diff --git a/evolibs/Form.php b/evolibs/Form.php index 3df9cfe..f1cdba9 100644 --- a/evolibs/Form.php +++ b/evolibs/Form.php @@ -187,8 +187,9 @@ class FormPage { } } - public function addField($name, $obj) { + public function addField($name, $obj, $default_value="") { $obj->setName($name); + if ($default_value != "") $obj->setValue($default_value); array_push($this->fields, array($name, $obj)); } @@ -462,9 +463,10 @@ class DomainInputFormField extends FormField { protected $mandatory = NULL; protected $textsize = NULL; - public function __construct($label, $mandatory=TRUE) { + public function __construct($label, $mandatory=TRUE, $hidden=FALSE) { parent::__construct($label); $this->mandatory = $mandatory; + $this->hidden = $hidden; $this->textsize = $textsize; } @@ -484,7 +486,10 @@ class DomainInputFormField extends FormField { public function getInputHTML() { $input = ''; - $input .= 'hidden) + $input .= 'name.'"'; $input .= ' name="'.$this->name.'" value="'.htmlspecialchars($this->value,ENT_QUOTES).'"'; $input .= ' maxlength="'.$this->textsize[1].'" size="'.$this->textsize[0].'" '; if($this->read_only) { $input .= 'readonly="readonly="'; } @@ -496,9 +501,13 @@ class DomainInputFormField extends FormField { public function __toString() { $out = ''; $out .= "

\n"; - $out .= $this->getLabelHTML(); - $out .= $this->getInputHTML(); - $out .= $this->getErrorHTML(); + if ($this->hidden) { + $out .= $this->getInputHTML(); + } else { + $out .= $this->getLabelHTML(); + $out .= $this->getInputHTML(); + $out .= $this->getErrorHTML(); + } $out .= "

\n\n"; return $out; } @@ -870,7 +879,7 @@ class SelectFormField extends FormField { } public function verify($set_error) { - if($this->mandatory && empty($this->value)) { + if($this->mandatory && strlen($this->value) === 0) { if($set_error) $this->error = 'Champ obligatoire'; return FALSE; } @@ -885,7 +894,7 @@ class SelectFormField extends FormField { $input .= ' '."\n"; foreach ($this->list as $value => $label) { $input .= ' '."\n"; } $input .= "\n"; diff --git a/htdocs/common.php b/htdocs/common.php index 1c4acba..1e2532f 100644 --- a/htdocs/common.php +++ b/htdocs/common.php @@ -87,6 +87,16 @@ function load_config_cluster($cluster) { $conf = array_merge($conf, $clusterconf); } +/** + * Return wether or not this evoadmin install is a multi PHP install + * + * @return boolean - True when it's a multi PHP system + */ +function is_multiphp() +{ + return array_key_exists('php_versions', $conf) && count($conf['php_versions']) > 1; +} + /** * Includes */ diff --git a/htdocs/index.php b/htdocs/index.php index 47fe6f4..62d2a65 100755 --- a/htdocs/index.php +++ b/htdocs/index.php @@ -4,7 +4,7 @@ * common DirectoryIndex page * * Copyright (c) 2009 Evolix - Tous droits reserves - * + * * vim: expandtab softtabstop=4 tabstop=4 shiftwidth=4 showtabline=2 * * @author Gregory Colpart @@ -24,7 +24,7 @@ define('EVOADMIN_BASE','./'); session_name('EVOADMINWEB_SESS'); session_start(); -error_reporting(E_ALL | E_NOTICE); +error_reporting(E_ALL); header('Content-Type: text/html; charset=utf-8'); /** @@ -48,6 +48,18 @@ if (!array_key_exists('auth', $_SESSION) || $_SESSION['auth']!=1) { include_once EVOADMIN_BASE . '../inc/webadmin.php'; +} elseif (preg_match('#^/webadmin/servername/(.*)/?$#', $uri, $params)) { + + include_once EVOADMIN_BASE . '../inc/webadmin-servername.php'; + +} elseif (preg_match('#^/webadmin/itk/(.*)/?$#', $uri, $params)) { + + include_once EVOADMIN_BASE . '../inc/webadmin-itk.php'; + +} elseif (preg_match('#^/webadmin/php/(.*)/?$#', $uri, $params)) { + + include_once EVOADMIN_BASE . '../inc/webadmin-php.php'; + } elseif (preg_match('#^/webadmin/edit/(.*)/?$#', $uri, $params)) { include_once EVOADMIN_BASE . '../inc/webadmin-edit.php'; @@ -75,4 +87,3 @@ if (!array_key_exists('auth', $_SESSION) || $_SESSION['auth']!=1) { } else { die ("Cette page n'existe pas !!!"); } - diff --git a/inc/accounts.php b/inc/accounts.php index e790701..5c57119 100644 --- a/inc/accounts.php +++ b/inc/accounts.php @@ -348,7 +348,7 @@ if ($conf['bindadmin']) { } if (array_key_exists('php_versions', $conf) && count($conf['php_versions']) > 1) { - $form->addField('php_version', new SelectFormField("Version de PHP", FALSE, $conf['php_versions'])); + $form->addField('php_version', new SelectFormField("Version de PHP", TRUE, $conf['php_versions'])); } if ($conf['quota']) { @@ -388,11 +388,22 @@ if(!empty($_POST)) { /* Test de validation du formulaire */ if($form->verify(TRUE)) { + $errors_check = array(); + + if(check_occurence_name($form->getField('domain')->getValue())){ + array_push($errors_check, "Domaine déjà présent dans d'autres vhosts."); + } + if(check_occurence_name($form->getField('domain_alias')->getValue())){ + array_push($errors_check, "Alias déjà présent(s) dans d'autres vhosts."); + } + + if (count($errors_check) === 0) { if ($conf['cluster']) $exec_info = web_add_cluster($form, $conf['admin']['mail']); else $exec_info = web_add($form, $conf['admin']['mail']); - } + } + } } include_once EVOADMIN_BASE . '../tpl/header.tpl.php'; diff --git a/inc/webadmin-edit.php b/inc/webadmin-edit.php index 910a771..c8a579f 100644 --- a/inc/webadmin-edit.php +++ b/inc/webadmin-edit.php @@ -185,23 +185,34 @@ if (isset($_GET['del']) ) { 'domain' => htmlspecialchars(basename($_SERVER['REDIRECT_URL'])), 'alias' => $form->getField('domain_alias')->getValue(), ); - + $account_name=$serveralias['domain']; - $exec_cmd = 'web-add.sh add-alias ' . $serveralias['domain'] . ' ' . $serveralias['alias']; - sudoexec($exec_cmd, $exec_output, $exec_return); - if ($exec_return == 0) { - //domain_add($serveralias['alias'], gethostbyname($master) , false); TODO avec l'IP du load balancer - print "
"; - printf ('

