_id'];
2067         }
7fe908 2068
146783 2069         $folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE web_folder_id = ".intval($folder_id));
MC 2070         $website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($folder['parent_domain_id']));
7fe908 2071
146783 2072         if(!is_array($folder) or !is_array($website)) {
7fe908 2073             $app->log('Not able to retrieve folder or website record.', LOGLEVEL_DEBUG);
146783 2074             return false;
MC 2075         }
7fe908 2076
MC 2077         $web_folder = 'web';
2078         if($website['type'] == 'vhostsubdomain') $web_folder = $website['web_folder'];
2079
146783 2080         //* Get the folder path.
7fe908 2081         if(substr($folder['path'], 0, 1) == '/') $folder['path'] = substr($folder['path'], 1);
MC 2082         if(substr($folder['path'], -1) == '/') $folder['path'] = substr($folder['path'], 0, -1);
146783 2083         $folder_path = escapeshellcmd($website['document_root'].'/' . $web_folder . '/'.$folder['path']);
7fe908 2084         if(substr($folder_path, -1) != '/') $folder_path .= '/';
MC 2085
146783 2086         //* Check if the resulting path is inside the docroot
7fe908 2087         if(stristr($folder_path, '..') || stristr($folder_path, './') || stristr($folder_path, '\\')) {
MC 2088             $app->log('Folder path "'.$folder_path.'" contains .. or ./.', LOGLEVEL_DEBUG);
146783 2089             return false;
MC 2090         }
7fe908 2091
146783 2092         //* Create the folder path, if it does not exist
MC 2093         if(!is_dir($folder_path)) {
2094             $app->system->mkdirpath($folder_path);
7fe908 2095             $app->system->chown($folder_path, $website['system_user']);
MC 2096             $app->system->chgrp($folder_path, $website['system_group']);
146783 2097         }
7fe908 2098
146783 2099         //* Create empty .htpasswd file, if it does not exist
MC 2100         if(!is_file($folder_path.'.htpasswd')) {
2101             touch($folder_path.'.htpasswd');
7fe908 2102             $app->system->chmod($folder_path.'.htpasswd', 0755);
MC 2103             $app->system->chown($folder_path.'.htpasswd', $website['system_user']);
2104             $app->system->chgrp($folder_path.'.htpasswd', $website['system_group']);
2105             $app->log('Created file '.$folder_path.'.htpasswd', LOGLEVEL_DEBUG);
146783 2106         }
7fe908 2107
146783 2108         /*
MC 2109         $auth_users = $app->db->queryAllRecords("SELECT * FROM web_folder_user WHERE active = 'y' AND web_folder_id = ".intval($folder_id));
2110         $htpasswd_content = '';
2111         if(is_array($auth_users) && !empty($auth_users)){
2112             foreach($auth_users as $auth_user){
2113                 $htpasswd_content .= $auth_user['username'].':'.$auth_user['password']."\n";
2114             }
2115         }
2116         $htpasswd_content = trim($htpasswd_content);
2117         @file_put_contents($folder_path.'.htpasswd', $htpasswd_content);
2118         $app->log('Changed .htpasswd file: '.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
2119         */
7fe908 2120
146783 2121         if(($data['new']['username'] != $data['old']['username'] || $data['new']['active'] == 'n') && $data['old']['username'] != '') {
7fe908 2122             $app->system->removeLine($folder_path.'.htpasswd', $data['old']['username'].':');
MC 2123             $app->log('Removed user: '.$data['old']['username'], LOGLEVEL_DEBUG);
146783 2124         }
7fe908 2125
146783 2126         //* Add or remove the user from .htpasswd file
MC 2127         if($event_name == 'web_folder_user_delete') {
7fe908 2128             $app->system->removeLine($folder_path.'.htpasswd', $data['old']['username'].':');
MC 2129             $app->log('Removed user: '.$data['old']['username'], LOGLEVEL_DEBUG);
146783 2130         } else {
MC 2131             if($data['new']['active'] == 'y') {
7fe908 2132                 $app->system->replaceLine($folder_path.'.htpasswd', $data['new']['username'].':', $data['new']['username'].':'.$data['new']['password'], 0, 1);
MC 2133                 $app->log('Added or updated user: '.$data['new']['username'], LOGLEVEL_DEBUG);
146783 2134             }
MC 2135         }
7fe908 2136
146783 2137         // write basic auth configuration to vhost file because nginx does not support .htaccess
MC 2138         $webdata['new'] = $webdata['old'] = $website;
2139         $this->update('web_domain_update', $webdata);
2140     }
7fe908 2141
146783 2142     //* Remove .htpasswd file, when folder protection is removed
7fe908 2143     function web_folder_delete($event_name, $data) {
146783 2144         global $app, $conf;
7fe908 2145
146783 2146         $folder_id = $data['old']['web_folder_id'];
7fe908 2147
146783 2148         $folder = $data['old'];
MC 2149         $website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($folder['parent_domain_id']));
7fe908 2150
146783 2151         if(!is_array($folder) or !is_array($website)) {
7fe908 2152             $app->log('Not able to retrieve folder or website record.', LOGLEVEL_DEBUG);
146783 2153             return false;
MC 2154         }
7fe908 2155
MC 2156         $web_folder = 'web';
2157         if($website['type'] == 'vhostsubdomain') $web_folder = $website['web_folder'];
2158
146783 2159         //* Get the folder path.
