Prevent install via CLI / API / WebGUI via command v-update-sys-hestia package

Current script accepts all valid packages now limiited to hestia, hestia-nginx, hestia-php
@numanturle

bin/v-update-sys-hestia

@@ -32,6 +32,7 @@ source $HESTIA/conf/hestia.conf
 
 # Checking arg number
 check_args '1' "$#" 'PACKAGE'
+is_hestia_package "hestia,hestia-nginx,hestia-php" "$package"
 
 # Perform verification if read-only mode is enabled
 check_hestia_demo_mode

func/main.sh

@@ -1154,6 +1154,12 @@ multiphp_default_version() {
     echo "$sys_phpversion"
 }
 
+is_hestia_package(){
+    if [ -z "$(echo $1 | grep -w $2)" ]; then
+        check_result $E_INVALID "$2 package is not controlled by hestiacp"
+    fi
+}
+
 # Run arbitrary cli commands with dropped privileges
 # Note: setpriv --init-groups is not available on debian9 (util-linux 2.29.2)
 # Input: