0) { header('Location: /error/'); exit; } } function check_return_code($return_var, $output) { if ($return_var != 0) { $error = implode('
', $output); if (empty($error)) { $error = sprintf(_('Error code:'), $return_var); } $_SESSION['error_msg'] = $error; } } function check_return_code_redirect($return_var, $output, $location) { if ($return_var != 0) { $error = implode('
', $output); if (empty($error)) { $error = sprintf(_('Error code:'), $return_var); } $_SESSION['error_msg'] = $error; header("Location:".$location); } } function render_page($user, $TAB, $page) { $__template_dir = dirname(__DIR__) . '/templates/'; $__pages_js_dir = dirname(__DIR__) . '/js/pages/'; // Header include($__template_dir . 'header.html'); // Panel $panel = top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB); // Extract global variables // I think those variables should be passed via arguments extract($GLOBALS, EXTR_SKIP); // Policies controller @include_once(dirname(__DIR__) . '/inc/policies.php'); // Body include($__template_dir . 'pages/' . $page . '.html'); // Including common js files @include_once(dirname(__DIR__) . '/templates/includes/end_js.html'); // Including page specific js file if (file_exists($__pages_js_dir . $page . '.js')) { echo ''; } // Footer include($__template_dir . 'footer.html'); } // Match $_SESSION['token'] against $_GET['token'] or $_POST['token'] // Usage: verify_csrf($_POST) or verify_csrf($_GET); Use verify_csrf($_POST,true) to return on failure instead of redirect function verify_csrf($method, $return = false) { if ($method['token'] !== $_SESSION['token'] || empty($method['token']) || empty($_SESSION['token'])) { if ($return === true) { return false; } else { header('Location: /login/'); die(); } } else { return true; } } function show_error_panel($data) { $msg_id = ''; $msg_icon = ''; $msg_text = ''; if (!empty($data['error_msg'])) { $msg_icon = 'fa-exclamation-circle status-icon red'; $msg_text = htmlentities($data['error_msg']); $msg_id = 'vst-error'; } else { if (!empty($data['ok_msg'])) { $msg_icon = 'fa-check-circle status-icon green'; $msg_text = $data['ok_msg']; $msg_id = 'vst-ok'; } } ?> 0) { destroy_sessions(); $_SESSION['error_msg'] = _('You have been logged out. Please log in again.'); header('Location: /login/'); exit; } $panel = json_decode(implode('', $output), true); unset($output); // Log out active sessions for suspended users if (($panel[$user]['SUSPENDED'] === 'yes') && ($_SESSION['POLICY_USER_VIEW_SUSPENDED'] !== 'yes')) { if (empty($_SESSION['look'])) { destroy_sessions(); $_SESSION['error_msg'] = _('You have been logged out. Please log in again.'); header('Location: /login/'); } } // Reset user permissions if changed while logged in if (($panel[$user]['ROLE']) !== ($_SESSION['userContext']) && (!isset($_SESSION['look']))) { unset($_SESSION['userContext']); $_SESSION['userContext'] = $panel[$user]['ROLE']; } // Load user's selected theme and do not change it when impersonting user if ((isset($panel[$user]['THEME'])) && (!isset($_SESSION['look']))) { $_SESSION['userTheme'] = $panel[$user]['THEME']; } // Unset userTheme override variable if POLICY_USER_CHANGE_THEME is set to no if ($_SESSION['POLICY_USER_CHANGE_THEME'] === 'no') { unset($_SESSION['userTheme']); } // Set preferred sort order if (!isset($_SESSION['look'])) { $_SESSION['userSortOrder'] = $panel[$user]['PREF_UI_SORT']; } // Set home location URLs if (($_SESSION['userContext'] === 'admin') && (empty($_SESSION['look']))) { // Display users list for administrators unless they are impersonating a user account $home_url = '/list/user/'; } else { // Set home location URL based on available package features from account if ($panel[$user]['WEB_DOMAINS'] != '0') { $home_url = '/list/web/'; } elseif ($panel[$user]['DNS_DOMAINS'] != '0') { $home_url = '/list/dns/'; } elseif ($panel[$user]['MAIL_DOMAINS'] != '0') { $home_url = '/list/mail/'; } elseif ($panel[$user]['DATABASES'] != '0') { $home_url = '/list/db/'; } elseif ($panel[$user]['CRON_JOBS'] != '0') { $home_url = '/list/cron/'; } elseif ($panel[$user]['BACKUPS'] != '0') { $home_url = '/list/backups/'; } } include(dirname(__FILE__) . '/../templates/includes/panel.html'); return $panel; } function translate_date($date) { $date = new DateTime($date); return $date -> format('d').' '. _($date -> format('M')).' '.