Pascal Dreissen
2016-07-08 f1193b43f4c9fd132741d30f03f0b35841011989
commit | author | age
46c683 1 <?php
T 2
3 /*
cea1e5 4 Copyright (c) 2007 - 2012, Till Brehm, projektfarm Gmbh
46c683 5 All rights reserved.
T 6
7 Redistribution and use in source and binary forms, with or without modification,
8 are permitted provided that the following conditions are met:
9
10     * Redistributions of source code must retain the above copyright notice,
11       this list of conditions and the following disclaimer.
12     * Redistributions in binary form must reproduce the above copyright notice,
13       this list of conditions and the following disclaimer in the documentation
14       and/or other materials provided with the distribution.
15     * Neither the name of ISPConfig nor the names of its contributors
16       may be used to endorse or promote products derived from this software without
17       specific prior written permission.
18
19 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
20 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
21 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22 IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
23 INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
24 BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
26 OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
27 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
28 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 */
30
31 class apache2_plugin {
ac933e 32
46c683 33     var $plugin_name = 'apache2_plugin';
T 34     var $class_name = 'apache2_plugin';
ac933e 35
46c683 36     // private variables
T 37     var $action = '';
481c00 38     var $ssl_certificate_changed = false;
496602 39     var $update_letsencrypt = false;
ac933e 40
46c683 41     //* This function is called during ispconfig installation to determine
T 42     //  if a symlink shall be created for this plugin.
43     function onInstall() {
44         global $conf;
ac933e 45
46c683 46         if($conf['services']['web'] == true) {
T 47             return true;
48         } else {
49             return false;
50         }
ac933e 51
46c683 52     }
ac933e 53
V 54
46c683 55     /*
T 56          This function is called when the plugin is loaded
57     */
ac933e 58
46c683 59     function onLoad() {
T 60         global $app;
ac933e 61
46c683 62         /*
T 63         Register for the events
64         */
b1a6a5 65         $app->plugins->registerEvent('web_domain_insert', $this->plugin_name, 'ssl');
MC 66         $app->plugins->registerEvent('web_domain_update', $this->plugin_name, 'ssl');
67         $app->plugins->registerEvent('web_domain_delete', $this->plugin_name, 'ssl');
ac933e 68
b1a6a5 69         $app->plugins->registerEvent('web_domain_insert', $this->plugin_name, 'insert');
MC 70         $app->plugins->registerEvent('web_domain_update', $this->plugin_name, 'update');
71         $app->plugins->registerEvent('web_domain_delete', $this->plugin_name, 'delete');
ac933e 72
b1a6a5 73         $app->plugins->registerEvent('server_ip_insert', $this->plugin_name, 'server_ip');
MC 74         $app->plugins->registerEvent('server_ip_update', $this->plugin_name, 'server_ip');
75         $app->plugins->registerEvent('server_ip_delete', $this->plugin_name, 'server_ip');
ac933e 76
b1a6a5 77         $app->plugins->registerEvent('webdav_user_insert', $this->plugin_name, 'webdav');
MC 78         $app->plugins->registerEvent('webdav_user_update', $this->plugin_name, 'webdav');
79         $app->plugins->registerEvent('webdav_user_delete', $this->plugin_name, 'webdav');
80
81         $app->plugins->registerEvent('client_delete', $this->plugin_name, 'client_delete');
82
83         $app->plugins->registerEvent('web_folder_user_insert', $this->plugin_name, 'web_folder_user');
84         $app->plugins->registerEvent('web_folder_user_update', $this->plugin_name, 'web_folder_user');
85         $app->plugins->registerEvent('web_folder_user_delete', $this->plugin_name, 'web_folder_user');
86
87         $app->plugins->registerEvent('web_folder_update', $this->plugin_name, 'web_folder_update');
88         $app->plugins->registerEvent('web_folder_delete', $this->plugin_name, 'web_folder_delete');
89
90         $app->plugins->registerEvent('ftp_user_delete', $this->plugin_name, 'ftp_user_delete');
91
92         $app->plugins->registerAction('php_ini_changed', $this->plugin_name, 'php_ini_changed');
46c683 93     }
b1a6a5 94
93292a 95     private function get_master_php_ini_content($web_data) {
MB 96         global $app, $conf;
97         
98         $app->uses('getconf');
99         $web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
100         $fastcgi_config = $app->getconf->get_server_config($conf['server_id'], 'fastcgi');
101         
102         $php_ini_content = '';
103         $master_php_ini_path = '';
104         
105         if($web_data['php'] == 'mod') {
106             $master_php_ini_path = $web_config['php_ini_path_apache'];
107         } else {
108             // check for custom php
109             if($web_data['fastcgi_php_version'] != '') {
110                 $tmp = explode(':', $web_data['fastcgi_php_version']);
111                 if(isset($tmp[2])) {
112                     $tmppath = $tmp[2];
113                     if(substr($tmppath, -7) != 'php.ini') {
114                         if(substr($tmppath, -1) != '/') $tmppath .= '/';
115                         $tmppath .= 'php.ini';
116                     }
117                     if(file_exists($tmppath)) {
118                         $master_php_ini_path = $tmppath;
119                     }
120                     unset($tmppath);
121                 }
122                 unset($tmp);
123             }
124             
125             if(!$master_php_ini_path) {
126                 if($web_data['php'] == 'fast-cgi' && file_exists($fastcgi_config["fastcgi_phpini_path"])) {
127                     $master_php_ini_path = $fastcgi_config["fastcgi_phpini_path"];
128                 } elseif($web_data['php'] == 'php-fpm' && file_exists($web_config['php_fpm_ini_path'])) {
129                     $master_php_ini_path = $fastcgi_config["fastcgi_phpini_path"];
130                 } else {
131                     $master_php_ini_path = $web_config['php_ini_path_cgi'];
132                 }
133             }
134         }
135         if($master_php_ini_path != '' && substr($master_php_ini_path, -7) == 'php.ini' && is_file($master_php_ini_path)) {
136             $php_ini_content .= $app->system->file_get_contents($master_php_ini_path)."\n";
137         }
138         
139         return $php_ini_content;
140     }
b1a6a5 141
MC 142     // Handle php.ini changes
143     function php_ini_changed($event_name, $data) {
144         global $app, $conf;
145
146         $app->uses('getconf');
bd68aa 147         $web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
MC 148         $fastcgi_config = $app->getconf->get_server_config($conf['server_id'], 'fastcgi');
b1a6a5 149
MC 150         /* $data contains an array with these keys:
bd68aa 151          * file -> full path of changed php_ini
c59632 152          * mode -> web_domain php modes to change (mod, fast-cgi, php-fpm, hhvm or '' for all except 'mod')
bd68aa 153          * php_version -> php ini path that changed (additional php versions)
MC 154          */
b1a6a5 155
2af58c 156         $param = '';
b1a6a5 157         $qrystr = "SELECT * FROM web_domain WHERE custom_php_ini != ''";
MC 158         if($data['mode'] == 'mod') {
159             $qrystr .= " AND php = 'mod'";
160         } elseif($data['mode'] == 'fast-cgi') {
161             $qrystr .= " AND php = 'fast-cgi'";
162             if($data['php_version']) {
2af58c 163                 $qrystr .= " AND fastcgi_php_version LIKE ?";
MC 164                 $param = '%:' . $data['php_version'];
b1a6a5 165             }
MC 166         } elseif($data['mode'] == 'php-fpm') {
167             $qrystr .= " AND php = 'php-fpm'";
c59632 168             if($data['php_version']) {
2af58c 169                 $qrystr .= " AND fastcgi_php_version LIKE ?";
MC 170                 $param = '%:' . $data['php_version'] . ':%';
c59632 171             }
MC 172         } elseif($data['mode'] == 'hhvm') {
173             $qrystr .= " AND php = 'hhvm'";
b1a6a5 174             if($data['php_version']) {
2af58c 175                 $qrystr .= " AND fastcgi_php_version LIKE ?";
MC 176                 $param = '%:' . $data['php_version'] . ':%';
b1a6a5 177             }
MC 178         } else {
179             $qrystr .= " AND php != 'mod' AND php != 'fast-cgi'";
180         }
ac933e 181
bd68aa 182
b1a6a5 183         //** Get all the webs
2af58c 184         $web_domains = $app->db->queryAllRecords($qrystr, $param);
b1a6a5 185         foreach($web_domains as $web_data) {
MC 186             $custom_php_ini_dir = $web_config['website_basedir'].'/conf/'.$web_data['system_user'];
187             $web_folder = 'web';
511ba5 188             if($web_data['type'] == 'vhostsubdomain' || $web_data['type'] == 'vhostalias') {
b1a6a5 189                 $web_folder = $web_data['web_folder'];
MC 190                 $custom_php_ini_dir .= '_' . $web_folder;
191             }
192             if(!is_dir($web_config['website_basedir'].'/conf')) $app->system->mkdir($web_config['website_basedir'].'/conf');
93292a 193             
b1a6a5 194             if(!is_dir($custom_php_ini_dir)) $app->system->mkdir($custom_php_ini_dir);
93292a 195             
MB 196             $php_ini_content = $this->get_master_php_ini_content($web_data);
b41803 197             
MC 198             if(intval($web_data['directive_snippets_id']) > 0){
d22277 199                 $snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'apache' AND active = 'y' AND customer_viewable = 'y'", intval($web_data['directive_snippets_id']));
b41803 200                 if(isset($snippet['required_php_snippets']) && trim($snippet['required_php_snippets']) != ''){
MC 201                     $required_php_snippets = explode(',', trim($snippet['required_php_snippets']));
202                     if(is_array($required_php_snippets) && !empty($required_php_snippets)){
203                         foreach($required_php_snippets as $required_php_snippet){
204                             $required_php_snippet = intval($required_php_snippet);
205                             if($required_php_snippet > 0){
206                                 $php_snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'php' AND active = 'y'", $required_php_snippet);
207                                 $php_snippet['snippet'] = trim($php_snippet['snippet']);
208                                 if($php_snippet['snippet'] != ''){
209                                     $web_data['custom_php_ini'] .= "\n".$php_snippet['snippet'];
210                                 }
211                             }
212                         }
213                     }
214                 }
215             }
216         
b1a6a5 217             $php_ini_content .= str_replace("\r", '', trim($web_data['custom_php_ini']));
MC 218             $app->system->file_put_contents($custom_php_ini_dir.'/php.ini', $php_ini_content);
219             $app->log('Info: rewrote custom php.ini for web ' . $web_data['domain_id'] . ' (' . $web_data['domain'] . ').', LOGLEVEL_DEBUG);
220         }
221
222         if(count($web_domains) > 0) {
223             //* We do not check the apache config here - we only changed the php.ini
224             //* Check if this is a chrooted setup
225             if($web_config['website_basedir'] != '' && @is_file($web_config['website_basedir'].'/etc/passwd')) {
226                 $apache_chrooted = true;
227                 $app->log('Info: Apache is chrooted.', LOGLEVEL_DEBUG);
228             } else {
229                 $apache_chrooted = false;
230             }
231
232             $app->log('Info: rewrote all php.ini and reloading apache now.', LOGLEVEL_DEBUG);
233             if($apache_chrooted) {
234                 $app->services->restartServiceDelayed('httpd', 'restart');
235             } else {
236                 // request a httpd reload when all records have been processed
237                 $app->services->restartServiceDelayed('httpd', 'reload');
238             }
239         } else {
240             $app->log('Info: No webs affected by php.ini change.', LOGLEVEL_DEBUG);
241         }
242     }
243
46c683 244     // Handle the creation of SSL certificates
b1a6a5 245     function ssl($event_name, $data) {
46c683 246         global $app, $conf;
b1a6a5 247
c77103 248         $app->uses('system');
1a2310 249
L 250         // load the server configuration options
251         $app->uses('getconf');
252         $web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
253         if ($web_config['CA_path']!='' && !file_exists($web_config['CA_path'].'/openssl.cnf'))
b1a6a5 254             $app->log("CA path error, file does not exist:".$web_config['CA_path'].'/openssl.cnf', LOGLEVEL_ERROR);
MC 255
1ca823 256         //* Only vhosts can have a ssl cert
511ba5 257         if($data["new"]["type"] != "vhost" && $data["new"]["type"] != "vhostsubdomain" && $data["new"]["type"] != "vhostalias") return;
ac933e 258
c77103 259         // if(!is_dir($data['new']['document_root'].'/ssl')) exec('mkdir -p '.$data['new']['document_root'].'/ssl');
T 260         if(!is_dir($data['new']['document_root'].'/ssl')) $app->system->mkdirpath($data['new']['document_root'].'/ssl');
b1a6a5 261
fb3339 262         $ssl_dir = $data['new']['document_root'].'/ssl';
J 263         $domain = $data['new']['ssl_domain'];
264         $key_file = $ssl_dir.'/'.$domain.'.key.org';
265         $key_file2 = $ssl_dir.'/'.$domain.'.key';
266         $csr_file = $ssl_dir.'/'.$domain.'.csr';
267         $crt_file = $ssl_dir.'/'.$domain.'.crt';
ac933e 268
4bd960 269         //* Create a SSL Certificate, but only if this is not a mirror server.
T 270         if($data['new']['ssl_action'] == 'create' && $conf['mirror_server_id'] == 0) {
b1a6a5 271
481c00 272             $this->ssl_certificate_changed = true;
b1a6a5 273
e94a9f 274             //* Rename files if they exist
43b345 275             if(file_exists($key_file)){
b1a6a5 276                 $app->system->rename($key_file, $key_file.'.bak');
MC 277                 $app->system->chmod($key_file.'.bak', 0400);
43b345 278             }
T 279             if(file_exists($key_file2)){
b1a6a5 280                 $app->system->rename($key_file2, $key_file2.'.bak');
MC 281                 $app->system->chmod($key_file2.'.bak', 0400);
43b345 282             }
b1a6a5 283             if(file_exists($csr_file)) $app->system->rename($csr_file, $csr_file.'.bak');
MC 284             if(file_exists($crt_file)) $app->system->rename($crt_file, $crt_file.'.bak');
285
fb3339 286             $rand_file = $ssl_dir.'/random_file';
b1a6a5 287             $rand_data = md5(uniqid(microtime(), 1));
ac933e 288             for($i=0; $i<1000; $i++) {
b1a6a5 289                 $rand_data .= md5(uniqid(microtime(), 1));
MC 290                 $rand_data .= md5(uniqid(microtime(), 1));
291                 $rand_data .= md5(uniqid(microtime(), 1));
292                 $rand_data .= md5(uniqid(microtime(), 1));
ac933e 293             }
c77103 294             $app->system->file_put_contents($rand_file, $rand_data);
46c683 295
b1a6a5 296             $ssl_password = substr(md5(uniqid(microtime(), 1)), 0, 15);
ac933e 297
46c683 298             $ssl_cnf = "        RANDFILE               = $rand_file
T 299
300         [ req ]
6d80f5 301         default_bits           = 2048
6068b7 302         default_md             = sha256
46c683 303         default_keyfile        = keyfile.pem
T 304         distinguished_name     = req_distinguished_name
305         attributes             = req_attributes
306         prompt                 = no
307         output_password        = $ssl_password
308
309         [ req_distinguished_name ]
e94a9f 310         C                      = ".trim($data['new']['ssl_country'])."
243697 311         " . (trim($data['new']['ssl_state']) == '' ? '' : "ST                     = ".trim($data['new']['ssl_state'])) . "
MB 312         " . (trim($data['new']['ssl_locality']) == '' ? '' : "L                      = ".trim($data['new']['ssl_locality']))."
313         " . (trim($data['new']['ssl_organisation']) == '' ? '' : "O                      = ".trim($data['new']['ssl_organisation']))."
314         " . (trim($data['new']['ssl_organisation_unit']) == '' ? '' : "OU                     = ".trim($data['new']['ssl_organisation_unit']))."
46c683 315         CN                     = $domain
T 316         emailAddress           = webmaster@".$data['new']['domain']."
317
318         [ req_attributes ]
5a4285 319         ";//challengePassword              = A challenge password";
ac933e 320
fb3339 321             $ssl_cnf_file = $ssl_dir.'/openssl.conf';
b1a6a5 322             $app->system->file_put_contents($ssl_cnf_file, $ssl_cnf);
ac933e 323
46c683 324             $rand_file = escapeshellcmd($rand_file);
T 325             $key_file = escapeshellcmd($key_file);
8c82ef 326             $openssl_cmd_key_file = $key_file;
992797 327             if(substr($domain, 0, 2) == '*.' && strpos($key_file, '/ssl/\*.') !== false) $key_file = str_replace('/ssl/\*.', '/ssl/*.', $key_file); // wildcard certificate
46c683 328             $key_file2 = escapeshellcmd($key_file2);
8c82ef 329             $openssl_cmd_key_file2 = $key_file2;
992797 330             if(substr($domain, 0, 2) == '*.' && strpos($key_file2, '/ssl/\*.') !== false) $key_file2 = str_replace('/ssl/\*.', '/ssl/*.', $key_file2); // wildcard certificate
46c683 331             $ssl_days = 3650;
T 332             $csr_file = escapeshellcmd($csr_file);
8c82ef 333             $openssl_cmd_csr_file = $csr_file;
992797 334             if(substr($domain, 0, 2) == '*.' && strpos($csr_file, '/ssl/\*.') !== false) $csr_file = str_replace('/ssl/\*.', '/ssl/*.', $csr_file); // wildcard certificate
46c683 335             $config_file = escapeshellcmd($ssl_cnf_file);
T 336             $crt_file = escapeshellcmd($crt_file);
8c82ef 337             $openssl_cmd_crt_file = $crt_file;
992797 338             if(substr($domain, 0, 2) == '*.' && strpos($crt_file, '/ssl/\*.') !== false) $crt_file = str_replace('/ssl/\*.', '/ssl/*.', $crt_file); // wildcard certificate
46c683 339
c77103 340             if(is_file($ssl_cnf_file) && !is_link($ssl_cnf_file)) {
b1a6a5 341
8c82ef 342                 exec("openssl genrsa -des3 -rand $rand_file -passout pass:$ssl_password -out $openssl_cmd_key_file 2048");
6068b7 343                 exec("openssl req -new -sha256 -passin pass:$ssl_password -passout pass:$ssl_password -key $openssl_cmd_key_file -out $openssl_cmd_csr_file -days $ssl_days -config $config_file");
8c82ef 344                 exec("openssl rsa -passin pass:$ssl_password -in $openssl_cmd_key_file -out $openssl_cmd_key_file2");
1a2310 345
L 346                 if(file_exists($web_config['CA_path'].'/openssl.cnf'))
5c4d55 347                 {
8c82ef 348                     exec("openssl ca -batch -out $openssl_cmd_crt_file -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -in $openssl_cmd_csr_file");
b1a6a5 349                     $app->log("Creating CA-signed SSL Cert for: $domain", LOGLEVEL_DEBUG);
8c82ef 350                     if (filesize($crt_file)==0 || !file_exists($crt_file)) $app->log("CA-Certificate signing failed.  openssl ca -out $openssl_cmd_crt_file -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -in $openssl_cmd_csr_file", LOGLEVEL_ERROR);
1a2310 351                 };
723662 352                 if (@filesize($crt_file)==0 || !file_exists($crt_file)){
8c82ef 353                     exec("openssl req -x509 -passin pass:$ssl_password -passout pass:$ssl_password -key $openssl_cmd_key_file -in $openssl_cmd_csr_file -out $openssl_cmd_crt_file -days $ssl_days -config $config_file ");
b1a6a5 354                     $app->log("Creating self-signed SSL Cert for: $domain", LOGLEVEL_DEBUG);
5c4d55 355                 };
b1a6a5 356
ac933e 357             }
46c683 358
b1a6a5 359             $app->system->chmod($key_file, 0400);
MC 360             $app->system->chmod($key_file2, 0400);
c77103 361             @$app->system->unlink($config_file);
T 362             @$app->system->unlink($rand_file);
2af58c 363             $ssl_request = $app->system->file_get_contents($csr_file);
MC 364             $ssl_cert = $app->system->file_get_contents($crt_file);
365             $ssl_key2 = $app->system->file_get_contents($key_file2);
d1086f 366             /* Update the DB of the (local) Server */
2af58c 367             $app->db->query("UPDATE web_domain SET ssl_request = ?, ssl_cert = ?, ssl_key = ? WHERE domain = ?", $ssl_request, $ssl_cert, $ssl_key2, $data['new']['domain']);
MC 368             $app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
d1086f 369             /* Update also the master-DB of the Server-Farm */
2af58c 370             $app->dbmaster->query("UPDATE web_domain SET ssl_request = ?, ssl_cert = ?, ssl_key = ? WHERE domain = ?", $ssl_request, $ssl_cert, $ssl_key2, $data['new']['domain']);
MC 371             $app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
46c683 372         }
bff982 373         
TB 374         //* Check that the SSL key is not password protected
375         if($data["new"]["ssl_action"] == 'save') {
376             if(stristr($data["new"]["ssl_key"],'Proc-Type: 4,ENCRYPTED')) {
377                 $data["new"]["ssl_action"] = '';
378             
379                 $app->log('SSL Certificate not saved. The SSL key is encrypted.', LOGLEVEL_WARN);
380                 $app->dbmaster->datalogError('SSL Certificate not saved. The SSL key is encrypted.');
381             
382                 /* Update the DB of the (local) Server */
383                 $app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
384
385                 /* Update also the master-DB of the Server-Farm */
386                 $app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
387             }
388         }
ac933e 389
46c683 390         //* Save a SSL certificate to disk
9f56bd 391         if($data["new"]["ssl_action"] == 'save') {
481c00 392             $this->ssl_certificate_changed = true;
9f56bd 393             $ssl_dir = $data["new"]["document_root"]."/ssl";
edf806 394             $domain = ($data["new"]["ssl_domain"] != '')?$data["new"]["ssl_domain"]:$data["new"]["domain"];
481c00 395             $key_file = $ssl_dir.'/'.$domain.'.key.org';
0d20af 396             $key_file2 = $ssl_dir.'/'.$domain.'.key';
9f56bd 397             $csr_file = $ssl_dir.'/'.$domain.".csr";
T 398             $crt_file = $ssl_dir.'/'.$domain.".crt";
399             $bundle_file = $ssl_dir.'/'.$domain.".bundle";
b1a6a5 400
481c00 401             //* Backup files
43b345 402             if(file_exists($key_file)){
b1a6a5 403                 $app->system->copy($key_file, $key_file.'~');
MC 404                 $app->system->chmod($key_file.'~', 0400);
43b345 405             }
T 406             if(file_exists($key_file2)){
b1a6a5 407                 $app->system->copy($key_file2, $key_file2.'~');
MC 408                 $app->system->chmod($key_file2.'~', 0400);
43b345 409             }
b1a6a5 410             if(file_exists($csr_file)) $app->system->copy($csr_file, $csr_file.'~');
MC 411             if(file_exists($crt_file)) $app->system->copy($crt_file, $crt_file.'~');
412             if(file_exists($bundle_file)) $app->system->copy($bundle_file, $bundle_file.'~');
413
481c00 414             //* Write new ssl files
b1a6a5 415             if(trim($data["new"]["ssl_request"]) != '') $app->system->file_put_contents($csr_file, $data["new"]["ssl_request"]);
f78f1e 416             if(version_compare($app->system->getapacheversion(true), '2.4.8', '>=')) {
MC 417                 $tmp_data = '';
418                 if(trim($data["new"]["ssl_cert"]) != '') $tmp_data .= $data["new"]["ssl_cert"] . "\n";
419                 if(trim($data["new"]["ssl_bundle"]) != '') $tmp_data .= $data["new"]["ssl_bundle"];
420                 if(trim($tmp_data) != '') $app->system->file_put_contents($crt_file, $tmp_data);
421             } else {
422                 if(trim($data["new"]["ssl_cert"]) != '') $app->system->file_put_contents($crt_file, $data["new"]["ssl_cert"]);
423                 if(trim($data["new"]["ssl_bundle"]) != '') $app->system->file_put_contents($bundle_file, $data["new"]["ssl_bundle"]);
424             }
b1a6a5 425
72695f 426             //* Write the key file, if field is empty then import the key into the db
T 427             if(trim($data["new"]["ssl_key"]) != '') {
b1a6a5 428                 $app->system->file_put_contents($key_file2, $data["new"]["ssl_key"]);
MC 429                 $app->system->chmod($key_file2, 0400);
72695f 430             } else {
2af58c 431                 $ssl_key2 = $app->system->file_get_contents($key_file2);
72695f 432                 /* Update the DB of the (local) Server */
2af58c 433                 $app->db->query("UPDATE web_domain SET ssl_key = ? WHERE domain = ?", $ssl_key2, $data['new']['domain']);
72695f 434                 /* Update also the master-DB of the Server-Farm */
2af58c 435                 $app->dbmaster->query("UPDATE web_domain SET ssl_key = ? WHERE domain = ?", $ssl_key2, $data['new']['domain']);
72695f 436             }
b1a6a5 437
d1086f 438             /* Update the DB of the (local) Server */
2af58c 439             $app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
b1a6a5 440
d1086f 441             /* Update also the master-DB of the Server-Farm */
2af58c 442             $app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
b1a6a5 443             $app->log('Saving SSL Cert for: '.$domain, LOGLEVEL_DEBUG);
46c683 444         }
ac933e 445
46c683 446         //* Delete a SSL certificate
fb3339 447         if($data['new']['ssl_action'] == 'del') {
J 448             $ssl_dir = $data['new']['document_root'].'/ssl';
edf806 449             $domain = ($data["new"]["ssl_domain"] != '')?$data["new"]["ssl_domain"]:$data["new"]["domain"];
fb3339 450             $csr_file = $ssl_dir.'/'.$domain.'.csr';
J 451             $crt_file = $ssl_dir.'/'.$domain.'.crt';
452             $bundle_file = $ssl_dir.'/'.$domain.'.bundle';
c77103 453             if(file_exists($web_config['CA_path'].'/openssl.cnf') && !is_link($web_config['CA_path'].'/openssl.cnf'))
b1a6a5 454             {
8c82ef 455                 exec("openssl ca -batch -config ".$web_config['CA_path']."/openssl.cnf -passin pass:".$web_config['CA_pass']." -revoke ".escapeshellcmd($crt_file));
b1a6a5 456                 $app->log("Revoking CA-signed SSL Cert for: $domain", LOGLEVEL_DEBUG);
MC 457             };
c77103 458             $app->system->unlink($csr_file);
T 459             $app->system->unlink($crt_file);
460             $app->system->unlink($bundle_file);
d1086f 461             /* Update the DB of the (local) Server */
2af58c 462             $app->db->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '' WHERE domain = ?", $data['new']['domain']);
MC 463             $app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
d1086f 464             /* Update also the master-DB of the Server-Farm */
2af58c 465             $app->dbmaster->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '' WHERE domain = ?", $data['new']['domain']);
MC 466             $app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
b1a6a5 467             $app->log('Deleting SSL Cert for: '.$domain, LOGLEVEL_DEBUG);
46c683 468         }
ac933e 469
46c683 470     }
ac933e 471
V 472
b1a6a5 473     function insert($event_name, $data) {
46c683 474         global $app, $conf;
ac933e 475
46c683 476         $this->action = 'insert';
T 477         // just run the update function
b1a6a5 478         $this->update($event_name, $data);
ac933e 479
V 480
46c683 481     }
ac933e 482
V 483
b1a6a5 484     function update($event_name, $data) {
46c683 485         global $app, $conf;
ac933e 486
46c683 487         if($this->action != 'insert') $this->action = 'update';
ac933e 488
511ba5 489         if($data['new']['type'] != 'vhost' && $data['new']['type'] != 'vhostsubdomain' && $data['new']['type'] != 'vhostalias' && $data['new']['parent_domain_id'] > 0) {
ac933e 490
fb3339 491             $old_parent_domain_id = intval($data['old']['parent_domain_id']);
J 492             $new_parent_domain_id = intval($data['new']['parent_domain_id']);
ac933e 493
1ca823 494             // If the parent_domain_id has been changed, we will have to update the old site as well.
fb3339 495             if($this->action == 'update' && $data['new']['parent_domain_id'] != $data['old']['parent_domain_id']) {
2af58c 496                 $tmp = $app->db->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = ? AND active = ?', $old_parent_domain_id, 'y');
fb3339 497                 $data['new'] = $tmp;
J 498                 $data['old'] = $tmp;
46c683 499                 $this->action = 'update';
b1a6a5 500                 $this->update($event_name, $data);
46c683 501             }
ac933e 502
46c683 503             // This is not a vhost, so we need to update the parent record instead.