L\'alias %s du domaine %s a bien été créé

', $serveralias['alias'], $serveralias['domain']); - printf ('

Retour à la liste des alias

', $_SERVER['REDIRECT_URL']); - print "
"; + $is_alias_present = check_occurence_name($serveralias['alias']); + + if (!$is_alias_present) { + $exec_cmd = 'web-add.sh add-alias ' . $serveralias['domain'] . ' ' . $serveralias['alias']; + sudoexec($exec_cmd, $exec_output, $exec_return); + if ($exec_return == 0) { + //domain_add($serveralias['alias'], gethostbyname($master) , false); TODO avec l'IP du load balancer + print "
"; + printf ('

L\'alias %s du domaine %s a bien été créé

', $serveralias['alias'], $serveralias['domain']); + printf ('

Retour à la liste des alias

', $_SERVER['REDIRECT_URL']); + print "
"; + } + else { + print "
"; + printf ('

Echec dans la creation de l\'alias %s du domaine %s

', $serveralias['alias'], $serveralias['domain']); + printf ('

Retour à la liste des alias

', $_SERVER['REDIRECT_URL']); + print "
"; + } } else { - print "
"; - printf ('

Echec dans la creation de l\'alias %s du domaine %s

', $serveralias['alias'], $serveralias['domain']); - printf ('

Retour à la liste des alias

', $_SERVER['REDIRECT_URL']); - print "
"; + print "
"; + printf ('

Echec dans la creation de l\'alias %s du domaine %s

', $serveralias['alias'], $serveralias['domain']); + print ('

L\'alias existe dans d\'autres vhosts.'); + printf ('

Retour à la liste des alias

', $_SERVER['REDIRECT_URL']); + print "
"; } } } diff --git a/inc/webadmin-itk.php b/inc/webadmin-itk.php new file mode 100644 index 0000000..680c653 --- /dev/null +++ b/inc/webadmin-itk.php @@ -0,0 +1,129 @@ + + * @author Thomas Martin + * @author Sebastien Palma + * @version 1.0 + */ + +require_once EVOADMIN_BASE . '../lib/bdd.php'; +require_once EVOADMIN_BASE . '../lib/domain.php'; + +global $conf; + +if (isset($_GET['enable']) ) { + require_once EVOADMIN_BASE . '../evolibs/Form.php'; + + include_once EVOADMIN_BASE . '../tpl/header.tpl.php'; + include_once EVOADMIN_BASE . '../tpl/menu.tpl.php'; + + + # TODO: sanitize $_GET + $servername = array ( + 'domain' => htmlspecialchars(basename($_SERVER['REDIRECT_URL'])), + 'servername' => $_GET['enable'] + ); + + $enable_cmd = 'web-add.sh enable-user-itk ' . $servername['servername'] . ' ' . $servername['domain']; + + sudoexec($enable_cmd, $enable_cmd_output, $enable_cmd_return); + + if ($enable_cmd_return == 0) { + print 'Sécurité ITK activée.'; + printf ('

