Implemented #5330 Limit available PHP Handlers globally in ISPConfig UI

Author: Till Brehm

install/tpl/system.ini.master

@@ -33,6 +33,7 @@ vhost_aliasdomains=n
 client_username_web_check_disabled=n
 backups_include_into_web_quota=n
 reseller_can_use_options=n
+web_php_options=no,fast-cgi,mod,php-fpm
 
 
 [tools]

interface/lib/classes/tform_base.inc.php

@@ -336,69 +336,84 @@ function getDatasourceData($field, $record) {
 	}
 
 	//* If the parameter 'valuelimit' is set
-	function applyValueLimit($limit, $values) {
+	function applyValueLimit($limit, $values, $current_value = '') {
 
 		global $app;
+		
+		// we mas have multiple limits, therefore we explode by ; first
+		// Example: "system:sites:web_php_options;client:web_php_options"
+		$limits = explode(';',$limit);
+		
+		
+		foreach($limits as $limit) {
 
-		$limit_parts = explode(':', $limit);
+			$limit_parts = explode(':', $limit);
 
-		//* values are limited to a comma separated list
-		if($limit_parts[0] == 'list') {
-			$allowed = explode(',', $limit_parts[1]);
-		}
-
-		//* values are limited to a field in the client settings
-		if($limit_parts[0] == 'client') {
-			if($_SESSION["s"]["user"]["typ"] == 'admin') {
-				return $values;
-			} else {
-				$client_group_id = $_SESSION["s"]["user"]["default_group"];
-				$client = $app->db->queryOneRecord("SELECT ".$limit_parts[1]." as lm FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
-				$allowed = explode(',', $client['lm']);
+			//* values are limited to a comma separated list
+			if($limit_parts[0] == 'list') {
+				$allowed = explode(',', $limit_parts[1]);
 			}
-		}
 
-		//* values are limited to a field in the reseller settings
-		if($limit_parts[0] == 'reseller') {
-			if($_SESSION["s"]["user"]["typ"] == 'admin') {
-				return $values;
-			} else {
-				//* Get the limits of the client that is currently logged in
-				$client_group_id = $_SESSION["s"]["user"]["default_group"];
-				$client = $app->db->queryOneRecord("SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
-				//echo "SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id";
-				//* If the client belongs to a reseller, we will check against the reseller Limit too
-				if($client['parent_client_id'] != 0) {
-
-					//* first we need to know the groups of this reseller
-					$tmp = $app->db->queryOneRecord("SELECT userid, groups FROM sys_user WHERE client_id = ?", $client['parent_client_id']);
-					$reseller_groups = $tmp["groups"];
-					$reseller_userid = $tmp["userid"];
-
-					// Get the limits of the reseller of the logged in client
-					$client_group_id = $_SESSION["s"]["user"]["default_group"];
-					$reseller = $app->db->queryOneRecord("SELECT ".$limit_parts[1]." as lm FROM client WHERE client_id = ?", $client['parent_client_id']);
-					$allowed = explode(',', $reseller['lm']);
-				} else {
+			//* values are limited to a field in the client settings
+			if($limit_parts[0] == 'client') {
+				if($_SESSION["s"]["user"]["typ"] == 'admin') {
 					return $values;
+				} else {
+					$client_group_id = $_SESSION["s"]["user"]["default_group"];
+					$client = $app->db->queryOneRecord("SELECT ".$limit_parts[1]." as lm FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
+					$allowed = explode(',', $client['lm']);
 				}
-			} // end if admin
-		} // end if reseller
-
-		//* values are limited to a field in the system settings
-		if($limit_parts[0] == 'system') {
-			$app->uses('getconf');
-			$tmp_conf = $app->getconf->get_global_config($limit_parts[1]);
-			$tmp_key = $limit_parts[2];
-			$allowed = $tmp_conf[$tmp_key];
-		}
+			}
+
+			//* values are limited to a field in the reseller settings
+			if($limit_parts[0] == 'reseller') {
+				if($_SESSION["s"]["user"]["typ"] == 'admin') {
+					return $values;
+				} else {
+					//* Get the limits of the client that is currently logged in
+					$client_group_id = $_SESSION["s"]["user"]["default_group"];
+					$client = $app->db->queryOneRecord("SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
+					//echo "SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id";
+					//* If the client belongs to a reseller, we will check against the reseller Limit too
+					if($client['parent_client_id'] != 0) {
+
+						//* first we need to know the groups of this reseller
+						$tmp = $app->db->queryOneRecord("SELECT userid, groups FROM sys_user WHERE client_id = ?", $client['parent_client_id']);
+						$reseller_groups = $tmp["groups"];
+						$reseller_userid = $tmp["userid"];
+
+						// Get the limits of the reseller of the logged in client
+						$client_group_id = $_SESSION["s"]["user"]["default_group"];
+						$reseller = $app->db->queryOneRecord("SELECT ".$limit_parts[1]." as lm FROM client WHERE client_id = ?", $client['parent_client_id']);
+						$allowed = explode(',', $reseller['lm']);
+					} else {
+						return $values;
+					}
+				} // end if admin
+			} // end if reseller
+
+			//* values are limited to a field in the system settings
+			if($limit_parts[0] == 'system') {
+				$app->uses('getconf');
+				$tmp_conf = $app->getconf->get_global_config($limit_parts[1]);
+				$tmp_key = $limit_parts[2];
+				$allowed = $allowed = explode(',',$tmp_conf[$tmp_key]);
+			}
+			
+			// add the current value to the allowed array
+			$allowed[] = $current_value;
+
+			// remove all values that are not allowed
+			$values_new = array();
+			foreach($values as $key => $val) {
+				if(in_array($key, $allowed)) $values_new[$key] = $val;
+			}
+
+			$values = $values_new;
 
