From e1b4cacb8d66891ce11dd4203bd92aa265fffcde Mon Sep 17 00:00:00 2001 From: Till Brehm <tbrehm@ispconfig.org> Date: Tue, 29 Mar 2016 04:34:43 -0400 Subject: [PATCH] Fixed issue: #3812 Insufficient validation of PHP version selector. --- interface/web/sites/web_aliasdomain_edit.php | 26 +++++++++++++ interface/web/sites/web_vhost_subdomain_edit.php | 26 +++++++++++++ interface/web/sites/web_subdomain_edit.php | 26 +++++++++++++ interface/web/sites/web_domain_edit.php | 27 +++++++++++++ 4 files changed, 105 insertions(+), 0 deletions(-) diff --git a/interface/web/sites/web_aliasdomain_edit.php b/interface/web/sites/web_aliasdomain_edit.php index 008e707..bdd19db 100644 --- a/interface/web/sites/web_aliasdomain_edit.php +++ b/interface/web/sites/web_aliasdomain_edit.php @@ -162,6 +162,32 @@ //* make sure that the domain is lowercase if(isset($this->dataRecord["domain"])) $this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]); + // Check custom PHP version + if(isset($this->dataRecord['fastcgi_php_version']) && $this->dataRecord['fastcgi_php_version'] != '') { + // Check php-fpm mode + if($this->dataRecord['php'] == 'php-fpm'){ + $tmp = $app->db->queryOneRecord("SELECT * FROM server_php WHERE CONCAT(name,':',php_fpm_init_script,':',php_fpm_ini_dir,':',php_fpm_pool_dir) = '".$app->db->quote($this->dataRecord['fastcgi_php_version'])."'"); + if(is_array($tmp)) { + $this->dataRecord['fastcgi_php_version'] = $tmp['name'].':'.$tmp['php_fpm_init_script'].':'.$tmp['php_fpm_ini_dir'].':'.$tmp['php_fpm_pool_dir']; + } else { + $this->dataRecord['fastcgi_php_version'] = ''; + } + unset($tmp); + // Check fast-cgi mode + } elseif($this->dataRecord['php'] == 'fast-cgi') { + $tmp = $app->db->queryOneRecord("SELECT * FROM server_php WHERE CONCAT(name,':',php_fastcgi_binary,':',php_fastcgi_ini_dir) = '".$app->db->quote($this->dataRecord['fastcgi_php_version'])."'"); + if(is_array($tmp)) { + $this->dataRecord['fastcgi_php_version'] = $tmp['name'].':'.$tmp['php_fastcgi_binary'].':'.$tmp['php_fastcgi_ini_dir']; + } else { + $this->dataRecord['fastcgi_php_version'] = ''; + } + unset($tmp); + } else { + // Other PHP modes do not have custom versions, so we force the value to be empty + $this->dataRecord['fastcgi_php_version'] = ''; + } + } + parent::onSubmit(); } diff --git a/interface/web/sites/web_domain_edit.php b/interface/web/sites/web_domain_edit.php index a757700..f2fbf72 100644 --- a/interface/web/sites/web_domain_edit.php +++ b/interface/web/sites/web_domain_edit.php @@ -767,6 +767,33 @@ $app->tform->errorMessage .= $app->tform->lng("invalid_custom_php_ini_settings_txt").'<br>'; } } + + // Check custom PHP version + if(isset($this->dataRecord['fastcgi_php_version']) && $this->dataRecord['fastcgi_php_version'] != '') { + // Check php-fpm mode + if($this->dataRecord['php'] == 'php-fpm'){ + $tmp = $app->db->queryOneRecord("SELECT * FROM server_php WHERE CONCAT(name,':',php_fpm_init_script,':',php_fpm_ini_dir,':',php_fpm_pool_dir) = '".$app->db->quote($this->dataRecord['fastcgi_php_version'])."'"); + if(is_array($tmp)) { + $this->dataRecord['fastcgi_php_version'] = $tmp['name'].':'.$tmp['php_fpm_init_script'].':'.$tmp['php_fpm_ini_dir'].':'.$tmp['php_fpm_pool_dir']; + } else { + $this->dataRecord['fastcgi_php_version'] = ''; + } + unset($tmp); + // Check fast-cgi mode + } elseif($this->dataRecord['php'] == 'fast-cgi') { + $tmp = $app->db->queryOneRecord("SELECT * FROM server_php WHERE CONCAT(name,':',php_fastcgi_binary,':',php_fastcgi_ini_dir) = '".$app->db->quote($this->dataRecord['fastcgi_php_version'])."'"); + if(is_array($tmp)) { + $this->dataRecord['fastcgi_php_version'] = $tmp['name'].':'.$tmp['php_fastcgi_binary'].':'.