gitlabFork/ISPConfig3.git - Solinfo Gitblit

parent: fbb24acd | patch | commit | ignore whitespace

tbrehm

2011-09-20 52407705d64ebabbf3de87fdb78602d24af5a673

Implemented: FS#899 - Folder protection

5 files modified

19 files added

	install/sql/ispconfig3.sql	1 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/admin/templates/server_config_ufw_edit.htm	66 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/client/client_del.php	2 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/form/web_folder.tform.php	110 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/form/web_folder_user.tform.php	122 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/lib/lang/en_web_folder.lng	7 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/lib/lang/en_web_folder_list.lng	7 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/lib/lang/en_web_folder_user.lng	7 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/lib/lang/en_web_folder_user_list.lng	6 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/lib/module.conf.php	32 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/list/web_folder.list.php	99 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/list/web_folder_user.list.php	85 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/templates/web_folder_edit.htm	34 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/templates/web_folder_list.htm	58 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/templates/web_folder_user_edit.htm	38 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/templates/web_folder_user_list.htm	55 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/web_folder_del.php	70 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/web_folder_edit.php	71 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/web_folder_list.php	23 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/web_folder_user_del.php	59 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/web_folder_user_edit.php	70 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/web_folder_user_list.php	23 ●●●●● patch \| view \| raw \| blame \| history
	server/mods-available/web_module.inc.php	18 ●●●●● patch \| view \| raw \| blame \| history
	server/plugins-available/apache2_plugin.inc.php	105 ●●●●● patch \| view \| raw \| blame \| history

 install/sql/ispconfig3.sql

@@ -1557,6 +1557,7 @@
  `sys_perm_user` varchar(5) DEFAULT NULL,
  `sys_perm_group` varchar(5) DEFAULT NULL,
  `sys_perm_other` varchar(5) DEFAULT NULL,
  `server_id` int(11) NOT NULL DEFAULT '0',
  `web_folder_id` int(11) NOT NULL DEFAULT '0',
  `username` varchar(255) DEFAULT NULL,
  `password` varchar(255) DEFAULT NULL,

 interface/web/admin/templates/server_config_ufw_edit.htm

New file
@@ -0,0 +1,66 @@
<h2><tmpl_var name="list_head_txt"></h2>
<p><tmpl_var name="list_desc_txt"></p>

<div class="panel panel_server_config">

  <div class="pnl_formsarea">
    <fieldset class="inlineLabels"><legend>UFW Firewall</legend>
      <div class="ctrlHolder">
                <p class="label">{tmpl_var name='ufw_enable_txt'}</p>
                    <div class="multiField">
                        {tmpl_var name='ufw_enable'}
                    </div>
            </div>
      <div class="ctrlHolder">
                <p class="label">{tmpl_var name='ufw_manage_builtins_txt'}</p>
                    <div class="multiField">
                        {tmpl_var name='ufw_manage_builtins'}
                    </div>
            </div>
      <div class="ctrlHolder">
                <p class="label">{tmpl_var name='ufw_ipv6_txt'}</p>
                    <div class="multiField">
                        {tmpl_var name='ufw_ipv6'}
                    </div>
            </div>
      <div class="ctrlHolder">
          <label for="ufw_default_input_policy">{tmpl_var name='ufw_default_input_policy_txt'}</label>
        <select name="ufw_default_input_policy" id="ufw_default_input_policy" class="selectInput">
                    {tmpl_var name='ufw_default_input_policy'}
                </select>
      </div>
      <div class="ctrlHolder">
          <label for="ufw_default_output_policy">{tmpl_var name='ufw_default_output_policy_txt'}</label>
        <select name="ufw_default_output_policy" id="ufw_default_output_policy" class="selectInput">
                    {tmpl_var name='ufw_default_output_policy'}
                </select>
      </div>
      <div class="ctrlHolder">
          <label for="ufw_default_forward_policy">{tmpl_var name='ufw_default_forward_policy_txt'}</label>
        <select name="ufw_default_forward_policy" id="ufw_default_forward_policy" class="selectInput">
                    {tmpl_var name='ufw_default_forward_policy'}
                </select>
      </div>
      <div class="ctrlHolder">
          <label for="ufw_default_application_policy">{tmpl_var name='ufw_default_application_policy_txt'}</label>
        <select name="ufw_default_application_policy" id="ufw_default_application_policy" class="selectInput">
                    {tmpl_var name='ufw_default_application_policy'}
                </select>
      </div>
      <div class="ctrlHolder">
          <label for="ufw_log_level">{tmpl_var name='ufw_log_level_txt'}</label>
        <select name="ufw_log_level" id="ufw_log_level" class="selectInput">
                    {tmpl_var name='ufw_log_level'}
                </select>
      </div>
    </fieldset>

    <input type="hidden" name="id" value="{tmpl_var name='id'}">

    <div class="buttonHolder buttons">
      <button class="positive iconstxt icoPositive" type="button" value="{tmpl_var name='btn_save_txt'}" onClick="submitForm('pageForm','admin/server_config_edit.php');"><span>{tmpl_var name='btn_save_txt'}</span></button>
      <button class="negative iconstxt icoNegative" type="button" value="{tmpl_var name='btn_cancel_txt'}" onClick="loadContent('admin/server_config_list.php');"><span>{tmpl_var name='btn_cancel_txt'}</span></button>
    </div>
  </div>
  
</div>

 interface/web/client/client_del.php

@@ -131,7 +131,7 @@
            $app->db->query("DELETE FROM sys_user WHERE client_id = $client_id");
            
            // Delete all records (sub-clients, mail, web, etc....)  of this client.
            $tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_domain,web_traffic';
            $tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_domain,web_traffic,web_folder,web_folder_user';
            $tables_array = explode(',',$tables);
            $client_group_id = intval($client_group['groupid']);
            if($client_group_id > 1) {

 interface/web/sites/form/web_folder.tform.php

New file
@@ -0,0 +1,110 @@
<?php

/*
    Form Definition

    Tabledefinition

    Datatypes:
    - INTEGER (Forces the input to Int)
    - DOUBLE
    - CURRENCY (Formats the values to currency notation)
    - VARCHAR (no format check, maxlength: 255)
    - TEXT (no format check)
    - DATE (Dateformat, automatic conversion to timestamps)

    Formtype:
    - TEXT (Textfield)
    - TEXTAREA (Textarea)
    - PASSWORD (Password textfield, input is not shown when edited)
    - SELECT (Select option field)
    - RADIO
    - CHECKBOX
    - CHECKBOXARRAY
    - FILE

    VALUE:
    - Wert oder Array

    Hint:
    The ID field of the database table is not part of the datafield definition.
    The ID field must be always auto incement (int or bigint).


*/

$form["title"]             = "Web Folder";
$form["description"]     = "";
$form["name"]             = "web_folder";
$form["action"]            = "web_folder_edit.php";
$form["db_table"]        = "web_folder";
$form["db_table_idx"]    = "web_folder_id";
$form["db_history"]        = "yes";
$form["tab_default"]    = "folder";
$form["list_default"]    = "web_folder_list.php";
$form["auth"]            = 'yes'; // yes / no

$form["auth_preset"]["userid"]  = 0; // 0 = id of the user, > 0 id must match with id of current user
$form["auth_preset"]["groupid"] = 0; // 0 = default groupid of the user, > 0 id must match with groupid of current user
$form["auth_preset"]["perm_user"] = 'riud'; //r = read, i = insert, u = update, d = delete
$form["auth_preset"]["perm_group"] = 'riud'; //r = read, i = insert, u = update, d = delete
$form["auth_preset"]["perm_other"] = ''; //r = read, i = insert, u = update, d = delete

$form["tabs"]['folder'] = array (
    'title'     => "Folder",
    'width'     => 100,
    'template'     => "templates/web_folder_edit.htm",
    'fields'     => array (
    ##################################
    # Begin Datatable fields
    ##################################
        'server_id' => array (
            'datatype'    => 'INTEGER',
            'formtype'    => 'SELECT',
            'default'    => '',
            'datasource'    => array (     'type'    => 'SQL',
                                        'querystring' => 'SELECT server_id,server_name FROM server WHERE mirror_server_id = 0 AND {AUTHSQL} ORDER BY server_name',
                                        'keyfield'=> 'server_id',
                                        'valuefield'=> 'server_name'
                                     ),
            'value'        => ''
        ),
        'parent_domain_id' => array (
            'datatype'    => 'INTEGER',
            'formtype'    => 'SELECT',
            'default'    => '',
            'datasource'    => array (     'type'    => 'SQL',
                                        'querystring' => "SELECT domain_id,domain FROM web_domain WHERE type = 'vhost' AND {AUTHSQL} ORDER BY domain",
                                        'keyfield'=> 'domain_id',
                                        'valuefield'=> 'domain'
                                     ),
            'value'        => ''
        ),
        'path' => array (
            'datatype'    => 'VARCHAR',
            'formtype'    => 'TEXT',
            'validators'    => array (     0 => array (    'type'    => 'REGEX',
                                                        'regex' => '/^[\w\.\-\_\/]{0,255}$/',
                                                        'errmsg'=> 'path_error_regex'),
                                    ),
            'default'    => '/',
            'value'        => '',
            'width'        => '30',
            'maxlength'    => '255'
        ),
        'active' => array (
            'datatype'    => 'VARCHAR',
            'formtype'    => 'CHECKBOX',
            'default'    => 'y',
            'value'        => array(0 => 'n',1 => 'y')
        ),
    ##################################
    # ENDE Datatable fields
    ##################################
    )
);




?>

 interface/web/sites/form/web_folder_user.tform.php

New file
@@ -0,0 +1,122 @@
<?php

/*
    Form Definition

    Tabledefinition

    Datatypes:
    - INTEGER (Forces the input to Int)
    - DOUBLE
    - CURRENCY (Formats the values to currency notation)
    - VARCHAR (no format check, maxlength: 255)
    - TEXT (no format check)
    - DATE (Dateformat, automatic conversion to timestamps)

    Formtype:
    - TEXT (Textfield)
    - TEXTAREA (Textarea)
    - PASSWORD (Password textfield, input is not shown when edited)
    - SELECT (Select option field)
    - RADIO
    - CHECKBOX
    - CHECKBOXARRAY
    - FILE

    VALUE:
    - Wert oder Array

    Hint:
    The ID field of the database table is not part of the datafield definition.
    The ID field must be always auto incement (int or bigint).