5d0363 504             $tmp = $app->db->queryOneRecord('SELECT * FROM web_domain WHERE domain_id = ? AND active = ?', $new_parent_domain_id, 'y');
fb3339 505             $data['new'] = $tmp;
J 506             $data['old'] = $tmp;
46c683 507             $this->action = 'update';
496602 508             $this->update_letsencrypt = true;
46c683 509         }
ac933e 510
46c683 511         // load the server configuration options
fb3339 512         $app->uses('getconf');
J 513         $web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
ac933e 514
2bbc4c 515         //* Check if this is a chrooted setup
155cc0 516         if($web_config['website_basedir'] != '' && @is_file($web_config['website_basedir'].'/etc/passwd')) {
2bbc4c 517             $apache_chrooted = true;
b1a6a5 518             $app->log('Info: Apache is chrooted.', LOGLEVEL_DEBUG);
2bbc4c 519         } else {
T 520             $apache_chrooted = false;
521         }
ac933e 522
fb3339 523         if($data['new']['document_root'] == '') {
511ba5 524             if($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') $app->log('document_root not set', LOGLEVEL_WARN);
46c683 525             return 0;
T 526         }
15687e 527         if($app->system->is_allowed_user($data['new']['system_user'], $app->system->is_user($data['new']['system_user']), true) == false
TB 528             || $app->system->is_allowed_group($data['new']['system_group'], $app->system->is_group($data['new']['system_group']), true) == false) {
529             $app->log('Websites cannot be owned by the root user or group. User: '.$data['new']['system_user'].' Group: '.$data['new']['system_group'], LOGLEVEL_WARN);
46c683 530             return 0;
T 531         }
e94a9f 532         if(trim($data['new']['domain']) == '') {
b1a6a5 533             $app->log('domain is empty', LOGLEVEL_WARN);
e94a9f 534             return 0;
T 535         }
b1a6a5 536
MC 537         $web_folder = 'web';
538         $log_folder = 'log';
79d955 539         $old_web_folder = 'web';
MC 540         $old_log_folder = 'log';
511ba5 541         if($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') {
79d955 542             // new one
2af58c 543             $tmp = $app->db->queryOneRecord('SELECT `domain` FROM web_domain WHERE domain_id = ?', $data['new']['parent_domain_id']);
b1a6a5 544             $subdomain_host = preg_replace('/^(.*)\.' . preg_quote($tmp['domain'], '/') . '$/', '$1', $data['new']['domain']);
MC 545             if($subdomain_host == '') $subdomain_host = 'web'.$data['new']['domain_id'];
546             $web_folder = $data['new']['web_folder'];
547             $log_folder .= '/' . $subdomain_host;
548             unset($tmp);
79d955 549             
MC 550             if(isset($data['old']['parent_domain_id'])) {
551                 // old one
2af58c 552                 $tmp = $app->db->queryOneRecord('SELECT `domain` FROM web_domain WHERE domain_id = ?', $data['old']['parent_domain_id']);
79d955 553                 $subdomain_host = preg_replace('/^(.*)\.' . preg_quote($tmp['domain'], '/') . '$/', '$1', $data['old']['domain']);
MC 554                 if($subdomain_host == '') $subdomain_host = 'web'.$data['old']['domain_id'];
555                 $old_web_folder = $data['old']['web_folder'];
556                 $old_log_folder .= '/' . $subdomain_host;
557                 unset($tmp);
558             }
b1a6a5 559         }
6fb93d 560
dba68f 561         // Create group and user, if not exist
T 562         $app->uses('system');
b1a6a5 563
8cf78b 564         if($web_config['connect_userid_to_webid'] == 'y') {
T 565             //* Calculate the uid and gid
566             $connect_userid_to_webid_start = ($web_config['connect_userid_to_webid_start'] < 1000)?1000:intval($web_config['connect_userid_to_webid_start']);
567             $fixed_uid_gid = intval($connect_userid_to_webid_start + $data['new']['domain_id']);
568             $fixed_uid_param = '--uid '.$fixed_uid_gid;
569             $fixed_gid_param = '--gid '.$fixed_uid_gid;
b1a6a5 570
8cf78b 571             //* Check if a ispconfigend user and group exists and create them
T 572             if(!$app->system->is_group('ispconfigend')) {
573                 exec('groupadd --gid '.($connect_userid_to_webid_start + 10000).' ispconfigend');
574             }
575             if(!$app->system->is_user('ispconfigend')) {
576                 exec('useradd -g ispconfigend -d /usr/local/ispconfig --uid '.($connect_userid_to_webid_start + 10000).' ispconfigend');
577             }
578         } else {
579             $fixed_uid_param = '';
580             $fixed_gid_param = '';
581         }
dba68f 582
T 583         $groupname = escapeshellcmd($data['new']['system_group']);
584         if($data['new']['system_group'] != '' && !$app->system->is_group($data['new']['system_group'])) {
8cf78b 585             exec('groupadd '.$fixed_gid_param.' '.$groupname);
dba68f 586             if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' groupadd '.$groupname);
b1a6a5 587             $app->log('Adding the group: '.$groupname, LOGLEVEL_DEBUG);
dba68f 588         }
T 589
590         $username = escapeshellcmd($data['new']['system_user']);
591         if($data['new']['system_user'] != '' && !$app->system->is_user($data['new']['system_user'])) {
8cf78b 592             if($web_config['add_web_users_to_sshusers_group'] == 'y') {
T 593                 exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param -G sshusers $username -s /bin/false");
594                 if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param -G sshusers $username -s /bin/false");
595             } else {
596                 exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param $username -s /bin/false");
597                 if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname $fixed_uid_param $username -s /bin/false");
598             }
b1a6a5 599             $app->log('Adding the user: '.$username, LOGLEVEL_DEBUG);
dba68f 600         }
ac933e 601
46c683 602         //* If the client of the site has been changed, we have a change of the document root
fb3339 603         if($this->action == 'update' && $data['new']['document_root'] != $data['old']['document_root']) {
ac933e 604
46c683 605             //* Get the old client ID
2af58c 606             $old_client = $app->dbmaster->queryOneRecord('SELECT client_id FROM sys_group WHERE sys_group.groupid = ?', $data['old']['sys_groupid']);
fb3339 607             $old_client_id = intval($old_client['client_id']);
46c683 608             unset($old_client);
ac933e 609
46c683 610             //* Remove the old symlinks
b1a6a5 611             $tmp_symlinks_array = explode(':', $web_config['website_symlinks']);
46c683 612             if(is_array($tmp_symlinks_array)) {
T 613                 foreach($tmp_symlinks_array as $tmp_symlink) {
b1a6a5 614                     $tmp_symlink = str_replace('[client_id]', $old_client_id, $tmp_symlink);
MC 615                     $tmp_symlink = str_replace('[website_domain]', $data['old']['domain'], $tmp_symlink);
46c683 616                     // Remove trailing slash
T 617                     if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1);
618                     // create the symlinks, if not exist
436975 619                     if(is_link($tmp_symlink)) {
fb3339 620                         exec('rm -f '.escapeshellcmd($tmp_symlink));
b1a6a5 621                         $app->log('Removed symlink: rm -f '.$tmp_symlink, LOGLEVEL_DEBUG);
46c683 622                     }
T 623                 }
624             }
b1a6a5 625
4b9329 626             //* Remove protection of old folders
b1a6a5 627             $app->system->web_folder_protection($data['old']['document_root'], false);
ac933e 628
511ba5 629             if($data["new"]["type"] != "vhostsubdomain" && $data["new"]["type"] != "vhostalias") {
b1a6a5 630                 //* Move the site data
MC 631                 $tmp_docroot = explode('/', $data['new']['document_root']);
632                 unset($tmp_docroot[count($tmp_docroot)-1]);
633                 $new_dir = implode('/', $tmp_docroot);
ac933e 634
b1a6a5 635                 $tmp_docroot = explode('/', $data['old']['document_root']);
MC 636                 unset($tmp_docroot[count($tmp_docroot)-1]);
637                 $old_dir = implode('/', $tmp_docroot);
ac933e 638
b1a6a5 639                 //* Check if there is already some data in the new docroot and rename it as we need a clean path to move the existing site to the new path
MC 640                 if(@is_dir($data['new']['document_root'])) {
641                     $app->system->web_folder_protection($data['new']['document_root'], false);
642                     $app->system->rename($data['new']['document_root'], $data['new']['document_root'].'_bak_'.date('Y_m_d_H_i_s'));
643                     $app->log('Renaming existing directory in new docroot location. mv '.$data['new']['document_root'].' '.$data['new']['document_root'].'_bak_'.date('Y_m_d_H_i_s'), LOGLEVEL_DEBUG);
644                 }
3fb802 645                 
TB 646                 //* Unmount the old log directory bfore we move the log dir
a9b325 647                 //exec('fuser -km '.escapeshellcmd($old_dir.'/log'));
c8679f 648                 exec('umount '.escapeshellcmd($data['old']['document_root'].'/log'));
ac933e 649
b1a6a5 650                 //* Create new base directory, if it does not exist yet
MC 651                 if(!is_dir($new_dir)) $app->system->mkdirpath($new_dir);
652                 $app->system->web_folder_protection($data['old']['document_root'], false);
653                 exec('mv '.escapeshellarg($data['old']['document_root']).' '.escapeshellarg($new_dir));
654                 //$app->system->rename($data['old']['document_root'],$new_dir);
655                 $app->log('Moving site to new document root: mv '.$data['old']['document_root'].' '.$new_dir, LOGLEVEL_DEBUG);
0930f5 656
b1a6a5 657                 // Handle the change in php_open_basedir
MC 658                 $data['new']['php_open_basedir'] = str_replace($data['old']['document_root'], $data['new']['document_root'], $data['old']['php_open_basedir']);
659
660                 //* Change the owner of the website files to the new website owner
661                 exec('chown --recursive --from='.escapeshellcmd($data['old']['system_user']).':'.escapeshellcmd($data['old']['system_group']).' '.escapeshellcmd($data['new']['system_user']).':'.escapeshellcmd($data['new']['system_group']).' '.$new_dir);
662
663                 //* Change the home directory and group of the website user
664                 $command = 'killall -u '.escapeshellcmd($data['new']['system_user']).' ; usermod';
665                 $command .= ' --home '.escapeshellcmd($data['new']['document_root']);
666                 $command .= ' --gid '.escapeshellcmd($data['new']['system_group']);
667                 $command .= ' '.escapeshellcmd($data['new']['system_user']).' 2>/dev/null';
668                 exec($command);
669             }
670
fb3339 671             if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);
b1a6a5 672
10b4c8 673             //* Change the log mount
074a57 674             /*
79d955 675             $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$old_log_folder.'    none    bind';
b1a6a5 676             $app->system->removeLine('/etc/fstab', $fstab_line);
79d955 677             $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$old_log_folder.'    none    bind,nobootwait';
ff5b86 678             $app->system->removeLine('/etc/fstab', $fstab_line);
074a57 679             $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$old_log_folder.'    none    bind,nobootwait';
TB 680             $app->system->removeLine('/etc/fstab', $fstab_line);
681             */
682             
683             $fstab_line_old = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$old_log_folder.'    none    bind';
684             
685             if($web_config['network_filesystem'] == 'y') {
686                 $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.'    none    bind,nobootwait,_netdev    0 0';
687                 $app->system->replaceLine('/etc/fstab', $fstab_line_old, $fstab_line, 0, 1);
688             } else {
689                 $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.'    none    bind,nobootwait    0 0';
690                 $app->system->replaceLine('/etc/fstab', $fstab_line_old, $fstab_line, 0, 1);
691             }
3fb802 692             
TB 693             exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/'.$log_folder));
074a57 694             
46c683 695         }
ac933e 696
46c683 697         //print_r($data);
ac933e 698
fb3339 699         // Check if the directories are there and create them if necessary.
b1a6a5 700         $app->system->web_folder_protection($data['new']['document_root'], false);
MC 701
6fb93d 702         if(!is_dir($data['new']['document_root'].'/' . $web_folder)) $app->system->mkdirpath($data['new']['document_root'].'/' . $web_folder);
M 703         if(!is_dir($data['new']['document_root'].'/' . $web_folder . '/error') and $data['new']['errordocs']) $app->system->mkdirpath($data['new']['document_root'].'/' . $web_folder . '/error');
f0dfa9 704         if(!is_dir($data['new']['document_root'].'/' . $web_folder . '/stats')) $app->system->mkdirpath($data['new']['document_root'].'/' . $web_folder . '/stats');
6fb93d 705         //if(!is_dir($data['new']['document_root'].'/'.$log_folder)) exec('mkdir -p '.$data['new']['document_root'].'/'.$log_folder);
c77103 706         if(!is_dir($data['new']['document_root'].'/ssl')) $app->system->mkdirpath($data['new']['document_root'].'/ssl');
T 707         if(!is_dir($data['new']['document_root'].'/cgi-bin')) $app->system->mkdirpath($data['new']['document_root'].'/cgi-bin');
708         if(!is_dir($data['new']['document_root'].'/tmp')) $app->system->mkdirpath($data['new']['document_root'].'/tmp');
709         if(!is_dir($data['new']['document_root'].'/webdav')) $app->system->mkdirpath($data['new']['document_root'].'/webdav');
b1a6a5 710
d87f76 711         //* Create the new private directory
T 712         if(!is_dir($data['new']['document_root'].'/private')) {
713             $app->system->mkdirpath($data['new']['document_root'].'/private');
b1a6a5 714             $app->system->chmod($data['new']['document_root'].'/private', 0710);
MC 715             $app->system->chown($data['new']['document_root'].'/private', $username);
716             $app->system->chgrp($data['new']['document_root'].'/private', $groupname);
d87f76 717         }
b1a6a5 718
MC 719
46c683 720         // Remove the symlink for the site, if site is renamed
fb3339 721         if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
J 722             if(is_dir('/var/log/ispconfig/httpd/'.$data['old']['domain'])) exec('rm -rf /var/log/ispconfig/httpd/'.$data['old']['domain']);
79d955 723             if(is_link($data['old']['document_root'].'/'.$old_log_folder)) $app->system->unlink($data['old']['document_root'].'/'.$old_log_folder);
b1a6a5 724
10b4c8 725             //* remove old log mount
79d955 726             $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$old_log_folder.'    none    bind';
b1a6a5 727             $app->system->removeLine('/etc/fstab', $fstab_line);
MC 728
10b4c8 729             //* Unmount log directory
a9b325 730             //exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$old_log_folder));
79d955 731             exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$old_log_folder));
46c683 732         }
b1a6a5 733
d5a517 734         //* Create the log dir if nescessary and mount it
10b4c8 735         if(!is_dir($data['new']['document_root'].'/'.$log_folder) || !is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain']) || is_link($data['new']['document_root'].'/'.$log_folder)) {
6fb93d 736             if(is_link($data['new']['document_root'].'/'.$log_folder)) unlink($data['new']['document_root'].'/'.$log_folder);
10b4c8 737             if(!is_dir('/var/log/ispconfig/httpd/'.$data['new']['domain'])) exec('mkdir -p /var/log/ispconfig/httpd/'.$data['new']['domain']);
c3bf39 738             $app->system->mkdirpath($data['new']['document_root'].'/'.$log_folder);
b1a6a5 739             $app->system->chown($data['new']['document_root'].'/'.$log_folder, 'root');
MC 740             $app->system->chgrp($data['new']['document_root'].'/'.$log_folder, 'root');
741             $app->system->chmod($data['new']['document_root'].'/'.$log_folder, 0755);
6fb93d 742             exec('mount --bind '.escapeshellarg('/var/log/ispconfig/httpd/'.$data['new']['domain']).' '.escapeshellarg($data['new']['document_root'].'/'.$log_folder));
d5a517 743             //* add mountpoint to fstab
c8679f 744             $fstab_line = '/var/log/ispconfig/httpd/'.$data['new']['domain'].' '.$data['new']['document_root'].'/'.$log_folder.'    none    bind,nobootwait';
FS 745             $fstab_line .= @($web_config['network_filesystem'] == 'y')?',_netdev    0 0':'    0 0';
b1a6a5 746             $app->system->replaceLine('/etc/fstab', $fstab_line, $fstab_line, 1, 1);
d5a517 747         }
b1a6a5 748
MC 749         $app->system->web_folder_protection($data['new']['document_root'], true);
ac933e 750
46c683 751         // Get the client ID
2af58c 752         $client = $app->dbmaster->queryOneRecord('SELECT client_id FROM sys_group WHERE sys_group.groupid = ?', $data['new']['sys_groupid']);
fb3339 753         $client_id = intval($client['client_id']);
46c683 754         unset($client);
ac933e 755
46c683 756         // Remove old symlinks, if site is renamed
fb3339 757         if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
b1a6a5 758             $tmp_symlinks_array = explode(':', $web_config['website_symlinks']);
46c683 759             if(is_array($tmp_symlinks_array)) {
T 760                 foreach($tmp_symlinks_array as $tmp_symlink) {
b1a6a5 761                     $tmp_symlink = str_replace('[client_id]', $client_id, $tmp_symlink);
MC 762                     $tmp_symlink = str_replace('[website_domain]', $data['old']['domain'], $tmp_symlink);
46c683 763                     // Remove trailing slash
T 764                     if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1);
765                     // remove the symlinks, if not exist
766                     if(is_link($tmp_symlink)) {
fb3339 767                         exec('rm -f '.escapeshellcmd($tmp_symlink));
b1a6a5 768                         $app->log('Removed symlink: rm -f '.$tmp_symlink, LOGLEVEL_DEBUG);
46c683 769                     }
T 770                 }
771             }
772         }
ac933e 773
46c683 774         // Create the symlinks for the sites
b1a6a5 775         $tmp_symlinks_array = explode(':', $web_config['website_symlinks']);
46c683 776         if(is_array($tmp_symlinks_array)) {
T 777             foreach($tmp_symlinks_array as $tmp_symlink) {
b1a6a5 778                 $tmp_symlink = str_replace('[client_id]', $client_id, $tmp_symlink);
MC 779                 $tmp_symlink = str_replace('[website_domain]', $data['new']['domain'], $tmp_symlink);
46c683 780                 // Remove trailing slash
T 781                 if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1);
782                 //* Remove symlink if target folder has been changed.
fb3339 783                 if($data['old']['document_root'] != '' && $data['old']['document_root'] != $data['new']['document_root'] && is_link($tmp_symlink)) {
c77103 784                     $app->system->unlink($tmp_symlink);
46c683 785                 }
T 786                 // create the symlinks, if not exist
787                 if(!is_link($tmp_symlink)) {
b1a6a5 788                     //     exec("ln -s ".escapeshellcmd($data["new"]["document_root"])."/ ".escapeshellcmd($tmp_symlink));
552178 789                     if ($web_config["website_symlinks_rel"] == 'y') {
M 790                         $this->create_relative_link(escapeshellcmd($data["new"]["document_root"]), escapeshellcmd($tmp_symlink));
791                     } else {
792                         exec("ln -s ".escapeshellcmd($data["new"]["document_root"])."/ ".escapeshellcmd($tmp_symlink));
793                     }
794
b1a6a5 795                     $app->log('Creating symlink: ln -s '.$data['new']['document_root'].'/ '.$tmp_symlink, LOGLEVEL_DEBUG);
46c683 796                 }
T 797             }
798         }
ac933e 799
V 800
3e41e8 801
b1a6a5 802         // Install the Standard or Custom Error, Index and other related files
MC 803         // /usr/local/ispconfig/server/conf is for the standard files
804         // /usr/local/ispconfig/server/conf-custom is for the custom files
805         // setting a local var here
806
807         // normally $conf['templates'] = "/usr/local/ispconfig/server/conf";
511ba5 808         if($this->action == 'insert' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias')) {
b1a6a5 809
MC 810             // Copy the error pages
fb3339 811             if($data['new']['errordocs']) {
6fb93d 812                 $error_page_path = escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/error/';
b1a6a5 813                 if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2))) {
MC 814                     exec('cp ' . $conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path);
46c683 815                 }
T 816                 else {
4ffb51 817                     if (file_exists($conf['rootpath'] . '/conf-custom/error/400.html')) {
F 818                         exec('cp '. $conf['rootpath'] . '/conf-custom/error/*.html '.$error_page_path);
46c683 819                     }
T 820                     else {
b1a6a5 821                         exec('cp ' . $conf['rootpath'] . '/conf/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path);
46c683 822                     }
T 823                 }
fb3339 824                 exec('chmod -R a+r '.$error_page_path);
46c683 825             }
T 826
b1a6a5 827             if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2))) {
f0dfa9 828                 if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2).' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html');
b1a6a5 829
MC 830                 if(is_file($conf['rootpath'] . '/conf-custom/index/favicon.ico')) {
f0dfa9 831                     if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/favicon.ico')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/favicon.ico '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
b1a6a5 832                 }
MC 833                 if(is_file($conf['rootpath'] . '/conf-custom/index/robots.txt')) {
f0dfa9 834                     if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/robots.txt')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/robots.txt '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
b1a6a5 835                 }
MC 836                 if(is_file($conf['rootpath'] . '/conf-custom/index/.htaccess')) {
f0dfa9 837                     if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/.htaccess')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/.htaccess '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
b1a6a5 838                 }
f0dfa9 839             } else {
4ffb51 840                 if (file_exists($conf['rootpath'] . '/conf-custom/index/standard_index.html')) {
f0dfa9 841                     if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html')) exec('cp ' . $conf['rootpath'] . '/conf-custom/index/standard_index.html '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html');
MC 842                 } else {
843                     if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html')) exec('cp ' . $conf['rootpath'] . '/conf/index/standard_index.html_'.substr(escapeshellcmd($conf['language']), 0, 2).' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/index.html');
844                     if(is_file($conf['rootpath'] . '/conf/index/favicon.ico')){
845                         if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/favicon.ico')) exec('cp ' . $conf['rootpath'] . '/conf/index/favicon.ico '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
846                     }
847                     if(is_file($conf['rootpath'] . '/conf/index/robots.txt')){
848                         if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/robots.txt')) exec('cp ' . $conf['rootpath'] . '/conf/index/robots.txt '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
849                     }
850                     if(is_file($conf['rootpath'] . '/conf/index/.htaccess')){
851                         if(!file_exists(escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/.htaccess')) exec('cp ' . $conf['rootpath'] . '/conf/index/.htaccess '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
852                     }
46c683 853                 }
T 854             }
6fb93d 855             exec('chmod -R a+r '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/');
ac933e 856
V 857             //** Copy the error documents on update when the error document checkbox has been activated and was deactivated before
511ba5 858         } elseif ($this->action == 'update' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') && $data['old']['errordocs'] == 0 && $data['new']['errordocs'] == 1) {
b1a6a5 859
6fb93d 860             $error_page_path = escapeshellcmd($data['new']['document_root']).'/' . $web_folder . '/error/';
b1a6a5 861             if (file_exists($conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2))) {
MC 862                 exec('cp ' . $conf['rootpath'] . '/conf-custom/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path);
46c683 863             }
T 864             else {
4ffb51 865                 if (file_exists($conf['rootpath'] . '/conf-custom/error/400.html')) {
F 866                     exec('cp ' . $conf['rootpath'] . '/conf-custom/error/*.html '.$error_page_path);
46c683 867                 }
T 868                 else {
b1a6a5 869                     exec('cp ' . $conf['rootpath'] . '/conf/error/'.substr(escapeshellcmd($conf['language']), 0, 2).'/* '.$error_page_path);
46c683 870                 }
T 871             }
fb3339 872             exec('chmod -R a+r '.$error_page_path);
5d5d88 873             exec('chown -R '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.$error_page_path);
46c683 874         }  // end copy error docs
ac933e 875
511ba5 876         // Set the quota for the user, but only for vhosts, not vhostsubdomains or vhostalias
cc6568 877         if($username != '' && $app->system->is_user($username) && $data['new']['type'] == 'vhost') {
fb3339 878             if($data['new']['hd_quota'] > 0) {
J 879                 $blocks_soft = $data['new']['hd_quota'] * 1024;
ac933e 880                 $blocks_hard = $blocks_soft + 1024;
e14c6e 881                 $mb_hard = $mb_soft + 1;
ac933e 882             } else {
e14c6e 883                 $mb_soft = $mb_hard = $blocks_soft = $blocks_hard = 0;
ac933e 884             }
e14c6e 885             
D 886           // get the primitive folder for document_root and the filesystem, will need it later.
