From 8e725d2c1057608431d3d1639c948206d5e24869 Mon Sep 17 00:00:00 2001
From: jwarnier <jwarnier@ispconfig3>
Date: Sun, 05 Sep 2010 08:54:24 -0400
Subject: [PATCH] fix some strings quoting and remove some execs

---
 server/plugins-available/shelluser_base_plugin.inc.php |   20 +++++++++++---------
 1 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/server/plugins-available/shelluser_base_plugin.inc.php b/server/plugins-available/shelluser_base_plugin.inc.php
index d279678..69348f5 100755
--- a/server/plugins-available/shelluser_base_plugin.inc.php
+++ b/server/plugins-available/shelluser_base_plugin.inc.php
@@ -90,9 +90,10 @@
 				$app->log("Added shelluser: ".$data['new']['username'],LOGLEVEL_DEBUG);
 				
 				//* Create .bash_history file
-				exec('touch '.escapeshellcmd($data['new']['dir']).'/.bash_history');
-				exec('chmod 755 '.escapeshellcmd($data['new']['dir']).'/.bash_history');
-				exec('chown '.escapeshellcmd($data['new']['username']).':'.escapeshellcmd($data['new']['pgroup']).' '.escapeshellcmd($data['new']['dir']).'/.bash_history');
+				touch(escapeshellcmd($data['new']['dir']).'/.bash_history');
+				chmod(escapeshellcmd($data['new']['dir']).'/.bash_history', 0755);
+				chown(escapeshellcmd($data['new']['dir']).'/.bash_history', escapeshellcmd($data['new']['username']));
+				chgrp(escapeshellcmd($data['new']['dir']).'/.bash_history', escapeshellcmd($data['new']['pgroup']));
 				
 				//* Disable shell user temporarily if we use jailkit
 				if($data['new']['chroot'] == 'jailkit') {
@@ -105,7 +106,7 @@
 				$app->log("UID = $uid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR);
 			}
 		} else {
-			$app->log("Skippung insert of user:".$data['new']['username'].", parent user ".$data['new']['puser']." does not exist.",LOGLEVEL_WARN);
+			$app->log("Skipping insertion of user:".$data['new']['username'].", parent user ".$data['new']['puser']." does not exist.",LOGLEVEL_WARN);
 		}
 	}
 	
@@ -137,9 +138,10 @@
 					
 					//* Create .bash_history file
 					if(!is_file($data['new']['dir']).'/.bash_history') {
-						exec('touch '.escapeshellcmd($data['new']['dir']).'/.bash_history');
-						exec('chmod 755 '.escapeshellcmd($data['new']['dir']).'/.bash_history');
-						exec('chown '.escapeshellcmd($data['new']['username']).':'.escapeshellcmd($data['new']['pgroup']).' '.escapeshellcmd($data['new']['dir']).'/.bash_history');
+						touch(escapeshellcmd($data['new']['dir']).'/.bash_history');
+						chmod(escapeshellcmd($data['new']['dir']).'/.bash_history', 0755);
+						chown(escapeshellcmd($data['new']['dir']).'/.bash_history',escapeshellcmd($data['new']['username']));
+						chgrp(escapeshellcmd($data['new']['dir']).'/.bash_history',escapeshellcmd($data['new']['pgroup']));
 					}
 					
 				} else {
@@ -150,7 +152,7 @@
 				$app->log("UID = $uid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR);
 			}
 		} else {
-			$app->log("Skippung update for user:".$data['new']['username'].", parent user ".$data['new']['puser']." does not exist.",LOGLEVEL_WARN);
+			$app->log("Skipping update for user:".$data['new']['username'].", parent user ".$data['new']['puser']." does not exist.",LOGLEVEL_WARN);
 		}
 	}
 	
@@ -186,4 +188,4 @@
 
 } // end class
 
-?>
\ No newline at end of file
+?>

--
Gitblit v1.9.1