Staging/1.6.9 (#2952)

* Fix issue with incorrect merge

* Fix bug v-change-web-domain-name

* Fix Quick installer issues (#2921)

* Some rare cases version might be empty

* Remove debug info

* If admin is not created status is not set

* Return correct status code

* Fix docuwiki installer

Install dir got changed due to new version

* Update to 2022-07-31a

See CVE-2022-3123

* Update opencart

* Use correct folder

* Update prestashop

* Fix few small bugs related to host ssl (#2922)

* Fix issue when ssl for domain allready exists

It seems USER_DATA was not properly loaded

root@dev:/usr/local/hestia/ssl# v-add-letsencrypt-host
cat: /usr/local/hestia/data/users//user.conf: No such file or directory
grep: /usr/local/hestia/data/users//web.conf: No such file or directory
grep: /usr/local/hestia/data/users//web.conf: No such file or directory
grep: /usr/local/hestia/data/users//web.conf: No such file or directory
Error: nginx restart failed
Error: nginx restart failed
Error: Let's Encrypt SSL creation failed

* No need to restart web / proxy service

Only Hestia, mail and ftp get updated

* Fix bug for modphp setups

* Merge pull request #2924 from jaapmarcus/fix/allow-more-chars-for-name

is_name_format_valid is only used for the name

* Merge pull request #2925 from hestiacp/jaapmarcus-patch-1

When restart is not set it should reload instead restart

* 2788 [Bug] Quick install Wordpress other languages then EN (#2818)

* Update changelog [CI SKIP]

[CI SKIP]

* updated jquery to v3.6.1 (#2932)

* Update changelog

* Fix #2943 for release branch

* Update changelog

* Update version

* Quick installer: Use the MediaWiki 1.38.4 (#2948)

See https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/thread/DMQKMFSH4K7KLBXWZTDBGI2PWLLHJHJZ/

* Add support for Kurdish Sorani

@qezwan

* php version bump

* Add check if email is valid (#2944)

* Allow the use of (#2951)

v-add-remote-dns-host dev.xxxx.xxx 8083 'xxxxxxxx' '' '' "newuser"

* Add support for Kurdish Sorani (#2945)

@qezwan

* Fix v-add-backup-host for sftp servers with different login prompt (#2950)

* Fix v-add-backup-host for sftp server that outputs different password prompt

On FreeBSD hosted sftp server, the password prompt looks something like this: "Password for: user@host:". This case was not handled so far.

* Fix sftp backup procedure for servers with different login prompt

* Update changelog

* Small changes Changelog

[skip_ci]

* Update versions

Co-authored-by: Raphael <rs@scit.ch>
Co-authored-by: Alber Khan <39749258+4183r@users.noreply.github.com>
Co-authored-by: Zoran Dori <zorandori4444@gmail.com>
Co-authored-by: Ice Lake <30789544+istiak101@users.noreply.github.com>

CHANGELOG.md

@@ -1,6 +1,28 @@
 # Changelog
 All notable changes to this project will be documented in this file.
 
+## [1.6.9] - Service release 
+
+- Fixed an issue when Installing Wordpress in a non english locale (#2788 #2818)
+- Reload Nginx on purging fast cgi cache (#2925)
+- Update max number of chars allowed for name (#2924)
+- Fixed few small issues with Lets Encypt for hostname (#2922)
+- Fixed few issues with Quick installers (#2921)
+- Fixed an issue with v-change-web-domain-name
+- Update sync-dns-cluster role to run v-delete-dns-domain (#2943)
+- Fixed issue with connection with sftp server running FreeBSD (#2950 @gdarko)
+- Add support for Kurdish Sorani (#2945 @qezwan)
+- Small improvements in syntax for v-add-remote-dns-host (#2951)
+- Check if email is valid for PHPMailer (#2944)
+
+### Dependencies
+
+- Update Dokuwiki to stable_2022-07-31a
+- Update Opencart to 4.0.1.11
+- Update Prestashop to 1.7.8.7
+- Update Jquery on login pages to 3.6.1 (#2932 @4183r)
+- Update hestia-php to 8.1.11
+
 ## [1.6.8] - Service release 
 
