gitlabFork/ISPConfig3.git - Solinfo Gitblit

parent: e97f841c | patch | commit | ignore whitespace

Marius Cramer

2015-06-05 8cb6f8ffd31ec33479c9696c5263b7a8e27fe273

Merge branch 'stable-3.0.5'

Conflicts:
	install/sql/ispconfig3.sql
	install/tpl/config.inc.php.master
	interface/lib/classes/tform.inc.php
	interface/lib/config.inc.php
	interface/web/admin/server_config_edit.php
	interface/web/themes/blue/ispconfig_version
	interface/web/tools/import_plesk.php
	interface/web/tools/resync.php
	interface/web/vm/openvz_action.php

21 files modified

	interface/lib/classes/auth.inc.php	50 ●●●●● patch \| view \| raw \| blame \| history
	interface/lib/classes/tform_base.inc.php	14 ●●●●● patch \| view \| raw \| blame \| history
	interface/lib/lang/de.lng	1 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/admin/language_add.php	9 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/admin/language_complete.php	8 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/admin/language_edit.php	9 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/admin/language_import.php	9 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/admin/remote_action_ispcupdate.php	9 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/admin/remote_action_osupdate.php	9 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/admin/server_config_edit.php	10 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/client/client_message.php	10 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/dns/dns_wizard.php	10 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/lib/lang/ar_shell_user.lng	2 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/lib/lang/de_shell_user.lng	2 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/lib/lang/en_shell_user.lng	2 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/themes/default/templates/form.tpl.htm	4 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/tools/dns_import_tupa.php	7 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/tools/import_ispconfig.php	9 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/tools/resync.php	11 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/vm/openvz_action.php	9 ●●●●● patch \| view \| raw \| blame \| history
	server/plugins-available/shelluser_base_plugin.inc.php	8 ●●●●● patch \| view \| raw \| blame \| history

 interface/lib/classes/auth.inc.php

@@ -222,6 +222,56 @@
        $salt.="$";
        return crypt($cleartext_password, $salt);
    }
	
    public function csrf_token_get($form_name) {
        /* CSRF PROTECTION */
        // generate csrf protection id and key
        $_csrf_id = uniqid($form_name . '_'); // form id
        $_csrf_key = sha1(uniqid(microtime(true), true)); // the key
        if(!isset($_SESSION['_csrf'])) $_SESSION['_csrf'] = array();
        if(!isset($_SESSION['_csrf_timeout'])) $_SESSION['_csrf_timeout'] = array();
        $_SESSION['_csrf'][$_csrf_id] = $_csrf_key;
        $_SESSION['_csrf_timeout'][$_csrf_id] = time() + 3600; // timeout hash in 1 hour
		
        return array('csrf_id' => $_csrf_id,'csrf_key' => $_csrf_key);
    }
	
    public function csrf_token_check() {
        global $app;
		
        if(isset($_POST) && is_array($_POST)) {
            $_csrf_valid = false;
            if(isset($_POST['_csrf_id']) && isset($_POST['_csrf_key'])) {
                $_csrf_id = trim($_POST['_csrf_id']);
                $_csrf_key = trim($_POST['_csrf_key']);
                if(isset($_SESSION['_csrf']) && isset($_SESSION['_csrf'][$_csrf_id]) && isset($_SESSION['_csrf_timeout']) && isset($_SESSION['_csrf_timeout'][$_csrf_id])) {
                    if($_SESSION['_csrf'][$_csrf_id] === $_csrf_key && $_SESSION['_csrf_timeout'] >= time()) $_csrf_valid = true;
                }
            }
            if($_csrf_valid !== true) {
                $app->log('CSRF attempt blocked. Referer: ' . (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : 'unknown'), LOGLEVEL_WARN);
                $app->error($app->lng('err_csrf_attempt_blocked'));
            }
            $_SESSION['_csrf'][$_csrf_id] = null;
            $_SESSION['_csrf_timeout'][$_csrf_id] = null;
            unset($_SESSION['_csrf'][$_csrf_id]);
            unset($_SESSION['_csrf_timeout'][$_csrf_id]);
			
            if(isset($_SESSION['_csrf_timeout']) && is_array($_SESSION['_csrf_timeout'])) {
                $to_unset = array();
                foreach($_SESSION['_csrf_timeout'] as $_csrf_id => $timeout) {
                    if($timeout < time()) $to_unset[] = $_csrf_id;
                }
                foreach($to_unset as $_csrf_id) {
                    $_SESSION['_csrf'][$_csrf_id] = null;
                    $_SESSION['_csrf_timeout'][$_csrf_id] = null;
                    unset($_SESSION['_csrf'][$_csrf_id]);
                    unset($_SESSION['_csrf_timeout'][$_csrf_id]);
                }
                unset($to_unset);
            }
        }
    }

