forked from hestiacp/hestiacp
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.php
More file actions
125 lines (103 loc) · 3.4 KB
/
Copy pathindex.php
File metadata and controls
125 lines (103 loc) · 3.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
<?php
ob_start();
$TAB = 'BACKUP';
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Edit as someone else?
if (($_SESSION['userContext'] === 'admin') && (!empty($_GET['user']))) {
$user=escapeshellarg($_GET['user']);
}
// List backup exclustions
exec(HESTIA_CMD."v-list-user-backup-exclusions ".$user." 'json'", $output, $return_var);
check_return_code($return_var, $output);
$data = json_decode(implode('', $output), true);
unset($output);
// Parse web
$v_username = $user;
foreach ($data['WEB'] as $key => $value) {
if (!empty($value)) {
$v_web .= $key . ":" . str_replace(",", ":", $value) . "\n";
} else {
$v_web .= $key . "\n";
}
}
// Parse dns
foreach ($data['DNS'] as $key => $value) {
if (!empty($value)) {
$v_dns .= $key . ":" . $value. "\n";
} else {
$v_dns .= $key . "\n";
}
}
// Parse mail
foreach ($data['MAIL'] as $key => $value) {
if (!empty($value)) {
$v_mail .= $key . ":" . $value. "\n";
} else {
$v_mail .= $key . "\n";
}
}
// Parse databases
foreach ($data['DB'] as $key => $value) {
if (!empty($value)) {
$v_db .= $key . ":" . $value. "\n";
} else {
$v_db .= $key . "\n";
}
}
// Parse user directories
foreach ($data['USER'] as $key => $value) {
if (!empty($value)) {
$v_userdir .= $key . ":" . $value. "\n";
} else {
$v_userdir .= $key . "\n";
}
}
// Check POST request
if (!empty($_POST['save'])) {
// Check token
verify_csrf($_POST);
$v_web = $_POST['v_web'];
$v_web_tmp = str_replace("\r\n", ",", $_POST['v_web']);
$v_web_tmp = rtrim($v_web_tmp, ",");
$v_web_tmp = "WEB=" . escapeshellarg($v_web_tmp);
$v_dns = $_POST['v_dns'];
$v_dns_tmp = str_replace("\r\n", ",", $_POST['v_dns']);
$v_dns_tmp = rtrim($v_dns_tmp, ",");
$v_dns_tmp = "DNS=" . escapeshellarg($v_dns_tmp);
$v_mail = $_POST['v_mail'];
$v_mail_tmp = str_replace("\r\n", ",", $_POST['v_mail']);
$v_mail_tmp = rtrim($v_mail_tmp, ",");
$v_mail_tmp = "MAIL=" . escapeshellarg($v_mail_tmp);
$v_db = $_POST['v_db'];
$v_db_tmp = str_replace("\r\n", ",", $_POST['v_db']);
$v_db_tmp = rtrim($v_db_tmp, ",");
$v_db_tmp = "DB=" . escapeshellarg($v_db_tmp);
$v_cron = $_POST['v_cron'];
$v_cron_tmp = str_replace("\r\n", ",", $_POST['v_cron']);
$v_cron_tmp = rtrim($v_cron_tmp, ",");
$v_cron_tmp = "CRON=" . escapeshellarg($v_cron_tmp);
$v_userdir = $_POST['v_userdir'];
$v_userdir_tmp = str_replace("\r\n", ",", $_POST['v_userdir']);
$v_userdir_tmp = rtrim($v_userdir_tmp, ",");
$v_userdir_tmp = "USER=" . escapeshellarg($v_userdir_tmp);
// Create temporary exeption list on a filesystem
exec('mktemp', $mktemp_output, $return_var);
$tmp = $mktemp_output[0];
$fp = fopen($tmp, 'w');
fwrite($fp, $v_web_tmp . "\n" . $v_dns_tmp . "\n" . $v_mail_tmp . "\n" . $v_db_tmp . "\n" . $v_userdir_tmp . "\n");
fclose($fp);
unset($mktemp_output);
// Save changes
exec(HESTIA_CMD."v-update-user-backup-exclusions ".$user." ".$tmp, $output, $return_var);
check_return_code($return_var, $output);
unset($output);
// Set success message
if (empty($_SESSION['error_msg'])) {
$_SESSION['ok_msg'] = _("Changes has been saved.");
}
}
// Render page
render_page($user, $TAB, 'edit_backup_exclusions');
// Flush session messages
unset($_SESSION['error_msg']);
unset($_SESSION['ok_msg']);