Home Explore Help
Sign In
yosoyhendrix
/
hestiacp
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Add hooks to hestia-* package + Update versions (#2440)

* Add support for pre/post install hooks

hestia-nginx doesn't want to install when demo mode is enabled

* Update to last versions

* Update PHP version to 8.1.x

* Resolve Warning Uknown "Key"

Make sure keys are present or checked via empty / isset if they exsits before used

* Remove deprecated "favorite" feature out of UI

* Changes requiered update to php8.x.x

escapeargs() can't be "NULL" Any more 
Same for __() and other functions 
Use date class for dates instead of date() function
Jaap Marcus 4 years ago
parent
5148e3d6f6
commit
754a247f74
61 changed files with 841 additions and 341 deletions
Split View Show Diff Stats
  1. 11 12
      install/deb/filemanager/filegator/backend/Services/Auth/Adapters/HestiaAuth.php
  2. 9 7
      install/deb/filemanager/filegator/configuration.php
  3. 1 1
      src/deb/nginx/control
  4. 9 0
      src/deb/nginx/postinst
  5. 1 1
      src/deb/php/control
  6. 1 1
      src/deb/php/php-fpm.conf
  7. 10 0
      src/deb/php/postinst
  8. 19 0
      web/add/cron/index.php
  9. 8 1
      web/add/db/index.php
  10. 71 1
      web/add/dns/index.php
  11. 7 0
      web/add/firewall/banlist/index.php
  12. 17 0
      web/add/firewall/index.php
  13. 10 0
      web/add/firewall/ipset/index.php
  14. 22 0
      web/add/ip/index.php
  15. 4 1
      web/add/key/index.php
  16. 54 4
      web/add/mail/index.php
  17. 22 1
      web/add/package/index.php
  18. 22 0
      web/add/user/index.php
  19. 69 22
      web/add/web/index.php
  20. 4 0
      web/bulk/db/index.php
  21. 8 0
      web/bulk/mail/index.php
  22. 11 0
      web/bulk/web/index.php
  23. 3 6
      web/delete/log/index.php
  24. 2 7
      web/edit/ip/index.php
  25. 10 5
      web/edit/mail/index.php
  26. 40 8
      web/edit/package/index.php
  27. 70 23
      web/edit/server/index.php
  28. 104 37
      web/edit/user/index.php
  29. 18 13
      web/edit/web/index.php
  30. 54 33
      web/inc/main.php
  31. 6 2
      web/inc/policies.php
  32. 32 23
      web/inc/prevent_csrf.php
  33. 5 4
      web/list/log/auth/index.php
  34. 6 0
      web/list/log/index.php
  35. 7 4
      web/list/rrd/index.php
  36. 21 16
      web/login/index.php
  37. 6 20
      web/templates/pages/add_package.html
  38. 1 1
      web/templates/pages/add_user.html
  39. 6 5
      web/templates/pages/add_web.html
  40. 1 1
      web/templates/pages/edit_ip.html
  41. 1 1
      web/templates/pages/edit_mail.html
  42. 5 17
      web/templates/pages/edit_package.html
  43. 2 11
      web/templates/pages/edit_server.html
  44. 6 11
      web/templates/pages/edit_user.html
  45. 1 1
      web/templates/pages/edit_web.html
  46. 1 1
      web/templates/pages/list_backup.html
  47. 2 3
      web/templates/pages/list_cron.html
  48. 4 4
      web/templates/pages/list_db.html
  49. 2 2
      web/templates/pages/list_dns.html
  50. 12 1
      web/templates/pages/list_dns_rec.html
  51. 2 2
      web/templates/pages/list_firewall.html
  52. 2 2
      web/templates/pages/list_firewall_banlist.html
  53. 2 8
      web/templates/pages/list_firewall_ipset.html
  54. 2 2
      web/templates/pages/list_ip.html
  55. 2 2
      web/templates/pages/list_mail.html
  56. 2 3
      web/templates/pages/list_mail_acc.html
  57. 2 2
      web/templates/pages/list_packages.html
  58. 2 2
      web/templates/pages/list_services.html
  59. 3 2
      web/templates/pages/list_stats.html
  60. 2 2
      web/templates/pages/list_user.html
  61. 2 2
      web/templates/pages/list_web.html

+ 11 - 12
install/deb/filemanager/filegator/backend/Services/Auth/Adapters/HestiaAuth.php
View File 

@@ -20,7 +20,6 @@ use Filegator\Services\Service;
 
  */
 
 class HestiaAuth implements Service, AuthInterface
 
 {
 
-
 
     protected $permissions = [];
 
 
     protected $private_repos = false;
 
@@ -32,13 +31,15 @@ class HestiaAuth implements Service, AuthInterface
 
         if (isset($_SESSION['user'])) {
 
             $v_user = $_SESSION['user'];
 
         }
 
-        if (isset($_SESSION['look']) && ($_SESSION['userContext'] === 'admin')){
 
-            $v_user = $_SESSION['look'];
 
-        }
 
-        if ( $_SESSION['look'] == 'admin' && $_SESSION['POLICY_SYSTEM_PROTECTED_ADMIN'] == 'yes' ){
 
-            // Go away do not login 
-            header('Location: /');
 
-            exit;
 
+        if (!empty($_SESSION['look'])) {
 
+            if (isset($_SESSION['look']) && ($_SESSION['userContext'] === 'admin')) {
 
+                $v_user = $_SESSION['look'];
 
+            }
 
+            if ($_SESSION['look'] == 'admin' && $_SESSION['POLICY_SYSTEM_PROTECTED_ADMIN'] == 'yes') {
 
+                // Go away do not login
 
+                header('Location: /');
 
+                exit;
 
+            }
 
         }
 
         $this->hestia_user = $v_user;
 
         $this->permissions = isset($config['permissions']) ? (array)$config['permissions'] : [];
 
@@ -47,16 +48,15 @@ class HestiaAuth implements Service, AuthInterface
 
 
     public function user(): ?User
 
     {
 
-
 
         $cmd="/usr/bin/sudo /usr/local/hestia/bin/v-list-user";
 
-        exec ($cmd." ".escapeshellarg($this->hestia_user )." json", $output, $return_var);
 
+        exec($cmd." ".escapeshellarg($this->hestia_user)." json", $output, $return_var);
 
 
         if ($return_var == 0) {
 
             $data = json_decode(implode('', $output), true);
 
             $hestia_user_info = $data[$this->hestia_user];
 
             return $this->transformUser($hestia_user_info);
 
         }
 
-        
+
 
         return $this->getGuest();
 
     }
 
 
@@ -126,5 +126,4 @@ class HestiaAuth implements Service, AuthInterface
 
 
         return $guest;
 
     }
 
-
 
 }

+ 9 - 7
install/deb/filemanager/filegator/configuration.php
View File 

@@ -14,11 +14,13 @@ $dist_config['services']['Filegator\Services\Storage\Filesystem']['config']['ada
 
     if (isset($_SESSION['user'])) {
 
         $v_user = $_SESSION['user'];
 
     }
 
-    if (isset($_SESSION['look']) && ($_SESSION['userContext'] === 'admin')) {
 
-        $v_user = $_SESSION['look'];
 
-    }
 
-    if ((isset($_SESSION['look']) && ($_SESSION['look'] == 'admin') && ($_SESSION['POLICY_SYSTEM_PROTECTED_ADMIN'] == 'yes'))) {
 
-        header('Location: /');
 
+    if (!empty($_SESSION['look'])) {
 
+        if (isset($_SESSION['look']) && ($_SESSION['userContext'] === 'admin')) {
 
+            $v_user = $_SESSION['look'];
 
+        }
 
+        if ((isset($_SESSION['look']) && ($_SESSION['look'] == 'admin') && ($_SESSION['POLICY_SYSTEM_PROTECTED_ADMIN'] == 'yes'))) {
 
+            header('Location: /');
 
+        }
 
     }
 
     # Create filemanager sftp key if missing and trash it after 30 min
 
     if (! file_exists('/home/'.basename($v_user).'/.ssh/hst-filemanager-key')) {
 
@@ -28,9 +30,9 @@ $dist_config['services']['Filegator\Services\Storage\Filesystem']['config']['ada
 
     if (!isset($_SESSION['SFTP_PORT'])) {
 
         exec("sudo /usr/local/hestia/bin/v-list-sys-sshd-port json", $output, $result);
 
         $port=json_decode(implode('', $output));
 
-        if ( is_numeric($port[0]) && $port[0] > 0 ){
 
+        if (is_numeric($port[0]) && $port[0] > 0) {
 
             $_SESSION['SFTP_PORT'] = $port[0];
 
-        } else if ( preg_match('/^\s*Port\s+(\d+)$/im', file_get_contents('/etc/ssh/sshd_config'), $matches) ) {
 
+        } elseif (preg_match('/^\s*Port\s+(\d+)$/im', file_get_contents('/etc/ssh/sshd_config'), $matches)) {
 
             $_SESSION['SFTP_PORT'] = $matches[1] ?? 22;
 
         } else {
 
             $_SESSION['SFTP_PORT'] = 22;

+ 1 - 1
src/deb/nginx/control
View File 

@@ -1,7 +1,7 @@
 
 Source: hestia-nginx
 
 Package: hestia-nginx
 
 Priority: optional
 
-Version: 1.21.5
 
+Version: 1.21.6
 
 Section: admin
 
 Maintainer: HestiaCP <info@hestiacp.com>
 
 Homepage: https://www.hestiacp.com

+ 9 - 0
src/deb/nginx/postinst
View File 

@@ -25,6 +25,11 @@ if [ -z "$HESTIA" ]; then
 
     export PATH
 
 fi
 
 
+# Check if preinstall hook exists
 
+if [ -e "/etc/hestiacp/hooks/nginx/pre_install.sh" ]; then
 
+    /etc/hestiacp/hooks/nginx/pre_install.sh
 
+fi
 
+
 
 # Load upgrade functions and variables
 
 source /usr/local/hestia/func/main.sh
 
 source /usr/local/hestia/func/upgrade.sh
 
@@ -36,6 +41,10 @@ if [ ! -z "$BACKEND_PORT" ]; then
 
     /usr/local/hestia/bin/v-change-sys-port $BACKEND_PORT
 
 fi
 
 
+if [ -e "/etc/hestiacp/hooks/nginx/post_install.sh" ]; then
 
+    /etc/hestiacp/hooks/nginx/post_install.sh
 
+fi
 
+
 
 # Restart hestia service
 
 if [ -f "/etc/init.d/hestia" ]; then
 
     systemctl restart hestia > /dev/null 2>&1

+ 1 - 1
src/deb/php/control
View File 

@@ -1,7 +1,7 @@
 
 Source: hestia-php
 
 Package: hestia-php
 
 Priority: optional
 
-Version: 7.4.27-1
 
+Version: 8.1.4
 
 Section: admin
 
 Maintainer: HestaCP <info@hestiacp.com>
 
 Homepage: https://www.hestiacp.com

+ 1 - 1
src/deb/php/php-fpm.conf
View File 

@@ -41,4 +41,4 @@ php_admin_value[upload_max_filesize] = 256M
 
 php_admin_value[max_execution_time] = 300
 
 php_admin_value[max_input_time] = 300
 
 php_admin_value[session.save_path] = /usr/local/hestia/data/sessions
 
-php_admin_value[open_basedir] = /usr/local/hestia/:/tmp/:/dev/:/home/:/etc/ssh/:/backup/
 
+php_admin_value[open_basedir] = /usr/local/hestia/:/tmp/:/dev/:/home/:/etc/ssh/:/backup/:/var/tmp/

+ 10 - 0
src/deb/php/postinst
View File 

@@ -11,6 +11,11 @@ if [ ! -e "/usr/local/hestia/data/users/admin" ]; then
 
     exit
 
 fi
 
 
+# Check if preinstall hook exists
 
+if [ -e "/etc/hestiacp/hooks/php/pre_install.sh" ]; then
 
+    /etc/hestiacp/hooks/php/pre_install.sh
 
+fi
 
+
 
 ###############################################################
 
 #                Initialize functions/variables               #
 
 ###############################################################
 
@@ -30,4 +35,9 @@ source /usr/local/hestia/install/upgrade/upgrade.conf
 
 # Restart hestia service
 
 if [ -f "/etc/init.d/hestia" ]; then
 
     systemctl restart hestia > /dev/null 2>&1
 
+fi
 
+
 
+# Check if preinstall hook exists
 
+if [ -e "/etc/hestiacp/hooks/php/post_install.sh" ]; then
 
+    /etc/hestiacp/hooks/php/post_install.sh
 
 fi

+ 19 - 0
web/add/cron/index.php
View File 

@@ -1,4 +1,5 @@
 
 <?php
 
+
 
 ob_start();
 
 $TAB = 'CRON';
 
 
@@ -69,6 +70,24 @@ if (!empty($_POST['ok'])) {
 
     }
 
 }
 
 
+if (empty($v_cmd)) {
 
+    $v_cmd = '';
 
+}
 
+if (empty($v_month)) {
 
+    $v_month = '';
 
+}
 
+if (empty($v_day)) {
 
+    $v_day = '';
 
+}
 
+if (empty($v_wday)) {
 
+    $v_wday = '';
 
+}
 
+if (empty($v_hour)) {
 
+    $v_hour = '';
 
+}
 
+if (empty($v_min)) {
 
+    $v_min = '';
 
+}
 
 // Render
 
 render_page($user, $TAB, 'add_cron');

+ 8 - 1
web/add/db/index.php
View File 

@@ -1,4 +1,5 @@
 
 <?php
 
+
 
 ob_start();
 
 $TAB = 'DB';
 
 
@@ -132,7 +133,13 @@ if (!empty($_POST['ok'])) {
 
 }
 
 
 // Get user email
 
-$v_db_email = $panel[$user]['CONTACT'];
 
+$v_db_email = '';
 
+if (empty($v_database)) {
 
+    $v_database = '';
 
+}
 
+if (empty($v_dbuser)) {
 
+    $v_dbuser = '';
 
+}
 
 
 // List avaiable database types
 
 $db_types = explode(',', $_SESSION['DB_SYSTEM']);

+ 71 - 1
web/add/dns/index.php
View File 

@@ -1,4 +1,5 @@
 
 <?php
 
+
 
 ob_start();
 
 $TAB = 'DNS';
 
 
@@ -39,6 +40,31 @@ if (!empty($_POST['ok'])) {
 
     $v_domain = escapeshellarg($v_domain);
 
     $v_domain = strtolower($v_domain);
 
     $v_ip = $_POST['v_ip'];
 
+    // Change NameServers
 
+    if (empty($_POST['v_ns1'])) {
 
+        $_POST['v_ns1'] = '';
 
+    }
 
+    if (empty($_POST['v_ns2'])) {
 
+        $_POST['v_ns2'] = '';
 
+    }
 
+    if (empty($_POST['v_ns3'])) {
 
+        $_POST['v_ns3'] = '';
 
+    }
 
+    if (empty($_POST['v_ns4'])) {
 
+        $_POST['v_ns4'] = '';
 
+    }
 
+    if (empty($_POST['v_ns5'])) {
 
+        $_POST['v_ns5'] = '';
 
+    }
 
+    if (empty($_POST['v_ns6'])) {
 
+        $_POST['v_ns6'] = '';
 
+    }
 
+    if (empty($_POST['v_ns7'])) {
 
+        $_POST['v_ns7'] = '';
 
+    }
 
+    if (empty($_POST['v_ns8'])) {
 
+        $_POST['v_ns8'] = '';
 
+    }
 
     $v_ns1 = escapeshellarg($_POST['v_ns1']);
 
     $v_ns2 = escapeshellarg($_POST['v_ns2']);
 
     $v_ns3 = escapeshellarg($_POST['v_ns3']);
 
@@ -54,8 +80,11 @@ if (!empty($_POST['ok'])) {
 
         check_return_code($return_var, $output);
 
         unset($output);
 
     }
 
+    exec(HESTIA_CMD."v-list-user ".$user." json", $output, $return_var);
 
+    $user_config = json_decode(implode('', $output), true);
 
+    unset($output);
 
+    $v_template = $user_config[$user_plain]['DNS_TEMPLATE'];
 
 
-    // Change domain template
 
     if (($v_template != $_POST['v_template']) && (empty($_SESSION['error_msg']))) {
 
         $v_template = escapeshellarg($_POST['v_template']);
 
         exec(HESTIA_CMD."v-change-dns-domain-tpl ".$user." ".$v_domain." ".$v_template." 'no'", $output, $return_var);
 
@@ -156,6 +185,30 @@ if (!empty($_POST['ok_rec'])) {
 
     }
 
 }
 
 
+if (empty($v_ns1)) {
 
+    $v_ns1 = '';
 
+}
 
+if (empty($v_ns2)) {
 
+    $v_ns2 = '';
 
+}
 
+if (empty($v_ns3)) {
 
+    $v_ns3 = '';
 
