7 changes: 7 additions & 0 deletions web/bulk/vesta/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,13 @@

include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit();
}


$pkg = $_POST['pkg'];
$action = $_POST['action'];

Expand Down
6 changes: 6 additions & 0 deletions web/bulk/web/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,12 @@

include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit();
}

$domain = $_POST['domain'];
$action = $_POST['action'];

Expand Down
8 changes: 8 additions & 0 deletions web/css/jquery.arcticmodal.css
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
.arcticmodal-overlay,
.arcticmodal-container { position: fixed; left: 0; top: 0; right: 0; bottom: 0; z-index: 1000; }
.arcticmodal-container { overflow: auto; margin: 0; padding: 0; border: 0; border-collapse: collapse; }
*:first-child+html .arcticmodal-container { height: 100% }
.arcticmodal-container_i { height: 100%; margin: 0 auto; }
.arcticmodal-container_i2 { padding: 24px; margin: 0; border: 0; vertical-align: middle; }
.arcticmodal-error { padding: 20px; border-radius: 10px; background: #000; color: #fff; }
.arcticmodal-loading { width: 80px; height: 80px; border-radius: 10px; background: #000 url(loading.gif) no-repeat 50% 50%; }
23 changes: 18 additions & 5 deletions web/css/styles.min.css
Original file line number Diff line number Diff line change
Expand Up @@ -581,6 +581,7 @@ body {

.body-login {
height: auto;
padding-top: 10%;
/*background: url(/images/edit_bg.png);*/
background-color: #eee;
}
Expand Down Expand Up @@ -1051,17 +1052,17 @@ div.l-content > div.l-separator:nth-of-type(4) {
}
.l-sort-toolbar .vst {
padding: 0 12px;
color: #999;
color: #777;
text-transform: uppercase;
font-size: 11px;
font-weight: bold;
line-height: 30px;
}
.l-sort-toolbar .vst:hover {
color: #f79b44;
color: #ff6701;
}
.l-sort-toolbar .vst:active {
color: #f72b44;
color: #55C9C0;
}
.l-sort-toolbar .vst.selected {
color: #ff6701;
Expand Down Expand Up @@ -1223,7 +1224,7 @@ div.l-content > div.l-separator:nth-of-type(4) {
}

.l-sort-toolbar .step-left {
padding-left: 45px;
padding-left: 40px;
}
.step-right {
padding-right: 40px;
Expand Down Expand Up @@ -1391,6 +1392,9 @@ div.l-content > div.l-separator:nth-of-type(4) {
content: '';
width: 33px;
height: 33px;
position: absolute;
top: 0;
right: 0;
}
.actions-panel__col a {
line-height: 33px;
Expand All @@ -1400,9 +1404,13 @@ div.l-content > div.l-separator:nth-of-type(4) {
padding-left: 13px;
display: block;
cursor: pointer;
position: relative;
padding-right: 36px;
}
.lang-ru .actions-panel__col a {
font-size: 11px;
line-height: 31px;
padding-top: 2px;
}
.lang-tw .actions-panel__col a {
font-size: 15px;
Expand Down Expand Up @@ -2104,6 +2112,11 @@ label {
text-shadow: 0 0 0 #555;
color: transparent !important;
}

.vst-list.long-2 {
width: 486px;
background-position: 502px -604px;
}
.vst-list option {
padding: 6px 1px 6px 15px;
}
Expand Down Expand Up @@ -2364,7 +2377,7 @@ td.hint {
background-color: #fff;
box-shadow: 0 2px 6px rgba(100, 100, 100, 0.3);
font-family: Arial,Helvetica,sans-serif;
margin: 10% 0 0;
margin: 0;
padding: 0;
text-align: left;
vertical-align: top;
Expand Down
92 changes: 92 additions & 0 deletions web/css/uploadify.css
Original file line number Diff line number Diff line change
@@ -0,0 +1,92 @@
/*
Uploadify
Copyright (c) 2012 Reactive Apps, Ronnie Garcia
Released under the MIT License <http://www.opensource.org/licenses/mit-license.php>
*/

.uploadify {
position: relative;
margin-bottom: 1em;
}
.uploadify-button {
background-color: #505050;
background-image: linear-gradient(bottom, #505050 0%, #707070 100%);
background-image: -o-linear-gradient(bottom, #505050 0%, #707070 100%);
background-image: -moz-linear-gradient(bottom, #505050 0%, #707070 100%);
background-image: -webkit-linear-gradient(bottom, #505050 0%, #707070 100%);
background-image: -ms-linear-gradient(bottom, #505050 0%, #707070 100%);
background-image: -webkit-gradient(
linear,
left bottom,
left top,
color-stop(0, #505050),
color-stop(1, #707070)
);
background-position: center top;
background-repeat: no-repeat;
-webkit-border-radius: 30px;
-moz-border-radius: 30px;
border-radius: 30px;
border: 2px solid #808080;
color: #FFF;
font: bold 12px Arial, Helvetica, sans-serif;
text-align: center;
text-shadow: 0 -1px 0 rgba(0,0,0,0.25);
width: 100%;
}
.uploadify:hover .uploadify-button {
background-color: #606060;
background-image: linear-gradient(top, #606060 0%, #808080 100%);
background-image: -o-linear-gradient(top, #606060 0%, #808080 100%);
background-image: -moz-linear-gradient(top, #606060 0%, #808080 100%);
background-image: -webkit-linear-gradient(top, #606060 0%, #808080 100%);
background-image: -ms-linear-gradient(top, #606060 0%, #808080 100%);
background-image: -webkit-gradient(
linear,
left bottom,
left top,
color-stop(0, #606060),
color-stop(1, #808080)
);
background-position: center bottom;
}
.uploadify-button.disabled {
background-color: #D0D0D0;
color: #808080;
}
.uploadify-queue {
margin-bottom: 1em;
}
.uploadify-queue-item {
background-color: #F5F5F5;
-webkit-border-radius: 3px;
-moz-border-radius: 3px;
border-radius: 3px;
font: 11px Verdana, Geneva, sans-serif;
margin-top: 5px;
max-width: 350px;
padding: 10px;
}
.uploadify-error {
background-color: #FDE5DD !important;
}
.uploadify-queue-item .cancel a {
background: url('../img/uploadify-cancel.png') 0 0 no-repeat;
float: right;
height: 16px;
text-indent: -9999px;
width: 16px;
}
.uploadify-queue-item.completed {
background-color: #E5E5E5;
}
.uploadify-progress {
background-color: #E5E5E5;
margin-top: 10px;
width: 100%;
}
.uploadify-progress-bar {
background-color: #0099FF;
height: 3px;
width: 1px;
}
6 changes: 6 additions & 0 deletions web/delete/backup/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,12 @@
$user=$_GET['user'];
}

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

if (!empty($_GET['backup'])) {
$v_username = escapeshellarg($user);
$v_backup = escapeshellarg($_GET['backup']);
Expand Down
6 changes: 6 additions & 0 deletions web/delete/cron/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,12 @@
$user=$_GET['user'];
}

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

if (!empty($_GET['job'])) {
$v_username = escapeshellarg($user);
$v_job = escapeshellarg($_GET['job']);
Expand Down
6 changes: 6 additions & 0 deletions web/delete/db/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,12 @@
$user=$_GET['user'];
}

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

if (!empty($_GET['database'])) {
$v_username = escapeshellarg($user);
$v_database = escapeshellarg($_GET['database']);
Expand Down
6 changes: 6 additions & 0 deletions web/delete/dns/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,12 @@
$user=$_GET['user'];
}

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

// DNS domain
if ((!empty($_GET['domain'])) && (empty($_GET['record_id']))) {
$v_username = escapeshellarg($user);
Expand Down
6 changes: 6 additions & 0 deletions web/delete/firewall/banlist/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,12 @@
exit;
}

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

if ((!empty($_GET['ip'])) && (!empty($_GET['chain']))) {
$v_ip = escapeshellarg($_GET['ip']);
$v_chain = escapeshellarg($_GET['chain']);
Expand Down
6 changes: 6 additions & 0 deletions web/delete/firewall/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,12 @@
exit;
}

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

if (!empty($_GET['rule'])) {
$v_rule = escapeshellarg($_GET['rule']);
exec (VESTA_CMD."v-delete-firewall-rule ".$v_rule, $output, $return_var);
Expand Down
6 changes: 6 additions & 0 deletions web/delete/ip/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@
session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

if ($_SESSION['user'] == 'admin') {
if (!empty($_GET['ip'])) {
$v_ip = escapeshellarg($_GET['ip']);
Expand Down
6 changes: 6 additions & 0 deletions web/delete/mail/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,12 @@
$user=$_GET['user'];
}