*/

$form["title"]             = "Web folder user";
$form["description"]     = "";
$form["name"]             = "web_folder_user";
$form["action"]            = "web_folder_user_edit.php";
$form["db_table"]        = "web_folder_user";
$form["db_table_idx"]    = "web_folder_user_id";
$form["db_history"]        = "yes";
$form["tab_default"]    = "user";
$form["list_default"]    = "web_folder_user_list.php";
$form["auth"]            = 'yes'; // yes / no

$form["auth_preset"]["userid"]  = 0; // 0 = id of the user, > 0 id must match with id of current user
$form["auth_preset"]["groupid"] = 0; // 0 = default groupid of the user, > 0 id must match with groupid of current user
$form["auth_preset"]["perm_user"] = 'riud'; //r = read, i = insert, u = update, d = delete
$form["auth_preset"]["perm_group"] = 'riud'; //r = read, i = insert, u = update, d = delete
$form["auth_preset"]["perm_other"] = ''; //r = read, i = insert, u = update, d = delete

$form["tabs"]['user'] = array (
    'title'     => "Folder",
    'width'     => 100,
    'template'     => "templates/web_folder_user_edit.htm",
    'fields'     => array (
    ##################################
    # Begin Datatable fields
    ##################################
        'server_id' => array (
            'datatype'    => 'INTEGER',
            'formtype'    => 'SELECT',
            'default'    => '',
            'datasource'    => array (     'type'    => 'SQL',
                                        'querystring' => 'SELECT server_id,server_name FROM server WHERE mirror_server_id = 0 AND {AUTHSQL} ORDER BY server_name',
                                        'keyfield'=> 'server_id',
                                        'valuefield'=> 'server_name'
                                     ),
            'value'        => ''
        ),
        'web_folder_id' => array (
            'datatype'    => 'INTEGER',
            'formtype'    => 'SELECT',
            'default'    => '',
            'datasource'    => array (     'type'    => 'SQL',
                                        'querystring' => "Select concat(web_domain.domain,' ',web_folder.path) as name, web_folder.web_folder_id from web_domain, web_folder WHERE web_domain.domain_id = web_folder.parent_domain_id AND {AUTHSQL} ORDER BY web_domain.domain",
                                        'keyfield'=> 'web_folder_id',
                                        'valuefield'=> 'name'
                                     ),
            'validators'    => array (     0 => array (    'type'    => 'NOTEMPTY',
                                                        'errmsg'=> 'folder_error_empty'),
                                    ),
            'value'        => ''
        ),
        'username' => array (
            'datatype'    => 'VARCHAR',
            'formtype'    => 'TEXT',
            'validators'    => array (     0 => array (    'type'    => 'REGEX',
                                                        'regex' => '/^[\w\.\-]{0,64}$/',
                                                        'errmsg'=> 'username_error_regex'),
                                    ),
            'default'    => '',
            'value'        => '',
            'width'        => '30',
            'maxlength'    => '255'
        ),
        'password' => array (
            'datatype'    => 'VARCHAR',
            'formtype'    => 'PASSWORD',
            'encryption' => 'CRYPT',
            'default'    => '',
            'value'        => '',
            'width'        => '30',
            'maxlength'    => '255'
        ),
        'active' => array (
            'datatype'    => 'VARCHAR',
            'formtype'    => 'CHECKBOX',
            'default'    => 'y',
            'value'        => array(0 => 'n',1 => 'y')
        ),
    ##################################
    # ENDE Datatable fields
    ##################################
    )
);




?>

 interface/web/sites/lib/lang/en_web_folder.lng

New file
@@ -0,0 +1,7 @@
<?php
$wb["server_id_txt"] = 'Server';
$wb["parent_domain_id_txt"] = 'Website';
$wb["path_txt"] = 'Path';
$wb["active_txt"] = 'Active';
$wb["path_error_regex"] = 'Invalid folder path.';
?>

 interface/web/sites/lib/lang/en_web_folder_list.lng

New file
@@ -0,0 +1,7 @@
<?php
$wb["list_head_txt"] = 'Folder';
$wb["active_txt"] = 'Active';
$wb["server_id_txt"] = 'Server';
$wb["parent_domain_id_txt"] = 'Website';
$wb["path_txt"] = 'Path';
?>

 interface/web/sites/lib/lang/en_web_folder_user.lng

New file
@@ -0,0 +1,7 @@
<?php
$wb["web_folder_id_txt"] = 'Folder';
$wb["username_txt"] = 'Username';
$wb["password_txt"] = 'Password';
$wb["active_txt"] = 'Active';
$wb["folder_error_empty"] = 'No web folder selecetd.';
?>

 interface/web/sites/lib/lang/en_web_folder_user_list.lng

New file
@@ -0,0 +1,6 @@
<?php
$wb["list_head_txt"] = 'Folder User';
$wb["active_txt"] = 'Active';
$wb["web_folder_id_txt"] = 'Folder';
$wb["username_txt"] = 'Username';
?>

 interface/web/sites/lib/module.conf.php

@@ -117,6 +117,26 @@
}

/*
 *    Web folder menu
 */
    $items=array();
	
    $items[] = array( 'title'     => "Folder",
            'target'     => 'content',
            'link'    => 'sites/web_folder_list.php',
            'html_id' => 'web_folder_list');
	
    $items[] = array( 'title'     => "Folder users",
            'target'     => 'content',
            'link'    => 'sites/web_folder_user_list.php',
            'html_id' => 'web_folder_user_list');
	
    $module["nav"][] = array(    'title'    => 'Folder protection',
            'open'     => 1,
            'items'    => $items);


/*
    Cron menu
*/
if($app->auth->get_client_limit($userid,'cron') != 0)
@@ -152,18 +172,6 @@
        'items' => $items);



// clean up
unset($items);

$items[] = array( 'title'     => "Rewrite Rules",
                  'target'     => 'content',
                  'link'    => 'sites/proxy_reverse_list.php');


$module["nav"][] = array(    'title'    => 'Reverse Proxy',
                            'open'     => 1,
                            'items'    => $items);

// clean up
unset($items);

 interface/web/sites/list/web_folder.list.php

New file
@@ -0,0 +1,99 @@
<?php

/*
    Datatypes:
    - INTEGER
    - DOUBLE
    - CURRENCY
    - VARCHAR
    - TEXT
    - DATE
*/



// Name of the list
$liste["name"]                 = "web_folder";

// Database table
$liste["table"]             = "web_folder";

// Index index field of the database table
$liste["table_idx"]            = "web_folder_id";

// Search Field Prefix
$liste["search_prefix"]     = "search_";

// Records per page
$liste["records_per_page"]     = "15";

// Script File of the list
$liste["file"]                = "web_folder_list.php";

// Script file of the edit form
$liste["edit_file"]            = "web_folder_edit.php";

// Script File of the delete script
$liste["delete_file"]        = "web_folder_del.php";

// Paging Template
$liste["paging_tpl"]        = "templates/paging.tpl.htm";

// Enable auth
$liste["auth"]                = "yes";


/*****************************************************
* Suchfelder
*****************************************************/


$liste["item"][] = array(    'field'        => "active",
                            'datatype'    => "VARCHAR",
                            'formtype'    => "SELECT",
                            'op'        => "=",
                            'prefix'    => "",
                            'suffix'    => "",
                            'width'        => "",
                            'value'        => array('y' => "<div id=\"ir-Yes\" class=\"swap\"><span>Yes</span></div>",'n' => "<div class=\"swap\" id=\"ir-No\"><span>No</span></div>"));


$liste["item"][] = array(    'field'        => "server_id",
                            'datatype'    => "VARCHAR",
                            'formtype'    => "SELECT",
                            'op'        => "like",
                            'prefix'    => "%",
                            'suffix'    => "%",
                            'datasource'    => array (     'type'    => 'SQL',
                                                        'querystring' => 'SELECT server_id,server_name FROM server WHERE {AUTHSQL} ORDER BY server_name',
                                                        'keyfield'=> 'server_id',
                                                        'valuefield'=> 'server_name'
                                                       ),
                            'width'        => "",
                            'value'        => "");

$liste["item"][] = array(    'field'        => "parent_domain_id",
                            'datatype'    => "VARCHAR",
                            'formtype'    => "SELECT",
                            'op'        => "=",
                            'prefix'    => "",
                            'suffix'    => "",
                            'datasource'    => array (     'type'    => 'SQL',
                                        'querystring' => "SELECT domain_id,domain FROM web_domain WHERE type = 'vhost' AND {AUTHSQL} ORDER BY domain",
                                        'keyfield'=> 'domain_id',
                                        'valuefield'=> 'domain'
                                     ),
                            'width'        => "",
                            'value'        => "");

$liste["item"][] = array(    'field'        => "path",
                            'datatype'    => "VARCHAR",
                            'formtype'    => "TEXT",
                            'op'        => "like",
                            'prefix'    => "%",
                            'suffix'    => "%",
                            'width'        => "",
                            'value'        => "");


?>

 interface/web/sites/list/web_folder_user.list.php

New file
@@ -0,0 +1,85 @@
<?php

/*
    Datatypes:
    - INTEGER
    - DOUBLE
    - CURRENCY
    - VARCHAR
    - TEXT
    - DATE
*/



// Name of the list
$liste["name"]                 = "web_folder_user";

// Database table
$liste["table"]             = "web_folder_user";

// Index index field of the database table
$liste["table_idx"]            = "web_folder_user_id";

// Search Field Prefix
$liste["search_prefix"]     = "search_";

// Records per page
$liste["records_per_page"]     = "15";

// Script File of the list
$liste["file"]                = "web_folder_user_list.php";

// Script file of the edit form
$liste["edit_file"]            = "web_folder_user_edit.php";

// Script File of the delete script
$liste["delete_file"]        = "web_folder_user_del.php";

// Paging Template
$liste["paging_tpl"]        = "templates/paging.tpl.htm";

// Enable auth
$liste["auth"]                = "yes";


/*****************************************************
* Suchfelder
*****************************************************/


$liste["item"][] = array(    'field'        => "active",
                            'datatype'    => "VARCHAR",
                            'formtype'    => "SELECT",
                            'op'        => "=",
                            'prefix'    => "",
                            'suffix'    => "",
                            'width'        => "",
                            'value'        => array('y' => "<div id=\"ir-Yes\" class=\"swap\"><span>Yes</span></div>",'n' => "<div class=\"swap\" id=\"ir-No\"><span>No</span></div>"));