3dfce6 887           $df_output=explode(" ", exec("df -T $document_root|awk 'END{print \$2,\$NF}'"));
7de9c4 888           $file_system = $df_output[0];
TB 889           $primitive_root = $df_output[1];
e14c6e 890
e4393f 891           if ( in_array($file_system , array('ext2','ext3','ext4'), true) ) {
e14c6e 892             exec('setquota -u '. $username . ' ' . $blocks_soft . ' ' . $blocks_hard . ' 0 0 -a &> /dev/null');
D 893             exec('setquota -T -u '.$username.' 604800 604800 -a &> /dev/null');
894           } elseif ($file_system == 'xfs') {
895
896             exec("xfs_quota -x -c 'limit -g bsoft=$mb_soft" . 'm'. " bhard=$mb_hard" . 'm'. " $username' $primitive_root");
897
898             // xfs only supports timers globally, not per user.
899             exec("xfs_quota -x -c 'timer -bir -i 604800'");
900
901             unset($project_uid, $username_position, $xfs_projects);
902             unset($primitive_root, $df_output, $mb_hard, $mb_soft);
903           }
46c683 904         }
ac933e 905
1ca823 906         if($this->action == 'insert' || $data["new"]["system_user"] != $data["old"]["system_user"]) {
46c683 907             // Chown and chmod the directories below the document root
6fb93d 908             $this->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder);
8db8f3 909             // The document root itself has to be owned by root in normal level and by the web owner in security level 20
T 910             if($web_config['security_level'] == 20) {
6fb93d 911                 $this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder);
8db8f3 912             } else {
6fb93d 913                 $this->_exec('chown root:root '.escapeshellcmd($data['new']['document_root']).'/' . $web_folder);
8db8f3 914             }
46c683 915         }
b1a6a5 916
615a0a 917         //* add the Apache user to the client group if this is a vhost and security level is set to high, no matter if this is an insert or update and regardless of set_folder_permissions_on_update
T 918         if($data['new']['type'] == 'vhost' && $web_config['security_level'] == 20) $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));
ac933e 919
8db8f3 920         //* If the security level is set to high
8cf78b 921         if(($this->action == 'insert' && $data['new']['type'] == 'vhost') or ($web_config['set_folder_permissions_on_update'] == 'y' && $data['new']['type'] == 'vhost')) {
b1a6a5 922
MC 923             $app->system->web_folder_protection($data['new']['document_root'], false);
924
d87f76 925             //* Check if we have the new private folder and create it if nescessary
T 926             if(!is_dir($data['new']['document_root'].'/private')) $app->system->mkdir($data['new']['document_root'].'/private');
b1a6a5 927
edf806 928             if($web_config['security_level'] == 20) {
b1a6a5 929
MC 930                 $app->system->chmod($data['new']['document_root'], 0755);
7c37ed 931                 $app->system->chmod($data['new']['document_root'].'/web', 0711);
b1a6a5 932                 $app->system->chmod($data['new']['document_root'].'/webdav', 0710);
MC 933                 $app->system->chmod($data['new']['document_root'].'/private', 0710);
934                 $app->system->chmod($data['new']['document_root'].'/ssl', 0755);
ac933e 935
edf806 936                 // make tmp directory writable for Apache and the website users
5aedfd 937                 $app->system->chmod($data['new']['document_root'].'/tmp', 0770);
b1a6a5 938
cea1e5 939                 // Set Log directory to 755 to make the logs accessible by the FTP user
418b41 940                 if(realpath($data['new']['document_root'].'/'.$log_folder . '/error.log') == '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log') {
b1a6a5 941                     $app->system->chmod($data['new']['document_root'].'/'.$log_folder, 0755);
c77103 942                 }
b1a6a5 943
8cf78b 944                 if($web_config['add_web_users_to_sshusers_group'] == 'y') {
T 945                     $command = 'usermod';
946                     $command .= ' --groups sshusers';
526b99 947                     $command .= ' '.escapeshellcmd($data['new']['system_user']).' 2>/dev/null';
8cf78b 948                     $this->_exec($command);
T 949                 }
ac933e 950
edf806 951                 //* if we have a chrooted Apache environment
T 952                 if($apache_chrooted) {
953                     $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);
ac933e 954
edf806 955                     //* add the apache user to the client group in the chroot environment
T 956                     $tmp_groupfile = $app->system->server_conf['group_datei'];
957                     $app->system->server_conf['group_datei'] = $web_config['website_basedir'].'/etc/group';
958                     $app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));
959                     $app->system->server_conf['group_datei'] = $tmp_groupfile;
960                     unset($tmp_groupfile);
961                 }
b1a6a5 962
8cf78b 963                 //* Chown all default directories
b1a6a5 964                 $app->system->chown($data['new']['document_root'], 'root');
MC 965                 $app->system->chgrp($data['new']['document_root'], 'root');
966                 $app->system->chown($data['new']['document_root'].'/cgi-bin', $username);
967                 $app->system->chgrp($data['new']['document_root'].'/cgi-bin', $groupname);
418b41 968                 if(realpath($data['new']['document_root'].'/'.$log_folder . '/error.log') == '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log') {
b1a6a5 969                     $app->system->chown($data['new']['document_root'].'/'.$log_folder, 'root', false);
MC 970                     $app->system->chgrp($data['new']['document_root'].'/'.$log_folder, $groupname, false);
c77103 971                 }
b1a6a5 972                 $app->system->chown($data['new']['document_root'].'/ssl', 'root');
MC 973                 $app->system->chgrp($data['new']['document_root'].'/ssl', 'root');
974                 $app->system->chown($data['new']['document_root'].'/tmp', $username);
975                 $app->system->chgrp($data['new']['document_root'].'/tmp', $groupname);
976                 $app->system->chown($data['new']['document_root'].'/web', $username);
977                 $app->system->chgrp($data['new']['document_root'].'/web', $groupname);
978                 $app->system->chown($data['new']['document_root'].'/web/error', $username);
979                 $app->system->chgrp($data['new']['document_root'].'/web/error', $groupname);
980                 $app->system->chown($data['new']['document_root'].'/web/stats', $username);
981                 $app->system->chgrp($data['new']['document_root'].'/web/stats', $groupname);
982                 $app->system->chown($data['new']['document_root'].'/webdav', $username);
983                 $app->system->chgrp($data['new']['document_root'].'/webdav', $groupname);
984                 $app->system->chown($data['new']['document_root'].'/private', $username);
985                 $app->system->chgrp($data['new']['document_root'].'/private', $groupname);
ac933e 986
edf806 987                 // If the security Level is set to medium
T 988             } else {
989
b1a6a5 990                 $app->system->chmod($data['new']['document_root'], 0755);
MC 991                 $app->system->chmod($data['new']['document_root'].'/web', 0755);
992                 $app->system->chmod($data['new']['document_root'].'/webdav', 0755);
993                 $app->system->chmod($data['new']['document_root'].'/ssl', 0755);
994                 $app->system->chmod($data['new']['document_root'].'/cgi-bin', 0755);
995
edf806 996                 // make temp directory writable for Apache and the website users
5aedfd 997                 $app->system->chmod($data['new']['document_root'].'/tmp', 0770);
b1a6a5 998
6fb93d 999                 // Set Log directory to 755 to make the logs accessible by the FTP user
418b41 1000                 if(realpath($data['new']['document_root'].'/'.$log_folder . '/error.log') == '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log') {
b1a6a5 1001                     $app->system->chmod($data['new']['document_root'].'/'.$log_folder, 0755);
6fb93d 1002                 }
b1a6a5 1003
MC 1004                 $app->system->chown($data['new']['document_root'], 'root');
1005                 $app->system->chgrp($data['new']['document_root'], 'root');
1006                 $app->system->chown($data['new']['document_root'].'/cgi-bin', $username);
1007                 $app->system->chgrp($data['new']['document_root'].'/cgi-bin', $groupname);
418b41 1008                 if(realpath($data['new']['document_root'].'/'.$log_folder . '/error.log') == '/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log') {
b1a6a5 1009                     $app->system->chown($data['new']['document_root'].'/'.$log_folder, 'root', false);
MC 1010                     $app->system->chgrp($data['new']['document_root'].'/'.$log_folder, $groupname, false);
c77103 1011                 }
b1a6a5 1012
MC 1013                 $app->system->chown($data['new']['document_root'].'/ssl', 'root');
1014                 $app->system->chgrp($data['new']['document_root'].'/ssl', 'root');
1015                 $app->system->chown($data['new']['document_root'].'/tmp', $username);
1016                 $app->system->chgrp($data['new']['document_root'].'/tmp', $groupname);
1017                 $app->system->chown($data['new']['document_root'].'/web', $username);
1018                 $app->system->chgrp($data['new']['document_root'].'/web', $groupname);
1019                 $app->system->chown($data['new']['document_root'].'/web/error', $username);
1020                 $app->system->chgrp($data['new']['document_root'].'/web/error', $groupname);
1021                 $app->system->chown($data['new']['document_root'].'/web/stats', $username);
1022                 $app->system->chgrp($data['new']['document_root'].'/web/stats', $groupname);
1023                 $app->system->chown($data['new']['document_root'].'/webdav', $username);
1024                 $app->system->chgrp($data['new']['document_root'].'/webdav', $groupname);
8db8f3 1025             }
511ba5 1026         } elseif((($data['new']['type'] == 'vhostsubdomain') || ($data['new']['type'] == 'vhostalias')) &&
DM 1027                  (($this->action == 'insert') || ($web_config['set_folder_permissions_on_update'] == 'y'))) {
1028
6fb93d 1029             if($web_config['security_level'] == 20) {
b1a6a5 1030                 $app->system->chmod($data['new']['document_root'].'/' . $web_folder, 0710);
MC 1031                 $app->system->chown($data['new']['document_root'].'/' . $web_folder, $username);
1032                 $app->system->chgrp($data['new']['document_root'].'/' . $web_folder, $groupname);
1033                 $app->system->chown($data['new']['document_root'].'/' . $web_folder . '/error', $username);
1034                 $app->system->chgrp($data['new']['document_root'].'/' . $web_folder . '/error', $groupname);
1035                 $app->system->chown($data['new']['document_root'].'/' . $web_folder . '/stats', $username);
1036                 $app->system->chgrp($data['new']['document_root'].'/' . $web_folder . '/stats', $groupname);
1037             } else {
1038                 $app->system->chmod($data['new']['document_root'].'/' . $web_folder, 0755);
1039                 $app->system->chown($data['new']['document_root'].'/' . $web_folder, $username);
1040                 $app->system->chgrp($data['new']['document_root'].'/' . $web_folder, $groupname);
1041                 $app->system->chown($data['new']['document_root'].'/' . $web_folder . '/error', $username);
1042                 $app->system->chgrp($data['new']['document_root'].'/' . $web_folder . '/error', $groupname);
1043                 $app->system->chown($data['new']['document_root'].'/' . $web_folder . '/stats', $username);
1044                 $app->system->chgrp($data['new']['document_root'].'/' . $web_folder . '/stats', $groupname);
1045             }
1046         }
1047
4b9329 1048         //* Protect web folders
b1a6a5 1049         $app->system->web_folder_protection($data['new']['document_root'], true);
ac933e 1050
6fb93d 1051         if($data['new']['type'] == 'vhost') {
b1a6a5 1052             // Change the ownership of the error log to the root user
MC 1053             if(!@is_file('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log')) exec('touch '.escapeshellcmd('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log'));
1054             $app->system->chown('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log', 'root');
1055             $app->system->chgrp('/var/log/ispconfig/httpd/'.$data['new']['domain'].'/error.log', 'root');
1056         }
ac933e 1057
26c0fc 1058         //* Write the custom php.ini file, if custom_php_ini fieled is not empty
fb3339 1059         $custom_php_ini_dir = $web_config['website_basedir'].'/conf/'.$data['new']['system_user'];
511ba5 1060         if($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') $custom_php_ini_dir .= '_' . $web_folder;
c77103 1061         if(!is_dir($web_config['website_basedir'].'/conf')) $app->system->mkdir($web_config['website_basedir'].'/conf');
b1a6a5 1062
26c0fc 1063         //* add open_basedir restriction to custom php.ini content, required for suphp only
b1a6a5 1064         if(!stristr($data['new']['custom_php_ini'], 'open_basedir') && $data['new']['php'] == 'suphp') {
26c0fc 1065             $data['new']['custom_php_ini'] .= "\nopen_basedir = '".$data['new']['php_open_basedir']."'\n";
T 1066         }
b1a6a5 1067
cc6568 1068         $fastcgi_config = $app->getconf->get_server_config($conf['server_id'], 'fastcgi');
b1a6a5 1069
cc6568 1070         if(trim($data['new']['fastcgi_php_version']) != ''){
H 1071             list($custom_fastcgi_php_name, $custom_fastcgi_php_executable, $custom_fastcgi_php_ini_dir) = explode(':', trim($data['new']['fastcgi_php_version']));
1072             if(is_file($custom_fastcgi_php_ini_dir)) $custom_fastcgi_php_ini_dir = dirname($custom_fastcgi_php_ini_dir);
b1a6a5 1073             if(substr($custom_fastcgi_php_ini_dir, -1) == '/') $custom_fastcgi_php_ini_dir = substr($custom_fastcgi_php_ini_dir, 0, -1);
cc6568 1074         }
H 1075
26c0fc 1076         //* Create custom php.ini
fb3339 1077         if(trim($data['new']['custom_php_ini']) != '') {
7fddfe 1078             $has_custom_php_ini = true;
3f478f 1079             if(!is_dir($custom_php_ini_dir)) $app->system->mkdirpath($custom_php_ini_dir);
93292a 1080             
MB 1081             $php_ini_content = $this->get_master_php_ini_content($data['new']);
b1a6a5 1082             $php_ini_content .= str_replace("\r", '', trim($data['new']['custom_php_ini']));
b41803 1083             
MC 1084             if(intval($data['new']['directive_snippets_id']) > 0){
d22277 1085                 $snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'apache' AND active = 'y' AND customer_viewable = 'y'", intval($data['new']['directive_snippets_id']));
b41803 1086                 if(isset($snippet['required_php_snippets']) && trim($snippet['required_php_snippets']) != ''){
MC 1087                     $required_php_snippets = explode(',', trim($snippet['required_php_snippets']));
1088                     if(is_array($required_php_snippets) && !empty($required_php_snippets)){
1089                         foreach($required_php_snippets as $required_php_snippet){
1090                             $required_php_snippet = intval($required_php_snippet);
1091                             if($required_php_snippet > 0){
1092                                 $php_snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'php' AND active = 'y'", $required_php_snippet);
1093                                 $php_snippet['snippet'] = trim($php_snippet['snippet']);
1094                                 if($php_snippet['snippet'] != ''){
1095                                     $php_ini_content .= "\n".$php_snippet['snippet'];
1096                                 }
1097                             }
1098                         }
34c940 1099
MB 1100                         foreach($sub_prefixes as $s) {
1101                             $temp_domains[] = $s . $aliasdomain['domain'];
1102                         }
b41803 1103                     }
MC 1104                 }
1105             }
1106         
b1a6a5 1107             $app->system->file_put_contents($custom_php_ini_dir.'/php.ini', $php_ini_content);
7fddfe 1108         } else {
T 1109             $has_custom_php_ini = false;
c77103 1110             if(is_file($custom_php_ini_dir.'/php.ini')) $app->system->unlink($custom_php_ini_dir.'/php.ini');
7fddfe 1111         }
T 1112
1113
1114         //* Create the vhost config file
46c683 1115         $app->load('tpl');
ac933e 1116
46c683 1117         $tpl = new tpl();
fb3339 1118         $tpl->newTemplate('vhost.conf.master');
ac933e 1119
fb3339 1120         $vhost_data = $data['new'];
a7bdf8 1121         //unset($vhost_data['ip_address']);
6fb93d 1122         $vhost_data['web_document_root'] = $data['new']['document_root'].'/' . $web_folder;
M 1123         $vhost_data['web_document_root_www'] = $web_config['website_basedir'].'/'.$data['new']['domain'].'/' . $web_folder;
fb3339 1124         $vhost_data['web_basedir'] = $web_config['website_basedir'];
J 1125         $vhost_data['security_level'] = $web_config['security_level'];
1126         $vhost_data['allow_override'] = ($data['new']['allow_override'] == '')?'All':$data['new']['allow_override'];
1127         $vhost_data['php_open_basedir'] = ($data['new']['php_open_basedir'] == '')?$data['new']['document_root']:$data['new']['php_open_basedir'];
1128         $vhost_data['ssl_domain'] = $data['new']['ssl_domain'];
1129         $vhost_data['has_custom_php_ini'] = $has_custom_php_ini;
1130         $vhost_data['custom_php_ini_dir'] = escapeshellcmd($custom_php_ini_dir);
b1a6a5 1131
02bf99 1132         // Custom Apache directives
1fa8f4 1133         if(intval($data['new']['directive_snippets_id']) > 0){
2af58c 1134             $snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'apache' AND active = 'y' AND customer_viewable = 'y'", $data['new']['directive_snippets_id']);
1fa8f4 1135             if(isset($snippet['snippet'])){
FT 1136                 $vhost_data['apache_directives'] = $snippet['snippet'];
1137             }
1138         }
02bf99 1139         // Make sure we only have Unix linebreaks
T 1140         $vhost_data['apache_directives'] = str_replace("\r\n", "\n", $vhost_data['apache_directives']);
1141         $vhost_data['apache_directives'] = str_replace("\r", "\n", $vhost_data['apache_directives']);
6b15d5 1142         $trans = array(
MB 1143             '{DOCROOT}' => $vhost_data['web_document_root_www'],
1144             '{DOCROOT_CLIENT}' => $vhost_data['web_document_root']
1145         );
018955 1146         $vhost_data['apache_directives'] = strtr($vhost_data['apache_directives'], $trans);
ac933e 1147
46c683 1148         // Check if a SSL cert exists
fb3339 1149         $ssl_dir = $data['new']['document_root'].'/ssl';
J 1150         $domain = $data['new']['ssl_domain'];
394f3e 1151         if(!$domain) $domain = $data['new']['domain'];
fb3339 1152         $key_file = $ssl_dir.'/'.$domain.'.key';
J 1153         $crt_file = $ssl_dir.'/'.$domain.'.crt';
1154         $bundle_file = $ssl_dir.'/'.$domain.'.bundle';
ac933e 1155
a7bdf8 1156         /*
1a2310 1157         if($domain!='' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0)  && (@filesize($key_file)>0)) {
fb3339 1158             $vhost_data['ssl_enabled'] = 1;
J 1159             $app->log('Enable SSL for: '.$domain,LOGLEVEL_DEBUG);
46c683 1160         } else {
fb3339 1161             $vhost_data['ssl_enabled'] = 0;
1a2310 1162             $app->log('SSL Disabled. '.$domain,LOGLEVEL_DEBUG);
46c683 1163         }
a7bdf8 1164         */
ac933e 1165
50306f 1166         if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y') {
46230b 1167             if(substr($domain, 0, 2) === '*.') {
MC 1168                 // wildcard domain not yet supported by letsencrypt!
1169                 $app->log('Wildcard domains not yet supported by letsencrypt, so changing ' . $domain . ' to ' . substr($domain, 2), LOGLEVEL_WARN);
1170                 $domain = substr($domain, 2);
1171             }
1172             
018c55 1173             $data['new']['ssl_domain'] = $domain;
MC 1174             $vhost_data['ssl_domain'] = $domain;
50306f 1175         }
018c55 1176
50306f 1177         //* Generate Let's Encrypt SSL certificat
MB 1178         if($data['new']['ssl'] == 'y' && $data['new']['ssl_letsencrypt'] == 'y' && ( // ssl and let's encrypt is active
1179             ($data['old']['ssl'] == 'n' || $data['old']['ssl_letsencrypt'] == 'n') // we have new let's encrypt configuration
1180             || ($data['old']['domain'] != $data['new']['domain']) // we have domain update
1181             || ($data['old']['subdomain'] != $data['new']['subdomain']) // we have new or update on "auto" subdomain
496602 1182             || $this->update_letsencrypt == true
50306f 1183         )) {
a20ec4 1184             // default values
MB 1185             $temp_domains = array();
1186             $lddomain = $domain;
1187             $subdomains = null;
1ba089 1188             $aliasdomains = null;
34c940 1189             $sub_prefixes = array();
a20ec4 1190
018c55 1191             //* be sure to have good domain
MC 1192             if($data['new']['subdomain'] == "www" OR $data['new']['subdomain'] == "*") {
a20ec4 1193                 $temp_domains[] = "www." . $domain;
018c55 1194             }
MC 1195
a20ec4 1196             //* then, add subdomain if we have
MB 1197             $subdomains = $app->db->queryAllRecords('SELECT domain FROM web_domain WHERE parent_domain_id = '.intval($data['new']['domain_id'])." AND active = 'y' AND type = 'subdomain'");
1198             if(is_array($subdomains)) {
1199                 foreach($subdomains as $subdomain) {
1200                     $temp_domains[] = $subdomain['domain'];
34c940 1201                     $sub_prefixes[] = str_replace($domain, "", $subdomain['domain']);
a20ec4 1202                 }
MB 1203             }
1ba089 1204             
MB 1205             //* then, add alias domain if we have
1206             $aliasdomains = $app->db->queryAllRecords('SELECT domain,subdomain FROM web_domain WHERE parent_domain_id = '.intval($data['new']['domain_id'])." AND active = 'y' AND type = 'alias'");
1207             if(is_array($aliasdomains)) {
1208                 foreach($aliasdomains as $aliasdomain) {
1209                     $temp_domains[] = $aliasdomain['domain'];
8c93e1 1210                     if(isset($aliasdomain['subdomain']) && ($aliasdomain['subdomain'] != "none")) {
M 1211                         $temp_domains[] = "www." . $aliasdomain['domain'];
1ba089 1212                     }
MB 1213                 }
1214             }
018c55 1215
a20ec4 1216             // prevent duplicate
MB 1217             $temp_domains = array_unique($temp_domains);
018c55 1218
a20ec4 1219             // generate cli format
MB 1220             foreach($temp_domains as $temp_domain) {
1221                 $lddomain .= (string) " --domains " . $temp_domain;
1222             }
018c55 1223
a20ec4 1224             // useless data
MB 1225             unset($subdomains);
1226             unset($temp_domains);
018c55 1227
a20ec4 1228             $crt_tmp_file = "/etc/letsencrypt/live/".$domain."/cert.pem";
MB 1229             $key_tmp_file = "/etc/letsencrypt/live/".$domain."/privkey.pem";
1230             $bundle_tmp_file = "/etc/letsencrypt/live/".$domain."/chain.pem";
1231             $webroot = $data['new']['document_root']."/web";
018c55 1232
a20ec4 1233             //* check if we have already a Let's Encrypt cert
a49635 1234             //if(!file_exists($crt_tmp_file) && !file_exists($key_tmp_file)) {
MB 1235                 // we must not skip if cert exists, otherwise changed domains (alias or sub) won't make it to the cert
a20ec4 1236                 $app->log("Create Let's Encrypt SSL Cert for: $domain", LOGLEVEL_DEBUG);
551d9a 1237                 
MB 1238                 $success = false;
312ab0 1239                 $letsencrypt = explode("\n", shell_exec('which letsencrypt certbot /root/.local/share/letsencrypt/bin/letsencrypt'));
MB 1240                 $letsencrypt = reset($letsencrypt);
190275 1241                 if(is_executable($letsencrypt)) {
cae251 1242                     $success = $this->_exec($letsencrypt . " certonly -n --text --agree-tos --expand --authenticator webroot --server https://acme-v01.api.letsencrypt.org/directory --rsa-key-size 4096 --email postmaster@$domain --domains $lddomain --webroot-path /usr/local/ispconfig/interface/acme");
018c55 1243                 }
551d9a 1244                 if(!$success) {
MB 1245                     // error issuing cert
1246                     $app->log('Let\'s Encrypt SSL Cert for: ' . $domain . ' could not be issued.', LOGLEVEL_WARN);
1247                     $data['new']['ssl_letsencrypt'] = 'n';
1248                     if($data['old']['ssl'] == 'n') $data['new']['ssl'] = 'n';
1249                     /* Update the DB of the (local) Server */
1250                     $app->db->query("UPDATE web_domain SET `ssl` = ?, `ssl_letsencrypt` = ? WHERE `domain` = ?", $data['new']['ssl'], 'n', $data['new']['domain']);
1251                     /* Update also the master-DB of the Server-Farm */
1252                     $app->dbmaster->query("UPDATE web_domain SET `ssl` = ?, `ssl_letsencrypt` = ? WHERE `domain` = ?", $data['new']['ssl'], 'n', $data['new']['domain']);
1253                 }
a49635 1254             //}
018c55 1255
a20ec4 1256             //* check is been correctly created
MB 1257             if(file_exists($crt_tmp_file) OR file_exists($key_tmp_file)) {
1258                 $date = date("YmdHis");
1259                 if(is_file($key_file)) {
1260                     $app->system->copy($key_file, $key_file.'.old'.$date);
1261                     $app->system->chmod($key_file.'.old.'.$date, 0400);
1262                     $app->system->unlink($key_file);
1263                 }
1264
1265                 if ($web_config["website_symlinks_rel"] == 'y') {
1266                     $this->create_relative_link(escapeshellcmd($key_tmp_file), escapeshellcmd($key_file));
1267                 } else {
1268                     exec("ln -s ".escapeshellcmd($key_tmp_file)." ".escapeshellcmd($key_file));
1269                 }
1270
1271                 if(is_file($crt_file)) {
1272                     $app->system->copy($crt_file, $crt_file.'.old.'.$date);
1273                     $app->system->chmod($crt_file.'.old.'.$date, 0400);
1274                     $app->system->unlink($crt_file);
1275                 }
1276
1277                 if($web_config["website_symlinks_rel"] == 'y') {
1278                     $this->create_relative_link(escapeshellcmd($crt_tmp_file), escapeshellcmd($crt_file));
1279                 } else {
1280                     exec("ln -s ".escapeshellcmd($crt_tmp_file)." ".escapeshellcmd($crt_file));
1281                 }
1282
1283                 if(is_file($bundle_file)) {
1284                     $app->system->copy($bundle_file, $bundle_file.'.old.'.$date);
1285                     $app->system->chmod($bundle_file.'.old.'.$date, 0400);
1286                     $app->system->unlink($bundle_file);
1287                 }
1288
1289                 if($web_config["website_symlinks_rel"] == 'y') {
1290                     $this->create_relative_link(escapeshellcmd($bundle_tmp_file), escapeshellcmd($bundle_file));
1291                 } else {
1292                     exec("ln -s ".escapeshellcmd($bundle_tmp_file)." ".escapeshellcmd($bundle_file));
1293                 }
1294
1295                 /* we don't need to store it.