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

// Mail domain
if ((!empty($_GET['domain'])) && (empty($_GET['account']))) {
$v_username = escapeshellarg($user);
Expand Down
6 changes: 6 additions & 0 deletions web/delete/package/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@
session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

if ($_SESSION['user'] == 'admin') {
if (!empty($_GET['package'])) {
$v_package = escapeshellarg($_GET['package']);
Expand Down
6 changes: 6 additions & 0 deletions web/delete/user/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@
session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

if ($_SESSION['user'] == 'admin') {
if (!empty($_GET['user'])) {
$v_username = escapeshellarg($_GET['user']);
Expand Down
6 changes: 6 additions & 0 deletions web/delete/web/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@
session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

// Delete as someone else?
if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
$user=$_GET['user'];
Expand Down
7 changes: 7 additions & 0 deletions web/edit/backup/exclusions/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,13 @@

// Check POST request
if (!empty($_POST['save'])) {

// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit();
}

$v_web = $_POST['v_web'];
$v_web_tmp = str_replace("\r\n", ",", $_POST['v_web']);
$v_web_tmp = rtrim($v_web_tmp, ",");
Expand Down
7 changes: 7 additions & 0 deletions web/edit/cron/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,13 @@

// Check POST request
if (!empty($_POST['save'])) {

// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit();
}

$v_username = $user;
$v_min = escapeshellarg($_POST['v_min']);
$v_hour = escapeshellarg($_POST['v_hour']);
Expand Down
6 changes: 6 additions & 0 deletions web/edit/db/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,12 @@
if (!empty($_POST['save'])) {
$v_username = $user;

// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit();
}

// Change database user
if (($v_dbuser != $_POST['v_dbuser']) && (empty($_SESSION['error_msg']))) {
$v_dbuser = preg_replace("/^".$user."_/", "", $_POST['v_dbuser']);
Expand Down
13 changes: 13 additions & 0 deletions web/edit/dns/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,12 @@
if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (empty($_GET['record_id']))) {
$v_domain = escapeshellarg($_POST['v_domain']);

// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit();
}

// Change domain IP
if (($v_ip != $_POST['v_ip']) && (empty($_SESSION['error_msg']))) {
$v_ip = escapeshellarg($_POST['v_ip']);
Expand Down Expand Up @@ -139,6 +145,13 @@

// Check POST request for dns record
if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (!empty($_GET['record_id']))) {

// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit();
}

// Protect input
$v_domain = escapeshellarg($_POST['v_domain']);
$v_record_id = escapeshellarg($_POST['v_record_id']);
Expand Down
7 changes: 7 additions & 0 deletions web/edit/firewall/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,13 @@

// Check POST request
if (!empty($_POST['save'])) {

// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit();
}

$v_rule = escapeshellarg($_GET['rule']);
$v_action = escapeshellarg($_POST['v_action']);
$v_protocol = escapeshellarg($_POST['v_protocol']);
Expand Down
13 changes: 13 additions & 0 deletions web/edit/mail/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,12 @@
if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (empty($_GET['account']))) {
$v_domain = escapeshellarg($_POST['v_domain']);

// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit();
}

// Delete antispam
if (($v_antispam == 'yes') && (empty($_POST['v_antispam'])) && (empty($_SESSION['error_msg']))) {
exec (VESTA_CMD."v-delete-mail-domain-antispam ".$v_username." ".$v_domain, $output, $return_var);
Expand Down Expand Up @@ -173,6 +179,13 @@

// Check POST request for mail account
if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (!empty($_GET['account']))) {

// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit();
}

$v_domain = escapeshellarg($_POST['v_domain']);
$v_account = escapeshellarg($_POST['v_account']);

Expand Down
6 changes: 6 additions & 0 deletions web/edit/package/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,12 @@
// Check POST request
if (!empty($_POST['save'])) {

// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit();
}

// Check empty fields
if (empty($_POST['v_package'])) $errors[] = __('package');
if (empty($_POST['v_web_template'])) $errors[] = __('web template');
Expand Down
149 changes: 147 additions & 2 deletions web/edit/server/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,15 @@
$languages = json_decode(implode('', $output), true);
unset($output);

// List dns cluster hosts
exec (VESTA_CMD."v-list-remote-dns-hosts json", $output, $return_var);
$dns_cluster = json_decode(implode('', $output), true);
unset($output);
foreach ($dns_cluster as $key => $value) {
$v_dns_cluster='yes';
}


// List backup settings
$v_backup_dir = "/backup";
if (!empty($_SESSION['BACKUP'])) $v_backup_dir = $_SESSION['BACKUP'];
Expand All @@ -56,7 +65,7 @@
$v_backup_host = $v_remote_backup[$backup_type]['HOST'];
$v_backup_type = $v_remote_backup[$backup_type]['TYPE'];
$v_backup_username = $v_remote_backup[$backup_type]['USERNAME'];
$v_backup_password = "••••••••";
$v_backup_password = "";
$v_backup_port = $v_remote_backup[$backup_type]['PORT'];
$v_backup_bpath = $v_remote_backup[$backup_type]['BPATH'];
}
Expand All @@ -65,6 +74,12 @@
// Check POST request
if (!empty($_POST['save'])) {

// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit();
}

// Change hostname
if ((!empty($_POST['v_hostname'])) && ($v_hostname != $_POST['v_hostname'])) {
exec (VESTA_CMD."v-change-sys-hostname ".escapeshellarg($_POST['v_hostname']), $output, $return_var);
Expand Down Expand Up @@ -131,9 +146,131 @@
// Disable local backup
if (empty($_SESSION['error_msg'])) {
if (($_POST['v_backup'] == 'no') && ($v_backup == 'yes' )) {
exec (VESTA_CMD."v-delete-backup-quota", $output, $return_var);
exec (VESTA_CMD."v-delete-backup-host local", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
if (empty($_SESSION['error_msg'])) $v_backup = 'no';
$v_backup_adv = 'yes';
}
}

// Enable local backups
if (empty($_SESSION['error_msg'])) {
if (($_POST['v_backup'] == 'yes') && ($v_backup != 'yes' )) {
exec (VESTA_CMD."v-add-backup-host local", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
if (empty($_SESSION['error_msg'])) $v_backup = 'yes';
$v_backup_adv = 'yes';
}
}


// Change backup gzip level
if (empty($_SESSION['error_msg'])) {
if ($_POST['v_backup_gzip'] != $v_backup_gzip ) {
exec (VESTA_CMD."v-change-sys-config-value BACKUP_GZIP ".escapeshellarg($_POST['v_backup_gzip']), $output, $return_var);
check_return_code($return_var,$output);
unset($output);
if (empty($_SESSION['error_msg'])) $v_backup_gzip = $_POST['v_backup_gzip'];
$v_backup_adv = 'yes';
}
}

// Change backup path
if (empty($_SESSION['error_msg'])) {
if ($_POST['v_backup_dir'] != $v_backup_dir ) {
exec (VESTA_CMD."v-change-sys-config-value BACKUP ".escapeshellarg($_POST['v_backup_dir']), $output, $return_var);
check_return_code($return_var,$output);
unset($output);
if (empty($_SESSION['error_msg'])) $v_backup_dir = $_POST['v_backup_dir'];
$v_backup_adv = 'yes';
}
}

// Add remote backup host
if (empty($_SESSION['error_msg'])) {
if ((!empty($_POST['v_backup_host'])) && (empty($v_backup_host))) {
$v_backup_host = escapeshellarg($_POST['v_backup_host']);
$v_backup_type = escapeshellarg($_POST['v_backup_type']);
$v_backup_username = escapeshellarg($_POST['v_backup_username']);
$v_backup_password = escapeshellarg($_POST['v_backup_password']);
$v_backup_bpath = escapeshellarg($_POST['v_backup_bpath']);
exec (VESTA_CMD."v-add-backup-host '". $v_backup_type ."' '". $v_backup_host ."' '". $v_backup_username ."' '". $v_backup_password ."' '". $v_backup_bpath ."'", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
if (empty($_SESSION['error_msg'])) $v_backup_host = $_POST['v_backup_host'];
if (empty($_SESSION['error_msg'])) $v_backup_type = $_POST['v_backup_type'];
if (empty($_SESSION['error_msg'])) $v_backup_username = $_POST['v_backup_username'];
if (empty($_SESSION['error_msg'])) $v_backup_password = $_POST['v_backup_password'];
if (empty($_SESSION['error_msg'])) $v_backup_bpath = $_POST['v_backup_bpath'];
$v_backup_new = 'yes';
$v_backup_adv = 'yes';
$v_backup_remote_adv = 'yes';
}
}

