From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty
---
server/plugins-available/backup_plugin.inc.php | 85 ++++++++++++++++++++++++++++++++----------
1 files changed, 64 insertions(+), 21 deletions(-)
diff --git a/server/plugins-available/backup_plugin.inc.php b/server/plugins-available/backup_plugin.inc.php
index 3c3531c..cb9911d 100644
--- a/server/plugins-available/backup_plugin.inc.php
+++ b/server/plugins-available/backup_plugin.inc.php
@@ -63,19 +63,19 @@
global $app, $conf;
$backup_id = intval($data);
- $backup = $app->dbmaster->queryOneRecord("SELECT * FROM web_backup WHERE backup_id = $backup_id");
+ $backup = $app->dbmaster->queryOneRecord("SELECT * FROM web_backup WHERE backup_id = ?", $backup_id);
if(is_array($backup)) {
$app->uses('ini_parser,file,getconf,system');
- $web = $app->dbmaster->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$backup['parent_domain_id']);
+ $web = $app->dbmaster->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ?", $backup['parent_domain_id']);
$server_config = $app->getconf->get_server_config($conf['server_id'], 'server');
$backup_dir = $server_config['backup_dir'].'/web'.$web['domain_id'];
$backup_dir_is_ready = true;
//* mount backup directory, if necessary
- if( $server_config['backup_dir_is_mount'] == 'y' && !$app->system->mount_backup_dir($backup_dir) ) $backup_dir_is_ready = false;
+ if( $server_config['backup_dir_is_mount'] == 'y' && !$app->system->mount_backup_dir($server_config['backup_dir']) ) $backup_dir_is_ready = false;
if($backup_dir_is_ready){
//* Make backup available for download
@@ -156,6 +156,7 @@
}
}
}
+ if( $server_config['backup_dir_is_mount'] == 'y' ) $app->system->umount_backup_dir($backup_dir);
} else {
$app->log('Backup directory not ready.', LOGLEVEL_DEBUG);
}
@@ -171,7 +172,7 @@
global $app, $conf;
$backup_id = intval($data);
- $mail_backup = $app->dbmaster->queryOneRecord("SELECT * FROM mail_backup WHERE backup_id = $backup_id");
+ $mail_backup = $app->dbmaster->queryOneRecord("SELECT * FROM mail_backup WHERE backup_id = ?", $backup_id);
if (is_array($mail_backup) && $action_name == 'backup_restore_mail') {
$app->uses('ini_parser,file,getconf');
@@ -185,13 +186,13 @@
if($backup_dir_is_ready){
$mail_config = $app->getconf->get_server_config($conf['server_id'], 'mail');
- $domain_rec = $app->db->queryOneRecord("SELECT * FROM mail_domain WHERE domain_id = ".intval($mail_backup['parent_domain_id']));
+ $domain_rec = $app->db->queryOneRecord("SELECT * FROM mail_domain WHERE domain_id = ?", $mail_backup['parent_domain_id']);
$backup_dir = $server_config['backup_dir'].'/mail'.$domain_rec['domain_id'];
$mail_backup_file = $backup_dir.'/'.$mail_backup['filename'];
- $sql = "SELECT * FROM mail_user WHERE server_id = '".$conf['server_id']."' AND mailuser_id = ".intval($mail_backup['mailuser_id']);
- $record = $app->db->queryOneRecord($sql);
+ $sql = "SELECT * FROM mail_user WHERE server_id = ? AND mailuser_id = ?";
+ $record = $app->db->queryOneRecord($sql, $conf['server_id'], $mail_backup['mailuser_id']);
//* strip mailbox from maildir
$domain_dir=explode('/',$record['maildir']);
@@ -203,30 +204,72 @@
chown($domain_dir, $mail_config['mailuser_name']);
chgrp($domain_dir, $mail_config['mailuser_group']);
}
+ if (!is_dir($record['maildir'])) {
+ mkdir($record['maildir'], 0700); //* never create the full path
+ chown($record['maildir'], $mail_config['mailuser_name']);
+ chgrp($record['maildir'], $mail_config['mailuser_group']);
+ }
- if(file_exists($mail_backup_file) && $record['homedir'] != '' && $record['homedir'] != '/' && !stristr($mail_backup_file,'..') && !stristr($mail_backup_file,'etc') && $mail_config['homedir_path'] == $record['homedir'] && is_dir($domain_dir)) {
- if($mail_backup['backup_mode'] == 'userzip') {
- copy($mail_backup_file, $domain_dir.'/'.$mail_backup['filename']);
- chgrp($domain_dir.'/'.$mail_backup['filename'], $mail_config['mailuser_group']);