1296                 /* Update the DB of the (local) Server */
551d9a 1297                 $app->db->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '', ssl_key = '' WHERE domain = ?", $data['new']['domain']);
MB 1298                 $app->db->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
a20ec4 1299                 /* Update also the master-DB of the Server-Farm */
551d9a 1300                 $app->dbmaster->query("UPDATE web_domain SET ssl_request = '', ssl_cert = '', ssl_key = '' WHERE domain = ?", $data['new']['domain']);
MB 1301                 $app->dbmaster->query("UPDATE web_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
a20ec4 1302             }
MB 1303         }
1304
46c683 1305         if(@is_file($bundle_file)) $vhost_data['has_bundle_cert'] = 1;
ac933e 1306
6fb93d 1307         //$vhost_data['document_root'] = $data['new']['document_root'].'/' . $web_folder;
b1a6a5 1308
e64fbb 1309         // Set SEO Redirect
bfcdef 1310         if($data['new']['seo_redirect'] != ''){
e64fbb 1311             $vhost_data['seo_redirect_enabled'] = 1;
bfcdef 1312             $tmp_seo_redirects = $this->get_seo_redirects($data['new']);
T 1313             if(is_array($tmp_seo_redirects) && !empty($tmp_seo_redirects)){
1314                 foreach($tmp_seo_redirects as $key => $val){
1315                     $vhost_data[$key] = $val;
1316                 }
1317             } else {
1318                 $vhost_data['seo_redirect_enabled'] = 0;
e64fbb 1319             }
F 1320         } else {
1321             $vhost_data['seo_redirect_enabled'] = 0;
1322         }
b1a6a5 1323
46c683 1324         $tpl->setVar($vhost_data);
8133de 1325         $tpl->setVar('apache_version', $app->system->getapacheversion());
ac933e 1326
46c683 1327         // Rewrite rules
T 1328         $rewrite_rules = array();
a639ee 1329         $rewrite_wildcard_rules = array();
02bf99 1330         if($data['new']['redirect_type'] != '' && $data['new']['redirect_path'] != '') {
b1a6a5 1331             if(substr($data['new']['redirect_path'], -1) != '/' && !preg_match('/^(https?|\[scheme\]):\/\//', $data['new']['redirect_path'])) $data['new']['redirect_path'] .= '/';
MC 1332             if(substr($data['new']['redirect_path'], 0, 8) == '[scheme]'){
1333                 $rewrite_target = 'http'.substr($data['new']['redirect_path'], 8);
1334                 $rewrite_target_ssl = 'https'.substr($data['new']['redirect_path'], 8);
45ee67 1335             } else {
F 1336                 $rewrite_target = $data['new']['redirect_path'];
1337                 $rewrite_target_ssl = $data['new']['redirect_path'];
1338             }
bc2c3e 1339             /* Disabled path extension
fb3339 1340             if($data['new']['redirect_type'] == 'no' && substr($data['new']['redirect_path'],0,4) != 'http') {
J 1341                 $data['new']['redirect_path'] = $data['new']['document_root'].'/web'.realpath($data['new']['redirect_path']).'/';
8388ae 1342             }
bc2c3e 1343             */
ac933e 1344
fb3339 1345             switch($data['new']['subdomain']) {
b1a6a5 1346             case 'www':
MC 1347                 $rewrite_rules[] = array( 'rewrite_domain'  => '^'.$this->_rewrite_quote($data['new']['domain']),
1348                     'rewrite_type'   => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
1349                     'rewrite_target'  => $rewrite_target,
1350                     'rewrite_target_ssl' => $rewrite_target_ssl,
1351                     'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
1352                     'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
1353                 $rewrite_rules[] = array( 'rewrite_domain'  => '^' . $this->_rewrite_quote('www.'.$data['new']['domain']),
1354                     'rewrite_type'   => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
1355                     'rewrite_target'  => $rewrite_target,
1356                     'rewrite_target_ssl' => $rewrite_target_ssl,
1357                     'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
1358                     'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
1359                 break;
1360             case '*':
a639ee 1361                 $rewrite_wildcard_rules[] = array( 'rewrite_domain'  => '(^|\.)'.$this->_rewrite_quote($data['new']['domain']),
b1a6a5 1362                     'rewrite_type'   => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
MC 1363                     'rewrite_target'  => $rewrite_target,
1364                     'rewrite_target_ssl' => $rewrite_target_ssl,
1365                     'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
1366                     'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
1367                 break;
1368             default:
1369                 $rewrite_rules[] = array( 'rewrite_domain'  => '^'.$this->_rewrite_quote($data['new']['domain']),
1370                     'rewrite_type'   => ($data['new']['redirect_type'] == 'no')?'':'['.$data['new']['redirect_type'].']',
1371                     'rewrite_target'  => $rewrite_target,
1372                     'rewrite_target_ssl' => $rewrite_target_ssl,
1373                     'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
1374                     'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
ac933e 1375             }
46c683 1376         }
b1a6a5 1377
3501f9 1378         $server_alias = array();
b1a6a5 1379
3501f9 1380         // get autoalias
M 1381         $auto_alias = $web_config['website_autoalias'];
1382         if($auto_alias != '') {
1383             // get the client username
2af58c 1384             $client = $app->db->queryOneRecord("SELECT `username` FROM `client` WHERE `client_id` = ?", $client_id);
3501f9 1385             $aa_search = array('[client_id]', '[website_id]', '[client_username]', '[website_domain]');
M 1386             $aa_replace = array($client_id, $data['new']['domain_id'], $client['username'], $data['new']['domain']);
1387             $auto_alias = str_replace($aa_search, $aa_replace, $auto_alias);
1388             unset($client);
1389             unset($aa_search);
1390             unset($aa_replace);
cece69 1391             $server_alias[] .= $auto_alias.' ';
3501f9 1392         }
b1a6a5 1393
46c683 1394         // get alias domains (co-domains and subdomains)
2af58c 1395         $aliases = $app->db->queryAllRecords("SELECT * FROM web_domain WHERE parent_domain_id = ? AND active = 'y' AND (type != 'vhostsubdomain' AND type != 'vhostalias')", $data['new']['domain_id']);
bfcdef 1396         $alias_seo_redirects = array();
fb3339 1397         switch($data['new']['subdomain']) {
b1a6a5 1398         case 'www':
MC 1399             $server_alias[] .= 'www.'.$data['new']['domain'].' ';
1400             break;
1401         case '*':
1402             $server_alias[] .= '*.'.$data['new']['domain'].' ';
1403             break;
ac933e 1404         }
46c683 1405         if(is_array($aliases)) {
T 1406             foreach($aliases as $alias) {
fb3339 1407                 switch($alias['subdomain']) {
b1a6a5 1408                 case 'www':
MC 1409                     $server_alias[] .= 'www.'.$alias['domain'].' '.$alias['domain'].' ';
1410                     break;
1411                 case '*':
1412                     $server_alias[] .= '*.'.$alias['domain'].' '.$alias['domain'].' ';
1413                     break;
1414                 default:
1415                     $server_alias[] .= $alias['domain'].' ';
1416                     break;
ac933e 1417                 }
b1a6a5 1418                 $app->log('Add server alias: '.$alias['domain'], LOGLEVEL_DEBUG);
MC 1419
bfcdef 1420                 // Add SEO redirects for alias domains
T 1421                 if($alias['seo_redirect'] != '' && $data['new']['seo_redirect'] != '*_to_www_domain_tld' && $data['new']['seo_redirect'] != '*_to_domain_tld' && ($alias['type'] == 'alias' || ($alias['type'] == 'subdomain' && $data['new']['seo_redirect'] != '*_domain_tld_to_www_domain_tld' && $data['new']['seo_redirect'] != '*_domain_tld_to_domain_tld'))){
1422                     $tmp_seo_redirects = $this->get_seo_redirects($alias, 'alias_');
1423                     if(is_array($tmp_seo_redirects) && !empty($tmp_seo_redirects)){
1424                         $alias_seo_redirects[] = $tmp_seo_redirects;
1425                     }
1426                 }
b1a6a5 1427
46c683 1428                 // Rewriting
02bf99 1429                 if($alias['redirect_type'] != '' && $alias['redirect_path'] != '') {
b1a6a5 1430                     if(substr($alias['redirect_path'], -1) != '/' && !preg_match('/^(https?|\[scheme\]):\/\//', $alias['redirect_path'])) $alias['redirect_path'] .= '/';
MC 1431                     if(substr($alias['redirect_path'], 0, 8) == '[scheme]'){
1432                         $rewrite_target = 'http'.substr($alias['redirect_path'], 8);
1433                         $rewrite_target_ssl = 'https'.substr($alias['redirect_path'], 8);
e64fbb 1434                     } else {
F 1435                         $rewrite_target = $alias['redirect_path'];
1436                         $rewrite_target_ssl = $alias['redirect_path'];
1437                     }
bc2c3e 1438                     /* Disabled the path extension
fb3339 1439                     if($data['new']['redirect_type'] == 'no' && substr($data['new']['redirect_path'],0,4) != 'http') {
J 1440                         $data['new']['redirect_path'] = $data['new']['document_root'].'/web'.realpath($data['new']['redirect_path']).'/';
8388ae 1441                     }
bc2c3e 1442                     */
b1a6a5 1443
fb3339 1444                     switch($alias['subdomain']) {
b1a6a5 1445                     case 'www':
MC 1446                         $rewrite_rules[] = array( 'rewrite_domain'  => '^'.$this->_rewrite_quote($alias['domain']),
1447                             'rewrite_type'   => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
1448                             'rewrite_target'  => $rewrite_target,
1449                             'rewrite_target_ssl' => $rewrite_target_ssl,
1450                             'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
1451                             'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
1452                         $rewrite_rules[] = array( 'rewrite_domain'  => '^' . $this->_rewrite_quote('www.'.$alias['domain']),
1453                             'rewrite_type'   => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
1454                             'rewrite_target'  => $rewrite_target,
1455                             'rewrite_target_ssl' => $rewrite_target_ssl,
1456                             'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
1457                             'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
1458                         break;
1459                     case '*':
a639ee 1460                         $rewrite_wildcard_rules[] = array( 'rewrite_domain'  => '(^|\.)'.$this->_rewrite_quote($alias['domain']),
b1a6a5 1461                             'rewrite_type'   => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
MC 1462                             'rewrite_target'  => $rewrite_target,
1463                             'rewrite_target_ssl' => $rewrite_target_ssl,
1464                             'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
1465                             'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
1466                         break;
1467                     default:
1468                         if(substr($alias['domain'], 0, 2) === '*.') $domain_rule = '(^|\.)'.$this->_rewrite_quote(substr($alias['domain'], 2));
1469                         else $domain_rule = '^'.$this->_rewrite_quote($alias['domain']);
1470                         $rewrite_rules[] = array( 'rewrite_domain'  => $domain_rule,
1471                             'rewrite_type'   => ($alias['redirect_type'] == 'no')?'':'['.$alias['redirect_type'].']',
1472                             'rewrite_target'  => $rewrite_target,
1473                             'rewrite_target_ssl' => $rewrite_target_ssl,
1474                             'rewrite_is_url'    => ($this->_is_url($rewrite_target) ? 'y' : 'n'),
1475                             'rewrite_add_path' => (substr($rewrite_target, -1) == '/' ? 'y' : 'n'));
ac933e 1476                     }
46c683 1477                 }
T 1478             }
1479         }
ac933e 1480
47cca9 1481         //* If we have some alias records
T 1482         if(count($server_alias) > 0) {
1483             $server_alias_str = '';
1484             $n = 0;
ac933e 1485
47cca9 1486             // begin a new ServerAlias line after 30 alias domains
T 1487             foreach($server_alias as $tmp_alias) {
1488                 if($n % 30 == 0) $server_alias_str .= "\n    ServerAlias ";
1489                 $server_alias_str .= $tmp_alias;
1490             }
1491             unset($tmp_alias);
ac933e 1492
b1a6a5 1493             $tpl->setVar('alias', trim($server_alias_str));
47cca9 1494         } else {
b1a6a5 1495             $tpl->setVar('alias', '');
47cca9 1496         }
a639ee 1497         
D 1498         if (count($rewrite_wildcard_rules) > 0) $rewrite_rules = array_merge($rewrite_rules, $rewrite_wildcard_rules); // Append wildcard rules to the end of rules
ac933e 1499
3ad844 1500         if(count($rewrite_rules) > 0 || $vhost_data['seo_redirect_enabled'] > 0 || count($alias_seo_redirects) > 0 || $data['new']['rewrite_to_https'] == 'y') {
b1a6a5 1501             $tpl->setVar('rewrite_enabled', 1);
46c683 1502         } else {
b1a6a5 1503             $tpl->setVar('rewrite_enabled', 0);
bfcdef 1504         }
8ab3cd 1505
T 1506         //$tpl->setLoop('redirects',$rewrite_rules);
ac933e 1507
V 1508         /**
1509          * install fast-cgi starter script and add script aliasd config
46c683 1510          * first we create the script directory if not already created, then copy over the starter script
T 1511          * settings are copied over from the server ini config for now
1512          * TODO: Create form for fastcgi configs per site.
1513          */
ac933e 1514
b1a6a5 1515
fb3339 1516         if ($data['new']['php'] == 'fast-cgi') {
ac933e 1517
b1a6a5 1518             $fastcgi_starter_path = str_replace('[system_user]', $data['new']['system_user'], $fastcgi_config['fastcgi_starter_path']);
MC 1519             $fastcgi_starter_path = str_replace('[client_id]', $client_id, $fastcgi_starter_path);
ac933e 1520
V 1521             if (!is_dir($fastcgi_starter_path)) {
c77103 1522                 $app->system->mkdirpath($fastcgi_starter_path);
fb3339 1523                 //exec('chown '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.escapeshellcmd($fastcgi_starter_path));
ac933e 1524
V 1525
b1a6a5 1526                 $app->log('Creating fastcgi starter script directory: '.$fastcgi_starter_path, LOGLEVEL_DEBUG);
46c683 1527             }
ac933e 1528
c77103 1529             //exec('chown -R '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.escapeshellcmd($fastcgi_starter_path));
b1a6a5 1530             $app->system->chown($fastcgi_starter_path, $data['new']['system_user']);
MC 1531             $app->system->chgrp($fastcgi_starter_path, $data['new']['system_group']);
1532
46c683 1533             $fcgi_tpl = new tpl();
fb3339 1534             $fcgi_tpl->newTemplate('php-fcgi-starter.master');
8133de 1535             $fcgi_tpl->setVar('apache_version', $app->system->getapacheversion());
b1a6a5 1536
62b385 1537             // Support for multiple PHP versions (FastCGI)
F 1538             if(trim($data['new']['fastcgi_php_version']) != ''){
1539                 $default_fastcgi_php = false;
b1a6a5 1540                 if(substr($custom_fastcgi_php_ini_dir, -1) != '/') $custom_fastcgi_php_ini_dir .= '/';
62b385 1541             } else {
F 1542                 $default_fastcgi_php = true;
1543             }
b1a6a5 1544
7fddfe 1545             if($has_custom_php_ini) {
b1a6a5 1546                 $fcgi_tpl->setVar('php_ini_path', escapeshellcmd($custom_php_ini_dir));
7fddfe 1547             } else {
62b385 1548                 if($default_fastcgi_php){
b1a6a5 1549                     $fcgi_tpl->setVar('php_ini_path', escapeshellcmd($fastcgi_config['fastcgi_phpini_path']));
62b385 1550                 } else {
b1a6a5 1551                     $fcgi_tpl->setVar('php_ini_path', escapeshellcmd($custom_fastcgi_php_ini_dir));
62b385 1552                 }
7fddfe 1553             }
b1a6a5 1554             $fcgi_tpl->setVar('document_root', escapeshellcmd($data['new']['document_root']));
MC 1555             $fcgi_tpl->setVar('php_fcgi_children', escapeshellcmd($fastcgi_config['fastcgi_children']));
1556             $fcgi_tpl->setVar('php_fcgi_max_requests', escapeshellcmd($fastcgi_config['fastcgi_max_requests']));
62b385 1557             if($default_fastcgi_php){
b1a6a5 1558                 $fcgi_tpl->setVar('php_fcgi_bin', escapeshellcmd($fastcgi_config['fastcgi_bin']));
62b385 1559             } else {
b1a6a5 1560                 $fcgi_tpl->setVar('php_fcgi_bin', escapeshellcmd($custom_fastcgi_php_executable));
62b385 1561             }
b1a6a5 1562             $fcgi_tpl->setVar('security_level', intval($web_config['security_level']));
f63910 1563             $fcgi_tpl->setVar('domain', escapeshellcmd($data['new']['domain']));
ac933e 1564
fb3339 1565             $php_open_basedir = ($data['new']['php_open_basedir'] == '')?$data['new']['document_root']:$data['new']['php_open_basedir'];
ff7075 1566             $fcgi_tpl->setVar('open_basedir', escapeshellcmd($php_open_basedir));
ac933e 1567
511ba5 1568             $fcgi_starter_script = escapeshellcmd($fastcgi_starter_path.$fastcgi_config['fastcgi_starter_script'].(($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') ? '_web' . $data['new']['domain_id'] : ''));
b1a6a5 1569             $app->system->file_put_contents($fcgi_starter_script, $fcgi_tpl->grab());
46c683 1570             unset($fcgi_tpl);
ac933e 1571
b1a6a5 1572             $app->log('Creating fastcgi starter script: '.$fcgi_starter_script, LOGLEVEL_DEBUG);
ac933e 1573
b1a6a5 1574             $app->system->chmod($fcgi_starter_script, 0755);
MC 1575             $app->system->chown($fcgi_starter_script, $data['new']['system_user']);
1576             $app->system->chgrp($fcgi_starter_script, $data['new']['system_group']);
1577
1578             $tpl->setVar('fastcgi_alias', $fastcgi_config['fastcgi_alias']);
1579             $tpl->setVar('fastcgi_starter_path', $fastcgi_starter_path);
511ba5 1580             $tpl->setVar('fastcgi_starter_script', $fastcgi_config['fastcgi_starter_script'].(($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') ? '_web' . $data['new']['domain_id'] : ''));
b1a6a5 1581             $tpl->setVar('fastcgi_config_syntax', $fastcgi_config['fastcgi_config_syntax']);
MC 1582             $tpl->setVar('fastcgi_max_requests', $fastcgi_config['fastcgi_max_requests']);
ac933e 1583
62e4b3 1584         } else {
F 1585             //remove the php fastgi starter script if available
b5b862 1586             $fastcgi_starter_script = $fastcgi_config['fastcgi_starter_script'].($data['old']['type'] == 'vhostsubdomain' ? '_web' . $data['old']['domain_id'] : '');
62e4b3 1587             if ($data['old']['php'] == 'fast-cgi') {
b1a6a5 1588                 $fastcgi_starter_path = str_replace('[system_user]', $data['old']['system_user'], $fastcgi_config['fastcgi_starter_path']);
MC 1589                 $fastcgi_starter_path = str_replace('[client_id]', $client_id, $fastcgi_starter_path);
1590                 if($data['old']['type'] == 'vhost') {
b5b862 1591                     if(is_file($fastcgi_starter_script)) @unlink($fastcgi_starter_script);
TB 1592                     if (is_dir($fastcgi_starter_path)) @rmdir($fastcgi_starter_path);
b1a6a5 1593                 } else {
b5b862 1594                     if(is_file($fastcgi_starter_script)) @unlink($fastcgi_starter_script);
b1a6a5 1595                 }
62e4b3 1596             }
46c683 1597         }
b1a6a5 1598
MC 1599
1600
274362 1601         /**
b1a6a5 1602          * PHP-FPM
MC 1603          */
274362 1604         // Support for multiple PHP versions
02e7ea 1605         if($data['new']['php'] == 'php-fpm'){
62e4b3 1606             if(trim($data['new']['fastcgi_php_version']) != ''){
F 1607                 $default_php_fpm = false;
1608                 list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($data['new']['fastcgi_php_version']));
b1a6a5 1609                 if(substr($custom_php_fpm_ini_dir, -1) != '/') $custom_php_fpm_ini_dir .= '/';
62e4b3 1610             } else {
F 1611                 $default_php_fpm = true;
1612             }
274362 1613         } else {
c59632 1614             if(trim($data['old']['fastcgi_php_version']) != '' && ($data['old']['php'] == 'php-fpm' || $data['old']['php'] == 'hhvm')){
62e4b3 1615                 $default_php_fpm = false;
F 1616                 list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($data['old']['fastcgi_php_version']));
b1a6a5 1617                 if(substr($custom_php_fpm_ini_dir, -1) != '/') $custom_php_fpm_ini_dir .= '/';
62e4b3 1618             } else {
F 1619                 $default_php_fpm = true;
1620             }
274362 1621         }
b1a6a5 1622
274362 1623         if($default_php_fpm){
F 1624             $pool_dir = escapeshellcmd($web_config['php_fpm_pool_dir']);
1625         } else {
1626             $pool_dir = $custom_php_fpm_pool_dir;
1627         }
ab79c2 1628         $pool_dir = trim($pool_dir);
b1a6a5 1629         if(substr($pool_dir, -1) != '/') $pool_dir .= '/';
274362 1630         $pool_name = 'web'.$data['new']['domain_id'];
F 1631         $socket_dir = escapeshellcmd($web_config['php_fpm_socket_dir']);
b1a6a5 1632         if(substr($socket_dir, -1) != '/') $socket_dir .= '/';
9b021b 1633         
1e67c1 1634         $apache_modules = $app->system->getapachemodules();
TB 1635         
1636         // Use sockets, but not with apache 2.4 on centos (mod_proxy_fcgi) as socket support is buggy in that version
1637         if($data['new']['php_fpm_use_socket'] == 'y' && in_array('fastcgi_module',$apache_modules)){
274362 1638             $use_tcp = 0;
F 1639             $use_socket = 1;
1640         } else {
1641             $use_tcp = 1;
1642             $use_socket = 0;
1643         }
1644         $tpl->setVar('use_tcp', $use_tcp);
1645         $tpl->setVar('use_socket', $use_socket);
1646         $fpm_socket = $socket_dir.$pool_name.'.sock';
1647         $tpl->setVar('fpm_socket', $fpm_socket);
1648         $tpl->setVar('fpm_port', $web_config['php_fpm_start_port'] + $data['new']['domain_id'] - 1);
ac933e 1649
46c683 1650         /**
T 1651          * install cgi starter script and add script alias to config.
1652          * This is needed to allow cgi with suexec (to do so, we need a bin in the document-path!)
1653          * first we create the script directory if not already created, then copy over the starter script.
1654          * TODO: we have to fetch the data from the server-settings.