// Change remote backup host type
if (empty($_SESSION['error_msg'])) {
if ((!empty($_POST['v_backup_host'])) && ($_POST['v_backup_type'] != $v_backup_type)) {
exec (VESTA_CMD."v-delete-backup-host '". $v_backup_type ."'", $output, $return_var);
unset($output);

$v_backup_host = escapeshellarg($_POST['v_backup_host']);
$v_backup_type = escapeshellarg($_POST['v_backup_type']);
$v_backup_username = escapeshellarg($_POST['v_backup_username']);
$v_backup_password = escapeshellarg($_POST['v_backup_password']);
$v_backup_bpath = escapeshellarg($_POST['v_backup_bpath']);
exec (VESTA_CMD."v-add-backup-host '". $v_backup_type ."' '". $v_backup_host ."' '". $v_backup_username ."' '". $v_backup_password ."' '". $v_backup_bpath ."'", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
if (empty($_SESSION['error_msg'])) $v_backup_host = $_POST['v_backup_host'];
if (empty($_SESSION['error_msg'])) $v_backup_type = $_POST['v_backup_type'];
if (empty($_SESSION['error_msg'])) $v_backup_username = $_POST['v_backup_username'];
if (empty($_SESSION['error_msg'])) $v_backup_password = $_POST['v_backup_password'];
if (empty($_SESSION['error_msg'])) $v_backup_bpath = $_POST['v_backup_bpath'];
$v_backup_adv = 'yes';
$v_backup_remote_adv = 'yes';
}
}

// Change remote backup host
if (empty($_SESSION['error_msg'])) {
if ((!empty($_POST['v_backup_host'])) && ($_POST['v_backup_type'] == $v_backup_type) && (!isset($v_backup_new))) {
if (($_POST['v_backup_host'] != $v_backup_host) || ($_POST['v_backup_username'] != $v_backup_username) || ($_POST['v_backup_password'] || $v_backup_password) || ($_POST['v_backup_bpath'] == $v_backup_bpath)){
$v_backup_host = escapeshellarg($_POST['v_backup_host']);
$v_backup_type = escapeshellarg($_POST['v_backup_type']);
$v_backup_username = escapeshellarg($_POST['v_backup_username']);
$v_backup_password = escapeshellarg($_POST['v_backup_password']);
$v_backup_bpath = escapeshellarg($_POST['v_backup_bpath']);
exec (VESTA_CMD."v-add-backup-host '". $v_backup_type ."' '". $v_backup_host ."' '". $v_backup_username ."' '". $v_backup_password ."' '". $v_backup_bpath ."'", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
if (empty($_SESSION['error_msg'])) $v_backup_host = $_POST['v_backup_host'];
if (empty($_SESSION['error_msg'])) $v_backup_type = $_POST['v_backup_type'];
if (empty($_SESSION['error_msg'])) $v_backup_username = $_POST['v_backup_username'];
if (empty($_SESSION['error_msg'])) $v_backup_password = $_POST['v_backup_password'];
if (empty($_SESSION['error_msg'])) $v_backup_bpath = $_POST['v_backup_bpath'];
$v_backup_adv = 'yes';
$v_backup_remote_adv = 'yes';
}
}
}


// Delete remote backup host
if (empty($_SESSION['error_msg'])) {
if ((empty($_POST['v_backup_host'])) && (!empty($v_backup_host))) {
exec (VESTA_CMD."v-delete-backup-host '". $v_backup_type ."'", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
if (empty($_SESSION['error_msg'])) $v_backup_host = '';
if (empty($_SESSION['error_msg'])) $v_backup_type = '';
if (empty($_SESSION['error_msg'])) $v_backup_username = '';
if (empty($_SESSION['error_msg'])) $v_backup_password = '';
if (empty($_SESSION['error_msg'])) $v_backup_bpath = '';
$v_backup_adv = '';
$v_backup_remote_adv = '';
}
}

Expand All @@ -143,6 +280,14 @@
}
}

// Check system configuration
exec (VESTA_CMD . "v-list-sys-config json", $output, $return_var);
$data = json_decode(implode('', $output), true);
$sys_arr = $data['config'];
foreach ($sys_arr as $key => $value) {
$_SESSION[$key] = $value;
}

// Header
include($_SERVER['DOCUMENT_ROOT'].'/templates/header.html');

Expand Down
6 changes: 6 additions & 0 deletions web/edit/user/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,12 @@
// Check POST request
if (!empty($_POST['save'])) {

// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit();
}

// Change password
if ((!empty($_POST['v_password'])) && (empty($_SESSION['error_msg']))) {
$v_password = tempnam("/tmp","vst");
Expand Down
6 changes: 6 additions & 0 deletions web/edit/web/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,12 @@
if (!empty($_POST['save'])) {
$v_domain = escapeshellarg($_POST['v_domain']);

// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit();
}

// Change web domain IP
if (($v_ip != $_POST['v_ip']) && (empty($_SESSION['error_msg']))) {
$v_ip = escapeshellarg($_POST['v_ip']);
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/ar.php
Original file line number Diff line number Diff line change
Expand Up @@ -346,6 +346,7 @@
'ranges are acceptable' => 'نطاقات مقبولة',
'CDIR format is supported' => 'ويدعم صيغة CIDR',

'unlimited' => 'unlimited',
'1 account' => '1 حساب',
'%s accounts' => 'حسابات %s',
'1 domain' => '1 نطاق',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/bs.php
Original file line number Diff line number Diff line change
Expand Up @@ -343,6 +343,7 @@
'ranges are acceptable' => 'rasponi su prihvatljivi',
'CIDR format is supported' => 'CIDR format je podržan',

'unlimited' => 'unlimited',
'1 account' => '1 račun',
'%s accounts' => '%s računa',
'1 domain' => '1 domena',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/cn.php
Original file line number Diff line number Diff line change
Expand Up @@ -348,6 +348,7 @@
'ranges are acceptable' => '範圍是可以接受的',
'CIDR format is supported' => '支持CIDR格式',

'unlimited' => 'unlimited',
'1 account' => '1 账户',
'%s accounts' => '%s 账户',
'1 domain' => '1 域名',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/cz.php
Original file line number Diff line number Diff line change
Expand Up @@ -349,6 +349,7 @@
'ranges are acceptable' => 'rozsahy jsou přijatelné',
'CIDR format is supported' => 'Formát CIDR je podporován',

'unlimited' => 'unlimited',
'1 account' => '1 účet',
'%s accounts' => '%s účtů',
'1 domain' => '1 doména',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/de.php
Original file line number Diff line number Diff line change
Expand Up @@ -348,6 +348,7 @@
'ranges are acceptable' => 'Bereiche akzeptabel',
'CIDR format is supported' => 'CIDR-Format wird unterstützt',

'unlimited' => 'unlimited',
'1 account' => '1 Konto',
'%s accounts' => '%s Konten',
'1 domain' => '1 Domäne',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/el.php
Original file line number Diff line number Diff line change
Expand Up @@ -349,6 +349,7 @@
'ranges are acceptable' => 'εύρος είναι αποδεκτό',
'CIDR format is supported' => 'To format CIDR υποστηρίζεται',

'unlimited' => 'unlimited',
'1 account' => '1 λογαριασμός',
'%s accounts' => '%s λογαριασμοί',
'1 domain' => '1 domain',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/en.php
Original file line number Diff line number Diff line change
Expand Up @@ -348,6 +348,7 @@
'ranges are acceptable' => 'ranges are acceptable',
'CIDR format is supported' => 'CIDR format is supported',

'unlimited' => 'unlimited',
'1 account' => '1 account',
'%s accounts' => '%s accounts',
'1 domain' => '1 domain',
Expand Down
2 changes: 2 additions & 0 deletions web/inc/i18n/es.php
Original file line number Diff line number Diff line change
Expand Up @@ -348,6 +348,7 @@
'ranges are acceptable' => 'rangos son aceptables',
'CIDR format is supported' => 'Formato CIDR se admite',

'unlimited' => 'unlimited',
'1 account' => '1 cuenta',
'%s accounts' => '%s cuentas',
'1 domain' => '1 dominio',
Expand Down Expand Up @@ -467,4 +468,5 @@
'RESET_CODE_SENT' => 'El código de cambio de contraseña fue enviado a su correo<br>',
'MAIL_RESET_SUBJECT' => 'Cambio de Contraseña en %s',
'PASSWORD_RESET_REQUEST' => "Para cambiar su contraseña del panel, por favor siga este link:\nhttps://%s/reset/?action=confirm&user=%s&code=%s\n\nAlternativamente, puede dirigirse a https://%s/reset/?action=code&user=%s e ingresar el siguiente código de cambio:\n%s\n\nSi usted no ha solicitado un cambio de contraseña, por favor ignore este mensaje y acepte nuestras disculpas.\n\n--\nPanel de Control Vesta\n",
'unlimited' => 'ES test'
);
1 change: 1 addition & 0 deletions web/inc/i18n/fi.php
Original file line number Diff line number Diff line change
Expand Up @@ -352,6 +352,7 @@
'ranges are acceptable' => 'vaihteluvälit ovat hyväksyttäviä',
'CIDR format is supported' => 'CIDR muotoa tuetaan',