Retour à la gestion ITK

', $_SERVER['REDIRECT_URL']); + } + + include_once EVOADMIN_BASE . '../tpl/footer.tpl.php'; + + +} +elseif (isset($_GET['disable']) ) { + require_once EVOADMIN_BASE . '../evolibs/Form.php'; + + include_once EVOADMIN_BASE . '../tpl/header.tpl.php'; + include_once EVOADMIN_BASE . '../tpl/menu.tpl.php'; + + + # TODO: sanitize $_GET + $servername = array ( + 'domain' => htmlspecialchars(basename($_SERVER['REDIRECT_URL'])), + 'servername' => $_GET['disable'] + ); + + $disable_cmd = 'web-add.sh disable-user-itk ' . $servername['servername'] . ' ' . $servername['domain']; + + sudoexec($disable_cmd, $disable_cmd_output, $disable_cmd_return); + + if ($disable_cmd_return == 0) { + print 'Sécurité ITK désactivée'; + printf ('

Retour à la gestion ITK

', $_SERVER['REDIRECT_URL']); + } + + include_once EVOADMIN_BASE . '../tpl/footer.tpl.php'; + + +} +else { + + $domain = $params[1]; + $data_list = array(); + + // TODO: adapt for cluster mode + if ($conf['cluster']) { + if (is_mcluster_mode()) { + // If the user has not yet selected a cluster, redirect-it to home page. + if (empty($_SESSION['cluster'])) { + http_redirect('/'); + } + $cache = str_replace('%cluster_name%', $_SESSION['cluster'], $conf['cache']); + } + else { + $cache = $conf['cache']; + } + + $alias_list = array(); + + /* parcours de la table Serveralias */ + $bdd = new bdd(); + $bdd->open($cache); + + $alias_list = $bdd->list_serveralias($domain); + } + else { + + $cmd = 'web-add.sh list-servername ' . $domain; + + if(!is_superadmin()) { + $cmd = sprintf('%s %s', $cmd, $_SESSION['user']); + } + sudoexec($cmd, $data_output, $exec_return); + + # à revérifier (notamment gestion erreurs) + if ($exec_return == 0) { + foreach($data_output as $data_line) { + $cmd_itk = 'web-add.sh list-user-itk ' . $data_line . ' ' . $domain; + + sudoexec($cmd_itk, $data_output_itk, $exec_return_itk); + + # on prend le premier résultat du tableau, ne fonctionne pas s'il y a plusieurs la même ligne ou des commentaires etc. + array_push($data_list, ['servername' => $data_line, 'user' => $data_output_itk[0]]); + unset($data_output_itk); # reset variable pour éviter conflits + } + } + } + + include_once EVOADMIN_BASE . '../tpl/header.tpl.php'; + include_once EVOADMIN_BASE . '../tpl/menu.tpl.php'; + include_once EVOADMIN_BASE . '../tpl/webadmin-itk.tpl.php'; + include_once EVOADMIN_BASE . '../tpl/footer.tpl.php'; + +} + +?> diff --git a/inc/webadmin-php.php b/inc/webadmin-php.php new file mode 100644 index 0000000..6afba03 --- /dev/null +++ b/inc/webadmin-php.php @@ -0,0 +1,94 @@ + + * @author Thomas Martin + * @author Sebastien Palma + * @version 1.0 + */ + +require_once EVOADMIN_BASE . '../lib/bdd.php'; +require_once EVOADMIN_BASE . '../lib/domain.php'; +require_once EVOADMIN_BASE . '../evolibs/Form.php'; + +global $conf; + +$form = new FormPage("Modification de la version de PHP", FALSE); +$form->addField('php_version', new SelectFormField("Nouvelle version de PHP", True, $conf['php_versions'])); + +include_once EVOADMIN_BASE . '../tpl/header.tpl.php'; +include_once EVOADMIN_BASE . '../tpl/menu.tpl.php'; + +$domain = $params[1]; + +// TODO: adapt for cluster mode +if ($conf['cluster']) { + print "
"; + printf ('

ERREUR

'); + printf ('

Cette action n\'est pas encore supportée en mode cluster

'); + printf ('

Retour à liste des comptes

'); + print "
"; +} +else { + $cmd = 'web-add.sh list-vhost ' . escapeshellarg($domain); + sudoexec($cmd, $data_output, $exec_return); + + $data_split = explode(':', $data_output[0]); + $current_PHP_version = $data_split[7]; + + if (!empty($_POST)) { + $form->isCurrentPage(TRUE); + $form->initFields(); + + if ($form->verify(TRUE)) { + if (isset($conf['php_versions'][$form->getField('php_version')->getValue()])) + { + $selected_php_version = $conf['php_versions'][$form->getField('php_version')->getValue()]; + $exec_cmd = 'web-add.sh setphpversion '.escapeshellarg($domain).' '.escapeshellarg($selected_php_version); + sudoexec($exec_cmd, $exec_output, $exec_return); + + if ($exec_return == 0) { + + print "
"; + printf ('