}


 interface/lib/classes/tform_base.inc.php

@@ -416,12 +416,10 @@

        /* CSRF PROTECTION */
        // generate csrf protection id and key
        $_csrf_id = uniqid($this->formDef['name'] . '_');
        $_csrf_value = sha1(uniqid(microtime(true), true));
        if(!isset($_SESSION['_csrf'])) $_SESSION['_csrf'] = array();
        if(!isset($_SESSION['_csrf_timeout'])) $_SESSION['_csrf_timeout'] = array();
        $_SESSION['_csrf'][$_csrf_id] = $_csrf_value;
        $_SESSION['_csrf_timeout'][$_csrf_id] = time() + 3600; // timeout hash in 1 hour
        $csrf_token = $app->auth->csrf_token_get($this->formDef['name']);
        $_csrf_id = $csrf_token['csrf_id'];
        $_csrf_value = $csrf_token['csrf_key'];
		
        $this->formDef['tabs'][$tab]['fields']['_csrf_id'] = array(
            'datatype' => 'VARCHAR',
            'formtype' => 'TEXT',
@@ -714,10 +712,6 @@
                    unset($_POST);
                    unset($record);
                }
                $_SESSION['_csrf'][$_csrf_id] = null;
                $_SESSION['_csrf_timeout'][$_csrf_id] = null;
                unset($_SESSION['_csrf'][$_csrf_id]);
                unset($_SESSION['_csrf_timeout'][$_csrf_id]);
                
                if(isset($_SESSION['_csrf_timeout']) && is_array($_SESSION['_csrf_timeout'])) {
                    $to_unset = array();

 interface/lib/lang/de.lng

@@ -43,6 +43,7 @@
$wb['latest_news_txt'] = 'Neuigkeiten';
$wb['err_csrf_attempt_blocked'] = 'CSRF-Versuch blockiert.';
$wb['top_menu_vm'] = 'vServer';
$wb['err_csrf_attempt_blocked'] = 'CSRF-Versuch blockiert.';
$wb['daynamesmin_su'] = 'So';
$wb['daynamesmin_mo'] = 'Mo';
$wb['daynamesmin_tu'] = 'Di';

 interface/web/admin/language_add.php

@@ -65,6 +65,10 @@
$app->tpl->setVar('error', $error);

if(isset($_POST['lng_new']) && strlen($_POST['lng_new']) == 2 && $error == '') {
	
    //* CSRF Check
    $app->auth->csrf_token_check();
	
    $lng_new = $_POST['lng_new'];
    if(!preg_match("/^[a-z]{2}$/i", $lng_new)) die('unallowed characters in language name.');

@@ -94,6 +98,11 @@

$app->tpl->setVar('msg', $msg);

//* SET csrf token
$csrf_token = $app->auth->csrf_token_get('language_add');
$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

//* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_add.lng';
include $lng_file;

 interface/web/admin/language_complete.php

@@ -67,6 +67,9 @@
// Export the language file
if(isset($_POST['lng_select']) && $error == '') {

    //* CSRF Check
    $app->auth->csrf_token_check();
	
    // complete the global langauge file
    merge_langfile(ISPC_LIB_PATH."/lang/".$selected_language.".lng", ISPC_LIB_PATH."/lang/en.lng");

@@ -157,6 +160,11 @@

$app->tpl->setVar('msg', $msg);

//* SET csrf token
$csrf_token = $app->auth->csrf_token_get('language_merge');
$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

//* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_complete.lng';
include $lng_file;

 interface/web/admin/language_edit.php

@@ -55,6 +55,10 @@

//* Save data
if(isset($_POST['records']) && is_array($_POST['records'])) {
	
    //* CSRF Check
    $app->auth->csrf_token_check();
	
    $file_content = "<?php\n";
    foreach($_POST['records'] as $key => $val) {
        $val = stripslashes($val);
@@ -93,6 +97,11 @@
    unset($wb);
}