'unlimited' => 'unlimited',
'1 account' => '1 tili',
'%s accounts' => '%s tiliä',
'1 domain' => '1 domain',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/fr.php
Original file line number Diff line number Diff line change
Expand Up @@ -350,6 +350,7 @@
'ranges are acceptable' => 'plages sont acceptables',
'CIDR format is supported' => 'Le format CIDR est pris en charge',

'unlimited' => 'unlimited',
'1 account' => '1 compte',
'%s accounts' => '%s comptes',
'1 domain' => '1 domaine',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/hu.php
Original file line number Diff line number Diff line change
Expand Up @@ -350,6 +350,7 @@
'ranges are acceptable' => 'tartományok megengedett',
'CIDR format is supported' => 'CIDR formátum támogatott',

'unlimited' => 'unlimited',
'1 account' => '1 fiók',
'%s accounts' => '%s fiók',
'1 domain' => '1 domain',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/id.php
Original file line number Diff line number Diff line change
Expand Up @@ -351,6 +351,7 @@
'ranges are acceptable' => 'rentang diperbolehkan',
'CIDR format is supported' => 'Format CIDR didukung',

'unlimited' => 'unlimited',
'1 account' => '1 pengguna',
'%s accounts' => '%s pengguna',
'1 domain' => '1 domain',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/it.php
Original file line number Diff line number Diff line change
Expand Up @@ -349,6 +349,7 @@
'ranges are acceptable' => 'gamme sono ammessi',
'CIDR format is supported' => 'formato CIDR e supportato',

'unlimited' => 'unlimited',
'1 account' => '1 account',
'%s accounts' => '%s account',
'1 domain' => '1 dominio',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/nl.php
Original file line number Diff line number Diff line change
Expand Up @@ -349,6 +349,7 @@
'ranges are acceptable' => 'marges zijn toegestaan',
'CIDR format is supported' => 'CIDR-indeling wordt ondersteund',

'unlimited' => 'unlimited',
'1 account' => '1 account',
'%s accounts' => '%s accounts',
'1 domain' => '1 domein',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/no.php
Original file line number Diff line number Diff line change
Expand Up @@ -349,6 +349,7 @@
'ranges are acceptable' => 'områder er tillatt',
'CIDR format is supported' => 'CIDR-format støttes',

'unlimited' => 'unlimited',
'1 account' => '1 konto',
'%s accounts' => '%s kontoer',
'1 domain' => '1 domene',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/pt.php
Original file line number Diff line number Diff line change
Expand Up @@ -348,6 +348,7 @@
'ranges are acceptable' => 'gamas são permitidos',
'CIDR format is supported' => 'formato CIDR é suportada',

'unlimited' => 'unlimited',
'1 account' => '1 conta',
'%s accounts' => '%s contas',
'1 domain' => '1 domínio',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/ro.php
Original file line number Diff line number Diff line change
Expand Up @@ -350,6 +350,7 @@
'ranges are acceptable' => 'intervale sunt acceptabile',
'CIDR format is supported' => 'format CIDR este suportat',

'unlimited' => 'unlimited',
'1 account' => '1 utilizator',
'%s accounts' => '%s utilizatori',
'1 domain' => '1 domeniu',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/ru.php
Original file line number Diff line number Diff line change
Expand Up @@ -350,6 +350,7 @@
'ranges are acceptable' => 'можно использовать диапазоны',
'CIDR format is supported' => 'поддерживается формат CIDR',

'unlimited' => 'неограничено',
'1 account' => ' пользователей на странице: 1',
'%s accounts' => 'пользователей на странице: %s',
'1 domain' => 'доменов на странице: 1',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/se.php
Original file line number Diff line number Diff line change
Expand Up @@ -346,6 +346,7 @@
'ranges are acceptable' => 'spannet är acceptabelt',
'CIDR format is supported' => 'Stöd finns för CIDR-format',

'unlimited' => 'unlimited',
'1 account' => '1 konto',
'%s accounts' => '%s konton',
'1 domain' => '1 domän',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/tr.php
Original file line number Diff line number Diff line change
Expand Up @@ -348,6 +348,7 @@
'ranges are acceptable' => 'kabul edilebilir aralıklar',
'CIDR format is supported' => 'CIDR formatı destekleniyor',

'unlimited' => 'unlimited',
'1 account' => '1 hesap',
'%s accounts' => '%s hesap',
'1 domain' => '1 alan adı',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/tw.php
Original file line number Diff line number Diff line change
Expand Up @@ -348,6 +348,7 @@
'ranges are acceptable' => '可使用範圍',
'CIDR format is supported' => 'CIDR 格式是支援的',

'unlimited' => 'unlimited',
'1 account' => '1 帳號',
'%s accounts' => '%s 帳號',
'1 domain' => '1 網域',
Expand Down
1 change: 1 addition & 0 deletions web/inc/i18n/ua.php
Original file line number Diff line number Diff line change
Expand Up @@ -350,6 +350,7 @@
'ranges are acceptable' => 'дозволені діапазони',
'CIDR format is supported' => 'формат CIDR підтримується',

'unlimited' => 'unlimited',
'1 account' => ' 1 акаунт',
'%s accounts' => '%s акаунтів',
'1 domain' => '1 домен',
Expand Down
7 changes: 6 additions & 1 deletion web/inc/main.php
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,15 @@
$_SESSION['request_uri'] = $_SERVER['REQUEST_URI'];
header("Location: /login/");
exit;

}

if (isset($_SESSION['user'])) {
require_once($_SERVER['DOCUMENT_ROOT'].'/inc/i18n/'.$_SESSION['language'].'.php');
if(!isset($_SESSION['token'])){
$token = uniqid(mt_rand(), true);
$_SESSION['token'] = $token;
}
}


Expand Down Expand Up @@ -277,7 +282,7 @@ function display_error_block() {
});
</script>
<div id="dialog-message" title="">
<p>'. $_SESSION['error_msg'] .'</p>
<p>'. htmlentities($_SESSION['error_msg']) .'</p>
</div>
</div>'."\n";
unset($_SESSION['error_msg']);
Expand Down
10 changes: 6 additions & 4 deletions web/js/app.js
Original file line number Diff line number Diff line change
Expand Up @@ -710,14 +710,15 @@ var App = {
Core: {},
// CONSTANT VALUES
Constants: {
UNLIM_VALUE: 'unlimited',
UNLIM_TRANSLATED_VALUE: 'unlimited'
UNLIM_VALUE: 'unlimited', // overritten in i18n.js.php
UNLIM_TRANSLATED_VALUE: 'unlimited' // overritten in i18n.js.php
},
// Actions. More widly used funcs
Actions: {
DB: {},
WEB: {},
PACKAGE: {}
PACKAGE: {},
MAIL_ACC:{}
},
// Utilities
Helpers: {},
Expand All @@ -732,7 +733,8 @@ var App = {
Listeners: {
DB: {},
WEB: {},
PACKAGE: {}
PACKAGE: {},
MAIL_ACC:{}
},
View:{
HTML: {
Expand Down
2 changes: 2 additions & 0 deletions web/js/cheef-editor/jquery/jquery-1.8.3.min.js

Large diffs are not rendered by default.

49 changes: 48 additions & 1 deletion web/js/i18n.js.php
Original file line number Diff line number Diff line change
@@ -1 +1,48 @@
App.i18n.ARE_YOU_SURE = '<?php echo __('Are you sure?') ?>';
<?php
session_start();
if (empty($_SESSION['language'])) {
$_SESSION['language'] = 'en';
}
require_once($_SERVER['DOCUMENT_ROOT'].'/inc/i18n/'.$_SESSION['language'].'.php');

if (!function_exists('_translate')) {
function _translate() {
global $LANG;

$args = func_get_args();
$l = $args[0];

if (!$l) return 'NO LANGUAGE DEFINED';
$key = $args[1];

if (!isset($LANG[$l])) {
require_once($_SERVER['DOCUMENT_ROOT'].'/inc/i18n/'.$l.'.php');
}

if (!isset($LANG[$l][$key])) {
$text=$key;
} else {
$text=$LANG[$l][$key];
}

array_shift($args);
if (count($args)>1) {
$args[0] = $text;
return call_user_func_array("sprintf",$args);
} else {
return $text;
}
}
}

if (!function_exists('__')) {
function __() {
$args = func_get_args();
array_unshift($args,$_SESSION['language']);
return call_user_func_array("_translate",$args);
}
}
?>

App.i18n.ARE_YOU_SURE = '<?php echo __('Are you sure?') ?>';
App.Constants.UNLIM_VALUE = '<?php echo __('unlimited') ?>';
429 changes: 429 additions & 0 deletions web/js/jquery.arcticmodal.js

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions web/js/jquery.finder.js
Original file line number Diff line number Diff line change
Expand Up @@ -175,7 +175,7 @@
var c = f.get.clicks(p,o,$(this));

var ref = $(e.target);
if (ref.parents('.l-unit').hasClass('selected') && $('.l-unit.selected').length == 1) {
if (ref.parents('.l-unit').hasClass('selected')/* && $('.l-unit.selected').length == 1*/) {
ref.parents('.l-unit').find('.ch-toggle').attr('checked', false);
ref.parents('.l-unit').removeClass('selected');
ref.parents('.l-unit').removeClass('selected-current');
Expand Down Expand Up @@ -481,7 +481,7 @@
},
singleClick: function(p,c,o) {
var s = f.get.siblings(p,o);
f.h.off(s, o);
//f.h.off(s, o);
f.h.on(c.current.v, o);
f.set.clicks(c.current.v, null, null, p, o);
},
Expand Down
76 changes: 76 additions & 0 deletions web/js/pages/add.mail_acc.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
App.Actions.MAIL_ACC.enable_unlimited = function(elm, source_elm) {
$(elm).data('checked', true);
$(elm).data('prev_value', $(elm).val()); // save prev value in order to restore if needed
$(elm).val(App.Constants.UNLIM_VALUE);
$(elm).attr('disabled', true);
$(source_elm).css('opacity', '1');
}

App.Actions.MAIL_ACC.disable_unlimited = function(elm, source_elm) {
$(elm).data('checked', false);
if ($(elm).data('prev_value') && $(elm).data('prev_value').trim() != '') {
var prev_value = $(elm).data('prev_value').trim();
$(elm).val(prev_value);
if (App.Helpers.isUnlimitedValue(prev_value)) {
$(elm).val('0');
}
}
else {
if (App.Helpers.isUnlimitedValue($(elm).val())) {
$(elm).val('0');
}
}
$(elm).attr('disabled', false);
$(source_elm).css('opacity', '0.5');
}

//
App.Actions.MAIL_ACC.toggle_unlimited_feature = function(evt) {
var elm = $(evt.target);
var ref = elm.prev('.vst-input');
if (!$(ref).data('checked')) {
App.Actions.MAIL_ACC.enable_unlimited(ref, elm);
}
else {
App.Actions.MAIL_ACC.disable_unlimited(ref, elm);
}
}

App.Listeners.MAIL_ACC.checkbox_unlimited_feature = function() {
$('.unlim-trigger').on('click', App.Actions.MAIL_ACC.toggle_unlimited_feature);
}

App.Listeners.MAIL_ACC.init = function() {
$('.unlim-trigger').each(function(i, elm) {
var ref = $(elm).prev('.vst-input');
if (App.Helpers.isUnlimitedValue($(ref).val())) {
App.Actions.MAIL_ACC.enable_unlimited(ref, elm);
}
else {
$(ref).data('prev_value', $(ref).val());
App.Actions.MAIL_ACC.disable_unlimited(ref, elm);
}
});
}

App.Helpers.isUnlimitedValue = function(value) {
var value = value.trim();
if (value == App.Constants.UNLIM_VALUE || value == App.Constants.UNLIM_TRANSLATED_VALUE) {
return true;
}

return false;
}

//
// Page entry point
// Trigger listeners
App.Listeners.MAIL_ACC.init();
App.Listeners.MAIL_ACC.checkbox_unlimited_feature();
$('form[name="v_quota"]').bind('submit', function(evt) {
$('input:disabled').each(function(i, elm) {
$(elm).attr('disabled', false);
});
});


76 changes: 76 additions & 0 deletions web/js/pages/edit.mail_acc.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
App.Actions.MAIL_ACC.enable_unlimited = function(elm, source_elm) {
$(elm).data('checked', true);
$(elm).data('prev_value', $(elm).val()); // save prev value in order to restore if needed
$(elm).val(App.Constants.UNLIM_VALUE);
$(elm).attr('disabled', true);
$(source_elm).css('opacity', '1');
}

App.Actions.MAIL_ACC.disable_unlimited = function(elm, source_elm) {
$(elm).data('checked', false);
if ($(elm).data('prev_value') && $(elm).data('prev_value').trim() != '') {
var prev_value = $(elm).data('prev_value').trim();
$(elm).val(prev_value);
if (App.Helpers.isUnlimitedValue(prev_value)) {
$(elm).val('0');
}
}
else {
if (App.Helpers.isUnlimitedValue($(elm).val())) {
$(elm).val('0');
}
}
$(elm).attr('disabled', false);
$(source_elm).css('opacity', '0.5');
}

//
App.Actions.MAIL_ACC.toggle_unlimited_feature = function(evt) {
var elm = $(evt.target);
var ref = elm.prev('.vst-input');
if (!$(ref).data('checked')) {
App.Actions.MAIL_ACC.enable_unlimited(ref, elm);
}
else {
App.Actions.MAIL_ACC.disable_unlimited(ref, elm);
}
}

App.Listeners.MAIL_ACC.checkbox_unlimited_feature = function() {
$('.unlim-trigger').on('click', App.Actions.MAIL_ACC.toggle_unlimited_feature);
}

App.Listeners.MAIL_ACC.init = function() {
$('.unlim-trigger').each(function(i, elm) {
var ref = $(elm).prev('.vst-input');
if (App.Helpers.isUnlimitedValue($(ref).val())) {
App.Actions.MAIL_ACC.enable_unlimited(ref, elm);
}
else {
$(ref).data('prev_value', $(ref).val());
App.Actions.MAIL_ACC.disable_unlimited(ref, elm);
}
});
}

App.Helpers.isUnlimitedValue = function(value) {
var value = value.trim();
if (value == App.Constants.UNLIM_VALUE || value == App.Constants.UNLIM_TRANSLATED_VALUE) {
return true;
}

return false;
}

//
// Page entry point
// Trigger listeners
App.Listeners.MAIL_ACC.init();
App.Listeners.MAIL_ACC.checkbox_unlimited_feature();
$('form[name="v_quota"]').bind('submit', function(evt) {
$('input:disabled').each(function(i, elm) {
$(elm).attr('disabled', false);
});
});


2 changes: 1 addition & 1 deletion web/restart/service/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -18,5 +18,5 @@
unset($output);
}

header("Location: /list/services/");
header("Location: /list/server/");
exit;
2 changes: 1 addition & 1 deletion web/restart/system/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -13,5 +13,5 @@
unset($output);
}

header("Location: /list/services/");
header("Location: /list/server/");
exit;
2 changes: 1 addition & 1 deletion web/start/service/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -18,5 +18,5 @@
unset($output);
}

header("Location: /list/services/");
header("Location: /list/server/");
exit;
2 changes: 1 addition & 1 deletion web/stop/service/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -18,5 +18,5 @@
unset($output);
}

header("Location: /list/services/");
header("Location: /list/server/");
exit;
6 changes: 6 additions & 0 deletions web/suspend/cron/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@
session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

// Check user
if ($_SESSION['user'] != 'admin') {
header("Location: /list/user");
Expand Down
6 changes: 6 additions & 0 deletions web/suspend/db/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@
session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

// Check user
if ($_SESSION['user'] != 'admin') {
header("Location: /list/user");
Expand Down
6 changes: 6 additions & 0 deletions web/suspend/dns/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@
session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

// Check user
if ($_SESSION['user'] != 'admin') {
header("Location: /list/user");
Expand Down
6 changes: 6 additions & 0 deletions web/suspend/firewall/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@
session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

// Check user
if ($_SESSION['user'] != 'admin') {
header("Location: /list/user");
Expand Down
6 changes: 6 additions & 0 deletions web/suspend/mail/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@
session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

// Check user
if ($_SESSION['user'] != 'admin') {
header("Location: /list/user");
Expand Down
6 changes: 6 additions & 0 deletions web/suspend/user/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@
$TAB = 'USER';
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

// Check user
if ($_SESSION['user'] != 'admin') {
header("Location: /list/user");
Expand Down
6 changes: 6 additions & 0 deletions web/suspend/web/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@
session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

// Check user
if ($_SESSION['user'] != 'admin') {
header("Location: /list/user");
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/add_cron.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title"><b><?=__('Adding Cron Job')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/add_db.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title"><b><?=__('Adding database')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/add_dns.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title"><b><?=__('Adding DNS Domain')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/add_dns_rec.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title"><b><?=__('Adding DNS Record')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/add_firewall.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title"><b><?=__('Adding Firewall Rule')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/add_firewall_banlist.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title"><b><?=__('Adding IP Address to Banlist')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/add_ip.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title"><b><?=__('Adding IP address')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/add_mail.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title"><b><?=__('Adding Mail Domain')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
6 changes: 4 additions & 2 deletions web/templates/admin/add_mail_acc.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title"><b><?=__('Adding Mail Account')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down Expand Up @@ -107,6 +107,7 @@
<tr>
<td>
<input type="text" size="20" class="vst-input" name="v_quota" <?php if (!empty($v_quota)) echo "value=".htmlentities($v_quota); ?>>
<img class="unlim-trigger" id="unlim-quota" src="/images/unlim.png" />
</td>
</tr>
<tr>
Expand Down Expand Up @@ -152,4 +153,5 @@
</tr>
</table>
</form>
</div>
</div>
<script type="text/javascript" src="/js/pages/edit.package.js"></script>
2 changes: 1 addition & 1 deletion web/templates/admin/add_package.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title"><b><?=__('Adding Package')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/add_user.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title"><b><?=__('Adding User')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/add_web.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title"><b><?=__('Adding Domain')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/edit_backup_exclusions.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title edit"><b><?=__('Editing Backup Exclusions')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/edit_cron.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title edit"><b><?=__('Editing Cron Job')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/edit_db.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title edit"><b><?=__('Editing Database')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/edit_dns.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title edit"><b><?=__('Editing DNS Domain')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/edit_dns_rec.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title edit"><b><?=__('Editing DNS Record')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/edit_firewall.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title edit"><b><?=__('Editing Firewall Rule')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/edit_ip.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title edit"><b><?=__('Editing IP Address')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/edit_mail.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title edit"><b><?=__('Editing Mail Domain')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
6 changes: 4 additions & 2 deletions web/templates/admin/edit_mail_acc.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title edit"><b><?=__('Editing Mail Account')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down Expand Up @@ -97,6 +97,7 @@
<tr>
<td>
<input type="text" size="20" class="vst-input" name="v_quota" <?php if (!empty($v_quota)) {echo "value=".htmlentities($v_quota);} else { echo "value=0";}; ?>>
<img class="unlim-trigger" id="unlim-quota" src="/images/unlim.png" />
</td>
</tr>
<tr>
Expand Down Expand Up @@ -160,4 +161,5 @@
</tr>
</table>
</form>
</div>
</div>
<script type="text/javascript" src="/js/pages/edit.mail_acc.js"></script>
2 changes: 1 addition & 1 deletion web/templates/admin/edit_package.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title edit"><b><?=__('Editing Package')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
539 changes: 539 additions & 0 deletions web/templates/admin/edit_server.html

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion web/templates/admin/edit_web.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title edit"><b><?=__('Editing Domain')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
2 changes: 1 addition & 1 deletion web/templates/admin/generate_ssl.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<span class="title"><b><?=__('Generating CSR')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
Expand Down
6 changes: 3 additions & 3 deletions web/templates/admin/list_backup.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@
<div class="l-sort-toolbar clearfix">
<table>
<tr>
<td class="step-right">
<a class="vst" href="/list/backup/exclusions/"><?=__('backup exclusions')?></a>
</td>
<td class="l-sort-toolbar__search-box">
<form action="/search/" method="get">
<input type="hidden" name="token" value="<?=$_SESSION['token']?>" />
Expand All @@ -26,9 +29,6 @@
</div>
<input type="submit" value="" class="l-sort-toolbar__filter-apply" />
</td>
<td>
<a class="vst" href="/list/backup/exclusions/"><?=__('backup exclusions')?></a>
</td>
</tr>
</table>
</div>
Expand Down
20 changes: 10 additions & 10 deletions web/templates/admin/list_cron.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,16 @@
<div class="l-sort-toolbar clearfix">
<table>
<tr>
<td class="step-right">
&nbsp;
<?
if($panel[$user]['CRON_REPORTS'] == 'yes') {
echo '<a class="vst" href="/delete/cron/reports/?token='.$_SESSION['token'].'">'.__('turn off notifications').'</a>';
} else {
echo '<a class="vst" href="/add/cron/reports/?token='.$_SESSION['token'].'">'.__('turn on notifications').'</a>';
}
?>
</td>
<td class="l-sort-toolbar__search-box">
<form action="/search/" method="get">
<input type="hidden" name="token" value="<?=$_SESSION['token']?>" />
Expand Down Expand Up @@ -33,16 +43,6 @@
</div>
<input type="submit" value="" class="l-sort-toolbar__filter-apply" />
</td>
<td>
&nbsp;
<?
if($panel[$user]['CRON_REPORTS'] == 'yes') {
echo '<a class="vst" href="/delete/cron/reports/?token='.$_SESSION['token'].'">'.__('turn off notifications').'</a>';
} else {
echo '<a class="vst" href="/add/cron/reports/?token='.$_SESSION['token'].'">'.__('turn on notifications').'</a>';
}
?>
</td>
</tr>
</table>
</div>
Expand Down
40 changes: 34 additions & 6 deletions web/templates/admin/list_db.html
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,36 @@
<div class="l-sort-toolbar clearfix">
<table>
<tr>
<td class="l-sort-toolbar__search-box">
<?
$mysql = 0;
$pgsql = 0;


list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"].":");

foreach ($data as $key => $value) {
if ($data[$key]['TYPE'] == 'mysql'){
$mysql = 1;