-		$values_new = array();
-		foreach($values as $key => $val) {
-			if(in_array($key, $allowed)) $values_new[$key] = $val;
 		}
 
-		return $values_new;
+		return $values;
 	}
 
 
@@ -464,7 +479,7 @@ function getHTML($record, $tab, $action = 'NEW') {
 
 					// If a limitation for the values is set
 					if(isset($field['valuelimit']) && is_array($field["value"])) {
-						$field["value"] = $this->applyValueLimit($field['valuelimit'], $field["value"]);
+						$field["value"] = $this->applyValueLimit($field['valuelimit'], $field["value"], $val);
 					}
 
 					switch ($field['formtype']) {
@@ -599,7 +614,7 @@ function getHTML($record, $tab, $action = 'NEW') {
 
 				// If a limitation for the values is set
 				if(isset($field['valuelimit']) && is_array($field["value"])) {
-					$field["value"] = $this->applyValueLimit($field['valuelimit'], $field["value"]);
+					$field["value"] = $this->applyValueLimit($field['valuelimit'], $field["value"], $field['default']);
 				}
 
 				switch ($field['formtype']) {

interface/web/admin/form/system_config.tform.php

@@ -200,6 +200,16 @@
 			'value'  => '',
 			'name'  => 'default_dbserver'
 		),
+		'web_php_options' => array (
+			'datatype' => 'VARCHAR',
+			'formtype' => 'CHECKBOXARRAY',
+			'validators' => array (  0 => array ( 'type' => 'NOTEMPTY',
+					'errmsg'=> 'web_php_options_notempty'),
+			),
+			'default' => '',
+			'separator' => ',',
+			'value'  => array('no' => 'Disabled', 'fast-cgi' => 'Fast-CGI', 'cgi' => 'CGI', 'mod' => 'Mod-PHP', 'suphp' => 'SuPHP', 'php-fpm' => 'PHP-FPM', 'hhvm' => 'HHVM')
+		),
 		//#################################
 		// ENDE Datatable fields
 		//#################################