 ### Features 

README.md

@@ -2,7 +2,7 @@
 
 [Hestia Control Panel](https://www.hestiacp.com/)
 ==================================================
-**Latest stable release:** Version 1.6.8 | [View Changelog](https://github.com/hestiacp/hestiacp/blob/release/CHANGELOG.md) | [![Build Status](https://drone.hestiacp.com/api/badges/hestiacp/hestiacp/status.svg?ref=refs/heads/main)](https://drone.hestiacp.com/hestiacp/hestiacp) <br>
+**Latest stable release:** Version 1.6.9 | [View Changelog](https://github.com/hestiacp/hestiacp/blob/release/CHANGELOG.md) | [![Build Status](https://drone.hestiacp.com/api/badges/hestiacp/hestiacp/status.svg?ref=refs/heads/main)](https://drone.hestiacp.com/hestiacp/hestiacp) <br>
 
 **Web:** [www.hestiacp.com](https://www.hestiacp.com/)<br>
 **Documentation:** [docs.hestiacp.com](https://docs.hestiacp.com/)<br>

bin/v-add-backup-host

@@ -58,7 +58,12 @@ sftpc() {
                 send "$password\r"
                 exp_continue
             }
-
+            
+            -re "Password for (.*)@(.*)" {
+                send "$password\r"
+                exp_continue
+            }
+            
             -re "Couldn't|(.*)disconnect|(.*)stalled|(.*)not found" {
                 set count \$argc
                 set output "Disconnected."

bin/v-add-letsencrypt-host

@@ -32,6 +32,16 @@ source_conf "$HESTIA/conf/hestia.conf"
 # Perform verification if read-only mode is enabled
 check_hestia_demo_mode
 
+# Argument definition
+domain=$(hostname -f);
+if [ -z $domain ]; then 
+    domain=$HOSTNAME;
+fi
+user="$($HESTIA/bin/v-search-domain-owner "$domain" web)"
+[[ -z "$user" ]] && user="admin"
+
+USER_DATA=$HESTIA/data/users/$user
+
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#

bin/v-add-remote-dns-host

@@ -25,7 +25,7 @@ hash=$user
 HASH=$user
 password=$4; HIDE=4
 PASSWORD=$password
-type=${5-api}
+type=${5}
 TYPE="$type"
 dns_user=${6-dns-cluster}
 DNS_USER=$dns_user
@@ -44,6 +44,11 @@ source_conf "$HESTIA/conf/hestia.conf"
 #                    Verifications                         #
 #----------------------------------------------------------#
 
+if [ -z "$type" ]; then
+    type='api'
+    TYPE="$type"
+fi
+
 args_usage='HOST PORT USER [PASSWORD] [TYPE] [DNS_USER]'
 check_args '3' "$#" "$args_usage"
 is_format_valid 'host' 'port' 'dns_user'

bin/v-change-web-domain-name

@@ -112,6 +112,7 @@ fi
 
 # Delete backend
 if [ -n "$BACKEND" ]; then
+    prepare_web_backendv
     delete_web_backend
 fi
 

bin/v-list-sys-php

@@ -67,11 +67,18 @@ csv_list() {
 
 declare -a versions;
 # List through /etc/php
-for version in /etc/php/*/fpm; do
-    ver=$(echo "$version" | awk -F"/" '{ print $4 }');
-    versions+=("$ver")
-done
-
+if [ -n "$WEB_BACKEND" ]; then
+    for version in /etc/php/*/fpm; do
+        ver=$(echo "$version" | awk -F"/" '{ print $4 }');
+        versions+=("$ver")
+    done
+else
+    # Fix for modphp
+    for version in /etc/php/*/cli; do
+        ver=$(echo "$version" | awk -F"/" '{ print $4 }');
+        versions+=("$ver")
+    done
+fi
 # Listing data
 case $format in
     json)   json_list ;;

bin/v-purge-nginx-cache

@@ -62,7 +62,7 @@ fi
 #----------------------------------------------------------#
 
