Fix multiple php 500 errors (hestiacp#3789)

This commit fixes multiple PHP errors which were present in /var/log/hestia/nginx-error.log due to variable declaration changes.

Author: jaapmarcus

func/main.sh

@@ -129,8 +129,8 @@ log_history() {
 	fi
 	touch $log
 
-	if [ '750' -lt "$(wc -l $log | cut -f 1 -d ' ')" ]; then
-		tail -n 499 $log > $log.moved
+	if [ '300' -lt "$(wc -l $log | cut -f 1 -d ' ')" ]; then
+		tail -n 250 $log > $log.moved
 		mv -f $log.moved $log
 		chmod 660 $log
 	fi

web/add/dns/index.php

@@ -397,7 +397,7 @@
 	if (empty($v_dnssec)) {
 		$v_dnssec = "";
 	}
-
+	$accept = $_GET["accept"] ?? "";
 	render_page($user, $TAB, "add_dns_rec");
 }
 

web/add/key/index.php

@@ -2,7 +2,6 @@
 use function Hestiacp\quoteshellarg\quoteshellarg;
 
 ob_start();
-session_start();
 $TAB = "USER";
 
 // Main include

web/add/package/index.php

@@ -122,14 +122,15 @@
 	$v_disk_quota = quoteshellarg($_POST["v_disk_quota"]);
 	$v_bandwidth = quoteshellarg($_POST["v_bandwidth"]);
 	$v_ratelimit = quoteshellarg($_POST["v_ratelimit"]);
-	$v_ns1 = trim($_POST["v_ns1"], ".");
-	$v_ns2 = trim($_POST["v_ns2"], ".");
-	$v_ns3 = trim($_POST["v_ns3"], ".");
-	$v_ns4 = trim($_POST["v_ns4"], ".");
-	$v_ns5 = trim($_POST["v_ns5"], ".");
-	$v_ns6 = trim($_POST["v_ns6"], ".");
-	$v_ns7 = trim($_POST["v_ns7"], ".");
-	$v_ns8 = trim($_POST["v_ns8"], ".");
+	$v_ns1 = !empty($_POST["v_ns1"]) ? trim($_POST["v_ns1"], ".") : "";
+	$v_ns2 = !empty($_POST["v_ns2"]) ? trim($_POST["v_ns2"], ".") : "";
+	$v_ns3 = !empty($_POST["v_ns3"]) ? trim($_POST["v_ns3"], ".") : "";
+	$v_ns4 = !empty($_POST["v_ns4"]) ? trim($_POST["v_ns4"], ".") : "";
+	$v_ns5 = !empty($_POST["v_ns5"]) ? trim($_POST["v_ns5"], ".") : "";
+	$v_ns6 = !empty($_POST["v_ns6"]) ? trim($_POST["v_ns6"], ".") : "";
+	$v_ns7 = !empty($_POST["v_ns7"]) ? trim($_POST["v_ns7"], ".") : "";
+	$v_ns8 = !empty($_POST["v_ns8"]) ? trim($_POST["v_ns8"], ".") : "";
+
 	$v_ns = $v_ns1 . "," . $v_ns2;
 	if (!empty($v_ns3)) {
 		$v_ns .= "," . $v_ns3;

web/edit/backup/exclusions/index.php

@@ -17,6 +17,7 @@
 $data = json_decode(implode("", $output), true);
 unset($output);
 
+$v_web = $v_mail = $v_db = $v_userdir = "";
 // Parse web
 $v_username = $user;
 foreach ($data["WEB"] as $key => $value) {
@@ -27,15 +28,6 @@
 	}
 }
 
-// Parse dns
-foreach ($data["DNS"] as $key => $value) {
-	if (!empty($value)) {
-		$v_dns .= $key . ":" . $value . "\n";
-	} else {
-		$v_dns .= $key . "\n";
-	}
-}
-
 // Parse mail
 foreach ($data["MAIL"] as $key => $value) {
 	if (!empty($value)) {
@@ -68,32 +60,32 @@
 	// Check token
 	verify_csrf($_POST);
 