interface/web/admin/lib/lang/de_system_config.lng

@@ -89,4 +89,5 @@ $wb['ca_iodef_txt'] = 'iodef';
 $wb['active_txt'] = 'Aktiv';
 $wb['btn_save_txt'] = 'Speichern';
 $wb['btn_cancel_txt'] = 'Abbrechen';
+$wb['web_php_options_txt'] = 'PHP Handler (Nur Apache)';
 ?>

interface/web/admin/lib/lang/en_system_config.lng

@@ -92,4 +92,5 @@ $wb['ca_iodef_txt'] = 'iodef';
 $wb['active_txt'] = 'Active';
 $wb['btn_save_txt'] = 'Save';
 $wb['btn_cancel_txt'] = 'Cancel';
+$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
 ?>

interface/web/admin/lib/lang/es_system_config.lng

@@ -89,4 +89,5 @@ $wb['ca_iodef_txt'] = 'iodef';
 $wb['active_txt'] = 'Aktive';
 $wb['btn_save_txt'] = 'Save';
 $wb['btn_cancel_txt'] = 'Cancel';
+$wb['web_php_options_txt'] = 'PHP Handler (Apache only)';
 ?>

interface/web/admin/templates/server_config_web_edit.htm

@@ -256,7 +256,7 @@ <h4 class="panel-title">
     <div id="collapsePHP" class="panel-collapse collapse" role="tabpanel" aria-labelledby="headingPHP">
       <div class="panel-body">
 	  <!-- Begin content -->
-                <div class="form-group">
+				<div class="form-group">
                     <label for="php_default_name" class="col-sm-3 control-label">{tmpl_var name='php_default_name_txt'}</label>
                     <div class="col-sm-9"><input type="text" name="php_default_name" id="php_default_name" value="{tmpl_var name='php_default_name'}" class="form-control" /></div></div>
 			    <div class="form-group apache">

interface/web/admin/templates/system_config_sites_edit.htm

@@ -63,6 +63,12 @@ <h1><tmpl_var name="list_head_txt"></h1>
                     {tmpl_var name='reseller_can_use_options'}
                 </div>
             </div>
+			<div class="form-group">
+                    <label class="col-sm-3 control-label">{tmpl_var name='web_php_options_txt'}</label>
+                    <div class="col-sm-9">
+                        {tmpl_var name='web_php_options'}
+                    </div>
+                </div>
             <div class="form-group">
                 <label for="default_webserver" class="col-sm-3 control-label">{tmpl_var name='default_webserver_txt'}</label>
                 <div class="col-sm-9"><select name="default_webserver" id="default_webserver" class="form-control">

interface/web/client/form/client.tform.php

@@ -1087,7 +1087,7 @@
 			),
 			'default' => '',
 			'separator' => ',',
-			'valuelimit' => 'client:web_php_options',
+			'valuelimit' => 'system:sites:web_php_options',
 			'value'  => array('no' => 'Disabled', 'fast-cgi' => 'Fast-CGI', 'cgi' => 'CGI', 'mod' => 'Mod-PHP', 'suphp' => 'SuPHP', 'php-fpm' => 'PHP-FPM', 'hhvm' => 'HHVM')
 		),
 		'limit_cgi' => array (

interface/web/client/form/client_template.tform.php

@@ -495,7 +495,7 @@
 			'formtype' => 'CHECKBOXARRAY',
 			'default' => '',
 			'separator' => ',',
-			'valuelimit' => 'client:web_php_options',
+			'valuelimit' => 'system:sites:web_php_options',
 			'value'  => array('no' => 'Disabled', 'fast-cgi' => 'Fast-CGI', 'cgi' => 'CGI', 'mod' => 'Mod-PHP', 'suphp' => 'SuPHP', 'php-fpm' => 'PHP-FPM', 'hhvm' => 'HHVM')
 		),
 		'limit_cgi' => array (