//* SET csrf token
$csrf_token = $app->auth->csrf_token_get('language_edit');
$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);


//* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_edit.lng';

 interface/web/admin/language_import.php

@@ -129,6 +129,10 @@

// Export the language file
if(isset($_FILES['file']['name']) && is_uploaded_file($_FILES['file']['tmp_name'])) {
	
    //* CSRF Check
    $app->auth->csrf_token_check();
	
    $lines = file($_FILES['file']['tmp_name']);
    // initial check
    $parts = explode('|', $lines[0]);
@@ -183,6 +187,11 @@
$app->tpl->setVar('msg', $msg);
$app->tpl->setVar('error', $error);

//* SET csrf token
$csrf_token = $app->auth->csrf_token_get('language_import');
$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

//* load language file
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_import.lng';
include $lng_file;

 interface/web/admin/remote_action_ispcupdate.php

@@ -66,6 +66,10 @@

//* Note: Disabled post action
if (1 == 0 && isset($_POST['server_select'])) {
	
    //* CSRF Check
    $app->auth->csrf_token_check();
	
    $server = $_POST['server_select'];
    $servers = array();
    if ($server == '*') {
@@ -88,6 +92,11 @@

$app->tpl->setVar('msg', $msg);

//* SET csrf token
$csrf_token = $app->auth->csrf_token_get('ispupdate');
$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

$app->tpl->setVar($wb);

$app->tpl_defaults();

 interface/web/admin/remote_action_osupdate.php

@@ -62,6 +62,10 @@
 * If the user wants to do the action, write this to our db
*/
if (isset($_POST['server_select'])) {
	
    //* CSRF Check
    $app->auth->csrf_token_check();
	
    $server = $_POST['server_select'];
    $servers = array();
    if ($server == '*') {
@@ -84,6 +88,11 @@

$app->tpl->setVar('msg', $msg);

//* SET csrf token
$csrf_token = $app->auth->csrf_token_get('osupdate');
$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

$app->tpl->setVar($wb);

$app->tpl_defaults();

 interface/web/admin/server_config_edit.php

@@ -93,10 +93,14 @@
                }
            }

            $server_config_array[$section] = $app->tform->encode($this->dataRecord, $section);
            $server_config_str = $app->ini_parser->get_ini_string($server_config_array);
            if($app->tform->errorMessage == '') {
                $server_config_array[$section] = $app->tform->encode($this->dataRecord, $section);
                $server_config_str = $app->ini_parser->get_ini_string($server_config_array);

            $app->db->datalogUpdate('server', array("config" => $server_config_str), 'server_id', $server_id);
                $app->db->datalogUpdate('server', array("config" => $server_config_str), 'server_id', $server_id);
            } else {
                $app->error('Security breach!');
            }
        }
    }


 interface/web/client/client_message.php

@@ -51,7 +51,10 @@

//* Save data
if(isset($_POST) && count($_POST) > 1) {

	
    //* CSRF Check
    $app->auth->csrf_token_check();
	
    //* Check values
    if(!preg_match("/^\w+[\w\.\-\+]*\w{0,}@\w+[\w.-]*\w+\.[a-zA-Z0-9\-]{2,30}$/i", $_POST['sender'])) $error .= $wb['sender_invalid_error'].'<br />';
    if(empty($_POST['subject'])) $error .= $wb['subject_invalid_error'].'<br />';
@@ -161,6 +164,11 @@
}
$app->tpl->setVar('message_variables', trim($message_variables));

//* SET csrf token
$csrf_token = $app->auth->csrf_token_get('client_message');
$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

$app->tpl->setVar('okmsg', $msg);
$app->tpl->setVar('error', $error);


 interface/web/dns/dns_wizard.php

@@ -197,7 +197,10 @@
}

if($_POST['create'] == 1) {

	
    //* CSRF Check
    $app->auth->csrf_token_check();
	
    $error = '';

    if ($post_server_id)
@@ -430,6 +433,11 @@

$app->tpl->setVar("title", 'DNS Wizard');