1655          */
fb3339 1656         if ($data['new']['php'] == 'cgi') {
J 1657             //$cgi_config = $app->getconf->get_server_config($conf['server_id'], 'cgi');
46c683 1658
fb3339 1659             $cgi_config['cgi_starter_path'] = $web_config['website_basedir'].'/php-cgi-scripts/[system_user]/';
511ba5 1660             $cgi_config['cgi_starter_script'] = 'php-cgi-starter'.(($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') ? '_web' . $data['new']['domain_id'] : '');
fb3339 1661             $cgi_config['cgi_bin'] = '/usr/bin/php-cgi';
46c683 1662
b1a6a5 1663             $cgi_starter_path = str_replace('[system_user]', $data['new']['system_user'], $cgi_config['cgi_starter_path']);
MC 1664             $cgi_starter_path = str_replace('[client_id]', $client_id, $cgi_starter_path);
46c683 1665
ac933e 1666             if (!is_dir($cgi_starter_path)) {
c77103 1667                 $app->system->mkdirpath($cgi_starter_path);
b1a6a5 1668                 $app->system->chown($cgi_starter_path, $data['new']['system_user']);
MC 1669                 $app->system->chgrp($cgi_starter_path, $data['new']['system_group']);
1670                 $app->system->chmod($cgi_starter_path, 0755);
46c683 1671
b1a6a5 1672                 $app->log('Creating cgi starter script directory: '.$cgi_starter_path, LOGLEVEL_DEBUG);
46c683 1673             }
T 1674
1675             $cgi_tpl = new tpl();
fb3339 1676             $cgi_tpl->newTemplate('php-cgi-starter.master');
8133de 1677             $cgi_tpl->setVar('apache_version', $app->system->getapacheversion());
46c683 1678
fb3339 1679             // This works because PHP "rewrites" a symlink to the physical path
J 1680             $php_open_basedir = ($data['new']['php_open_basedir'] == '')?$data['new']['document_root']:$data['new']['php_open_basedir'];
ac933e 1681             $cgi_tpl->setVar('open_basedir', escapeshellcmd($php_open_basedir));
fb3339 1682             $cgi_tpl->setVar('document_root', escapeshellcmd($data['new']['document_root']));
ac933e 1683
46c683 1684             // This will NOT work!
fb3339 1685             //$cgi_tpl->setVar('open_basedir', '/var/www/' . $data['new']['domain']);
b1a6a5 1686             $cgi_tpl->setVar('php_cgi_bin', $cgi_config['cgi_bin']);
MC 1687             $cgi_tpl->setVar('security_level', $web_config['security_level']);
1688
1689             $cgi_tpl->setVar('has_custom_php_ini', $has_custom_php_ini);
7fddfe 1690             if($has_custom_php_ini) {
b1a6a5 1691                 $cgi_tpl->setVar('php_ini_path', escapeshellcmd($custom_php_ini_dir));
7fddfe 1692             } else {
b1a6a5 1693                 $cgi_tpl->setVar('php_ini_path', escapeshellcmd($fastcgi_config['fastcgi_phpini_path']));
7fddfe 1694             }
46c683 1695
511ba5 1696             $cgi_starter_script = escapeshellcmd($cgi_starter_path.$cgi_config['cgi_starter_script'].(($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') ? '_web' . $data['new']['domain_id'] : ''));
b1a6a5 1697             $app->system->file_put_contents($cgi_starter_script, $cgi_tpl->grab());
46c683 1698             unset($cgi_tpl);
T 1699
b1a6a5 1700             $app->log('Creating cgi starter script: '.$cgi_starter_script, LOGLEVEL_DEBUG);
46c683 1701
T 1702
b1a6a5 1703             $app->system->chmod($cgi_starter_script, 0755);
MC 1704             $app->system->chown($cgi_starter_script, $data['new']['system_user']);
1705             $app->system->chgrp($cgi_starter_script, $data['new']['system_group']);
46c683 1706
b1a6a5 1707             $tpl->setVar('cgi_starter_path', $cgi_starter_path);
511ba5 1708             $tpl->setVar('cgi_starter_script', $cgi_config['cgi_starter_script'].(($data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias') ? '_web' . $data['new']['domain_id'] : ''));
46c683 1709
T 1710         }
1711
fb3339 1712         $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'].'/'.$data['new']['domain'].'.vhost');
7ed741 1713         //* Make a backup copy of vhost file
b1a6a5 1714         if(file_exists($vhost_file)) $app->system->copy($vhost_file, $vhost_file.'~');
MC 1715
a7bdf8 1716         //* create empty vhost array
T 1717         $vhosts = array();
b1a6a5 1718
526b99 1719         //* Add vhost for ipv4 IP
6c424f 1720
FS 1721         //* use ip-mapping for web-mirror
1722         if($data['new']['ip_address'] != '*' && $conf['mirror_server_id'] > 0) {
1723             $sql = "SELECT destination_ip FROM server_ip_map WHERE server_id = ? AND source_ip = ?";
1724             $newip = $app->db->queryOneRecord($sql, $conf['server_id'], $data['new']['ip_address']);
1725             $data['new']['ip_address'] = $newip['destination_ip'];
1726             unset($newip);
1727         }
1728
526b99 1729         $tmp_vhost_arr = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 0, 'port' => 80);
T 1730         if(count($rewrite_rules) > 0)  $tmp_vhost_arr = $tmp_vhost_arr + array('redirects' => $rewrite_rules);
1731         if(count($alias_seo_redirects) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('alias_seo_redirects' => $alias_seo_redirects);
1732         $vhosts[] = $tmp_vhost_arr;
1733         unset($tmp_vhost_arr);
b1a6a5 1734
a7bdf8 1735         //* Add vhost for ipv4 IP with SSL
481c00 1736         $ssl_dir = $data['new']['document_root'].'/ssl';
T 1737         $domain = $data['new']['ssl_domain'];
1738         $key_file = $ssl_dir.'/'.$domain.'.key';
1739         $crt_file = $ssl_dir.'/'.$domain.'.crt';
b1a6a5 1740
a7bdf8 1741         if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0)  && (@filesize($key_file)>0)) {
526b99 1742             $tmp_vhost_arr = array('ip_address' => $data['new']['ip_address'], 'ssl_enabled' => 1, 'port' => '443');
T 1743             if(count($rewrite_rules) > 0)  $tmp_vhost_arr = $tmp_vhost_arr + array('redirects' => $rewrite_rules);
cc6568 1744             $ipv4_ssl_alias_seo_redirects = $alias_seo_redirects;
H 1745             if(is_array($ipv4_ssl_alias_seo_redirects) && !empty($ipv4_ssl_alias_seo_redirects)){
1746                 for($i=0;$i<count($ipv4_ssl_alias_seo_redirects);$i++){
1747                     $ipv4_ssl_alias_seo_redirects[$i]['ssl_enabled'] = 1;
1748                 }
1749             }
1750             if(count($ipv4_ssl_alias_seo_redirects) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('alias_seo_redirects' => $ipv4_ssl_alias_seo_redirects);
526b99 1751             $vhosts[] = $tmp_vhost_arr;
cc6568 1752             unset($tmp_vhost_arr, $ipv4_ssl_alias_seo_redirects);
b1a6a5 1753             $app->log('Enable SSL for: '.$domain, LOGLEVEL_DEBUG);
bd68aa 1754         }
MC 1755
b1a6a5 1756         //* Add vhost for IPv6 IP
MC 1757         if($data['new']['ipv6_address'] != '') {
fbeb11 1758             //* rewrite ipv6 on mirrors
FS 1759             /* chang $conf to $web_config */
1760             if ($web_config['serverconfig']['web']['vhost_rewrite_v6'] == 'y') {
1761                 if (isset($web_config['serverconfig']['server']['v6_prefix']) && $web_config['serverconfig']['server']['v6_prefix'] <> '') {
1762                     $explode_v6prefix=explode(':', $web_config['serverconfig']['server']['v6_prefix']);
b1a6a5 1763                     $explode_v6=explode(':', $data['new']['ipv6_address']);
MC 1764
1765                     for ( $i = 0; $i <= count($explode_v6prefix)-3; $i++ ) {
1766                         $explode_v6[$i] = $explode_v6prefix[$i];
1767                     }
1768                     $data['new']['ipv6_address'] = implode(':', $explode_v6);
bd68aa 1769                 }
MC 1770             }
96f31d 1771             if($data['new']['ipv6_address'] == '*') $data['new']['ipv6_address'] = '::';
526b99 1772             $tmp_vhost_arr = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 0, 'port' => 80);
T 1773             if(count($rewrite_rules) > 0)  $tmp_vhost_arr = $tmp_vhost_arr + array('redirects' => $rewrite_rules);
1774             if(count($alias_seo_redirects) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('alias_seo_redirects' => $alias_seo_redirects);
1775             $vhosts[] = $tmp_vhost_arr;
1776             unset($tmp_vhost_arr);
b1a6a5 1777
a7bdf8 1778             //* Add vhost for ipv6 IP with SSL
T 1779             if($data['new']['ssl_domain'] != '' && $data['new']['ssl'] == 'y' && @is_file($crt_file) && @is_file($key_file) && (@filesize($crt_file)>0)  && (@filesize($key_file)>0)) {
526b99 1780                 $tmp_vhost_arr = array('ip_address' => '['.$data['new']['ipv6_address'].']', 'ssl_enabled' => 1, 'port' => '443');
T 1781                 if(count($rewrite_rules) > 0)  $tmp_vhost_arr = $tmp_vhost_arr + array('redirects' => $rewrite_rules);
cc6568 1782                 $ipv6_ssl_alias_seo_redirects = $alias_seo_redirects;
H 1783                 if(is_array($ipv6_ssl_alias_seo_redirects) && !empty($ipv6_ssl_alias_seo_redirects)){
1784                     for($i=0;$i<count($ipv6_ssl_alias_seo_redirects);$i++){
1785                         $ipv6_ssl_alias_seo_redirects[$i]['ssl_enabled'] = 1;
1786                     }
1787                 }
1788                 if(count($ipv6_ssl_alias_seo_redirects) > 0) $tmp_vhost_arr = $tmp_vhost_arr + array('alias_seo_redirects' => $ipv6_ssl_alias_seo_redirects);
526b99 1789                 $vhosts[] = $tmp_vhost_arr;
cc6568 1790                 unset($tmp_vhost_arr, $ipv6_ssl_alias_seo_redirects);
b1a6a5 1791                 $app->log('Enable SSL for IPv6: '.$domain, LOGLEVEL_DEBUG);
a7bdf8 1792             }
T 1793         }
b1a6a5 1794
a7bdf8 1795         //* Set the vhost loop
b1a6a5 1796         $tpl->setLoop('vhosts', $vhosts);
MC 1797
7ed741 1798         //* Write vhost file
b1a6a5 1799         $app->system->file_put_contents($vhost_file, $tpl->grab());
MC 1800         $app->log('Writing the vhost file: '.$vhost_file, LOGLEVEL_DEBUG);
46c683 1801         unset($tpl);
ac933e 1802
V 1803         /*
1804          * maybe we have some webdav - user. If so, add them...
1805         */
fb3339 1806         $this->_patchVhostWebdav($vhost_file, $data['new']['document_root'] . '/webdav');
ac933e 1807
c6a89c 1808         //* Set the symlink to enable the vhost
T 1809         //* First we check if there is a old type of symlink and remove it
fb3339 1810         $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/'.$data['new']['domain'].'.vhost');
c77103 1811         if(is_link($vhost_symlink)) $app->system->unlink($vhost_symlink);
b1a6a5 1812
c6a89c 1813         //* Remove old or changed symlinks
T 1814         if($data['new']['subdomain'] != $data['old']['subdomain'] or $data['new']['active'] == 'n') {
1815             $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost');
1816             if(is_link($vhost_symlink)) {
c77103 1817                 $app->system->unlink($vhost_symlink);
b1a6a5 1818                 $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
c6a89c 1819             }
T 1820             $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost');
1821             if(is_link($vhost_symlink)) {
c77103 1822                 $app->system->unlink($vhost_symlink);
b1a6a5 1823                 $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
c6a89c 1824             }
T 1825         }
b1a6a5 1826
c6a89c 1827         //* New symlink
T 1828         if($data['new']['subdomain'] == '*') {
1829             $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/900-'.$data['new']['domain'].'.vhost');
1830         } else {
1831             $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/100-'.$data['new']['domain'].'.vhost');
1832         }
fb3339 1833         if($data['new']['active'] == 'y' && !is_link($vhost_symlink)) {
b1a6a5 1834             symlink($vhost_file, $vhost_symlink);
MC 1835             $app->log('Creating symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
46c683 1836         }
ac933e 1837
46c683 1838         // remove old symlink and vhost file, if domain name of the site has changed
fb3339 1839         if($this->action == 'update' && $data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain']) {
c6a89c 1840             $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost');
T 1841             if(is_link($vhost_symlink)) {
c77103 1842                 $app->system->unlink($vhost_symlink);
b1a6a5 1843                 $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
c6a89c 1844             }
T 1845             $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost');
1846             if(is_link($vhost_symlink)) {
c77103 1847                 $app->system->unlink($vhost_symlink);
b1a6a5 1848                 $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
c6a89c 1849             }
8cf78b 1850             $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost');
T 1851             if(is_link($vhost_symlink)) {
c77103 1852                 $app->system->unlink($vhost_symlink);
b1a6a5 1853                 $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
8cf78b 1854             }
fb3339 1855             $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost');
c77103 1856             $app->system->unlink($vhost_file);
b1a6a5 1857             $app->log('Removing file: '.$vhost_file, LOGLEVEL_DEBUG);
46c683 1858         }
ac933e 1859
46c683 1860         //* Create .htaccess and .htpasswd file for website statistics
cc6568 1861         //if(!is_file($data['new']['document_root'].'/' . $web_folder . '/stats/.htaccess') or $data['old']['document_root'] != $data['new']['document_root']) {
H 1862         if(!is_dir($data['new']['document_root'].'/' . $web_folder . '/stats')) $app->system->mkdir($data['new']['document_root'].'/' . $web_folder . '/stats');
1863         $ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$data['new']['document_root']."/web/stats/.htpasswd_stats\nrequire valid-user";
b1a6a5 1864         $app->system->file_put_contents($data['new']['document_root'].'/' . $web_folder . '/stats/.htaccess', $ht_file);
MC 1865         $app->system->chmod($data['new']['document_root'].'/' . $web_folder . '/stats/.htaccess', 0755);
cc6568 1866         unset($ht_file);
H 1867         //}
ac933e 1868
bfcdef 1869         if(!is_file($data['new']['document_root'].'/web/stats/.htpasswd_stats') || $data['new']['stats_password'] != $data['old']['stats_password']) {
fb3339 1870             if(trim($data['new']['stats_password']) != '') {
J 1871                 $htp_file = 'admin:'.trim($data['new']['stats_password']);
b1a6a5 1872                 $app->system->web_folder_protection($data['new']['document_root'], false);
MC 1873                 $app->system->file_put_contents($data['new']['document_root'].'/web/stats/.htpasswd_stats', $htp_file);
1874                 $app->system->web_folder_protection($data['new']['document_root'], true);
1875                 $app->system->chmod($data['new']['document_root'].'/web/stats/.htpasswd_stats', 0755);
46c683 1876                 unset($htp_file);
T 1877             }
1878         }
b1a6a5 1879
58c210 1880         //* Create awstats configuration
511ba5 1881         if($data['new']['stats_type'] == 'awstats' && ($data['new']['type'] == 'vhost' || $data['new']['type'] == 'vhostsubdomain' || $data['new']['type'] == 'vhostalias')) {
b1a6a5 1882             $this->awstats_update($data, $web_config);
58c210 1883         }
b1a6a5 1884
MC 1885         $this->php_fpm_pool_update($data, $web_config, $pool_dir, $pool_name, $socket_dir);
c59632 1886         $this->hhvm_update($data, $web_config);
b1a6a5 1887
7ed741 1888         if($web_config['check_apache_config'] == 'y') {
T 1889             //* Test if apache starts with the new configuration file
b1a6a5 1890             $apache_online_status_before_restart = $this->_checkTcp('localhost', 80);
MC 1891             $app->log('Apache status is: '.($apache_online_status_before_restart === true? 'running' : 'down'), LOGLEVEL_DEBUG);
ac933e 1892
b1a6a5 1893             $retval = $app->services->restartService('httpd', 'restart'); // $retval['retval'] is 0 on success and > 0 on failure
MC 1894             $app->log('Apache restart return value is: '.$retval['retval'], LOGLEVEL_DEBUG);
1895
9f56bd 1896             // wait a few seconds, before we test the apache status again
bfcdef 1897             $apache_online_status_after_restart = false;
9f56bd 1898             sleep(2);
bfcdef 1899             for($i = 0; $i < 5; $i++) {
b1a6a5 1900                 $apache_online_status_after_restart = $this->_checkTcp('localhost', 80);
bfcdef 1901                 if($apache_online_status_after_restart) break;
T 1902                 sleep(1);
1903             }
7ed741 1904             //* Check if apache restarted successfully if it was online before
b1a6a5 1905             $app->log('Apache online status after restart is: '.($apache_online_status_after_restart === true? 'running' : 'down'), LOGLEVEL_DEBUG);
615a0a 1906             if($apache_online_status_before_restart && !$apache_online_status_after_restart || $retval['retval'] > 0) {
b1a6a5 1907                 $app->log('Apache did not restart after the configuration change for website '.$data['new']['domain'].'. Reverting the configuration. Saved non-working config as '.$vhost_file.'.err', LOGLEVEL_WARN);
615a0a 1908                 if(is_array($retval['output']) && !empty($retval['output'])){
b1a6a5 1909                     $app->log('Reason for Apache restart failure: '.implode("\n", $retval['output']), LOGLEVEL_WARN);
7b47c0 1910                     $app->dbmaster->datalogError(implode("\n", $retval['output']));
615a0a 1911                 } else {
T 1912                     // if no output is given, check again
1913                     $webserver_binary = '';
7b47c0 1914                     exec('which apache2ctl', $webserver_check_output, $webserver_check_retval);
615a0a 1915                     if($webserver_check_retval == 0){
7b47c0 1916                         $webserver_binary = 'apache2ctl';
615a0a 1917                     } else {
T 1918                         unset($webserver_check_output, $webserver_check_retval);
7b47c0 1919                         exec('which apache2', $webserver_check_output, $webserver_check_retval);
615a0a 1920                         if($webserver_check_retval == 0){
7b47c0 1921                             $webserver_binary = 'apache2';
615a0a 1922                         } else {
T 1923                             unset($webserver_check_output, $webserver_check_retval);
7b47c0 1924                             exec('which httpd2', $webserver_check_output, $webserver_check_retval);
615a0a 1925                             if($webserver_check_retval == 0){
7b47c0 1926                                 $webserver_binary = 'httpd2';
615a0a 1927                             } else {
T 1928                                 unset($webserver_check_output, $webserver_check_retval);
7b47c0 1929                                 exec('which httpd', $webserver_check_output, $webserver_check_retval);
615a0a 1930                                 if($webserver_check_retval == 0){
7b47c0 1931                                     $webserver_binary = 'httpd';
T 1932                                 } else {
1933                                     unset($webserver_check_output, $webserver_check_retval);
1934                                     exec('which apache', $webserver_check_output, $webserver_check_retval);
1935                                     if($webserver_check_retval == 0){
1936                                         $webserver_binary = 'apache';
1937                                     }
615a0a 1938                                 }
T 1939                             }
1940                         }
1941                     }
1942                     if($webserver_binary != ''){
1943                         exec($webserver_binary.' -t 2>&1', $tmp_output, $tmp_retval);
7b47c0 1944                         if($tmp_retval > 0 && is_array($tmp_output) && !empty($tmp_output)){
b1a6a5 1945                             $app->log('Reason for Apache restart failure: '.implode("\n", $tmp_output), LOGLEVEL_WARN);
7b47c0 1946                             $app->dbmaster->datalogError(implode("\n", $tmp_output));
T 1947                         }
615a0a 1948                         unset($tmp_output, $tmp_retval);
T 1949                     }
1950                 }
b1a6a5 1951                 $app->system->copy($vhost_file, $vhost_file.'.err');
8cf78b 1952                 if(is_file($vhost_file.'~')) {
T 1953                     //* Copy back the last backup file
b1a6a5 1954                     $app->system->copy($vhost_file.'~', $vhost_file);
8cf78b 1955                 } else {
T 1956                     //* There is no backup file, so we create a empty vhost file with a warning message inside
b1a6a5 1957                     $app->system->file_put_contents($vhost_file, "# Apache did not start after modifying this vhost file.\n# Please check file $vhost_file.err for syntax errors.");
8cf78b 1958                 }
481c00 1959                 if($this->ssl_certificate_changed === true) {
T 1960
1961                     $ssl_dir = $data['new']['document_root'].'/ssl';
1962                     $domain = $data['new']['ssl_domain'];
1963                     $key_file = $ssl_dir.'/'.$domain.'.key.org';
1964                     $key_file2 = $ssl_dir.'/'.$domain.'.key';
1965                     $csr_file = $ssl_dir.'/'.$domain.'.csr';
1966                     $crt_file = $ssl_dir.'/'.$domain.'.crt';
1967                     $bundle_file = $ssl_dir.'/'.$domain.'.bundle';
b1a6a5 1968
481c00 1969                     //* Backup the files that might have caused the error
43b345 1970                     if(is_file($key_file)){
b1a6a5 1971                         $app->system->copy($key_file, $key_file.'.err');
MC 1972                         $app->system->chmod($key_file.'.err', 0400);
43b345 1973                     }
T 1974                     if(is_file($key_file2)){
b1a6a5 1975                         $app->system->copy($key_file2, $key_file2.'.err');
MC 1976                         $app->system->chmod($key_file2.'.err', 0400);
43b345 1977                     }
b1a6a5 1978                     if(is_file($csr_file)) $app->system->copy($csr_file, $csr_file.'.err');
MC 1979                     if(is_file($crt_file)) $app->system->copy($crt_file, $crt_file.'.err');
1980                     if(is_file($bundle_file)) $app->system->copy($bundle_file, $bundle_file.'.err');
1981
481c00 1982                     //* Restore the ~ backup files
b1a6a5 1983                     if(is_file($key_file.'~')) $app->system->copy($key_file.'~', $key_file);
MC 1984                     if(is_file($key_file2.'~')) $app->system->copy($key_file2.'~', $key_file2);
1985                     if(is_file($crt_file.'~')) $app->system->copy($crt_file.'~', $crt_file);
1986                     if(is_file($csr_file.'~')) $app->system->copy($csr_file.'~', $csr_file);
1987                     if(is_file($bundle_file.'~')) $app->system->copy($bundle_file.'~', $bundle_file);
1988
1989                     $app->log('Apache did not restart after the configuration change for website '.$data['new']['domain'].' Reverting the SSL configuration. Saved non-working SSL files with .err extension.', LOGLEVEL_WARN);
481c00 1990                 }
b1a6a5 1991
MC 1992                 $app->services->restartService('httpd', 'restart');
7ed741 1993             }
c82dc7 1994         } else {
7ed741 1995             //* We do not check the apache config after changes (is faster)
T 1996             if($apache_chrooted) {
b1a6a5 1997                 $app->services->restartServiceDelayed('httpd', 'restart');
7ed741 1998             } else {
T 1999                 // request a httpd reload when all records have been processed
b1a6a5 2000                 $app->services->restartServiceDelayed('httpd', 'reload');
7ed741 2001             }
c82dc7 2002         }
b1a6a5 2003
MC 2004         //* The vhost is written and apache has been restarted, so we
481c00 2005         // can reset the ssl changed var to false and cleanup some files
T 2006         $this->ssl_certificate_changed = false;
b1a6a5 2007
481c00 2008         $ssl_dir = $data['new']['document_root'].'/ssl';
T 2009         $domain = $data['new']['ssl_domain'];
2010         $key_file = $ssl_dir.'/'.$domain.'.key.org';
2011         $key_file2 = $ssl_dir.'/'.$domain.'.key';
2012         $csr_file = $ssl_dir.'/'.$domain.'.csr';
2013         $crt_file = $ssl_dir.'/'.$domain.'.crt';
2014         $bundle_file = $ssl_dir.'/'.$domain.'.bundle';
b1a6a5 2015
c77103 2016         if(@is_file($key_file.'~')) $app->system->unlink($key_file.'~');
T 2017         if(@is_file($key2_file.'~')) $app->system->unlink($key2_file.'~');
2018         if(@is_file($crt_file.'~')) $app->system->unlink($crt_file.'~');
2019         if(@is_file($csr_file.'~')) $app->system->unlink($csr_file.'~');
2020         if(@is_file($bundle_file.'~')) $app->system->unlink($bundle_file.'~');
b1a6a5 2021
7ed741 2022         // Remove the backup copy of the config file.
c77103 2023         if(@is_file($vhost_file.'~')) $app->system->unlink($vhost_file.'~');
ac933e 2024
da1a7c 2025         //* Unset action to clean it for next processed vhost.
T 2026         $this->action = '';
46c683 2027     }
ac933e 2028
b1a6a5 2029     function delete($event_name, $data) {
46c683 2030         global $app, $conf;
ac933e 2031
46c683 2032         // load the server configuration options
fb3339 2033         $app->uses('getconf');
c09f04 2034         $app->uses('system');
fb3339 2035         $web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
cc6568 2036         $fastcgi_config = $app->getconf->get_server_config($conf['server_id'], 'fastcgi');
b1a6a5 2037
511ba5 2038         if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias') $app->system->web_folder_protection($data['old']['document_root'], false);
ac933e 2039
2bbc4c 2040         //* Check if this is a chrooted setup
4b72c5 2041         if($web_config['website_basedir'] != '' && @is_file($web_config['website_basedir'].'/etc/passwd')) {
2bbc4c 2042             $apache_chrooted = true;
T 2043         } else {
2044             $apache_chrooted = false;
2045         }
b1a6a5 2046
fea5e7 2047         //* Remove the mounts
T 2048         $log_folder = 'log';
b1a6a5 2049         $web_folder = '';
511ba5 2050         if($data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias') {
2af58c 2051             $tmp = $app->db->queryOneRecord('SELECT `domain`,`document_root` FROM web_domain WHERE domain_id = ?', $data['old']['parent_domain_id']);
526b99 2052             if($tmp['domain'] != ''){
T 2053                 $subdomain_host = preg_replace('/^(.*)\.' . preg_quote($tmp['domain'], '/') . '$/', '$1', $data['old']['domain']);
2054             } else {
2055                 // get log folder from /etc/fstab
2056                 /*
2057                 $bind_mounts = $app->system->file_get_contents('/etc/fstab');
2058                 $bind_mount_lines = explode("\n", $bind_mounts);
2059                 if(is_array($bind_mount_lines) && !empty($bind_mount_lines)){
2060                     foreach($bind_mount_lines as $bind_mount_line){
2061                         $bind_mount_line = preg_replace('/\s+/', ' ', $bind_mount_line);
2062                         $bind_mount_parts = explode(' ', $bind_mount_line);
2063                         if(is_array($bind_mount_parts) && !empty($bind_mount_parts)){
2064                             if($bind_mount_parts[0] == '/var/log/ispconfig/httpd/'.$data['old']['domain'] && $bind_mount_parts[2] == 'none' && strpos($bind_mount_parts[3], 'bind') !== false){
2065                                 $subdomain_host = str_replace($data['old']['document_root'].'/log/', '', $bind_mount_parts[1]);
2066                             }
2067                         }
2068                     }
2069                 }
2070                 */
2071                 // we are deleting the parent domain, so we can delete everything in the log directory
2072                 $subdomain_hosts = array();
b1a6a5 2073                 $files = array_diff(scandir($data['old']['document_root'].'/'.$log_folder), array('.', '..'));
526b99 2074                 if(is_array($files) && !empty($files)){
T 2075                     foreach($files as $file){
2076                         if(is_dir($data['old']['document_root'].'/'.$log_folder.'/'.$file)){
2077                             $subdomain_hosts[] = $file;
2078                         }
2079                     }
2080                 }
2081             }
b1a6a5 2082             if(is_array($subdomain_hosts) && !empty($subdomain_hosts)){
526b99 2083                 $log_folders = array();
T 2084                 foreach($subdomain_hosts as $subdomain_host){
2085                     $log_folders[] = $log_folder.'/'.$subdomain_host;
2086                 }
2087             } else {
2088                 if($subdomain_host == '') $subdomain_host = 'web'.$data['old']['domain_id'];
2089                 $log_folder .= '/' . $subdomain_host;
2090             }
2091             $web_folder = $data['old']['web_folder'];
b1a6a5 2092             unset($tmp);
526b99 2093             unset($subdomain_hosts);
3cde19 2094         }
b1a6a5 2095
511ba5 2096         if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias'){
526b99 2097             if(is_array($log_folders) && !empty($log_folders)){
T 2098                 foreach($log_folders as $log_folder){
cc6568 2099                     //if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
a9b325 2100                     //exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');
cc6568 2101                     exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');
526b99 2102                 }
T 2103             } else {
cc6568 2104                 //if($app->system->is_mounted($data['old']['document_root'].'/'.$log_folder)) exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder));
a9b325 2105                 //exec('fuser -km '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');
cc6568 2106                 exec('umount '.escapeshellarg($data['old']['document_root'].'/'.$log_folder).' 2>/dev/null');
526b99 2107             }
a49635 2108             
MB 2109             // remove letsencrypt if it exists (renew will always fail otherwise)
2110             
2111             $domain = $data['old']['ssl_domain'];
2112             if(!$domain) $domain = $data['old']['domain'];
2113             if(substr($domain, 0, 2) === '*.') {
2114                 // wildcard domain not yet supported by letsencrypt!