-	$v_web = $_POST["v_web"];
+	$v_web = $_POST["v_web"] ?? "";
 	$v_web_tmp = str_replace("\r\n", ",", $_POST["v_web"]);
 	$v_web_tmp = rtrim($v_web_tmp, ",");
 	$v_web_tmp = "WEB=" . quoteshellarg($v_web_tmp);
 
-	$v_dns = $_POST["v_dns"];
+	$v_dns = $_POST["v_dns"] ?? "";
 	$v_dns_tmp = str_replace("\r\n", ",", $_POST["v_dns"]);
 	$v_dns_tmp = rtrim($v_dns_tmp, ",");
 	$v_dns_tmp = "DNS=" . quoteshellarg($v_dns_tmp);
 
-	$v_mail = $_POST["v_mail"];
+	$v_mail = $_POST["v_mail"] ?? "";
 	$v_mail_tmp = str_replace("\r\n", ",", $_POST["v_mail"]);
 	$v_mail_tmp = rtrim($v_mail_tmp, ",");
 	$v_mail_tmp = "MAIL=" . quoteshellarg($v_mail_tmp);
 
-	$v_db = $_POST["v_db"];
+	$v_db = $_POST["v_db"] ?? "";
 	$v_db_tmp = str_replace("\r\n", ",", $_POST["v_db"]);
 	$v_db_tmp = rtrim($v_db_tmp, ",");
 	$v_db_tmp = "DB=" . quoteshellarg($v_db_tmp);
 
-	$v_cron = $_POST["v_cron"];
+	$v_cron = $_POST["v_cron"] ?? "";
 	$v_cron_tmp = str_replace("\r\n", ",", $_POST["v_cron"]);
 	$v_cron_tmp = rtrim($v_cron_tmp, ",");
 	$v_cron_tmp = "CRON=" . quoteshellarg($v_cron_tmp);
 
-	$v_userdir = $_POST["v_userdir"];
+	$v_userdir = $_POST["v_userdir"] ?? "";
 	$v_userdir_tmp = str_replace("\r\n", ",", $_POST["v_userdir"]);
 	$v_userdir_tmp = rtrim($v_userdir_tmp, ",");
 	$v_userdir_tmp = "USER=" . quoteshellarg($v_userdir_tmp);

web/edit/package/index.php

@@ -224,7 +224,11 @@
 		$v_proxy_template = quoteshellarg($_POST["v_proxy_template"]);
 	}
 	$v_dns_template = quoteshellarg($_POST["v_dns_template"]);
-	$v_shell = quoteshellarg($_POST["v_shell"]);
+	if (!empty($_POST["v_shell"])) {
+		$v_shell = quoteshellarg($_POST["v_shell"]);
+	} else {
+		$v_shell = "nologin";
+	}
 	$v_web_domains = quoteshellarg($_POST["v_web_domains"]);
 	$v_web_aliases = quoteshellarg($_POST["v_web_aliases"]);
 	$v_dns_domains = quoteshellarg($_POST["v_dns_domains"]);
@@ -237,14 +241,14 @@
 	$v_backups = quoteshellarg($_POST["v_backups"]);
 	$v_disk_quota = quoteshellarg($_POST["v_disk_quota"]);
 	$v_bandwidth = quoteshellarg($_POST["v_bandwidth"]);
-	$v_ns1 = trim($_POST["v_ns1"], ".");
-	$v_ns2 = trim($_POST["v_ns2"], ".");
-	$v_ns3 = trim($_POST["v_ns3"], ".");
-	$v_ns4 = trim($_POST["v_ns4"], ".");
-	$v_ns5 = trim($_POST["v_ns5"], ".");
-	$v_ns6 = trim($_POST["v_ns6"], ".");
-	$v_ns7 = trim($_POST["v_ns7"], ".");
-	$v_ns8 = trim($_POST["v_ns8"], ".");
+	$v_ns1 = !empty($_POST["v_ns1"]) ? trim($_POST["v_ns1"], ".") : "";
+	$v_ns2 = !empty($_POST["v_ns2"]) ? trim($_POST["v_ns2"], ".") : "";
+	$v_ns3 = !empty($_POST["v_ns3"]) ? trim($_POST["v_ns3"], ".") : "";
+	$v_ns4 = !empty($_POST["v_ns4"]) ? trim($_POST["v_ns4"], ".") : "";
+	$v_ns5 = !empty($_POST["v_ns5"]) ? trim($_POST["v_ns5"], ".") : "";
+	$v_ns6 = !empty($_POST["v_ns6"]) ? trim($_POST["v_ns6"], ".") : "";
+	$v_ns7 = !empty($_POST["v_ns7"]) ? trim($_POST["v_ns7"], ".") : "";
+	$v_ns8 = !empty($_POST["v_ns8"]) ? trim($_POST["v_ns8"], ".") : "";
 	$v_ns = $v_ns1 . "," . $v_ns2;
 	if (!empty($v_ns3)) {
 		$v_ns .= "," . $v_ns3;