//* SET csrf token
$csrf_token = $app->auth->csrf_token_get('dns_wizard');
$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_dns_wizard.lng';
include $lng_file;
$app->tpl->setVar($wb);

 interface/web/sites/lib/lang/ar_shell_user.lng

@@ -1,6 +1,6 @@
<?php
$wb['shell_txt'] = 'Shell';
$wb['dir_txt'] = 'Dir';
$wb['dir_txt'] = 'Base Dir';
$wb['server_id_txt'] = 'Server';
$wb['parent_domain_id_txt'] = 'Site';
$wb['username_txt'] = 'Username';

 interface/web/sites/lib/lang/de_shell_user.lng

@@ -1,6 +1,6 @@
<?php
$wb['shell_txt'] = 'Shell';
$wb['dir_txt'] = 'Verzeichnis';
$wb['dir_txt'] = 'Basis Verzeichnis';
$wb['server_id_txt'] = 'Server';
$wb['parent_domain_id_txt'] = 'Webseite';
$wb['username_txt'] = 'Benutzername';

 interface/web/sites/lib/lang/en_shell_user.lng

@@ -2,7 +2,7 @@
$wb['puser_txt'] = "Web Username";
$wb['pgroup_txt'] = "Web Group";
$wb['shell_txt'] = "Shell";
$wb['dir_txt'] = "Dir";
$wb['dir_txt'] = "Base Dir";
$wb['server_id_txt'] = "Server";
$wb['parent_domain_id_txt'] = "Site";
$wb['username_txt'] = "Username";

 interface/web/themes/default/templates/form.tpl.htm

@@ -1 +1,3 @@
<tmpl_dyninclude name="content_tpl">
<tmpl_dyninclude name="content_tpl">
<input type="hidden" name="_csrf_id" value="{tmpl_var name='_csrf_id'}" />
<input type="hidden" name="_csrf_key" value="{tmpl_var name='_csrf_key'}" />

 interface/web/tools/dns_import_tupa.php

@@ -45,6 +45,9 @@

// Resyncing dns zones
if(isset($_POST['start']) && $_POST['start'] == 1) {
	
    //* CSRF Check
    $app->auth->csrf_token_check();

    //* Set variable sin template
    $app->tpl->setVar('dbhost', $_POST['dbhost']);
@@ -181,6 +184,10 @@
$app->tpl->setVar('msg', $msg);
$app->tpl->setVar('error', $error);

//* SET csrf token
$csrf_token = $app->auth->csrf_token_get('dns_import');
$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

$app->tpl_defaults();
$app->tpl->pparse();

 interface/web/tools/import_ispconfig.php

@@ -49,6 +49,10 @@
$app->tpl->setVar($wb);

if(isset($_POST['connected'])) {
	
    //* CSRF Check
    $app->auth->csrf_token_check();
	
    $connected = $app->functions->intval($_POST['connected']);
    if($connected == 0) {

@@ -133,6 +137,11 @@
$app->tpl->setVar('msg', $msg);
$app->tpl->setVar('error', $error);

//* SET csrf token
$csrf_token = $app->auth->csrf_token_get('ispconfig_import');
$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

$app->tpl_defaults();
$app->tpl->pparse();


 interface/web/tools/resync.php

@@ -368,6 +368,10 @@
            }
        }

        $csrf_token = $app->auth->csrf_token_get('tools_resync');
        $app->tpl->setVar('_csrf_id', $csrf_token['csrf_id']);
        $app->tpl->setVar('_csrf_key', $csrf_token['csrf_key']);

        parent::onShowEnd();
    }
            
@@ -418,7 +422,12 @@

    function onSubmit() {
        global $app;

		
        if(isset($_POST) && count($_POST) > 1) {
            //* CSRF Check
            $app->auth->csrf_token_check();
        }
		
        //* all services
        if($this->dataRecord['resync_all'] == 1) {
            $this->dataRecord['resync_sites'] = 1;

 interface/web/vm/openvz_action.php

@@ -17,6 +17,10 @@

if($vm_id == 0) die('Invalid VM ID');

if(isset($_POST) && count($_POST) > 1) {	
    //* CSRF Check
    $app->auth->csrf_token_check();
}
$vm = $app->db->queryOneRecord("SELECT server_id, veid FROM openvz_vm WHERE vm_id = ?", $vm_id);
$veid = $app->functions->intval($vm['veid']);
$server_id = $app->functions->intval($vm['server_id']);
@@ -112,6 +116,11 @@
$app->tpl->setVar($options);
$app->tpl->setVar('error', $error_msg);