La version de PHP bien été modifié

'); + printf ('

Retour à liste des comptes

'); + print "
"; + + } + else { + print "
"; + printf ('

ERREUR

'); + printf ('

Une erreur innatendue s\'est produite

'); + + if ($conf['debug'] == TRUE) { + print '
';
+                            foreach($exec_output as $exec_line) {
+                                printf("%s\n", $exec_line);
+                            }
+                            print '
'; + } + + printf ('

Retour à liste des comptes

'); + print "
"; + } + } + else { + include_once EVOADMIN_BASE . '../tpl/webadmin-php.tpl.php'; + } + } + else { + include_once EVOADMIN_BASE . '../tpl/webadmin-php.tpl.php'; + } + } + else { + include_once EVOADMIN_BASE . '../tpl/webadmin-php.tpl.php'; + } + + include_once EVOADMIN_BASE . '../tpl/footer.tpl.php'; +} diff --git a/inc/webadmin-servername.php b/inc/webadmin-servername.php new file mode 100644 index 0000000..a68d7c2 --- /dev/null +++ b/inc/webadmin-servername.php @@ -0,0 +1,216 @@ + + * @author Thomas Martin + * @author Sebastien Palma + * @version 1.0 + */ + +require_once EVOADMIN_BASE . '../lib/bdd.php'; +require_once EVOADMIN_BASE . '../lib/domain.php'; + +global $conf; + +if (isset($_GET['edit']) ) { + require_once EVOADMIN_BASE . '../evolibs/Form.php'; + + include_once EVOADMIN_BASE . '../tpl/header.tpl.php'; + include_once EVOADMIN_BASE . '../tpl/menu.tpl.php'; + + $form = new FormPage("Modification du ServerName", FALSE); + $form->addField('domain_servername', new DomainInputFormField("ServerName", TRUE), $_GET['edit']); + $form->addField('previous_servername', new DomainInputFormField("", TRUE, TRUE), $_GET['edit']); + + if (!empty($_POST)) { + $form->isCurrentPage(TRUE); + $form->initFields(); + + if ($form->verify(TRUE)) { + // TODO: Adapt the script for cluster mode + if ($conf['cluster']) { + if (is_mcluster_mode()) { + // If the user has not yet selected a cluster, redirect-it to home page. + if (empty($_SESSION['cluster'])) { + http_redirect('/'); + } + $cache = str_replace('%cluster_name%', $_SESSION['cluster'], $conf['cache']); + } + else { + $cache = $conf['cache']; + } + $bdd = new bdd(); + $bdd->open($cache); + + $servername = array ( + 'domain' => htmlspecialchars(basename($_SERVER['REDIRECT_URL'])), + 'servername' => $form->getField('domain_servername')->getValue(), + 'previous_servername' => $form->getField('previous_servername')->getValue(), + ); + + $account_name=$servername['domain']; + $account = $bdd->get_account($account_name); + + + if (sizeof($account) == 0) + die("Anomalie... Contactez votre administrateur."); + + $master = $bdd->get_server_from_roleid($account['id_master']); + $slave = $bdd->get_server_from_roleid($account['id_slave']); + + + if ( $bdd->is_serveralias( $account_name, $serveralias['alias'] ) == 0 ) { + + /* web-add-cluster addalias */ + $exec_cmd = 'web-add-cluster.sh add-alias '.$serveralias['domain'].' '.$serveralias['alias'].' '.$master.' '.$slave; + sudoexec($exec_cmd, $exec_output, $exec_return); + + + + if ($exec_return == 0) { + /* Ajout BDD */ + $bdd->add_serveralias($serveralias); + + domain_add($serveralias['alias'], gethostbyname($master) , false); + + # Si le compte en question est en replication temps + # reel, il faut faire un restart manuel de lsyncd + # pour prendre en compte le nouveau domaine. + if ($account['replication'] == "realtime") { + mail('tech@evolix.fr', "[TAF] Redemarrer lsyncd sur $master", wordwrap('killer tous les processus lsyncd lancé par vmail pour le compte '.$account['name'].' et les relancer (cf. la ligne correspondante à ce compte dans la crontab de vmail).\n', 70)); + } + + print "
"; + printf ('

L\'alias %s du domaine %s a bien été créé

', $serveralias['alias'], $serveralias['domain']); + printf ('

Retour à la liste des alias

', $_SERVER['REDIRECT_URL']); + print "
"; + } else { + print "
"; + printf ('

Echec dans la creation de l\'alias %s du domaine %s

', $serveralias['alias'], $serveralias['domain']); + printf ('

Retour à la liste des alias

', $_SERVER['REDIRECT_URL']); + print "
"; + } + } else { + print "
"; + printf ('

Alias %s du domaine %s deja existant !

