forked from hestiacp/hestiacp
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.php
More file actions
125 lines (112 loc) · 2.64 KB
/
index.php
File metadata and controls
125 lines (112 loc) · 2.64 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
<?php
use function Hestiacp\quoteshellarg\quoteshellarg;
ob_start();
$TAB = "FIREWALL";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check user
if ($_SESSION["userContext"] != "admin") {
header("Location: /list/user");
exit();
}
// Get ipset lists
exec(HESTIA_CMD . "v-list-firewall-ipset 'json'", $output, $return_var);
check_return_code($return_var, $output);
$data = json_decode(implode("", $output), true);
unset($output);
$ipset_lists = [];
foreach ($data as $key => $value) {
if (isset($value["SUSPENDED"]) && $value["SUSPENDED"] === "yes") {
continue;
}
if (isset($value["IP_VERSION"]) && $value["IP_VERSION"] !== "v4") {
continue;
}
array_push($ipset_lists, ["name" => $key]);
}
$ipset_lists_json = json_encode($ipset_lists);
// Check POST request
if (!empty($_POST["ok"])) {
// Check token
// Check token
verify_csrf($_POST);
// Check empty fields
if (empty($_POST["v_action"])) {
$errors[] = _("Action");
}
if (empty($_POST["v_protocol"])) {
$errors[] = _("Protocol");
}
if (empty($_POST["v_port"]) && strlen($_POST["v_port"]) == 0) {
$errors[] = _("Port");
}
if (empty($_POST["v_ip"])) {
$errors[] = _("IP Address");
}
if (!empty($errors[0])) {
foreach ($errors as $i => $error) {
if ($i == 0) {
$error_msg = $error;
} else {
$error_msg = $error_msg . ", " . $error;
}
}
$_SESSION["error_msg"] = sprintf(_('Field "%s" can not be blank.'), $error_msg);
}
// Protect input
$v_action = quoteshellarg($_POST["v_action"]);
$v_protocol = quoteshellarg($_POST["v_protocol"]);
$v_port = str_replace(" ", ",", $_POST["v_port"]);
$v_port = preg_replace("/\,+/", ",", $v_port);
$v_port = trim($v_port, ",");
$v_port = quoteshellarg($v_port);
$v_ip = quoteshellarg($_POST["v_ip"]);
$v_comment = quoteshellarg($_POST["v_comment"]);
// Add firewall rule
if (empty($_SESSION["error_msg"])) {
exec(
HESTIA_CMD .
"v-add-firewall-rule " .
$v_action .
" " .
$v_ip .
" " .
$v_port .
" " .
$v_protocol .
" " .
$v_comment,
$output,
$return_var,
);
check_return_code($return_var, $output);
unset($output);
}
// Flush field values on success
if (empty($_SESSION["error_msg"])) {
$_SESSION["ok_msg"] = _("Rule has been created successfully.");
unset($v_port);
unset($v_ip);
unset($v_comment);
}
}
if (empty($v_action)) {
$v_action = "";
}
if (empty($v_protocol)) {
$v_protocol = "";
}
if (empty($v_port)) {
$v_port = "";
}
if (empty($v_ip)) {
$v_ip = "";
}
if (empty($v_comment)) {
$v_comment = "";
}
// Render
render_page($user, $TAB, "add_firewall");
// Flush session messages
unset($_SESSION["error_msg"]);
unset($_SESSION["ok_msg"]);