$liste["item"][] = array(    'field'        => "web_folder_id",
                            'datatype'    => "VARCHAR",
                            'formtype'    => "SELECT",
                            'op'        => "=",
                            'prefix'    => "",
                            'suffix'    => "",
                            'datasource'    => array (     'type'    => 'SQL',
                                        'querystring' => "Select concat(web_domain.domain,' ',web_folder.path) as name, web_folder.web_folder_id from web_domain, web_folder WHERE web_domain.domain_id = web_folder.parent_domain_id AND {AUTHSQL} ORDER BY web_domain.domain",
                                        'keyfield'=> 'web_folder_id',
                                        'valuefield'=> 'name'
                                     ),
                            'width'        => "",
                            'value'        => "");

$liste["item"][] = array(    'field'        => "username",
                            'datatype'    => "VARCHAR",
                            'formtype'    => "TEXT",
                            'op'        => "like",
                            'prefix'    => "%",
                            'suffix'    => "%",
                            'width'        => "",
                            'value'        => "");


?>

 interface/web/sites/templates/web_folder_edit.htm

New file
@@ -0,0 +1,34 @@
<h2><tmpl_var name="list_head_txt"></h2>
<p><tmpl_var name="list_desc_txt"></p>

<div class="panel panel_web_folder">

  <div class="pnl_formsarea">
    <fieldset class="inlineLabels"><legend>Folder</legend>
      <div class="ctrlHolder">
          <label for="parent_domain_id">{tmpl_var name='parent_domain_id_txt'}</label>
        <select name="parent_domain_id" id="parent_domain_id" class="selectInput">
                    {tmpl_var name='parent_domain_id'}
                </select>
      </div>
      <div class="ctrlHolder">
          <label for="path">{tmpl_var name='path_txt'}</label>
        <input name="path" id="path" value="{tmpl_var name='path'}" size="30" maxlength="255" type="text" class="textInput" />
            </div>
      <div class="ctrlHolder">
                <p class="label">{tmpl_var name='active_txt'}</p>
                    <div class="multiField">
                        {tmpl_var name='active'}
                    </div>
            </div>
    </fieldset>

    <input type="hidden" name="id" value="{tmpl_var name='id'}">

    <div class="buttonHolder buttons">
      <button class="positive iconstxt icoPositive" type="button" value="{tmpl_var name='btn_save_txt'}" onClick="submitForm('pageForm','sites/web_folder_edit.php');"><span>{tmpl_var name='btn_save_txt'}</span></button>
      <button class="negative iconstxt icoNegative" type="button" value="{tmpl_var name='btn_cancel_txt'}" onClick="loadContent('sites/web_folder_list.php');"><span>{tmpl_var name='btn_cancel_txt'}</span></button>
    </div>
  </div>
  
</div>

 interface/web/sites/templates/web_folder_list.htm

New file
@@ -0,0 +1,58 @@
<h2><tmpl_var name="list_head_txt"></h2>

<div class="panel panel_list_web_folder">

  <div class="pnl_toolsarea">
    <fieldset><legend>{tmpl_var name="toolsarea_head_txt"}</legend>
      <div class="buttons">
        <button class="iconstxt icoAdd" type="button" onClick="loadContent('sites/web_folder_edit.php');">
          <span>{tmpl_var name="add_new_record_txt"}</span>
        </button>
      </div>
    </fieldset>
  </div>

  <div class="pnl_listarea">
    <fieldset><legend><tmpl_var name="list_head_txt"></legend>
      <table class="list">
        <thead>
          <tr>
            <th class="tbl_col_active" scope="col"><tmpl_var name="active_txt"></th>
            <th class="tbl_col_server_id" scope="col"><tmpl_var name="server_id_txt"></th>
            <th class="tbl_col_parent_domain_id" scope="col"><tmpl_var name="parent_domain_id_txt"></th>
            <th class="tbl_col_path" scope="col"><tmpl_var name="path_txt"></th>
            <th class="tbl_col_buttons" scope="col">&nbsp;</th>
          </tr>
          <tr>
            <td class="tbl_col_active"><select name="search_active" onChange="submitForm('pageForm','sites/web_folder_list.php');">{tmpl_var name='search_active'}</select></td>
            <td class="tbl_col_server_id"><select name="search_server_id" onChange="submitForm('pageForm','sites/web_folder_list.php');">{tmpl_var name='search_server_id'}</select></td>
            <td class="tbl_col_parent_domain_id"><select name="search_parent_domain_id" onChange="submitForm('pageForm','sites/web_folder_list.php');">{tmpl_var name='search_parent_domain_id'}</select></td>
            <td class="tbl_col_path"><input type="text" name="search_path" value="{tmpl_var name='search_path'}" /></td>
            <td class="tbl_col_buttons"><div class="buttons"><button type="button" class="icons16 icoFilter" name="Filter" id="Filter" value="{tmpl_var name="filter_txt"}" onClick="submitForm('pageForm','sites/web_folder_list.php');"><span>{tmpl_var name="filter_txt"}</span></button></div></td>
          </tr>
        </thead>
        <tbody>
          <tmpl_loop name="records">
          <tr class="tbl_row_<tmpl_if name='__EVEN__'}even<tmpl_else>uneven</tmpl_if>">
            <td class="tbl_col_active"><a href="#" onClick="loadContent('sites/web_folder_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="active"}</a></td>
            <td class="tbl_col_server_id"><a href="#" onClick="loadContent('sites/web_folder_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="server_id"}</a></td>
            <td class="tbl_col_parent_domain_id"><a href="#" onClick="loadContent('sites/web_folder_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="parent_domain_id"}</a></td>
            <td class="tbl_col_path"><a href="#" onClick="loadContent('sites/web_folder_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="path"}</a></td>
            <td class="tbl_col_buttons">
              <div class="buttons icons16">    
                <a class="icons16 icoDelete" href="javascript: del_record('sites/web_folder_del.php?id={tmpl_var name='id'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span>{tmpl_var name='delete_txt'}</span></a>
              </div>
            </td>
          </tr>
          </tmpl_loop>
        </tbody>
        <tfoot>
          <tr>
            <td class="tbl_footer tbl_paging" colspan="5"><tmpl_var name="paging"></td>
          </tr>
        </tfoot>
      </table>
    </fieldset>
  </div>

</div>

 interface/web/sites/templates/web_folder_user_edit.htm

New file
@@ -0,0 +1,38 @@
<h2><tmpl_var name="list_head_txt"></h2>
<p><tmpl_var name="list_desc_txt"></p>

<div class="panel panel_web_folder_user">

  <div class="pnl_formsarea">
    <fieldset class="inlineLabels"><legend>Folder</legend>
      <div class="ctrlHolder">
          <label for="web_folder_id">{tmpl_var name='web_folder_id_txt'}</label>
        <select name="web_folder_id" id="web_folder_id" class="selectInput">
                    {tmpl_var name='web_folder_id'}
                </select>
      </div>
      <div class="ctrlHolder">
          <label for="username">{tmpl_var name='username_txt'}</label>
        <input name="username" id="username" value="{tmpl_var name='username'}" size="30" maxlength="255" type="text" class="textInput" />
            </div>
      <div class="ctrlHolder">
          <label for="password">{tmpl_var name='password_txt'}</label>
        <input name="password" id="password" value="{tmpl_var name='password'}" size="30" maxlength="255" type="password" class="textInput" />
            </div>
      <div class="ctrlHolder">
                <p class="label">{tmpl_var name='active_txt'}</p>
                    <div class="multiField">
                        {tmpl_var name='active'}
                    </div>
            </div>
    </fieldset>

    <input type="hidden" name="id" value="{tmpl_var name='id'}">

    <div class="buttonHolder buttons">
      <button class="positive iconstxt icoPositive" type="button" value="{tmpl_var name='btn_save_txt'}" onClick="submitForm('pageForm','sites/web_folder_user_edit.php');"><span>{tmpl_var name='btn_save_txt'}</span></button>
      <button class="negative iconstxt icoNegative" type="button" value="{tmpl_var name='btn_cancel_txt'}" onClick="loadContent('sites/web_folder_user_list.php');"><span>{tmpl_var name='btn_cancel_txt'}</span></button>
    </div>
  </div>
  
</div>

 interface/web/sites/templates/web_folder_user_list.htm

New file
@@ -0,0 +1,55 @@
<h2><tmpl_var name="list_head_txt"></h2>

<div class="panel panel_list_web_folder_user">

  <div class="pnl_toolsarea">
    <fieldset><legend>{tmpl_var name="toolsarea_head_txt"}</legend>
      <div class="buttons">
        <button class="iconstxt icoAdd" type="button" onClick="loadContent('sites/web_folder_user_edit.php');">
          <span>{tmpl_var name="add_new_record_txt"}</span>
        </button>
      </div>
    </fieldset>
  </div>

  <div class="pnl_listarea">
    <fieldset><legend><tmpl_var name="list_head_txt"></legend>
      <table class="list">
        <thead>
          <tr>
            <th class="tbl_col_active" scope="col"><tmpl_var name="active_txt"></th>
            <th class="tbl_col_web_folder_id" scope="col"><tmpl_var name="web_folder_id_txt"></th>
            <th class="tbl_col_username" scope="col"><tmpl_var name="username_txt"></th>
            <th class="tbl_col_buttons" scope="col">&nbsp;</th>
          </tr>
          <tr>
            <td class="tbl_col_active"><select name="search_active" onChange="submitForm('pageForm','sites/web_folder_user_list.php');">{tmpl_var name='search_active'}</select></td>
            <td class="tbl_col_web_folder_id"><select name="search_web_folder_id" onChange="submitForm('pageForm','sites/web_folder_user_list.php');">{tmpl_var name='search_web_folder_id'}</select></td>
            <td class="tbl_col_username"><input type="text" name="search_username" value="{tmpl_var name='search_username'}" /></td>
            <td class="tbl_col_buttons"><div class="buttons"><button type="button" class="icons16 icoFilter" name="Filter" id="Filter" value="{tmpl_var name="filter_txt"}" onClick="submitForm('pageForm','sites/web_folder_user_list.php');"><span>{tmpl_var name="filter_txt"}</span></button></div></td>
          </tr>
        </thead>
        <tbody>
          <tmpl_loop name="records">
          <tr class="tbl_row_<tmpl_if name='__EVEN__'}even<tmpl_else>uneven</tmpl_if>">
            <td class="tbl_col_active"><a href="#" onClick="loadContent('sites/web_folder_user_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="active"}</a></td>
            <td class="tbl_col_web_folder_id"><a href="#" onClick="loadContent('sites/web_folder_user_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="web_folder_id"}</a></td>
            <td class="tbl_col_username"><a href="#" onClick="loadContent('sites/web_folder_user_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="username"}</a></td>
            <td class="tbl_col_buttons">
              <div class="buttons icons16">    
                <a class="icons16 icoDelete" href="javascript: del_record('sites/web_folder_user_del.php?id={tmpl_var name='id'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span>{tmpl_var name='delete_txt'}</span></a>
              </div>
            </td>
          </tr>
          </tmpl_loop>
        </tbody>
        <tfoot>
          <tr>
            <td class="tbl_footer tbl_paging" colspan="4"><tmpl_var name="paging"></td>
          </tr>
        </tfoot>
      </table>
    </fieldset>
  </div>

</div>

 interface/web/sites/web_folder_del.php

New file
@@ -0,0 +1,70 @@
<?php

/*
Copyright (c) 2011, Till Brehm, projektfarm Gmbh
Modified 2009, Marius Cramer, pixcept KG
All rights reserved.

Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:

    * Redistributions of source code must retain the above copyright notice,
      this list of conditions and the following disclaimer.
    * Redistributions in binary form must reproduce the above copyright notice,
      this list of conditions and the following disclaimer in the documentation
      and/or other materials provided with the distribution.
    * Neither the name of ISPConfig nor the names of its contributors
      may be used to endorse or promote products derived from this software without
      specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/

/******************************************
* Begin Form configuration
******************************************/

$list_def_file = "list/web_folder.list.php";
$tform_def_file = "form/web_folder.tform.php";

/******************************************
* End Form configuration
******************************************/

require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');

//* Check permissions for module
$app->auth->check_module_permissions('sites');

$app->uses('tpl,tform,tform_actions');
$app->load('tform_actions');

class page_action extends tform_actions {
    function onBeforeDelete() {
        global $app; $conf;
		
        if($app->tform->checkPerm($this->id,'d') == false) $app->error($app->lng('error_no_delete_permission'));
		
        // Delete all users that belong to this folder.
        $records = $app->db->queryAllRecords("SELECT web_folder_user_id FROM web_folder_user WHERE web_folder_id = '".intval($this->id)."'");
        foreach($records as $rec) {
            $app->db->datalogDelete('web_folder_user','web_folder_user_id',$rec['web_folder_user_id']);
        }
        unset($records);
    }
}

$page = new page_action;
$page->onDelete();

?>

 interface/web/sites/web_folder_edit.php

New file
@@ -0,0 +1,71 @@
<?php

/*
Copyright (c) 2011, Till Brehm, projektfarm Gmbh
Modified 2009, Marius Cramer, pixcept KG
All rights reserved.

Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:

    * Redistributions of source code must retain the above copyright notice,
      this list of conditions and the following disclaimer.
    * Redistributions in binary form must reproduce the above copyright notice,
      this list of conditions and the following disclaimer in the documentation
      and/or other materials provided with the distribution.
    * Neither the name of ISPConfig nor the names of its contributors
      may be used to endorse or promote products derived from this software without
      specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/

/******************************************
* Begin Form configuration
******************************************/

$tform_def_file = "form/web_folder.tform.php";

/******************************************
* End Form configuration
******************************************/

require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');

//* Check permissions for module
$app->auth->check_module_permissions('sites');

// Loading classes
$app->uses('tpl,tform,tform_actions,validate_cron');
$app->load('tform_actions');

class page_action extends tform_actions {

    function onSubmit() {
        global $app, $conf;
		
        // Get the record of the parent domain
        $parent_domain = $app->db->queryOneRecord("select server_id FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));
		
        // Set a few fixed values
        $this->dataRecord["server_id"] = $parent_domain["server_id"];
		
        parent::onSubmit();
    }
	
}

$page = new page_action;
$page->onLoad();

?>

 interface/web/sites/web_folder_list.php

New file
@@ -0,0 +1,23 @@
<?php
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');

/******************************************
* Begin Form configuration
******************************************/

$list_def_file = "list/web_folder.list.php";

/******************************************
* End Form configuration
******************************************/

//* Check permissions for module
$app->auth->check_module_permissions('sites');

$app->uses('listform_actions');

$app->listform_actions->onLoad();


?>

 interface/web/sites/web_folder_user_del.php

New file
@@ -0,0 +1,59 @@
<?php

/*
Copyright (c) 2011, Till Brehm, projektfarm Gmbh
Modified 2009, Marius Cramer, pixcept KG
All rights reserved.

Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:

    * Redistributions of source code must retain the above copyright notice,
      this list of conditions and the following disclaimer.
    * Redistributions in binary form must reproduce the above copyright notice,
      this list of conditions and the following disclaimer in the documentation
      and/or other materials provided with the distribution.
    * Neither the name of ISPConfig nor the names of its contributors
      may be used to endorse or promote products derived from this software without
      specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/

/******************************************
* Begin Form configuration
******************************************/

$list_def_file = "list/web_folder_user.list.php";
$tform_def_file = "form/web_folder_user.tform.php";

/******************************************
* End Form configuration
******************************************/

require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');

//* Check permissions for module
$app->auth->check_module_permissions('sites');

$app->uses('tpl,tform,tform_actions');
$app->load('tform_actions');

class page_action extends tform_actions {

}

$page = new page_action;
$page->onDelete();

?>

 interface/web/sites/web_folder_user_edit.php

New file
@@ -0,0 +1,70 @@
<?php

/*
Copyright (c) 2011, Till Brehm, projektfarm Gmbh
Modified 2009, Marius Cramer, pixcept KG
All rights reserved.

Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:

    * Redistributions of source code must retain the above copyright notice,
      this list of conditions and the following disclaimer.
    * Redistributions in binary form must reproduce the above copyright notice,
      this list of conditions and the following disclaimer in the documentation
      and/or other materials provided with the distribution.
    * Neither the name of ISPConfig nor the names of its contributors
      may be used to endorse or promote products derived from this software without
      specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/

/******************************************
* Begin Form configuration
******************************************/

$tform_def_file = "form/web_folder_user.tform.php";

/******************************************
* End Form configuration
******************************************/

require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');

//* Check permissions for module
$app->auth->check_module_permissions('sites');

// Loading classes
$app->uses('tpl,tform,tform_actions,validate_cron');
$app->load('tform_actions');

class page_action extends tform_actions {
	
    function onSubmit() {
        global $app, $conf;
		
        // Get the record of the parent domain
        $folder = $app->db->queryOneRecord("select server_id FROM web_folder WHERE web_folder_id = ".intval(@$this->dataRecord["web_folder_id"]));
		
        // Set a few fixed values
        $this->dataRecord["server_id"] = $folder["server_id"];
		
        parent::onSubmit();
    }
}

$page = new page_action;
$page->onLoad();

?>

 interface/web/sites/web_folder_user_list.php

New file
@@ -0,0 +1,23 @@
<?php
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');

/******************************************
* Begin Form configuration
******************************************/

$list_def_file = "list/web_folder_user.list.php";

/******************************************
* End Form configuration
******************************************/

//* Check permissions for module
$app->auth->check_module_permissions('sites');

$app->uses('listform_actions');

$app->listform_actions->onLoad();


?>

 server/mods-available/web_module.inc.php

@@ -43,7 +43,13 @@
                                    'shell_user_delete',
                                    'webdav_user_insert',
                                    'webdav_user_update',
                                    'webdav_user_delete');
                                    'webdav_user_delete',
                                    'web_folder_insert',
                                    'web_folder_update',
                                    'web_folder_delete',
                                    'web_folder_user_insert',
                                    'web_folder_user_update',
                                    'web_folder_user_delete');
    
    //* This function is called during ispconfig installation to determine
    //  if a symlink shall be created for this plugin.
@@ -121,6 +127,16 @@
                if($action == 'u') $app->plugins->raiseEvent('webdav_user_update',$data);
                if($action == 'd') $app->plugins->raiseEvent('webdav_user_delete',$data);
            break;
            case 'web_folder':
                if($action == 'i') $app->plugins->raiseEvent('web_folder_insert',$data);
                if($action == 'u') $app->plugins->raiseEvent('web_folder_update',$data);
                if($action == 'd') $app->plugins->raiseEvent('web_folder_delete',$data);
            break;
            case 'web_folder_user':
                if($action == 'i') $app->plugins->raiseEvent('web_folder_user_insert',$data);
                if($action == 'u') $app->plugins->raiseEvent('web_folder_user_update',$data);
                if($action == 'd') $app->plugins->raiseEvent('web_folder_user_delete',$data);
            break;
        } // end switch
    } // end function
    

 server/plugins-available/apache2_plugin.inc.php

@@ -77,6 +77,13 @@
        $app->plugins->registerEvent('webdav_user_delete',$this->plugin_name,'webdav');
        
        $app->plugins->registerEvent('client_delete',$this->plugin_name,'client_delete');
		
        $app->plugins->registerEvent('web_folder_user_insert',$this->plugin_name,'web_folder_user');
        $app->plugins->registerEvent('web_folder_user_update',$this->plugin_name,'web_folder_user');
        $app->plugins->registerEvent('web_folder_user_delete',$this->plugin_name,'web_folder_user');
		
        $app->plugins->registerEvent('web_folder_delete',$this->plugin_name,'web_folder_delete');
		
    }

    // Handle the creation of SSL certificates
@@ -1184,6 +1191,104 @@
        unset($tpl);

    }
	
    //* Create or update the .htaccess folder protection
    function web_folder_user($event_name,$data) {
        global $app, $conf;
		
        $app->uses('system');
		
        if($event_name == 'web_folder_user_delete') {
            $folder_id = $data['old']['web_folder_id'];
        } else {
            $folder_id = $data['new']['web_folder_id'];
        }
		
        $folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE web_folder_id = ".intval($folder_id));
        $website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($folder['parent_domain_id']));
		
        if(!is_array($folder) or !is_array($website)) {
            $app->log('Not able to retrieve folder or website record.',LOGLEVEL_DEBUG);
            return false;
        }
		
        //* Get the folder path.
        $folder_path = realpath($website['document_root'].'/web/'.$folder['path']);
        if(substr($folder_path,-1 != '/')) $folder_path .= '/';
		
        //* Check if the resulting path is inside the docroot
        if(substr($folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
            $app->log('Folder path is outside of docroot.',LOGLEVEL_DEBUG);
            return false;
        }
		
        //* Create the folder path, if it does not exist
        if(!is_dir($folder_path)) exec('mkdir -p '.escapehsellarg($folder_path));
		
        //* Create empty .htpasswd file, if it does not exist
        if(!is_file($folder_path.'.htpasswd')) {
            touch($folder_path.'.htpasswd');
            chmod($folder_path.'.htpasswd',0755);
            $app->log('Created file'.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
        }
		