$db_admin_link = "http://".$http_host."/phpmyadmin/";
if (!empty($_SESSION['DB_PMA_URL']))
$db_admin_link = $_SESSION['DB_PMA_URL'];
}
if ($data[$key]['TYPE'] == 'pgsql'){
$pgsql = 1;
$db_admin_link = "http://".$http_host."/phppgadmin/";
if (!empty($_SESSION['DB_PGA_URL']))
$db_admin_link = $_SESSION['DB_PGA_URL'];
}
}
if($mysql){
echo '<td class="step-right"><a class="vst" href="'.$db_admin_link.'">phpMyAdmin</td>';
}
if($pgsql){
echo '<td class="step-right"><a class="vst" href="'.$db_admin_link.'">phpPgAdmin</td>';
}
?>
<td class="l-sort-toolbar__search-box step-left">
<form action="/search/" method="get">
<input type="hidden" name="token" value="<?=$_SESSION['token']?>" />
<input type="text" name="q" class="search-input" value="<? echo isset($_POST['q']) ? htmlspecialchars($_POST['q']) : '' ?>" />
Expand Down Expand Up @@ -83,7 +112,6 @@
<div class="l-unit-toolbar__col l-unit-toolbar__col--right noselect">
<div class="actions-panel clearfix">
<div class="actions-panel__col actions-panel__edit"><a href="/edit/db/?database=<?=$key?>"><?=__('edit')?> <i></i></a></div>
<div class="actions-panel__col actions-panel__db"><a href="<?=$db_admin_link?>" target="_blank"><?=__('%s',$db_admin)?> <i></i></a></div>
<div class="actions-panel__col actions-panel__suspend">
<a id="<?=$spnd_action ?>_link_<?=$i?>" class="data-controls do_<?=$spnd_action?>">
<?=__($spnd_action)?> <i class="do_<?=$spnd_action?>"></i>
Expand Down Expand Up @@ -140,15 +168,15 @@
</td>
<td>
<div class="l-unit__stat-cols clearfix">
<div class="l-unit__stat-col l-unit__stat-col--left compact"><?=__('User')?>:</div>
<div class="l-unit__stat-col l-unit__stat-col--left"><?=__('User')?>:</div>
<div class="l-unit__stat-col l-unit__stat-col--right">
<b><?=__($data[$key]['DBUSER'])?></b>
</div>
</div>
</td>
<td>
<div class="l-unit__stat-cols clearfix last">
<div class="l-unit__stat-col l-unit__stat-col--left compact"><?=__('Host')?>:</div>
<div class="l-unit__stat-col l-unit__stat-col--left"><?=__('Host')?>:</div>
<div class="l-unit__stat-col l-unit__stat-col--right">
<b><?=$data[$key]['HOST']?></b>
</div>
Expand All @@ -159,15 +187,15 @@
<td></td>
<td>
<div class="l-unit__stat-cols clearfix">
<div class="l-unit__stat-col l-unit__stat-col--left compact"><?=__('Charset')?>:</div>
<div class="l-unit__stat-col l-unit__stat-col--left"><?=__('Charset')?>:</div>
<div class="l-unit__stat-col l-unit__stat-col--right">
<b><?=$data[$key]['CHARSET']?></b>
</div>
</div>
</td>
<td>
<div class="l-unit__stat-cols clearfix last">
<div class="l-unit__stat-col l-unit__stat-col--left compact"><?=__('Type')?>:</div>
<div class="l-unit__stat-col l-unit__stat-col--left"><?=__('Type')?>:</div>
<div class="l-unit__stat-col l-unit__stat-col--right">
<b><?=$data[$key]['TYPE']?></b>
</div>
Expand Down
4 changes: 2 additions & 2 deletions web/templates/admin/list_dns.html
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@
<!-- /.l-unit__col -->
<div class="l-unit__col l-unit__col--right">
<div class="l-unit__name">
<?=$key?> <? if(!empty($data[$key]['SRC'])) echo "<span>⇢ ".$data[$key]['SRC']."</span>";?>
<?=$key?> <? if(!empty($data[$key]['SRC'])) echo "<span>⇢ ".$data[$key]['SRC']."</span>&nbsp; &nbsp; "; if($data[$key]['RECORDS']) echo '<span>/ '.$data[$key]['RECORDS'].'</span>';?>
</div>
<div class="l-unit__ip">
<?=str_replace('.', '&nbsp;.&nbsp;', $data[$key]['IP'])?>
Expand Down Expand Up @@ -143,7 +143,7 @@
<tr>
<td>
<div class="l-unit__stat-cols clearfix last">
<div class="l-unit__stat-col l-unit__stat-col--left compact"><?=__('Expire')?>:</div>
<div class="l-unit__stat-col l-unit__stat-col--left"><?=__('Expire')?>:</div>
<div class="l-unit__stat-col l-unit__stat-col--right">
<b><?=strftime("%d %b %Y", strtotime($data[$key]['EXP']))?></b>
</div>
Expand Down
12 changes: 6 additions & 6 deletions web/templates/admin/list_firewall.html
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,12 @@
<div class="l-sort-toolbar clearfix">
<table>
<tr>
<td class="l-sort-toolbar__search-box">
<td class="step-right">
<? if(!empty($_SESSION['FIREWALL_EXTENSION'])) {
echo '<a class="vst" href="/list/firewall/banlist/"> '.__('list fail2ban').'</a>';
} ?>
</td>
<td class="l-sort-toolbar__search-box step-left">
<form action="/search/" method="get">
<input type="hidden" name="token" value="<?=$_SESSION['token']?>" />
<input type="text" name="q" class="search-input" value="<? echo isset($_POST['q']) ? htmlspecialchars($_POST['q']) : '' ?>" />
Expand All @@ -27,11 +32,6 @@
</div>
<input type="submit" value="" class="l-sort-toolbar__filter-apply" />
</td>
<td>
<? if(!empty($_SESSION['FIREWALL_EXTENSION'])) {
echo '[<a class="vst" href="/list/firewall/banlist/"> '.__('list fail2ban').'</a>]';
} ?>
</td>
</tr>
</table>
</div>
Expand Down
13 changes: 10 additions & 3 deletions web/templates/admin/list_mail.html
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,15 @@
<div class="l-sort-toolbar clearfix">
<table>
<tr>
<td class="l-sort-toolbar__search-box">
<td class="step-right">
<?
list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"].":");
$webmail = "http://".$http_host."/webmail/";
if (!empty($_SESSION['MAIL_URL'])) $webmail = $_SESSION['MAIL_URL'];
?>
<a class="vst" href="<?=$webmail?>" target="_blank"><?=__('open webmail')?> <i></i></a>
</td>
<td class="l-sort-toolbar__search-box step-left">
<form action="/search/" method="get">
<input type="hidden" name="token" value="<?=$_SESSION['token']?>" />
<input type="text" name="q" class="search-input" value="<? echo isset($_POST['q']) ? htmlspecialchars($_POST['q']) : '' ?>" />
Expand Down Expand Up @@ -83,7 +91,6 @@
<div class="actions-panel clearfix">
<div class="actions-panel__col actions-panel__logs"><a href="?domain=<?=$key?>"><?=__('list accounts',$data[$key]['ACCOUNTS'])?> <i></i></a></div>
<div class="actions-panel__col actions-panel__add"><a href="/add/mail/?domain=<?=$key?>"><?=__('add account')?> <i></i></a></div>
<div class="actions-panel__col actions-panel__mail"><a href="<?=$webmail?>" target="_blank"><?=__('open webmail')?> <i></i></a></div>
<div class="actions-panel__col actions-panel__edit"><a href="/edit/mail/?domain=<?=$key?>"><?=__('edit')?> <i></i></a></div>
<div class="actions-panel__col actions-panel__suspend">
<a id="<?=$spnd_action ?>_link_<?=$i?>" class="data-controls do_<?=$spnd_action?>">
Expand Down Expand Up @@ -121,7 +128,7 @@
<!-- /.l-unit__col -->
<div class="l-unit__col l-unit__col--right">
<div class="l-unit__name separate">
<?=$key?>
<?=$key?> <? if($data[$key]['ACCOUNTS']) echo '<span>/ '.$data[$key]['ACCOUNTS'].'</span>';?>
</div>
<!-- /.l-unit__name -->
<div class="l-unit__stats">
Expand Down
12 changes: 10 additions & 2 deletions web/templates/admin/list_mail_acc.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,15 @@
<div class="l-sort-toolbar clearfix">
<table>
<tr>
<td class="l-sort-toolbar__search-box">
<td class="step-right">
<?
list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"].":");
$webmail = "http://".$http_host."/webmail/";
if (!empty($_SESSION['MAIL_URL'])) $webmail = $_SESSION['MAIL_URL'];
?>
<a class="vst" href="<?=$webmail?>" target="_blank"><?=__('open webmail')?> <i></i></a>
</td>
<td class="l-sort-toolbar__search-box step-left">
<form action="/search/" method="get">
<input type="hidden" name="token" value="<?=$_SESSION['token']?>" />
<input type="text" name="q" class="search-input" value="<? echo isset($_POST['q']) ? htmlspecialchars($_POST['q']) : '' ?>" />
Expand Down Expand Up @@ -141,7 +149,7 @@
<div class="l-unit__stat-cols clearfix">
<div class="l-unit__stat-col l-unit__stat-col--left"><?=__('Quota')?>:</div>
<div class="l-unit__stat-col l-unit__stat-col--right">
<b><?=$data[$key]['QUOTA']?></b>
<b><? echo __($data[$key]['QUOTA']) ?></b>
</div>
</div>
</td>
Expand Down
2 changes: 2 additions & 0 deletions web/templates/admin/list_services.html
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
<div class="l-center">
<div class="l-sort clearfix noselect">
<a href="/edit/server/" class="l-sort__create-btn edit" title="<?=str_replace(' ', '&nbsp;', __('Configure'))?>"></a>

<div class="l-sort-toolbar clearfix">
<table>
<tr>
Expand Down
16 changes: 8 additions & 8 deletions web/templates/admin/list_updates.html
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,14 @@
<div class="l-sort-toolbar clearfix">
<table>
<tr>
<td class="l-sort-toolbar__search-box">
<td class="step-right">
<? if($autoupdate == 'Enabled') {
echo '<a class="vst" href="/delete/cron/autoupdate/&token='.$_SESSION['token'].'">'.__('disable autoupdate').'</a>';
} else {
echo '<a class="vst" href="/add/cron/autoupdate/&token='.$_SESSION['token'].'">'.__('enable autoupdate').'</a>';
} ?>
</td>
<td class="l-sort-toolbar__search-box step-left">
<form action="/search/" method="get">
<input type="hidden" name="token" value="<?=$_SESSION['token']?>" />
<input type="text" name="q" class="search-input" value="<? echo isset($_POST['q']) ? htmlspecialchars($_POST['q']) : '' ?>" />
Expand All @@ -28,13 +35,6 @@
</div>
<input type="submit" value="" class="l-sort-toolbar__filter-apply" />
</td>
<td class="step-left">
<? if($autoupdate == 'Enabled') {
echo '<a class="vst" href="/delete/cron/autoupdate/&token=<?=$_SESSION['token']?>"> '.__('disable autoupdate').'</a>';
} else {
echo '<a class="vst" href="/add/cron/autoupdate/&token=<?=$_SESSION['token']?>">'.__('enable autoupdate').'</a>';
} ?>
</td>
</tr>
</table>
</div>
Expand Down
8 changes: 4 additions & 4 deletions web/templates/footer.html
Original file line number Diff line number Diff line change
Expand Up @@ -34,26 +34,26 @@
if (location.href.search(/list/) != -1) {
var shift_select_ref = $('body').finderSelect({children: '.l-unit',
'onFinish': function(evt) {
var ref = $(evt.target);
/*var ref = $(evt.target);
$('.l-content').find('.l-unit .ch-toggle').attr('checked', false);
$('.l-content').find('.l-unit.selected .ch-toggle').attr('checked', true);


if ($('.l-content').find('.l-unit.selected').length == $('.l-content').find('.l-unit').length) {
$('.toggle-all').addClass('clicked-on');
}
}*/

