ISPConfig3 devel
parent: ba611213 | patch | commit | ignore whitespace
tbrehm
2012-06-05 b23de0117336ffca990136ad6d1a9122433dc0fc 
Fixed: FS#2243 - Phpmyadmin Setting [SERVERNAME] Regex Issue
- Improved checks in mailbox delete function.
2 files modified
12 ■■■■■ changed files
interface/web/admin/form/system_config.tform.php 2 ●●● patch | view | raw | blame | history
server/plugins-available/mail_plugin.inc.php 10 ●●●● patch | view | raw | blame | history 
 interface/web/admin/form/system_config.tform.php


@@ -128,7 +128,7 @@


            'datatype'    => 'VARCHAR',


            'formtype'    => 'TEXT',


            'validators'    => array (     0 => array (    'type'    => 'REGEX',


                                                        'regex' => '/^[0-9a-zA-Z\:\/\-\.]{0,255}$/',


                                                        'regex' => '/^[0-9a-zA-Z\:\/\-\.\[\]]{0,255}$/',


                                                        'errmsg'=> 'phpmyadmin_url_error_regex'),


                                        ),


            'default'    => '',




 server/plugins-available/mail_plugin.inc.php


@@ -312,8 +312,12 @@


    function user_delete($event_name,$data) {


        global $app, $conf;


        


        // get the config


        $app->uses("getconf");


        $mail_config = $app->getconf->get_server_config($conf['server_id'], 'mail');


		


        $old_maildir_path = escapeshellcmd($data['old']['maildir']);


        if(!stristr($old_maildir_path,'..') && !stristr($old_maildir_path,'*') && strlen($old_maildir_path) >= 10) {


        if($old_maildir_path != $mail_config['homedir_path'] && strlen($old_maildir_path) > strlen($mail_config['homedir_path']) && !stristr($old_maildir_path,'..') && !stristr($old_maildir_path,'*') && strlen($old_maildir_path) >= 10) {


            exec('rm -rf '.escapeshellcmd($old_maildir_path));


            $app->log('Deleted the Maildir: '.$data['old']['maildir'],LOGLEVEL_DEBUG);


        } else {


@@ -330,7 +334,7 @@


        


        //* Delete maildomain path


        $old_maildomain_path = escapeshellcmd($mail_config['homedir_path'].'/'.$data['old']['domain']);


        if(!stristr($old_maildomain_path,'//') && !stristr($old_maildomain_path,'..') && !stristr($old_maildomain_path,'*') && !stristr($old_maildomain_path,'&') && strlen($old_maildomain_path) >= 10) {


        if($old_maildomain_path != $mail_config['homedir_path'] && !stristr($old_maildomain_path,'//') && !stristr($old_maildomain_path,'..') && !stristr($old_maildomain_path,'*') && !stristr($old_maildomain_path,'&') && strlen($old_maildomain_path) >= 10) {


            exec('rm -rf '.escapeshellcmd($old_maildomain_path));


            $app->log('Deleted the mail domain directory: '.$old_maildomain_path,LOGLEVEL_DEBUG);


        } else {


@@ -339,7 +343,7 @@


        


        //* Delete mailfilter path


        $old_maildomain_path = escapeshellcmd($mail_config['homedir_path'].'/mailfilters/'.$data['old']['domain']);


        if(!stristr($old_maildomain_path,'//') && !stristr($old_maildomain_path,'..') && !stristr($old_maildomain_path,'*') && !stristr($old_maildomain_path,'&') && strlen($old_maildomain_path) >= 10) {


        if($old_maildomain_path != $mail_config['homedir_path'].'/mailfilters/' && !stristr($old_maildomain_path,'//') && !stristr($old_maildomain_path,'..') && !stristr($old_maildomain_path,'*') && !stristr($old_maildomain_path,'&') && strlen($old_maildomain_path) >= 10) {


            exec('rm -rf '.escapeshellcmd($old_maildomain_path));


            $app->log('Deleted the mail domain mailfilter directory: '.$old_maildomain_path,LOGLEVEL_DEBUG);


        } else {