ghzhost
diff --git a/‎install/dist/lib/opensuse.lib.php‎
Lines changed: 17 additions & 1 deletion b/‎install/dist/lib/opensuse.lib.php‎
Lines changed: 17 additions & 1 deletion
diff --git a/‎install/install.php‎
Lines changed: 1 addition & 0 deletions b/‎install/install.php‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎install/lib/install.lib.php‎
Lines changed: 49 additions & 23 deletions b/‎install/lib/install.lib.php‎
Lines changed: 49 additions & 23 deletions
diff --git a/‎install/lib/installer_base.lib.php‎
Lines changed: 4 additions & 0 deletions b/‎install/lib/installer_base.lib.php‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎install/tpl/server.ini.master‎
Lines changed: 1 addition & 0 deletions b/‎install/tpl/server.ini.master‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎install/tpl/system.ini.master‎
Lines changed: 2 additions & 0 deletions b/‎install/tpl/system.ini.master‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎interface/lib/classes/ispcmail.inc.php‎
Lines changed: 1 addition & 1 deletion b/‎interface/lib/classes/ispcmail.inc.php‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎interface/lib/classes/validate_dns.inc.php‎
Lines changed: 44 additions & 0 deletions b/‎interface/lib/classes/validate_dns.inc.php‎
Lines changed: 44 additions & 0 deletions
diff --git a/‎interface/lib/classes/validate_password.inc.php‎
Lines changed: 123 additions & 0 deletions b/‎interface/lib/classes/validate_password.inc.php‎
Lines changed: 123 additions & 0 deletions
diff --git a/‎interface/lib/lang/ar.lng‎
Lines changed: 14 additions & 0 deletions b/‎interface/lib/lang/ar.lng‎
Lines changed: 14 additions & 0 deletions
@@ -29,7 +29,23 @@
 */
 
 class installer_dist extends installer_base {
-
+	
+	public function __construct() {
+		//** check apache modules */
+		$mods = getapachemodules();
+		if(in_array('authz_compat', $mods, true)) {
+			swriteln($inst->lng('    WARNING! You are using mod_authz_compat.'));
+			swriteln($inst->lng('    Please make sure that your apache config uses the new auth syntax:'));
+			swriteln($inst->lng('    <Directory />'));
+			swriteln($inst->lng('    Options None'));
+			swriteln($inst->lng('    AllowOverride None'));
+			swriteln($inst->lng('    Require all denied'));
+			swriteln($inst->lng('    </Directory>'."\n"));
+			
+			swriteln($inst->lng('    If it uses the old syntax (deny from all) ISPConfig would fail to work.'));
+		}
+	}
+	
 	public function configure_mailman($status = 'insert') {
 		global $conf;
 
 
@@ -87,6 +87,7 @@
 //** Installer Interface
 //****************************************************************************************************
 $inst = new installer();
+
 swriteln($inst->lng('    Following will be a few questions for primary configuration so be careful.'));
 swriteln($inst->lng('    Default values are in [brackets] and can be accepted with <ENTER>.'));
 swriteln($inst->lng('    Tap in "quit" (without the quotes) to stop the installer.'."\n\n"));
 
@@ -160,7 +160,7 @@ function get_distname() {
 			$distid = 'debian60';
 			$distbaseid = 'debian';
 			swriteln("Operating System: Debian 6.0 (Squeeze/Sid) or compatible\n");
-		} elseif(strstr(trim(file_get_contents('/etc/debian_version')), '7.0') || strstr(trim(file_get_contents('/etc/debian_version')), '7.1') || trim(file_get_contents('/etc/debian_version')) == 'wheezy/sid') {
+		} elseif(strstr(trim(file_get_contents('/etc/debian_version')), '7.0') || substr(trim(file_get_contents('/etc/debian_version')),0,2) == '7.' || trim(file_get_contents('/etc/debian_version')) == 'wheezy/sid') {
 			$distname = 'Debian';
 			$distver = 'Wheezy/Sid';
 			$distid = 'debian60';
@@ -830,29 +830,55 @@ function get_system_timezone() {
 }
 