7fe908 2160         if(substr($folder['path'], 0, 1) == '/') $folder['path'] = substr($folder['path'], 1);
MC 2161         if(substr($folder['path'], -1) == '/') $folder['path'] = substr($folder['path'], 0, -1);
146783 2162         $folder_path = realpath($website['document_root'].'/' . $web_folder . '/'.$folder['path']);
7fe908 2163         if(substr($folder_path, -1) != '/') $folder_path .= '/';
MC 2164
146783 2165         //* Check if the resulting path is inside the docroot
7fe908 2166         if(substr($folder_path, 0, strlen($website['document_root'])) != $website['document_root']) {
MC 2167             $app->log('Folder path is outside of docroot.', LOGLEVEL_DEBUG);
146783 2168             return false;
MC 2169         }
7fe908 2170
146783 2171         //* Remove .htpasswd file
MC 2172         if(is_file($folder_path.'.htpasswd')) {
2173             $app->system->unlink($folder_path.'.htpasswd');
7fe908 2174             $app->log('Removed file '.$folder_path.'.htpasswd', LOGLEVEL_DEBUG);
146783 2175         }
7fe908 2176
146783 2177         // write basic auth configuration to vhost file because nginx does not support .htaccess
MC 2178         $webdata['new'] = $webdata['old'] = $website;
2179         $this->update('web_domain_update', $webdata);
2180     }
7fe908 2181
146783 2182     //* Update folder protection, when path has been changed
7fe908 2183     function web_folder_update($event_name, $data) {
146783 2184         global $app, $conf;
7fe908 2185
146783 2186         $website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($data['new']['parent_domain_id']));
7fe908 2187
146783 2188         if(!is_array($website)) {
7fe908 2189             $app->log('Not able to retrieve folder or website record.', LOGLEVEL_DEBUG);
146783 2190             return false;
MC 2191         }
7fe908 2192
MC 2193         $web_folder = 'web';
2194         if($website['type'] == 'vhostsubdomain') $web_folder = $website['web_folder'];
2195
146783 2196         //* Get the folder path.
7fe908 2197         if(substr($data['old']['path'], 0, 1) == '/') $data['old']['path'] = substr($data['old']['path'], 1);
MC 2198         if(substr($data['old']['path'], -1) == '/') $data['old']['path'] = substr($data['old']['path'], 0, -1);
146783 2199         $old_folder_path = realpath($website['document_root'].'/' . $web_folder . '/'.$data['old']['path']);
7fe908 2200         if(substr($old_folder_path, -1) != '/') $old_folder_path .= '/';
MC 2201
2202         if(substr($data['new']['path'], 0, 1) == '/') $data['new']['path'] = substr($data['new']['path'], 1);
2203         if(substr($data['new']['path'], -1) == '/') $data['new']['path'] = substr($data['new']['path'], 0, -1);
146783 2204         $new_folder_path = escapeshellcmd($website['document_root'].'/' . $web_folder . '/'.$data['new']['path']);
7fe908 2205         if(substr($new_folder_path, -1) != '/') $new_folder_path .= '/';
MC 2206
146783 2207         //* Check if the resulting path is inside the docroot
7fe908 2208         if(stristr($new_folder_path, '..') || stristr($new_folder_path, './') || stristr($new_folder_path, '\\')) {
MC 2209             $app->log('Folder path "'.$new_folder_path.'" contains .. or ./.', LOGLEVEL_DEBUG);
146783 2210             return false;
MC 2211         }
7fe908 2212         if(stristr($old_folder_path, '..') || stristr($old_folder_path, './') || stristr($old_folder_path, '\\')) {
MC 2213             $app->log('Folder path "'.$old_folder_path.'" contains .. or ./.', LOGLEVEL_DEBUG);
146783 2214             return false;
MC 2215         }
7fe908 2216
146783 2217         //* Check if the resulting path is inside the docroot
7fe908 2218         if(substr($old_folder_path, 0, strlen($website['document_root'])) != $website['document_root']) {
MC 2219             $app->log('Old folder path '.$old_folder_path.' is outside of docroot.', LOGLEVEL_DEBUG);
146783 2220             return false;
MC 2221         }
7fe908 2222         if(substr($new_folder_path, 0, strlen($website['document_root'])) != $website['document_root']) {
MC 2223             $app->log('New folder path '.$new_folder_path.' is outside of docroot.', LOGLEVEL_DEBUG);
146783 2224             return false;
MC 2225         }
7fe908 2226
146783 2227         //* Create the folder path, if it does not exist
MC 2228         if(!is_dir($new_folder_path)) $app->system->mkdirpath($new_folder_path);
7fe908 2229
146783 2230         if($data['old']['path'] != $data['new']['path']) {
MC 2231
7fe908 2232
146783 2233             //* move .htpasswd file
MC 2234             if(is_file($old_folder_path.'.htpasswd')) {
7fe908 2235                 $app->system->rename($old_folder_path.'.htpasswd', $new_folder_path.'.htpasswd');
MC 2236                 $app->log('Moved file '.$old_folder_path.'.htpasswd to '.$new_folder_path.'.htpasswd', LOGLEVEL_DEBUG);
146783 2237             }
7fe908 2238
146783 2239         }
MC 2240
2241         // write basic auth configuration to vhost file because nginx does not support .htaccess
2242         $webdata['new'] = $webdata['old'] = $website;
2243         $this->update('web_domain_update', $webdata);
2244     }
7fe908 2245
146783 2246     function _create_web_folder_auth_configuration($website){
MC 2247         global $app, $conf;
2248         //* Create the domain.auth file which is included in the vhost configuration file
2249         $app->uses('getconf');
2250         $web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
2251         $basic_auth_file = escapeshellcmd($web_config['nginx_vhost_conf_dir'].'/'.$website['domain'].'.auth');
2252         //$app->load('tpl');
2253         //$tpl = new tpl();
2254         //$tpl->newTemplate('nginx_http_authentication.auth.master');
2255         $website_auth_locations = $app->db->queryAllRecords("SELECT * FROM web_folder WHERE active = 'y' AND parent_domain_id = ".intval($website['domain_id']));
2256         $basic_auth_locations = array();
2257         if(is_array($website_auth_locations) && !empty($website_auth_locations)){
2258             foreach($website_auth_locations as $website_auth_location){
7fe908 2259                 if(substr($website_auth_location['path'], 0, 1) == '/') $website_auth_location['path'] = substr($website_auth_location['path'], 1);
MC 2260                 if(substr($website_auth_location['path'], -1) == '/') $website_auth_location['path'] = substr($website_auth_location['path'], 0, -1);
146783 2261                 if($website_auth_location['path'] != ''){
MC 2262                     $website_auth_location['path'] .= '/';
2263                 }
2264                 $basic_auth_locations[] = array('htpasswd_location' => '/'.$website_auth_location['path'],
7fe908 2265                     'htpasswd_path' => $website['document_root'].'/' . ($website['type'] == 'vhostsubdomain' ? $website['web_folder'] : 'web') . '/'.$website_auth_location['path']);
146783 2266             }
MC 2267         }
2268         return $basic_auth_locations;
2269         //$tpl->setLoop('basic_auth_locations', $basic_auth_locations);
2270         //file_put_contents($basic_auth_file,$tpl->grab());
2271         //$app->log('Writing the http basic authentication file: '.$basic_auth_file,LOGLEVEL_DEBUG);
2272         //unset($tpl);
2273         //$app->services->restartServiceDelayed('httpd','reload');
2274     }
7fe908 2275
146783 2276     //* Update the awstats configuration file
7fe908 2277     private function awstats_update ($data, $web_config) {
146783 2278         global $app;
7fe908 2279
MC 2280         $web_folder = $data['new']['web_folder'];
2281         if($data['new']['type'] == 'vhost') $web_folder = 'web';
146783 2282         $awstats_conf_dir = $web_config['awstats_conf_dir'];
7fe908 2283
146783 2284         if(!is_dir($data['new']['document_root']."/" . $web_folder . "/stats/")) mkdir($data['new']['document_root']."/" . $web_folder . "/stats");
MC 2285         if(!@is_file($awstats_conf_dir.'/awstats.'.$data['new']['domain'].'.conf') || ($data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain'])) {
2286             if ( @is_file($awstats_conf_dir.'/awstats.'.$data['old']['domain'].'.conf') ) {
2287                 $app->system->unlink($awstats_conf_dir.'/awstats.'.$data['old']['domain'].'.conf');
2288             }
7fe908 2289
146783 2290             $content = '';
MC 2291             $content .= "Include \"".$awstats_conf_dir."/awstats.conf\"\n";
2292             $content .= "LogFile=\"/var/log/ispconfig/httpd/".$data['new']['domain']."/access.log\"\n";
2293             $content .= "SiteDomain=\"".$data['new']['domain']."\"\n";
2294             $content .= "HostAliases=\"www.".$data['new']['domain']."  localhost 127.0.0.1\"\n";
7fe908 2295
MC 2296             $app->system->file_put_contents($awstats_conf_dir.'/awstats.'.$data['new']['domain'].'.conf', $content);
2297             $app->log('Created AWStats config file: '.$awstats_conf_dir.'/awstats.'.$data['new']['domain'].'.conf', LOGLEVEL_DEBUG);
146783 2298         }
7fe908 2299
146783 2300         if(is_file($data['new']['document_root']."/" . $web_folder . "/stats/index.html")) $app->system->unlink($data['new']['document_root']."/" . $web_folder . "/stats/index.html");
MC 2301         if(file_exists("/usr/local/ispconfig/server/conf-custom/awstats_index.php.master")) {
7fe908 2302             $app->system->copy("/usr/local/ispconfig/server/conf-custom/awstats_index.php.master", $data['new']['document_root']."/" . $web_folder . "/stats/index.php");
146783 2303         } else {
7fe908 2304             $app->system->copy("/usr/local/ispconfig/server/conf/awstats_index.php.master", $data['new']['document_root']."/" . $web_folder . "/stats/index.php");
146783 2305         }
MC 2306     }
7fe908 2307
146783 2308     //* Delete the awstats configuration file
7fe908 2309     private function awstats_delete ($data, $web_config) {
146783 2310         global $app;
7fe908 2311
146783 2312         $awstats_conf_dir = $web_config['awstats_conf_dir'];
7fe908 2313
146783 2314         if ( @is_file($awstats_conf_dir.'/awstats.'.$data['old']['domain'].'.conf') ) {
MC 2315             $app->system->unlink($awstats_conf_dir.'/awstats.'.$data['old']['domain'].'.conf');
7fe908 2316             $app->log('Removed AWStats config file: '.$awstats_conf_dir.'/awstats.'.$data['old']['domain'].'.conf', LOGLEVEL_DEBUG);
146783 2317         }
MC 2318     }
7fe908 2319
146783 2320     //* Update the PHP-FPM pool configuration file
7fe908 2321     private function php_fpm_pool_update ($data, $web_config, $pool_dir, $pool_name, $socket_dir) {
146783 2322         global $app, $conf;
MC 2323         /*
2324         if(trim($data['new']['fastcgi_php_version']) != ''){
2325             $default_php_fpm = false;
2326             list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($data['new']['fastcgi_php_version']));
2327             if(substr($custom_php_fpm_ini_dir,-1) != '/') $custom_php_fpm_ini_dir .= '/';
2328         } else {
2329             $default_php_fpm = true;
2330         }
2331         */
2332         if($data['new']['php'] != 'no'){
2333             if(trim($data['new']['fastcgi_php_version']) != ''){
2334                 $default_php_fpm = false;
2335                 list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($data['new']['fastcgi_php_version']));
7fe908 2336                 if(substr($custom_php_fpm_ini_dir, -1) != '/') $custom_php_fpm_ini_dir .= '/';
146783 2337             } else {
MC 2338                 $default_php_fpm = true;
2339             }
2340         } else {
2341             if(trim($data['old']['fastcgi_php_version']) != '' && $data['old']['php'] != 'no'){
2342                 $default_php_fpm = false;
2343                 list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($data['old']['fastcgi_php_version']));
7fe908 2344                 if(substr($custom_php_fpm_ini_dir, -1) != '/') $custom_php_fpm_ini_dir .= '/';
146783 2345             } else {
MC 2346                 $default_php_fpm = true;
2347             }
2348         }
7fe908 2349
146783 2350         $app->uses("getconf");
MC 2351         $web_config = $app->getconf->get_server_config($conf["server_id"], 'web');
7fe908 2352
146783 2353         if($data['new']['php'] == 'no'){
MC 2354             if(@is_file($pool_dir.$pool_name.'.conf')){
2355                 $app->system->unlink($pool_dir.$pool_name.'.conf');
2356                 //$reload = true;
2357             }
2358             if($data['old']['php'] != 'no'){
2359                 if(!$default_php_fpm){
7fe908 2360                     $app->services->restartService('php-fpm', 'reload:'.$custom_php_fpm_init_script);
146783 2361                 } else {
7fe908 2362                     $app->services->restartService('php-fpm', 'reload:'.$conf['init_scripts'].'/'.$web_config['php_fpm_init_script']);
146783 2363                 }
MC 2364             }
2365             return;
2366         }
7fe908 2367
146783 2368         $app->load('tpl');
MC 2369         $tpl = new tpl();
2370         $tpl->newTemplate('php_fpm_pool.conf.master');
2371
2372         if($data['new']['php_fpm_use_socket'] == 'y'){
2373             $use_tcp = 0;
2374             $use_socket = 1;
2375             if(!is_dir($socket_dir)) $app->system->mkdirpath($socket_dir);
2376         } else {
2377             $use_tcp = 1;
2378             $use_socket = 0;
2379         }
2380         $tpl->setVar('use_tcp', $use_tcp);
2381         $tpl->setVar('use_socket', $use_socket);
7fe908 2382
146783 2383         $fpm_socket = $socket_dir.$pool_name.'.sock';
MC 2384         $tpl->setVar('fpm_socket', $fpm_socket);
1890ca 2385         $tpl->setVar('fpm_listen_mode', '0660');
7fe908 2386
146783 2387         $tpl->setVar('fpm_pool', $pool_name);
MC 2388         $tpl->setVar('fpm_port', $web_config['php_fpm_start_port'] + $data['new']['domain_id'] - 1);
2389         $tpl->setVar('fpm_user', $data['new']['system_user']);
2390         $tpl->setVar('fpm_group', $data['new']['system_group']);
2391         $tpl->setVar('pm', $data['new']['pm']);
2392         $tpl->setVar('pm_max_children', $data['new']['pm_max_children']);
2393         $tpl->setVar('pm_start_servers', $data['new']['pm_start_servers']);
2394         $tpl->setVar('pm_min_spare_servers', $data['new']['pm_min_spare_servers']);
2395         $tpl->setVar('pm_max_spare_servers', $data['new']['pm_max_spare_servers']);
2396         $tpl->setVar('pm_process_idle_timeout', $data['new']['pm_process_idle_timeout']);
2397         $tpl->setVar('pm_max_requests', $data['new']['pm_max_requests']);
2398         $tpl->setVar('document_root', $data['new']['document_root']);
7fe908 2399         $tpl->setVar('security_level', $web_config['security_level']);
f63910 2400         $tpl->setVar('domain', $data['new']['domain']);
146783 2401         $php_open_basedir = ($data['new']['php_open_basedir'] == '')?escapeshellcmd($data['new']['document_root']):escapeshellcmd($data['new']['php_open_basedir']);
MC 2402         $tpl->setVar('php_open_basedir', $php_open_basedir);
2403         if($php_open_basedir != ''){
2404             $tpl->setVar('enable_php_open_basedir', '');
2405         } else {
2406             $tpl->setVar('enable_php_open_basedir', ';');
2407         }
7fe908 2408
146783 2409         // Custom php.ini settings
MC 2410         $final_php_ini_settings = array();
2411         $custom_php_ini_settings = trim($data['new']['custom_php_ini']);
2412         if($custom_php_ini_settings != ''){
2413             // Make sure we only have Unix linebreaks
2414             $custom_php_ini_settings = str_replace("\r\n", "\n", $custom_php_ini_settings);
2415             $custom_php_ini_settings = str_replace("\r", "\n", $custom_php_ini_settings);
2416             $ini_settings = explode("\n", $custom_php_ini_settings);
2417             if(is_array($ini_settings) && !empty($ini_settings)){
2418                 foreach($ini_settings as $ini_setting){
2419                     $ini_setting = trim($ini_setting);
7fe908 2420                     if(substr($ini_setting, 0, 1) == ';') continue;
MC 2421                     if(substr($ini_setting, 0, 1) == '#') continue;
2422                     if(substr($ini_setting, 0, 2) == '//') continue;
03cc01 2423                     list($key, $value) = explode('=', $ini_setting, 2);
1d6097 2424                     $value = trim($value);
FT 2425                     if($value != ''){
146783 2426                         $key = trim($key);
MC 2427                         switch (strtolower($value)) {
7fe908 2428                         case '0':
MC 2429                             // PHP-FPM might complain about invalid boolean value if you use 0
2430                             $value = 'off';
2431                         case '1':
2432                         case 'on':
2433                         case 'off':
2434                         case 'true':
2435                         case 'false':
2436                         case 'yes':
2437                         case 'no':
2438                             $final_php_ini_settings[] = array('ini_setting' => 'php_admin_flag['.$key.'] = '.$value);
2439                             break;
2440                         default:
2441                             $final_php_ini_settings[] = array('ini_setting' => 'php_admin_value['.$key.'] = '.$value);
146783 2442                         }
MC 2443                     }
2444                 }
2445             }
2446         }
7fe908 2447
146783 2448         $tpl->setLoop('custom_php_ini_settings', $final_php_ini_settings);
7fe908 2449
MC 2450         $app->system->file_put_contents($pool_dir.$pool_name.'.conf', $tpl->grab());
2451         $app->log('Writing the PHP-FPM config file: '.$pool_dir.$pool_name.'.conf', LOGLEVEL_DEBUG);
146783 2452         unset($tpl);
7fe908 2453
146783 2454         // delete pool in all other PHP versions
MC 2455         $default_pool_dir = escapeshellcmd($web_config['php_fpm_pool_dir']);
7fe908 2456         if(substr($default_pool_dir, -1) != '/') $default_pool_dir .= '/';
146783 2457         if($default_pool_dir != $pool_dir){
MC 2458             if ( @is_file($default_pool_dir.$pool_name.'.conf') ) {
7fe908 2459                 $app->system->unlink($default_pool_dir.$pool_name.'.conf');
MC 2460                 $app->log('Removed PHP-FPM config file: '.$default_pool_dir.$pool_name.'.conf', LOGLEVEL_DEBUG);
2461                 $app->services->restartService('php-fpm', 'reload:'.$conf['init_scripts'].'/'.$web_config['php_fpm_init_script']);
146783 2462             }
MC 2463         }
2464         $php_versions = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fpm_init_script != '' AND php_fpm_ini_dir != '' AND php_fpm_pool_dir != '' AND server_id = ".$conf["server_id"]);
2465         if(is_array($php_versions) && !empty($php_versions)){
2466             foreach($php_versions as $php_version){
7fe908 2467                 if(substr($php_version['php_fpm_pool_dir'], -1) != '/') $php_version['php_fpm_pool_dir'] .= '/';
146783 2468                 if($php_version['php_fpm_pool_dir'] != $pool_dir){
MC 2469                     if ( @is_file($php_version['php_fpm_pool_dir'].$pool_name.'.conf') ) {
2470                         $app->system->unlink($php_version['php_fpm_pool_dir'].$pool_name.'.conf');
7fe908 2471                         $app->log('Removed PHP-FPM config file: '.$php_version['php_fpm_pool_dir'].$pool_name.'.conf', LOGLEVEL_DEBUG);
MC 2472                         $app->services->restartService('php-fpm', 'reload:'.$php_version['php_fpm_init_script']);
146783 2473                     }
MC 2474                 }
2475             }
2476         }
2477         // Reload current PHP-FPM after all others
2478         sleep(1);
2479         if(!$default_php_fpm){
7fe908 2480             $app->services->restartService('php-fpm', 'reload:'.$custom_php_fpm_init_script);
146783 2481         } else {
7fe908 2482             $app->services->restartService('php-fpm', 'reload:'.$conf['init_scripts'].'/'.$web_config['php_fpm_init_script']);
146783 2483         }
MC 2484     }
7fe908 2485
146783 2486     //* Delete the PHP-FPM pool configuration file
7fe908 2487     private function php_fpm_pool_delete ($data, $web_config) {
146783 2488         global $app, $conf;
7fe908 2489
146783 2490         if(trim($data['old']['fastcgi_php_version']) != '' && $data['old']['php'] != 'no'){
MC 2491             $default_php_fpm = false;
2492             list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($data['old']['fastcgi_php_version']));
7fe908 2493             if(substr($custom_php_fpm_ini_dir, -1) != '/') $custom_php_fpm_ini_dir .= '/';
146783 2494         } else {
MC 2495             $default_php_fpm = true;
2496         }
7fe908 2497
146783 2498         if($default_php_fpm){
MC 2499             $pool_dir = escapeshellcmd($web_config['php_fpm_pool_dir']);
2500         } else {
2501             $pool_dir = $custom_php_fpm_pool_dir;
2502         }
7fe908 2503
MC 2504         if(substr($pool_dir, -1) != '/') $pool_dir .= '/';
146783 2505         $pool_name = 'web'.$data['old']['domain_id'];
7fe908 2506
146783 2507         if ( @is_file($pool_dir.$pool_name.'.conf') ) {
MC 2508             $app->system->unlink($pool_dir.$pool_name.'.conf');
7fe908 2509             $app->log('Removed PHP-FPM config file: '.$pool_dir.$pool_name.'.conf', LOGLEVEL_DEBUG);
146783 2510         }
7fe908 2511
146783 2512         // delete pool in all other PHP versions
MC 2513         $default_pool_dir = escapeshellcmd($web_config['php_fpm_pool_dir']);
7fe908 2514         if(substr($default_pool_dir, -1) != '/') $default_pool_dir .= '/';
146783 2515         if($default_pool_dir != $pool_dir){
MC 2516             if ( @is_file($default_pool_dir.$pool_name.'.conf') ) {
7fe908 2517                 $app->system->unlink($default_pool_dir.$pool_name.'.conf');
MC 2518                 $app->log('Removed PHP-FPM config file: '.$default_pool_dir.$pool_name.'.conf', LOGLEVEL_DEBUG);
2519                 $app->services->restartService('php-fpm', 'reload:'.$conf['init_scripts'].'/'.$web_config['php_fpm_init_script']);
146783 2520             }
7fe908 2521         }
146783 2522         $php_versions = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fpm_init_script != '' AND php_fpm_ini_dir != '' AND php_fpm_pool_dir != '' AND server_id = ".$data['old']['server_id']);
MC 2523         if(is_array($php_versions) && !empty($php_versions)){
2524             foreach($php_versions as $php_version){
7fe908 2525                 if(substr($php_version['php_fpm_pool_dir'], -1) != '/') $php_version['php_fpm_pool_dir'] .= '/';
146783 2526                 if($php_version['php_fpm_pool_dir'] != $pool_dir){
MC 2527                     if ( @is_file($php_version['php_fpm_pool_dir'].$pool_name.'.conf') ) {
2528                         $app->system->unlink($php_version['php_fpm_pool_dir'].$pool_name.'.conf');
7fe908 2529                         $app->log('Removed PHP-FPM config file: '.$php_version['php_fpm_pool_dir'].$pool_name.'.conf', LOGLEVEL_DEBUG);
MC 2530                         $app->services->restartService('php-fpm', 'reload:'.$php_version['php_fpm_init_script']);
146783 2531                     }
MC 2532                 }
2533             }
2534         }
7fe908 2535
146783 2536         // Reload current PHP-FPM after all others
MC 2537         sleep(1);
2538         if(!$default_php_fpm){
7fe908 2539             $app->services->restartService('php-fpm', 'reload:'.$custom_php_fpm_init_script);
146783 2540         } else {
7fe908 2541             $app->services->restartService('php-fpm', 'reload:'.$conf['init_scripts'].'/'.$web_config['php_fpm_init_script']);
146783 2542         }
MC 2543     }
7fe908 2544
146783 2545     private function nginx_replace($matches){
MC 2546         $location = 'location'.($matches[1] != '' ? ' '.$matches[1] : '').' '.$matches[2].' '.$matches[3];
2547         if($matches[4] == '##merge##' || $matches[7] == '##merge##') $location .= ' ##merge##';
2548         if($matches[4] == '##delete##' || $matches[7] == '##delete##') $location .= ' ##delete##';
2549         $location .= "\n";
2550         $location .= $matches[5]."\n";
2551         $location .= $matches[6];
2552         return $location;
2553     }
7fe908 2554
146783 2555     private function nginx_merge_locations($vhost_conf){
MC 2556
2557         $lines = explode("\n", $vhost_conf);
7fe908 2558
146783 2559         // if whole location block is in one line, split it up into multiple lines
MC 2560         if(is_array($lines) && !empty($lines)){
2561             $linecount = sizeof($lines);
2562             for($h=0;$h<$linecount;$h++){
2563                 // remove comments
7fe908 2564                 if(substr(trim($lines[$h]), 0, 1) == '#'){
146783 2565                     unset($lines[$h]);
MC 2566                     continue;
2567                 }
7fe908 2568
146783 2569                 $lines[$h] = rtrim($lines[$h]);
MC 2570                 /*
2571                 if(substr(ltrim($lines[$h]), 0, 8) == 'location' && strpos($lines[$h], '{') !== false && strpos($lines[$h], ';') !== false){
2572                     $lines[$h] = str_replace("{", "{\n", $lines[$h]);
2573                     $lines[$h] = str_replace(";", ";\n", $lines[$h]);
2574                     if(strpos($lines[$h], '##merge##') !== false){
2575                         $lines[$h] = str_replace('##merge##', '', $lines[$h]);
2576                         $lines[$h] = substr($lines[$h],0,strpos($lines[$h], '{')).' ##merge##'.substr($lines[$h],strpos($lines[$h], '{')+1);
2577                     }
2578                 }
2579                 if(substr(ltrim($lines[$h]), 0, 8) == 'location' && strpos($lines[$h], '{') !== false && strpos($lines[$h], '}') !== false && strpos($lines[$h], ';') === false){
2580                     $lines[$h] = str_replace("{", "{\n", $lines[$h]);
2581                     if(strpos($lines[$h], '##merge##') !== false){
2582                         $lines[$h] = str_replace('##merge##', '', $lines[$h]);
2583                         $lines[$h] = substr($lines[$h],0,strpos($lines[$h], '{')).' ##merge##'.substr($lines[$h],strpos($lines[$h], '{')+1);
2584                     }
2585                 }
2586                 */
2587                 $pattern = '/^[^\S\n]*location[^\S\n]+(?:(.+)[^\S\n]+)?(.+)[^\S\n]*(\{)[^\S\n]*(##merge##|##delete##)?[^\S\n]*(.+)[^\S\n]*(\})[^\S\n]*(##merge##|##delete##)?[^\S\n]*$/';
7fe908 2588                 $lines[$h] = preg_replace_callback($pattern, array($this, 'nginx_replace') , $lines[$h]);
146783 2589             }
MC 2590         }
2591         $vhost_conf = implode("\n", $lines);
2592         unset($lines);
2593         unset($linecount);
7fe908 2594
146783 2595         $lines = explode("\n", $vhost_conf);
7fe908 2596
MC 2597         if(is_array($lines) && !empty($lines)){
146783 2598             $locations = array();
MC 2599             $locations_to_delete = array();
2600             $islocation = false;
2601             $linecount = sizeof($lines);
2602             $server_count = 0;
2603
2604             for($i=0;$i<$linecount;$i++){
2605                 $l = trim($lines[$i]);
2606                 if(substr($l, 0, 8) == 'server {') $server_count += 1;
2607                 if($server_count > 1) break;
2608                 if(substr($l, 0, 8) == 'location' && !$islocation){
7fe908 2609
146783 2610                     $islocation = true;
MC 2611                     $level = 0;
7fe908 2612
146783 2613                     // Remove unnecessary whitespace
MC 2614                     $l = preg_replace('/\s\s+/', ' ', $l);
7fe908 2615
146783 2616                     $loc_parts = explode(' ', $l);
MC 2617                     // see http://wiki.nginx.org/HttpCoreModule#location
2618                     if($loc_parts[1] == '=' || $loc_parts[1] == '~' || $loc_parts[1] == '~*' || $loc_parts[1] == '^~'){
2619                         $location = $loc_parts[1].' '.$loc_parts[2];
2620                     } else {
2621                         $location = $loc_parts[1];
2622                     }
2623                     unset($loc_parts);
7fe908 2624
146783 2625                     if(!isset($locations[$location]['action'])) $locations[$location]['action'] = 'replace';
MC 2626                     if(substr($l, -9) == '##merge##') $locations[$location]['action'] = 'merge';
2627                     if(substr($l, -10) == '##delete##') $locations[$location]['action'] = 'delete';
7fe908 2628
146783 2629                     if(!isset($locations[$location]['open_tag'])) $locations[$location]['open_tag'] = '        location '.$location.' {';
MC 2630                     if(!isset($locations[$location]['location']) || $locations[$location]['action'] == 'replace') $locations[$location]['location'] = '';
2631                     if($locations[$location]['action'] == 'delete') $locations_to_delete[] = $location;
2632                     if(!isset($locations[$location]['end_tag'])) $locations[$location]['end_tag'] = '        }';
2633                     if(!isset($locations[$location]['start_line'])) $locations[$location]['start_line'] = $i;
2634
2635                     unset($lines[$i]);
7fe908 2636
146783 2637                 } else {
7fe908 2638
146783 2639                     if($islocation){
MC 2640                         if(strpos($l, '{') !== false){
2641                             $level += 1;
2642                         }
2643                         if(strpos($l, '}') !== false && $level > 0){
2644                             $level -= 1;
2645                             $locations[$location]['location'] .= $lines[$i]."\n";
2646                         } elseif(strpos($l, '}') !== false && $level == 0){
2647                             $islocation = false;
2648                         } else {