+}
 
+if (empty($v_ns4)) {
 
+    $v_ns4 = '';
 
+}
 
+if (empty($v_ns5)) {
 
+    $v_ns5 = '';
 
+}
 
+if (empty($v_ns6)) {
 
+    $v_ns6 = '';
 
+}
 
+if (empty($v_ns7)) {
 
+    $v_ns7 = '';
 
+}
 
+if (empty($v_ns8)) {
 
+    $v_ns8 = '';
 
+}
 
 
 $v_ns1 = str_replace("'", "", $v_ns1);
 
 $v_ns2 = str_replace("'", "", $v_ns2);
 
@@ -193,6 +246,11 @@ if (empty($_GET['domain'])) {
 
     if (empty($v_ns1)) {
 
         exec(HESTIA_CMD."v-list-user-ns ".$user." json", $output, $return_var);
 
         $nameservers = json_decode(implode('', $output), true);
 
+        for ($i = 0; $i < 8; $i++) {
 
+            if (empty($nameservers[$i])) {
 
+                $nameservers[$i] = '';
 
+            }
 
+        }
 
         $v_ns1 = str_replace("'", "", $nameservers[0]);
 
         $v_ns2 = str_replace("'", "", $nameservers[1]);
 
         $v_ns3 = str_replace("'", "", $nameservers[2]);
 
@@ -211,6 +269,18 @@ if (empty($_GET['domain'])) {
 
     if (empty($v_rec)) {
 
         $v_rec = '@';
 
     }
 
+    if (empty($v_type)) {
 
+        $v_type = '';
 
+    }
 
+    if (empty($v_val)) {
 
+        $v_val = '';
 
+    }
 
+    if (empty($v_priority)) {
 
+        $v_priority = '';
 
+    }
 
+    if (empty($v_ttl)) {
 
+        $v_ttl = '';
 
+    }
 
     render_page($user, $TAB, 'add_dns_rec');
 
 }

+ 7 - 0
web/add/firewall/banlist/index.php
View File 

@@ -1,4 +1,5 @@
 
 <?php
 
+
 
 ob_start();
 
 $TAB = 'FIREWALL';
 
 
@@ -54,6 +55,12 @@ if (!empty($_POST['ok'])) {
 
     }
 
 }
 
 
+if (empty($v_ip)) {
 
+    $v_ip = '';
 
+}
 
+if (empty($v_chain)) {
 
+    $v_chain = '';
 
+}
 
 // Render
 
 render_page($user, $TAB, 'add_firewall_banlist');

+ 17 - 0
web/add/firewall/index.php
View File 

@@ -1,4 +1,5 @@
 
 <?php
 
+
 
 ob_start();
 
 $TAB = 'FIREWALL';
 
 
@@ -84,6 +85,22 @@ if (!empty($_POST['ok'])) {    // Check token
 
     }
 
 }
 
 
+if (empty($v_action)) {
 
+    $v_action = '';
 
+}
 
+if (empty($v_protocol)) {
 
+    $v_protocol = '';
 
+}
 
+if (empty($v_port)) {
 
+    $v_port = '';
 
+}
 
+if (empty($v_ip)) {
 
+    $v_ip = '';
 
+}
 
+if (empty($v_comment)) {
 
+    $v_comment = '';
 
+}
 
+
 
 // Render
 
 render_page($user, $TAB, 'add_firewall');

+ 10 - 0
web/add/firewall/ipset/index.php
View File 

@@ -1,4 +1,5 @@
 
 <?php
 
+
 
 ob_start();
 
 $TAB = 'FIREWALL';
 
 
@@ -59,6 +60,15 @@ if (!empty($_POST['ok'])) {
 
         $_SESSION['ok_msg'] = _('IPSET_CREATED_OK');
 
     }
 
 }
 
+if (empty($v_ipname)) {
 
+    $v_ipname = '';
 
+}
 
+if (empty($v_datasource)) {
 
+    $v_datasource = '';
 
+}
 
+if (empty($v_ipver)) {
 
+    $v_ipver = '';
 
+}
 
 
 // Render
 
 render_page($user, $TAB, 'add_firewall_ipset');

+ 22 - 0
web/add/ip/index.php
View File 

@@ -1,4 +1,5 @@
 
 <?php
 
+
 
 ob_start();
 
 $TAB = 'IP';
 
 
@@ -87,6 +88,27 @@ exec(HESTIA_CMD."v-list-sys-users 'json'", $output, $return_var);
 
 $users = json_decode(implode('', $output), true);
 
 unset($output);
 
 
+if (empty($v_ip)) {
 
+    $v_ip = '';
 
+}
 
+if (empty($v_netmask)) {
 
+    $v_netmask = '';
 
+}
 
+if (empty($v_name)) {
 
+    $v_name = '';
 
+}
 
+if (empty($v_nat)) {
 
+    $v_nat = '';
 
+}
 
+if (empty($v_interface)) {
 
+    $v_interface = '';
 
+}
 
+if (empty($ip_status)) {
 
+    $ip_status = '';
 
+}
 
+if (empty($v_owner)) {
 
+    $v_owner = '';
 
+}
 
 // Render
 
 render_page($user, $TAB, 'add_ip');

+ 4 - 1
web/add/key/index.php
View File 

@@ -1,4 +1,5 @@
 
 <?php
 
+
 
 ob_start();
 
 session_start();
 
 $TAB = 'USER';
 
@@ -60,7 +61,9 @@ if (!empty($_POST['ok'])) {
 
         $_SESSION['ok_msg'] = _('SSH KEY created');
 
     }
 
 }
 
-
 
+if (empty($v_key)) {
 
+    $v_key = '';
 
+}
 
 render_page($user, $TAB, 'add_key');
 
 
 // Flush session messages

+ 54 - 4
web/add/mail/index.php
View File 

@@ -1,4 +1,5 @@
 
 <?php
 
+
 
 ob_start();
 
 $TAB = 'MAIL';
 
 
@@ -9,11 +10,13 @@ exec(HESTIA_CMD."v-list-sys-webmail json", $output, $return_var);
 
 $webmail_clients = json_decode(implode('', $output), true);
 
 unset($output);
 
 
-$v_domain = $_GET['domain'];
 
+if (!empty($_GET['domain'])) {
 
+    $v_domain = $_GET['domain'];
 
+}
 
 if (!empty($v_domain)) {
 
     // Set webmail alias
 
     exec(HESTIA_CMD."v-list-mail-domain ".$user." ".escapeshellarg($v_domain)." json", $output, $return_var);
 
-    if($return_var > 0){
 
+    if ($return_var > 0) {
 
         check_return_code_redirect($return_var, $output, '/list/mail/');
 
     }
 
     $data = json_decode(implode('', $output), true);
 
@@ -262,7 +265,7 @@ if (!empty($_POST['ok_acc'])) {
 
 
     // Get webmail url
 
     if (empty($_SESSION['error_msg'])) {
 
-        list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"].":");
 
+        list($hostname, $port) = explode(':', $_SERVER["HTTP_HOST"].":");
 
         $webmail = "http://".$hostname."/".$v_webmail_alias."/";
 
         if (!empty($_SESSION['WEBMAIL_ALIAS'])) {
 
             $webmail = $_SESSION['WEBMAIL_ALIAS'];
 
@@ -300,10 +303,57 @@ if (empty($_GET['domain'])) {
 
         //default is always roundcube unless it hasn't been installed. Then picks the first one in order
 
         $v_webmail  = 'roundcube';
 
     }
 
+
 
+    if (empty($_GET['accept'])) {
 
+        $_GET['accept'] = false;
 
+    }
 
+    if (empty($v_domain)) {
 
+        $v_domain = '';
 
+    }
 
+    if (empty($v_smtp_relay)) {
 
+        $v_smtp_relay = '';
 
+    }
 
+    if (empty($v_smtp_relay_user)) {
 
+        $v_smtp_relay_user = '';
 
+    }
 
+    if (empty($v_smtp_relay_password)) {
 
+        $v_smtp_relay_password = '';
 
+    }
 
+    if (empty($v_smtp_relay_host)) {
 
+        $v_smtp_relay_host = '';
 
+    }
 
+    if (empty($v_smtp_relay_port)) {
 
+        $v_smtp_relay_port = '';
 
+    }
 
+
 
+
 
     render_page($user, $TAB, 'add_mail');
 
 } else {
 
     // Display body for mail account
 
-
 
+    if (empty($v_account)) {
 
+        $v_account = '';
 
+    }
 
+    if (empty($v_quota)) {
 
+        $v_quota = '';
 
+    }
 
+    if (empty($v_rate)) {
 
+        $v_rate = '';
 
+    }
 
+    if (empty($v_blackhole)) {
 
+        $v_blackhole = '';
 
+    }
 
+    if (empty($v_fwd_only)) {
 
+        $v_fwd_only = '';
 
+    }
 
+    if (empty($v_aliases)) {
 
+        $v_aliases = '';
 
+    }
 
+    if (empty($v_send_email)) {
 
+        $v_send_email = '';
 
+    }
 
+    if (empty($v_fwd)) {
 
+        $v_fwd = '';
 
+    }
 
     $v_domain = $_GET['domain'];
 
     render_page($user, $TAB, 'add_mail_acc');
 
 }

+ 22 - 1
web/add/package/index.php
View File 

@@ -1,4 +1,5 @@
 
 <?php
 
+
 
 ob_start();
 
 $TAB = 'PACKAGE';
 
 
@@ -218,6 +219,9 @@ $shells = json_decode(implode('', $output), true);
 
 unset($output);
 
 
 // Set default values
 
+if (empty($v_package)) {
 
+    $v_package = '';
 
+}
 
 if (empty($v_web_template)) {
 
     $v_web_template = 'default';
 
 }
 
@@ -272,7 +276,24 @@ if (empty($v_ns1)) {
 
 if (empty($v_ns2)) {
 
     $v_ns2 = 'ns2.example.ltd';
 
 }
 
-
 
+if (empty($v_ns3)) {
 
+    $v_ns3 = '';
 
+}
 
+if (empty($v_ns4)) {
 
+    $v_ns4 = '';
 
+}
 
+if (empty($v_ns5)) {
 
+    $v_ns5 = '';
 
+}
 
+if (empty($v_ns6)) {
 
+    $v_ns6 = '';
 
+}
 
+if (empty($v_ns7)) {
 
+    $v_ns7 = '';
 
+}
 
+if (empty($v_ns8)) {
 
+    $v_ns8 = '';
 
+}
 
 // Render page
 
 render_page($user, $TAB, 'add_package');

+ 22 - 0
web/add/user/index.php
View File 

@@ -1,4 +1,5 @@
 
 <?php
 
+
 
 ob_start();
 
 $TAB = 'USER';
 
 
@@ -157,6 +158,27 @@ foreach ($language as $lang) {
 
 }
 
 asort($languages);
 
 
+if (empty($v_username)) {
 
+    $v_username = '';
 
+}
 
+if (empty($v_name)) {
 
+    $v_name = '';
 
+}
 
+if (empty($v_email)) {
 
+    $v_email = '';
 
+}
 
+if (empty($v_password)) {
 
+    $v_password = '';
 
+}
 
+if (empty($v_login_disabled)) {
 
+    $v_login_disabled = '';
 
+}
 
+if (empty($v_role)) {
 
+    $v_role = '';
 
+}
 
+if (empty($v_notify)) {
 
+    $v_notify = '';
 
+}
 
 // Render page
 
 render_page($user, $TAB, 'add_user');

+ 69 - 22
web/add/web/index.php
View File 

@@ -1,4 +1,5 @@
 
 <?php
 
+
 
 ob_start();
 
 $TAB = 'WEB';
 
 
@@ -65,7 +66,12 @@ if (!empty($_POST['ok'])) {
 
     }
 
 
     // Define domain aliases
 
-    $v_aliases = $_POST['v_aliases'];
 
+    if (empty($_POST['v_aliases'])) {
 
+        $v_aliases = '';
 
+    } else {
 
+        $v_aliases = $_POST['v_aliases'];
 
+    }
 
+
 
     $aliases = preg_replace("/\n/", ",", $v_aliases);
 
     $aliases = preg_replace("/\r/", ",", $aliases);
 
     $aliases = preg_replace("/\t/", ",", $aliases);
 
@@ -78,6 +84,10 @@ if (!empty($_POST['ok'])) {
 
 
 
     // Define proxy extensions
 
+    if (empty($_POST['v_proxy_ext'])) {
 
+        # not set on nginx only
 
+        $_POST['v_proxy_ext'] = '';
 
+    }
 
     $v_proxy_ext = $_POST['v_proxy_ext'];
 
     $proxy_ext = preg_replace("/\n/", ",", $v_proxy_ext);
 
     $proxy_ext = preg_replace("/\r/", ",", $proxy_ext);
 
@@ -90,25 +100,48 @@ if (!empty($_POST['ok'])) {
 
     $proxy_ext = escapeshellarg($proxy_ext);
 
 
     // Define other options
 
-    $v_elog = $_POST['v_elog'];
 
+    if (empty($_POST['v_ssl'])) {
 
+        $_POST['v_ssl'] = '';
 
+    }
 
     $v_ssl = $_POST['v_ssl'];
 
     $v_ssl_crt = $_POST['v_ssl_crt'];
 
     $v_ssl_key = $_POST['v_ssl_key'];
 
     $v_ssl_ca = $_POST['v_ssl_ca'];
 
-    $v_ssl_home = $data[$v_domain]['SSL_HOME'];
 
+    if (empty($_POST['v_letsencrypt'])) {
 
+        $_POST['v_letsencrypt'] = '';
 
+    }
 
     $v_letsencrypt = $_POST['v_letsencrypt'];
 
+    if (empty($_POST['v_stats'])) {
 
+        $_POST['v_stats'] = '';
 
+    }
 
     $v_stats = escapeshellarg($_POST['v_stats']);
 
-    $v_stats_user = $data[$v_domain]['STATS_USER'];
 
-    $v_stats_password = $data[$v_domain]['STATS_PASSWORD'];
 
+    $v_stats_user = $_POST['v_stats_user'];
 
+    $v_stats_password = $_POST['v_stats_user'];
 
     $v_custom_doc_domain = $_POST['v-custom-doc-domain'];
 
     $v_custom_doc_folder = $_POST['v-custom-doc-folder'];
 
     $v_custom_doc_root_prepath = '/home/'.$user_plain.'/web/';
 
 
+    if (empty($_POST['v_ftp'])) {
 
+        $_POST['v_ftp'] = '';
 
+    }
 
     $v_ftp = $_POST['v_ftp'];
 
+    if (empty($_POST['v_ftp_user'])) {
 
+        $_POST['v_ftp_user'] = '';
 
+    }
 
     $v_ftp_user = $_POST['v_ftp_user'];
 
+    if (empty($_POST['v_ftp_password'])) {
 
+        $_POST['v_ftp_password'] = '';
 
+    }
 
     $v_ftp_password = $_POST['v_ftp_password'];
 
+    if (empty($_POST['v_ftp_email'])) {
 
+        $_POST['v_ftp_email'] = '';
 
+    }
 
     $v_ftp_email = $_POST['v_ftp_email'];
 
+
 
     if (!empty($v_domain)) {
 
+        if (empty($v_ftp_user_prepath)) {
 
+            $v_ftp_user_prepath = '/home/'. $user_plain . "/web";
 
+        }
 
         $v_ftp_user_prepath .= $v_domain;
 
     }
 
 
@@ -116,7 +149,7 @@ if (!empty($_POST['ok'])) {
 
     $user_config = json_decode(implode('', $output), true);
 
     unset($output);
 
 
-    $v_template = $user_config[$user_plain]['TEMPLATE'];
 
+    $v_template = $user_config[$user_plain]['WEB_TEMPLATE'];
 
     $v_backend_template = $user_config[$user_plain]['BACKEND_TEMPLATE'];
 
     $v_proxy_template = $user_config[$user_plain]['PROXY_TEMPLATE'];
 
 
@@ -131,10 +164,11 @@ if (!empty($_POST['ok'])) {
 
     if ($_POST['v_proxy_ext'] != $v_proxy_ext) {
 
         $v_adv = 'yes';
 
     }
 
+
 
     if ((!empty($_POST['v_aliases'])) && ($_POST['v_aliases'] != 'www.'.$_POST['v_domain'])) {
 
         $v_adv = 'yes';
 
     }
 
-    if ((!empty($_POST['v_ssl'])) || (!empty($_POST['v_elog']))) {
 
+    if (!empty($_POST['v_ssl'])) {
 
         $v_adv = 'yes';
 
     }
 
     if ((!empty($_POST['v_ssl_crt'])) || (!empty($_POST['v_ssl_key']))) {
 
@@ -154,9 +188,11 @@ if (!empty($_POST['ok'])) {
 
     // Check advanced features
 
     if (empty($_POST['v_dns'])) {
 
         $v_dns = 'off';
 
+        $_POST['v_dns'] = '';
 
