Merge pull request #1240 from hestiacp/staging/fixes

Staging/fixes

bin/v-add-backup-host

@@ -13,7 +13,8 @@
 type=$1
 host=$2
 user=$3
-password=$4; HIDE=4
+raw_password=$4; HIDE=4
+password=$(perl -e 'print quotemeta shift(@ARGV)' "${raw_password}")
 path=${5-/backup}
 port=$6
 

bin/v-add-web-domain-backend

@@ -66,9 +66,13 @@ cat $WEBTPL/$WEB_BACKEND/$template.tpl |\
         -e "s|%backend%|$backend_type|g"\
         -e "s|%backend_version%|$backend_version|g" > $pool/$backend_type.conf
 
+
 # Set correct document root path
 if [ ! -z "$CUSTOM_DOCROOT" ]; then
     docroot="$CUSTOM_DOCROOT"
+    if [ ! -z "$CUSTOM_PHPROOT" ]; then
+        docroot="$CUSTOM_PHPROOT"
+    fi
     sed -i "s|/home\/$user\/web\/$domain\/public_html|$docroot|g"  $pool/$backend_type.conf
 else
     docroot="$HOMEDIR/$user/web/$domain/public_html/"

bin/v-change-web-domain-docroot

@@ -1,7 +1,7 @@
 #!/bin/bash
 # info: Changes the document root for an existing web domain
 
-# options: USER DOMAIN TARGET_DOMAIN [DIRECTORY]
+# options: USER DOMAIN TARGET_DOMAIN [DIRECTORY] [PHP]
 # example usage:
 # add custom docroot:    v-change-web-domain-docroot admin domain.tld otherdomain.tld
 #                        points domain.tld to otherdomain.tld's document root.
@@ -25,6 +25,7 @@ domain=$2
 # so they are correctly passed through to domain.sh
 export target_domain=$3
 export target_directory=$4
+export php=$5
 
 # Includes
 source $HESTIA/func/main.sh
@@ -66,6 +67,7 @@ check_hestia_demo_mode
 # Unset existing custom document root path
 if [ ! -z "$CUSTOM_DOCROOT" ]; then
     update_object_value 'web' 'DOMAIN' "$domain" '$CUSTOM_DOCROOT' ""
+    update_object_value 'web' 'DOMAIN' "$domain" '$CUSTOM_PHPROOT' ""
 fi
 
 # If target domain value is 'default', remove the custom document root
@@ -73,6 +75,7 @@ fi
 # Otherwise, set target document root path accordingly based on passed values.
 if [ "$target_domain" = "default" ]; then
     update_object_value 'web' 'DOMAIN' "$domain" '$CUSTOM_DOCROOT' ""
+    update_object_value 'web' 'DOMAIN' "$domain" '$CUSTOM_PHPROOT' "" 
 else
     # Check for existence of specified directory under target domain's public_html folder
     if [ ! -z "$target_directory" ]; then
@@ -81,12 +84,24 @@ else
             exit 1
         else
             CUSTOM_DOCROOT="$HOMEDIR/$user/web/$target_domain/public_html/$target_directory/"
+            if [ ! -z "$php" ]; then
+                custom_phproot="$HOMEDIR/$user/web/$target_domain/public_html/"
+            else
+                custom_phproot="$HOMEDIR/$user/web/$target_domain/public_html/$target_directory/"
+            fi
         fi
     else
         CUSTOM_DOCROOT="$HOMEDIR/$user/web/$target_domain/public_html/"
+        custom_phproot="$HOMEDIR/$user/web/$target_domain/public_html/"
     fi
+    
     add_object_key 'web' 'DOMAIN' "$domain" 'CUSTOM_DOCROOT' 'IP6'
+    add_object_key 'web' 'DOMAIN' "$domain" 'CUSTOM_PHPROOT' 'IP6'
+    
     update_object_value 'web' 'DOMAIN' "$domain" '$CUSTOM_DOCROOT' "$CUSTOM_DOCROOT"
+    # CUSTOM_PHPROOT got overwriten by default
+    CUSTOM_PHPROOT=$custom_phproot
+    update_object_value 'web' 'DOMAIN' "$domain" '$CUSTOM_PHPROOT' "$CUSTOM_PHPROOT"  
 fi
 