//* SET csrf token
$csrf_token = $app->auth->csrf_token_get('openvz_action');
$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

$app->tpl_defaults();
$app->tpl->pparse();


 server/plugins-available/shelluser_base_plugin.inc.php

@@ -237,7 +237,7 @@
                            $app->system->chgrp(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['pgroup']));
                        }
                        $app->file->mkdirs(escapeshellcmd($homedir), '0750');
                        $app->system->chown(escapeshellcmd($homedir),escapeshellcmd($data['new']['username']));
                        $app->system->chown(escapeshellcmd($homedir),escapeshellcmd($data['new']['puser']));
                        $app->system->chgrp(escapeshellcmd($homedir),escapeshellcmd($data['new']['pgroup']));
                        $app->system->web_folder_protection($web['document_root'], true);
                    } else {
@@ -407,6 +407,12 @@
        }
        $sshrsa = trim($sshrsa);
        $usrdir = escapeshellcmd($this->data['new']['dir']);
        //* Home directory of the new shell user
        if($this->data['new']['chroot'] == 'jailkit') {
            $usrdir = escapeshellcmd($this->data['new']['dir']);
        } else {
            $usrdir = escapeshellcmd($this->data['new']['dir'].'/home/'.$this->data['new']['username']);
        }
        $sshdir = $usrdir.'/.ssh';
        $sshkeys= $usrdir.'/.ssh/authorized_keys';

			@@ -222,6 +222,56 @@
			$salt.="$";
			return crypt($cleartext_password, $salt);
			}

			public function csrf_token_get($form_name) {
			/* CSRF PROTECTION */
			// generate csrf protection id and key
			$_csrf_id = uniqid($form_name . '_'); // form id
			$_csrf_key = sha1(uniqid(microtime(true), true)); // the key
			if(!isset($_SESSION['_csrf'])) $_SESSION['_csrf'] = array();
			if(!isset($_SESSION['_csrf_timeout'])) $_SESSION['_csrf_timeout'] = array();
			$_SESSION['_csrf'][$_csrf_id] = $_csrf_key;
			$_SESSION['_csrf_timeout'][$_csrf_id] = time() + 3600; // timeout hash in 1 hour

			return array('csrf_id' => $_csrf_id,'csrf_key' => $_csrf_key);
			}

			public function csrf_token_check() {
			global $app;

			if(isset($_POST) && is_array($_POST)) {
			$_csrf_valid = false;
			if(isset($_POST['_csrf_id']) && isset($_POST['_csrf_key'])) {
			$_csrf_id = trim($_POST['_csrf_id']);
			$_csrf_key = trim($_POST['_csrf_key']);
			if(isset($_SESSION['_csrf']) && isset($_SESSION['_csrf'][$_csrf_id]) && isset($_SESSION['_csrf_timeout']) && isset($_SESSION['_csrf_timeout'][$_csrf_id])) {
			if($_SESSION['_csrf'][$_csrf_id] === $_csrf_key && $_SESSION['_csrf_timeout'] >= time()) $_csrf_valid = true;
			}
			}
			if($_csrf_valid !== true) {
			$app->log('CSRF attempt blocked. Referer: ' . (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : 'unknown'), LOGLEVEL_WARN);
			$app->error($app->lng('err_csrf_attempt_blocked'));
			}
			$_SESSION['_csrf'][$_csrf_id] = null;
			$_SESSION['_csrf_timeout'][$_csrf_id] = null;
			unset($_SESSION['_csrf'][$_csrf_id]);
			unset($_SESSION['_csrf_timeout'][$_csrf_id]);

			if(isset($_SESSION['_csrf_timeout']) && is_array($_SESSION['_csrf_timeout'])) {
			$to_unset = array();
			foreach($_SESSION['_csrf_timeout'] as $_csrf_id => $timeout) {
			if($timeout < time()) $to_unset[] = $_csrf_id;
			}
			foreach($to_unset as $_csrf_id) {
			$_SESSION['_csrf'][$_csrf_id] = null;
			$_SESSION['_csrf_timeout'][$_csrf_id] = null;
			unset($_SESSION['_csrf'][$_csrf_id]);
			unset($_SESSION['_csrf_timeout'][$_csrf_id]);
			}
			unset($to_unset);
			}
			}
			}