     }
 
     if (empty($_POST['v_mail'])) {
 
         $v_mail = 'off';
 
+        $_POST['v_mail'] = '';
 
     }
 
     if (empty($_POST['v_proxy'])) {
 
         $v_proxy = 'off';
 
@@ -196,15 +232,6 @@ if (!empty($_POST['ok'])) {
 
         unset($output);
 
     }
 
 
-    // Delete proxy support
 
-    if ((!empty($_SESSION['PROXY_SYSTEM'])) && ($_POST['v_proxy'] == 'off')  && (empty($_SESSION['error_msg']))) {
 
-        $ext = escapeshellarg($ext);
 
-        exec(HESTIA_CMD."v-delete-web-domain-proxy ".$user." ".escapeshellarg($v_domain)." 'no'", $output, $return_var);
 
-        check_return_code($return_var, $output);
 
-        unset($output);
 
-        $restart_web = 'yes';
 
-    }
 
-
 
     // Change template
 
     if (($v_template != $_POST['v_template']) && (empty($_SESSION['error_msg']))) {
 
         exec(HESTIA_CMD."v-change-web-domain-tpl ".$user." ".escapeshellarg($v_domain)." ".escapeshellarg($_POST['v_template'])." 'no'", $output, $return_var);
 
@@ -482,17 +509,33 @@ if (!empty($_POST['ok'])) {
 
         unset($v_ftp);
 
     }
 
 }
 
-
 
 // Define user variables
 
-$v_ftp_user_prepath = $panel[$user_plain]['HOME'] . "/web";
 
-$v_ftp_email = $panel[$user_plain]['CONTACT'];
 
+$v_aliases = '';
 
+$v_stats_user = '';
 
+$v_stats_password = '';
 
+$v_domain = '';
 
+$v_custom_doc_domain = '';
 
+$v_custom_doc_folder = '';
 
+$v_ssl = '';
 
+$v_ssl_crt = '';
 
+$v_ssl_key = '';
 
+$v_ssl_ca = '';
 
+$v_ftp_users = array();
 
+$v_letsencrypt = '';
 
+$v_ftp_pre_path_new_user = '';
 
+
 
+$v_ftp_user_prepath = '/home/'. $user_plain . "/web";
 
+$v_ftp_email = '';
 
 $v_custom_doc_root_prepath = '/home/'.$user_plain.'/web/';
 
 
-if ($_POST['v_ssl_forcessl'] != 'no') {
 
-    $v_ssl_forcessl = 'yes';
 
-} else {
 
+if (empty($_POST['v_ssl_forcessl'])) {
 
+    $v_ssl_forcessl = 'no';
 
+} elseif ($_POST['v_ssl_forcessl'] == 'no') {
 
     $v_ssl_forcessl = 'no';
 
+} else {
 
+    $v_ssl_forcessl = 'yes';
 
 }
 
+
 
 // List user package
 
 exec(HESTIA_CMD."v-list-user ".$user." json", $output, $return_var);
 
 $user_config = json_decode(implode('', $output), true);
 
@@ -534,6 +577,10 @@ $user_domains = json_decode(implode('', $output), true);
 
 $user_domains = array_keys($user_domains);
 
 unset($output);
 
 
+if (empty($_GET['accept'])) {
 
+    $_GET['accept'] = false;
 
+}
 
+
 
 // Render page
 
 render_page($user, $TAB, 'add_web');

+ 4 - 0
web/bulk/db/index.php
View File 

@@ -26,6 +26,10 @@ if ($_SESSION['userContext'] === 'admin') {
 
     switch ($action) {
 
         case 'delete': $cmd='v-delete-database';
 
             break;
 
+        case 'suspend': $cmd='v-suspend-database';
 
+            break;
 
+        case 'unsuspend': $cmd='v-unsuspend-database';
 
+            break;
 
         default: header("Location: /list/db/"); exit;
 
     }
 
 }

+ 8 - 0
web/bulk/mail/index.php
View File 

@@ -40,12 +40,20 @@ if ($_SESSION['userContext'] === 'admin') {
 
         switch ($action) {
 
             case 'delete': $cmd='v-delete-mail-domain';
 
                 break;
 
+            case 'suspend': $cmd='v-suspend-mail-domain';
 
+                break;
 
+            case 'unsuspend': $cmd='v-unsuspend-mail-domain';
 
+                break;
 
             default: header("Location: /list/mail/"); exit;
 
         }
 
     } else {
 
         switch ($action) {
 
             case 'delete': $cmd='v-delete-mail-account';
 
                 break;
 
+            case 'suspend': $cmd='v-suspend-mail-account';
 
+                break;
 
+            case 'unsuspend': $cmd='v-unsuspend-mail-account';
 
+                break;
 
             default: header("Location: /list/mail/?domain=".$domain); exit;
 
         }
 
     }

+ 11 - 0
web/bulk/web/index.php
View File 

@@ -7,6 +7,13 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
 // Check token
 
 verify_csrf($_POST);
 
 
+if (empty($_POST['domain'])) {
 
+    $_POST['domain'] = '';
 
+}
 
+if (empty($_POST['action'])) {
 
+    $_POST['action'] = '';
 
+}
 
+
 
 $domain = $_POST['domain'];
 
 $action = $_POST['action'];
 
 
@@ -26,6 +33,10 @@ if ($_SESSION['userContext'] === 'admin') {
 
     switch ($action) {
 
         case 'delete': $cmd='v-delete-web-domain';
 
             break;
 
+        case 'suspend': $cmd='v-suspend-web-domain';
 
+            break;
 
+        case 'unsuspend': $cmd='v-unsuspend-web-domain';
 
+            break;
 
         default: header("Location: /list/web/"); exit;
 
     }
 
 }

+ 3 - 6
web/delete/log/index.php
View File 

@@ -12,14 +12,14 @@ if (($_SESSION['userContext'] === "admin") && (!empty($_GET['user']))) {
 
 }
 
 
 // Clear log
 
-exec(HESTIA_CMD."v-delete-user-log ".$user." ".$output, $return_var);
 
+exec(HESTIA_CMD."v-delete-user-log ".$user, $output, $return_var);
 
 check_return_code($return_var, $output);
 
 unset($output);
 
 unset($token);
 
 
-if($return_var > 0){
 
+if ($return_var > 0) {
 
     header("Location: /list/log/");
 
-}else{
 
+} else {
 
     // Set correct page reload target
 
     if (($_SESSION['userContext'] === "admin") && (!empty($_GET['user']))) {
 
         header("Location: /list/log/?user=$user&token=$token");
 
@@ -28,9 +28,6 @@ if($return_var > 0){
 
     }
 
 }
 
 
-// Render page
 
-render_page($user, $TAB, 'list_log');
 
-
 
 // Flush session messages
 
 unset($_SESSION['error_msg']);
 
 unset($_SESSION['ok_msg']);

+ 2 - 7
web/edit/ip/index.php
View File 

@@ -21,7 +21,7 @@ if (empty($_GET['ip'])) {
 
 // List ip
 
 $v_ip = escapeshellarg($_GET['ip']);
 
 exec(HESTIA_CMD."v-list-sys-ip ".$v_ip." 'json'", $output, $return_var);
 
-check_return_code_redirect($return_var, $output,'/list/ip');
 
+check_return_code_redirect($return_var, $output, '/list/ip');
 
 $data = json_decode(implode('', $output), true);
 
 unset($output);
 
 
@@ -39,12 +39,7 @@ if ($v_ipstatus == 'dedicated') {
 
 $v_owner = $data[$v_ip]['OWNER'];
 
 $v_date = $data[$v_ip]['DATE'];
 
 $v_time = $data[$v_ip]['TIME'];
 
-$v_suspended = $data[$v_ip]['SUSPENDED'];
 
-if ($v_suspended == 'yes') {
 
-    $v_status =  'suspended';
 
-} else {
 
-    $v_status =  'active';
 
-}
 
+
 
 
 // List users
 
 exec(HESTIA_CMD."v-list-sys-users 'json'", $output, $return_var);

+ 10 - 5
web/edit/mail/index.php
View File 

@@ -23,11 +23,11 @@ $v_username = $user;
 
 // List mail domain
 
 if ((!empty($_GET['domain'])) && (empty($_GET['account']))) {
 
     $v_domain = $_GET['domain'];
 
-    
+
 
     exec(HESTIA_CMD."v-list-sys-webmail json", $output, $return_var);
 
     $webmail_clients = json_decode(implode('', $output), true);
 
     unset($output);
 
-    
+
 
     exec(HESTIA_CMD."v-list-mail-domain ".$user." ".escapeshellarg($v_domain)." json", $output, $return_var);
 
     $data = json_decode(implode('', $output), true);
 
     check_return_code_redirect($return_var, $output, '/list/mail/');
 
@@ -104,6 +104,9 @@ if ((!empty($_GET['domain'])) && (!empty($_GET['account']))) {
 
     $v_autoreply = $data[$v_account]['AUTOREPLY'];
 
     $v_suspended = $data[$v_account]['SUSPENDED'];
 
     $v_webmail_alias = $data[$v_account]['WEBMAIL_ALIAS'];
 
+    if (empty($v_send_email)) {
 
+        $v_send_email = '';
 
+    }
 
     if ($v_suspended == 'yes') {
 
         $v_status =  'suspended';
 
     } else {
 
@@ -119,6 +122,8 @@ if ((!empty($_GET['domain'])) && (!empty($_GET['account']))) {
 
         unset($output);
 
         $v_autoreply_message = $autoreply_str[$v_account]['MSG'];
 
         $v_autoreply_message=str_replace("\\n", "\n", $v_autoreply_message);
 
+    } else {
 
+        $v_autoreply_message = '';
 
     }
 
 }
 
 
@@ -127,13 +132,13 @@ if ((!empty($_GET['domain'])) && (!empty($_GET['account']))) {
 
 if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (empty($_GET['account']))) {
 
     // Check token
 
     verify_csrf($_POST);
 
-    
-    
+
 
+
 
     exec(HESTIA_CMD."v-list-mail-domain ".$user." ".escapeshellarg($v_domain)." json", $output, $return_var);
 
     $data = json_decode(implode('', $output), true);
 
     check_return_code_redirect($return_var, $output, '/list/mail/');
 
     unset($output);
 
-    
+
 
     // Delete antispam
 
     if (($v_antispam == 'yes') && (empty($_POST['v_antispam'])) && (empty($_SESSION['error_msg']))) {
 
         exec(HESTIA_CMD."v-delete-mail-domain-antispam ".$v_username." ".escapeshellarg($v_domain), $output, $return_var);

+ 40 - 8
web/edit/package/index.php
View File 

@@ -52,14 +52,46 @@ $v_bandwidth = $data[$v_package]['BANDWIDTH'];
 
 $v_shell = $data[$v_package]['SHELL'];
 
 $v_ns = $data[$v_package]['NS'];
 
 $nameservers = explode(",", $v_ns);
 
-$v_ns1 = $nameservers[0];
 
-$v_ns2 = $nameservers[1];
 
-$v_ns3 = $nameservers[2];
 
-$v_ns4 = $nameservers[3];
 
-$v_ns5 = $nameservers[4];
 
-$v_ns6 = $nameservers[5];
 
-$v_ns7 = $nameservers[6];
 
-$v_ns8 = $nameservers[7];
 
+if (empty($nameservers[0])) {
 
+    $v_ns1 = '';
 
+} else {
 
+    $v_ns1 = $nameservers[0];
 
+}
 
+if (empty($nameservers[1])) {
 
+    $v_ns2 = '';
 
+} else {
 
+    $v_ns2 = $nameservers[1];
 
+}
 
+if (empty($nameservers[2])) {
 
+    $v_ns3 = '';
 
+} else {
 
+    $v_ns3 = $nameservers[2];
 
+}
 
+if (empty($nameservers[3])) {
 
+    $v_ns4 = '';
 
+} else {
 
+    $v_ns4 = $nameservers[3];
 
+}
 
+if (empty($nameservers[4])) {
 
+    $v_ns5 = '';
 
+} else {
 
+    $v_ns5 = $nameservers[4];
 
+}
 
+if (empty($nameservers[5])) {
 
+    $v_ns6 = '';
 
+} else {
 
+    $v_ns6 = $nameservers[5];
 
+}
 
+if (empty($nameservers[6])) {
 
+    $v_ns7 = '';
 
+} else {
 
+    $v_ns7 = $nameservers[6];
 
+}
 
+if (empty($nameservers[7])) {
 
+    $v_ns8 = '';
 
+} else {
 
+    $v_ns8 = $nameservers[7];
 
+}
 
 $v_backups = $data[$v_package]['BACKUPS'];
 
 $v_date = $data[$v_package]['DATE'];
 
 $v_time = $data[$v_package]['TIME'];

+ 70 - 23
web/edit/server/index.php
View File 

@@ -146,20 +146,33 @@ if (is_array($dns_cluster)) {
 
         $v_dns_cluster = 'yes';
 
     }
 
 }
 
+if (empty($v_dns_cluster)) {
 
+    $v_dns_cluster = '';
 
+}
 
+$v_release_branch = $_SESSION['RELEASE_BRANCH'];
 
 
 // List smtp relay settings
 
 if (!empty($_SESSION['SMTP_RELAY'])) {
 
     $v_smtp_relay = $_SESSION['SMTP_RELAY'];
 
+} else {
 
+    $v_smtp_relay = '';
 
 }
 
 if (!empty($_SESSION['SMTP_RELAY_HOST'])) {
 
     $v_smtp_relay_host = $_SESSION['SMTP_RELAY_HOST'];
 
+} else {
 
+    $v_smtp_relay_host = '';
 
 }
 
 if (!empty($_SESSION['SMTP_RELAY_PORT'])) {
 
     $v_smtp_relay_port = $_SESSION['SMTP_RELAY_PORT'];
 
+} else {
 
+    $v_smtp_relay_port = '';
 
 }
 
 if (!empty($_SESSION['SMTP_RELAY_USER'])) {
 
     $v_smtp_relay_user = $_SESSION['SMTP_RELAY_USER'];
 
+} else {
 
+    $v_smtp_relay_user = '';
 
 }
 
+$v_smtp_relay_pass = '';
 
 
 // List Database hosts
 
 exec(HESTIA_CMD."v-list-database-hosts json", $output, $return_var);
 
@@ -213,6 +226,42 @@ foreach ($backup_types as $backup_type) {
 
         }
 
     }
 
 }
 
+if (empty($v_backup)) {
 
+    $v_backup = '';
 
+}
 
+if (empty($v_backup_host)) {
 
+    $v_backup_host = '';
 
+}
 
+if (empty($v_backup_type)) {
 
+    $v_backup_type = '';
 
+}
 
+if (empty($v_backup_username)) {
 
+    $v_backup_username = '';
 
+}
 
+if (empty($v_backup_password)) {
 
+    $v_backup_password = '';
 
+}
 
+if (empty($v_backup_port)) {
 
+    $v_backup_port = '';
 
+}
 
+if (empty($v_backup_bpath)) {
 
+    $v_backup_bpath = '';
 
+}
 
+if (empty($v_backup_bucket)) {
 
+    $v_backup_bucket = '';
 
+}
 
+if (empty($v_backup_application_id)) {
 
+    $v_backup_application_id = '';
 
+}
 
+if (empty($v_backup_application_key)) {
 
+    $v_backup_application_key = '';
 
+}
 
+if (empty($v_backup_remote_adv)) {
 
+    $v_backup_remote_adv = '';
 
+}
 
+if (empty($v_backup_remote_adv)) {
 
+    $v_backup_remote_adv = '';
 
+}
 
 
 // List ssl certificate info
 
 exec(HESTIA_CMD."v-list-sys-hestia-ssl json", $output, $return_var);
 
@@ -242,13 +291,13 @@ if (!empty($_POST['save'])) {
 
         unset($output);
 
         $v_hostname = $_POST['v_hostname'];
 
     }
 
-    
-    if($_SESSION['WEB_BACKEND'] == "php-fpm"){
 
+
 
+    if ($_SESSION['WEB_BACKEND'] == "php-fpm") {
 
         // Install/remove php versions
 
         if (empty($_SESSION['error_msg'])) {
 
             if (!empty($v_php_versions)) {
 
                 $post_php = $_POST['v_php_versions'];
 
-                if(empty($post_php)){
 
+                if (empty($post_php)) {
 
                     $post_php = array();
 
                 }
 
                 array_map(function ($php_version) use ($post_php) {
 
@@ -271,21 +320,21 @@ if (!empty($_POST['save'])) {
 
                             }
 
                         }
 
                     }
 
-    
+
 
                     return $php_version;
 
                 }, $v_php_versions);
 