 #----------------------------------------------------------#

bin/v-list-sys-config

@@ -57,6 +57,7 @@ json_list() {
         "WEBMAIL_ALIAS": "'$WEBMAIL_ALIAS'",
         "DB_PMA_ALIAS": "'$DB_PMA_ALIAS'",
         "DB_PGA_ALIAS": "'$DB_PGA_ALIAS'",
+        "LOGIN_STYLE": "'$LOGIN_STYLE'",
         "SOFTACULOUS": "'$SOFTACULOUS'"
     }
 }'

install/hst-install-debian.sh

@@ -1080,6 +1080,9 @@ echo "BACKUP_MODE='zstd'" >> $HESTIA/conf/hestia.conf
 # Language
 echo "LANGUAGE='$lang'" >> $HESTIA/conf/hestia.conf
 
+# Login in screen
+echo "LOGIN_STYLE='default" >> $HESTIA/conf/hestia.conf
+
 # Version & Release Branch
 echo "VERSION='${HESTIA_INSTALL_VER}'" >> $HESTIA/conf/hestia.conf
 echo "RELEASE_BRANCH='release'" >> $HESTIA/conf/hestia.conf

install/hst-install-ubuntu.sh

@@ -1118,6 +1118,9 @@ echo "BACKUP_MODE='zstd'" >> $HESTIA/conf/hestia.conf
 # Language
 echo "LANGUAGE='$lang'" >> $HESTIA/conf/hestia.conf
 
+# Login in screen
+echo "LOGIN_STYLE='default" >> $HESTIA/conf/hestia.conf
+
 # Version & Release Branch
 echo "VERSION='${HESTIA_INSTALL_VER}'" >> $HESTIA/conf/hestia.conf
 echo "RELEASE_BRANCH='release'" >> $HESTIA/conf/hestia.conf

install/upgrade/versions/1.3.0.sh

@@ -56,4 +56,8 @@ fi
 
 # Change backup mode to zstd.
  echo "[ * ] Enable new backup compression zstd as default."
- $BIN/v-change-sys-config-value "BACKUP_MODE" "zstd"
+ $BIN/v-change-sys-config-value "BACKUP_MODE" "zstd"
+ 
+# Set var LOGIN_STYLE hestia.conf
+ echo "[ * ] Set var LOGIN_STYLE hestia.conf"
+ $BIN/v-change-sys-config-value "LOGIN_STYLE" "default" 

test/test.bats

@@ -6,7 +6,7 @@ load 'test_helper/bats-file/load'
 
 
 function random() {
-    head /dev/urandom | tr -dc A-Za-z0-9 | head -c$1
+    head /dev/urandom | tr -dc 0-9 | head -c$1
 }
 
 function setup() {

test/test_actions.sh

@@ -7,7 +7,7 @@ V_TEST="$HESTIA/test"
 
 # Define functions
 random() {
-    head /dev/urandom | tr -dc A-Za-z0-9 | head -c$1
+    head /dev/urandom | tr -dc 0-9 | head -c$1
 }
 
 echo_result() {

web/add/web/index.php

@@ -238,10 +238,15 @@ if (!empty($_POST['ok'])) {
 
         }else{
             $v_custom_doc_domain = escapeshellarg($_POST['v-custom-doc-domain']);
+            if(substr($_POST['v-custom-doc-folder'], -1) == '/'){
+                $v_custom_doc_folder = escapeshellarg(substr($_POST['v-custom-doc-folder'],0,-1));
+            }else{
+                $v_custom_doc_folder = escapeshellarg($_POST['v-custom-doc-folder']);  
+            }
             $v_custom_doc_folder = escapeshellarg($_POST['v-custom-doc-folder']);
             $v_domain = escapeshellarg(trim($_POST['v_domain']));
             