2649                             $locations[$location]['location'] .= $lines[$i]."\n";
2650                         }
2651                         unset($lines[$i]);
2652                     }
7fe908 2653
146783 2654                 }
MC 2655             }
7fe908 2656
146783 2657             if(is_array($locations) && !empty($locations)){
MC 2658                 if(is_array($locations_to_delete) && !empty($locations_to_delete)){
2659                     foreach($locations_to_delete as $location_to_delete){
2660                         if(isset($locations[$location_to_delete])) unset($locations[$location_to_delete]);
2661                     }
2662                 }
7fe908 2663
146783 2664                 foreach($locations as $key => $val){
MC 2665                     $new_location = $val['open_tag']."\n".$val['location'].$val['end_tag'];
2666                     $lines[$val['start_line']] = $new_location;
2667                 }
2668             }
2669             ksort($lines);
2670             $vhost_conf = implode("\n", $lines);
2671         }
7fe908 2672
146783 2673         return trim($vhost_conf);
MC 2674     }
7fe908 2675
MC 2676     function client_delete($event_name, $data) {
146783 2677         global $app, $conf;
7fe908 2678
146783 2679         $app->uses("getconf");
MC 2680         $web_config = $app->getconf->get_server_config($conf["server_id"], 'web');
7fe908 2681
146783 2682         $client_id = intval($data['old']['client_id']);
MC 2683         if($client_id > 0) {
7fe908 2684
146783 2685             $client_dir = $web_config['website_basedir'].'/clients/client'.$client_id;
7fe908 2686             if(is_dir($client_dir) && !stristr($client_dir, '..')) {
146783 2687                 // remove symlinks from $client_dir
7fe908 2688                 $files = array_diff(scandir($client_dir), array('.', '..'));
146783 2689                 if(is_array($files) && !empty($files)){
MC 2690                     foreach($files as $file){
2691                         if(is_link($client_dir.'/'.$file)){
2692                             unlink($client_dir.'/'.$file);
7fe908 2693                             $app->log('Removed symlink: '.$client_dir.'/'.$file, LOGLEVEL_DEBUG);
146783 2694                         }
MC 2695                     }
2696                 }
7fe908 2697
146783 2698                 @rmdir($client_dir);
7fe908 2699                 $app->log('Removed client directory: '.$client_dir, LOGLEVEL_DEBUG);
146783 2700             }
7fe908 2701
146783 2702             if($app->system->is_group('client'.$client_id)){
MC 2703                 $this->_exec('groupdel client'.$client_id);
7fe908 2704                 $app->log('Removed group client'.$client_id, LOGLEVEL_DEBUG);
146783 2705             }
MC 2706         }
7fe908 2707
146783 2708     }
MC 2709
2710     //* Wrapper for exec function for easier debugging
2711     private function _exec($command) {
2712         global $app;
7fe908 2713         $app->log('exec: '.$command, LOGLEVEL_DEBUG);
146783 2714         exec($command);
MC 2715     }
2716
7fe908 2717     private function _checkTcp ($host, $port) {
MC 2718
2719         $fp = @fsockopen($host, $port, $errno, $errstr, 2);
146783 2720
MC 2721         if ($fp) {
2722             fclose($fp);
2723             return true;
2724         } else {
2725             return false;
2726         }
2727     }
7fe908 2728
146783 2729     public function create_relative_link($f, $t) {
MC 2730         global $app;
2731         // $from already exists
2732         $from = realpath($f);
2733
2734         // realpath requires the traced file to exist - so, lets touch it first, then remove
2735         @$app->system->unlink($t); touch($t);
2736         $to = realpath($t);
2737         @$app->system->unlink($t);
2738
2739         // Remove from the left side matching path elements from $from and $to
2740         // and get path elements counts
2741         $a1 = explode('/', $from); $a2 = explode('/', $to);
2742         for ($c = 0; $a1[$c] == $a2[$c]; $c++) {
2743             unset($a1[$c]); unset($a2[$c]);
2744         }
2745         $cfrom = implode('/', $a1);
2746
2747         // Check if a path is fully a subpath of another - no way to create symlink in the case
2748         if (count($a1) == 0 || count($a2) == 0) return false;
2749
2750         // Add ($cnt_to-1) number of "../" elements to left side of $cfrom
2751         for ($c = 0; $c < (count($a2)-1); $c++) { $cfrom = '../'.$cfrom; }
2752
2753         return symlink($cfrom, $to);
2754     }
7fe908 2755
MC 2756     private function _rewrite_quote($string) {
2757         return str_replace(array('.', '*', '?', '+'), array('\\.', '\\*', '\\?', '\\+'), $string);
2758     }
2759
146783 2760     private function url_is_local($hostname, $domain_id){
MC 2761         global $app;
2762
2763         // ORDER BY clause makes sure wildcard subdomains (*) are listed last in the result array so that we can find direct matches first
2764         $webs = $app->db->queryAllRecords("SELECT * FROM web_domain WHERE active = 'y' ORDER BY subdomain ASC");
2765         if(is_array($webs) && !empty($webs)){
2766             foreach($webs as $web){
2767                 // web domain doesn't match hostname
7fe908 2768                 if(substr($hostname, -strlen($web['domain'])) != $web['domain']) continue;
146783 2769                 // own vhost and therefore server {} container of its own
MC 2770                 //if($web['type'] == 'vhostsubdomain') continue;
2771                 // alias domains/subdomains using rewrites and therefore a server {} container of their own
2772                 //if(($web['type'] == 'alias' || $web['type'] == 'subdomain') && $web['redirect_type'] != '' && $web['redirect_path'] != '') continue;
7fe908 2773
146783 2774                 if($web['subdomain'] == '*'){
MC 2775                     $pattern = '/\.?'.str_replace('.', '\.', $web['domain']).'$/i';
2776                 }
2777                 if($web['subdomain'] == 'none'){