             }
 
         }
 
-        
+
 
         if (empty($_SESSION['error_msg'])) {
 
-            if($_POST['v_php_default_version'] != DEFAULT_PHP_VERSION) {
 
+            if ($_POST['v_php_default_version'] != DEFAULT_PHP_VERSION) {
 
                 exec(HESTIA_CMD . "v-change-sys-php " . escapeshellarg($_POST['v_php_default_version']), $output, $return_var);
 
                 check_return_code($return_var, $output);
 
                 unset($output);
 
-            }   
+            }
 
         }
 
     }
 
-    
+
 
     // Change timezone
 
     if (empty($_SESSION['error_msg'])) {
 
         if (!empty($_POST['v_timezone'])) {
 
@@ -407,9 +456,8 @@ if (!empty($_POST['save'])) {
 
             check_return_code($return_var, $output);
 
             unset($output);
 
             $v_debug_mode_adv = 'yes';
 
-            
         }
 
-        if (($_POST['v_policy_user_view_suspended'] != $_SESSION['POLICY_SYSTEM_ENABLE_BACON']) && $_POST['v_experimental_features'] == "false" ) {
 
+        if (($_POST['v_policy_user_view_suspended'] != $_SESSION['POLICY_SYSTEM_ENABLE_BACON']) && $_POST['v_experimental_features'] == "false") {
 
             //disable preview mode
 
             exec(HESTIA_CMD."v-change-sys-config-value POLICY_USER_VIEW_SUSPENDED ".escapeshellarg($_POST['v_policy_user_view_suspended']), $output, $return_var);
 
             check_return_code($return_var, $output);
 
@@ -580,16 +628,6 @@ if (!empty($_POST['save'])) {
 
         }
 
     }
 
 
-    // Update release branch
 
-    if (empty($_SESSION['error_msg'])) {
 
-        if ($_POST['v_release_branch'] != $_SESSION['RELEASE_BRANCH']) {
 
-            exec(HESTIA_CMD."v-change-sys-release ".escapeshellarg($_POST['v_release_branch']), $output, $return_var);
 
-            check_return_code($return_var, $output);
 
-            unset($output);
 
-            $v_release_adv = 'yes';
 
-        }
 
-    }
 
-
 
     // Update send notification setting
 
     if (empty($_SESSION['error_msg'])) {
 
         if ($_SESSION['UPGRADE_SEND_EMAIL'] == 'true') {
 
@@ -617,6 +655,9 @@ if (!empty($_POST['save'])) {
 
         } else {
 
             $send_email_log = '';
 
         }
 
+        if (empty($_POST['v_upgrade_send_email_log'])) {
 
+            $_POST['v_upgrade_send_email_log'] = '';
 
+        }
 
         if ($_POST['v_upgrade_send_email_log'] != $send_email_log) {
 
             if ($_POST['v_upgrade_send_email_log'] == 'on') {
 
                 $_POST['v_upgrade_send_email_log'] = 'true';
 
@@ -694,6 +735,9 @@ if (!empty($_POST['save'])) {
 
 
     // Change backup path
 
     if (empty($_SESSION['error_msg'])) {
 
+        if (empty($_POST['v_backup_dir'])) {
 
+            $_POST['v_backup_dir']  = '';
 
+        }
 
         if ($_POST['v_backup_dir'] != $v_backup_dir) {
 
             /*
 
             See #1655
 
@@ -710,7 +754,7 @@ if (!empty($_POST['save'])) {
 
 
     // Add remote backup host
 
     if (empty($_SESSION['error_msg'])) {
 
-        if ((empty($v_backup_host) && empty($v_backup_bucket) && ((!empty($_POST['v_backup_host'])) || !empty($_POST['v_backup_bucket'])))) {
 
+        if (($v_backup_host == '' && $v_backup_bucket == '' && ((!empty($_POST['v_backup_host'])) || !empty($_POST['v_backup_bucket'])))) {
 
             if (in_array($_POST['v_backup_type'], array('ftp','sftp'))) {
 
                 $v_backup_host = escapeshellarg($_POST['v_backup_host']);
 
                 $v_backup_port = escapeshellarg($_POST['v_backup_port']);
 
@@ -768,7 +812,7 @@ if (!empty($_POST['save'])) {
 
 
     // Change remote backup host type
 
     if (empty($_SESSION['error_msg'])) {
 
-        if ((!empty($_POST['v_backup_host'])) && ($_POST['v_backup_type'] != $v_backup_type)) {
 
+        if ((!empty($_POST['v_backup_host'])) && ($_POST['v_backup_type'] != $v_backup_type) && $v_backup_type != '') {
 
             exec(HESTIA_CMD."v-delete-backup-host " . escapeshellarg($v_backup_type), $output, $return_var);
 
             unset($output);
 
             if (in_array($_POST['v_backup_type'], array('ftp','sftp'))) {
 
@@ -886,7 +930,7 @@ if (!empty($_POST['save'])) {
 
 
     // Delete remote backup host
 
     if (empty($_SESSION['error_msg'])) {
 
-        if (empty($_POST['v_backup_remote_adv']) && isset($v_backup_remote_adv)) {
 
+        if (empty($_POST['v_backup_remote_adv']) && $v_backup_remote_adv != '') {
 
             exec(HESTIA_CMD."v-delete-backup-host ".escapeshellarg($v_backup_type), $output, $return_var);
 
             check_return_code($return_var, $output);
 
             unset($output);
 
@@ -1068,6 +1112,9 @@ if (!empty($_POST['save'])) {
 
 
     // Change POLICY_USER_CHANGE_THEME
 
     if (empty($_SESSION['error_msg'])) {
 
+        if (empty($_POST['v_policy_user_change_theme'])) {
 
+            $_POST['v_policy_user_change_theme'] = '';
 
+        }
 
         if ($_POST['v_policy_user_change_theme'] == 'on') {
 
             $_POST['v_policy_user_change_theme'] = 'no';
 
         } else {

+ 104 - 37
web/edit/user/index.php
View File 

@@ -56,14 +56,48 @@ $v_login_use_iplist = $data[$v_username]['LOGIN_USE_IPLIST'];
 
 $v_login_allowed_ips = $data[$v_username]['LOGIN_ALLOW_IPS'];
 
 $v_ns = $data[$v_username]['NS'];
 
 $nameservers = explode(",", $v_ns);
 
-$v_ns1 = $nameservers[0];
 
-$v_ns2 = $nameservers[1];
 
-$v_ns3 = $nameservers[2];
 
-$v_ns4 = $nameservers[3];
 
-$v_ns5 = $nameservers[4];
 
-$v_ns6 = $nameservers[5];
 
-$v_ns7 = $nameservers[6];
 
-$v_ns8 = $nameservers[7];
 
+if (empty($nameservers[0])) {
 
+    $v_ns1 = '';
 
+} else {
 
+    $v_ns1 = $nameservers[0];
 
+}
 
+if (empty($nameservers[1])) {
 
+    $v_ns2 = '';
 
+} else {
 
+    $v_ns2 = $nameservers[1];
 
+}
 
+if (empty($nameservers[2])) {
 
+    $v_ns3 = '';
 
+} else {
 
+    $v_ns3 = $nameservers[2];
 
+}
 
+if (empty($nameservers[3])) {
 
+    $v_ns4 = '';
 
+} else {
 
+    $v_ns4 = $nameservers[3];
 
+}
 
+if (empty($nameservers[4])) {
 
+    $v_ns5 = '';
 
+} else {
 
+    $v_ns5 = $nameservers[4];
 
+}
 
+if (empty($nameservers[5])) {
 
+    $v_ns6 = '';
 
+} else {
 
+    $v_ns6 = $nameservers[5];
 
+}
 
+if (empty($nameservers[6])) {
 
+    $v_ns7 = '';
 
+} else {
 
+    $v_ns7 = $nameservers[6];
 
+}
 
+if (empty($nameservers[7])) {
 
+    $v_ns8 = '';
 
+} else {
 
+    $v_ns8 = $nameservers[7];
 
+}
 
+
 
+
 
 
 $v_suspended = $data[$v_username]['SUSPENDED'];
 
 if ($v_suspended == 'yes') {
 
@@ -172,7 +206,10 @@ if (!empty($_POST['save'])) {
 
 
     // Update Control Panel login disabled status (admin only)
 
     if (empty($_SESSION['error_msg'])) {
 
-        if ($_POST['v_login_disabled'] != $data[$user]['LOGIN_DISABLED']) {
 
+        if (empty($_POST['v_login_disabled'])) {
 
+            $_POST['v_login_disabled'] = '';
 
+        }
 
+        if ($_POST['v_login_disabled'] != $v_login_disabled) {
 
             if ($_POST['v_login_disabled'] == 'on') {
 
                 $_POST['v_login_disabled'] = 'yes';
 
             } else {
 
@@ -187,7 +224,10 @@ if (!empty($_POST['save'])) {
 
 
     // Update IP whitelist option
 
     if (empty($_SESSION['error_msg'])) {
 
-        if ($_POST['v_login_use_iplist'] != $data[$user]['LOGIN_USE_IPLIST']) {
 
+        if (empty($_POST['v_login_use_iplist'])) {
 
+            $_POST['v_login_use_iplist'] = '';
 
+        }
 
+        if ($_POST['v_login_use_iplist'] != $v_login_use_iplist) {
 
             if ($_POST['v_login_use_iplist'] == 'on') {
 
                 $_POST['v_login_use_iplist'] = 'yes';
 
             } else {
 
@@ -208,29 +248,37 @@ if (!empty($_POST['save'])) {
 
         }
 
     }
 
 
-    // Change package (admin only)
 
-    if (($v_package != $_POST['v_package']) && ($_SESSION['userContext'] === 'admin') && (empty($_SESSION['error_msg']))) {
 
-        $v_package = escapeshellarg($_POST['v_package']);
 
-        exec(HESTIA_CMD."v-change-user-package ".escapeshellarg($v_username)." ".$v_package, $output, $return_var);
 
-        check_return_code($return_var, $output);
 
-        unset($output);
 
-    }
 
+    if ($_SESSION['userContext'] === 'admin') {
 
+        // Change package (admin only)
 
+        if (($v_package != $_POST['v_package']) && ($_SESSION['userContext'] === 'admin') && (empty($_SESSION['error_msg']))) {
 
+            $v_package = escapeshellarg($_POST['v_package']);
 
+            exec(HESTIA_CMD."v-change-user-package ".escapeshellarg($v_username)." ".$v_package, $output, $return_var);
 
+            check_return_code($return_var, $output);
 
+            unset($output);
 
+        }
 
 
-    // Change phpcli (admin only)
 
-    if (($v_phpcli != $_POST['v_phpcli']) && ($_SESSION['userContext'] === 'admin') && (empty($_SESSION['error_msg']))) {
 
-        $v_phpcli = escapeshellarg($_POST['v_phpcli']);
 
-        exec(HESTIA_CMD."v-change-user-php-cli ".escapeshellarg($v_username)." ".$v_phpcli, $output, $return_var);
 
-        check_return_code($return_var, $output);
 
-        unset($output);
 
-    }
 
-    // Change Role (admin only)
 
-    if (($v_role != $_POST['v_role']) && ($_SESSION['userContext'] === 'admin') && $v_username != "admin" && (empty($_SESSION['error_msg']))) {
 
-        if (!empty($_POST['v_role'])) {
 
-            $v_role = escapeshellarg($_POST['v_role']);
 
-            exec(HESTIA_CMD."v-change-user-role ".escapeshellarg($v_username)." ".$v_role, $output, $return_var);
 
+        // Change phpcli (admin only)
 
+        if (($v_phpcli != $_POST['v_phpcli']) && ($_SESSION['userContext'] === 'admin') && (empty($_SESSION['error_msg']))) {
 
+            $v_phpcli = escapeshellarg($_POST['v_phpcli']);
 
+            exec(HESTIA_CMD."v-change-user-php-cli ".escapeshellarg($v_username)." ".$v_phpcli, $output, $return_var);
 
+            check_return_code($return_var, $output);
 
+            unset($output);
 
+        }
 
+        if (($v_role != $_POST['v_role']) && ($_SESSION['userContext'] === 'admin') && $v_username != "admin" && (empty($_SESSION['error_msg']))) {
 
+            if (!empty($_POST['v_role'])) {
 
+                $v_role = escapeshellarg($_POST['v_role']);
 
+                exec(HESTIA_CMD."v-change-user-role ".escapeshellarg($v_username)." ".$v_role, $output, $return_var);
 
+                check_return_code($return_var, $output);
 
+                unset($output);
 
+                $v_role = $_POST['v_role'];
 
+            }
 
+        }
 
+        // Change shell (admin only)
 
+        if (($v_shell != $_POST['v_shell']) && ($_SESSION['userContext'] === 'admin') && (empty($_SESSION['error_msg']))) {
 
+            $v_shell = escapeshellarg($_POST['v_shell']);
 
+            exec(HESTIA_CMD."v-change-user-shell ".escapeshellarg($v_username)." ".$v_shell, $output, $return_var);
 
             check_return_code($return_var, $output);
 
             unset($output);
 
-            $v_role = $_POST['v_role'];
 
         }
 
     }
 
     // Change language
 
@@ -249,13 +297,7 @@ if (!empty($_POST['save'])) {
 
         unset($output);
 
     }
 
 
-    // Change shell (admin only)
 
-    if (($v_shell != $_POST['v_shell']) && ($_SESSION['userContext'] === 'admin') && (empty($_SESSION['error_msg']))) {
 
-        $v_shell = escapeshellarg($_POST['v_shell']);
 
-        exec(HESTIA_CMD."v-change-user-shell ".escapeshellarg($v_username)." ".$v_shell, $output, $return_var);
 
-        check_return_code($return_var, $output);
 
-        unset($output);
 
-    }
 
+
 
 
     // Change contact email
 
     if (($v_email != $_POST['v_email']) && (empty($_SESSION['error_msg']))) {
 
@@ -297,6 +339,31 @@ if (!empty($_POST['save'])) {
 
     }
 
 
     // Change NameServers
 
+    if (empty($_POST['v_ns1'])) {
 
+        $_POST['v_ns1'] = '';
 
+    }
 
+    if (empty($_POST['v_ns2'])) {
 
+        $_POST['v_ns2'] = '';
 
+    }
 
+    if (empty($_POST['v_ns3'])) {
 
+        $_POST['v_ns3'] = '';
 
+    }
 
+    if (empty($_POST['v_ns4'])) {
 
+        $_POST['v_ns4'] = '';
 
+    }
 
+    if (empty($_POST['v_ns5'])) {
 
+        $_POST['v_ns5'] = '';
 
+    }
 
+    if (empty($_POST['v_ns6'])) {
 
+        $_POST['v_ns6'] = '';
 
+    }
 
+    if (empty($_POST['v_ns7'])) {
 
+        $_POST['v_ns7'] = '';
 
+    }
 
+    if (empty($_POST['v_ns8'])) {
 
+        $_POST['v_ns8'] = '';
 
+    }
 
+
 
     if (($v_ns1 != $_POST['v_ns1']) || ($v_ns2 != $_POST['v_ns2']) || ($v_ns3 != $_POST['v_ns3']) || ($v_ns4 != $_POST['v_ns4']) || ($v_ns5 != $_POST['v_ns5'])
 
  || ($v_ns6 != $_POST['v_ns6']) || ($v_ns7 != $_POST['v_ns7']) || ($v_ns8 != $_POST['v_ns8']) && (empty($_SESSION['error_msg']))) {
 
         $v_ns1 = escapeshellarg($_POST['v_ns1']);

+ 18 - 13
web/edit/web/index.php
View File 

@@ -38,9 +38,6 @@ $v_template = $data[$v_domain]['TPL'];
 
 $v_aliases = str_replace(',', "\n", $data[$v_domain]['ALIAS']);
 
 $valiases = explode(",", $data[$v_domain]['ALIAS']);
 
 
-$v_tpl = $data[$v_domain]['IP'];
 
-$v_cgi = $data[$v_domain]['CGI'];
 
-$v_elog = $data[$v_domain]['ELOG'];
 
 $v_ssl = $data[$v_domain]['SSL'];
 
 if (!empty($v_ssl)) {
 
     exec(HESTIA_CMD."v-list-web-domain-ssl ".$user." ".escapeshellarg($v_domain)." json", $output, $return_var);
 
@@ -79,11 +76,14 @@ $v_proxy_template = $data[$v_domain]['PROXY'];
 
 $v_proxy_ext = str_replace(',', ', ', $data[$v_domain]['PROXY_EXT']);
 
 $v_stats = $data[$v_domain]['STATS'];
 
 $v_stats_user = $data[$v_domain]['STATS_USER'];
 
-if (!empty($v_stats_user)) {
 
-    $v_stats_password = "";
 
-}
 
+$v_stats_password = "";
 
+
 
 $v_custom_doc_root_prepath = '/home/'.$user_plain.'/web/';
 
 
+$v_custom_doc_root = '';
 
+$v_custom_doc_domain = '';
 
+$v_custom_doc_folder = '';
 