$date -> format('Y'); } function humanize_time($usage) { if ($usage > 60) { $usage = $usage / 60; if ($usage > 24) { $usage = $usage / 24; $usage = number_format($usage); return sprintf(ngettext('%d day', '%d days', $usage), $usage); } else { $usage = round($usage); return sprintf(ngettext('%d hour', '%d hours', $usage), $usage); } } else { $usage = round($usage); return sprintf(ngettext('%d minute', '%d minutes', $usage), $usage); } } function humanize_usage_size($usage) { if ($usage == 'unlimited') { return '∞'; } if ($usage > 1024) { $usage = $usage / 1024; if ($usage > 1024) { $usage = $usage / 1024 ; if ($usage > 1024) { $usage = $usage / 1024 ; $usage = number_format($usage, 2); } else { $usage = number_format($usage, 2); } } else { $usage = number_format($usage, 2); } } return $usage; } function humanize_usage_measure($usage) { if ($usage == 'unlimited') { return 'mb'; } $measure = 'kb'; if ($usage > 1024) { $usage = $usage / 1024; if ($usage > 1024) { $usage = $usage / 1024 ; $measure = ($usage > 1024) ? 'pb' : 'tb'; } else { $measure = 'gb'; } } else { $measure = 'mb'; } return $measure; } function get_percentage($used, $total) { if ($total = "unlimited") { //return 0 if unlimited return 0; } if (!isset($total)) { $total = 0; } if (!isset($used)) { $used = 0; } if ($total == 0) { $percent = 0; } else { $percent = $used / $total; $percent = $percent * 100; $percent = number_format($percent, 0, '', ''); if ($percent < 0) { $percent = 0; } elseif ($percent > 100) { $percent = 100; } } return $percent; } function send_email($to, $subject, $mailtext, $from, $from_name, $to_name = '') { $mail = new PHPMailer(); if (isset($_SESSION['USE_SERVER_SMTP']) && $_SESSION['USE_SERVER_SMTP'] == "true") { $from = $_SESSION['SERVER_SMTP_ADDR']; $mail->IsSMTP(); $mail->Mailer = "smtp"; $mail->SMTPDebug = 0; $mail->SMTPAuth = true; $mail->SMTPSecure = $_SESSION['SERVER_SMTP_SECURITY']; $mail->Port = $_SESSION['SERVER_SMTP_PORT']; $mail->Host = $_SESSION['SERVER_SMTP_HOST']; $mail->Username = $_SESSION['SERVER_SMTP_USER']; $mail->Password = $_SESSION['SERVER_SMTP_PASSWD']; } $mail->IsHTML(true); $mail->ClearReplyTos(); if (empty($to_name)) { $mail->AddAddress($to); } else { $mail->AddAddress($to, $to_name); } $mail->SetFrom($from, $from_name); $mail->CharSet = "utf-8"; $mail->Subject = $subject; $content = $mailtext; $content = nl2br($content); $mail->MsgHTML($content); $mail->Send(); } function list_timezones() { foreach (['AKST', 'AKDT', 'PST', 'PDT', 'MST', 'MDT', 'CST', 'CDT', 'EST', 'EDT', 'AST', 'ADT'] as $timezone) { $tz = new DateTimeZone($timezone); $timezone_offsets[$timezone] = $tz->getOffset(new DateTime()); } foreach (DateTimeZone::listIdentifiers() as $timezone) { $tz = new DateTimeZone($timezone); $timezone_offsets[$timezone] = $tz->getOffset(new DateTime()); } foreach ($timezone_offsets as $timezone => $offset) { $offset_prefix = $offset < 0 ? '-' : '+'; $offset_formatted = gmdate('H:i', abs($offset)); $pretty_offset = "UTC${offset_prefix}${offset_formatted}"; $c = new DateTime(gmdate('Y-M-d H:i:s'), new DateTimeZone('UTC')); $c->setTimezone(new DateTimeZone($timezone)); $current_time = $c->format('H:i:s'); $timezone_list[$timezone] = "$timezone [ $current_time ] ${pretty_offset}"; #$timezone_list[$timezone] = "$timezone ${pretty_offset}"; } return $timezone_list; } /** * A function that tells is it MySQL installed on the system, or it is MariaDB. * * Explaination: * $_SESSION['DB_SYSTEM'] has 'mysql' value even if MariaDB is installed, so you can't figure out is it really MySQL or it's MariaDB. * So, this function will make it clear. * * If MySQL is installed, function will return 'mysql' as a string. * If MariaDB is installed, function will return 'mariadb' as a string. * * Hint: if you want to check if PostgreSQL is installed - check value of $_SESSION['DB_SYSTEM'] * * @return string */ function is_it_mysql_or_mariadb() { exec(HESTIA_CMD . 'v-list-sys-services json', $output, $return_var); $data = json_decode(implode('', $output), true); unset($output); $mysqltype = 'mysql'; if (isset($data['mariadb'])) { $mysqltype = 'mariadb'; } return $mysqltype; } function load_hestia_config() { // Check system configuration exec(HESTIA_CMD . "v-list-sys-config json", $output, $return_var); $data = json_decode(implode('', $output), true); $sys_arr = $data['config']; foreach ($sys_arr as $key => $value) { $_SESSION[$key] = $value; } } /** * Returns the list of all web domains from all users grouped by Backend Template used and owner * * @return array */ function backendtpl_with_webdomains() { exec(HESTIA_CMD . 'v-list-users json', $output, $return_var); $users = json_decode(implode('', $output), true); unset($output); $backend_list=[]; foreach ($users as $user => $user_details) { exec(HESTIA_CMD . 'v-list-web-domains '. escapeshellarg($user) . ' json', $output, $return_var); $domains = json_decode(implode('', $output), true); unset($output); foreach ($domains as $domain => $domain_details) { if (!empty($domain_details['BACKEND'])) { $backend = $domain_details['BACKEND']; $backend_list[$backend][$user][] = $domain; } } } return $backend_list; } /** * Check if password is valid * * @return int; 1 / 0 */ function validate_password($password) { return preg_match('/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(.){8,}$/', $password); }