-            exec(HESTIA_CMD."v-change-web-domain-docroot ".$user." ".$v_domain." ".$v_custom_doc_domain." ".$v_custom_doc_folder,  $output, $return_var);
+            exec(HESTIA_CMD."v-change-web-domain-docroot ".$user." ".$v_domain." ".$v_custom_doc_domain." ".$v_custom_doc_folder." yes",  $output, $return_var);
             check_return_code($return_var,$output);
             unset($output);  
             $v_custom_doc_root = 1; 

web/edit/server/index.php

@@ -526,6 +526,17 @@ if (!empty($_POST['save'])) {
         }
     }
 
+    // Change login style
+    if (empty($_SESSION['error_msg'])) {
+        if ($_POST['v_login_style'] != $_SESSION['LOGIN_STYLE']) {
+            exec (HESTIA_CMD."v-change-sys-config-value LOGIN_STYLE ".escapeshellarg($_POST['v_login_style']), $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            if (empty($_SESSION['error_msg'])) $v_login_style = $_POST['v_login_style'];
+            $v_security_adv = 'yes';
+        }
+    }
+
     // Update SSL certificate
     if ((!empty($_POST['v_ssl_crt'])) && (empty($_SESSION['error_msg']))) {
         if (($v_ssl_crt != str_replace("\r\n", "\n",  $_POST['v_ssl_crt'])) || ($v_ssl_key != str_replace("\r\n", "\n",  $_POST['v_ssl_key']))) {

web/edit/web/index.php

@@ -76,9 +76,13 @@ if (!empty($v_stats_user)) $v_stats_password = "";
 $v_custom_doc_root_prepath = '/home/'.$v_username.'/web/';
 $v_custom_doc_root = $data[$v_domain]['CUSTOM_DOCROOT'];
 
-$m = preg_match('/\/home\/'.$v_username.'\/web\/([A-Za-z0-9.-].*)\/([A-Za-z0-9.-\/].*)/', $v_custom_doc_root, $matches);
+$m = preg_match('/\/home\/'.$v_username.'\/web\/([[:alnum:]].*)\/public_html\/([[:alnum:]].*)/', $v_custom_doc_root, $matches);
 $v_custom_doc_domain = $matches[1];
-$v_custom_doc_folder = str_replace('public_html/','',$matches[2]);
+$v_custom_doc_folder = $matches[2];
+if(substr($v_custom_doc_folder, -1) == '/'){
+    $v_custom_doc_folder = substr($v_custom_doc_folder,0,-1);
+}
+
 
 $v_ftp_user = $data[$v_domain]['FTP_USER'];
 $v_ftp_path = $data[$v_domain]['FTP_PATH'];
@@ -763,10 +767,14 @@ if (!empty($_POST['save'])) {
             check_return_code($return_var,$output);
             unset($output);     
         }else{
+            if(substr($_POST['v-custom-doc-folder'], -1) == '/'){
+                $v_custom_doc_folder = escapeshellarg(substr($_POST['v-custom-doc-folder'],0,-1));
+            }else{
+                $v_custom_doc_folder = escapeshellarg($_POST['v-custom-doc-folder']);  
+            }
             $v_custom_doc_domain = escapeshellarg($_POST['v-custom-doc-domain']);
-            $v_custom_doc_folder = escapeshellarg($_POST['v-custom-doc-folder']);
-        
-            exec(HESTIA_CMD."v-change-web-domain-docroot ".$v_username." ".escapeshellarg($v_domain)." ".$v_custom_doc_domain." ".$v_custom_doc_folder,  $output, $return_var);
+            
+            exec(HESTIA_CMD."v-change-web-domain-docroot ".$v_username." ".escapeshellarg($v_domain)." ".$v_custom_doc_domain." ".$v_custom_doc_folder ." yes",  $output, $return_var);
             check_return_code($return_var,$output);
             unset($output);  
             $v_custom_doc_root = 1; 