        //* Add or remove the user from .htpasswd file
        if($event_name == 'web_folder_user_delete') {
            $app->system->removeLine($folder_path.'.htpasswd',$data['new']['username'].':');
            $app->log('Removed user: '.$data['new']['username'],LOGLEVEL_DEBUG);
        } else {
            $app->system->replaceLine($folder_path.'.htpasswd',$data['new']['username'].':',$data['new']['username'].':'.$data['new']['password'],0,1);
            $app->log('Added or updated user: '.$data['new']['username'],LOGLEVEL_DEBUG);
        }
		
        //* Create the .htaccess file
        if(!is_file($folder_path.'.htaccess')) {
            $ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$folder_path.".htpasswd\nrequire valid-user";
            file_put_contents($folder_path.'.htaccess',$ht_file);
            chmod($folder_path.'.htpasswd',0755);
            $app->log('Created file'.$folder_path.'.htaccess',LOGLEVEL_DEBUG);
        }
		
    }
	
    //* Remove .htaccess and .htpasswd file, when folder protection is removed
    function web_folder_delete($event_name,$data) {
        global $app, $conf;
		
        $folder_id = $data['old']['web_folder_id'];
		
        $folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE web_folder_id = ".intval($folder_id));
        $website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($folder['parent_domain_id']));
		
        if(!is_array($folder) or !is_array($website)) {
            $app->log('Not able to retrieve folder or website record.',LOGLEVEL_DEBUG);
            return false;
        }
		
        //* Get the folder path.
        $folder_path = realpath($website['document_root'].'/web/'.$folder['path']);
        if(substr($folder_path,-1 != '/')) $folder_path .= '/';
		
        //* Check if the resulting path is inside the docroot
        if(substr($folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
            $app->log('Folder path is outside of docroot.',LOGLEVEL_DEBUG);
            return false;
        }
		
        //* Remove .htpasswd file
        if(is_file($folder_path.'.htpasswd')) {
            unlink($folder_path.'.htpasswd');
            $app->log('Removed file'.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
        }
		
        //* Remove .htaccess file
        if(is_file($folder_path.'.htaccess')) {
            unlink($folder_path.'.htaccess');
            $app->log('Removed file'.$folder_path.'.htaccess',LOGLEVEL_DEBUG);
        }
		
		
    }

    /**
     * This function is called when a Webdav-User is inserted, updated or deleted.

			@@ -1557,6 +1557,7 @@
			`sys_perm_user` varchar(5) DEFAULT NULL,
			`sys_perm_group` varchar(5) DEFAULT NULL,
			`sys_perm_other` varchar(5) DEFAULT NULL,
			`server_id` int(11) NOT NULL DEFAULT '0',
			`web_folder_id` int(11) NOT NULL DEFAULT '0',
			`username` varchar(255) DEFAULT NULL,
			`password` varchar(255) DEFAULT NULL,

New file
			@@ -0,0 +1,66 @@
			<h2><tmpl_var name="list_head_txt"></h2>
			<p><tmpl_var name="list_desc_txt"></p>

			<div class="panel panel_server_config">

			<div class="pnl_formsarea">
			<fieldset class="inlineLabels"><legend>UFW Firewall</legend>
			<div class="ctrlHolder">
			<p class="label">{tmpl_var name='ufw_enable_txt'}</p>
			<div class="multiField">
			{tmpl_var name='ufw_enable'}
			</div>
			</div>
			<div class="ctrlHolder">
			<p class="label">{tmpl_var name='ufw_manage_builtins_txt'}</p>
			<div class="multiField">
			{tmpl_var name='ufw_manage_builtins'}
			</div>
			</div>
			<div class="ctrlHolder">
			<p class="label">{tmpl_var name='ufw_ipv6_txt'}</p>
			<div class="multiField">
			{tmpl_var name='ufw_ipv6'}
			</div>
			</div>
			<div class="ctrlHolder">
			<label for="ufw_default_input_policy">{tmpl_var name='ufw_default_input_policy_txt'}</label>
			<select name="ufw_default_input_policy" id="ufw_default_input_policy" class="selectInput">
			{tmpl_var name='ufw_default_input_policy'}
			</select>
			</div>
			<div class="ctrlHolder">
			<label for="ufw_default_output_policy">{tmpl_var name='ufw_default_output_policy_txt'}</label>
			<select name="ufw_default_output_policy" id="ufw_default_output_policy" class="selectInput">
			{tmpl_var name='ufw_default_output_policy'}
			</select>
			</div>
			<div class="ctrlHolder">
			<label for="ufw_default_forward_policy">{tmpl_var name='ufw_default_forward_policy_txt'}</label>
			<select name="ufw_default_forward_policy" id="ufw_default_forward_policy" class="selectInput">
			{tmpl_var name='ufw_default_forward_policy'}
			</select>
			</div>
			<div class="ctrlHolder">
			<label for="ufw_default_application_policy">{tmpl_var name='ufw_default_application_policy_txt'}</label>
			<select name="ufw_default_application_policy" id="ufw_default_application_policy" class="selectInput">
			{tmpl_var name='ufw_default_application_policy'}
			</select>
			</div>
			<div class="ctrlHolder">
			<label for="ufw_log_level">{tmpl_var name='ufw_log_level_txt'}</label>
			<select name="ufw_log_level" id="ufw_log_level" class="selectInput">
			{tmpl_var name='ufw_log_level'}
			</select>
			</div>
			</fieldset>

			<input type="hidden" name="id" value="{tmpl_var name='id'}">

			<div class="buttonHolder buttons">
			<button class="positive iconstxt icoPositive" type="button" value="{tmpl_var name='btn_save_txt'}" onClick="submitForm('pageForm','admin/server_config_edit.php');"><span>{tmpl_var name='btn_save_txt'}</span></button>
			<button class="negative iconstxt icoNegative" type="button" value="{tmpl_var name='btn_cancel_txt'}" onClick="loadContent('admin/server_config_list.php');"><span>{tmpl_var name='btn_cancel_txt'}</span></button>
			</div>
			</div>

			</div>

			@@ -131,7 +131,7 @@
			$app->db->query("DELETE FROM sys_user WHERE client_id = $client_id");

			// Delete all records (sub-clients, mail, web, etc....) of this client.
			$tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_domain,web_traffic';
			$tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_domain,web_traffic,web_folder,web_folder_user';
			$tables_array = explode(',',$tables);
			$client_group_id = intval($client_group['groupid']);
			if($client_group_id > 1) {

New file
			@@ -0,0 +1,110 @@
			<?php

			/*
			Form Definition

			Tabledefinition

			Datatypes:
			- INTEGER (Forces the input to Int)
			- DOUBLE
			- CURRENCY (Formats the values to currency notation)
			- VARCHAR (no format check, maxlength: 255)
			- TEXT (no format check)
			- DATE (Dateformat, automatic conversion to timestamps)

			Formtype:
			- TEXT (Textfield)
			- TEXTAREA (Textarea)
			- PASSWORD (Password textfield, input is not shown when edited)
			- SELECT (Select option field)
			- RADIO
			- CHECKBOX
			- CHECKBOXARRAY
			- FILE

			VALUE:
			- Wert oder Array

			Hint:
			The ID field of the database table is not part of the datafield definition.
			The ID field must be always auto incement (int or bigint).


			*/

			$form["title"] = "Web Folder";
			$form["description"] = "";
			$form["name"] = "web_folder";
			$form["action"] = "web_folder_edit.php";
			$form["db_table"] = "web_folder";
			$form["db_table_idx"] = "web_folder_id";
			$form["db_history"] = "yes";
			$form["tab_default"] = "folder";
			$form["list_default"] = "web_folder_list.php";
			$form["auth"] = 'yes'; // yes / no

			$form["auth_preset"]["userid"] = 0; // 0 = id of the user, > 0 id must match with id of current user
			$form["auth_preset"]["groupid"] = 0; // 0 = default groupid of the user, > 0 id must match with groupid of current user
			$form["auth_preset"]["perm_user"] = 'riud'; //r = read, i = insert, u = update, d = delete
			$form["auth_preset"]["perm_group"] = 'riud'; //r = read, i = insert, u = update, d = delete
			$form["auth_preset"]["perm_other"] = ''; //r = read, i = insert, u = update, d = delete

			$form["tabs"]['folder'] = array (
			'title' => "Folder",
			'width' => 100,
			'template' => "templates/web_folder_edit.htm",
			'fields' => array (
			##################################
			# Begin Datatable fields
			##################################
			'server_id' => array (
			'datatype' => 'INTEGER',
			'formtype' => 'SELECT',
			'default' => '',
			'datasource' => array ( 'type' => 'SQL',
			'querystring' => 'SELECT server_id,server_name FROM server WHERE mirror_server_id = 0 AND {AUTHSQL} ORDER BY server_name',
			'keyfield'=> 'server_id',
			'valuefield'=> 'server_name'
			),
			'value' => ''
			),
			'parent_domain_id' => array (
			'datatype' => 'INTEGER',
			'formtype' => 'SELECT',
			'default' => '',
			'datasource' => array ( 'type' => 'SQL',
			'querystring' => "SELECT domain_id,domain FROM web_domain WHERE type = 'vhost' AND {AUTHSQL} ORDER BY domain",
			'keyfield'=> 'domain_id',
			'valuefield'=> 'domain'
			),
			'value' => ''
			),
			'path' => array (
			'datatype' => 'VARCHAR',
			'formtype' => 'TEXT',
			'validators' => array ( 0 => array ( 'type' => 'REGEX',
			'regex' => '/^[\w\.\-\_\/]{0,255}$/',
			'errmsg'=> 'path_error_regex'),
			),
			'default' => '/',
			'value' => '',
			'width' => '30',
			'maxlength' => '255'
			),
			'active' => array (
			'datatype' => 'VARCHAR',
			'formtype' => 'CHECKBOX',
			'default' => 'y',
			'value' => array(0 => 'n',1 => 'y')
			),
			##################################
			# ENDE Datatable fields
			##################################
			)
			);




			?>

New file
			@@ -0,0 +1,122 @@
			<?php

			/*
			Form Definition

			Tabledefinition

			Datatypes:
			- INTEGER (Forces the input to Int)
			- DOUBLE
			- CURRENCY (Formats the values to currency notation)
			- VARCHAR (no format check, maxlength: 255)
			- TEXT (no format check)
			- DATE (Dateformat, automatic conversion to timestamps)

			Formtype:
			- TEXT (Textfield)
			- TEXTAREA (Textarea)
			- PASSWORD (Password textfield, input is not shown when edited)
			- SELECT (Select option field)
			- RADIO
			- CHECKBOX
			- CHECKBOXARRAY
			- FILE

			VALUE:
			- Wert oder Array

			Hint:
			The ID field of the database table is not part of the datafield definition.
			The ID field must be always auto incement (int or bigint).