2115                 $domain = substr($domain, 2);
2116             }
2117             //$crt_tmp_file = "/etc/letsencrypt/live/".$domain."/cert.pem";
2118             //$key_tmp_file = "/etc/letsencrypt/live/".$domain."/privkey.pem";
2119             $le_conf_file = '/etc/letsencrypt/renewal/' . $domain . '.conf';
2120             @rename('/etc/letsencrypt/renewal/' . $domain . '.conf', '/etc/letsencrypt/renewal/' . $domain . '.conf~backup');
526b99 2121         }
b1a6a5 2122
fea5e7 2123         //* remove mountpoint from fstab
526b99 2124         if(is_array($log_folders) && !empty($log_folders)){
T 2125             foreach($log_folders as $log_folder){
2126                 $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.'    none    bind';
b1a6a5 2127                 $app->system->removeLine('/etc/fstab', $fstab_line);
526b99 2128             }
T 2129         } else {
2130             $fstab_line = '/var/log/ispconfig/httpd/'.$data['old']['domain'].' '.$data['old']['document_root'].'/'.$log_folder.'    none    bind';
b1a6a5 2131             $app->system->removeLine('/etc/fstab', $fstab_line);
526b99 2132         }
T 2133         unset($log_folders);
ac933e 2134
511ba5 2135         if($data['old']['type'] != 'vhost' && $data['old']['type'] != 'vhostsubdomain' && $data['old']['type'] != 'vhostalias' && $data['old']['parent_domain_id'] > 0) {
46c683 2136             //* This is a alias domain or subdomain, so we have to update the website instead
fb3339 2137             $parent_domain_id = intval($data['old']['parent_domain_id']);
2af58c 2138             $tmp = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ? AND active = 'y'", $parent_domain_id);
fb3339 2139             $data['new'] = $tmp;
J 2140             $data['old'] = $tmp;
46c683 2141             $this->action = 'update';
496602 2142             $this->update_letsencrypt = true;
46c683 2143             // just run the update function
b1a6a5 2144             $this->update($event_name, $data);
ac933e 2145
46c683 2146         } else {
T 2147             //* This is a website
2148             // Deleting the vhost file, symlink and the data directory
fb3339 2149             $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'].'/'.$data['old']['domain'].'.vhost');
b1a6a5 2150
8ab3cd 2151             $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/'.$data['old']['domain'].'.vhost');
T 2152             if(is_link($vhost_symlink)){
c77103 2153                 $app->system->unlink($vhost_symlink);
b1a6a5 2154                 $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
8ab3cd 2155             }
T 2156             $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/900-'.$data['old']['domain'].'.vhost');
2157             if(is_link($vhost_symlink)){
c77103 2158                 $app->system->unlink($vhost_symlink);
b1a6a5 2159                 $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
8ab3cd 2160             }
T 2161             $vhost_symlink = escapeshellcmd($web_config['vhost_conf_enabled_dir'].'/100-'.$data['old']['domain'].'.vhost');
2162             if(is_link($vhost_symlink)){
c77103 2163                 $app->system->unlink($vhost_symlink);
b1a6a5 2164                 $app->log('Removing symlink: '.$vhost_symlink.'->'.$vhost_file, LOGLEVEL_DEBUG);
8ab3cd 2165             }
b1a6a5 2166
c77103 2167             $app->system->unlink($vhost_file);
b1a6a5 2168             $app->log('Removing vhost file: '.$vhost_file, LOGLEVEL_DEBUG);
ac933e 2169
511ba5 2170             if($data['old']['type'] == 'vhost' || $data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias') {
b1a6a5 2171                 $docroot = escapeshellcmd($data['old']['document_root']);
MC 2172                 if($docroot != '' && !stristr($docroot, '..')) {
2173                     if($data['old']['type'] == 'vhost') {
2174                         // this is a vhost - we delete everything in here.
2175                         exec('rm -rf '.$docroot);
2176                     } elseif(!stristr($data['old']['web_folder'], '..')) {
2177                         // this is a vhost subdomain
2178                         // IMPORTANT: do some folder checks before we delete this!
2179                         $do_delete = true;
2180                         $delete_folder = preg_replace('/[\/]{2,}/', '/', $web_folder); // replace / occuring multiple times
2181                         if(substr($delete_folder, 0, 1) === '/') $delete_folder = substr($delete_folder, 1);
2182                         if(substr($delete_folder, -1) === '/') $delete_folder = substr($delete_folder, 0, -1);
46c683 2183
b1a6a5 2184                         $path_elements = explode('/', $delete_folder);
46c683 2185
b1a6a5 2186                         if($path_elements[0] == 'web' || $path_elements[0] === '') {
MC 2187                             // paths beginning with /web should NEVER EVER be deleted, empty paths should NEVER occur - but for safety reasons we check it here!
2188                             // we use strict check as otherwise directories named '0' may not be deleted
2189                             $do_delete = false;
2190                         } else {
511ba5 2191                             // read all vhost subdomains and alias with same parent domain
b1a6a5 2192                             $used_paths = array();
2af58c 2193                             $tmp = $app->db->queryAllRecords("SELECT `web_folder` FROM web_domain WHERE (type = 'vhostsubdomain' OR type = 'vhostalias') AND parent_domain_id = ? AND domain_id != ?", $data['old']['parent_domain_id'], $data['old']['domain_id']);
b1a6a5 2194                             foreach($tmp as $tmprec) {
MC 2195                                 // we normalize the folder entries because we need to compare them
2196                                 $tmp_folder = preg_replace('/[\/]{2,}/', '/', $tmprec['web_folder']); // replace / occuring multiple times
2197                                 if(substr($tmp_folder, 0, 1) === '/') $tmp_folder = substr($tmp_folder, 1);
2198                                 if(substr($tmp_folder, -1) === '/') $tmp_folder = substr($tmp_folder, 0, -1);
ac933e 2199
b1a6a5 2200                                 // add this path and it's parent paths to used_paths array
MC 2201                                 while(strpos($tmp_folder, '/') !== false) {
2202                                     if(in_array($tmp_folder, $used_paths) == false) $used_paths[] = $tmp_folder;
2203                                     $tmp_folder = substr($tmp_folder, 0, strrpos($tmp_folder, '/'));
2204                                 }
2205                                 if(in_array($tmp_folder, $used_paths) == false) $used_paths[] = $tmp_folder;
2206                             }
2207                             unset($tmp);
2208
2209                             // loop and check if the path is still used and stop at first used one
2210                             // set do_delete to false so nothing gets deleted if the web_folder itself is still used
2211                             $do_delete = false;
2212                             while(count($path_elements) > 0) {
2213                                 $tmp_folder = implode('/', $path_elements);
2214                                 if(in_array($tmp_folder, $used_paths) == true) break;
2215
2216                                 // this path is not used - set it as path to delete, strip the last element from the array and set do_delete to true
2217                                 $delete_folder = $tmp_folder;
2218                                 $do_delete = true;
2219                                 array_pop($path_elements);
2220                             }
2221                             unset($tmp_folder);
2222                             unset($used_paths);
2223                         }
2224
2225                         if($do_delete === true && $delete_folder !== '') exec('rm -rf '.$docroot.'/'.$delete_folder);
2226
2227                         unset($delete_folder);
2228                         unset($path_elements);
2229                     }
2230                 }
2231
2232                 //remove the php fastgi starter script if available
2233                 if ($data['old']['php'] == 'fast-cgi') {
2234                     $fastcgi_starter_path = str_replace('[system_user]', $data['old']['system_user'], $fastcgi_config['fastcgi_starter_path']);
2235                     if($data['old']['type'] == 'vhost') {
2236                         if (is_dir($fastcgi_starter_path)) {
2237                             exec('rm -rf '.$fastcgi_starter_path);
2238                         }
2239                     } else {
2240                         $fcgi_starter_script = $fastcgi_starter_path.$fastcgi_config['fastcgi_starter_script'].'_web'.$data['old']['domain_id'];
2241                         if (file_exists($fcgi_starter_script)) {
2242                             exec('rm -f '.$fcgi_starter_script);
2243                         }
2244                     }
2245                 }
2246
2247                 // remove PHP-FPM pool
2248                 if ($data['old']['php'] == 'php-fpm') {
2249                     $this->php_fpm_pool_delete($data, $web_config);
c59632 2250                 } elseif($data['old']['php'] == 'hhvm') {
MC 2251                     $this->hhvm_update($data, $web_config);
b1a6a5 2252                 }
MC 2253
2254                 //remove the php cgi starter script if available
2255                 if ($data['old']['php'] == 'cgi') {
2256                     // TODO: fetch the date from the server-settings
2257                     $web_config['cgi_starter_path'] = $web_config['website_basedir'].'/php-cgi-scripts/[system_user]/';
2258
2259                     $cgi_starter_path = str_replace('[system_user]', $data['old']['system_user'], $web_config['cgi_starter_path']);
2260                     if($data['old']['type'] == 'vhost') {
2261                         if (is_dir($cgi_starter_path)) {
2262                             exec('rm -rf '.$cgi_starter_path);
2263                         }
2264                     } else {
2265                         $cgi_starter_script = $cgi_starter_path.'php-cgi-starter_web'.$data['old']['domain_id'];
2266                         if (file_exists($cgi_starter_script)) {
2267                             exec('rm -f '.$cgi_starter_script);
2268                         }
2269                     }
2270                 }
2271
2272                 $app->log('Removing website: '.$docroot, LOGLEVEL_DEBUG);
2273
2274                 // Delete the symlinks for the sites
2af58c 2275                 $client = $app->db->queryOneRecord('SELECT client_id FROM sys_group WHERE sys_group.groupid = ?', $data['old']['sys_groupid']);
b1a6a5 2276                 $client_id = intval($client['client_id']);
MC 2277                 unset($client);
2278                 $tmp_symlinks_array = explode(':', $web_config['website_symlinks']);
2279                 if(is_array($tmp_symlinks_array)) {
2280                     foreach($tmp_symlinks_array as $tmp_symlink) {
2281                         $tmp_symlink = str_replace('[client_id]', $client_id, $tmp_symlink);
2282                         $tmp_symlink = str_replace('[website_domain]', $data['old']['domain'], $tmp_symlink);
2283                         // Remove trailing slash
2284                         if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1);
2285                         // delete the symlink
2286                         if(is_link($tmp_symlink)) {
2287                             $app->system->unlink($tmp_symlink);
2288                             $app->log('Removing symlink: '.$tmp_symlink, LOGLEVEL_DEBUG);
2289                         }
2290                     }
2291                 }
2292                 // end removing symlinks
3cde19 2293             }
b1a6a5 2294
MC 2295             // Delete the log file directory
2296             $vhost_logfile_dir = escapeshellcmd('/var/log/ispconfig/httpd/'.$data['old']['domain']);
2297             if($data['old']['domain'] != '' && !stristr($vhost_logfile_dir, '..')) exec('rm -rf '.$vhost_logfile_dir);
2298             $app->log('Removing website logfile directory: '.$vhost_logfile_dir, LOGLEVEL_DEBUG);
2299
2300             if($data['old']['type'] == 'vhost') {
2301                 //delete the web user
2302                 $command = 'killall -u '.escapeshellcmd($data['old']['system_user']).' ; userdel';
2303                 $command .= ' '.escapeshellcmd($data['old']['system_user']);
2304                 exec($command);
2305                 if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' '.$command);
2306
2307             }
2308
2309             //* Remove the awstats configuration file
2310             if($data['old']['stats_type'] == 'awstats') {
2311                 $this->awstats_delete($data, $web_config);
2312             }
2313
511ba5 2314             if($data['old']['type'] == 'vhostsubdomain' || $data['old']['type'] == 'vhostalias') {
b1a6a5 2315                 $app->system->web_folder_protection($parent_web_document_root, true);
MC 2316             }
2317
8ab3cd 2318             if($apache_chrooted) {
b1a6a5 2319                 $app->services->restartServiceDelayed('httpd', 'restart');
8ab3cd 2320             } else {
T 2321                 // request a httpd reload when all records have been processed
b1a6a5 2322                 $app->services->restartServiceDelayed('httpd', 'reload');
58c210 2323             }
ac933e 2324
0f89bd 2325             //* Delete the web-backups
69b1bc 2326             if($data['old']['type'] == 'vhost') {
FS 2327                 $server_config = $app->getconf->get_server_config($conf['server_id'], 'server');
2328                 $backup_dir = $server_config['backup_dir'];
2329                 $mount_backup = true;
a81238 2330                 if($server_config['backup_dir'] != '' && $server_config['backup_delete'] == 'y') {
990ca8 2331                     //* mount backup directory, if necessary
FS 2332                     if( $server_config['backup_dir_is_mount'] == 'y' && !$app->system->mount_backup_dir($backup_dir) ) $mount_backup = false;
2333
69b1bc 2334                     if($mount_backup){
FS 2335                         $web_backup_dir = $backup_dir.'/web'.$data_old['domain_id'];
2336                         //** do not use rm -rf $web_backup_dir because database(s) may exits
2337                         exec(escapeshellcmd('rm -f '.$web_backup_dir.'/web'.$data_old['domain_id'].'_').'*');
2338                         //* cleanup database
990ca8 2339                         $sql = "DELETE FROM web_backup WHERE server_id = ? AND parent_domain_id = ? AND filename LIKE ?";
FS 2340                         $app->db->query($sql, $conf['server_id'], $data_old['domain_id'], "web".$data_old['domain_id']."_%");
2341                         if($app->db->dbHost != $app->dbmaster->dbHost) $app->dbmaster->query($sql, $conf['server_id'], $data_old['domain_id'], "web".$data_old['domain_id']."_%");
0f89bd 2342
FS 2343                         $app->log('Deleted the web backup files', LOGLEVEL_DEBUG);
69b1bc 2344                     }
FS 2345                 }
2346             }
46c683 2347         }
b1a6a5 2348         if($data['old']['type'] != 'vhost') $app->system->web_folder_protection($data['old']['document_root'], true);
46c683 2349     }
ac933e 2350
46c683 2351     //* This function is called when a IP on the server is inserted, updated or deleted
b1a6a5 2352     function server_ip($event_name, $data) {
46c683 2353         global $app, $conf;
ac933e 2354
46c683 2355         // load the server configuration options
fb3339 2356         $app->uses('getconf');
J 2357         $web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
ac933e 2358
46c683 2359         $app->load('tpl');
ac933e 2360
46c683 2361         $tpl = new tpl();
fb3339 2362         $tpl->newTemplate('apache_ispconfig.conf.master');
8133de 2363         $tpl->setVar('apache_version', $app->system->getapacheversion());
2af58c 2364         $records = $app->db->queryAllRecords("SELECT * FROM server_ip WHERE server_id = ? AND virtualhost = 'y'", $conf['server_id']);
b1a6a5 2365
a2156e 2366         $records_out= array();
T 2367         if(is_array($records)) {
2368             foreach($records as $rec) {
2369                 if($rec['ip_type'] == 'IPv6') {
2370                     $ip_address = '['.$rec['ip_address'].']';
2371                 } else {
2372                     $ip_address = $rec['ip_address'];
2373                 }
b1a6a5 2374                 $ports = explode(',', $rec['virtualhost_port']);
a2156e 2375                 if(is_array($ports)) {
T 2376                     foreach($ports as $port) {
2377                         $port = intval($port);
2378                         if($port > 0 && $port < 65536 && $ip_address != '') {
2379                             $records_out[] = array('ip_address' => $ip_address, 'port' => $port);
2380                         }
2381                     }
2382                 }
2383             }
2384         }
b1a6a5 2385
MC 2386
a2156e 2387         if(count($records_out) > 0) {
b1a6a5 2388             $tpl->setLoop('ip_adresses', $records_out);
46c683 2389         }
ac933e 2390
fb3339 2391         $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'].'/ispconfig.conf');
b1a6a5 2392         $app->system->file_put_contents($vhost_file, $tpl->grab());
MC 2393         $app->log('Writing the conf file: '.$vhost_file, LOGLEVEL_DEBUG);
46c683 2394         unset($tpl);
ac933e 2395
46c683 2396     }
b1a6a5 2397
524077 2398     //* Create or update the .htaccess folder protection
b1a6a5 2399     function web_folder_user($event_name, $data) {
524077 2400         global $app, $conf;
c69439 2401
524077 2402         $app->uses('system');
b1a6a5 2403
524077 2404         if($event_name == 'web_folder_user_delete') {
T 2405             $folder_id = $data['old']['web_folder_id'];
2406         } else {
2407             $folder_id = $data['new']['web_folder_id'];
2408         }
b1a6a5 2409
2af58c 2410         $folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE web_folder_id = ?", $folder_id);
MC 2411         $website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ?", $folder['parent_domain_id']);
b1a6a5 2412
524077 2413         if(!is_array($folder) or !is_array($website)) {
b1a6a5 2414             $app->log('Not able to retrieve folder or website record.', LOGLEVEL_DEBUG);
524077 2415             return false;
T 2416         }
b1a6a5 2417
MC 2418         $web_folder = 'web';
511ba5 2419         if($website['type'] == 'vhostsubdomain' || $website['type'] == 'vhostalias') $web_folder = $website['web_folder'];
b1a6a5 2420
524077 2421         //* Get the folder path.
b1a6a5 2422         if(substr($folder['path'], 0, 1) == '/') $folder['path'] = substr($folder['path'], 1);
MC 2423         if(substr($folder['path'], -1) == '/') $folder['path'] = substr($folder['path'], 0, -1);
6fb93d 2424         $folder_path = escapeshellcmd($website['document_root'].'/' . $web_folder . '/'.$folder['path']);
b1a6a5 2425         if(substr($folder_path, -1) != '/') $folder_path .= '/';
MC 2426
524077 2427         //* Check if the resulting path is inside the docroot
b1a6a5 2428         if(stristr($folder_path, '..') || stristr($folder_path, './') || stristr($folder_path, '\\')) {
MC 2429             $app->log('Folder path "'.$folder_path.'" contains .. or ./.', LOGLEVEL_DEBUG);
524077 2430             return false;
T 2431         }
b1a6a5 2432
524077 2433         //* Create the folder path, if it does not exist
8cf78b 2434         if(!is_dir($folder_path)) {
dbae22 2435             $app->system->mkdirpath($folder_path, 0755, $website['system_user'], $website['system_group']);
8cf78b 2436         }
b1a6a5 2437
524077 2438         //* Create empty .htpasswd file, if it does not exist
T 2439         if(!is_file($folder_path.'.htpasswd')) {
4bd960 2440             $app->system->touch($folder_path.'.htpasswd');
51910d 2441             $app->system->chmod($folder_path.'.htpasswd', 0751);
b1a6a5 2442             $app->system->chown($folder_path.'.htpasswd', $website['system_user']);
MC 2443             $app->system->chgrp($folder_path.'.htpasswd', $website['system_group']);
2444             $app->log('Created file '.$folder_path.'.htpasswd', LOGLEVEL_DEBUG);
524077 2445         }
b1a6a5 2446
8ab3cd 2447         if(($data['new']['username'] != $data['old']['username'] || $data['new']['active'] == 'n') && $data['old']['username'] != '') {
b1a6a5 2448             $app->system->removeLine($folder_path.'.htpasswd', $data['old']['username'].':');
MC 2449             $app->log('Removed user: '.$data['old']['username'], LOGLEVEL_DEBUG);
c69439 2450         }
b1a6a5 2451
524077 2452         //* Add or remove the user from .htpasswd file
T 2453         if($event_name == 'web_folder_user_delete') {
b1a6a5 2454             $app->system->removeLine($folder_path.'.htpasswd', $data['old']['username'].':');
MC 2455             $app->log('Removed user: '.$data['old']['username'], LOGLEVEL_DEBUG);
524077 2456         } else {
c69439 2457             if($data['new']['active'] == 'y') {
b1a6a5 2458                 $app->system->replaceLine($folder_path.'.htpasswd', $data['new']['username'].':', $data['new']['username'].':'.$data['new']['password'], 0, 1);
MC 2459                 $app->log('Added or updated user: '.$data['new']['username'], LOGLEVEL_DEBUG);
c69439 2460             }
524077 2461         }
b1a6a5 2462
MC 2463
524077 2464         //* Create the .htaccess file
8ab3cd 2465         //if(!is_file($folder_path.'.htaccess')) {
b1a6a5 2466         $begin_marker = '### ISPConfig folder protection begin ###';
MC 2467         $end_marker = "### ISPConfig folder protection end ###\n\n";
2468         $ht_file = $begin_marker."\nAuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$folder_path.".htpasswd\nrequire valid-user\n".$end_marker;
2469
2470         if(file_exists($folder_path.'.htaccess')) {
2471             $old_content = $app->system->file_get_contents($folder_path.'.htaccess');
2472
2473             if(preg_match('/' . preg_quote($begin_marker, '/') . '(.*?)' . preg_quote($end_marker, '/') . '/s', $old_content, $matches)) {
2474                 $ht_file = str_replace($matches[0], $ht_file, $old_content);
2475             } else {
2476                 $ht_file .= $old_content;
2477             }
2478         }
2479         unset($old_content);
2480
2481         $app->system->file_put_contents($folder_path.'.htaccess', $ht_file);
51910d 2482         $app->system->chmod($folder_path.'.htaccess', 0751);
b1a6a5 2483         $app->system->chown($folder_path.'.htaccess', $website['system_user']);
MC 2484         $app->system->chgrp($folder_path.'.htaccess', $website['system_group']);
2485         $app->log('Created/modified file '.$folder_path.'.htaccess', LOGLEVEL_DEBUG);
8ab3cd 2486         //}
b1a6a5 2487
524077 2488     }
b1a6a5 2489
524077 2490     //* Remove .htaccess and .htpasswd file, when folder protection is removed
b1a6a5 2491     function web_folder_delete($event_name, $data) {
524077 2492         global $app, $conf;
b1a6a5 2493
524077 2494         $folder_id = $data['old']['web_folder_id'];
b1a6a5 2495
8ab3cd 2496         $folder = $data['old'];
2af58c 2497         $website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ?", $folder['parent_domain_id']);
b1a6a5 2498
524077 2499         if(!is_array($folder) or !is_array($website)) {
b1a6a5 2500             $app->log('Not able to retrieve folder or website record.', LOGLEVEL_DEBUG);
524077 2501             return false;
T 2502         }
b1a6a5 2503
MC 2504         $web_folder = 'web';
511ba5 2505         if($website['type'] == 'vhostsubdomain' || $website['type'] == 'vhostalias') $web_folder = $website['web_folder'];
b1a6a5 2506
524077 2507         //* Get the folder path.
b1a6a5 2508         if(substr($folder['path'], 0, 1) == '/') $folder['path'] = substr($folder['path'], 1);
MC 2509         if(substr($folder['path'], -1) == '/') $folder['path'] = substr($folder['path'], 0, -1);
6fb93d 2510         $folder_path = realpath($website['document_root'].'/' . $web_folder . '/'.$folder['path']);
b1a6a5 2511         if(substr($folder_path, -1) != '/') $folder_path .= '/';
MC 2512
524077 2513         //* Check if the resulting path is inside the docroot
b1a6a5 2514         if(substr($folder_path, 0, strlen($website['document_root'])) != $website['document_root']) {
MC 2515             $app->log('Folder path is outside of docroot.', LOGLEVEL_DEBUG);
524077 2516             return false;
T 2517         }
b1a6a5 2518
524077 2519         //* Remove .htpasswd file
T 2520         if(is_file($folder_path.'.htpasswd')) {
c77103 2521             $app->system->unlink($folder_path.'.htpasswd');
b1a6a5 2522             $app->log('Removed file '.$folder_path.'.htpasswd', LOGLEVEL_DEBUG);
524077 2523         }
b1a6a5 2524
524077 2525         //* Remove .htaccess file
T 2526         if(is_file($folder_path.'.htaccess')) {
b1a6a5 2527             $begin_marker = '### ISPConfig folder protection begin ###';
MC 2528             $end_marker = "### ISPConfig folder protection end ###\n\n";
2529
2530             $ht_file = $app->system->file_get_contents($folder_path.'.htaccess');
2531
2532             if(preg_match('/' . preg_quote($begin_marker, '/') . '(.*?)' . preg_quote($end_marker, '/') . '/s', $ht_file, $matches)) {
2533                 $ht_file = str_replace($matches[0], '', $ht_file);
2534             } else {
2535                 $ht_file = str_replace("AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$folder_path.".htpasswd\nrequire valid-user", '', $ht_file);
2536             }
2537
2538             if(trim($ht_file) == '') {
2539                 $app->system->unlink($folder_path.'.htaccess');
2540                 $app->log('Removed file '.$folder_path.'.htaccess', LOGLEVEL_DEBUG);
2541             } else {
2542                 $app->system->file_put_contents($folder_path.'.htaccess', $ht_file);
2543                 $app->log('Removed protection content from file '.$folder_path.'.htaccess', LOGLEVEL_DEBUG);
2544             }
524077 2545         }
2023a7 2546     }
b1a6a5 2547
2023a7 2548     //* Update folder protection, when path has been changed
b1a6a5 2549     function web_folder_update($event_name, $data) {
2023a7 2550         global $app, $conf;
b1a6a5 2551
2af58c 2552         $website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ?", $data['new']['parent_domain_id']);
b1a6a5 2553
2023a7 2554         if(!is_array($website)) {
b1a6a5 2555             $app->log('Not able to retrieve folder or website record.', LOGLEVEL_DEBUG);
2023a7 2556             return false;
T 2557         }
b1a6a5 2558
MC 2559         $web_folder = 'web';
511ba5 2560         if($website['type'] == 'vhostsubdomain' || $website['type'] == 'vhostalias') $web_folder = $website['web_folder'];
b1a6a5 2561
2023a7 2562         //* Get the folder path.
