Notifiy user when suspended (hestiacp#2345)

jaapmarcus · web-flow · commit 0661bfd8d3ba · 2022-01-13T11:36:35.000+01:00
* Notifiy user when suspended

Add error message when user tries to login

* Force users to use hostname instead any domain

Possible method for gaining access via clientdomain.com and changing DNS
diff --git a/bin/v-get-user-salt b/bin/v-get-user-salt
@@ -93,6 +93,10 @@ then
         echo "$date $time $user $ip failed to login" >> $HESTIA/log/auth.log
         exit 9
     fi
+elif [[ "$shadow" =~ ! ]]; then 
+    echo "Error: Account has been suspended"
+    echo "$date $time $user $ip has been suspended" >> $HESTIA/log/auth.log
+    exit 5
 else
     salt=${shadow:0:2}
     method='des'
diff --git a/web/login/index.php b/web/login/index.php
@@ -105,7 +105,11 @@ function authenticate_user($user, $password, $twofa = '')
         $pam = json_decode(implode('', $output), true);
         if ($return_var > 0) {
             sleep(2);
-            $error = '<a class="error">' . _('Invalid username or password') . '</a>';
+            if($return_var == 5){
+                $error = '<a class="error">' . _('Account has been suspended') . '</a>';   
+            }else{
+                $error = '<a class="error">' . _('Invalid username or password') . '</a>';    
+            }
             return $error;
         } else {
             $salt = $pam[$user]['SALT'];
diff --git a/web/reset/index.php b/web/reset/index.php
@@ -52,7 +52,7 @@
                 } else {
                     $mailtext = _('GREETINGS');
                 }
-                if (in_array(str_replace(':'.$_SERVER['SERVER_PORT'], '.conf', $_SERVER['HTTP_HOST']), array_merge(scandir('/etc/nginx/conf.d'), scandir('/etc/nginx/conf.d/domains'), scandir('/etc/apache2/conf.d/domains'), scandir('/etc/apache2/conf.d')))) {
+                if ($hostname.":".$_SERVER['SERVER_PORT'] == $_SERVER['HTTP_HOST']) {
                     $mailtext .= sprintf(_('PASSWORD_RESET_REQUEST'), $_SERVER['HTTP_HOST'], $user, $rkey, $_SERVER['HTTP_HOST'], $user, $rkey);
                     if (!empty($rkey)) {
                         send_email($to, $subject, $mailtext, $from, $from_name, $data[$user]['NAME']);

Original file line number	Diff line number	Diff line change
`@@ -52,7 +52,7 @@`
`52`	`52`	`} else {`
`53`	`53`	`$mailtext = _('GREETINGS');`
`54`	`54`	`}`
`55`		`- if (in_array(str_replace(':'.$_SERVER['SERVER_PORT'], '.conf', $_SERVER['HTTP_HOST']), array_merge(scandir('/etc/nginx/conf.d'), scandir('/etc/nginx/conf.d/domains'), scandir('/etc/apache2/conf.d/domains'), scandir('/etc/apache2/conf.d')))) {`
	`55`	`+ if ($hostname.":".$_SERVER['SERVER_PORT'] == $_SERVER['HTTP_HOST']) {`
`56`	`56`	`$mailtext .= sprintf(_('PASSWORD_RESET_REQUEST'), $_SERVER['HTTP_HOST'], $user, $rkey, $_SERVER['HTTP_HOST'], $user, $rkey);`
`57`	`57`	`if (!empty($rkey)) {`
`58`	`58`	`send_email($to, $subject, $mailtext, $from, $from_name, $data[$user]['NAME']);`