forked from hestiacp/hestiacp
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.php
More file actions
116 lines (100 loc) · 3.22 KB
/
index.php
File metadata and controls
116 lines (100 loc) · 3.22 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
<?php
error_reporting(NULL);
$TAB = 'WEB';
// Main include
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Prepare values
if (!empty($_GET['domain'])) {
$v_domain = $_GET['domain'];
} else {
$v_domain = 'example.ltd';
}
$v_email = 'admin@' . $v_domain;
$v_country = 'US';
$v_state = 'California';
$v_locality = 'San Francisco';
$v_org = 'MyCompany LLC';
$v_org_unit = 'IT';
// Back uri
$_SESSION['back'] = '';
// Check POST
if (!isset($_POST['generate'])) {
render_page($user, $TAB, 'generate_ssl');
exit;
}
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('Location: /login/');
exit();
}
// Check input
if (empty($_POST['v_domain'])) $errors[] = _('Domain');
if (empty($_POST['v_country'])) $errors[] = _('Country');
if (empty($_POST['v_state'])) $errors[] = _('State');
if (empty($_POST['v_locality'])) $errors[] = _('City');
if (empty($_POST['v_org'])) $errors[] = _('Organization');
if (empty($_POST['v_email'])) $errors[] = _('Email');
$v_domain = $_POST['v_domain'];
$v_aliases = $_POST['v_aliases'];
$v_email = $_POST['v_email'];
$v_country = $_POST['v_country'];
$v_state = $_POST['v_state'];
$v_locality = $_POST['v_locality'];
$v_org = $_POST['v_org'];
// Check for errors
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ( $i == 0 ) {
$error_msg = $error;
} else {
$error_msg = $error_msg.", ".$error;
}
}
$_SESSION['error_msg'] = sprintf(_('Field "%s" can not be blank.'),$error_msg);
render_page($user, $TAB, 'generate_ssl');
unset($_SESSION['error_msg']);
exit;
}
// Protect input
$v_domain = escapeshellarg($_POST['v_domain']);
$waliases = preg_replace("/\n/", " ", $_POST['v_aliases']);
$waliases = preg_replace("/,/", " ", $waliases);
$waliases = preg_replace('/\s+/', ' ',$waliases);
$waliases = trim($waliases);
$aliases = explode(" ", $waliases);
$v_aliases = escapeshellarg(str_replace(' ', "\n", $waliases));
$v_email = escapeshellarg($_POST['v_email']);
$v_country = escapeshellarg($_POST['v_country']);
$v_state = escapeshellarg($_POST['v_state']);
$v_locality = escapeshellarg($_POST['v_locality']);
$v_org = escapeshellarg($_POST['v_org']);
exec (HESTIA_CMD."v-generate-ssl-cert ".$v_domain." ".$v_email." ".$v_country." ".$v_state." ".$v_locality." ".$v_org." IT '".$v_aliases."' json", $output, $return_var);
// Revert to raw values
$v_domain = $_POST['v_domain'];
$v_email = $_POST['v_email'];
$v_country = $_POST['v_country'];
$v_state = $_POST['v_state'];
$v_locality = $_POST['v_locality'];
$v_org = $_POST['v_org'];
// Check return code
if ($return_var != 0) {
$error = implode('<br>', $output);
if (empty($error)) $error = sprintf(_('Error code:'),$return_var);
$_SESSION['error_msg'] = $error;
render_page($user, $TAB, 'generate_ssl');
unset($_SESSION['error_msg']);
exit;
}
// OK message
$_SESSION['ok_msg'] = _('SSL_GENERATED_OK');
// Parse output
$data = json_decode(implode('', $output), true);
unset($output);
$v_crt = $data[$v_domain]['CRT'];
$v_key = $data[$v_domain]['KEY'];
$v_csr = $data[$v_domain]['CSR'];
// Back uri
$_SESSION['back'] = $_SERVER['REQUEST_URI'];
// Render page
render_page($user, $TAB, 'list_ssl');
unset($_SESSION['ok_msg']);