+
 
 if (!empty($data[$v_domain]['CUSTOM_DOCROOT'])) {
 
     $v_custom_doc_root = realpath($data[$v_domain]['CUSTOM_DOCROOT']) . DIRECTORY_SEPARATOR;
 
 }
 
@@ -119,14 +119,15 @@ if (!empty($v_ftp_user)) {
 
     $v_ftp_password = "";
 
 }
 
 
-if ($v_custom_doc_domain != '') {
 
+
 
+if (isset($v_custom_doc_domain)) {
 
     $v_ftp_user_prepath = '/home/'.$user_plain.'/web/'.$v_custom_doc_domain;
 
 } else {
 
     $v_ftp_user_prepath = '/home/'.$user_plain.'/web/'.$v_domain;
 
 }
 
 
-
 
-$v_ftp_email = $panel[$user]['CONTACT'];
 
+//$v_ftp_email = $panel[$user]['CONTACT'];
 
+$v_ftp_email = '';
 
 $v_suspended = $data[$v_domain]['SUSPENDED'];
 
 if ($v_suspended == 'yes') {
 
     $v_status =  'suspended';
 
@@ -250,6 +251,9 @@ if (!empty($_POST['save'])) {
 
         }
 
 
         // Enable/Disable nginx cache
 
+        if (empty($_POST['v_nginx_cache_check'])) {
 
+            $_POST['v_nginx_cache_check'] = '';
 
+        }
 
         if (($_SESSION['WEB_SYSTEM'] == 'nginx') && ($v_nginx_cache_check != $_POST['v_nginx_cache_check']) || ($v_nginx_cache_duration != $_POST['v_nginx_cache_duration'] && $_POST['v_nginx_cache'] = "yes") && (empty($_SESSION['error_msg']))) {
 
             if ($_POST['v_nginx_cache_check'] == 'on') {
 
                 if (empty($_POST['v_nginx_cache_duration'])) {
 
@@ -847,8 +851,9 @@ if (!empty($_POST['save'])) {
 
                 $v_ftp_path = escapeshellarg(trim($v_ftp_user_data['v_ftp_path']));
 
                 if (escapeshellarg(trim($v_ftp_user_data['v_ftp_path_prev'])) != $v_ftp_path) {
 
                     exec(HESTIA_CMD."v-change-web-domain-ftp-path ".$user." ".escapeshellarg($v_domain)." ".$v_ftp_username." ".$v_ftp_path, $output, $return_var);
 
+                    check_return_code($return_var, $output);
 
+                    unset($output);
 
                 }
 
-
 
                 // Change FTP account password
 
                 if (!empty($v_ftp_user_data['v_ftp_password'])) {
 
                     $v_ftp_password = tempnam("/tmp", "vst");
 
@@ -867,9 +872,9 @@ if (!empty($_POST['save'])) {
 
                     send_email($to, $subject, $mailtext, $from, $from_name);
 
                     unset($v_ftp_email);
 
                 }
 
-                check_return_code($return_var, $output);
 
-                unset($output);
 
-
 
+                if (empty($v_ftp_user_data['v_ftp_email'])) {
 
+                    $v_ftp_user_data['v_ftp_email'] = '';
 
+                }
 
                 $v_ftp_users_updated[] = array(
 
                     'is_new'            => 0,
 
                     'v_ftp_user'        => $v_ftp_username,

+ 54 - 33
web/inc/main.php
View File 

@@ -1,11 +1,13 @@
 
 <?php
 
-
 
 session_start();
 
+
 
+
 
+
 
 use PHPMailer\PHPMailer\PHPMailer;
 
 use PHPMailer\PHPMailer\SMTP;
 
 use PHPMailer\PHPMailer\Exception;
 
 
-if(!file_exists(dirname(__FILE__).'/vendor/autoload.php')){
 
+if (!file_exists(dirname(__FILE__).'/vendor/autoload.php')) {
 
     trigger_error('Unable able to load required libaries. Please run v-add-sys-phpmailer in command line');
 
     echo 'Unable able to load required libaries. Please run v-add-sys-phpmailer in command line';
 
     exit(1);
 
@@ -14,11 +16,6 @@ if(!file_exists(dirname(__FILE__).'/vendor/autoload.php')){
 
 require 'vendor/autoload.php';
 
 
 define('HESTIA_CMD', '/usr/bin/sudo /usr/local/hestia/bin/');
 
-if ($_SESSION['RELEASE_BRANCH'] == 'release' && $_SESSION['DEBUG_MODE'] == 'false') {
 
-    define('JS_LATEST_UPDATE', 'v=' . $_SESSION['VERSION']);
 
-} else {
 
-    define('JS_LATEST_UPDATE', 'r=' . time());
 
-}
 
 define('DEFAULT_PHP_VERSION', 'php-' . exec('php -r "echo substr(phpversion(),0,3);"'));
 
 
 // Load Hestia Config directly
 
@@ -36,8 +33,10 @@ function destroy_sessions()
 
 $i = 0;
 
 
 // Saving user IPs to the session for preventing session hijacking
 
-$user_combined_ip = $_SERVER['REMOTE_ADDR'];
 
-
 
+$user_combined_ip = '';
 
+if (isset($_SERVER['REMOTE_ADDR'])) {
 
+    $user_combined_ip = $_SERVER['REMOTE_ADDR'];
 
+}
 
 if (isset($_SERVER['HTTP_CLIENT_IP'])) {
 
     $user_combined_ip .= '|' . $_SERVER['HTTP_CLIENT_IP'];
 
 }
 
@@ -96,6 +95,12 @@ if (isset($_SESSION['user'])) {
 
     }
 
 }
 
 
+if ($_SESSION['RELEASE_BRANCH'] == 'release' && $_SESSION['DEBUG_MODE'] == 'false') {
 
+    define('JS_LATEST_UPDATE', 'v=' . $_SESSION['VERSION']);
 
+} else {
 
+    define('JS_LATEST_UPDATE', 'r=' . time());
 
+}
 
+
 
 if (!defined('NO_AUTH_REQUIRED')) {
 
     if (empty($_SESSION['LAST_ACTIVITY']) || empty($_SESSION['INACTIVE_SESSION_TIMEOUT'])) {
 
         destroy_sessions();
 
@@ -117,7 +122,7 @@ if (isset($_SESSION['user'])) {
 
     $user_plain = htmlentities($_SESSION['user']);
 
 }
 
 
-if (isset($_SESSION['look']) && ($_SESSION['userContext'] === 'admin')) {
 
+if (isset($_SESSION['look']) && $_SESSION['look']  != '' && ($_SESSION['userContext'] === 'admin')) {
 
     $user = escapeshellarg($_SESSION['look']);
 
     $user_plain = htmlentities($_SESSION['look']);
 
 }
 
@@ -142,7 +147,8 @@ function check_return_code($return_var, $output)
 
         $_SESSION['error_msg'] = $error;
 
     }
 
 }
 
-function check_return_code_redirect($return_var, $output, $location){
 
+function check_return_code_redirect($return_var, $output, $location)
 
+{
 
     if ($return_var != 0) {
 
         $error = implode('<br>', $output);
 
         if (empty($error)) {
 
@@ -151,7 +157,6 @@ function check_return_code_redirect($return_var, $output, $location){
 
         $_SESSION['error_msg'] = $error;
 
         header("Location:".$location);
 
     }
 
-
 
 }
 
 
 function render_page($user, $TAB, $page)
 
@@ -163,8 +168,7 @@ function render_page($user, $TAB, $page)
 
     include($__template_dir . 'header.html');
 
 
     // Panel
 
-    top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
 
-
 
+    $panel = top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
 
     // Extract global variables
 
     // I think those variables should be passed via arguments
 
     extract($GLOBALS, EXTR_SKIP);
 
@@ -202,27 +206,29 @@ function verify_csrf($method, $return = false)
 
     }
 
 }
 
 
-function show_error_panel($data){
 
+function show_error_panel($data)
 
+{
 
+    $msg_id = '';
 
+    $msg_icon = '';
 
+    $msg_text = '';
 
     if (!empty($data['error_msg'])) {
 
         $msg_icon = 'fa-exclamation-circle status-icon red';
 
         $msg_text = htmlentities($data['error_msg']);
 
         $msg_id = 'vst-error';
 
     } else {
 
         if (!empty($data['ok_msg'])) {
 
-        $msg_icon = 'fa-check-circle status-icon green';
 
-        $msg_text = $data['ok_msg'];
 
-        $msg_id = 'vst-ok';
 
-    }
 
-    }
 
-    ?>
 
-        <span class="<?=$msg_id;?>"> <i class="fas <?=$msg_icon;?>"></i> <?=$msg_text;?></span>
 
-    <?php
 
+            $msg_icon = 'fa-check-circle status-icon green';
 
+            $msg_text = $data['ok_msg'];
 
+            $msg_id = 'vst-ok';
 
+        }
 
+    } ?>
 
+<span class="<?=$msg_id; ?>"> <i class="fas <?=$msg_icon; ?>"></i> <?=$msg_text; ?></span>
 
+<?php
 
 }
 
 
 function top_panel($user, $TAB)
 
 {
 
-    global $panel;
 
-    $command = HESTIA_CMD . 'v-list-user ' . escapeshellarg($user) . " 'json'";
 
+    $command = HESTIA_CMD . 'v-list-user ' . $user . " 'json'";
 
     exec($command, $output, $return_var);
 
     if ($return_var > 0) {
 
         destroy_sessions();
 
@@ -235,10 +241,10 @@ function top_panel($user, $TAB)
 
 
     // Log out active sessions for suspended users
 
     if (($panel[$user]['SUSPENDED'] === 'yes') && ($_SESSION['POLICY_USER_VIEW_SUSPENDED'] !== 'yes')) {
 
-        if(empty($_SESSION['look'])){
 
-        destroy_sessions();
 
-        $_SESSION['error_msg'] = _('You have been logged out. Please log in again.');
 
-        header('Location: /login/');
 
+        if (empty($_SESSION['look'])) {
 
+            destroy_sessions();
 
+            $_SESSION['error_msg'] = _('You have been logged out. Please log in again.');
 
+            header('Location: /login/');
 
         }
 
     }
 
 
@@ -285,12 +291,13 @@ function top_panel($user, $TAB)
 
     }
 
 
     include(dirname(__FILE__) . '/../templates/includes/panel.html');
 
+    return $panel;
 
 }
 
 
 function translate_date($date)
 
 {
 
-    $date = strtotime($date);
 
-    return strftime('%d &nbsp;', $date) . _(strftime('%b', $date)) . strftime(' &nbsp;%Y', $date);
 
+    $date = new DateTime($date);
 
+    return $date -> format('d').' '. _($date -> format('M')).' '.$date -> format('Y');
 
 }
 
 
 function humanize_time($usage)
 
@@ -302,15 +309,20 @@ function humanize_time($usage)
 
             $usage = number_format($usage);
 
             return sprintf(ngettext('%d day', '%d days', $usage), $usage);
 
         } else {
 
+            $usage = round($usage);
 
             return sprintf(ngettext('%d hour', '%d hours', $usage), $usage);
 
         }
 
     } else {
 
+        $usage = round($usage);
 
         return sprintf(ngettext('%d minute', '%d minutes', $usage), $usage);
 
     }
 
 }
 
 
 function humanize_usage_size($usage)
 
 {
 
+    if ($usage == 'unlimited') {
 
+        return '∞';
 
+    }
 
     if ($usage > 1024) {
 
         $usage = $usage / 1024;
 
         if ($usage > 1024) {
 
@@ -330,6 +342,10 @@ function humanize_usage_size($usage)
 
 
 function humanize_usage_measure($usage)
 
 {
 
+    if ($usage == 'unlimited') {
 
+        return 'mb';
 
+    }
 
+
 
     $measure = 'kb';
 
     if ($usage > 1024) {
 
         $usage = $usage / 1024;
 
@@ -347,6 +363,10 @@ function humanize_usage_measure($usage)
 
 
 function get_percentage($used, $total)
 
 {
 
+    if ($total = "unlimited") {
 
+        //return 0 if unlimited
 
+        return 0;
 
+    }
 
     if (!isset($total)) {
 
         $total = 0;
 
     }
 
@@ -419,10 +439,11 @@ function list_timezones()
 
         $offset_prefix = $offset < 0 ? '-' : '+';
 
         $offset_formatted = gmdate('H:i', abs($offset));
 
         $pretty_offset = "UTC${offset_prefix}${offset_formatted}";
 
-        $t = new DateTimeZone($timezone);
 
-        $c = new DateTime(null, $t);
 
+        $c = new DateTime(gmdate('Y-M-d H:i:s'), new DateTimeZone('UTC'));
 
+        $c->setTimezone(new DateTimeZone($timezone));
 
         $current_time = $c->format('H:i:s');
 
         $timezone_list[$timezone] = "$timezone [ $current_time ] ${pretty_offset}";
 
+        #$timezone_list[$timezone] = "$timezone ${pretty_offset}";
 
     }
 
     return $timezone_list;
 
 }

+ 6 - 2
web/inc/policies.php
View File 

@@ -2,9 +2,13 @@
 
 
     if ((($_SESSION['userContext'] === 'user') && ($panel[$user]['SUSPENDED'] === 'yes') && ($_SESSION['POLICY_USER_VIEW_SUSPENDED'] === 'yes')) ||
 
        (($_SESSION['userContext'] === 'admin') && ($_SESSION['look'] === 'admin') && ($_SESSION['POLICY_SYSTEM_PROTECTED_ADMIN'] === 'yes'))) {
 
-      $read_only = 'true';
 
+        $read_only = 'true';
 
+    } else {
 
+        $read_only = '';
 
     }
 
 
     if ($read_only === 'true') {
 
-      $display_mode = 'disabled';
 
+        $display_mode = 'disabled';
 
+    } else {
 
+        $display_mode = '';
 
     }

+ 32 - 23
web/inc/prevent_csrf.php
View File 

@@ -27,19 +27,22 @@
 
             die();
 
         }
 
     }
 
+
 
     function prevent_post_csrf()
 
     {
 
-        if ($_SERVER['REQUEST_METHOD']==='POST') {
 
-            $hostname = explode(':', $_SERVER['HTTP_HOST']);
 
-            $port=$hostname[1];
 
-            $hostname=$hostname[0];
 
-            if (strpos($_SERVER['HTTP_ORIGIN'], gethostname()) !== false  && in_array($port, array('443',$_SERVER['SERVER_PORT']))) {
 
-                return checkStrictness(2);
 
-            } else {
 
-                if (strpos($_SERVER['HTTP_ORIGIN'], $hostname) !== false && in_array($port, array('443',$_SERVER['SERVER_PORT']))) {
 
-                    return checkStrictness(1);
 
+        if (!empty($_SERVER['REQUEST_METHOD'])) {
 
+            if ($_SERVER['REQUEST_METHOD']==='POST') {
 
+                $hostname = explode(':', $_SERVER['HTTP_HOST']);
 
+                $port=$hostname[1];
 
+                $hostname=$hostname[0];
 
+                if (strpos($_SERVER['HTTP_ORIGIN'], gethostname()) !== false  && in_array($port, array('443',$_SERVER['SERVER_PORT']))) {
 
+                    return checkStrictness(2);
 
                 } else {
 
-                    return checkStrictness(0);
 
+                    if (strpos($_SERVER['HTTP_ORIGIN'], $hostname) !== false && in_array($port, array('443',$_SERVER['SERVER_PORT']))) {
 
+                        return checkStrictness(1);
 
+                    } else {
 
+                        return checkStrictness(0);
 
+                    }
 
                 }
 
             }
 
         }
 
@@ -47,19 +50,25 @@
 
 
     function prevent_get_csrf()
 
     {
 
-        if ($_SERVER['REQUEST_METHOD']==='GET') {
 
-            $hostname = explode(':', $_SERVER['HTTP_HOST']);
 
-            $port=$hostname[1];
 
-            $hostname=$hostname[0];
 
-            //list of possible entries route and these should never be blocked
 
-            if (in_array($_SERVER['DOCUMENT_URI'], array('/list/user/index.php', '/login/index.php','/list/web/index.php','/list/dns/index.php','/list/mail/index.php','/list/db/index.php','/list/cron/index.php','/list/backup/index.php','/reset/index.php'))) {
 
-                return true;
 
-            }
 
-            if (strpos($_SERVER['HTTP_REFERER'], gethostname()) !== false  && in_array($port, array('443',$_SERVER['SERVER_PORT']))) {
 
-                return checkStrictness(2);
 
-            } else {
 
-                if (strpos($_SERVER['HTTP_REFERER'], $hostname) !== false && in_array($port, array('443',$_SERVER['SERVER_PORT']))) {
 
-                    return checkStrictness(1);
 
+        if (!empty($_SERVER['REQUEST_METHOD'])) {
 
+            if ($_SERVER['REQUEST_METHOD']==='GET') {
 
+                $hostname = explode(':', $_SERVER['HTTP_HOST']);
 
+                $port=$hostname[1];
 