 # Restart services if requested
-if [ -n "$restart" ]; then
+if [ "$restart" != "no" ]; then
     $BIN/v-restart-web "$restart"
     check_result $? "Web restart failed" > /dev/null
 fi

bin/v-update-host-certificate

@@ -80,8 +80,6 @@ if [ -z "$UPDATE_HOSTNAME_SSL" ]; then
 fi
 
 # Restart services
-$BIN/v-restart-web "updatessl"
-$BIN/v-restart-proxy "updatessl"
 $BIN/v-restart-mail
 $BIN/v-restart-ftp
 $BIN/v-restart-service "hestia"

func/backup.sh

@@ -207,7 +207,12 @@ sftpc() {
                 send "$PASSWORD\r"
                 exp_continue
             }
-
+            
+            -re "Password for (.*)@(.*)" {
+                send "$password\r"
+                exp_continue
+            }
+            
             -re "Couldn't|(.*)disconnect|(.*)stalled|(.*)not found" {
                 set count \$argc
                 set output "Disconnected."

func/main.sh

@@ -1068,7 +1068,7 @@ is_cron_format_valid() {
 
 # Name validator
 is_name_format_valid() {
-    if ! [[ "$1" =~ ^[[:alnum:]][-|\ |\.|_[:alnum:]]{0,28}[[:alnum:]]$ ]]; then
+    if ! [[ "$1" =~ ^[-|\ |\.|_[:alnum:]]{0,50}$ ]]; then
         check_result "$E_INVALID" "invalid $2 format :: $1"
     fi
 }

install/deb/api/sync-dns-cluster

@@ -1,2 +1,2 @@
 ROLE='admin'
-COMMANDS='v-list-users,v-list-sys-config,v-list-user,v-add-cron-restart-job,v-delete-dns-domains-src,v-insert-dns-domain,v-insert-dns-record,v-insert-dns-records,v-rebuild-dns-domains,v-rebuild-dns-domain,v-delete-dns-record,v-make-tmp-file,v-insert-dns-domain'
+COMMANDS='v-list-users,v-list-sys-config,v-list-user,v-add-cron-restart-job,v-delete-dns-domains-src,v-insert-dns-domain,v-insert-dns-record,v-insert-dns-records,v-rebuild-dns-domains,v-rebuild-dns-domain,v-delete-dns-record,v-make-tmp-file,v-insert-dns-domain,v-delete-dns-domain'

install/hst-install-debian.sh

@@ -31,7 +31,7 @@ HESTIA_INSTALL_DIR="$HESTIA/install/deb"
 VERBOSE='no'
 
 # Define software versions
-HESTIA_INSTALL_VER='1.6.8'
+HESTIA_INSTALL_VER='1.6.9'
 # Dependencies
 multiphp_v=("5.6" "7.0" "7.1" "7.2" "7.3" "7.4" "8.0" "8.1")
 fpm_v="8.0"
@@ -133,7 +133,7 @@ set_default_lang() {
     if [ -z "$lang" ]; then
         eval lang=$1
     fi
-    lang_list="ar az bg bn bs cs da de el en es fa fi fr hr hu id it ja ka ko nl no pl pt pt-br ro ru sk sr sv th tr uk ur vi zh-cn zh-tw"
+    lang_list="ar az bg bn bs ckb cs da de el en es fa fi fr hr hu id it ja ka ko nl no pl pt pt-br ro ru sk sr sv th tr uk ur vi zh-cn zh-tw"
     if ! (echo $lang_list |grep -w $lang > /dev/null 2>&1); then
         eval lang=$1
     fi

install/hst-install-ubuntu.sh

@@ -31,7 +31,7 @@ HESTIA_INSTALL_DIR="$HESTIA/install/deb"
 VERBOSE='no'
 