 function getapacheversion($get_minor = false) {
-		global $app;
-		
-		$cmd = '';
-		if(is_installed('apache2ctl')) $cmd = 'apache2ctl -v';
-		elseif(is_installed('apachectl')) $cmd = 'apachectl -v';
-		else {
-			$app->log("Could not check apache version, apachectl not found.", LOGLEVEL_WARN);
-			return '2.2';
-		}
-		
-		exec($cmd, $output, $return_var);
-		if($return_var != 0 || !$output[0]) {
-			$app->log("Could not check apache version, apachectl did not return any data.", LOGLEVEL_WARN);
-			return '2.2';
-		}
-		
-		if(preg_match('/version:\s*Apache\/(\d+)(\.(\d+)(\.(\d+))*)?(\D|$)/i', $output[0], $matches)) {
-			return $matches[1] . (isset($matches[3]) ? '.' . $matches[3] : '') . (isset($matches[5]) && $get_minor == true ? '.' . $matches[5] : '');
-		} else {
-			$app->log("Could not check apache version, did not find version string in apachectl output.", LOGLEVEL_WARN);
-			return '2.2';
-		}
+	global $app;
+	
+	$cmd = '';
+	if(is_installed('apache2ctl')) $cmd = 'apache2ctl -v';
+	elseif(is_installed('apachectl')) $cmd = 'apachectl -v';
+	else {
+		$app->log("Could not check apache version, apachectl not found.", LOGLEVEL_WARN);
+		return '2.2';
+	}
+	
+	exec($cmd, $output, $return_var);
+	if($return_var != 0 || !$output[0]) {
+		$app->log("Could not check apache version, apachectl did not return any data.", LOGLEVEL_WARN);
+		return '2.2';
+	}
+	
+	if(preg_match('/version:\s*Apache\/(\d+)(\.(\d+)(\.(\d+))*)?(\D|$)/i', $output[0], $matches)) {
+		return $matches[1] . (isset($matches[3]) ? '.' . $matches[3] : '') . (isset($matches[5]) && $get_minor == true ? '.' . $matches[5] : '');
+	} else {
+		$app->log("Could not check apache version, did not find version string in apachectl output.", LOGLEVEL_WARN);
+		return '2.2';
 	}
+}
 
+function getapachemodules() {
+	global $app;
+	
+	$cmd = '';
+	if(is_installed('apache2ctl')) $cmd = 'apache2ctl -t -D DUMP_MODULES';
+	elseif(is_installed('apachectl')) $cmd = 'apachectl -t -D DUMP_MODULES';
+	else {
+		$app->log("Could not check apache modules, apachectl not found.", LOGLEVEL_WARN);
+		return array();
+	}
+	
+	exec($cmd, $output, $return_var);
+	if($return_var != 0 || !$output[0]) {
+		$app->log("Could not check apache modules, apachectl did not return any data.", LOGLEVEL_WARN);
+		return array();
+	}
+	
+	$modules = array();
+	for($i = 0; $i < count($output); $i++) {
+		if(preg_match('/^\s*(\w+)\s+\((shared|static)\)\s*$/', $output[$i], $matches)) {
+			$modules[] = $matches[1];
+		}
+	}
+	
+	return $modules;
+}
 
 ?>
@@ -1269,6 +1269,10 @@ public function configure_apache() {
 		if(is_file('/etc/apache2/ports.conf')) {
 			// add a line "Listen 443" to ports conf if line does not exist
 			replaceLine('/etc/apache2/ports.conf', 'Listen 443', 'Listen 443', 1);
+			
+			// Comment out the namevirtualhost lines, as they were added by ispconfig in ispconfig.conf file again
+			replaceLine('/etc/apache2/ports.conf', 'NameVirtualHost *:80', '# NameVirtualHost *:80', 1);
+			replaceLine('/etc/apache2/ports.conf', 'NameVirtualHost *:443', '# NameVirtualHost *:443', 1);
 		}
 
 		if(is_file('/etc/apache2/apache.conf')) {
 
@@ -26,6 +26,7 @@ monit_password=
 munin_url=
 munin_user=
 munin_password=
+monitor_system_updates=y
 
 [mail]
 module=postfix_mysql
 
@@ -52,3 +52,5 @@ customer_no_start=1
 customer_no_counter=0
 session_timeout=0
 session_allow_endless=0
+min_password_length=5
+min_password_strength=0
@@ -219,7 +219,7 @@ public function setOption($key, $value) {
 	 *
 	 */
 	private function detectHelo() {
-		if(isset($_SERVER['HTTP_HOST'])) $this->smtp_helo = $_SERVER['HTTP_HOST'];
+		if(isset($_SERVER['HTTP_HOST'])) $this->smtp_helo = (strpos($_SERVER['HTTP_HOST'], ':') !== false ? substr($_SERVER['HTTP_HOST'], 0, strpos($_SERVER['HTTP_HOST'], ':')) : $_SERVER['HTTP_HOST']);
 		elseif(isset($_SERVER['SERVER_NAME'])) $this->smtp_helo = $_SERVER['SERVER_NAME'];
 		else $this->smtp_helo = php_uname('n');
 		if($this->smtp_helo == '') $this->smtp_helo = 'localhost';
 
@@ -283,5 +283,49 @@ function increase_serial($serial){
 		}
 		return $new_serial;
 	}
+	
+	function validate_xfer($field_name, $field_value, $validator) {
+		global $app;
+		
+		$errorMessage = '';
+		
+		if($validator['allowempty'] != 'y') $validator['allowempty'] = 'n';
+		if($validator['allowempty'] == 'y' && $field_value == '') {
+			//* Do nothing
+		} elseif ($field_value == 'any') {
+			//* Do nothing
+		} else {
+			//* Check if its a IPv4 or IPv6 address
+			if(isset($validator['separator']) && $validator['separator'] != '') {
+				//* When the field may contain several IP addresses, split them by the char defined as separator
+				$field_value_array = explode($validator['separator'], $field_value);
+			} else {
+				$field_value_array[] = $field_value;
+			}
+			foreach($field_value_array as $field_value) {
+				$field_value = trim($field_value);
+				if(function_exists('filter_var')) {
+						if(!filter_var($field_value, FILTER_VALIDATE_IP)) {
+						$errmsg = $validator['errmsg'];
+						$errorMessage .= $app->tform->lng($errmsg)."<br />\r\n";
+					}
+				} else {
+					//* Check content with regex, if we use php < 5.2
+					$ip_ok = 0;
+					if(preg_match("/^(\:\:([a-f0-9]{1,4}\:){0,6}?[a-f0-9]{0,4}|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){0,6}?\:\:|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){1,6}?\:\:([a-f0-9]{1,4}\:){1,6}?[a-f0-9]{1,4})(\/\d{1,3})?$/i", $field_value)){
+						$ip_ok = 1;
+					}
+					if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){
+						$ip_ok = 1;
+					}
+					if($ip_ok == 0) {
+						$errmsg = $validator['errmsg'];
+						$errorMessage .= $app->tform->lng($errmsg)."<br />\r\n";
+					}
+				}
+			}
+		}
+		return $errorMessage;
+	}
 