+                $hostname=$hostname[0];
 
+                //list of possible entries route and these should never be blocked
 
+                if (in_array($_SERVER['DOCUMENT_URI'], array('/list/user/index.php', '/login/index.php','/list/web/index.php','/list/dns/index.php','/list/mail/index.php','/list/db/index.php','/list/cron/index.php','/list/backup/index.php','/reset/index.php'))) {
 
+                    return true;
 
+                }
 
+                if (isset($_SERVER['HTTP_REFERER'])) {
 
+                    if (strpos($_SERVER['HTTP_REFERER'], gethostname()) !== false  && in_array($port, array('443',$_SERVER['SERVER_PORT']))) {
 
+                        return checkStrictness(2);
 
+                    } else {
 
+                        if (strpos($_SERVER['HTTP_REFERER'], $hostname) !== false && in_array($port, array('443',$_SERVER['SERVER_PORT']))) {
 
+                            return checkStrictness(1);
 
+                        } else {
 
+                            return checkStrictness(0);
 
+                        }
 
+                    }
 
                 } else {
 
                     return checkStrictness(0);
 
                 }

+ 5 - 4
web/list/log/auth/index.php
View File 

@@ -1,4 +1,5 @@
 
 <?php
 
+
 
 ob_start();
 
 $TAB = 'LOG';
 
 
@@ -7,13 +8,13 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
 
 // Edit as someone else?
 
 if (($_SESSION['userContext'] === 'admin') && (isset($_SESSION['look']))) {
 
-    $v_username = escapeshellarg($_SESSION['look']);
 
-} else if (($_SESSION['userContext'] === 'admin') && (!empty($_GET['user']))) {
 
+    $user = escapeshellarg($_SESSION['look']);
 
+} elseif (($_SESSION['userContext'] === 'admin') && (!empty($_GET['user']))) {
 
     $user = escapeshellarg($_GET['user']);
 
 }
 
 
 exec(HESTIA_CMD."v-list-user-auth-log ".$user." json", $output, $return_var);
 
-check_return_code_redirect($return_var,$outoput, '/');
 
+check_return_code_redirect($return_var, $output, '/');
 
 
 $data = json_decode(implode('', $output), true);
 
 $data = array_reverse($data);
 
@@ -24,4 +25,4 @@ render_page($user, $TAB, 'list_log_auth');
 
 
 // Flush session messages
 
 unset($_SESSION['error_msg']);
 
-unset($_SESSION['ok_msg']);
 
+unset($_SESSION['ok_msg']);

+ 6 - 0
web/list/log/index.php
View File 

@@ -1,5 +1,8 @@
 
 <?php
 
 
+if (empty($_GET['user'])) {
 
+    $_GET['user'] = '';
 
+}
 
 if ($_GET['user'] === 'system') {
 
     $TAB = 'SERVER';
 
 } else {
 
@@ -27,6 +30,9 @@ check_error($return_var);
 
 $data = json_decode(implode('', $output), true);
 
 $data = array_reverse($data);
 
 unset($output);
 
+if (empty($_SESSION['look'])) {
 
+    $_SESSION['look'] = '';
 
+}
 
 
 // Render page
 
 render_page($user, $TAB, 'list_log');

+ 7 - 4
web/list/rrd/index.php
View File 

@@ -6,19 +6,22 @@ $TAB = 'RRD';
 
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
 
 // Check user
 
-if ($_SESSION['userContext'] != 'admin')  {
 
+if ($_SESSION['userContext'] != 'admin') {
 
     header('Location: /list/user');
 
     exit;
 
 }
 
 
 // Data
 
-exec (HESTIA_CMD."v-list-sys-rrd json", $output, $return_var);
 
+exec(HESTIA_CMD."v-list-sys-rrd json", $output, $return_var);
 
 $data = json_decode(implode('', $output), true);
 
 unset($output);
 
 
-$period=$_GET['period'];
 
-if (!in_array($period, array('daily', 'weekly', 'monthly', 'yearly'))) {
 
+if (empty($_GET['period'])) {
 
     $period = 'daily';
 
+} elseif (!in_array($_GET['period'], array('daily', 'weekly', 'monthly', 'yearly'))) {
 
+    $period = 'daily';
 
+} else {
 
+    $period = $_GET['period'];
 
 }
 
 
 // Render page

+ 21 - 16
web/login/index.php
View File 

@@ -1,4 +1,5 @@
 
 <?php
 
+
 
 define('NO_AUTH_REQUIRED', true);
 
 // Main include
 
 
@@ -36,7 +37,7 @@ if (isset($_SESSION['user'])) {
 
                 unset($_SESSION['_sf2_attributes']);
 
                 unset($_SESSION['_sf2_meta']);
 
                 header('Location: /login/');
 
-            }else{
 
+            } else {
 
                 # User doesn't exists
 
                 header('Location: /');
 
             }
 
@@ -60,17 +61,17 @@ if (isset($_SESSION['user'])) {
 
         unset($output);
 
 
         // Determine package features and land user at the first available page
 
-        if ($data[$user]['WEB_DOMAINS'] !== '0') {
 
+        if ($data[$user_plain]['WEB_DOMAINS'] !== '0') {
 
             header('Location: /list/web/');
 
-        } elseif ($data[$user]['DNS_DOMAINS'] !== '0') {
 
+        } elseif ($data[$user_plain]['DNS_DOMAINS'] !== '0') {
 
             header('Location: /list/dns/');
 
-        } elseif ($data[$user]['MAIL_DOMAINS'] !== '0') {
 
+        } elseif ($data[$user_plain]['MAIL_DOMAINS'] !== '0') {
 
             header('Location: /list/mail/');
 
-        } elseif ($data[$user]['DATABASES'] !== '0') {
 
+        } elseif ($data[$user_plain]['DATABASES'] !== '0') {
 
             header('Location: /list/db/');
 
-        } elseif ($data[$user]['CRON_JOBS'] !== '0') {
 
+        } elseif ($data[$user_plain]['CRON_JOBS'] !== '0') {
 
             header('Location: /list/cron/');
 
-        } elseif ($data[$user]['BACKUPS'] !== '0') {
 
+        } elseif ($data[$user_plain]['BACKUPS'] !== '0') {
 
             header('Location: /list/backup/');
 
         } else {
 
             header('Location: /error/');
 
@@ -108,12 +109,12 @@ function authenticate_user($user, $password, $twofa = '')
 
         $pam = json_decode(implode('', $output), true);
 
         if ($return_var > 0) {
 
             sleep(2);
 
-            if($return_var == 5){
 
-                $error = '<a class="error">' . _('Account has been suspended') . '</a>';   
-            }elseif($return_var == 1){
 
-                $error = '<a class="error">' . _('Unsupported hash method') . '</a>';     
-            }else{
 
-                $error = '<a class="error">' . _('Invalid username or password') . '</a>';    
+            if ($return_var == 5) {
 
+                $error = '<a class="error">' . _('Account has been suspended') . '</a>';
 
+            } elseif ($return_var == 1) {
 
+                $error = '<a class="error">' . _('Unsupported hash method') . '</a>';
 
+            } else {
 
+                $error = '<a class="error">' . _('Invalid username or password') . '</a>';
 
             }
 
             return $error;
 
         } else {
 
@@ -279,10 +280,14 @@ function authenticate_user($user, $password, $twofa = '')
 
         return false;
 
     }
 
 }
 
-if (preg_match('/^[[:alnum:]][-|\.|_[:alnum:]]{0,28}[[:alnum:]]$/', $_POST['user'])) {
 
-    $_SESSION['login']['username'] = $_POST['user'];
 
-} else {
 
+if (empty($_POST['user'])) {
 
     $user = '';
 
+} else {
 
+    if (preg_match('/^[[:alnum:]][-|\.|_[:alnum:]]{0,28}[[:alnum:]]$/', $_POST['user'])) {
 
+        $_SESSION['login']['username'] = $_POST['user'];
 
+    } else {
 
+        $user = '';
 
+    }
 
 }
 
 if (!empty($_SESSION['login']['username']) && !empty($_SESSION['login']['password']) && !empty($_POST['twofa'])) {
 
     $error = authenticate_user($_SESSION['login']['username'], $_SESSION['login']['password'], $_POST['twofa']);

+ 6 - 20
web/templates/pages/add_package.html
View File 

@@ -124,10 +124,7 @@
 
 												<?php
 
 													foreach ($web_templates as $key => $value) {
 
 														echo "\t\t\t\t<option value=\"".htmlentities($value)."\"";
 
-														if ((!empty($v_web_template)) && ( $value == $v_web_template)){
 
-															echo ' selected' ;
 
-														}
 
-														if ((!empty($v_web_template)) && ( $value == $_POST['v_web_template'])){
 
+														if ((!empty($v_web_template)) && ( $value == trim($v_web_template, "'"))){
 
 															echo ' selected' ;
 
 														}
 
 														echo ">".htmlentities($value)."</option>\n";
 
@@ -147,11 +144,9 @@
 
 												<select class="vst-list" name="v_backend_template">
 
 													<?php
 
 														foreach ($backend_templates as $key => $value) {
 
+														echo $v_backend_template;
 
 															echo "\t\t\t\t<option value=\"".$value."\"";
 
-															if ((!empty($v_backend_template)) && ( $value == $v_backend_template)){
 
-																echo ' selected' ;
 
-															}
 
-															if ((!empty($v_backend_template)) && ( $value == $_POST['v_backend_template'])){
 
+															if ((!empty($v_backend_template)) && ( $value == trim($v_backend_template, "'"))){
 
 																echo ' selected' ;
 
 															}
 
 															echo ">".htmlentities($value)."</option>\n";
 
@@ -173,10 +168,7 @@
 
 													<?php
 
 														foreach ($proxy_templates as $key => $value) {
 
 															echo "\t\t\t\t<option value=\"".htmlentities($value)."\"";
 
-															if ((!empty($v_proxy_template)) && ( $value == $v_proxy_template)){
 
-																echo ' selected' ;
 
-															}
 
-															if ((!empty($v_proxy_template)) && ( $value == $_POST['v_proxy_template'])){
 
+															if ((!empty($v_proxy_template)) && ( $value == trim($v_proxy_template, "'"))){
 
 																echo ' selected' ;
 
 															}
 
 															echo ">".htmlentities($value)."</option>\n";
 
@@ -209,10 +201,7 @@
 
 												<?php
 
 													foreach ($dns_templates as $key => $value) {
 
 														echo "\t\t\t\t<option value=\"".htmlentities($value)."\"";
 
-														if ((!empty($v_dns_template)) && ( $value == $v_dns_template)){
 
-															echo ' selected' ;
 
-														}
 
-														if ((!empty($v_dns_template)) && ( $value == $_POST['v_dns_template'])){
 
+														if ((!empty($v_dns_template)) && ( $value == trim($v_dns_template, "'"))){
 
 															echo ' selected' ;
 
 														}
 
 														echo ">".htmlentities($value)."</option>\n";
 
@@ -409,10 +398,7 @@
 
 												<?php
 
 													foreach ($shells as $key => $value) {
 
 														echo "\t\t\t\t<option value=\"".htmlentities($value)."\"";
 
-														if ((!empty($v_shell)) && ( $value == $v_shell)){
 
-															echo ' selected' ;
 
-														}
 
-														if ((!empty($v_shell)) && ( $value == $_POST['v_shell'])){
 
+														if ((!empty($v_shell)) && ( $value == trim($v_shell,"''"))){
 
 															echo ' selected' ;
 
 														}
 
 														echo ">".htmlentities($value)."</option>\n";

+ 1 - 1
web/templates/pages/add_user.html
View File 

@@ -93,7 +93,7 @@
 
 						</tr>
 
 						<tr>
 
 							<td>
 
-								<label><input type="checkbox" size="20" class="vst-checkbox" onclick="javascript:elementHideShow('send-welcome');" name="v_login_disabled" <?php if ($data[$user_plain]['LOGIN_DISABLED'] == "yes") echo "checked=yes" ?>><?=_('Do not allow user to log in to Control Panel');?></label>
 
+								<label><input type="checkbox" size="20" class="vst-checkbox" onclick="javascript:elementHideShow('send-welcome');" name="v_login_disabled" <?php if ($v_login_disabled == "yes") echo "checked=yes" ?>><?=_('Do not allow user to log in to Control Panel');?></label>
 
 							</td>
 
 						</tr>
 
 						<tr id="send-welcome">

+ 6 - 5
web/templates/pages/add_web.html
View File 

@@ -42,7 +42,8 @@
 
 								<?php show_error_panel($_SESSION);?>
 
 							</td>
 
 						</tr>
 
-						<?php if (($user_plain == 'admin') && (($_GET['accept'] !== "true")))  {?>
 
+						<?php 
+						if (($user_plain == 'admin') && (($_GET['accept'] !== "true")))  {?>
 
 							<tr>
 
 								<td class="step-top">
 
 									<span class="alert alert-danger alert-with-icon">
 
@@ -93,19 +94,19 @@
 
 								<td class="input-label"></td>
 
 							</tr>
 
 							<?php if ((isset($_SESSION['DNS_SYSTEM'])) && (!empty($_SESSION['DNS_SYSTEM']))) {?>
 
-								<?php if($panel[$user]['DNS_DOMAINS'] != "0") { ?>
 
+								<?php if($panel[$user_plain]['DNS_DOMAINS'] != "0") { ?>
 
 									<tr>
 
 										<td class="vst-text input-label">
 
-											<label><input type="checkbox" size="20" class="vst-checkbox" name="v_dns" <?php if (empty($v_dns)&&$panel[$user]['DNS_DOMAINS'] != "0") ?>><?=_('DNS Support');?></label>
 
+											<label><input type="checkbox" size="20" class="vst-checkbox" name="v_dns" <?php if (empty($v_dns)&&$panel[$user_plain]['DNS_DOMAINS'] != "0") ?>><?=_('DNS Support');?></label>
 
 										</td>
 
 									</tr>
 
 								<?php } ?>
 
 							<?php } ?>
 
 							<?php if ((isset($_SESSION['IMAP_SYSTEM'])) && (!empty($_SESSION['IMAP_SYSTEM']))) {?>
 
-								<?php if($panel[$user]['MAIL_DOMAINS'] != "0") { ?>
 
+								<?php if($panel[$user_plain]['MAIL_DOMAINS'] != "0") { ?>
 
 									<tr>
 
 										<td class="vst-text input-label">
 
-											<label><input type="checkbox" size="20" class="vst-checkbox" name="v_mail" <?php if (empty($v_mail)&&$panel[$user]['MAIL_DOMAINS'] != "0") ?>><?=_('Mail Support');?></label>
 
+											<label><input type="checkbox" size="20" class="vst-checkbox" name="v_mail" <?php if (empty($v_mail)&&$panel[$user_plain]['MAIL_DOMAINS'] != "0") ?>><?=_('Mail Support');?></label>
 
 										</td>
 
 									</tr>
 
 								<?php } ?>

+ 1 - 1
web/templates/pages/edit_ip.html
View File 

@@ -15,7 +15,7 @@
 
 
 <div class="l-center animated fadeIn">
 
 
-	<form id="vstobjects" name="v_edit_ip" method="post" class="<?=$v_status?>">
 
+	<form id="vstobjects" name="v_edit_ip" method="post">
 
 		<input type="hidden" name="token" value="<?=$_SESSION['token']?>" />
 
 		<input type="hidden" name="save" value="save" />

+ 1 - 1
web/templates/pages/edit_mail.html
View File 

@@ -113,7 +113,7 @@
 
 								<table>
 
 									<tr>
 
 										<td class="input-label vst-text">
 
-											<label><input type="checkbox" size="20" class="vst-checkbox" name="v_letsencrypt" onclick="javascript:elementHideShow('ssl-details');App.Actions.MAIL.toggle_letsencrypt(this);" <?php if($v_letsencrypt == 'yes' || $v_letencrypt == 'on') echo "checked=yes" ?>"><?=_('Lets Encrypt Support');?></label>
 
+											<label><input type="checkbox" size="20" class="vst-checkbox" name="v_letsencrypt" onclick="javascript:elementHideShow('ssl-details');App.Actions.MAIL.toggle_letsencrypt(this);" <?php if($v_letsencrypt == 'yes' || $v_letsencrypt == 'on') echo "checked=yes" ?>"><?=_('Lets Encrypt Support');?></label>
 
 										</td>
 
 									</tr>
 
 									<tr id="le-warning" class="step-top">

+ 5 - 17
web/templates/pages/edit_package.html
View File 

@@ -126,10 +126,7 @@
 
 												<?php
 
 													foreach ($web_templates as $key => $value) {
 
 														echo "\t\t\t\t<option value=\"".htmlentities($value)."\"";
 
-														if ((!empty($v_web_template)) && ( $value == $v_web_template)){
 
-															echo ' selected' ;
 
-														}
 
-														if ((!empty($v_web_template)) && ( $value == $_POST['v_web_template'])){
 