 # Define software versions
-HESTIA_INSTALL_VER='1.6.8'
+HESTIA_INSTALL_VER='1.6.9'
 # Dependencies
 multiphp_v=("5.6" "7.0" "7.1" "7.2" "7.3" "7.4" "8.0" "8.1")
 fpm_v="8.0"
@@ -131,7 +131,7 @@ set_default_lang() {
     if [ -z "$lang" ]; then
         eval lang=$1
     fi
-    lang_list="ar az bg bn bs cs da de el en es fa fi fr hr hu id it ja ka ko nl no pl pt pt-br ro ru sk sr sv th tr uk ur vi zh-cn zh-tw"
+    lang_list="ar az bg bn bs ckb cs da de el en es fa fi fr hr hu id it ja ka ko nl no pl pt pt-br ro ru sk sr sv th tr uk ur vi zh-cn zh-tw"
     if ! (echo $lang_list |grep -w $lang > /dev/null 2>&1); then
         eval lang=$1
     fi

install/upgrade/manual/configure-server-smtp.sh

@@ -40,7 +40,7 @@ function setupFiles
 		read -i $SERVER_SMTP_USER -e smtp_server_user_name
 		echo "Enter SMTP Password (stored as plaintext):"
 		read -i $SERVER_SMTP_PASSWD -e smtp_server_password
-		echo "Enter SMTP Address:"
+		echo "Enter Email Address:"
 		read -i $SERVER_SMTP_ADDR -e smtp_server_addr
 	else
 		use_smtp=false
@@ -53,7 +53,7 @@ function setupFiles
 	SMTP Security: $smtp_server_security
 	SMTP Username: $smtp_server_user_name
 	SMTP Password: $smtp_server_password
-	SMTP Address: $smtp_server_addr
+	Email Address: $smtp_server_addr
 	Are these values correct? (y/N)"
 	read correct_validation
 	correct="${correct_validation:-n}"

install/upgrade/versions/1.6.9.sh

@@ -0,0 +1,28 @@
+#!/bin/bash
+
+# Hestia Control Panel upgrade script for target version 1.6.9
+
+#######################################################################################
+#######                      Place additional commands below.                   #######
+#######################################################################################
+####### Pass through information to the end user in case of a issue or problem  #######
+#######                                                                         #######
+####### Use add_upgrade_message "My message here" to include a message          #######
+####### in the upgrade notification email. Example:                             #######
+#######                                                                         #######
+####### add_upgrade_message "My message here"                                   #######
+#######                                                                         #######
+####### You can use \n within the string to create new lines.                   #######
+#######################################################################################
+
+upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'no'
+upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'yes'
+upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'no'
+upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'no'
+upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false'
+
+# Update api key permissions
+if [ -f "$HESTIA/data/api/sync-dns-cluster" ]; then
+    rm $HESTIA/data/api/sync-dns-cluster
+    cp $HESTIA/install/deb/api/sync-dns-cluster $HESTIA/data/api/sync-dns-cluster
+fi

src/deb/hestia/control

@@ -1,7 +1,7 @@
 Source: hestia
 Package: hestia
 Priority: optional
-Version: 1.6.8
+Version: 1.6.9
 Section: admin
 Maintainer: HestiaCP <info@hestiacp.com>
 Homepage: https://www.hestiacp.com

src/deb/php/control

@@ -1,7 +1,7 @@
 Source: hestia-php
 Package: hestia-php
 Priority: optional
-Version: 8.1.9
+Version: 8.1.11
 Section: admin
 Maintainer: HestaCP <info@hestiacp.com>
 Homepage: https://www.hestiacp.com