			}

			@@ -416,12 +416,10 @@

			/* CSRF PROTECTION */
			// generate csrf protection id and key
			$_csrf_id = uniqid($this->formDef['name'] . '_');
			$_csrf_value = sha1(uniqid(microtime(true), true));
			if(!isset($_SESSION['_csrf'])) $_SESSION['_csrf'] = array();
			if(!isset($_SESSION['_csrf_timeout'])) $_SESSION['_csrf_timeout'] = array();
			$_SESSION['_csrf'][$_csrf_id] = $_csrf_value;
			$_SESSION['_csrf_timeout'][$_csrf_id] = time() + 3600; // timeout hash in 1 hour
			$csrf_token = $app->auth->csrf_token_get($this->formDef['name']);
			$_csrf_id = $csrf_token['csrf_id'];
			$_csrf_value = $csrf_token['csrf_key'];

			$this->formDef['tabs'][$tab]['fields']['_csrf_id'] = array(
			'datatype' => 'VARCHAR',
			'formtype' => 'TEXT',
			@@ -714,10 +712,6 @@
			unset($_POST);
			unset($record);
			}
			$_SESSION['_csrf'][$_csrf_id] = null;
			$_SESSION['_csrf_timeout'][$_csrf_id] = null;
			unset($_SESSION['_csrf'][$_csrf_id]);
			unset($_SESSION['_csrf_timeout'][$_csrf_id]);

			if(isset($_SESSION['_csrf_timeout']) && is_array($_SESSION['_csrf_timeout'])) {
			$to_unset = array();

			@@ -43,6 +43,7 @@
			$wb['latest_news_txt'] = 'Neuigkeiten';
			$wb['err_csrf_attempt_blocked'] = 'CSRF-Versuch blockiert.';
			$wb['top_menu_vm'] = 'vServer';
			$wb['err_csrf_attempt_blocked'] = 'CSRF-Versuch blockiert.';
			$wb['daynamesmin_su'] = 'So';
			$wb['daynamesmin_mo'] = 'Mo';
			$wb['daynamesmin_tu'] = 'Di';

			@@ -65,6 +65,10 @@
			$app->tpl->setVar('error', $error);

			if(isset($_POST['lng_new']) && strlen($_POST['lng_new']) == 2 && $error == '') {

			//* CSRF Check
			$app->auth->csrf_token_check();

			$lng_new = $_POST['lng_new'];
			if(!preg_match("/^[a-z]{2}$/i", $lng_new)) die('unallowed characters in language name.');

			@@ -94,6 +98,11 @@

			$app->tpl->setVar('msg', $msg);

			//* SET csrf token
			$csrf_token = $app->auth->csrf_token_get('language_add');
			$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
			$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

			//* load language file
			$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_add.lng';
			include $lng_file;

			@@ -67,6 +67,9 @@
			// Export the language file
			if(isset($_POST['lng_select']) && $error == '') {

			//* CSRF Check
			$app->auth->csrf_token_check();

			// complete the global langauge file
			merge_langfile(ISPC_LIB_PATH."/lang/".$selected_language.".lng", ISPC_LIB_PATH."/lang/en.lng");

			@@ -157,6 +160,11 @@

			$app->tpl->setVar('msg', $msg);

			//* SET csrf token
			$csrf_token = $app->auth->csrf_token_get('language_merge');
			$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
			$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

			//* load language file
			$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_complete.lng';
			include $lng_file;

			@@ -55,6 +55,10 @@

			//* Save data
			if(isset($_POST['records']) && is_array($_POST['records'])) {

			//* CSRF Check
			$app->auth->csrf_token_check();

			$file_content = "<?php\n";
			foreach($_POST['records'] as $key => $val) {
			$val = stripslashes($val);
			@@ -93,6 +97,11 @@
			unset($wb);
			}

			//* SET csrf token
			$csrf_token = $app->auth->csrf_token_get('language_edit');
			$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
			$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);


			//* load language file
			$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_edit.lng';

			@@ -129,6 +129,10 @@

			// Export the language file
			if(isset($_FILES['file']['name']) && is_uploaded_file($_FILES['file']['tmp_name'])) {

			//* CSRF Check
			$app->auth->csrf_token_check();

			$lines = file($_FILES['file']['tmp_name']);
			// initial check
			$parts = explode('\|', $lines[0]);
			@@ -183,6 +187,11 @@
			$app->tpl->setVar('msg', $msg);
			$app->tpl->setVar('error', $error);