 }
@@ -0,0 +1,123 @@
+<?php
+
+/*
+Copyright (c) 2007, Till Brehm, projektfarm Gmbh
+Copyright (c) 2014, Marius Cramer, pixcept KG
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name of ISPConfig nor the names of its contributors
+      may be used to endorse or promote products derived from this software without
+      specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+class validate_password {
+	
+	private function _get_password_strength($password) {
+		$length = strlen($password);
+		$points = 0;
+		if ($length < 5) {
+			return 1;
+		}
+
+		if (preg_match('/[ABCDEFGHIJKLNMOPQRSTUVWXYZ]/', $password)) {
+			$points += 1;
+		}
+
+		if (preg_match('/[0123456789]/', $password)) {
+			$points += 1;
+		}
+
+		if (preg_match('/[`~!@#$%^&*()_+|\\=-[]}{\';:\/?.>,<" ]/', $password)) {
+			$points += 1;
+		}
+
+		if ($points == 0) {
+			if ($length >= 5 && $length <= 6) {
+				return 1;
+			} else if ($length >= 7 && $length <= 8) {
+				return 2;
+			} else {
+				return 3;
+			}
+		} else if ($points == 1) {
+			if ($length >= 5 && $length <= 6) {
+				return 2;
+			} else if (length >= 7 && length <=10) {
+				return 3;
+			} else {
+				return 4;
+			}
+		} else if ($points == 2) {
+			if ($length >= 5 && $length <= 8) {
+				return 3;
+			} else if ($length >= 9 && $length <= 10) {
+				return 4;
+			} else {
+				return 5;
+			}
+		} else if ($points == 3) {
+			if ($length >= 5 && $length <= 6) {
+				return 3;
+			} else if ($length >= 7 && $length <= 8) {
+				return 4;
+			} else {
+				return 5;
+			}
+		} else if ($points >= 4) {
+			if ($length >= 5 && $length <= 6) {
+				return 4;
+			} else {
+				return 5;
+			}
+		}
+		
+	}
+	
+	/* Validator function */
+	function password_check($field_name, $field_value, $validator) {
+		global $app;
+		
+		if($field_value == '') return false;
+		
+		$app->uses('ini_parser,getconf');
+		$server_config_array = $app->getconf->get_global_config();
+		
+		$min_password_strength = 0;
+		$min_password_length = 5;
+		if(isset($server_config_array['misc']['min_password_length'])) $min_password_length = $server_config_array['misc']['min_password_length'];
+		if(isset($server_config_array['misc']['min_password_strength'])) $min_password_strength = $server_config_array['misc']['min_password_strength'];
+		
+		if($min_password_strength > 0) {
+			$lng_text = $app->lng('weak_password_txt');
+			$lng_text = str_replace(array('{chars}', '{strength}'), array($min_password_length, $app->lng('strength_' . $min_password_strength)), $lng_text);
+		} else {
+			$lng_text = $app->lng('weak_password_length_txt');
+			$lng_text = str_replace('{chars}', $min_password_length, $lng_text);
+		}
+		if(!$lng_text) $lng_text = 'weak_password_txt'; // always return a string, even if language is missing - otherwise validator is NOT MATCHING!
+		
+		if(strlen($field_value) < $min_password_length) return $lng_text;
+		if($this->_get_password_strength($field_value) < $min_password_strength) return $lng_text;
+		
+		return false;
+	}
+}
@@ -133,4 +133,18 @@ $wb['datalog_status_d_spamfilter_users'] = 'Delete spam filter settings';
 $wb['login_as_txt'] = 'Log in as';
 $wb['no_domain_perm'] = 'You have no permission for this domain.';
 $wb['no_destination_perm'] = 'You have no permission for this destination.';
+$wb['client_you_are_locked'] = 'You have no permission to change any settings.';
+$wb['gender_m_txt'] = 'Mr.';
+$wb['gender_f_txt'] = 'Ms.';
+$wb['client_cannot_be_deleted_because_of_billing_module_txt'] = 'This client has records in the billing module, therefore he cannot be deleted.';
+$wb['yes_txt'] = 'Yes';
+$wb['no_txt'] = 'No';
+$wb['None'] = 'None';
+$wb['strength_1'] = 'Weak';
+$wb['strength_2'] = 'Fair';
+$wb['strength_3'] = 'Good';
+$wb['strength_4'] = 'Strong';
+$wb['strength_5'] = 'Very Strong';
+$wb['weak_password_txt'] = 'The chosen password does not match the security guidelines. It has to be at least {chars} chars in length and have a strength of \"{strength}\".';
+$wb['weak_password_length_txt'] = 'The chosen password does not match the security guidelines. It has to be at least {chars} chars in length.';
 ?>
Original file line number	Diff line number	Diff line change
`@@ -219,7 +219,7 @@ public function setOption($key, $value) {`
`219`	`219`	`*`
`220`	`220`	`*/`
`221`	`221`	`private function detectHelo() {`
`222`		`- if(isset($_SERVER['HTTP_HOST'])) $this->smtp_helo = $_SERVER['HTTP_HOST'];`
	`222`	`+ if(isset($_SERVER['HTTP_HOST'])) $this->smtp_helo = (strpos($_SERVER['HTTP_HOST'], ':') !== false ? substr($_SERVER['HTTP_HOST'], 0, strpos($_SERVER['HTTP_HOST'], ':')) : $_SERVER['HTTP_HOST']);`
`223`	`223`	`elseif(isset($_SERVER['SERVER_NAME'])) $this->smtp_helo = $_SERVER['SERVER_NAME'];`
`224`	`224`	`else $this->smtp_helo = php_uname('n');`
`225`	`225`	`if($this->smtp_helo == '') $this->smtp_helo = 'localhost';`