web/edit/server/index.php

@@ -813,12 +813,12 @@ if (!empty($_POST['save'])) {
             exec(HESTIA_CMD."v-delete-backup-host " . escapeshellarg($v_backup_type), $output, $return_var);
             unset($output);
             if (in_array($_POST['v_backup_type'], array('ftp','sftp'))) {
-                $v_backup_host = quoteshellarg($_POST['v_backup_host']);
-                $v_backup_port = quoteshellarg($_POST['v_backup_port']);
-                $v_backup_type = quoteshellarg($_POST['v_backup_type']);
-                $v_backup_username = quoteshellarg($_POST['v_backup_username']);
+                $v_backup_host = escapeshellarg($_POST['v_backup_host']);
+                $v_backup_port = escapeshellarg($_POST['v_backup_port']);
+                $v_backup_type = escapeshellarg($_POST['v_backup_type']);
+                $v_backup_username = escapeshellarg($_POST['v_backup_username']);
                 $v_backup_password = escapeshellcmd($_POST['v_backup_password']);
-                $v_backup_bpath = quoteshellarg($_POST['v_backup_bpath']);
+                $v_backup_bpath = escapeshellarg($_POST['v_backup_bpath']);
                 exec(HESTIA_CMD."v-add-backup-host ". $v_backup_type ." ". $v_backup_host ." ". $v_backup_username ." ". $v_backup_password ." ". $v_backup_bpath." ".$v_backup_port, $output, $return_var);
                 check_return_code($return_var, $output);
                 unset($output);
@@ -870,12 +870,12 @@ if (!empty($_POST['save'])) {
         if ((!empty($_POST['v_backup_host'])) && ($_POST['v_backup_type'] == $v_backup_type) && (!isset($v_backup_new))) {
             if (in_array($_POST['v_backup_type'], array('ftp','sftp'))) {
                 if (($_POST['v_backup_host'] != $v_backup_host) || ($_POST['v_backup_username'] != $v_backup_username) || ($_POST['v_backup_password'] != $v_backup_password) || ($_POST['v_backup_bpath'] != $v_backup_bpath || $_POST['v_backup_port'] != $v_backup_port)) {
-                    $v_backup_host = quoteshellarg($_POST['v_backup_host']);
-                    $v_backup_port = quoteshellarg($_POST['v_backup_port']);
-                    $v_backup_type = quoteshellarg($_POST['v_backup_type']);
-                    $v_backup_username = quoteshellarg($_POST['v_backup_username']);
+                    $v_backup_host = escapeshellarg($_POST['v_backup_host']);
+                    $v_backup_port = escapeshellarg($_POST['v_backup_port']);
+                    $v_backup_type = escapeshellarg($_POST['v_backup_type']);
+                    $v_backup_username = escapeshellarg($_POST['v_backup_username']);
                     $v_backup_password = escapeshellcmd($_POST['v_backup_password']);
-                    $v_backup_bpath = quoteshellarg($_POST['v_backup_bpath']);
+                    $v_backup_bpath = escapeshellarg($_POST['v_backup_bpath']);
                     exec(HESTIA_CMD."v-add-backup-host ". $v_backup_type ." ". $v_backup_host ." ". $v_backup_username ." ". $v_backup_password ." ". $v_backup_bpath." ".$v_backup_port, $output, $return_var);
                     check_return_code($return_var, $output);
                     unset($output);

web/inc/main.php

@@ -405,7 +405,11 @@ function send_email($to, $subject, $mailtext, $from, $from_name, $to_name = '')
     $mail = new PHPMailer();
 
     if (isset($_SESSION['USE_SERVER_SMTP']) && $_SESSION['USE_SERVER_SMTP'] == "true") {
-        $from = $_SESSION['SERVER_SMTP_ADDR'];
+        if(!empty($_SESSION['SERVER_SMTP_ADDR']) && $_SESSION['SERVER_SMTP_ADDR'] != ''){
+            if(filter_var($_SESSION['SERVER_SMTP_ADDR'], FILTER_VALIDATE_EMAIL)){
+                $from = $_SESSION['SERVER_SMTP_ADDR'];
+            }
+        }
 