', $serveralias['alias'], $serveralias['domain']); + printf ('

Retour à la liste des alias

', $_SERVER['REDIRECT_URL']); + print "
"; + + } + } + else { + $servername = array ( + 'domain' => htmlspecialchars(basename($_SERVER['REDIRECT_URL'])), + 'servername' => $form->getField('domain_servername')->getValue(), + 'previous_servername' => $form->getField('previous_servername')->getValue(), + ); + + $account_name=$servername['domain']; + + $is_servername_present = check_occurence_name($servername['servername']); + + if (!$is_servername_present) { + $exec_cmd = 'web-add.sh update-servername ' . $servername['domain'] . ' ' . $servername['servername'] . ' ' . $servername['previous_servername']; + sudoexec($exec_cmd, $exec_output, $exec_return); + + if ($exec_return == 0) { + //domain_add($serveralias['alias'], gethostbyname($master) , false); TODO avec l'IP du load balancer + print "
"; + printf ('

Le ServerName %s a bien été modifié

', $servername['servername']); + printf ('

Retour à la liste des ServerNames

', $_SERVER['REDIRECT_URL']); + print "
"; + } + else { + print "
"; + printf ('

Echec dans la modification du ServerName %s

', $servername['servername']); + printf ('

Retour à la liste des ServerNames

', $_SERVER['REDIRECT_URL']); + print "
"; + } + } + else { + print "
"; + printf ('

Echec dans la modification du ServerName %s

', $servername['servername']); + print ('

Le domaine existe déjà dans d\'autres vhosts.'); + printf ('

Retour à la liste des ServerNames

', $_SERVER['REDIRECT_URL']); + print "
"; + } + } + } else { + print "

Modification du ServerName


"; + print "
"; + print "
"; + print " Modification du ServerName"; + print $form; + print "

"; + print "
"; + print "
"; + } + } else { + print "

Modification du ServerName


"; + print "
"; + print "
"; + print " Modification du ServerName"; + print $form; + print "

"; + print "
"; + print "
"; + + } + + include_once EVOADMIN_BASE . '../tpl/footer.tpl.php'; + + +} else { + + $domain = $params[1]; + $servername_list = array(); + + // TODO: adapt for cluster mode + if ($conf['cluster']) { + if (is_mcluster_mode()) { + // If the user has not yet selected a cluster, redirect-it to home page. + if (empty($_SESSION['cluster'])) { + http_redirect('/'); + } + $cache = str_replace('%cluster_name%', $_SESSION['cluster'], $conf['cache']); + } + else { + $cache = $conf['cache']; + } + + $alias_list = array(); + + /* parcours de la table Serveralias */ + $bdd = new bdd(); + $bdd->open($cache); + + $alias_list = $bdd->list_serveralias($domain); + } + else { + + $cmd = 'web-add.sh list-servername ' . $domain; + + if(!is_superadmin()) { + $cmd = sprintf('%s %s', $cmd, $_SESSION['user']); + } + sudoexec($cmd, $data_output, $exec_return); + + foreach($data_output as $data_line) { + array_push($servername_list, $data_line); + } + } + + include_once EVOADMIN_BASE . '../tpl/header.tpl.php'; + include_once EVOADMIN_BASE . '../tpl/menu.tpl.php'; + include_once EVOADMIN_BASE . '../tpl/webadmin-servername.tpl.php'; + include_once EVOADMIN_BASE . '../tpl/footer.tpl.php'; + +} + +?> diff --git a/lib/domain.php b/lib/domain.php index a63df20..1e6dea7 100644 --- a/lib/domain.php +++ b/lib/domain.php @@ -17,13 +17,37 @@ function domain_add($name, $IP, $with_mxs, $gmail=false) { $exec_cmd .= ' -m mail,10'; $exec_cmd .= ' -m backup.quai13.net.,20'; } -# mail('tech@evolix.fr', '[TAF] Ajouter '.$name.' sur quai13-backup', wordwrap('Ajouter le domaine '.$name.' à la directive relay_domains dans le fichier /etc/postfix/main.cf sur quai13-backup, pour mettre en place le MX secondaire du domaine.', 70)); } $exec_cmd .= " -a $IP $name"; - //echo $exec_cmd."\n"; sudoexec($exec_cmd, $exec_output, $exec_return); return array($exec_cmd, $exec_return, $exec_output); } +/** + * Ensure that the domain (or list of domains) do no exists in any other + * apache config file. Either as a ServerName or ServerAlias + * + * @param string $name Domain (or list of domains separated by commas) + * + * @return boolean True if one occurence is found. Else otherwise + */ +function check_occurence_name($name) { + + // If no domain are given, that should be okay + if(strlen($name) === 0){ + return false; + } + + $exploded_names = explode(',', $name); + + foreach ($exploded_names as $current_name) { + $check_occurence_cmd = 'web-add.sh check-occurence ' . escapeshellarg($current_name); + + sudoexec($check_occurence_cmd, $check_occurence_output, $check_occurence_return); + if ($check_occurence_return == 0) return true; + } + + return false; +} diff --git a/scripts/web-add.sh b/scripts/web-add.sh index 80ab7aa..df0306e 100755 --- a/scripts/web-add.sh +++ b/scripts/web-add.sh @@ -109,8 +109,9 @@ del LOGIN [DBNAME] list-vhost LOGIN List Apache vhost for user LOGIN - + check-vhosts -f + List suggested changes to vhosts, apply fixes with -f add-alias VHOST ALIAS @@ -121,6 +122,31 @@ del-alias VHOST ALIAS Del a ServerAlias from an Apache vhost +list-servername LOGIN + + List ServerName(s) for user LOGIN + +update-servername VHOST SERVERNAME OLD_SERVERNAME + + Replace the OLD_SERVERNAME with the SERVERNAME for an Apache vhost + Also apply to rules + +check-occurence NAME + + List all occurences of NAME in vhosts + +list-user-itk DOMAIN LOGIN + + List the assigned ITK user for the DOMAIN specified + +enable-user-itk DOMAIN LOGIN + + Enable the assigned ITK user for the DOMAIN specified + +disable-user-itk DOMAIN LOGIN + + Disable the assigned ITK user for the DOMAIN specified + setphpversion LOGIN VERSION Change PHP version for LOGIN @@ -261,7 +287,7 @@ create_www_account() { ${in_gid:+'--gid' "$in_gid"} \ --force-badname \ --home "$HOME_DIR_USER" >/dev/null - + [ -z "$in_sshkey" ] \ && echo "$in_login:$in_passwd" | chpasswd @@ -272,7 +298,7 @@ create_www_account() { && chmod -R u=rwX,g=,o= "$HOME_DIR_USER/.ssh/authorized_keys" \ && chown -R "$in_login":"$in_login" "$HOME_DIR_USER/.ssh" - if [ "$WEB_SERVER" == "apache" ]; then + if [ "$WEB_SERVER" == "apache" ]; then # Create www user and force UID if specified /usr/sbin/adduser \ --gecos "WWW $in_login" \ @@ -486,25 +512,25 @@ EOT if [ "$in_dbname" ]; then sed -e " - s/LOGIN/$in_login/g ; - s/SERVERNAME/$in_wwwdomain/ ; - s/PASSE1/$in_passwd/ ; - s/PASSE2/$in_dbpasswd/ ; - s/RANDOM/$random/ ; - s/QUOTA/$quota/ ; - s/RCPTTO/$in_mail/ ; - s/DBNAME/$in_dbname/ ; + s/LOGIN/$in_login/g ; + s/SERVERNAME/$in_wwwdomain/ ; + s/PASSE1/$in_passwd/ ; + s/PASSE2/$in_dbpasswd/ ; + s/RANDOM/$random/ ; + s/QUOTA/$quota/ ; + s/RCPTTO/$in_mail/ ; + s/DBNAME/$in_dbname/ ; s#HOME_DIR#$HOME_DIR#" \ < $TPL_MAIL | /usr/lib/sendmail -oi -t -f "$CONTACT_MAIL" else sed -e " - s/LOGIN/$in_login/g ; - s/SERVERNAME/$in_wwwdomain/ ; - s/PASSE1/$in_passwd/ ; - s/RANDOM/$random/ ; - s/QUOTA/$quota/ ; - s/RCPTTO/$in_mail/ ; - s#HOME_DIR#$HOME_DIR# ; + s/LOGIN/$in_login/g ; + s/SERVERNAME/$in_wwwdomain/ ; + s/PASSE1/$in_passwd/ ; + s/RANDOM/$random/ ; + s/QUOTA/$quota/ ; + s/RCPTTO/$in_mail/ ; + s#HOME_DIR#$HOME_DIR# ; 39,58d" \ < $TPL_MAIL | /usr/lib/sendmail -oi -t -f "$CONTACT_MAIL" fi @@ -719,7 +745,7 @@ arg_processing() { ;; list-vhost) op_listvhost "$@" - ;; + ;; check-vhosts) op_checkvhosts "$@" ;; @@ -729,6 +755,24 @@ arg_processing() { del-alias) op_aliasdel "$@" ;; + list-servername) + op_listservername "$@" + ;; + update-servername) + op_servernameupdate "$@" + ;; + check-occurence) + op_checkoccurencename "$@" + ;; + list-user-itk) + op_listuseritk "$@" + ;; + enable-user-itk) + op_enableuseritk "$@" + ;; + disable-user-itk) + op_disableuseritk "$@" + ;; setphpversion) op_setphpversion "$@" ;; @@ -793,13 +837,146 @@ op_aliasdel() { if [ $# -eq 2 ]; then vhost="${1}.conf" alias=$2 + vhost_file="${VHOST_PATH}/${vhost}" - [ -f $VHOST_PATH/"$vhost" ] && sed -i -e "/ServerAlias $alias/d" $VHOST_PATH/"$vhost" --follow-symlinks + if [ -f "${vhost_file}" ]; then + sed -i -e "/ServerAlias $alias/d" "${vhost_file}" --follow-symlinks + else + echo "VHost file \`${vhost_file}' not found'" >&2 + return 1 + fi - apache2ctl configtest 2>/dev/null - /etc/init.d/apache2 force-reload >/dev/null + configtest_out=$(apache2ctl configtest) + configtest_rc=$? - else usage + if [ "$configtest_rc" = "0" ]; then + /etc/init.d/apache2 force-reload >/dev/null + else + echo $configtest_out >&2 + fi + else + usage + fi +} + +op_listservername() { + if [ $# -eq 1 ]; then + vhost_file="$VHOST_PATH/${1}.conf"; + + if [ -f "${vhost_file}" ]; then + servernames=$(awk '/^[[:space:]]*ServerName (.*)/ { print $2 }' "$vhost_file" | uniq) + + for servername in $servernames; do + echo "$servername"; + done + else + echo "VHost file \`${vhost_file}' not found'" >&2 + return 1 + fi + else + usage + fi +} + +op_servernameupdate() { + if [ $# -eq 3 ]; then + vhost="${1}.conf" + servername=$2 + old_servername=$3 + vhost_file="${VHOST_PATH}/${vhost}" + + # Remplacement de toutes les directives ServerName, on assume qu'il s'agit du même pour chaque vhost du fichier + if [ -f "${vhost_file}" ]; then + sed -i "/^ *ServerName/ s/$old_servername/$servername/g" "${vhost_file}" --follow-symlinks + sed -i "/^ *RewriteCond/ s/$old_servername/$servername/g" "${vhost_file}" --follow-symlinks + fi + + configtest_out=$(apache2ctl configtest) + configtest_rc=$? + + if [ "$configtest_rc" = "0" ]; then + /etc/init.d/apache2 force-reload >/dev/null + else + echo $configtest_out >&2 + fi + else + usage + fi +} + +op_checkoccurencename() { + if [ $# -eq 1 ]; then + name=${1} + configlist="$VHOST_PATH/*"; + servernames='' + aliases='' + + for configfile in $configlist; do + if [ -r "$configfile" ]; then + alias=$(perl -ne 'print "$1 " if /^[[:space:]]*ServerAlias (.*)/' "$configfile" | head -n 1) + aliases="$aliases $alias" + + servername=$(awk '/^[[:space:]]*ServerName (.*)/ { print $2 }' "$configfile" | uniq) + servernames="$servernames $servername" + fi + done + + echo "$servernames" "$aliases" | grep -w "$name" + else + usage + fi +} + +op_listuseritk() { + if [ $# -eq 2 ]; then + domain=${1} + configfile="$VHOST_PATH/${2}.conf" + + sed -n "/$domain/,/<\/VirtualHost>/p" "$configfile" | awk '/AssignUserID/ {print $2}' | uniq + else + usage + fi +} + +op_enableuseritk() { + if [ $# -eq 2 ]; then + domain=${1} + configfile="$VHOST_PATH/${2}.conf" + group=$(sed -n "/$domain/,/<\/VirtualHost>/p" "$configfile" | awk '/AssignUserID/ {print $3}' | uniq) + + sed -i "/$domain/,/<\/VirtualHost>/ s/^ *AssignUserID $group/ AssignUserID www-$group/" "$configfile" --follow-symlinks + + configtest_out=$(apache2ctl configtest) + configtest_rc=$? + + if [ "$configtest_rc" = "0" ]; then + /etc/init.d/apache2 force-reload >/dev/null + else + echo $configtest_out >&2 + fi + else + usage + fi +} + +op_disableuseritk() { + if [ $# -eq 2 ]; then + domain=${1} + configfile="$VHOST_PATH"/"${2}".conf + group=$(sed -n "/$domain/,/<\/VirtualHost>/p" $configfile | awk '/AssignUserID/ {print $3}' | uniq) + + sed -i "/$domain/,/<\/VirtualHost>/ s/^ *AssignUserID www-$group/ AssignUserID ${group}/" "$configfile" --follow-symlinks + + configtest_out=$(apache2ctl configtest) + configtest_rc=$? + + if [ "$configtest_rc" = "0" ]; then + /etc/init.d/apache2 force-reload >/dev/null + else + echo $configtest_out >&2 + fi + else + usage fi } @@ -1006,7 +1183,7 @@ op_add() { op_checkvhosts() { ln_vhosts_dir="$(sed 's/available/enabled/' <<< "$VHOST_PATH")" non_ln_vhosts="$(find "$ln_vhosts_dir"/* ! -type l)" - + while getopts f opt; do case "$opt" in f) @@ -1018,7 +1195,7 @@ op_checkvhosts() { ;; esac done - + for ln_path in $non_ln_vhosts do vhost_name=$(basename "$ln_path") diff --git a/tpl/accounts.tpl.php b/tpl/accounts.tpl.php index 34cc35c..89e4c84 100644 --- a/tpl/accounts.tpl.php +++ b/tpl/accounts.tpl.php @@ -13,9 +13,7 @@ * @version 1.0 */ -?> -'; if ($conf['debug'] == TRUE) @@ -23,7 +21,7 @@ if ($exec_info[1]) { print "La commande a échoué\n"; - print_r($exec_info); + print_r($exec_info); } else print "Le compte a été créé avec succès\n"; @@ -34,12 +32,21 @@ print ''; } else { + + // If there is validation errors, display them + if (isset($errors_check)) { + print '