+														if ((!empty($v_web_template)) && ( $value == trim($v_web_template, "'"))){
 
 															echo ' selected' ;
 
 														}
 
 														echo ">".htmlentities($value)."</option>\n";
 
@@ -150,10 +147,7 @@
 
 													<?php
 
 															foreach ($backend_templates as $key => $value) {
 
 																echo "\t\t\t\t<option value=\"".$value."\"";
 
-																if ((!empty($v_backend_template)) && ( $value == $v_backend_template)){
 
-																	echo ' selected' ;
 
-																}
 
-																if ((!empty($v_backend_template)) && ( $value == $_POST['v_backend_template'])){
 
+																if ((!empty($v_backend_template)) && ( $value == trim($v_backend_template, "'"))){
 
 																	echo ' selected' ;
 
 																}
 
 																echo ">".htmlentities($value)."</option>\n";
 
@@ -175,10 +169,7 @@
 
 													<?php
 
 															foreach ($proxy_templates as $key => $value) {
 
 																echo "\t\t\t\t<option value=\"".htmlentities($value)."\"";
 
-																if ((!empty($v_proxy_template)) && ( $value == $v_proxy_template)){
 
-																	echo ' selected' ;
 
-																}
 
-																if ((!empty($v_proxy_template)) && ( $value == $_POST['v_proxy_template'])){
 
+																if ((!empty($v_proxy_template)) && ( $value == trim($v_proxy_template, "'"))){
 
 																	echo ' selected' ;
 
 																}
 
 																echo ">".htmlentities($value)."</option>\n";
 
@@ -215,7 +206,7 @@
 
 														if ((!empty($v_dns_template)) && ( $value == $v_dns_template)){
 
 															echo ' selected' ;
 
 														}
 
-														if ((!empty($v_dns_template)) && ( $value == $_POST['v_dns_template'])){
 
+														if ((!empty($v_dns_template)) && ( $value == trim($v_dns_template, "'"))){
 
 															echo ' selected' ;
 
 														}
 
 														echo ">".htmlentities($value)."</option>\n";
 
@@ -412,10 +403,7 @@
 
 												<?php
 
 													foreach ($shells as $key => $value) {
 
 														echo "\t\t\t\t<option value=\"".htmlentities($value)."\"";
 
-														if ((!empty($v_shell)) && ( $value == $v_shell)){
 
-															echo ' selected' ;
 
-														}
 
-														if ((!empty($v_shell)) && ( $value == $_POST['v_shell'])){
 
+														if ((!empty($v_shell)) && ( $value == trim($v_shell, "'"))){
 
 															echo ' selected' ;
 
 														}
 
 														echo ">".htmlentities($value)."</option>\n";

+ 2 - 11
web/templates/pages/edit_server.html
View File 

@@ -80,9 +80,6 @@
 
 														if ((!empty($v_timezone)) && ( $key == $v_timezone)){
 
 															echo ' selected' ;
 
 														}
 
-														if ((!empty($v_timezone)) && ( $key == $_POST['v_timezone'])){
 
-															echo ' selected' ;
 
-														}
 
 														echo ">".$value."</option>\n";
 
 													}
 
 												?>
 
@@ -101,10 +98,7 @@
 
 												<?php
 
 													foreach ($theme as $key => $value) {
 
 														echo "\t\t\t\t<option value=\"".$value."\"";
 
-														if ((!empty($_SESSION['THEME'])) && ( $value == $_SESSION['THEME'])){
 
-															echo ' selected' ;
 
-														}
 
-														if ((!empty($_SESSION['THEME'])) && ( $value == $_POST['v_theme'])){
 
+														if (($value == $_SESSION['THEME'])){
 
 															echo ' selected' ;
 
 														}
 
 														echo ">".$value."</option>\n";
 
@@ -129,9 +123,6 @@
 
 												<?php
 
 													foreach ($languages as $key => $value) {
 
 														echo "\n\t\t\t\t\t\t\t\t\t<option value=\"".$key."\"";
 
-														if ( $key == $v_language ){
 
-															echo 'selected' ;
 
-														}
 
 														if (( $key == $_SESSION['LANGUAGE'] && (empty($v_language)) )) {
 
 															echo 'selected' ;
 
 														}
 
@@ -521,7 +512,7 @@
 
 												<td>
 
 													<select class="vst-list" name="v_phpmyadmin_key" <?php if ($_SESSION['API'] != 'yes'){ echo "disabled"; }?>>
 
 														<option value='no'><?=_('Disabled'); ?></option>
 
-														<option value='yes' <?php if($_POST['v_phpmyadmin_key'] == "yes" || $_SESSION['PHPMYADMIN_KEY'] != ''){ echo 'selected="selected"'; }; ?>><?=_('Enabled'); ?></option>
 
+														<option value='yes' <?php if($_SESSION['PHPMYADMIN_KEY'] != ''){ echo 'selected="selected"'; }; ?>><?=_('Enabled'); ?></option>
 
 													</select>
 
 													<br />
 
 													<br />

+ 6 - 11
web/templates/pages/edit_user.html
View File 

@@ -135,12 +135,12 @@
 
 									<?php if ($_SESSION['userContext'] === 'admin') {?>
 
 										<tr>
 
 											<td>
 
-												<label><input type="checkbox" size="20" class="vst-checkbox" onclick="javascript:elementHideShow('password-options');elementHideShow('password-options-ip');" name="v_login_disabled" <?php if ($data[$user_plain]['LOGIN_DISABLED'] == "yes") echo "checked=yes" ?>><?=_('Do not allow user to log in to Control Panel');?></label>
 
+												<label><input type="checkbox" size="20" class="vst-checkbox" onclick="javascript:elementHideShow('password-options');elementHideShow('password-options-ip');" name="v_login_disabled" <?php if ($v_login_disabled === "yes") echo "checked=yes" ?>><?=_('Do not allow user to log in to Control Panel');?></label>
 
 											</td>
 
 										</tr>
 
 									<?php } ?>
 
 									<tr>
 
-										<td id="password-options" style="<?php if ($data[$user_plain]['LOGIN_DISABLED'] == "yes") { echo 'display: none;'; } else { echo 'display: table-cell;'; }?>">
 
+										<td id="password-options" style="<?php if ($v_login_disabled === 'yes') { echo 'display: none;'; } else { echo 'display: table-cell;'; }?>">
 
 											<label><input type="checkbox" class="vst-checkbox password-option" name="v_twofa" <?php if(!empty($v_twofa)) echo "checked=yes" ?>><?=_('Enable 2FA');?></label>
 
 											<?php if (!empty($v_twofa)) { ?>
 
 											<p><?=_('2FA Reset Code:').' '.$v_twofa; ?></br></p>
 
@@ -150,13 +150,13 @@
 
 										</td>
 
 									</tr>
 
 									<tr>
 
-										<td id="password-options-ip" style="<?php if ($data[$user_plain]['LOGIN_DISABLED'] == "yes") { echo 'display: none;'; } else { echo 'display: table-cell;'; }?>">
 
+										<td id="password-options-ip" style="<?php if ($v_login_disabled === 'yes') { echo 'display: none;'; } else { echo 'display: table-cell;'; }?>">
 
 											<label><input type="checkbox" size="20" class="vst-checkbox" onclick="javascript:elementHideShow('ip-allowlist')" name="v_login_use_iplist" <?php if ($data[$user]['LOGIN_USE_IPLIST'] === "yes") echo "checked=yes" ?>><?=_('Use IP address allow list for login attempts');?></label>
 
 										</td>
 
 									</tr>
 
 									<tr>
 
 										<td>
 
-											<table id="ip-allowlist" style="<?php if ($data[$user_plain]['LOGIN_USE_IPLIST'] === 'yes') { echo 'display: table-cell;'; } else { echo 'display: none;'; } ?>">
 
+											<table id="ip-allowlist" style="<?php if ($v_login_use_iplist === 'yes') { echo 'display: table-cell;'; } else { echo 'display: none;'; } ?>">
 
 												<tr>
 
 													<td>
 
 														<input type="text" size="20" class="vst-input" placeholder="<?=_('Example: 127.0.0.1,192.168.1.100');?>" name="v_login_allowed_ips" value="<?=htmlentities(trim($v_login_allowed_ips, "'"))?>">
 
@@ -229,9 +229,6 @@
 
 											if ((empty($v_user_theme) && (!empty($_SESSION['THEME']))) && ( $value == $_SESSION['THEME'] )) {
 
 												echo ' selected' ;
 
 											}
 
-											if ((!empty($_SESSION['userTheme'])) && ( $value == $_POST['v_user_theme'])){
 
-												echo ' selected' ;
 
-											}
 
 											echo ">".$value."</option>\n";
 
 										}
 
 									?>
 
@@ -239,7 +236,6 @@
 
 							</td>
 
 						</tr>
 
 						<?php } ?>
 
-						<?php if ($_GET['user'] === $_SESSION['user']) { ?>
 
 							<tr>
 
 								<td class="vst-text input-label">
 
 									<?=_('Default list sort order');?>
 
@@ -248,12 +244,11 @@
 
 							<tr>
 
 								<td>
 
 									<select class="vst-list" name="v_sort_order">
 
-										<option value='date' <?php if($_SESSION['userSortOrder'] === 'date') echo 'selected' ?>><?=_('Date'); ?></option>
 
-										<option value='name' <?php if($_SESSION['userSortOrder'] === 'name') echo 'selected' ?>><?=_('Name'); ?></option>
 
+										<option value='date' <?php if($v_sort_order === 'date') echo 'selected' ?>><?=_('Date'); ?></option>
 
+										<option value='name' <?php if($v_sort_order === 'name') echo 'selected' ?>><?=_('Name'); ?></option>
 
 									</select>
 
 								</td>
 
 								</tr>
 
-						<?php } ?>
 
 						<?php if ($_SESSION['userContext'] === 'admin') {?>
 
 							<tr>
 
 								<td class="vst-text input-label">

+ 1 - 1
web/templates/pages/edit_web.html
View File 

@@ -211,7 +211,7 @@
 
 								<table style="display:<?php if ($v_ssl == 'no' ) { echo 'none';} else {echo 'block';}?> ;" id="ssltable">
 
 									<tr>
 
 										<td class="input-label vst-text">
 
-											<label><input type="checkbox" size="20" class="vst-checkbox" name="v_letsencrypt" id="letsencrypt" <?php if($v_letsencrypt == 'yes' || $v_letencrypt == 'on') echo "checked=yes" ?> onclick="elementHideShow('letsinfo');App.Actions.WEB.toggle_letsencrypt(this)"><?=_('Lets Encrypt Support');?></label>
 
+											<label><input type="checkbox" size="20" class="vst-checkbox" name="v_letsencrypt" id="letsencrypt" <?php if($v_letsencrypt == 'yes' || $v_letsencrypt == 'on') echo "checked=yes" ?> onclick="elementHideShow('letsinfo');App.Actions.WEB.toggle_letsencrypt(this)"><?=_('Lets Encrypt Support');?></label>
 
 										</td>
 
 									</tr>
 
 									<tr>

+ 1 - 1
web/templates/pages/list_backup.html
View File 

@@ -75,7 +75,7 @@
 
 			if (!empty($data[$key]['CRON'])) $cron = _('yes');
 
 			if (!empty($data[$key]['UDIR'])) $udir = _('yes');
 
 		?>
 
-		<div class="l-unit<?php if($status == 'suspended') echo ' l-unit--outdated';?> animated fadeIn">
 
+		<div class="l-unit animated fadeIn">
 
 			<div class="l-unit__col l-unit__col--right">
 
 				<div>
 
 					<div class="clearfix l-unit__stat-col--left super-compact">

+ 2 - 3
web/templates/pages/list_cron.html
View File 

@@ -92,9 +92,8 @@
 
 				$spnd_confirmation = _('SUSPEND_CRON_CONFIRMATION') ;
 
 			}
 
 		?>
 
-		<div class="l-unit <?php if($status == 'suspended') echo 'l-unit--suspended'; if($_SESSION['favourites']['CRON'][$key] == 1) echo ' l-unit--starred'; ?> animated fadeIn" v_unit_id="<?=$key?>" v_section="cron"
 
-			sort-date="<?=strtotime($data[$key]['DATE'].' '.$data[$key]['TIME'])?>" sort-name="<?=htmlspecialchars($data[$key]['CMD'], ENT_NOQUOTES)?>"
 
-			sort-star="<?php if($_SESSION['favourites']['CRON'][$key] == 1) echo '1'; else echo '0';  ?>">
 
+		<div class="l-unit <?php if($status == 'suspended') echo 'l-unit--suspended'; ?> animated fadeIn" v_unit_id="<?=$key?>" v_section="cron"
 
+			sort-date="<?=strtotime($data[$key]['DATE'].' '.$data[$key]['TIME'])?>" sort-name="<?=htmlspecialchars($data[$key]['CMD'], ENT_NOQUOTES)?>">
 
 			<div class="l-unit__col l-unit__col--right">
 
 				<div class="clearfix l-unit__stat-col--left super-compact">
 
 					<input id="check<?=$i ?>" class="ch-toggle" type="checkbox" title="<?=_('Select');?>" name="job[]" value="<?=$key?>" <?=$display_mode;?>>

+ 4 - 4
web/templates/pages/list_db.html
View File 

@@ -61,9 +61,9 @@
 
 										<option value=""><?=_('apply to selected');?></option>
 
 										<?php if ($_SESSION['userContext'] === 'admin') {?>
 
 											<option value="rebuild"><?=_('rebuild');?></option>
 
+											<option value="suspend"><?=_('suspend');?></option>
 
+											<option value="unsuspend"><?=_('unsuspend');?></option>
 
 										<?php } ?>
 
-										<option value="suspend"><?=_('suspend');?></option>
 
-										<option value="unsuspend"><?=_('unsuspend');?></option>
 
 										<option value="delete"><?=_('delete');?></option>
 
 									</select>
 
 								</div>
 
@@ -120,9 +120,9 @@
 
 			if ($data[$key]['TYPE'] == 'pgsql') $db_admin_link = "https://".$http_host."/phppgadmin/";
 
 			if (($data[$key]['TYPE'] == 'pgsql') && (!empty($_SESSION['DB_PGA_ALIAS']))) $db_admin_link = $_SESSION['DB_PGA_ALIAS'];
 
 		?>
 
-		<div class="l-unit <?php if($status == 'suspended') echo 'l-unit--suspended'; if($_SESSION['favourites']['DB'][$key] == 1) echo ' l-unit--starred'; ?> animated fadeIn" v_unit_id="<?=$key?>" v_section="db"
 
+		<div class="l-unit <?php if($status == 'suspended') echo 'l-unit--suspended'; ?> animated fadeIn" v_unit_id="<?=$key?>" v_section="db"
 
 			sort-date="<?=strtotime($data[$key]['DATE'].' '.$data[$key]['TIME'])?>" sort-name="<?=$key?>" sort-disk="<?=$data[$key]['U_DISK']?>"
 
-			sort-user="<?=$data[$key]['DBUSER']?>" sort-server="<?=$data[$key]['HOST']?>" sort-charset="<?=$data[$key]['CHARSET']?>" sort-star="<?php if($_SESSION['favourites']['DB'][$key] == 1) echo '1'; else echo '0'; ?>">
 
+			sort-user="<?=$data[$key]['DBUSER']?>" sort-server="<?=$data[$key]['HOST']?>" sort-charset="<?=$data[$key]['CHARSET']?>">
 
 			<div class="l-unit__col l-unit__col--right">
 
 				<div>
 
 					<div class="clearfix l-unit__stat-col--left super-compact">

+ 2 - 2
web/templates/pages/list_dns.html
View File 

@@ -92,9 +92,9 @@
 
 				$spnd_confirmation = _('SUSPEND_DOMAIN_CONFIRMATION');
 
 			}
 
 		?>
 
-		<div class="l-unit <?php if ($status == 'suspended') echo ' l-unit--suspended'; if($_SESSION['favourites']['DNS'][$key] == 1) echo ' l-unit--starred'; ?> animated fadeIn" v_unit_id="<?=htmlentities($key);?>"
 
+		<div class="l-unit <?php if ($status == 'suspended') echo ' l-unit--suspended'; ?> animated fadeIn" v_unit_id="<?=htmlentities($key);?>"
 
 			v_section="dns" sort-ip="<?=str_replace('.', '', $data[$key]['IP'])?>" sort-date="<?=strtotime($data[$key]['DATE'].' '.$data[$key]['TIME'])?>" sort-name="<?=htmlentities($key);?>"
 
-			sort-expire="<?=strtotime($data[$key]['EXP'])?>" sort-records="<?=(int)$data[$key]['RECORDS']?>" sort-star="<?php if ($_SESSION['favourites']['DNS'][$key] == 1) echo '1'; else echo '0';?>">
 
+			sort-expire="<?=strtotime($data[$key]['EXP'])?>" sort-records="<?=(int)$data[$key]['RECORDS']?>">
 