			//* SET csrf token
			$csrf_token = $app->auth->csrf_token_get('language_import');
			$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
			$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

			//* load language file
			$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_language_import.lng';
			include $lng_file;

			@@ -66,6 +66,10 @@

			//* Note: Disabled post action
			if (1 == 0 && isset($_POST['server_select'])) {

			//* CSRF Check
			$app->auth->csrf_token_check();

			$server = $_POST['server_select'];
			$servers = array();
			if ($server == '*') {
			@@ -88,6 +92,11 @@

			$app->tpl->setVar('msg', $msg);

			//* SET csrf token
			$csrf_token = $app->auth->csrf_token_get('ispupdate');
			$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
			$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

			$app->tpl->setVar($wb);

			$app->tpl_defaults();

			@@ -62,6 +62,10 @@
			* If the user wants to do the action, write this to our db
			*/
			if (isset($_POST['server_select'])) {

			//* CSRF Check
			$app->auth->csrf_token_check();

			$server = $_POST['server_select'];
			$servers = array();
			if ($server == '*') {
			@@ -84,6 +88,11 @@

			$app->tpl->setVar('msg', $msg);

			//* SET csrf token
			$csrf_token = $app->auth->csrf_token_get('osupdate');
			$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
			$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

			$app->tpl->setVar($wb);

			$app->tpl_defaults();

			@@ -93,10 +93,14 @@
			}
			}

			$server_config_array[$section] = $app->tform->encode($this->dataRecord, $section);
			$server_config_str = $app->ini_parser->get_ini_string($server_config_array);
			if($app->tform->errorMessage == '') {
			$server_config_array[$section] = $app->tform->encode($this->dataRecord, $section);
			$server_config_str = $app->ini_parser->get_ini_string($server_config_array);

			$app->db->datalogUpdate('server', array("config" => $server_config_str), 'server_id', $server_id);
			$app->db->datalogUpdate('server', array("config" => $server_config_str), 'server_id', $server_id);
			} else {
			$app->error('Security breach!');
			}
			}
			}

			@@ -51,7 +51,10 @@

			//* Save data
			if(isset($_POST) && count($_POST) > 1) {


			//* CSRF Check
			$app->auth->csrf_token_check();

			//* Check values
			if(!preg_match("/^\w+[\w\.\-\+]\w{0,}@\w+[\w.-]\w+\.[a-zA-Z0-9\-]{2,30}$/i", $_POST['sender'])) $error .= $wb['sender_invalid_error'].'<br />';
			if(empty($_POST['subject'])) $error .= $wb['subject_invalid_error'].'<br />';
			@@ -161,6 +164,11 @@
			}
			$app->tpl->setVar('message_variables', trim($message_variables));

			//* SET csrf token
			$csrf_token = $app->auth->csrf_token_get('client_message');
			$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
			$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

			$app->tpl->setVar('okmsg', $msg);
			$app->tpl->setVar('error', $error);

			@@ -197,7 +197,10 @@
			}

			if($_POST['create'] == 1) {


			//* CSRF Check
			$app->auth->csrf_token_check();

			$error = '';

			if ($post_server_id)
			@@ -430,6 +433,11 @@

			$app->tpl->setVar("title", 'DNS Wizard');

			//* SET csrf token
			$csrf_token = $app->auth->csrf_token_get('dns_wizard');
			$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
			$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

			$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_dns_wizard.lng';
			include $lng_file;
			$app->tpl->setVar($wb);

			@@ -1,6 +1,6 @@
			<?php
			$wb['shell_txt'] = 'Shell';
			$wb['dir_txt'] = 'Dir';
			$wb['dir_txt'] = 'Base Dir';
			$wb['server_id_txt'] = 'Server';
			$wb['parent_domain_id_txt'] = 'Site';
			$wb['username_txt'] = 'Username';

			@@ -2,7 +2,7 @@
			$wb['puser_txt'] = "Web Username";
			$wb['pgroup_txt'] = "Web Group";
			$wb['shell_txt'] = "Shell";
			$wb['dir_txt'] = "Dir";
			$wb['dir_txt'] = "Base Dir";
			$wb['server_id_txt'] = "Server";
			$wb['parent_domain_id_txt'] = "Site";
			$wb['username_txt'] = "Username";

