Skip to content

Commit 9e6fe02

Browse files
LupulLupul
committed
Fix un/suspending (web,dns,db,email,cron) resources when logged in as normal hestia user
1 parent eec1a4f commit 9e6fe02

File tree

10 files changed

+9
-104
lines changed

10 files changed

+9
-104
lines changed

web/suspend/cron/index.php

Lines changed: 2 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -11,21 +11,13 @@
1111
exit();
1212
}
1313

14-
// Check user
15-
if ($_SESSION['user'] != 'admin') {
16-
header("Location: /list/user");
17-
exit;
18-
}
19-
if (!empty($_GET['user'])) {
20-
$user=$_GET['user'];
21-
}
2214
if (!empty($_GET['job'])) {
2315
$v_username = escapeshellarg($user);
2416
$v_job = escapeshellarg($_GET['job']);
2517
exec (HESTIA_CMD."v-suspend-cron-job ".$v_username." ".$v_job, $output, $return_var);
18+
check_return_code($return_var,$output);
19+
unset($output);
2620
}
27-
check_return_code($return_var,$output);
28-
unset($output);
2921

3022
$back = $_SESSION['back'];
3123
if (!empty($back)) {

web/suspend/db/index.php

Lines changed: 2 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -11,23 +11,13 @@
1111
exit();
1212
}
1313

14-
// Check user
15-
if ($_SESSION['user'] != 'admin') {
16-
header("Location: /list/user");
17-
exit;
18-
}
19-
20-
if (!empty($_GET['user'])) {
21-
$user=$_GET['user'];
22-
}
23-
2414
if (!empty($_GET['database'])) {
2515
$v_username = escapeshellarg($user);
2616
$v_database = escapeshellarg($_GET['database']);
2717
exec (HESTIA_CMD."v-suspend-database ".$v_username." ".$v_database, $output, $return_var);
18+
check_return_code($return_var,$output);
19+
unset($output);
2820
}
29-
check_return_code($return_var,$output);
30-
unset($output);
3121

3222
$back = $_SESSION['back'];
3323
if (!empty($back)) {

web/suspend/dns/index.php

Lines changed: 0 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -11,16 +11,6 @@
1111
exit();
1212
}
1313

14-
// Check user
15-
if ($_SESSION['user'] != 'admin') {
16-
header("Location: /list/user");
17-
exit;
18-
}
19-
20-
if (!empty($_GET['user'])) {
21-
$user=$_GET['user'];
22-
}
23-
2414
// DNS domain
2515
if ((!empty($_GET['domain'])) && (empty($_GET['record_id']))) {
2616
$v_username = escapeshellarg($user);

web/suspend/mail/index.php

Lines changed: 0 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -11,16 +11,6 @@
1111
exit();
1212
}
1313

14-
// Check user
15-
if ($_SESSION['user'] != 'admin') {
16-
header("Location: /list/user");
17-
exit;
18-
}
19-
20-
if (!empty($_GET['user'])) {
21-
$user=$_GET['user'];
22-
}
23-
2414
// Mail domain
2515
if ((!empty($_GET['domain'])) && (empty($_GET['account']))) {
2616
$v_username = escapeshellarg($user);

web/suspend/web/index.php

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -11,17 +11,6 @@
1111
exit();
1212
}
1313

14-
// Check user
15-
if ($_SESSION['user'] != 'admin') {
16-
header("Location: /list/user");
17-
exit;
18-
}
19-
20-
if (!empty($_GET['user'])) {
21-
$user=$_GET['user'];
22-
}
23-
24-
2514
if (!empty($_GET['domain'])) {
2615
$v_username = escapeshellarg($user);
2716
$v_domain = escapeshellarg($_GET['domain']);

web/unsuspend/cron/index.php

Lines changed: 2 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -12,23 +12,13 @@
1212
exit();
1313
}
1414

15-
// Check user
16-
if ($_SESSION['user'] != 'admin') {
17-
header("Location: /list/user");
18-
exit;
19-
}
20-
21-
if (!empty($_GET['user'])) {
22-
$user=$_GET['user'];
23-
}
24-
2515
if (!empty($_GET['job'])) {
2616
$v_username = escapeshellarg($user);
2717
$v_job = escapeshellarg($_GET['job']);
2818
exec (HESTIA_CMD."v-unsuspend-cron-job ".$v_username." ".$v_job, $output, $return_var);
19+
check_return_code($return_var,$output);
20+
unset($output);
2921
}
30-
check_return_code($return_var,$output);
31-
unset($output);
3222

3323
$back=getenv("HTTP_REFERER");
3424
if (!empty($back)) {

web/unsuspend/db/index.php

Lines changed: 0 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -12,15 +12,6 @@
1212
exit();
1313
}
1414

15-
// Check user
16-
if ($_SESSION['user'] != 'admin') {
17-
header("Location: /list/user");
18-
exit;
19-
}
20-
21-
if (!empty($_GET['user'])) {
22-
$user=$_GET['user'];
23-
}
2415
if (!empty($_GET['database'])) {
2516
$v_username = escapeshellarg($user);
2617
$v_database = escapeshellarg($_GET['database']);

web/unsuspend/dns/index.php

Lines changed: 0 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -11,16 +11,6 @@
1111
exit();
1212
}
1313

14-
// Check user
15-
if ($_SESSION['user'] != 'admin') {
16-
header("Location: /list/user");
17-
exit;
18-
}
19-
20-
if (!empty($_GET['user'])) {
21-
$user=$_GET['user'];
22-
}
23-
2414
// DNS domain
2515
if ((!empty($_GET['domain'])) && (empty($_GET['record_id']))) {
2616
$v_username = escapeshellarg($user);

web/unsuspend/mail/index.php

Lines changed: 0 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -11,16 +11,6 @@
1111
exit();
1212
}
1313

14-
// Check user
15-
if ($_SESSION['user'] != 'admin') {
16-
header("Location: /list/user");
17-
exit;
18-
}
19-
20-
if (!empty($_GET['user'])) {
21-
$user=$_GET['user'];
22-
}
23-
2414
// Mail domain
2515
if ((!empty($_GET['domain'])) && (empty($_GET['account']))) {
2616
$v_username = escapeshellarg($user);

web/unsuspend/web/index.php

Lines changed: 3 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -11,21 +11,14 @@
1111
exit();
1212
}
1313

14-
// Check user
15-
if ($_SESSION['user'] != 'admin') {
16-
header("Location: /list/user");
17-
exit;
18-
}
19-
if (!empty($_GET['user'])) {
20-
$user=$_GET['user'];
21-
}
2214
if (!empty($_GET['domain'])) {
2315
$v_username = escapeshellarg($user);
2416
$v_domain = escapeshellarg($_GET['domain']);
2517
exec (HESTIA_CMD."v-unsuspend-domain ".$v_username." ".$v_domain, $output, $return_var);
18+
check_return_code($return_var,$output);
19+
unset($output);
2620
}
27-
check_return_code($return_var,$output);
28-
unset($output);
21+
2922

3023
$back=getenv("HTTP_REFERER");
3124
if (!empty($back)) {

0 commit comments

Comments
 (0)