From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty

---
 server/lib/classes/cron.d/150-awstats.inc.php |   15 ++++++++++-----
 1 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/server/lib/classes/cron.d/150-awstats.inc.php b/server/lib/classes/cron.d/150-awstats.inc.php
index 9803a89..2d281c7 100644
--- a/server/lib/classes/cron.d/150-awstats.inc.php
+++ b/server/lib/classes/cron.d/150-awstats.inc.php
@@ -54,8 +54,8 @@
 		// Create awstats statistics
 		//######################################################################################################
 
-		$sql = "SELECT domain_id, domain, document_root, web_folder, type, system_user, system_group, parent_domain_id FROM web_domain WHERE (type = 'vhost' or type = 'vhostsubdomain' or type = 'vhostalias') and stats_type = 'awstats' AND server_id = ".$conf['server_id'];
-		$records = $app->db->queryAllRecords($sql);
+		$sql = "SELECT domain_id, domain, document_root, web_folder, type, system_user, system_group, parent_domain_id FROM web_domain WHERE (type = 'vhost' or type = 'vhostsubdomain' or type = 'vhostalias') and stats_type = 'awstats' AND server_id = ?";
+		$records = $app->db->queryAllRecords($sql, $conf['server_id']);
 
 		$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
 
@@ -65,7 +65,7 @@
 
 			$log_folder = 'log';
 			if($rec['type'] == 'vhostsubdomain' || $rec['type'] == 'vhostalias') {
-				$tmp = $app->db->queryOneRecord('SELECT `domain` FROM web_domain WHERE domain_id = '.intval($rec['parent_domain_id']));
+				$tmp = $app->db->queryOneRecord('SELECT `domain` FROM web_domain WHERE domain_id = ?', $rec['parent_domain_id']);
 				$subdomain_host = preg_replace('/^(.*)\.' . preg_quote($tmp['domain'], '/') . '$/', '$1', $rec['domain']);
 				if($subdomain_host == '') $subdomain_host = 'web'.$rec['domain_id'];
 				$log_folder .= '/' . $subdomain_host;
@@ -89,8 +89,8 @@
 
 			if(is_file($awstats_website_conf_file)) unlink($awstats_website_conf_file);
 
-			$sql = "SELECT domain FROM web_domain WHERE (type = 'alias' OR type = 'subdomain') AND parent_domain_id = ".$rec['domain_id'];
-			$aliases = $app->db->queryAllRecords($sql);
+			$sql = "SELECT domain FROM web_domain WHERE (type = 'alias' OR type = 'subdomain') AND parent_domain_id = ?";
+			$aliases = $app->db->queryAllRecords($sql, $rec['domain_id']);
 			$aliasdomain = '';
 
 			if(is_array($aliases)) {
@@ -117,6 +117,10 @@
 			}
 
 			if(!@is_dir($statsdir)) mkdir($statsdir);
+			$username = escapeshellcmd($rec['system_user']);
+			$groupname = escapeshellcmd($rec['system_group']);
+			chown($statsdir, $username);
+			chgrp($statsdir, $groupname);
 			if(is_link('/var/log/ispconfig/httpd/'.$domain.'/yesterday-access.log')) unlink('/var/log/ispconfig/httpd/'.$domain.'/yesterday-access.log');
 			symlink($logfile, '/var/log/ispconfig/httpd/'.$domain.'/yesterday-access.log');
 
@@ -174,6 +178,7 @@
 				chgrp($rec['document_root']."/".$web_folder."/stats/index.php", $rec['system_group']);
 			}
 
+			exec('chown -R '.$username.':'.$groupname.' '.$statsdir);
 		}
 
 

--
Gitblit v1.9.1