b1a6a5 2563         if(substr($data['old']['path'], 0, 1) == '/') $data['old']['path'] = substr($data['old']['path'], 1);
MC 2564         if(substr($data['old']['path'], -1) == '/') $data['old']['path'] = substr($data['old']['path'], 0, -1);
6fb93d 2565         $old_folder_path = realpath($website['document_root'].'/' . $web_folder . '/'.$data['old']['path']);
b1a6a5 2566         if(substr($old_folder_path, -1) != '/') $old_folder_path .= '/';
MC 2567
2568         if(substr($data['new']['path'], 0, 1) == '/') $data['new']['path'] = substr($data['new']['path'], 1);
2569         if(substr($data['new']['path'], -1) == '/') $data['new']['path'] = substr($data['new']['path'], 0, -1);
6fb93d 2570         $new_folder_path = escapeshellcmd($website['document_root'].'/' . $web_folder . '/'.$data['new']['path']);
b1a6a5 2571         if(substr($new_folder_path, -1) != '/') $new_folder_path .= '/';
MC 2572
2023a7 2573         //* Check if the resulting path is inside the docroot
b1a6a5 2574         if(stristr($new_folder_path, '..') || stristr($new_folder_path, './') || stristr($new_folder_path, '\\')) {
MC 2575             $app->log('Folder path "'.$new_folder_path.'" contains .. or ./.', LOGLEVEL_DEBUG);
2023a7 2576             return false;
T 2577         }
b1a6a5 2578         if(stristr($old_folder_path, '..') || stristr($old_folder_path, './') || stristr($old_folder_path, '\\')) {
MC 2579             $app->log('Folder path "'.$old_folder_path.'" contains .. or ./.', LOGLEVEL_DEBUG);
2023a7 2580             return false;
T 2581         }
b1a6a5 2582
2023a7 2583         //* Check if the resulting path is inside the docroot
b1a6a5 2584         if(substr($old_folder_path, 0, strlen($website['document_root'])) != $website['document_root']) {
MC 2585             $app->log('Old folder path '.$old_folder_path.' is outside of docroot.', LOGLEVEL_DEBUG);
2023a7 2586             return false;
T 2587         }
b1a6a5 2588         if(substr($new_folder_path, 0, strlen($website['document_root'])) != $website['document_root']) {
MC 2589             $app->log('New folder path '.$new_folder_path.' is outside of docroot.', LOGLEVEL_DEBUG);
2023a7 2590             return false;
T 2591         }
b1a6a5 2592
2023a7 2593         //* Create the folder path, if it does not exist
c77103 2594         if(!is_dir($new_folder_path)) $app->system->mkdirpath($new_folder_path);
b1a6a5 2595
MC 2596         $begin_marker = '### ISPConfig folder protection begin ###';
2597         $end_marker = "### ISPConfig folder protection end ###\n\n";
2598
2023a7 2599         if($data['old']['path'] != $data['new']['path']) {
T 2600
b1a6a5 2601
2023a7 2602             //* move .htpasswd file
T 2603             if(is_file($old_folder_path.'.htpasswd')) {
b1a6a5 2604                 $app->system->rename($old_folder_path.'.htpasswd', $new_folder_path.'.htpasswd');
MC 2605                 $app->log('Moved file '.$old_folder_path.'.htpasswd to '.$new_folder_path.'.htpasswd', LOGLEVEL_DEBUG);
2023a7 2606             }
b1a6a5 2607
8ab3cd 2608             //* delete old .htaccess file
2023a7 2609             if(is_file($old_folder_path.'.htaccess')) {
b1a6a5 2610                 $ht_file = $app->system->file_get_contents($old_folder_path.'.htaccess');
MC 2611
2612                 if(preg_match('/' . preg_quote($begin_marker, '/') . '(.*?)' . preg_quote($end_marker, '/') . '/s', $ht_file, $matches)) {
2613                     $ht_file = str_replace($matches[0], '', $ht_file);
2614                 } else {
2615                     $ht_file = str_replace("AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$old_folder_path.".htpasswd\nrequire valid-user", '', $ht_file);
2616                 }
2617
2618                 if(trim($ht_file) == '') {
2619                     $app->system->unlink($old_folder_path.'.htaccess');
2620                     $app->log('Removed file '.$old_folder_path.'.htaccess', LOGLEVEL_DEBUG);
2621                 } else {
2622                     $app->system->file_put_contents($old_folder_path.'.htaccess', $ht_file);
2623                     $app->log('Removed protection content from file '.$old_folder_path.'.htaccess', LOGLEVEL_DEBUG);
2624                 }
2023a7 2625             }
b1a6a5 2626
2023a7 2627         }
b1a6a5 2628
2023a7 2629         //* Create the .htaccess file
8ab3cd 2630         if($data['new']['active'] == 'y') {
b1a6a5 2631             $ht_file = $begin_marker."\nAuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$new_folder_path.".htpasswd\nrequire valid-user\n".$end_marker;
MC 2632
2633             if(file_exists($new_folder_path.'.htaccess')) {
2634                 $old_content = $app->system->file_get_contents($new_folder_path.'.htaccess');
2635
2636                 if(preg_match('/' . preg_quote($begin_marker, '/') . '(.*?)' . preg_quote($end_marker, '/') . '/s', $old_content, $matches)) {
2637                     $ht_file = str_replace($matches[0], $ht_file, $old_content);
2638                 } else {
2639                     $ht_file .= $old_content;
2640                 }
2641             }
2642
2643             $app->system->file_put_contents($new_folder_path.'.htaccess', $ht_file);
51910d 2644             $app->system->chmod($new_folder_path.'.htaccess', 0751);
b1a6a5 2645             $app->system->chown($new_folder_path.'.htaccess', $website['system_user']);
MC 2646             $app->system->chgrp($new_folder_path.'.htaccess', $website['system_group']);
2647             $app->log('Created/modified file '.$new_folder_path.'.htaccess', LOGLEVEL_DEBUG);
8433d0 2648             
TB 2649             //* Create empty .htpasswd file, if it does not exist
2650             if(!is_file($folder_path.'.htpasswd')) {
2651                 $app->system->touch($new_folder_path.'.htpasswd');
51910d 2652                 $app->system->chmod($new_folder_path.'.htpasswd', 0751);
8433d0 2653                 $app->system->chown($new_folder_path.'.htpasswd', $website['system_user']);
TB 2654                 $app->system->chgrp($new_folder_path.'.htpasswd', $website['system_group']);
2655                 $app->log('Created file '.$new_folder_path.'.htpasswd', LOGLEVEL_DEBUG);
2656             }
2023a7 2657         }
b1a6a5 2658
2023a7 2659         //* Remove .htaccess file
T 2660         if($data['new']['active'] == 'n' && is_file($new_folder_path.'.htaccess')) {
b1a6a5 2661             $ht_file = $app->system->file_get_contents($new_folder_path.'.htaccess');
MC 2662
2663             if(preg_match('/' . preg_quote($begin_marker, '/') . '(.*?)' . preg_quote($end_marker, '/') . '/s', $ht_file, $matches)) {
2664                 $ht_file = str_replace($matches[0], '', $ht_file);
2665             } else {
2666                 $ht_file = str_replace("AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$new_folder_path.".htpasswd\nrequire valid-user", '', $ht_file);
2667             }
2668
2669             if(trim($ht_file) == '') {
2670                 $app->system->unlink($new_folder_path.'.htaccess');
2671                 $app->log('Removed file '.$new_folder_path.'.htaccess', LOGLEVEL_DEBUG);
2672             } else {
2673                 $app->system->file_put_contents($new_folder_path.'.htaccess', $ht_file);
2674                 $app->log('Removed protection content from file '.$new_folder_path.'.htaccess', LOGLEVEL_DEBUG);
2675             }
2023a7 2676         }
b1a6a5 2677
MC 2678
524077 2679     }
b1a6a5 2680
MC 2681     public function ftp_user_delete($event_name, $data) {
26c0fc 2682         global $app, $conf;
b1a6a5 2683
26c0fc 2684         $ftpquota_file = $data['old']['dir'].'/.ftpquota';
c77103 2685         if(file_exists($ftpquota_file)) $app->system->unlink($ftpquota_file);
b1a6a5 2686
26c0fc 2687     }
b1a6a5 2688
MC 2689
ac933e 2690
V 2691     /**
2692      * This function is called when a Webdav-User is inserted, updated or deleted.
2693      *
2694      * @author Oliver Vogel
2695      * @param string $event_name
2696      * @param array $data
2697      */
b1a6a5 2698     public function webdav($event_name, $data) {
ac933e 2699         global $app, $conf;
b1a6a5 2700
52a04e 2701         /*
T 2702          * load the server configuration options
2703         */
fb3339 2704         $app->uses('getconf');
J 2705         $web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
ac933e 2706
V 2707         if (($event_name == 'webdav_user_insert') || ($event_name == 'webdav_user_update')) {
2708
2709             /*
2710              * Get additional informations
2711             */
2af58c 2712             $sitedata = $app->db->queryOneRecord('SELECT document_root, domain, system_user, system_group FROM web_domain WHERE domain_id = ?', $data['new']['parent_domain_id']);
ac933e 2713             $documentRoot = $sitedata['document_root'];
V 2714             $domain = $sitedata['domain'];
ca14fe 2715             $user = $sitedata['system_user'];
V 2716             $group = $sitedata['system_group'];
b67344 2717             $webdav_user_dir = $documentRoot . '/webdav/' . $data['new']['dir'];
ac933e 2718
V 2719             /* Check if this is a chrooted setup */
2720             if($web_config['website_basedir'] != '' && @is_file($web_config['website_basedir'].'/etc/passwd')) {
2721                 $apache_chrooted = true;
b1a6a5 2722                 $app->log('Info: Apache is chrooted.', LOGLEVEL_DEBUG);
ac933e 2723             } else {
V 2724                 $apache_chrooted = false;
2725             }
b1a6a5 2726
b67344 2727             //* We dont want to have relative paths here
b1a6a5 2728             if(stristr($webdav_user_dir, '..')  || stristr($webdav_user_dir, './')) {
MC 2729                 $app->log('Folder path '.$webdav_user_dir.' contains ./ or .. '.$documentRoot, LOGLEVEL_WARN);
b67344 2730                 return false;
T 2731             }
b1a6a5 2732
b67344 2733             //* Check if the resulting path exists if yes, if it is inside the docroot
b1a6a5 2734             if(is_dir($webdav_user_dir) && substr(realpath($webdav_user_dir), 0, strlen($documentRoot)) != $documentRoot) {
MC 2735                 $app->log('Folder path '.$webdav_user_dir.' is outside of docroot '.$documentRoot, LOGLEVEL_WARN);
b67344 2736                 return false;
T 2737             }
ac933e 2738
V 2739             /*
2740              * First the webdav-root - folder has to exist
2741             */
b67344 2742             if(!is_dir($webdav_user_dir)) {
b1a6a5 2743                 $app->log('Webdav User directory '.$webdav_user_dir.' does not exist. Creating it now.', LOGLEVEL_DEBUG);
c77103 2744                 $app->system->mkdirpath($webdav_user_dir);
ac933e 2745             }
V 2746
2747             /*
ca14fe 2748              * The webdav - Root needs the group/user as owner and the apache as read and write
ac933e 2749             */
c77103 2750             //$this->_exec('chown ' . $user . ':' . $group . ' ' . escapeshellcmd($documentRoot . '/webdav/'));
T 2751             //$this->_exec('chmod 770 ' . escapeshellcmd($documentRoot . '/webdav/'));
b1a6a5 2752             $app->system->chown($documentRoot . '/webdav', $user);
MC 2753             $app->system->chgrp($documentRoot . '/webdav', $group);
2754             $app->system->chmod($documentRoot . '/webdav', 0770);
ac933e 2755
V 2756             /*
ca14fe 2757              * The webdav folder (not the webdav-root!) needs the same (not in ONE step, because the
V 2758              * pwd-files are owned by root)
ac933e 2759             */
c77103 2760             //$this->_exec('chown ' . $user . ':' . $group . ' ' . escapeshellcmd($webdav_user_dir.' -R'));
T 2761             //$this->_exec('chmod 770 ' . escapeshellcmd($webdav_user_dir.' -R'));
b1a6a5 2762             $app->system->chown($webdav_user_dir, $user);
MC 2763             $app->system->chgrp($webdav_user_dir, $group);
2764             $app->system->chmod($webdav_user_dir, 0770);
ca14fe 2765
V 2766             /*
2767              * if the user is active, we have to write/update the password - file
2768              * if the user is inactive, we have to inactivate the user by removing the user from the file
2769             */
2770             if ($data['new']['active'] == 'y') {
b67344 2771                 $this->_writeHtDigestFile( $webdav_user_dir . '.htdigest', $data['new']['username'], $data['new']['dir'], $data['new']['password']);
ca14fe 2772             }
V 2773             else {
2774                 /* empty pwd removes the user! */
b67344 2775                 $this->_writeHtDigestFile( $webdav_user_dir . '.htdigest', $data['new']['username'], $data['new']['dir'], '');
ca14fe 2776             }
ac933e 2777
V 2778             /*
2779              * Next step, patch the vhost - file
2780             */
fb3339 2781             $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'] . '/' . $domain . '.vhost');
ac933e 2782             $this->_patchVhostWebdav($vhost_file, $documentRoot . '/webdav');
ca14fe 2783
ac933e 2784             /*
V 2785              * Last, restart apache
2786             */
2787             if($apache_chrooted) {
b1a6a5 2788                 $app->services->restartServiceDelayed('httpd', 'restart');
ac933e 2789             } else {
V 2790                 // request a httpd reload when all records have been processed
b1a6a5 2791                 $app->services->restartServiceDelayed('httpd', 'reload');
ac933e 2792             }
V 2793
2794         }
2795
2796         if ($event_name == 'webdav_user_delete') {
2797             /*
2798              * Get additional informations
2799             */
2af58c 2800             $sitedata = $app->db->queryOneRecord('SELECT document_root, domain FROM web_domain WHERE domain_id = ?', $data['old']['parent_domain_id']);
ac933e 2801             $documentRoot = $sitedata['document_root'];
52a04e 2802             $domain = $sitedata['domain'];
ac933e 2803
V 2804             /*
2805              * We dont't want to destroy any (transfer)-Data. So we do NOT delete any dir.
2806              * So the only thing, we have to do, is to delete the user from the password-file
ca14fe 2807             */
ac933e 2808             $this->_writeHtDigestFile( $documentRoot . '/webdav/' . $data['old']['dir'] . '.htdigest', $data['old']['username'], $data['old']['dir'], '');
b1a6a5 2809
52a04e 2810             /*
T 2811              * Next step, patch the vhost - file
2812             */
fb3339 2813             $vhost_file = escapeshellcmd($web_config['vhost_conf_dir'] . '/' . $domain . '.vhost');
52a04e 2814             $this->_patchVhostWebdav($vhost_file, $documentRoot . '/webdav');
b1a6a5 2815
52a04e 2816             /*
T 2817              * Last, restart apache
2818             */
2819             if($apache_chrooted) {
b1a6a5 2820                 $app->services->restartServiceDelayed('httpd', 'restart');
52a04e 2821             } else {
T 2822                 // request a httpd reload when all records have been processed
b1a6a5 2823                 $app->services->restartServiceDelayed('httpd', 'reload');
52a04e 2824             }
ac933e 2825         }
V 2826     }
2827
2828
2829     /**
2830      * This function writes the htdigest - files used by webdav and digest
ca14fe 2831      * more info: see http://riceball.com/d/node/424
ac933e 2832      * @author Oliver Vogel
V 2833      * @param string $filename The name of the digest-file
2834      * @param string $username The name of the webdav-user
2835      * @param string $authname The name of the realm
ca14fe 2836      * @param string $pwd      The password-hash of the user
ac933e 2837      */
ca14fe 2838     private function _writeHtDigestFile($filename, $username, $authname, $pwdhash ) {
4bd960 2839         global $app;
b1a6a5 2840
ac933e 2841         $changed = false;
c77103 2842         if(is_file($filename) && !is_link($filename)) {
0ff3f1 2843             $in = fopen($filename, 'r');
T 2844             $output = '';
2845             /*
2846             * read line by line and search for the username and authname
2847             */
2848             while (preg_match("/:/", $line = fgets($in))) {
2849                 $line = rtrim($line);
2850                 $tmp = explode(':', $line);
2851                 if ($tmp[0] == $username && $tmp[1] == $authname) {
2852                     /*
2853                     * found the user. delete or change it?
2854                     */
2855                     if ($pwdhash != '') {
2856                         $output .= $tmp[0] . ':' . $tmp[1] . ':' . $pwdhash . "\n";
b1a6a5 2857                     }
0ff3f1 2858                     $changed = true;
T 2859                 }
2860                 else {
2861                     $output .= $line . "\n";
2862                 }
ac933e 2863             }
0ff3f1 2864             fclose($in);
ac933e 2865         }
V 2866         /*
2867          * if we didn't change anything, we have to add the new user at the end of the file
2868         */
2869         if (!$changed) {
f17dab 2870             $output .= $username . ':' . $authname . ':' . $pwdhash . "\n";
ac933e 2871         }
b1a6a5 2872
ac933e 2873
V 2874         /*
2875          * Now lets write the new file
2876         */
52a04e 2877         if(trim($output) == '') {
c77103 2878             $app->system->unlink($filename);
52a04e 2879         } else {
c77103 2880             $app->system->file_put_contents($filename, $output);
52a04e 2881         }
ac933e 2882     }
V 2883
2884     /**
2885      * This function patches the vhost-file and adds all webdav - user.
2886      * This function is written, because the creation of the vhost - file is sophisticated and
2887      * i don't want to make it more "heavy" by also adding this code too...
2888      * @author Oliver Vogel
2889      * @param string $fileName The Name of the .vhost-File (path included)
2890      * @param string $webdavRoot The root of the webdav-folder
2891      */
2892     private function _patchVhostWebdav($fileName, $webdavRoot) {
c77103 2893         global $app;
ac933e 2894         $in = fopen($fileName, 'r');
V 2895         $output = '';
2896         $inWebdavSection = false;
2897
2898         /*
2899          * read line by line and search for the username and authname
2900         */
2901         while ($line = fgets($in)) {
2902             /*
2903              *  is the "replace-comment" found...
2904             */
2905             if (trim($line) == '# WEBDAV BEGIN') {
2906                 /*
2907                  * The begin of the webdav - section is found, so ignore all lines til the end  is found
2908                 */
2909                 $inWebdavSection = true;
2910
2911                 $output .= "      # WEBDAV BEGIN\n";
2912
2913                 /*
2914                  * add all the webdav-dirs to the webdav-section
2915                 */
fb3a98 2916                 $files = @scandir($webdavRoot);
T 2917                 if(is_array($files)) {
b1a6a5 2918                     foreach($files as $file) {
MC 2919                         if (substr($file, strlen($file) - strlen('.htdigest')) == '.htdigest' && preg_match("/^[a-zA-Z0-9\-_\.]*$/", $file)) {
2920                             /*
ac933e 2921                          * found a htdigest - file, so add it to webdav
V 2922                         */
b1a6a5 2923                             $fn = substr($file, 0, strlen($file) - strlen('.htdigest'));
MC 2924                             $output .= "\n";
2925                             // $output .= "      Alias /" . $fn . ' ' . $webdavRoot . '/' . $fn . "\n";
2926                             // $output .= "      <Location /" . $fn . ">\n";
2927                             $output .= "      Alias /webdav/" . $fn . ' ' . $webdavRoot . '/' . $fn . "\n";
2928                             $output .= "      <Location /webdav/" . $fn . ">\n";
2929                             $output .= "        DAV On\n";
2930                             $output .= '        BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On'."\n";
2931                             $output .= "        AuthType Digest\n";
2932                             $output .= "        AuthName \"" . $fn . "\"\n";
2933                             $output .= "        AuthUserFile " . $webdavRoot . '/' . $file . "\n";
2934                             $output .= "        Require valid-user \n";
2935                             $output .= "        Options +Indexes \n";
2936                             $output .= "        Order allow,deny \n";
2937                             $output .= "        Allow from all \n";
2938                             $output .= "      </Location> \n";
2939                         }
ac933e 2940                     }
fb3a98 2941                 }
ac933e 2942             }
V 2943             /*
2944              *  is the "replace-comment-end" found...