Erreur(s) :
'; + foreach ($errors_check as $error) { + printf('%s
', $error); + } + print '

'; + } ?>
Ajout d'un compte - +

diff --git a/tpl/webadmin-itk.tpl.php b/tpl/webadmin-itk.tpl.php new file mode 100644 index 0000000..7d1f596 --- /dev/null +++ b/tpl/webadmin-itk.tpl.php @@ -0,0 +1,61 @@ + + * @version 1.0 + */ + +?> + +

Sécurité ITK

+ + 0) { ?> + + + + + + + Action'; + } ?> + + + + '; + printf('', + $data_list[$i]['servername']); + printf('', + $data_list[$i]['user']); + if (is_superadmin()) { + + if (strpos($data_list[$i]['user'], 'www') !== false) { + $action = ['disable', 'Désactiver']; + } else { + $action = ['enable', 'Activer']; + } + + printf('', + $domain, $action[0], $data_list[$i]['servername']); + } + print ''; + } ?> + +
ServerNameUtilisateur
%s%s'.$action[1].'
+La sécurité ITK ne semble pas en place pour le domaine $domain

"; + } + + +?> diff --git a/tpl/webadmin-php.tpl.php b/tpl/webadmin-php.tpl.php new file mode 100644 index 0000000..34f590b --- /dev/null +++ b/tpl/webadmin-php.tpl.php @@ -0,0 +1,26 @@ + + * @version 1.0 + */ + +?> + +

Version PHP

+ +

Version actuelle de PHP :

+ +
+
+ Changement de version de PHP + +

+
+
diff --git a/tpl/webadmin-servername.tpl.php b/tpl/webadmin-servername.tpl.php new file mode 100644 index 0000000..5e218cb --- /dev/null +++ b/tpl/webadmin-servername.tpl.php @@ -0,0 +1,50 @@ + + * @version 1.0 + */ + +?> + +

ServerNames

+ + 0) { ?> + + + + + + Action'; + } ?> + + + + '; + printf('', + $servername_list[$i]); + if (is_superadmin()) + printf('', + $domain, $servername_list[$i]); + print ''; + } ?> + +
ServerName
%sModifier
+Aucun ServerName existant pour le domaine $domain !

"; + } + + +?> diff --git a/tpl/webadmin.tpl.php b/tpl/webadmin.tpl.php index 1fad772..3ae37f0 100755 --- a/tpl/webadmin.tpl.php +++ b/tpl/webadmin.tpl.php @@ -5,7 +5,7 @@ * * Copyright (c) 2009 Evolix - Tous droits reserves * - * vim: expandtab softtabstop=4 tabstop=4 shiftwidth=4 showtabline=2 + * vim: expandtab softtabstop=4 tabstop=4 shiftwidth=4 showtabline=2 * * @author Gregory Colpart * @author Thomas Martin @@ -15,7 +15,7 @@ ?> -

Domaines

+

Liste des comptes web

0) { ?> @@ -39,7 +39,12 @@ } ?> - + + Administration'; + } + ?> + @@ -58,7 +63,7 @@ } printf('', $vhost_info['server_name'], $vhost_info['server_name']); - + if ($conf['cluster']) { if (empty($vhost_info['bdd'])) printf('', preg_replace("/^(\d)(\d)$/", '\1.\2', $vhost_info['php_version'])); } printf('', ($vhost_info['is_enabled'] ? 'Activé' : 'Désactivé' )); + if (is_superadmin()) { - printf('', - $vhost_info['owner']); + printf(''); + } print '';
 Actif ?  Action  Bddhttp://%s'); @@ -94,9 +99,15 @@ printf('%s%sLister/Modifier les alias'); + printf('Alias - ', $vhost_info['owner']); + printf('Servername - ', $vhost_info['owner']); + printf('ITK - ', $vhost_info['owner']); + printf('PHP', $vhost_info['owner']); + printf('