         $mail->IsSMTP();
         $mail->Mailer = "smtp";

web/src/app/System/HestiaApp.php

@@ -193,12 +193,17 @@ class HestiaApp
     public function getCurrentBackendTemplate(string $domain){
         $status = $this->runUser('v-list-web-domain', [$domain, 'json'],$return_message);
         $version = $return_message -> json[$domain]['BACKEND'];
-        if($version != "default"){
-            $test= preg_match('/^.*PHP-([0-9])\_([0-9])/',$version, $match);
-            return $match[1].'.'.$match[2];   
+        if (!empty($version)){
+            if($version != "default"){
+                $test= preg_match('/^.*PHP-([0-9])\_([0-9])/',$version, $match);
+                return $match[1].'.'.$match[2];   
+            }else{
+                $supported = $this -> run('v-list-sys-php', 'json', $result);
+                return $this -> $supported -> json[0];
+            }
         }else{
             $supported = $this -> run('v-list-sys-php', 'json', $result);
-            return $this -> $supported -> json[0];
+            return $this -> $supported -> json[0];  
         }                
     }
     

web/src/app/WebApp/Installers/DokuWiki/DokuWikiSetup.php

@@ -11,7 +11,7 @@ class DokuWikiSetup extends BaseSetup {
 		'name' => 'DokuWiki',
 		'group' => 'wiki',
 		'enabled' => true,
-		'version' => 'stable_2020-07-29',
+		'version' => 'stable_2022-07-31a',
 		'thumbnail' => 'dokuwiki-logo.svg'
 	];
 	
@@ -48,7 +48,7 @@ class DokuWikiSetup extends BaseSetup {
 			],
 		 ],
 		'resources' => [
-			'archive'  => [ 'src' => 'https://github.com/splitbrain/dokuwiki/archive/refs/tags/release_stable_2020-07-29.zip' ],
+			'archive'  => [ 'src' => 'https://github.com/splitbrain/dokuwiki/archive/refs/tags/release_stable_2022-07-31a.zip' ],
 		],
 		'server' => [
 			'nginx' => [
@@ -72,7 +72,7 @@ class DokuWikiSetup extends BaseSetup {
 		$webDomain = ($sslEnabled ? "https://" : "http://") . $this->domain . "/";
 		
 		$this->appcontext->runUser('v-copy-fs-directory',[
-			$this->getDocRoot($this->extractsubdir . "/dokuwiki-release_stable_2020-07-29/."),
+			$this->getDocRoot($this->extractsubdir . "/dokuwiki-release_stable_2022-07-31a/."),
 			$this->getDocRoot()], $status);
 
 		// enable htaccess
@@ -107,7 +107,6 @@ class DokuWikiSetup extends BaseSetup {
 		if($return_var > 0){
 			throw new \Exception(implode( PHP_EOL, $output));
 		}
-
 		// remove temp folder
 		$this->appcontext->runUser('v-delete-fs-file', [$this->getDocRoot("install.php")], $status);
 		$this->cleanup();

web/src/app/WebApp/Installers/Grav/GravSetup.php

@@ -60,7 +60,10 @@ class GravSetup extends BaseSetup {
 				'-N '.$options['username'],
 				'-l en'
 			 ], $status);
+			 return ($status -> code === 0);
+		}else{
+			return true;
 		}
-		return ($status -> code === 1);
+
 	}
 }

web/src/app/WebApp/Installers/MediaWiki/MediaWikiSetup.php

@@ -11,7 +11,7 @@ class MediaWikiSetup extends BaseSetup
         'name' => 'MediaWiki',
         'group' => 'cms',
         'enabled' => true,
-        'version' => '1.38.2',
+        'version' => '1.38.4',
         'thumbnail' => 'MediaWiki-2020-logo.svg' //Max size is 300px by 300px
     ];
 
@@ -27,7 +27,7 @@ class MediaWikiSetup extends BaseSetup
             ],
         'database' => true,
         'resources' => [
-            'archive'  => [ 'src' => 'https://releases.wikimedia.org/mediawiki/1.38/mediawiki-1.38.2.zip' ],
+            'archive'  => [ 'src' => 'https://releases.wikimedia.org/mediawiki/1.38/mediawiki-1.38.4.zip' ],
         ],
         'server' => [
             'nginx' => [
@@ -56,7 +56,7 @@ class MediaWikiSetup extends BaseSetup
         $webDomain = ($sslEnabled ? "https://" : "http://") . $this->domain;
 