			*/

			$form["title"] = "Web folder user";
			$form["description"] = "";
			$form["name"] = "web_folder_user";
			$form["action"] = "web_folder_user_edit.php";
			$form["db_table"] = "web_folder_user";
			$form["db_table_idx"] = "web_folder_user_id";
			$form["db_history"] = "yes";
			$form["tab_default"] = "user";
			$form["list_default"] = "web_folder_user_list.php";
			$form["auth"] = 'yes'; // yes / no

			$form["auth_preset"]["userid"] = 0; // 0 = id of the user, > 0 id must match with id of current user
			$form["auth_preset"]["groupid"] = 0; // 0 = default groupid of the user, > 0 id must match with groupid of current user
			$form["auth_preset"]["perm_user"] = 'riud'; //r = read, i = insert, u = update, d = delete
			$form["auth_preset"]["perm_group"] = 'riud'; //r = read, i = insert, u = update, d = delete
			$form["auth_preset"]["perm_other"] = ''; //r = read, i = insert, u = update, d = delete

			$form["tabs"]['user'] = array (
			'title' => "Folder",
			'width' => 100,
			'template' => "templates/web_folder_user_edit.htm",
			'fields' => array (
			##################################
			# Begin Datatable fields
			##################################
			'server_id' => array (
			'datatype' => 'INTEGER',
			'formtype' => 'SELECT',
			'default' => '',
			'datasource' => array ( 'type' => 'SQL',
			'querystring' => 'SELECT server_id,server_name FROM server WHERE mirror_server_id = 0 AND {AUTHSQL} ORDER BY server_name',
			'keyfield'=> 'server_id',
			'valuefield'=> 'server_name'
			),
			'value' => ''
			),
			'web_folder_id' => array (
			'datatype' => 'INTEGER',
			'formtype' => 'SELECT',
			'default' => '',
			'datasource' => array ( 'type' => 'SQL',
			'querystring' => "Select concat(web_domain.domain,' ',web_folder.path) as name, web_folder.web_folder_id from web_domain, web_folder WHERE web_domain.domain_id = web_folder.parent_domain_id AND {AUTHSQL} ORDER BY web_domain.domain",
			'keyfield'=> 'web_folder_id',
			'valuefield'=> 'name'
			),
			'validators' => array ( 0 => array ( 'type' => 'NOTEMPTY',
			'errmsg'=> 'folder_error_empty'),
			),
			'value' => ''
			),
			'username' => array (
			'datatype' => 'VARCHAR',
			'formtype' => 'TEXT',
			'validators' => array ( 0 => array ( 'type' => 'REGEX',
			'regex' => '/^[\w\.\-]{0,64}$/',
			'errmsg'=> 'username_error_regex'),
			),
			'default' => '',
			'value' => '',
			'width' => '30',
			'maxlength' => '255'
			),
			'password' => array (
			'datatype' => 'VARCHAR',
			'formtype' => 'PASSWORD',
			'encryption' => 'CRYPT',
			'default' => '',
			'value' => '',
			'width' => '30',
			'maxlength' => '255'
			),
			'active' => array (
			'datatype' => 'VARCHAR',
			'formtype' => 'CHECKBOX',
			'default' => 'y',
			'value' => array(0 => 'n',1 => 'y')
			),
			##################################
			# ENDE Datatable fields
			##################################
			)
			);




			?>

New file
			@@ -0,0 +1,7 @@
			<?php
			$wb["server_id_txt"] = 'Server';
			$wb["parent_domain_id_txt"] = 'Website';
			$wb["path_txt"] = 'Path';
			$wb["active_txt"] = 'Active';
			$wb["path_error_regex"] = 'Invalid folder path.';
			?>

New file
			@@ -0,0 +1,6 @@
			<?php
			$wb["list_head_txt"] = 'Folder User';
			$wb["active_txt"] = 'Active';
			$wb["web_folder_id_txt"] = 'Folder';
			$wb["username_txt"] = 'Username';
			?>

			@@ -117,6 +117,26 @@
			}

			/*
			* Web folder menu
			*/
			$items=array();

			$items[] = array( 'title' => "Folder",
			'target' => 'content',
			'link' => 'sites/web_folder_list.php',
			'html_id' => 'web_folder_list');

			$items[] = array( 'title' => "Folder users",
			'target' => 'content',
			'link' => 'sites/web_folder_user_list.php',
			'html_id' => 'web_folder_user_list');

			$module["nav"][] = array( 'title' => 'Folder protection',
			'open' => 1,
			'items' => $items);


			/*
			Cron menu
			*/
			if($app->auth->get_client_limit($userid,'cron') != 0)
			@@ -152,18 +172,6 @@
			'items' => $items);



			// clean up
			unset($items);

			$items[] = array( 'title' => "Rewrite Rules",
			'target' => 'content',
			'link' => 'sites/proxy_reverse_list.php');


			$module["nav"][] = array( 'title' => 'Reverse Proxy',
			'open' => 1,
			'items' => $items);

			// clean up
			unset($items);

New file
			@@ -0,0 +1,99 @@
			<?php

			/*
			Datatypes:
			- INTEGER
			- DOUBLE
			- CURRENCY
			- VARCHAR
			- TEXT
			- DATE
			*/



			// Name of the list
			$liste["name"] = "web_folder";

			// Database table
			$liste["table"] = "web_folder";

			// Index index field of the database table
			$liste["table_idx"] = "web_folder_id";

			// Search Field Prefix
			$liste["search_prefix"] = "search_";

			// Records per page
			$liste["records_per_page"] = "15";

			// Script File of the list
			$liste["file"] = "web_folder_list.php";

			// Script file of the edit form
			$liste["edit_file"] = "web_folder_edit.php";

			// Script File of the delete script
			$liste["delete_file"] = "web_folder_del.php";

			// Paging Template
			$liste["paging_tpl"] = "templates/paging.tpl.htm";

			// Enable auth
			$liste["auth"] = "yes";


			/*****************************************************
			* Suchfelder
			*****************************************************/


			$liste["item"][] = array( 'field' => "active",
			'datatype' => "VARCHAR",
			'formtype' => "SELECT",
			'op' => "=",
			'prefix' => "",
			'suffix' => "",
			'width' => "",
			'value' => array('y' => "<div id=\"ir-Yes\" class=\"swap\"><span>Yes</span></div>",'n' => "<div class=\"swap\" id=\"ir-No\"><span>No</span></div>"));


			$liste["item"][] = array( 'field' => "server_id",
			'datatype' => "VARCHAR",
			'formtype' => "SELECT",
			'op' => "like",
			'prefix' => "%",
			'suffix' => "%",
			'datasource' => array ( 'type' => 'SQL',
			'querystring' => 'SELECT server_id,server_name FROM server WHERE {AUTHSQL} ORDER BY server_name',
			'keyfield'=> 'server_id',
			'valuefield'=> 'server_name'
			),
			'width' => "",
			'value' => "");

			$liste["item"][] = array( 'field' => "parent_domain_id",
			'datatype' => "VARCHAR",
			'formtype' => "SELECT",
			'op' => "=",
			'prefix' => "",
			'suffix' => "",
			'datasource' => array ( 'type' => 'SQL',
			'querystring' => "SELECT domain_id,domain FROM web_domain WHERE type = 'vhost' AND {AUTHSQL} ORDER BY domain",
			'keyfield'=> 'domain_id',
			'valuefield'=> 'domain'
			),
			'width' => "",
			'value' => "");

			$liste["item"][] = array( 'field' => "path",
			'datatype' => "VARCHAR",
			'formtype' => "TEXT",
			'op' => "like",
			'prefix' => "%",
			'suffix' => "%",
			'width' => "",
			'value' => "");


			?>

New file
			@@ -0,0 +1,85 @@
			<?php

			/*
			Datatypes:
			- INTEGER
			- DOUBLE
			- CURRENCY
			- VARCHAR
			- TEXT
			- DATE
			*/



			// Name of the list
			$liste["name"] = "web_folder_user";

			// Database table
			$liste["table"] = "web_folder_user";

			// Index index field of the database table
			$liste["table_idx"] = "web_folder_user_id";

			// Search Field Prefix
			$liste["search_prefix"] = "search_";

			// Records per page
			$liste["records_per_page"] = "15";

			// Script File of the list
			$liste["file"] = "web_folder_user_list.php";

			// Script file of the edit form
			$liste["edit_file"] = "web_folder_user_edit.php";

			// Script File of the delete script
			$liste["delete_file"] = "web_folder_user_del.php";

			// Paging Template
			$liste["paging_tpl"] = "templates/paging.tpl.htm";

			// Enable auth
			$liste["auth"] = "yes";


			/*****************************************************
			* Suchfelder
			*****************************************************/


			$liste["item"][] = array( 'field' => "active",
			'datatype' => "VARCHAR",
			'formtype' => "SELECT",
			'op' => "=",
			'prefix' => "",
			'suffix' => "",
			'width' => "",
			'value' => array('y' => "<div id=\"ir-Yes\" class=\"swap\"><span>Yes</span></div>",'n' => "<div class=\"swap\" id=\"ir-No\"><span>No</span></div>"));


			$liste["item"][] = array( 'field' => "web_folder_id",
			'datatype' => "VARCHAR",
			'formtype' => "SELECT",
			'op' => "=",
			'prefix' => "",
			'suffix' => "",
			'datasource' => array ( 'type' => 'SQL',
			'querystring' => "Select concat(web_domain.domain,' ',web_folder.path) as name, web_folder.web_folder_id from web_domain, web_folder WHERE web_domain.domain_id = web_folder.parent_domain_id AND {AUTHSQL} ORDER BY web_domain.domain",
			'keyfield'=> 'web_folder_id',
			'valuefield'=> 'name'
			),
			'width' => "",
			'value' => "");

			$liste["item"][] = array( 'field' => "username",
			'datatype' => "VARCHAR",
			'formtype' => "TEXT",
			'op' => "like",
			'prefix' => "%",
			'suffix' => "%",
			'width' => "",
			'value' => "");


			?>

New file
			@@ -0,0 +1,34 @@
			<h2><tmpl_var name="list_head_txt"></h2>
			<p><tmpl_var name="list_desc_txt"></p>