 			<div class="l-unit__col l-unit__col--right">
 
 				<div class="clearfix l-unit__stat-col--left super-compact">
 
 					<input id="check<?=$i ?>" class="ch-toggle" type="checkbox" title="<?=_('Select');?>" name="domain[]" value="<?=$key?>" <?=$display_mode;?>>

+ 12 - 1
web/templates/pages/list_dns_rec.html
View File 

@@ -79,8 +79,19 @@
 
 	<?php
 
 		foreach ($data as $key => $value) {
 
 			++$i;
 
+			if ($data[$key]['SUSPENDED'] == 'yes') {
 
+				$status = 'suspended';
 
+				$spnd_action = 'unsuspend';
 
+				$spnd_icon = 'fa-play';
 
+				$spnd_confirmation = _('UNSUSPEND_DOMAIN_CONFIRMATION');
 
+			} else {
 
+				$status = 'active';
 
+				$spnd_action = 'suspend';
 
+				$spnd_icon = 'fa-pause';
 
+				$spnd_confirmation = _('SUSPEND_DOMAIN_CONFIRMATION');
 
+			}
 
 		?>
 
-		<div class="l-unit<?php if ($status == 'suspended') echo ' l-unit--suspended'; if($_SESSION['favourites']['DNS_REC'][$key] == 1) echo ' l-unit--starred';?> animated fadeIn"
 
+		<div class="l-unit<?php if ($status == 'suspended') echo ' l-unit--suspended';?> animated fadeIn"
 
 			v_unit_id="<?=htmlentities($key);?>" v_section="dns_rec" sort-date="<?=strtotime($data[$key]['DATE'].' '.$data[$key]['TIME'])?>" sort-record="<?=$data[$key]['RECORD']?>" sort-type="<?=$data[$key]['TYPE']?>" sort-ttl="<?=$data[$key]['TTL']?>" sort-value="<?=$data[$key]['VALUE']?>">
 
 			<div class="l-unit__col l-unit__col--right">
 
 				<div class="clearfix l-unit__stat-col--left super-compact">

+ 2 - 2
web/templates/pages/list_firewall.html
View File 

@@ -74,9 +74,9 @@
 
 				$spnd_confirmation = _('SUSPEND_RULE_CONFIRMATION') ;
 
 			}
 
 		?>
 
-		<div class="l-unit<?php if ($status == 'suspended') echo ' l-unit--suspended'; if($_SESSION['favourites']['FIREWALL'][$key] == 1) echo ' l-unit--starred'; ?> animated fadeIn" v_unit_id="<?=$key?>" v_section="firewall"
 
+		<div class="l-unit<?php if ($status == 'suspended') echo ' l-unit--suspended';?> animated fadeIn" v_unit_id="<?=$key?>" v_section="firewall"
 
 			sort-action="<?=$data[$key]['ACTION']?>" sort-protocol="<?=$data[$key]['PROTOCOL']?>" sort-port="<?=$data[$key]['PORT']?>"
 
-			sort-ip="<?=str_replace('.', '', $data[$key]['IP'])?>" sort-comment="<?=$data[$key]['COMMENT']?>" sort-star="<?php if ($_SESSION['favourites']['FIREWALL'][$key] == 1) echo '1'; else echo '2'; ?>">
 
+			sort-ip="<?=str_replace('.', '', $data[$key]['IP'])?>" sort-comment="<?=$data[$key]['COMMENT']?>">
 
 			<div class="l-unit__col l-unit__col--right">
 
 				<div>
 
 					<div class="clearfix l-unit__stat-col--left super-compact">

+ 2 - 2
web/templates/pages/list_firewall_banlist.html
View File 

@@ -47,9 +47,9 @@
 
 	<?php
 
 		foreach ($data as $key => $value) {
 
 			++$i;
 
-			list($ip,$chain) = explode(":",$key);
 
+			$ip = $key;
 
 		?>
 
-		<div class="l-unit<?php if ($status == 'suspended') echo ' l-unit--suspended';?> animated fadeIn">
 
+		<div class="l-unit animated fadeIn">
 
 			<div class="l-unit__col l-unit__col--right">
 
 				<div class="clearfix l-unit__stat-col--left super-compact">
 
 					<input id="check<?=$i ?>" class="ch-toggle" type="checkbox" title="<?=_('Select');?>" name="ipchain[]" value="<?=$ip . ':' . $value['CHAIN'] ?>">

+ 2 - 8
web/templates/pages/list_firewall_ipset.html
View File 

@@ -47,15 +47,9 @@
 
 	<!-- Begin firewall IP address list item loop -->
 
 	<?php
 
 		foreach ($data as $key => $value) {
 
-			++$i;
 
-			if ($data[$key]['SUSPENDED'] == 'yes') {
 
-				$status = 'suspended';
 
-			} else {
 
-				$status = 'active';
 
-			}
 
-			list($listname, $chain) = explode(":", $key);
 
+			$listname = $key;
 
 		?>
 
-		<div class="l-unit<?php if ($status == 'suspended') echo ' l-unit--suspended';?> animated fadeIn">
 
+		<div class="l-unit animated fadeIn">
 
 			<div class="l-unit__col l-unit__col--right">
 
 				<div class="clearfix l-unit__stat-col--left super-compact">
 
 					<input id="check<?=$i ?>" class="ch-toggle" type="checkbox" title="<?=_('Select');?>" name="setname[]" value="<?=$listname ?>">

+ 2 - 2
web/templates/pages/list_ip.html
View File 

@@ -64,10 +64,10 @@
 
 		foreach ($data as $key => $value) {
 
 			++$i;
 
 		?>
 
-		<div class="l-unit <?php if ($data[$key]['SUSPENDED'] == 'yes') echo 'l-unit--suspended'; if($_SESSION['favourites']['IP'][$key] == 1) echo ' l-unit--starred'; ?> animated fadeIn" v_unit_id="<?=$key?>"
 
+		<div class="l-unit animated fadeIn" v_unit_id="<?=$key?>"
 
 			v_section="ip" sort-ip="<?=str_replace('.', '', $key)?>" sort-date="<?=strtotime($data[$key]['DATE'] .' '. $data[$key]['TIME'] )?>"
 
 			sort-netmask="<?=str_replace('.', '', $data[$key]['NETMASK'])?>" sort-interface="<?=$data[$key]['INTERFACE']?>" sort-domains="<?=$data[$key]['U_WEB_DOMAINS']?>"
 
-			sort-owner="<?=$data[$key]['OWNER']?>" sort-star="<?php if ($_SESSION['favourites']['IP'][$key] == 1) echo '1'; else echo '0'; ?>">
 
+			sort-owner="<?=$data[$key]['OWNER']?>">
 
 
 			<div class="l-unit__col l-unit__col--right">
 
 				<div class="clearfix l-unit__stat-col--left super-compact">

+ 2 - 2
web/templates/pages/list_mail.html
View File 

@@ -137,9 +137,9 @@
 
 				$data[$key]['CATCHALL'] = '/dev/null';
 
 			}
 
 		?>
 
-		<div class="l-unit <?php if ($status == 'suspended') echo 'l-unit--suspended'; if($_SESSION['favourites']['MAIL'][$key] == 1) echo ' l-unit--starred'; ?> animated fadeIn" v_unit_id="<?=$key?>" v_section="mail"
 
+		<div class="l-unit <?php if ($status == 'suspended') echo 'l-unit--suspended'; ?> animated fadeIn" v_unit_id="<?=$key?>" v_section="mail"
 
 			sort-date="<?=strtotime($data[$key]['DATE'].' '.$data[$key]['TIME'])?>" sort-name="<?=$key?>" sort-disk="<?=$data[$key]['U_DISK']?>"
 
-			sort-accounts="<?=$data[$key]['ACCOUNTS']?>" sort-star="<?php if ($_SESSION['favourites']['MAIL'][$key] == 1) echo " 1"; else echo "0" ; ?>">
 
+			sort-accounts="<?=$data[$key]['ACCOUNTS']?>">
 
 			<div class="l-unit__col l-unit__col--right">
 
 				<div>
 
 					<div class="clearfix l-unit__stat-col--left super-compact">

+ 2 - 3
web/templates/pages/list_mail_acc.html
View File 

@@ -126,10 +126,9 @@
 
 				}
 
 			}
 
 		?>
 
-		<div class="l-unit <?php if ($status == 'suspended') echo 'l-unit--suspended'; if($_SESSION['favourites']['MAIL_ACC'][$key." @".$_GET['domain']]==1) echo ' l-unit--starred' ; ?> animated fadeIn"
 
+		<div class="l-unit <?php if ($status == 'suspended') echo 'l-unit--suspended';?> animated fadeIn"
 
 			v_unit_id="<?=$key."@".htmlentities($_GET['domain']);?>" v_section="mail_acc" sort-date="<?=strtotime($data[$key]['DATE'].' '.$data[$key]['TIME'])?>" sort-name="<?=$key?>" sort-disk="<?=$data[$key]['U_DISK']?>"
 
-			sort-quota="<?=$data[$key]['QUOTA']?>" sort-star="
 
-			<?php if ($_SESSION['favourites']['MAIL_ACC'][$key."@".$_GET['domain']] == 1) echo '1'; else echo '0'; ?>">
 
+			sort-quota="<?=$data[$key]['QUOTA']?>" >
 
 			<div class="l-unit__col l-unit__col--right">
 
 				<div class="clearfix l-unit__stat-col--left super-compact">
 
 					<input id="check<?=$i ?>" class="ch-toggle" type="checkbox" title="<?=_('Select');?>" name="account[]" value="<?=$key?>" <?=$display_mode;?>>

+ 2 - 2
web/templates/pages/list_packages.html
View File 

@@ -69,9 +69,9 @@
 
 		foreach ($data as $key => $value) {
 
 			++$i;
 
 		?>
 
-		<div class="l-unit  <?php if ($status == 'suspended') echo 'l-unit--suspended'; if($_SESSION['favourites']['USER'][$key] == 1) echo ' l-unit--starred';?> animated fadeIn" v_section="user"
 
+		<div class="l-unit animated fadeIn" v_section="user"
 
 			v_unit_id="<?=$key?>" sort-date="<?=strtotime($data[$key]['DATE'].' '.$data[$key]['TIME'])?>" sort-name="<?=$key?>"
 
-			sort-bandwidth="<?=$data[$key]['U_BANDWIDTH']?>" sort-disk="<?=$data[$key]['U_DISK']?>" sort-star="<?php if ($_SESSION['favourites']['USER'][$key] == 1) echo '1'; else echo '0'; ?>">
 
+			sort-bandwidth="<?=$data[$key]['BANDWIDTH']?>" sort-disk="<?=$data[$key]['DISK_QUOTA']?>">
 
 			<div class="l-unit__col l-unit__col--right">
 
 				<div class="clearfix l-unit__stat-col--left super-compact">
 
 					<input id="check<?=$i?>" class="ch-toggle" type="checkbox" title="<?=_('Select');?>" name="user[]" value="<?=$key?>">

+ 2 - 2
web/templates/pages/list_services.html
View File 

@@ -147,10 +147,10 @@
 
 							<a href="/edit/server/<? echo $edit_url ?>/" title="<?=_('edit');?>"><i class="fas fa-pencil-alt status-icon orange status-icon dim icon-large"></i></a>
 
 						</div>
 
 						<div class="actions-panel__col actions-panel__stop shortcut-s" key-action="js">
 
-							<a id="<?=$spnd_action ?>_link_<?=$i?>" class="data-controls do_servicerestart" title="<?=_('restart');?>">
 
+							<a id="restart_link_<?=$i?>" class="data-controls do_servicerestart" title="<?=_('restart');?>">
 
 								<i class="do_servicerestart data-controls fas fa-undo status-icon highlight status-icon dim icon-large"></i>
 
 								<input type="hidden" name="servicerestart_url" value="/restart/service/?srv=<?=$key?>&token=<?=$_SESSION['token']?>" />
 
-								<div id="<?=$spnd_action?>_dialog_<?=$i?>" class="confirmation-text-servicerestart hidden" title="<?=_('Confirmation');?>">
 
+								<div id="restart_link_dialog_<?=$i?>" class="confirmation-text-servicerestart hidden" title="<?=_('Confirmation');?>">
 
 									<p class="confirmation"><?=sprintf(_('RESTART_CONFIRMATION'),$key); ?></p>
 
 								</div>
 
 							</a>

+ 3 - 2
web/templates/pages/list_stats.html
View File 

@@ -63,7 +63,7 @@
 
 		++$i;
 
 		?>
 
 		<div class="header animated fadeIn">
 
-			<div class="l-unit <?php if ($_COOKIE['stats-'.sha1($key)] == 1) echo ' l-unit--starred';?>" uniq-id="stats-<?=sha1($key)?>">
 
+			<div class="l-unit">
 
 				<div class="l-unit-toolbar clearfix">
 
 					<div class="l-unit-toolbar__col l-unit-toolbar__col--left">
 
 					</div>
 
@@ -77,7 +77,8 @@
 
 				</div>
 
 				<div class="l-unit__col l-unit__col--right">
 
 					<div class="l-unit__name separate">
 
-						<?=_(strftime("%b", strtotime($key))).strftime(" %Y", strtotime($key))?>
 
+						<?php $date = new DateTime($key);
 
+						echo _($date -> format('M')) .' '.$date -> format('Y');?>
 
 					</div>
 
 					<div class="l-unit__stats">
 
 						<table>

+ 2 - 2
web/templates/pages/list_user.html
View File 

@@ -99,9 +99,9 @@
 
 				$spnd_confirmation = _('SUSPEND_USER_CONFIRMATION');
 
 			}
 
 		?>
 
-		<div class="l-unit <?php if ($status == 'suspended') echo 'l-unit--suspended'; if($_SESSION['favourites']['USER'][$key] == 1) echo ' l-unit--starred';?> animated fadeIn" v_section="user"
 
+		<div class="l-unit <?php if ($status == 'suspended') echo 'l-unit--suspended';?> animated fadeIn" v_section="user"
 
 			v_unit_id="<?=$key?>" sort-date="<?=strtotime($data[$key]['DATE'].' '.$data[$key]['TIME'])?>" sort-name="<?=strtolower($key)?>"
 
-			sort-bandwidth="<?=$data[$key]['U_BANDWIDTH']?>" sort-disk="<?=$data[$key]['U_DISK']?>" sort-star="<?php if ($_SESSION['favourites']['USER'][$key] == 1) echo '1'; else echo '0'; ?>">
 
+			sort-bandwidth="<?=$data[$key]['U_BANDWIDTH']?>" sort-disk="<?=$data[$key]['U_DISK']?>">
 
 			<div class="l-unit__col l-unit__col--right" style="<?php if (($_SESSION['POLICY_SYSTEM_HIDE_ADMIN'] === 'yes') && ($_SESSION['user'] !== 'admin') && ($key === 'admin')) { echo 'display: none';} else {echo 'display: table-cell';}?>">
 
 				<div class="clearfix l-unit__stat-col--left super-compact">
 
 					<input id="check<?=$i?>" class="ch-toggle" type="checkbox" title="<?=_('Select');?>" name="user[]" value="<?=$key?>">

+ 2 - 2
web/templates/pages/list_web.html
View File 

@@ -165,10 +165,10 @@
 
 					}
 
 				}
 
 			?>
 
-			<div class="l-unit <?php if ($data[$key]['SUSPENDED'] == 'yes') echo 'l-unit--suspended'; if($_SESSION['favourites']['WEB'][$key] == 1) echo ' l-unit--starred'; ?> animated fadeIn" v_section="web" v_unit_id="<?=$key?>"
 
+			<div class="l-unit <?php if ($data[$key]['SUSPENDED'] == 'yes') echo 'l-unit--suspended';?> animated fadeIn" v_section="web" v_unit_id="<?=$key?>"
 
 				id="web-unit-<?=$i?>" sort-ip="<?=str_replace('.', '', $data[$key]['IP'])?>"
 
 				sort-date="<?=strtotime($data[$key]['DATE'].' '.$data[$key]['TIME'])?>"
 
-				sort-name="<?=$key?>" sort-bandwidth="<?=$data[$key]['U_BANDWIDTH']?>" sort-disk="<?=$data[$key]['U_DISK']?>" sort-star="<?php if ($_SESSION['WEB'][$key] == 1) echo '1'; else echo '0';?>">
 
+				sort-name="<?=$key?>" sort-bandwidth="<?=$data[$key]['U_BANDWIDTH']?>" sort-disk="<?=$data[$key]['U_DISK']?>">
 
 				<div class="l-unit__col l-unit__col--right">
 
 					<div class="clearfix l-unit__stat-col--left super-compact">
 
 						<input id="check<?=$i?>" class="ch-toggle" type="checkbox" title="<?=_('Select');?>" name="domain[]" value="<?=$key?>" <?=$display_mode;?>>