web/edit/user/index.php

@@ -24,7 +24,7 @@
 
 // Prevent other users with admin privileges from editing properties of default 'admin' user
 if (
-	($_SESSION["userContext"] === "admin" && isset($_SESSION["look"]) && $user == "admin") ||
+	($_SESSION["userContext"] === "admin" && $_SESSION["look"] != "" && $user == "admin") ||
 	($_SESSION["userContext"] === "admin" &&
 		!isset($_SESSION["look"]) &&
 		$user == "admin" &&
@@ -361,19 +361,25 @@
 			}
 		}
 		// Change shell (admin only)
-		if (
-			$v_shell != $_POST["v_shell"] &&
-			$_SESSION["userContext"] === "admin" &&
-			empty($_SESSION["error_msg"])
-		) {
-			$v_shell = quoteshellarg($_POST["v_shell"]);
-			exec(
-				HESTIA_CMD . "v-change-user-shell " . quoteshellarg($v_username) . " " . $v_shell,
-				$output,
-				$return_var,
-			);
-			check_return_code($return_var, $output);
-			unset($output);
+		if (!empty($_POST["v_shell"])) {
+			if (
+				$v_shell != $_POST["v_shell"] &&
+				$_SESSION["userContext"] === "admin" &&
+				empty($_SESSION["error_msg"])
+			) {
+				$v_shell = quoteshellarg($_POST["v_shell"]);
+				exec(
+					HESTIA_CMD .
+						"v-change-user-shell " .
+						quoteshellarg($v_username) .
+						" " .
+						$v_shell,
+					$output,
+					$return_var,
+				);
+				check_return_code($return_var, $output);
+				unset($output);
+			}
 		}
 	}
 	// Change language

web/edit/web/index.php

@@ -343,6 +343,9 @@
 		if (empty($_POST["v_nginx_cache_check"])) {
 			$_POST["v_nginx_cache_check"] = "";
 		}
+		if (empty($v_nginx_cache_duration)) {
+			$v_nginx_cache_duration = "";
+		}
 		if (
 			($_SESSION["WEB_SYSTEM"] == "nginx" &&
 				$v_nginx_cache_check != $_POST["v_nginx_cache_check"]) ||

web/inc/main.php

@@ -149,6 +149,9 @@ function ipUsed() {
 if (empty($user_plain)) {
 	$user_plain = "";
 }
+if (empty($_SESSION["look"])) {
+	$_SESSION["look"] = "";
+}
 
 require_once dirname(__FILE__) . "/i18n.php";
 
@@ -364,11 +367,6 @@ function humanize_usage_size($usage, $round = 2) {
 		}
 		$display_usage = number_format($usage, $round);
 	}
-	if (strlen($display_usage) > 4) {
-		if (is_float($display_usage)) {
-			return number_format($usage, $round - 1);
-		}
-	}
 	return $display_usage;
 }
 

web/list/backup/exclusions/index.php

@@ -9,7 +9,6 @@
 exec(HESTIA_CMD . "v-list-user-backup-exclusions $user json", $output, $return_var);
 $data = json_decode(implode("", $output), true);
 unset($output);
-
 // Render page
 render_page($user, $TAB, "list_backup_exclusions");