2945             */
2946             if (trim($line) == '# WEBDAV END') {
2947                 /*
2948                  * The end of the webdav - section is found, so stop ignoring
2949                 */
2950                 $inWebdavSection = false;
2951             }
2952
2953             /*
2954              * Write the line to the output, if it is not in the section
2955             */
2956             if (!$inWebdavSection) {
2957                 $output .= $line;
2958             }
2959         }
2960         fclose($in);
2961
2962         /*
2963          * Now lets write the new file
2964         */
c77103 2965         $app->system->file_put_contents($fileName, $output);
ac933e 2966
V 2967     }
b1a6a5 2968
58c210 2969     //* Update the awstats configuration file
b1a6a5 2970     private function awstats_update ($data, $web_config) {
58c210 2971         global $app;
b1a6a5 2972
MC 2973         $web_folder = $data['new']['web_folder'];
2974         if($data['new']['type'] == 'vhost') $web_folder = 'web';
2a6eac 2975         $awstats_conf_dir = $web_config['awstats_conf_dir'];
b1a6a5 2976
6fb93d 2977         if(!is_dir($data['new']['document_root']."/" . $web_folder . "/stats/")) mkdir($data['new']['document_root']."/" . $web_folder . "/stats");
fb3339 2978         if(!@is_file($awstats_conf_dir.'/awstats.'.$data['new']['domain'].'.conf') || ($data['old']['domain'] != '' && $data['new']['domain'] != $data['old']['domain'])) {
J 2979             if ( @is_file($awstats_conf_dir.'/awstats.'.$data['old']['domain'].'.conf') ) {
c77103 2980                 $app->system->unlink($awstats_conf_dir.'/awstats.'.$data['old']['domain'].'.conf');
58c210 2981             }
b1a6a5 2982
58c210 2983             $content = '';
e6abfe 2984             if (is_file($awstats_conf_dir."/awstats.conf")) {
CS 2985                 $include_file = $awstats_conf_dir."/awstats.conf";
2986             } elseif (is_file($awstats_conf_dir."/awstats.model.conf")) {
2987                 $include_file = $awstats_conf_dir."/awstats.model.conf";
2988             }
de6d2e 2989             $content .= "Include \"".$include_file."\"\n";
fb3339 2990             $content .= "LogFile=\"/var/log/ispconfig/httpd/".$data['new']['domain']."/access.log\"\n";
J 2991             $content .= "SiteDomain=\"".$data['new']['domain']."\"\n";
2992             $content .= "HostAliases=\"www.".$data['new']['domain']."  localhost 127.0.0.1\"\n";
b1a6a5 2993
9aaf97 2994             if (isset($include_file)) {
CS 2995                 $app->system->file_put_contents($awstats_conf_dir.'/awstats.'.$data['new']['domain'].'.conf', $content);
2996                 $app->log('Created AWStats config file: '.$awstats_conf_dir.'/awstats.'.$data['new']['domain'].'.conf', LOGLEVEL_DEBUG);
2997             } else {
2998                 $app->log("No awstats base config found. Either awstats.conf or awstats.model.conf must exist in ".$awstats_conf_dir.".", LOGLEVEL_WARN);
2999             }
58c210 3000         }
b1a6a5 3001
6fb93d 3002         if(is_file($data['new']['document_root']."/" . $web_folder . "/stats/index.html")) $app->system->unlink($data['new']['document_root']."/" . $web_folder . "/stats/index.html");
a464e1 3003         if(file_exists("/usr/local/ispconfig/server/conf-custom/awstats_index.php.master")) {
b1a6a5 3004             $app->system->copy("/usr/local/ispconfig/server/conf-custom/awstats_index.php.master", $data['new']['document_root']."/" . $web_folder . "/stats/index.php");
a464e1 3005         } else {
b1a6a5 3006             $app->system->copy("/usr/local/ispconfig/server/conf/awstats_index.php.master", $data['new']['document_root']."/" . $web_folder . "/stats/index.php");
a464e1 3007         }
58c210 3008     }
b1a6a5 3009
58c210 3010     //* Delete the awstats configuration file
b1a6a5 3011     private function awstats_delete ($data, $web_config) {
58c210 3012         global $app;
b1a6a5 3013
58c210 3014         $awstats_conf_dir = $web_config['awstats_conf_dir'];
b1a6a5 3015
fb3339 3016         if ( @is_file($awstats_conf_dir.'/awstats.'.$data['old']['domain'].'.conf') ) {
c77103 3017             $app->system->unlink($awstats_conf_dir.'/awstats.'.$data['old']['domain'].'.conf');
b1a6a5 3018             $app->log('Removed AWStats config file: '.$awstats_conf_dir.'/awstats.'.$data['old']['domain'].'.conf', LOGLEVEL_DEBUG);
58c210 3019         }
T 3020     }
b1a6a5 3021
c59632 3022     private function hhvm_update($data, $web_config) {
MC 3023         global $app, $conf;
3024         
3025         if(file_exists($conf['rootpath'] . '/conf-custom/hhvm_starter.master')) {
3026             $content = file_get_contents($conf['rootpath'] . '/conf-custom/hhvm_starter.master');
3027         } else {
3028             $content = file_get_contents($conf['rootpath'] . '/conf/hhvm_starter.master');
3029         }
cab08c 3030         if(file_exists($conf['rootpath'] . '/conf-custom/hhvm_monit.master')) {
MC 3031             $monit_content = file_get_contents($conf['rootpath'] . '/conf-custom/hhvm_monit.master');
3032         } else {
3033             $monit_content = file_get_contents($conf['rootpath'] . '/conf/hhvm_monit.master');
3034         }
c59632 3035         
d22277 3036         if($data['new']['php'] == 'hhvm' && $data['old']['php'] != 'hhvm' || (isset($data['old']['custom_php_ini']) && $data['new']['custom_php_ini'] != $data['old']['custom_php_ini'])) {
d5f2d5 3037         
MC 3038             // Custom php.ini settings
3039             $custom_php_ini_settings = trim($data['new']['custom_php_ini']);
3040             if(intval($data['new']['directive_snippets_id']) > 0){
d22277 3041                 $snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'apache' AND active = 'y' AND customer_viewable = 'y'", intval($data['new']['directive_snippets_id']));
d5f2d5 3042                 if(isset($snippet['required_php_snippets']) && trim($snippet['required_php_snippets']) != ''){
MC 3043                     $required_php_snippets = explode(',', trim($snippet['required_php_snippets']));
3044                     if(is_array($required_php_snippets) && !empty($required_php_snippets)){
3045                         foreach($required_php_snippets as $required_php_snippet){
3046                             $required_php_snippet = intval($required_php_snippet);
3047                             if($required_php_snippet > 0){
d22277 3048                                 $php_snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE ".($snippet['master_directive_snippets_id'] > 0 ? 'master_' : '')."directive_snippets_id = ? AND type = 'php' AND active = 'y'", $required_php_snippet);
d5f2d5 3049                                 $php_snippet['snippet'] = trim($php_snippet['snippet']);
MC 3050                                 if($php_snippet['snippet'] != ''){
3051                                     $custom_php_ini_settings .= "\n".$php_snippet['snippet'];
3052                                 }
3053                             }
3054                         }
3055                     }
3056                 }
3057             }
3058             if($custom_php_ini_settings != ''){
3059                 // Make sure we only have Unix linebreaks
3060                 $custom_php_ini_settings = str_replace("\r\n", "\n", $custom_php_ini_settings);
3061                 $custom_php_ini_settings = str_replace("\r", "\n", $custom_php_ini_settings);
3062                 file_put_contents('/etc/hhvm/'.$data['new']['system_user'].'.ini', $custom_php_ini_settings);
3063             } else {
d22277 3064                 if($data['old']['system_user'] != '' && is_file('/etc/hhvm/'.$data['old']['system_user'].'.ini')) unlink('/etc/hhvm/'.$data['old']['system_user'].'.ini');
d5f2d5 3065             }
MC 3066             
1c6da3 3067             $content = str_replace('{SYSTEM_USER}', $data['new']['system_user'], $content);
c59632 3068             file_put_contents('/etc/init.d/hhvm_' . $data['new']['system_user'], $content);
MC 3069             exec('chmod +x /etc/init.d/hhvm_' . $data['new']['system_user'] . ' >/dev/null 2>&1');
3070             exec('/usr/sbin/update-rc.d hhvm_' . $data['new']['system_user'] . ' defaults >/dev/null 2>&1');
02e7ea 3071             exec('/etc/init.d/hhvm_' . $data['new']['system_user'] . ' restart >/dev/null 2>&1');
cab08c 3072             
02e7ea 3073             if(is_dir('/etc/monit/conf.d')){
MC 3074                 $monit_content = str_replace('{SYSTEM_USER}', $data['new']['system_user'], $monit_content);
3075                 file_put_contents('/etc/monit/conf.d/00-hhvm_' . $data['new']['system_user'], $monit_content);
3076                 if(is_file('/etc/monit/conf.d/hhvm_' . $data['new']['system_user'])) unlink('/etc/monit/conf.d/hhvm_' . $data['new']['system_user']);
3077                 exec('/etc/init.d/monit restart >/dev/null 2>&1');
3078             }
cab08c 3079             
c59632 3080          } elseif($data['new']['php'] != 'hhvm' && $data['old']['php'] == 'hhvm') {
d22277 3081             if($data['old']['system_user'] != ''){
MB 3082                 exec('/etc/init.d/hhvm_' . $data['old']['system_user'] . ' stop >/dev/null 2>&1');
3083                 exec('/usr/sbin/update-rc.d hhvm_' . $data['old']['system_user'] . ' remove >/dev/null 2>&1');
3084                 unlink('/etc/init.d/hhvm_' . $data['old']['system_user']);
3085                 if(is_file('/etc/hhvm/'.$data['old']['system_user'].'.ini')) unlink('/etc/hhvm/'.$data['old']['system_user'].'.ini');
3086             }
cab08c 3087             
02e7ea 3088             if(is_file('/etc/monit/conf.d/hhvm_' . $data['new']['system_user']) || is_file('/etc/monit/conf.d/00-hhvm_' . $data['new']['system_user'])){
MC 3089                 if(is_file('/etc/monit/conf.d/hhvm_' . $data['new']['system_user'])){
3090                     unlink('/etc/monit/conf.d/hhvm_' . $data['new']['system_user']);
3091                 }
3092                 if(is_file('/etc/monit/conf.d/00-hhvm_' . $data['new']['system_user'])){
3093                     unlink('/etc/monit/conf.d/00-hhvm_' . $data['new']['system_user']);
3094                 }
cab08c 3095                 exec('/etc/init.d/monit restart >/dev/null 2>&1');
MC 3096             }
c59632 3097         }
MC 3098     }
3099
274362 3100     //* Update the PHP-FPM pool configuration file
b1a6a5 3101     private function php_fpm_pool_update ($data, $web_config, $pool_dir, $pool_name, $socket_dir) {
274362 3102         global $app, $conf;
ab79c2 3103         $pool_dir = trim($pool_dir);
274362 3104         //$reload = false;
b1a6a5 3105
62e4b3 3106         if($data['new']['php'] == 'php-fpm'){
F 3107             if(trim($data['new']['fastcgi_php_version']) != ''){
3108                 $default_php_fpm = false;
3109                 list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($data['new']['fastcgi_php_version']));
b1a6a5 3110                 if(substr($custom_php_fpm_ini_dir, -1) != '/') $custom_php_fpm_ini_dir .= '/';
62e4b3 3111             } else {
F 3112                 $default_php_fpm = true;
3113             }
274362 3114         } else {
62e4b3 3115             if(trim($data['old']['fastcgi_php_version']) != '' && $data['old']['php'] == 'php-fpm'){
F 3116                 $default_php_fpm = false;
3117                 list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($data['old']['fastcgi_php_version']));
b1a6a5 3118                 if(substr($custom_php_fpm_ini_dir, -1) != '/') $custom_php_fpm_ini_dir .= '/';
62e4b3 3119             } else {
F 3120                 $default_php_fpm = true;
3121             }
274362 3122         }
b1a6a5 3123
274362 3124         $app->uses("getconf");
F 3125         $web_config = $app->getconf->get_server_config($conf["server_id"], 'web');
b1a6a5 3126
274362 3127         if($data['new']['php'] != 'php-fpm'){
F 3128             if(@is_file($pool_dir.$pool_name.'.conf')){
c77103 3129                 $app->system->unlink($pool_dir.$pool_name.'.conf');
274362 3130                 //$reload = true;
F 3131             }
3132             if($data['old']['php'] == 'php-fpm'){
3133                 if(!$default_php_fpm){
b1a6a5 3134                     $app->services->restartService('php-fpm', 'reload:'.$custom_php_fpm_init_script);
274362 3135                 } else {
b1a6a5 3136                     $app->services->restartService('php-fpm', 'reload:'.$conf['init_scripts'].'/'.$web_config['php_fpm_init_script']);
274362 3137                 }
F 3138             }
3139             //if($reload == true) $app->services->restartService('php-fpm','reload');
3140             return;
3141         }
b1a6a5 3142
274362 3143         $app->load('tpl');
F 3144         $tpl = new tpl();
3145         $tpl->newTemplate('php_fpm_pool.conf.master');
8133de 3146         $tpl->setVar('apache_version', $app->system->getapacheversion());
MC 3147         
c91c7a 3148         $apache_modules = $app->system->getapachemodules();
TB 3149         
6db036 3150         // Use sockets, but not with apache 2.4 on centos (mod_proxy_fcgi) as socket support is buggy in that version
TB 3151         if($data['new']['php_fpm_use_socket'] == 'y' && in_array('fastcgi_module',$apache_modules)){
274362 3152             $use_tcp = 0;
F 3153             $use_socket = 1;
c77103 3154             if(!is_dir($socket_dir)) $app->system->mkdirpath($socket_dir);
274362 3155         } else {
F 3156             $use_tcp = 1;
3157             $use_socket = 0;
3158         }
3159         $tpl->setVar('use_tcp', $use_tcp);
3160         $tpl->setVar('use_socket', $use_socket);
b1a6a5 3161
274362 3162         $fpm_socket = $socket_dir.$pool_name.'.sock';
F 3163         $tpl->setVar('fpm_socket', $fpm_socket);
b491ad 3164         $tpl->setVar('fpm_listen_mode', '0660');
b1a6a5 3165
274362 3166         $tpl->setVar('fpm_pool', $pool_name);
F 3167         $tpl->setVar('fpm_port', $web_config['php_fpm_start_port'] + $data['new']['domain_id'] - 1);
3168         $tpl->setVar('fpm_user', $data['new']['system_user']);
0dfb2d 3169         $tpl->setVar('fpm_group', $web_config['group']);
d33fd2 3170         $tpl->setVar('fpm_domain', $data['new']['domain']);
dd7ce4 3171         $tpl->setVar('pm', $data['new']['pm']);
274362 3172         $tpl->setVar('pm_max_children', $data['new']['pm_max_children']);
F 3173         $tpl->setVar('pm_start_servers', $data['new']['pm_start_servers']);
3174         $tpl->setVar('pm_min_spare_servers', $data['new']['pm_min_spare_servers']);
3175         $tpl->setVar('pm_max_spare_servers', $data['new']['pm_max_spare_servers']);
dd7ce4 3176         $tpl->setVar('pm_process_idle_timeout', $data['new']['pm_process_idle_timeout']);
F 3177         $tpl->setVar('pm_max_requests', $data['new']['pm_max_requests']);
274362 3178         $tpl->setVar('document_root', $data['new']['document_root']);
b1a6a5 3179         $tpl->setVar('security_level', $web_config['security_level']);
f63910 3180         $tpl->setVar('domain', $data['new']['domain']);
274362 3181         $php_open_basedir = ($data['new']['php_open_basedir'] == '')?escapeshellcmd($data['new']['document_root']):escapeshellcmd($data['new']['php_open_basedir']);
F 3182         $tpl->setVar('php_open_basedir', $php_open_basedir);
3183         if($php_open_basedir != ''){
3184             $tpl->setVar('enable_php_open_basedir', '');
3185         } else {
3186             $tpl->setVar('enable_php_open_basedir', ';');
3187         }
b1a6a5 3188
274362 3189         // Custom php.ini settings
F 3190         $final_php_ini_settings = array();
3191         $custom_php_ini_settings = trim($data['new']['custom_php_ini']);
b41803 3192         
MC 3193         if(intval($data['new']['directive_snippets_id']) > 0){
3194             $snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ? AND type = 'apache' AND active = 'y' AND customer_viewable = 'y'", intval($data['new']['directive_snippets_id']));
3195             if(isset($snippet['required_php_snippets']) && trim($snippet['required_php_snippets']) != ''){
3196                 $required_php_snippets = explode(',', trim($snippet['required_php_snippets']));
3197                 if(is_array($required_php_snippets) && !empty($required_php_snippets)){
3198                     foreach($required_php_snippets as $required_php_snippet){
3199                         $required_php_snippet = intval($required_php_snippet);
3200                         if($required_php_snippet > 0){
d22277 3201                             $php_snippet = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE ".($snippet['master_directive_snippets_id'] > 0 ? 'master_' : '')."directive_snippets_id = ? AND type = 'php' AND active = 'y'", $required_php_snippet);
b41803 3202                             $php_snippet['snippet'] = trim($php_snippet['snippet']);
MC 3203                             if($php_snippet['snippet'] != ''){
3204                                 $custom_php_ini_settings .= "\n".$php_snippet['snippet'];
3205                             }
3206                         }
3207                     }
3208                 }
3209             }
3210         }
3211         
9fd930 3212         $custom_session_save_path = false;
274362 3213         if($custom_php_ini_settings != ''){
F 3214             // Make sure we only have Unix linebreaks
3215             $custom_php_ini_settings = str_replace("\r\n", "\n", $custom_php_ini_settings);
3216             $custom_php_ini_settings = str_replace("\r", "\n", $custom_php_ini_settings);
3217             $ini_settings = explode("\n", $custom_php_ini_settings);
3218             if(is_array($ini_settings) && !empty($ini_settings)){
3219                 foreach($ini_settings as $ini_setting){
254a4a 3220                     $ini_setting = trim($ini_setting);
b1a6a5 3221                     if(substr($ini_setting, 0, 1) == ';') continue;
MC 3222                     if(substr($ini_setting, 0, 1) == '#') continue;
3223                     if(substr($ini_setting, 0, 2) == '//') continue;
03cc01 3224                     list($key, $value) = explode('=', $ini_setting, 2);
1d6097 3225                     $value = trim($value);
FT 3226                     if($value != ''){
254a4a 3227                         $key = trim($key);
9fd930 3228                         if($key == 'session.save_path') $custom_session_save_path = true;
254a4a 3229                         switch (strtolower($value)) {
b1a6a5 3230                         case '0':
MC 3231                             // PHP-FPM might complain about invalid boolean value if you use 0
3232                             $value = 'off';
3233                         case '1':
3234                         case 'on':
3235                         case 'off':
3236                         case 'true':
3237                         case 'false':
3238                         case 'yes':
3239                         case 'no':
3240                             $final_php_ini_settings[] = array('ini_setting' => 'php_admin_flag['.$key.'] = '.$value);
3241                             break;
3242                         default:
3243                             $final_php_ini_settings[] = array('ini_setting' => 'php_admin_value['.$key.'] = '.$value);
274362 3244                         }
254a4a 3245                     }
274362 3246                 }
F 3247             }
3248         }
9fd930 3249         
MB 3250         $tpl->setVar('custom_session_save_path', ($custom_session_save_path ? 'y' : 'n'));
3251         
274362 3252         $tpl->setLoop('custom_php_ini_settings', $final_php_ini_settings);
b1a6a5 3253
MC 3254         $app->system->file_put_contents($pool_dir.$pool_name.'.conf', $tpl->grab());
3255         $app->log('Writing the PHP-FPM config file: '.$pool_dir.$pool_name.'.conf', LOGLEVEL_DEBUG);
274362 3256         unset($tpl);
b1a6a5 3257
274362 3258         // delete pool in all other PHP versions
ab79c2 3259         $default_pool_dir = trim(escapeshellcmd($web_config['php_fpm_pool_dir']));
b1a6a5 3260         if(substr($default_pool_dir, -1) != '/') $default_pool_dir .= '/';
274362 3261         if($default_pool_dir != $pool_dir){
F 3262             if ( @is_file($default_pool_dir.$pool_name.'.conf') ) {
b1a6a5 3263                 $app->system->unlink($default_pool_dir.$pool_name.'.conf');
MC 3264                 $app->log('Removed PHP-FPM config file: '.$default_pool_dir.$pool_name.'.conf', LOGLEVEL_DEBUG);
3265                 $app->services->restartService('php-fpm', 'reload:'.$conf['init_scripts'].'/'.$web_config['php_fpm_init_script']);
274362 3266             }
F 3267         }
2af58c 3268         $php_versions = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fpm_init_script != '' AND php_fpm_ini_dir != '' AND php_fpm_pool_dir != '' AND server_id = ?", $conf["server_id"]);
274362 3269         if(is_array($php_versions) && !empty($php_versions)){
F 3270             foreach($php_versions as $php_version){
ab79c2 3271                 $php_version['php_fpm_pool_dir'] = trim($php_version['php_fpm_pool_dir']);
b1a6a5 3272                 if(substr($php_version['php_fpm_pool_dir'], -1) != '/') $php_version['php_fpm_pool_dir'] .= '/';
274362 3273                 if($php_version['php_fpm_pool_dir'] != $pool_dir){
F 3274                     if ( @is_file($php_version['php_fpm_pool_dir'].$pool_name.'.conf') ) {
c77103 3275                         $app->system->unlink($php_version['php_fpm_pool_dir'].$pool_name.'.conf');
b1a6a5 3276                         $app->log('Removed PHP-FPM config file: '.$php_version['php_fpm_pool_dir'].$pool_name.'.conf', LOGLEVEL_DEBUG);
MC 3277                         $app->services->restartService('php-fpm', 'reload:'.$php_version['php_fpm_init_script']);
274362 3278                     }
F 3279                 }
3280             }
3281         }
3282         // Reload current PHP-FPM after all others
3283         sleep(1);
3284         if(!$default_php_fpm){
b1a6a5 3285             $app->services->restartService('php-fpm', 'reload:'.$custom_php_fpm_init_script);
274362 3286         } else {
b1a6a5 3287             $app->services->restartService('php-fpm', 'reload:'.$conf['init_scripts'].'/'.$web_config['php_fpm_init_script']);
274362 3288         }
b1a6a5 3289
274362 3290         //$reload = true;
F 3291
3292         //if($reload == true) $app->services->restartService('php-fpm','reload');
3293     }
b1a6a5 3294
274362 3295     //* Delete the PHP-FPM pool configuration file
b1a6a5 3296     private function php_fpm_pool_delete ($data, $web_config) {
274362 3297         global $app, $conf;
b1a6a5 3298
62e4b3 3299         if(trim($data['old']['fastcgi_php_version']) != '' && $data['old']['php'] == 'php-fpm'){
274362 3300             $default_php_fpm = false;
F 3301             list($custom_php_fpm_name, $custom_php_fpm_init_script, $custom_php_fpm_ini_dir, $custom_php_fpm_pool_dir) = explode(':', trim($data['old']['fastcgi_php_version']));
b1a6a5 3302             if(substr($custom_php_fpm_ini_dir, -1) != '/') $custom_php_fpm_ini_dir .= '/';
274362 3303         } else {
F 3304             $default_php_fpm = true;
3305         }
b1a6a5 3306
274362 3307         if($default_php_fpm){
F 3308             $pool_dir = escapeshellcmd($web_config['php_fpm_pool_dir']);
3309         } else {
3310             $pool_dir = $custom_php_fpm_pool_dir;
3311         }
ab79c2 3312         $pool_dir = trim($pool_dir);
b1a6a5 3313
MC 3314         if(substr($pool_dir, -1) != '/') $pool_dir .= '/';
274362 3315         $pool_name = 'web'.$data['old']['domain_id'];
b1a6a5 3316
274362 3317         if ( @is_file($pool_dir.$pool_name.'.conf') ) {
c77103 3318             $app->system->unlink($pool_dir.$pool_name.'.conf');
b1a6a5 3319             $app->log('Removed PHP-FPM config file: '.$pool_dir.$pool_name.'.conf', LOGLEVEL_DEBUG);
MC 3320
274362 3321             //$app->services->restartService('php-fpm','reload');
F 3322         }
b1a6a5 3323
274362 3324         // delete pool in all other PHP versions
ab79c2 3325         $default_pool_dir = trim(escapeshellcmd($web_config['php_fpm_pool_dir']));
b1a6a5 3326         if(substr($default_pool_dir, -1) != '/') $default_pool_dir .= '/';
274362 3327         if($default_pool_dir != $pool_dir){
F 3328             if ( @is_file($default_pool_dir.$pool_name.'.conf') ) {
b1a6a5 3329                 $app->system->unlink($default_pool_dir.$pool_name.'.conf');
MC 3330                 $app->log('Removed PHP-FPM config file: '.$default_pool_dir.$pool_name.'.conf', LOGLEVEL_DEBUG);
3331                 $app->services->restartService('php-fpm', 'reload:'.$conf['init_scripts'].'/'.$web_config['php_fpm_init_script']);
274362 3332             }
b1a6a5 3333         }
2af58c 3334         $php_versions = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fpm_init_script != '' AND php_fpm_ini_dir != '' AND php_fpm_pool_dir != '' AND server_id = ?", $data['old']['server_id']);
274362 3335         if(is_array($php_versions) && !empty($php_versions)){
F 3336             foreach($php_versions as $php_version){
ab79c2 3337                 $php_version['php_fpm_pool_dir'] = trim($php_version['php_fpm_pool_dir']);
b1a6a5 3338                 if(substr($php_version['php_fpm_pool_dir'], -1) != '/') $php_version['php_fpm_pool_dir'] .= '/';
274362 3339                 if($php_version['php_fpm_pool_dir'] != $pool_dir){
F 3340                     if ( @is_file($php_version['php_fpm_pool_dir'].$pool_name.'.conf') ) {
c77103 3341                         $app->system->unlink($php_version['php_fpm_pool_dir'].$pool_name.'.conf');
b1a6a5 3342                         $app->log('Removed PHP-FPM config file: '.$php_version['php_fpm_pool_dir'].$pool_name.'.conf', LOGLEVEL_DEBUG);
MC 3343                         $app->services->restartService('php-fpm', 'reload:'.$php_version['php_fpm_init_script']);
274362 3344                     }
F 3345                 }
3346             }
3347         }
b1a6a5 3348
274362 3349         // Reload current PHP-FPM after all others
F 3350         sleep(1);
3351         if(!$default_php_fpm){
b1a6a5 3352             $app->services->restartService('php-fpm', 'reload:'.$custom_php_fpm_init_script);
274362 3353         } else {
b1a6a5 3354             $app->services->restartService('php-fpm', 'reload:'.$conf['init_scripts'].'/'.$web_config['php_fpm_init_script']);
274362 3355         }
F 3356     }
b1a6a5 3357
MC 3358     function client_delete($event_name, $data) {
1ca823 3359         global $app, $conf;
b1a6a5 3360
1ca823 3361         $app->uses("getconf");
T 3362         $web_config = $app->getconf->get_server_config($conf["server_id"], 'web');
b1a6a5 3363
1ca823 3364         $client_id = intval($data['old']['client_id']);
T 3365         if($client_id > 0) {
b1a6a5 3366
1ca823 3367             $client_dir = $web_config['website_basedir'].'/clients/client'.$client_id;
b1a6a5 3368             if(is_dir($client_dir) && !stristr($client_dir, '..')) {
72695f 3369                 // remove symlinks from $client_dir
b1a6a5 3370                 $files = array_diff(scandir($client_dir), array('.', '..'));
72695f 3371                 if(is_array($files) && !empty($files)){
T 3372                     foreach($files as $file){
3373                         if(is_link($client_dir.'/'.$file)){
3374                             unlink($client_dir.'/'.$file);
b1a6a5 3375                             $app->log('Removed symlink: '.$client_dir.'/'.$file, LOGLEVEL_DEBUG);
72695f 3376                         }
T 3377                     }
3378                 }
b1a6a5 3379
1ca823 3380                 @rmdir($client_dir);
b1a6a5 3381                 $app->log('Removed client directory: '.$client_dir, LOGLEVEL_DEBUG);
1ca823 3382             }
b1a6a5 3383
615a0a 3384             if($app->system->is_group('client'.$client_id)){
T 3385                 $this->_exec('groupdel client'.$client_id);
b1a6a5 3386                 $app->log('Removed group client'.$client_id, LOGLEVEL_DEBUG);
615a0a 3387             }
1ca823 3388         }
b1a6a5 3389
1ca823 3390     }
ac933e 3391
1c40af 3392     //* Wrapper for exec function for easier debugging
T 3393     private function _exec($command) {
3394         global $app;
551d9a 3395         $out = array();
MB 3396         $ret = 0;
b1a6a5 3397         $app->log('exec: '.$command, LOGLEVEL_DEBUG);
551d9a 3398         exec($command, $out, $ret);
MB 3399         if($ret != 0) return false;
3400         else return true;
1c40af 3401     }
7ed741 3402
b1a6a5 3403     private function _checkTcp ($host, $port) {
MC 3404
3405         $fp = @fsockopen($host, $port, $errno, $errstr, 2);
7ed741 3406
T 3407         if ($fp) {
3408             fclose($fp);
3409             return true;
3410         } else {
3411             return false;
3412         }
3413     }
ac933e 3414
552178 3415     public function create_relative_link($f, $t) {
bfcdef 3416         global $app;
b1a6a5 3417
552178 3418         // $from already exists
M 3419         $from = realpath($f);
3420
3421         // realpath requires the traced file to exist - so, lets touch it first, then remove
c77103 3422         @$app->system->unlink($t); touch($t);
552178 3423         $to = realpath($t);
c77103 3424         @$app->system->unlink($t);
552178 3425
M 3426         // Remove from the left side matching path elements from $from and $to
3427         // and get path elements counts
3428         $a1 = explode('/', $from); $a2 = explode('/', $to);
3429         for ($c = 0; $a1[$c] == $a2[$c]; $c++) {
3430             unset($a1[$c]); unset($a2[$c]);
3431         }
3432         $cfrom = implode('/', $a1);
3433
3434         // Check if a path is fully a subpath of another - no way to create symlink in the case
3435         if (count($a1) == 0 || count($a2) == 0) return false;
3436
3437         // Add ($cnt_to-1) number of "../" elements to left side of $cfrom
3438         for ($c = 0; $c < (count($a2)-1); $c++) { $cfrom = '../'.$cfrom; }
3439
3440         return symlink($cfrom, $to);
3441     }
46c683 3442
b1a6a5 3443     private function _rewrite_quote($string) {
MC 3444         return str_replace(array('.', '*', '?', '+'), array('\\.', '\\*', '\\?', '\\+'), $string);
3445     }
3446
3447     private function _is_url($string) {
3448         return preg_match('/^(f|ht)tp(s)?:\/\//i', $string);
3449     }
3450
bfcdef 3451     private function get_seo_redirects($web, $prefix = ''){
T 3452         $seo_redirects = array();
b1a6a5 3453
bfcdef 3454         if(substr($web['domain'], 0, 2) === '*.') $web['subdomain'] = '*';
b1a6a5 3455
bfcdef 3456         if($web['subdomain'] == 'www' || $web['subdomain'] == '*'){
T 3457             if($web['seo_redirect'] == 'non_www_to_www'){
3458                 $seo_redirects[$prefix.'seo_redirect_origin_domain'] = str_replace('.', '\.', $web['domain']);
3459                 $seo_redirects[$prefix.'seo_redirect_target_domain'] = 'www.'.$web['domain'];
3460                 $seo_redirects[$prefix.'seo_redirect_operator'] = '';
3461             }
3462             if($web['seo_redirect'] == '*_domain_tld_to_www_domain_tld'){
3463                 // ^(example\.com|(?!\bwww\b)\.example\.com)$
3464                 // ^(example\.com|((?:\w+(?:-\w+)*\.)*)((?!www\.)\w+(?:-\w+)*)(\.example\.com))$
3465                 $seo_redirects[$prefix.'seo_redirect_origin_domain'] = '('.str_replace('.', '\.', $web['domain']).'|((?:\w+(?:-\w+)*\.)*)((?!www\.)\w+(?:-\w+)*)(\.'.str_replace('.', '\.', $web['domain']).'))';
3466                 $seo_redirects[$prefix.'seo_redirect_target_domain'] = 'www.'.$web['domain'];
3467                 $seo_redirects[$prefix.'seo_redirect_operator'] = '';
3468             }
3469             if($web['seo_redirect'] == '*_to_www_domain_tld'){
3470                 $seo_redirects[$prefix.'seo_redirect_origin_domain'] = 'www\.'.str_replace('.', '\.', $web['domain']);
3471                 $seo_redirects[$prefix.'seo_redirect_target_domain'] = 'www.'.$web['domain'];
3472                 $seo_redirects[$prefix.'seo_redirect_operator'] = '!';
3473             }
3474         }
3475         if($web['seo_redirect'] == 'www_to_non_www'){
3476             $seo_redirects[$prefix.'seo_redirect_origin_domain'] = 'www\.'.str_replace('.', '\.', $web['domain']);
3477             $seo_redirects[$prefix.'seo_redirect_target_domain'] = $web['domain'];
3478             $seo_redirects[$prefix.'seo_redirect_operator'] = '';
3479         }
3480         if($web['seo_redirect'] == '*_domain_tld_to_domain_tld'){
3481             // ^(.+)\.example\.com$
3482             $seo_redirects[$prefix.'seo_redirect_origin_domain'] = '(.+)\.'.str_replace('.', '\.', $web['domain']);
3483             $seo_redirects[$prefix.'seo_redirect_target_domain'] = $web['domain'];
3484             $seo_redirects[$prefix.'seo_redirect_operator'] = '';
3485         }
3486         if($web['seo_redirect'] == '*_to_domain_tld'){
3487             $seo_redirects[$prefix.'seo_redirect_origin_domain'] = str_replace('.', '\.', $web['domain']);
3488             $seo_redirects[$prefix.'seo_redirect_target_domain'] = $web['domain'];
3489             $seo_redirects[$prefix.'seo_redirect_operator'] = '!';
3490         }
3491         return $seo_redirects;
3492     }
b1a6a5 3493
46c683 3494 } // end class
T 3495
c09f04 3496 ?>