         $this->appcontext->runUser('v-copy-fs-directory', [
-            $this->getDocRoot($this->extractsubdir . "/mediawiki-1.38.2/."),
+            $this->getDocRoot($this->extractsubdir . "/mediawiki-1.38.4/."),
             $this->getDocRoot()], $result);
 
         $this->appcontext->runUser('v-run-cli-cmd', ["/usr/bin/php".$options['php_version'],

web/src/app/WebApp/Installers/Opencart/OpencartSetup.php

@@ -10,7 +10,7 @@ class OpencartSetup extends BaseSetup
         'name' => 'Opencart',
         'group' => 'ecommerce',
         'enabled' => true,
-        'version' => '4.0.0.0',
+        'version' => '4.0.1.1',
         'thumbnail' => 'opencart-thumb.png'
     ];
 
@@ -25,7 +25,7 @@ class OpencartSetup extends BaseSetup
             ],
         'database' => true,
         'resources' => [
-            'archive'  => [ 'src' => 'https://github.com/opencart/opencart/releases/download/4.0.0.0/opencart-4.0.0.0.zip' ],
+            'archive'  => [ 'src' => 'https://github.com/opencart/opencart/releases/download/4.0.1.1/opencart-4.0.1.1.zip' ],
         ],
         'server' => [
             'nginx' => [

web/src/app/WebApp/Installers/Prestashop/PrestashopSetup.php

@@ -10,7 +10,7 @@ class PrestashopSetup extends BaseSetup
         'name' => 'Prestashop',
         'group' => 'ecommerce',
         'enabled' => true,
-        'version' => '1.7.8.6',
+        'version' => '1.7.8.7',
         'thumbnail' => 'prestashop-thumb.png'
     ];
 
@@ -26,7 +26,7 @@ class PrestashopSetup extends BaseSetup
             ],
         'database' => true,
         'resources' => [
-            'archive'  => [ 'src' => 'https://github.com/PrestaShop/PrestaShop/releases/download/1.7.8.6/prestashop_1.7.8.6.zip' ],
+            'archive'  => [ 'src' => 'https://github.com/PrestaShop/PrestaShop/releases/download/1.7.8.7/prestashop_1.7.8.7.zip' ],
         ],
         'server' => [
             'nginx' => [

web/src/app/WebApp/Installers/Wordpress/WordpressSetup.php

@@ -73,30 +73,57 @@ class WordpressSetup extends BaseSetup
         parent::setup($options);
 
         $this->appcontext->runUser('v-open-fs-file', [$this->getDocRoot("wp-config-sample.php")], $result);
-        $distconfig = preg_replace(
-            [
-            '/database_name_here/', '/username_here/', '/password_here/', '/utf8/', '/wp_/'
-        ],
-            [
-            $this->appcontext->user() . '_' . $options['database_name'],
-            $this->appcontext->user() . '_' . $options['database_user'],
-            $options['database_password'],
-            'utf8mb4',
-            Util::generate_string(3, false).'_'
-            ],
-            $result->text
-        );
-
-        while (strpos($distconfig, 'put your unique phrase here') !== false) {
-            $distconfig = preg_replace('/put your unique phrase here/', Util::generate_string(64), $distconfig, 1);
+        foreach($result -> raw as $line_num => $line){
+            if ( '$table_prefix =' === substr( $line, 0, 15 ) ) {
+                $result -> raw[ $line_num ] = '$table_prefix = \'' . addcslashes( Util::generate_string(5, false).'_', "\\'" ) . "';\r\n";
+                continue;
+            }
+            if ( ! preg_match( '/^define\(\s*\'([A-Z_]+)\',([ ]+)/', $line, $match ) ) {
+                continue;
+            }
+            $constant = $match[1];
+            $padding  = $match[2];
+            switch ( $constant ) {
+            case 'DB_NAME':
+                $result -> raw [ $line_num ] = "define( '" . $constant . "'," . $padding . "'" . addcslashes($this->appcontext->user() . '_' . $options['database_name'], "\\'" ) . "' );";
+                break;
+            case 'DB_USER':
+                $result -> raw [ $line_num ] = "define( '" . $constant . "'," . $padding . "'" . addcslashes($this->appcontext->user() . '_' . $options['database_user'], "\\'" ) . "' );";
+                break;
+            case 'DB_PASSWORD':
+                $result -> raw [ $line_num ] = "define( '" . $constant . "'," . $padding . "'" . addcslashes($options['database_password'], "\\'" ) . "' );";
+                break;
+            case 'DB_HOST':
+                $result -> raw [ $line_num ] = "define( '" . $constant . "'," . $padding . "'" . addcslashes('localhost', "\\'" ) . "' );";
+                break;
+            case 'DB_CHARSET':
+                $result -> raw [ $line_num ] = "define( '" . $constant . "'," . $padding . "'" . addcslashes('utf8mb4', "\\'" ) . "' );";
+                break;
+            case 'AUTH_KEY':
+            case 'SECURE_AUTH_KEY':
+            case 'LOGGED_IN_KEY':
+            case 'NONCE_KEY':
+            case 'AUTH_SALT':
+            case 'SECURE_AUTH_SALT':
+            case 'LOGGED_IN_SALT':
+            case 'NONCE_SALT':
+                $result -> raw [ $line_num ] = "define( '" . $constant . "'," . $padding . "'"  . Util::generate_string(64) . "' );";
+                break;
+            }
         }
-
-        $tmp_configpath = $this->saveTempFile($distconfig);
+        
+        $tmp_configpath = $this->saveTempFile(implode("\r\n",$result -> raw ));
 