web/login/index.php

@@ -192,10 +192,18 @@ require_once('../templates/header.html');
 if(!empty($_SESSION['login'])){
     require_once('../templates/login_2.html');    
 }else if (empty($_POST['user'])) {
-    require_once('../templates/login.html');
+    if($_SESSION['LOGIN_STYLE'] == 'old'){
+        require_once('../templates/login_a.html'); 
+    }else{
+        require_once('../templates/login.html');        
+    }
 }else if (empty($_POST['password'])) {
     require_once('../templates/login_1.html');
 }else{
-    require_once('../templates/login.html');
+    if($_SESSION['LOGIN_STYLE'] == 'old'){
+        require_once('../templates/login_a.html'); 
+    }else{
+        require_once('../templates/login.html');        
+    }
 }
 ?>

web/templates/admin/edit_server.html

@@ -842,7 +842,33 @@
                                     </table>
                                 </td>
                             </tr>
-
+<tr>
+                                <td class="vst-text input-label step-top advanced-options">
+                                    <a href="javascript:elementHideShow('security');" class="vst-text">
+                                        <i class="fas fa-key"></i><b><?php print _('Security');?> <img src="/images/arrow.png"></b>
+                                    </a>
+                                </td>
+                            </tr>
+                            <tr>
+                                <td class="vst-text input-label step-left">
+                                    <table style="display:<?php if (empty($v_security_adv)) echo 'none';?> ;" id="security">
+                                        <tr>
+                                            <td class="vst-text input-label">
+                                                <?php print _('Login screen style');?>
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td>
+                                                <select class="vst-list" name="v_login_style">
+                                                    <option value='default'><?php print _('Default'); ?></option>
+                                                    <option value='old' <?php if($_SESSION['LOGIN_STYLE'] == 'old') echo 'selected' ?> ><?php print _('Old Style'); ?></option>
+                                                </select>
+                                                <br><br>
+                                            </td>
+                                        </tr>
+                                    </table>
+                                </td>
+                            </tr>
 
                             <tr>
                                 <td class="vst-text input-label step-top advanced-options">

web/templates/login_a.html

@@ -0,0 +1,65 @@
+        <center>
+            <table class="login animated zoomIn">
+                <tr>
+                    <td>
+                        <table>
+                            <tr>
+                                <td style="padding: 22px 30px 0 42px; height: 280px; width: 170px;">
+                                    <a href="/"><img border=0 src="/images/logo.svg" alt="<?=_('Hestia Control Panel');?>" style="margin-top: 70px;" /></a>
+                                </td>
+                                <td style="padding: 40px 60px 0 0;">
+                                    <form method="post" action="/login/" id="form_login">
+                                    <input type="hidden" name="token" value="<?php echo $_SESSION['token']; ?>">
+                                    <table class="login-box">
+                                        <tr>
+                                            <td style="padding: 12px 0 0 2px;" class="login-welcome">
+                                                <?php print _('Welcome to Hestia Control Panel');?>
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td style="padding: 12px 0 5px 2px;">
+                                                <?php print _('Username');?>
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td>
+                                                <input tabindex="1" type="text" size="20px" style="width:240px;" name="user" class="vst-input" autofocus />
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td style="padding: 12px 0 5px 2px;">
+                                                <?php print _('Password');?>
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td>
+                                                <input tabindex="2" type="password" size="20px"  style="width:240px;" name="password" class="vst-input" />
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td height="10px">
+                                            </td>
+                                        </tr>
+                                        <tr>
+                                            <td style="padding: 0 0 5px 0;">
+                                                <button tabindex="3" type="submit" class="button"><?php print _('Next');?>&nbsp;&nbsp;&nbsp;<i class="fas fa-sign-in-alt"></i></button>
+                                            </td>
+                                        </tr>
+                                    </table>
+                                </form>
+                            </td>
+                        </tr>
+                        <tr>
+                            <td colspan=2>
+                                <div class="login-bottom">
+                                    <div style="height:20px"><?php if (isset($error)) echo $error ?></div>
+                                </div>
+                            </td>
+                        </tr>
+                    </table>
+                </tr>
+            </table>
+        </center>
+
+    </body>
+</html>