- $command = 'sudo -u '.$mail_config['mailuser_name'].' unzip -qq -o '.escapeshellarg($domain_dir.'/'.$mail_backup['filename']).' -d '.escapeshellarg($domain_dir).' 2> /dev/null';
- exec($command,$tmp_output, $retval);
- unlink($domain_dir.'/'.$mail_backup['filename']);
+ if(file_exists($mail_backup_file) && $record['homedir'] != '' && $record['homedir'] != '/' && !stristr($mail_backup_file,'..') && !stristr($mail_backup_file,'etc') && $mail_config['homedir_path'] == $record['homedir'] && is_dir($domain_dir) && is_dir($record['maildir'])) {
+ if ($record['maildir_format'] == 'mdbox') {
+ $retval = -1;
+ // First unzip backupfile to local backup-folder
+ if($mail_backup['backup_mode'] == 'userzip') {
+ copy($mail_backup_file, $record['maildir'].'/'.$mail_backup['filename']);
+ chgrp($record['maildir'].'/'.$mail_backup['filename'], $mail_config['mailuser_group']);
+ $command = 'sudo -u '.$mail_config['mailuser_name'].' unzip -qq -o '.escapeshellarg($record['maildir'].'/'.$mail_backup['filename']).' -d '.escapeshellarg($record['maildir']).' 2> /dev/null';
+ exec($command,$tmp_output, $retval);
+ unlink($record['maildir'].'/'.$mail_backup['filename']);
+ }
+ if($mail_backup['backup_mode'] == 'rootgz') {
+ $command='tar xfz '.escapeshellarg($mail_backup_file).' --directory '.escapeshellarg($record['maildir']);
+ exec($command,$tmp_output, $retval);
+ }
+
+ if($retval == 0) {
+ // Now import backup-mailbox into special backup-folder
+ $backupname = "backup-".date("Y-m-d", $mail_backup['tstamp']);
+ exec("doveadm mailbox create -u \"".$record["email"]."\" $backupname");
+ exec("doveadm import -u \"".$record["email"]."\" mdbox:".$record['maildir']."/backup $backupname all", $tmp_output, $retval);
+ exec("for f in `doveadm mailbox list -u \"".$record["email"]."\" $backupname*`; do doveadm mailbox subscribe -u \"".$record["email"]."\" \$f; done", $tmp_output, $retval);
+ exec('rm -rf '.$record['maildir'].'/backup');
+ }
+
if($retval == 0){
$app->log('Restored Mail backup '.$mail_backup_file,LOGLEVEL_DEBUG);
} else {
+ // cleanup
+ if (file_exists($record['maildir'].'/'.$mail_backup['filename'])) unlink($record['maildir'].'/'.$mail_backup['filename']);
+ if (file_exists($record['maildir']."/backup")) exec('rm -rf '.$record['maildir']."/backup");
+
$app->log('Unable to restore Mail backup '.$mail_backup_file.' '.$tmp_output,LOGLEVEL_ERROR);
}
}
- if($mail_backup['backup_mode'] == 'rootgz') {
- $command='tar xfz '.escapeshellarg($mail_backup_file).' --directory '.escapeshellarg($domain_dir);
- exec($command,$tmp_output, $retval);
- if($retval == 0){
- $app->log('Restored Mail backup '.$mail_backup_file,LOGLEVEL_DEBUG);
- } else {
- $app->log('Unable to restore Mail backup '.$mail_backup_file.' '.$tmp_output,LOGLEVEL_ERROR);
+ else {
+ if($mail_backup['backup_mode'] == 'userzip') {
+ copy($mail_backup_file, $domain_dir.'/'.$mail_backup['filename']);
+ chgrp($domain_dir.'/'.$mail_backup['filename'], $mail_config['mailuser_group']);
+ $command = 'sudo -u '.$mail_config['mailuser_name'].' unzip -qq -o '.escapeshellarg($domain_dir.'/'.$mail_backup['filename']).' -d '.escapeshellarg($domain_dir).' 2> /dev/null';
+ exec($command,$tmp_output, $retval);
+ unlink($domain_dir.'/'.$mail_backup['filename']);
+ if($retval == 0){
+ $app->log('Restored Mail backup '.$mail_backup_file,LOGLEVEL_DEBUG);
+ } else {
+ $app->log('Unable to restore Mail backup '.$mail_backup_file.' '.$tmp_output,LOGLEVEL_ERROR);
+ }
+ }
+ if($mail_backup['backup_mode'] == 'rootgz') {
+ $command='tar xfz '.escapeshellarg($mail_backup_file).' --directory '.escapeshellarg($domain_dir);
+ exec($command,$tmp_output, $retval);
+ if($retval == 0){
+ $app->log('Restored Mail backup '.$mail_backup_file,LOGLEVEL_DEBUG);
+ } else {
+ $app->log('Unable to restore Mail backup '.$mail_backup_file.' '.$tmp_output,LOGLEVEL_ERROR);
+ }
}
}
}
+ if( $server_config['backup_dir_is_mount'] == 'y' ) $app->system->umount_backup_dir($backup_dir);
} else {
$app->log('Backup directory not ready.', LOGLEVEL_DEBUG);
}
--
Gitblit v1.9.1