         if (!$this->appcontext->runUser('v-move-fs-file', [$tmp_configpath, $this->getDocRoot("wp-config.php")], $result)) {
             throw new \Exception("Error installing config file in: " . $tmp_configpath . " to:" . $this->getDocRoot("wp-config.php") . $result->text);
         }
 
+        $this->appcontext->downloadUrl('https://raw.githubusercontent.com/roots/wp-password-bcrypt/master/wp-password-bcrypt.php', null, $plugin_output);
+        $this->appcontext->runUser('v-add-fs-directory', [$this->getDocRoot("wp-content/mu-plugins/")], $result);
+        if (!$this->appcontext->runUser('v-copy-fs-file', [$plugin_output->file, $this->getDocRoot("wp-content/mu-plugins/wp-password-bcrypt.php")], $result)) {
+            throw new \Exception("Error installing wp-password-bcrypt file in: " . $plugin_output->file . " to:" . $this->getDocRoot("wp-content/mu-plugins/wp-password-bcrypt.php") . $result->text);
+        }
+
         $this->appcontext->run('v-list-web-domain', [$this->appcontext->user(), $this->domain, 'json'], $status);
         $sslEnabled = ($status->json[$this->domain]['SSL'] == 'no' ? 0 : 1);
         $webDomain = ($sslEnabled ? "https://" : "http://") . $this->domain . "/";

web/templates/pages/login/login.html

@@ -51,7 +51,7 @@
 		</tr>
 	</table>
 </center>
-<script src="/inc/jquery/jquery-3.6.0.min.js"></script>
+<script src="/inc/jquery/jquery-3.6.1.min.js"></script>
 </body>
 
 </html>

web/templates/pages/login/login_1.html

@@ -59,7 +59,7 @@
 		</tr>
 	</table>
 </center>
-<script src="/inc/jquery/jquery-3.6.0.min.js"></script>
+<script src="/inc/jquery/jquery-3.6.1.min.js"></script>
 </body>
 
 </html>

web/templates/pages/login/login_2.html

@@ -57,7 +57,7 @@
 		</tr>
 	</table>
 </center>
-<script src="/inc/jquery/jquery-3.6.0.min.js"></script>
+<script src="/inc/jquery/jquery-3.6.1.min.js"></script>
 </body>
 
 </html>

web/templates/pages/login/login_a.html

@@ -68,7 +68,7 @@
 		</tr>
 	</table>
 </center>
-<script src="/inc/jquery/jquery-3.6.0.min.js"></script>
+<script src="/inc/jquery/jquery-3.6.1.min.js"></script>
 </body>
 
 </html>