2778                     if($web['domain'] == $hostname){
2779                         if($web['domain_id'] == $domain_id || $web['parent_domain_id'] == $domain_id){
2780                             // own vhost and therefore server {} container of its own
2781                             if($web['type'] == 'vhostsubdomain') return false;
2782                             // alias domains/subdomains using rewrites and therefore a server {} container of their own
2783                             if(($web['type'] == 'alias' || $web['type'] == 'subdomain') && $web['redirect_type'] != '' && $web['redirect_path'] != '') return false;
2784                             return true;
2785                         } else {
2786                             return false;
2787                         }
2788                     }
2789                     $pattern = '/^'.str_replace('.', '\.', $web['domain']).'$/i';
2790                 }
2791                 if($web['subdomain'] == 'www'){
2792                     if($web['domain'] == $hostname || $web['subdomain'].'.'.$web['domain'] == $hostname){
2793                         if($web['domain_id'] == $domain_id || $web['parent_domain_id'] == $domain_id){
2794                             // own vhost and therefore server {} container of its own
2795                             if($web['type'] == 'vhostsubdomain') return false;
2796                             // alias domains/subdomains using rewrites and therefore a server {} container of their own
2797                             if(($web['type'] == 'alias' || $web['type'] == 'subdomain') && $web['redirect_type'] != '' && $web['redirect_path'] != '') return false;
2798                             return true;
2799                         } else {
2800                             return false;
2801                         }
2802                     }
2803                     $pattern = '/^(www\.)?'.str_replace('.', '\.', $web['domain']).'$/i';
2804                 }
2805                 if(preg_match($pattern, $hostname)){
2806                     if($web['domain_id'] == $domain_id || $web['parent_domain_id'] == $domain_id){
2807                         // own vhost and therefore server {} container of its own
2808                         if($web['type'] == 'vhostsubdomain') return false;
2809                         // alias domains/subdomains using rewrites and therefore a server {} container of their own
2810                         if(($web['type'] == 'alias' || $web['type'] == 'subdomain') && $web['redirect_type'] != '' && $web['redirect_path'] != '') return false;
2811                         return true;
2812                     } else {
2813                         return false;
2814                     }
2815                 }
2816             }
2817         }
7fe908 2818
146783 2819         return false;
MC 2820     }
7fe908 2821
146783 2822     private function get_seo_redirects($web, $prefix = '', $force_subdomain = false){
MC 2823         // $force_subdomain = 'none|www'
2824         $seo_redirects = array();
7fe908 2825
146783 2826         if(substr($web['domain'], 0, 2) === '*.') $web['subdomain'] = '*';
7fe908 2827
146783 2828         if(($web['subdomain'] == 'www' || $web['subdomain'] == '*') && $force_subdomain != 'www'){
MC 2829             if($web['seo_redirect'] == 'non_www_to_www'){
2830                 $seo_redirects[$prefix.'seo_redirect_origin_domain'] = $web['domain'];
2831                 $seo_redirects[$prefix.'seo_redirect_target_domain'] = 'www.'.$web['domain'];
2832                 $seo_redirects[$prefix.'seo_redirect_operator'] = '=';
2833             }
2834             if($web['seo_redirect'] == '*_domain_tld_to_www_domain_tld'){
2835                 // ^(example\.com|(?!\bwww\b)\.example\.com)$
2836                 // ^(example\.com|((?:\w+(?:-\w+)*\.)*)((?!www\.)\w+(?:-\w+)*)(\.example\.com))$
2837                 $seo_redirects[$prefix.'seo_redirect_origin_domain'] = '^('.str_replace('.', '\.', $web['domain']).'|((?:\w+(?:-\w+)*\.)*)((?!www\.)\w+(?:-\w+)*)(\.'.str_replace('.', '\.', $web['domain']).'))$';
2838                 $seo_redirects[$prefix.'seo_redirect_target_domain'] = 'www.'.$web['domain'];
2839                 $seo_redirects[$prefix.'seo_redirect_operator'] = '~*';
2840             }
2841             if($web['seo_redirect'] == '*_to_www_domain_tld'){
2842                 $seo_redirects[$prefix.'seo_redirect_origin_domain'] = 'www.'.$web['domain'];
2843                 $seo_redirects[$prefix.'seo_redirect_target_domain'] = 'www.'.$web['domain'];
2844                 $seo_redirects[$prefix.'seo_redirect_operator'] = '!=';
2845             }
2846         }
2847         if($force_subdomain != 'none'){
2848             if($web['seo_redirect'] == 'www_to_non_www'){
2849                 $seo_redirects[$prefix.'seo_redirect_origin_domain'] = 'www.'.$web['domain'];
2850                 $seo_redirects[$prefix.'seo_redirect_target_domain'] = $web['domain'];
2851                 $seo_redirects[$prefix.'seo_redirect_operator'] = '=';
2852             }
2853             if($web['seo_redirect'] == '*_domain_tld_to_domain_tld'){
2854                 // ^(.+)\.example\.com$
2855                 $seo_redirects[$prefix.'seo_redirect_origin_domain'] = '^(.+)\.'.str_replace('.', '\.', $web['domain']).'$';
2856                 $seo_redirects[$prefix.'seo_redirect_target_domain'] = $web['domain'];
2857                 $seo_redirects[$prefix.'seo_redirect_operator'] = '~*';
2858             }
2859             if($web['seo_redirect'] == '*_to_domain_tld'){
2860                 $seo_redirects[$prefix.'seo_redirect_origin_domain'] = $web['domain'];
2861                 $seo_redirects[$prefix.'seo_redirect_target_domain'] = $web['domain'];
2862                 $seo_redirects[$prefix.'seo_redirect_operator'] = '!=';
2863             }
2864         }
2865         return $seo_redirects;
2866     }
2867
2868 } // end class
2869
2870 ?>