			<div class="panel panel_web_folder">

			<div class="pnl_formsarea">
			<fieldset class="inlineLabels"><legend>Folder</legend>
			<div class="ctrlHolder">
			<label for="parent_domain_id">{tmpl_var name='parent_domain_id_txt'}</label>
			<select name="parent_domain_id" id="parent_domain_id" class="selectInput">
			{tmpl_var name='parent_domain_id'}
			</select>
			</div>
			<div class="ctrlHolder">
			<label for="path">{tmpl_var name='path_txt'}</label>
			<input name="path" id="path" value="{tmpl_var name='path'}" size="30" maxlength="255" type="text" class="textInput" />
			</div>
			<div class="ctrlHolder">
			<p class="label">{tmpl_var name='active_txt'}</p>
			<div class="multiField">
			{tmpl_var name='active'}
			</div>
			</div>
			</fieldset>

			<input type="hidden" name="id" value="{tmpl_var name='id'}">

			<div class="buttonHolder buttons">
			<button class="positive iconstxt icoPositive" type="button" value="{tmpl_var name='btn_save_txt'}" onClick="submitForm('pageForm','sites/web_folder_edit.php');"><span>{tmpl_var name='btn_save_txt'}</span></button>
			<button class="negative iconstxt icoNegative" type="button" value="{tmpl_var name='btn_cancel_txt'}" onClick="loadContent('sites/web_folder_list.php');"><span>{tmpl_var name='btn_cancel_txt'}</span></button>
			</div>
			</div>

			</div>

New file
			@@ -0,0 +1,58 @@
			<h2><tmpl_var name="list_head_txt"></h2>

			<div class="panel panel_list_web_folder">

			<div class="pnl_toolsarea">
			<fieldset><legend>{tmpl_var name="toolsarea_head_txt"}</legend>
			<div class="buttons">
			<button class="iconstxt icoAdd" type="button" onClick="loadContent('sites/web_folder_edit.php');">
			<span>{tmpl_var name="add_new_record_txt"}</span>
			</button>
			</div>
			</fieldset>
			</div>

			<div class="pnl_listarea">
			<fieldset><legend><tmpl_var name="list_head_txt"></legend>
			<table class="list">
			<thead>
			<tr>
			<th class="tbl_col_active" scope="col"><tmpl_var name="active_txt"></th>
			<th class="tbl_col_server_id" scope="col"><tmpl_var name="server_id_txt"></th>
			<th class="tbl_col_parent_domain_id" scope="col"><tmpl_var name="parent_domain_id_txt"></th>
			<th class="tbl_col_path" scope="col"><tmpl_var name="path_txt"></th>
			<th class="tbl_col_buttons" scope="col"> </th>
			</tr>
			<tr>
			<td class="tbl_col_active"><select name="search_active" onChange="submitForm('pageForm','sites/web_folder_list.php');">{tmpl_var name='search_active'}</select></td>
			<td class="tbl_col_server_id"><select name="search_server_id" onChange="submitForm('pageForm','sites/web_folder_list.php');">{tmpl_var name='search_server_id'}</select></td>
			<td class="tbl_col_parent_domain_id"><select name="search_parent_domain_id" onChange="submitForm('pageForm','sites/web_folder_list.php');">{tmpl_var name='search_parent_domain_id'}</select></td>
			<td class="tbl_col_path"><input type="text" name="search_path" value="{tmpl_var name='search_path'}" /></td>
			<td class="tbl_col_buttons"><div class="buttons"><button type="button" class="icons16 icoFilter" name="Filter" id="Filter" value="{tmpl_var name="filter_txt"}" onClick="submitForm('pageForm','sites/web_folder_list.php');"><span>{tmpl_var name="filter_txt"}</span></button></div></td>
			</tr>
			</thead>
			<tbody>
			<tmpl_loop name="records">
			<tr class="tbl_row_<tmpl_if name='__EVEN__'}even<tmpl_else>uneven</tmpl_if>">
			<td class="tbl_col_active"><a href="#" onClick="loadContent('sites/web_folder_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="active"}</a></td>
			<td class="tbl_col_server_id"><a href="#" onClick="loadContent('sites/web_folder_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="server_id"}</a></td>
			<td class="tbl_col_parent_domain_id"><a href="#" onClick="loadContent('sites/web_folder_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="parent_domain_id"}</a></td>
			<td class="tbl_col_path"><a href="#" onClick="loadContent('sites/web_folder_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="path"}</a></td>
			<td class="tbl_col_buttons">
			<div class="buttons icons16">
			<a class="icons16 icoDelete" href="javascript: del_record('sites/web_folder_del.php?id={tmpl_var name='id'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span>{tmpl_var name='delete_txt'}</span></a>
			</div>
			</td>
			</tr>
			</tmpl_loop>
			</tbody>
			<tfoot>
			<tr>
			<td class="tbl_footer tbl_paging" colspan="5"><tmpl_var name="paging"></td>
			</tr>
			</tfoot>
			</table>
			</fieldset>
			</div>

			</div>

New file
			@@ -0,0 +1,38 @@
			<h2><tmpl_var name="list_head_txt"></h2>
			<p><tmpl_var name="list_desc_txt"></p>

			<div class="panel panel_web_folder_user">

			<div class="pnl_formsarea">
			<fieldset class="inlineLabels"><legend>Folder</legend>
			<div class="ctrlHolder">
			<label for="web_folder_id">{tmpl_var name='web_folder_id_txt'}</label>
			<select name="web_folder_id" id="web_folder_id" class="selectInput">
			{tmpl_var name='web_folder_id'}
			</select>
			</div>
			<div class="ctrlHolder">
			<label for="username">{tmpl_var name='username_txt'}</label>
			<input name="username" id="username" value="{tmpl_var name='username'}" size="30" maxlength="255" type="text" class="textInput" />
			</div>
			<div class="ctrlHolder">
			<label for="password">{tmpl_var name='password_txt'}</label>
			<input name="password" id="password" value="{tmpl_var name='password'}" size="30" maxlength="255" type="password" class="textInput" />
			</div>
			<div class="ctrlHolder">
			<p class="label">{tmpl_var name='active_txt'}</p>
			<div class="multiField">
			{tmpl_var name='active'}
			</div>
			</div>
			</fieldset>

			<input type="hidden" name="id" value="{tmpl_var name='id'}">

			<div class="buttonHolder buttons">
			<button class="positive iconstxt icoPositive" type="button" value="{tmpl_var name='btn_save_txt'}" onClick="submitForm('pageForm','sites/web_folder_user_edit.php');"><span>{tmpl_var name='btn_save_txt'}</span></button>
			<button class="negative iconstxt icoNegative" type="button" value="{tmpl_var name='btn_cancel_txt'}" onClick="loadContent('sites/web_folder_user_list.php');"><span>{tmpl_var name='btn_cancel_txt'}</span></button>
			</div>
			</div>

			</div>

New file
			@@ -0,0 +1,55 @@
			<h2><tmpl_var name="list_head_txt"></h2>

			<div class="panel panel_list_web_folder_user">

			<div class="pnl_toolsarea">
			<fieldset><legend>{tmpl_var name="toolsarea_head_txt"}</legend>
			<div class="buttons">
			<button class="iconstxt icoAdd" type="button" onClick="loadContent('sites/web_folder_user_edit.php');">
			<span>{tmpl_var name="add_new_record_txt"}</span>
			</button>
			</div>
			</fieldset>
			</div>

			<div class="pnl_listarea">
			<fieldset><legend><tmpl_var name="list_head_txt"></legend>
			<table class="list">
			<thead>
			<tr>
			<th class="tbl_col_active" scope="col"><tmpl_var name="active_txt"></th>
			<th class="tbl_col_web_folder_id" scope="col"><tmpl_var name="web_folder_id_txt"></th>
			<th class="tbl_col_username" scope="col"><tmpl_var name="username_txt"></th>
			<th class="tbl_col_buttons" scope="col"> </th>
			</tr>
			<tr>
			<td class="tbl_col_active"><select name="search_active" onChange="submitForm('pageForm','sites/web_folder_user_list.php');">{tmpl_var name='search_active'}</select></td>
			<td class="tbl_col_web_folder_id"><select name="search_web_folder_id" onChange="submitForm('pageForm','sites/web_folder_user_list.php');">{tmpl_var name='search_web_folder_id'}</select></td>
			<td class="tbl_col_username"><input type="text" name="search_username" value="{tmpl_var name='search_username'}" /></td>
			<td class="tbl_col_buttons"><div class="buttons"><button type="button" class="icons16 icoFilter" name="Filter" id="Filter" value="{tmpl_var name="filter_txt"}" onClick="submitForm('pageForm','sites/web_folder_user_list.php');"><span>{tmpl_var name="filter_txt"}</span></button></div></td>
			</tr>
			</thead>
			<tbody>
			<tmpl_loop name="records">
			<tr class="tbl_row_<tmpl_if name='__EVEN__'}even<tmpl_else>uneven</tmpl_if>">
			<td class="tbl_col_active"><a href="#" onClick="loadContent('sites/web_folder_user_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="active"}</a></td>
			<td class="tbl_col_web_folder_id"><a href="#" onClick="loadContent('sites/web_folder_user_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="web_folder_id"}</a></td>
			<td class="tbl_col_username"><a href="#" onClick="loadContent('sites/web_folder_user_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="username"}</a></td>
			<td class="tbl_col_buttons">
			<div class="buttons icons16">
			<a class="icons16 icoDelete" href="javascript: del_record('sites/web_folder_user_del.php?id={tmpl_var name='id'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span>{tmpl_var name='delete_txt'}</span></a>
			</div>
			</td>
			</tr>
			</tmpl_loop>
			</tbody>
			<tfoot>
			<tr>
			<td class="tbl_footer tbl_paging" colspan="4"><tmpl_var name="paging"></td>
			</tr>
			</tfoot>
			</table>
			</fieldset>
			</div>

			</div>

New file
			@@ -0,0 +1,70 @@
			<?php

			/*
			Copyright (c) 2011, Till Brehm, projektfarm Gmbh
			Modified 2009, Marius Cramer, pixcept KG
			All rights reserved.

			Redistribution and use in source and binary forms, with or without modification,
			are permitted provided that the following conditions are met:

			* Redistributions of source code must retain the above copyright notice,
			this list of conditions and the following disclaimer.
			* Redistributions in binary form must reproduce the above copyright notice,
			this list of conditions and the following disclaimer in the documentation
			and/or other materials provided with the distribution.
			* Neither the name of ISPConfig nor the names of its contributors
			may be used to endorse or promote products derived from this software without
			specific prior written permission.

			THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
			ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
			WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
			IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
			INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
			BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
			DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
			OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
			NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
			EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
			*/

			/******************************************
			* Begin Form configuration
			******************************************/

			$list_def_file = "list/web_folder.list.php";
			$tform_def_file = "form/web_folder.tform.php";

			/******************************************
			* End Form configuration
			******************************************/

			require_once('../../lib/config.inc.php');
			require_once('../../lib/app.inc.php');

			//* Check permissions for module
			$app->auth->check_module_permissions('sites');

			$app->uses('tpl,tform,tform_actions');
			$app->load('tform_actions');

			class page_action extends tform_actions {
			function onBeforeDelete() {
			global $app; $conf;

			if($app->tform->checkPerm($this->id,'d') == false) $app->error($app->lng('error_no_delete_permission'));

			// Delete all users that belong to this folder.
			$records = $app->db->queryAllRecords("SELECT web_folder_user_id FROM web_folder_user WHERE web_folder_id = '".intval($this->id)."'");
			foreach($records as $rec) {
			$app->db->datalogDelete('web_folder_user','web_folder_user_id',$rec['web_folder_user_id']);
			}
			unset($records);
			}
			}

			$page = new page_action;
			$page->onDelete();

			?>

New file
			@@ -0,0 +1,71 @@
			<?php

			/*
			Copyright (c) 2011, Till Brehm, projektfarm Gmbh
			Modified 2009, Marius Cramer, pixcept KG
			All rights reserved.

			Redistribution and use in source and binary forms, with or without modification,
			are permitted provided that the following conditions are met:

			* Redistributions of source code must retain the above copyright notice,
			this list of conditions and the following disclaimer.
			* Redistributions in binary form must reproduce the above copyright notice,
			this list of conditions and the following disclaimer in the documentation
			and/or other materials provided with the distribution.
			* Neither the name of ISPConfig nor the names of its contributors
			may be used to endorse or promote products derived from this software without
			specific prior written permission.

			THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
			ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
			WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
			IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
			INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
			BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
			DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
			OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
			NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
			EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
			*/

			/******************************************
			* Begin Form configuration
			******************************************/

			$tform_def_file = "form/web_folder.tform.php";

			/******************************************
			* End Form configuration
			******************************************/

			require_once('../../lib/config.inc.php');
			require_once('../../lib/app.inc.php');

			//* Check permissions for module
			$app->auth->check_module_permissions('sites');

			// Loading classes
			$app->uses('tpl,tform,tform_actions,validate_cron');
			$app->load('tform_actions');

			class page_action extends tform_actions {

			function onSubmit() {
			global $app, $conf;

			// Get the record of the parent domain
			$parent_domain = $app->db->queryOneRecord("select server_id FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));

			// Set a few fixed values
			$this->dataRecord["server_id"] = $parent_domain["server_id"];

			parent::onSubmit();
			}

			}

			$page = new page_action;
			$page->onLoad();

			?>

New file
			@@ -0,0 +1,23 @@
			<?php
			require_once('../../lib/config.inc.php');
			require_once('../../lib/app.inc.php');

			/******************************************
			* Begin Form configuration
			******************************************/

			$list_def_file = "list/web_folder.list.php";

			/******************************************
			* End Form configuration
			******************************************/

			//* Check permissions for module
			$app->auth->check_module_permissions('sites');

			$app->uses('listform_actions');

			$app->listform_actions->onLoad();


			?>

New file
			@@ -0,0 +1,59 @@
			<?php

			/*
			Copyright (c) 2011, Till Brehm, projektfarm Gmbh
			Modified 2009, Marius Cramer, pixcept KG
			All rights reserved.

			Redistribution and use in source and binary forms, with or without modification,
			are permitted provided that the following conditions are met:

			* Redistributions of source code must retain the above copyright notice,
			this list of conditions and the following disclaimer.
			* Redistributions in binary form must reproduce the above copyright notice,
			this list of conditions and the following disclaimer in the documentation
			and/or other materials provided with the distribution.
			* Neither the name of ISPConfig nor the names of its contributors
			may be used to endorse or promote products derived from this software without
			specific prior written permission.

			THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
			ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
			WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
			IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
			INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
			BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
			DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
			OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
			NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
			EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
			*/

			/******************************************
			* Begin Form configuration
			******************************************/

			$list_def_file = "list/web_folder_user.list.php";
			$tform_def_file = "form/web_folder_user.tform.php";

			/******************************************
			* End Form configuration
			******************************************/

			require_once('../../lib/config.inc.php');
			require_once('../../lib/app.inc.php');

			//* Check permissions for module
			$app->auth->check_module_permissions('sites');

			$app->uses('tpl,tform,tform_actions');
			$app->load('tform_actions');

			class page_action extends tform_actions {

			}

			$page = new page_action;
			$page->onDelete();

			?>

			@@ -43,7 +43,13 @@
			'shell_user_delete',
			'webdav_user_insert',
			'webdav_user_update',
			'webdav_user_delete');
			'webdav_user_delete',
			'web_folder_insert',
			'web_folder_update',
			'web_folder_delete',
			'web_folder_user_insert',
			'web_folder_user_update',
			'web_folder_user_delete');

			//* This function is called during ispconfig installation to determine
			// if a symlink shall be created for this plugin.
			@@ -121,6 +127,16 @@
			if($action == 'u') $app->plugins->raiseEvent('webdav_user_update',$data);
			if($action == 'd') $app->plugins->raiseEvent('webdav_user_delete',$data);
			break;
			case 'web_folder':
			if($action == 'i') $app->plugins->raiseEvent('web_folder_insert',$data);
			if($action == 'u') $app->plugins->raiseEvent('web_folder_update',$data);
			if($action == 'd') $app->plugins->raiseEvent('web_folder_delete',$data);
			break;
			case 'web_folder_user':
			if($action == 'i') $app->plugins->raiseEvent('web_folder_user_insert',$data);
			if($action == 'u') $app->plugins->raiseEvent('web_folder_user_update',$data);
			if($action == 'd') $app->plugins->raiseEvent('web_folder_user_delete',$data);
			break;
			} // end switch
			} // end function

			@@ -77,6 +77,13 @@
			$app->plugins->registerEvent('webdav_user_delete',$this->plugin_name,'webdav');

			$app->plugins->registerEvent('client_delete',$this->plugin_name,'client_delete');

			$app->plugins->registerEvent('web_folder_user_insert',$this->plugin_name,'web_folder_user');
			$app->plugins->registerEvent('web_folder_user_update',$this->plugin_name,'web_folder_user');
			$app->plugins->registerEvent('web_folder_user_delete',$this->plugin_name,'web_folder_user');

			$app->plugins->registerEvent('web_folder_delete',$this->plugin_name,'web_folder_delete');

			}

			// Handle the creation of SSL certificates
			@@ -1184,6 +1191,104 @@
			unset($tpl);

			}

			//* Create or update the .htaccess folder protection
			function web_folder_user($event_name,$data) {
			global $app, $conf;

			$app->uses('system');

			if($event_name == 'web_folder_user_delete') {
			$folder_id = $data['old']['web_folder_id'];
			} else {
			$folder_id = $data['new']['web_folder_id'];
			}

			$folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE web_folder_id = ".intval($folder_id));
			$website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($folder['parent_domain_id']));

			if(!is_array($folder) or !is_array($website)) {
			$app->log('Not able to retrieve folder or website record.',LOGLEVEL_DEBUG);
			return false;
			}

			//* Get the folder path.
			$folder_path = realpath($website['document_root'].'/web/'.$folder['path']);
			if(substr($folder_path,-1 != '/')) $folder_path .= '/';

			//* Check if the resulting path is inside the docroot
			if(substr($folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
			$app->log('Folder path is outside of docroot.',LOGLEVEL_DEBUG);
			return false;
			}

			//* Create the folder path, if it does not exist
			if(!is_dir($folder_path)) exec('mkdir -p '.escapehsellarg($folder_path));

			//* Create empty .htpasswd file, if it does not exist
			if(!is_file($folder_path.'.htpasswd')) {
			touch($folder_path.'.htpasswd');
			chmod($folder_path.'.htpasswd',0755);
			$app->log('Created file'.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
			}

			//* Add or remove the user from .htpasswd file
			if($event_name == 'web_folder_user_delete') {
			$app->system->removeLine($folder_path.'.htpasswd',$data['new']['username'].':');
			$app->log('Removed user: '.$data['new']['username'],LOGLEVEL_DEBUG);
			} else {
			$app->system->replaceLine($folder_path.'.htpasswd',$data['new']['username'].':',$data['new']['username'].':'.$data['new']['password'],0,1);
			$app->log('Added or updated user: '.$data['new']['username'],LOGLEVEL_DEBUG);
			}

			//* Create the .htaccess file
			if(!is_file($folder_path.'.htaccess')) {
			$ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$folder_path.".htpasswd\nrequire valid-user";
			file_put_contents($folder_path.'.htaccess',$ht_file);
			chmod($folder_path.'.htpasswd',0755);
			$app->log('Created file'.$folder_path.'.htaccess',LOGLEVEL_DEBUG);
			}

			}

			//* Remove .htaccess and .htpasswd file, when folder protection is removed
			function web_folder_delete($event_name,$data) {
			global $app, $conf;

			$folder_id = $data['old']['web_folder_id'];

			$folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE web_folder_id = ".intval($folder_id));
			$website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($folder['parent_domain_id']));

			if(!is_array($folder) or !is_array($website)) {
			$app->log('Not able to retrieve folder or website record.',LOGLEVEL_DEBUG);
			return false;
			}

			//* Get the folder path.
			$folder_path = realpath($website['document_root'].'/web/'.$folder['path']);
			if(substr($folder_path,-1 != '/')) $folder_path .= '/';

			//* Check if the resulting path is inside the docroot
			if(substr($folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
			$app->log('Folder path is outside of docroot.',LOGLEVEL_DEBUG);
			return false;
			}

			//* Remove .htpasswd file
			if(is_file($folder_path.'.htpasswd')) {
			unlink($folder_path.'.htpasswd');
			$app->log('Removed file'.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
			}

			//* Remove .htaccess file
			if(is_file($folder_path.'.htaccess')) {
			unlink($folder_path.'.htaccess');
			$app->log('Removed file'.$folder_path.'.htaccess',LOGLEVEL_DEBUG);
			}


			}

			/**
			* This function is called when a Webdav-User is inserted, updated or deleted.