block non-standard vhost modification

This commit is contained in:
Nicolas Roman 2019-05-17 11:53:21 +02:00
parent ad452aad6a
commit a907137e27
4 changed files with 53 additions and 19 deletions

View file

@ -48,30 +48,41 @@ if (!array_key_exists('auth', $_SESSION) || $_SESSION['auth']!=1) {
include_once EVOADMIN_BASE . '../inc/webadmin.php';
} elseif (preg_match('#^/webadmin/(.*)/domain/?(edit)?/?(.*)?/$#', $uri, $params)) {
} elseif (preg_match('#^/webadmin?#', $uri)) {
include_once EVOADMIN_BASE . '../inc/webadmin-servername.php';
// Redirect to /webadmin in order to set $_SESSION['non_stanard']
if (!isset($_SESSION['non_standard']))
http_redirect('/webadmin');
} elseif (preg_match('#^/webadmin/(.*)/itk/?(enable|disable)?/?(.*)?/$#', $uri, $params)) {
// block the non-standard vhost modification
if (in_array(htmlspecialchars(basename($_SERVER['REDIRECT_URL'])), $_SESSION['non_standard']))
http_redirect('/webadmin');
include_once EVOADMIN_BASE . '../inc/webadmin-itk.php';
if (preg_match('#^/webadmin/servername/(.*)/?$#', $uri, $params)) {
} elseif (preg_match('#^/webadmin/(.*)/php/$#', $uri, $params)) {
include_once EVOADMIN_BASE . '../inc/webadmin-servername.php';
include_once EVOADMIN_BASE . '../inc/webadmin-php.php';
} elseif (preg_match('#^/webadmin/itk/(.*)/?$#', $uri, $params)) {
} elseif (preg_match('#^/webadmin/(.*)/alias/?(add|delete)?/?(.*)?/$#', $uri, $params)) {
include_once EVOADMIN_BASE . '../inc/webadmin-itk.php';
include_once EVOADMIN_BASE . '../inc/webadmin-edit.php';
} elseif (preg_match('#^/webadmin/php/(.*)/?$#', $uri, $params)) {
} elseif (preg_match('#^/webadmin/(.*)/delete/$#', $uri, $params)) {
include_once EVOADMIN_BASE . '../inc/webadmin-php.php';
include_once EVOADMIN_BASE . '../inc/webadmin-delete.php';
} elseif (preg_match('#^/webadmin/edit/(.*)/?$#', $uri, $params)) {
} elseif (preg_match('#^/webadmin/suppr/(.*)/?$#', $uri, $params)) {
include_once EVOADMIN_BASE . '../inc/webadmin-edit.php';
include_once EVOADMIN_BASE . '../inc/webadmin-suppr.php';
} elseif (preg_match('#^/webadmin/delete/(.*)/?$#', $uri, $params)) {
include_once EVOADMIN_BASE . '../inc/webadmin-delete.php';
} elseif (preg_match('#^/webadmin/suppr/(.*)/?$#', $uri, $params)) {
include_once EVOADMIN_BASE . '../inc/webadmin-suppr.php';
}
} elseif (is_superadmin() && preg_match('#^/accounts/?#', $uri, $params)) {
include_once EVOADMIN_BASE . '../inc/accounts.php';

View file

@ -30,6 +30,12 @@ if (!$conf['cluster']) {
/* Récupération de cette liste dans le tableau $vhost_list */
$vhost_list = array();
if (!isset($_SESSION['non_standard'])) {
$_SESSION['non_standard'] = array();
}
foreach($data_output as $data_line) {
$data_split = explode(':', $data_line);
@ -72,6 +78,11 @@ if (!$conf['cluster']) {
$occupation = "";
}
// current vhost isn't standard and thus not manageable by evoadmin-web
if (!$data_split[9]) {
array_push($_SESSION['non_standard'], $data_split[0]);
}
array_push($vhost_list, array(
'owner' => $data_split[0],
'configid' => $data_split[1],

View file

@ -876,9 +876,17 @@ op_listvhost() {
else
is_enabled=0
fi
count_virtualhosts="$(grep "<VirtualHost" "$configfile" | wc -l)"
if [ "$count_virtualhosts" -eq 1 ]; then
is_standard=1
else
is_standard=0
fi
if [ "$servername" ] && [ "$userid" ]; then
configid=$(basename "$configfile")
echo "$userid:$configid:$servername:$serveraliases:$size:$quota_soft:$quota_hard:$phpversion:$is_enabled"
echo "$userid:$configid:$servername:$serveraliases:$size:$quota_soft:$quota_hard:$phpversion:$is_enabled:$is_standard"
fi
fi
done

View file

@ -103,14 +103,18 @@
if (is_superadmin()) {
printf('<td>');
printf('<a href="/webadmin/%s/alias/">Alias</a> - ', $vhost_info['owner']);
printf('<a href="/webadmin/%s/domain/">Servername</a> - ', $vhost_info['owner']);
if(is_multiphp()) {
printf('<a href="/webadmin/%s/php/">PHP</a>', $vhost_info['owner']);
if (!in_array($vhost_info['owner'], $_SESSION['non_standard'])) {
printf('<a href="/webadmin/edit/%s">Alias</a> - ', $vhost_info['owner']);
printf('<a href="/webadmin/servername/%s">Servername</a> - ', $vhost_info['owner']);
if(is_multiphp()) {
printf('<a href="/webadmin/php/%s">PHP</a> - ', $vhost_info['owner']);
} else {
printf('<a href="/webadmin/itk/%s">ITK</a> - ', $vhost_info['owner']);
}
printf('<a href="/webadmin/delete/%s">Supprimer</a>', $vhost_info['owner']);
} else {
printf('<a href="/webadmin/%s/itk/">ITK</a>', $vhost_info['owner']);
print '<span class="form-mandatory-ok">VirtualHost non standard</span>';
}
printf('<a href="/webadmin/%s/delete/">Supprimer</a>', $vhost_info['owner']);
printf('</td>');
}