			@@ -1 +1,3 @@
			<tmpl_dyninclude name="content_tpl">
			<tmpl_dyninclude name="content_tpl">
			<input type="hidden" name="_csrf_id" value="{tmpl_var name='_csrf_id'}" />
			<input type="hidden" name="_csrf_key" value="{tmpl_var name='_csrf_key'}" />

			@@ -45,6 +45,9 @@

			// Resyncing dns zones
			if(isset($_POST['start']) && $_POST['start'] == 1) {

			//* CSRF Check
			$app->auth->csrf_token_check();

			//* Set variable sin template
			$app->tpl->setVar('dbhost', $_POST['dbhost']);
			@@ -181,6 +184,10 @@
			$app->tpl->setVar('msg', $msg);
			$app->tpl->setVar('error', $error);

			//* SET csrf token
			$csrf_token = $app->auth->csrf_token_get('dns_import');
			$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
			$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

			$app->tpl_defaults();
			$app->tpl->pparse();

			@@ -49,6 +49,10 @@
			$app->tpl->setVar($wb);

			if(isset($_POST['connected'])) {

			//* CSRF Check
			$app->auth->csrf_token_check();

			$connected = $app->functions->intval($_POST['connected']);
			if($connected == 0) {

			@@ -133,6 +137,11 @@
			$app->tpl->setVar('msg', $msg);
			$app->tpl->setVar('error', $error);

			//* SET csrf token
			$csrf_token = $app->auth->csrf_token_get('ispconfig_import');
			$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
			$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

			$app->tpl_defaults();
			$app->tpl->pparse();

			@@ -368,6 +368,10 @@
			}
			}

			$csrf_token = $app->auth->csrf_token_get('tools_resync');
			$app->tpl->setVar('_csrf_id', $csrf_token['csrf_id']);
			$app->tpl->setVar('_csrf_key', $csrf_token['csrf_key']);

			parent::onShowEnd();
			}

			@@ -418,7 +422,12 @@

			function onSubmit() {
			global $app;


			if(isset($_POST) && count($_POST) > 1) {
			//* CSRF Check
			$app->auth->csrf_token_check();
			}

			//* all services
			if($this->dataRecord['resync_all'] == 1) {
			$this->dataRecord['resync_sites'] = 1;

			@@ -17,6 +17,10 @@

			if($vm_id == 0) die('Invalid VM ID');

			if(isset($_POST) && count($_POST) > 1) {
			//* CSRF Check
			$app->auth->csrf_token_check();
			}
			$vm = $app->db->queryOneRecord("SELECT server_id, veid FROM openvz_vm WHERE vm_id = ?", $vm_id);
			$veid = $app->functions->intval($vm['veid']);
			$server_id = $app->functions->intval($vm['server_id']);
			@@ -112,6 +116,11 @@
			$app->tpl->setVar($options);
			$app->tpl->setVar('error', $error_msg);

			//* SET csrf token
			$csrf_token = $app->auth->csrf_token_get('openvz_action');
			$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
			$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);

			$app->tpl_defaults();
			$app->tpl->pparse();

			@@ -237,7 +237,7 @@
			$app->system->chgrp(escapeshellcmd($data['new']['dir'].'/home'),escapeshellcmd($data['new']['pgroup']));
			}
			$app->file->mkdirs(escapeshellcmd($homedir), '0750');
			$app->system->chown(escapeshellcmd($homedir),escapeshellcmd($data['new']['username']));
			$app->system->chown(escapeshellcmd($homedir),escapeshellcmd($data['new']['puser']));
			$app->system->chgrp(escapeshellcmd($homedir),escapeshellcmd($data['new']['pgroup']));
			$app->system->web_folder_protection($web['document_root'], true);
			} else {
			@@ -407,6 +407,12 @@
			}
			$sshrsa = trim($sshrsa);
			$usrdir = escapeshellcmd($this->data['new']['dir']);
			//* Home directory of the new shell user
			if($this->data['new']['chroot'] == 'jailkit') {
			$usrdir = escapeshellcmd($this->data['new']['dir']);
			} else {
			$usrdir = escapeshellcmd($this->data['new']['dir'].'/home/'.$this->data['new']['username']);
			}
			$sshdir = $usrdir.'/.ssh';
			$sshkeys= $usrdir.'/.ssh/authorized_keys';