$tmp['php_fastcgi_ini_dir']; + } else { + $this->dataRecord['fastcgi_php_version'] = ''; + } + unset($tmp); + } else { + // Other PHP modes do not have custom versions, so we force the value to be empty + $this->dataRecord['fastcgi_php_version'] = ''; + } + } + parent::onSubmit(); } diff --git a/interface/web/sites/web_subdomain_edit.php b/interface/web/sites/web_subdomain_edit.php index 4d079ff..bd86fed 100644 --- a/interface/web/sites/web_subdomain_edit.php +++ b/interface/web/sites/web_subdomain_edit.php @@ -170,6 +170,32 @@ //* make sure that the domain is lowercase if(isset($this->dataRecord["domain"])) $this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]); + // Check custom PHP version + if(isset($this->dataRecord['fastcgi_php_version']) && $this->dataRecord['fastcgi_php_version'] != '') { + // Check php-fpm mode + if($this->dataRecord['php'] == 'php-fpm'){ + $tmp = $app->db->queryOneRecord("SELECT * FROM server_php WHERE CONCAT(name,':',php_fpm_init_script,':',php_fpm_ini_dir,':',php_fpm_pool_dir) = '".$app->db->quote($this->dataRecord['fastcgi_php_version'])."'"); + if(is_array($tmp)) { + $this->dataRecord['fastcgi_php_version'] = $tmp['name'].':'.$tmp['php_fpm_init_script'].':'.$tmp['php_fpm_ini_dir'].':'.$tmp['php_fpm_pool_dir']; + } else { + $this->dataRecord['fastcgi_php_version'] = ''; + } + unset($tmp); + // Check fast-cgi mode + } elseif($this->dataRecord['php'] == 'fast-cgi') { + $tmp = $app->db->queryOneRecord("SELECT * FROM server_php WHERE CONCAT(name,':',php_fastcgi_binary,':',php_fastcgi_ini_dir) = '".$app->db->quote($this->dataRecord['fastcgi_php_version'])."'"); + if(is_array($tmp)) { + $this->dataRecord['fastcgi_php_version'] = $tmp['name'].':'.$tmp['php_fastcgi_binary'].':'.$tmp['php_fastcgi_ini_dir']; + } else { + $this->dataRecord['fastcgi_php_version'] = ''; + } + unset($tmp); + } else { + // Other PHP modes do not have custom versions, so we force the value to be empty + $this->dataRecord['fastcgi_php_version'] = ''; + } + } + parent::onSubmit(); } diff --git a/interface/web/sites/web_vhost_subdomain_edit.php b/interface/web/sites/web_vhost_subdomain_edit.php index ef1fc4c..225e489 100644 --- a/interface/web/sites/web_vhost_subdomain_edit.php +++ b/interface/web/sites/web_vhost_subdomain_edit.php @@ -562,6 +562,32 @@ $app->tform->errorMessage .= $app->tform->lng("invalid_rewrite_rules_txt").'<br>'; } } + + // Check custom PHP version + if(isset($this->dataRecord['fastcgi_php_version']) && $this->dataRecord['fastcgi_php_version'] != '') { + // Check php-fpm mode + if($this->dataRecord['php'] == 'php-fpm'){ + $tmp = $app->db->queryOneRecord("SELECT * FROM server_php WHERE CONCAT(name,':',php_fpm_init_script,':',php_fpm_ini_dir,':',php_fpm_pool_dir) = '".$app->db->quote($this->dataRecord['fastcgi_php_version'])."'"); + if(is_array($tmp)) { + $this->dataRecord['fastcgi_php_version'] = $tmp['name'].':'.$tmp['php_fpm_init_script'].':'.$tmp['php_fpm_ini_dir'].':'.$tmp['php_fpm_pool_dir']; + } else { + $this->dataRecord['fastcgi_php_version'] = ''; + } + unset($tmp); + // Check fast-cgi mode + } elseif($this->dataRecord['php'] == 'fast-cgi') { + $tmp = $app->db->queryOneRecord("SELECT * FROM server_php WHERE CONCAT(name,':',php_fastcgi_binary,':',php_fastcgi_ini_dir) = '".$app->db->quote($this->dataRecord['fastcgi_php_version'])."'"); + if(is_array($tmp)) { + $this->dataRecord['fastcgi_php_version'] = $tmp['name'].':'.$tmp['php_fastcgi_binary'].':'.$tmp['php_fastcgi_ini_dir']; + } else { + $this->dataRecord['fastcgi_php_version'] = ''; + } + unset($tmp); + } else { + // Other PHP modes do not have custom versions, so we force the value to be empty + $this->dataRecord['fastcgi_php_version'] = ''; + } + } parent::onSubmit(); } -- Gitblit v1.9.1