},
'toggleAllHook': function() {
if ($('.l-unit').length == $('.ch-toggle:checked').length) {
/*if ($('.l-unit').length == $('.ch-toggle:checked').length) {
$('.l-unit.selected').removeClass('selected');
$('.ch-toggle').attr('checked', false);
$('#toggle-all').attr('checked', false);
}
else {
$('.ch-toggle').attr('checked', true);
$('#toggle-all').attr('checked', true);
}
}*/
}
});
$('table').on('mousedown', 'td', function(e) {
Expand Down
3 changes: 2 additions & 1 deletion web/templates/header.html
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@
});


$('.l-sort-toolbar__search-box').hover(function(){
$('.l-sort-toolbar__search').hover(function(){
clearTimeout(search_display_interval);
clearTimeout(search_hover_interval);
search_display_interval = setTimeout(function(){$('.search-input').addClass('activated');}, 150);
Expand Down Expand Up @@ -171,5 +171,6 @@
</script>
<script type="text/javascript" src="/js/app.js"></script>
<script type="text/javascript" src="/js/templates.js"></script>
<script type="text/javascript" src="/js/i18n.js.php"></script>
</head>
<body class="body-<?=strtolower($TAB)?> lang-<?=$_SESSION['language']?>">
4 changes: 2 additions & 2 deletions web/templates/user/edit_dns.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,10 @@
<span class="title edit"><b><?=__('Editing DNS Domain')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
echo "<span class=\"vst-ok\"> → ".htmlentities($_SESSION['ok_msg'])."</span>";
}
}
?>
Expand Down
4 changes: 2 additions & 2 deletions web/templates/user/edit_user.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,10 @@
<span class="title edit"><b><?=__('Editing User')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
echo "<span class=\"vst-ok\"> → ".htmlentities($_SESSION['ok_msg'])."</span>";
}
}
?>
Expand Down
4 changes: 2 additions & 2 deletions web/templates/user/edit_web.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,10 @@
<span class="title edit"><b><?=__('Editing Domain')?></b></span>
<?php
if (!empty($_SESSION['error_msg'])) {
echo "<span class=\"vst-error\"> → ".$_SESSION['error_msg']."</span>";
echo "<span class=\"vst-error\"> → ".htmlentities($_SESSION['error_msg'])."</span>";
} else {
if (!empty($_SESSION['ok_msg'])) {
echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
echo "<span class=\"vst-ok\"> → ".htmlentities($_SESSION['ok_msg'])."</span>";
}
}
?>
Expand Down
20 changes: 10 additions & 10 deletions web/templates/user/list_cron.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,16 @@
<div class="l-sort-toolbar clearfix">
<table>
<tr>
<td class="step-right">
<?
if($panel[$user]['CRON_REPORTS'] == 'yes') {
echo '<a class="vst" href="/delete/cron/reports/?token='.$_SESSION['token'].'">'.__('turn off notifications').'</a>';
} else {
echo '<a class="vst" href="/add/cron/reports/?token='.$_SESSION['token'].'">'.__('turn on notifications').'</a>';
}
?>
</td>

<td class="l-sort-toolbar__search-box">
<form action="/search/" method="get">
<input type="hidden" name="token" value="<?=$_SESSION['token']?>" />
Expand Down Expand Up @@ -33,16 +43,6 @@
</div>
<input type="submit" value="" class="l-sort-toolbar__filter-apply" />
</td>
<td>
&nbsp;
<?
if($panel[$user]['CRON_REPORTS'] == 'yes') {
echo '<a class="vst" href="/delete/cron/reports/?token='.$_SESSION['token'].'">'.__('turn off notifications').'</a>';
} else {
echo '<a class="vst" href="/add/cron/reports/?token='.$_SESSION['token'].'">'.__('turn on notifications').'</a>';
}
?>
</td>
</tr>
</table>
</div>
Expand Down
27 changes: 27 additions & 0 deletions web/templates/user/list_db.html
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,33 @@
<div class="l-sort-toolbar clearfix">
<table>
<tr>
<?
$mysql = 0;
$pgsql = 0;


list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"].":");

foreach ($data as $key => $value) {
if ($data[$key]['TYPE'] == 'mysql'){
$mysql = 1;

$db_admin_link = "http://".$http_host."/phpmyadmin/";
if (!empty($_SESSION['DB_PMA_URL'])){
$db_admin_link = $_SESSION['DB_PMA_URL'];
}
echo '<td class="step-right"><a class="vst" href="'.$db_admin_link.'">phpMyAdmin</td>';
}
if ($data[$key]['TYPE'] == 'pgsql'){
$pgsql = 1;
$db_admin_link = "http://".$http_host."/phppgadmin/";
if (!empty($_SESSION['DB_PGA_URL'])){
$db_admin_link = $_SESSION['DB_PGA_URL'];
}
echo '<td class="step-right"><a class="vst" href="'.$db_admin_link.'">phpPgAdmin</td>';
}
}
?>
<td class="l-sort-toolbar__search-box">
<form action="/search/" method="get">
<input type="hidden" name="token" value="<?=$_SESSION['token']?>" />
Expand Down
2 changes: 1 addition & 1 deletion web/templates/user/list_dns.html
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@
<!-- /.l-unit__col -->
<div class="l-unit__col l-unit__col--right">
<div class="l-unit__name">
<?=$key?> <? if(!empty($data[$key]['SRC'])) echo "<span>⇢ ".$data[$key]['SRC']."</span>";?>
<?=$key?> <? if(!empty($data[$key]['SRC'])) echo "<span>⇢ ".$data[$key]['SRC']."</span>&nbsp; &nbsp; "; if($data[$key]['RECORDS']) echo '<span>/ '.$data[$key]['RECORDS'].'</span>';?>
</div>
<div class="l-unit__ip">
<?=str_replace('.', '&nbsp;.&nbsp;', $data[$key]['IP'])?>
Expand Down
13 changes: 10 additions & 3 deletions web/templates/user/list_mail.html
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,15 @@
<div class="l-sort-toolbar clearfix">
<table>
<tr>
<td class="l-sort-toolbar__search-box">
<td class="step-right">
<?
list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"].":");
$webmail = "http://".$http_host."/webmail/";
if (!empty($_SESSION['MAIL_URL'])) $webmail = $_SESSION['MAIL_URL'];
?>
<a class="vst" href="<?=$webmail?>" target="_blank"><?=__('open webmail')?> <i></i></a>
</td>
<td class="l-sort-toolbar__search-box step-left">
<form action="/search/" method="get">
<input type="hidden" name="token" value="<?=$_SESSION['token']?>" />
<input type="text" name="q" class="search-input" value="<? echo isset($_POST['q']) ? htmlspecialchars($_POST['q']) : '' ?>" />
Expand Down Expand Up @@ -83,7 +91,6 @@
<div class="actions-panel clearfix">
<div class="actions-panel__col actions-panel__logs"><a href="?domain=<?=$key?>"><?=__('list accounts',$data[$key]['ACCOUNTS'])?> <i></i></a></div>
<div class="actions-panel__col actions-panel__add"><a href="/add/mail/?domain=<?=$key?>"><?=__('add account')?> <i></i></a></div>
<div class="actions-panel__col actions-panel__mail"><a href="<?=$webmail?>" target="_blank"><?=__('open webmail')?> <i></i></a></div>
<div class="actions-panel__col actions-panel__edit"><a href="/edit/mail/?domain=<?=$key?>"><?=__('edit')?> <i></i></a></div>
<div class="actions-panel__col actions-panel__suspend">
<a id="<?=$spnd_action ?>_link_<?=$i?>" class="data-controls do_<?=$spnd_action?>">
Expand Down Expand Up @@ -121,7 +128,7 @@
<!-- /.l-unit__col -->
<div class="l-unit__col l-unit__col--right">
<div class="l-unit__name separate">
<?=$key?>
<?=$key?> <? if($data[$key]['ACCOUNTS']) echo '<span>/ '.$data[$key]['ACCOUNTS'].'</span>';?>
</div>
<!-- /.l-unit__name -->
<div class="l-unit__stats">
Expand Down
12 changes: 10 additions & 2 deletions web/templates/user/list_mail_acc.html
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,15 @@
<div class="l-sort-toolbar clearfix">
<table>
<tr>
<td class="l-sort-toolbar__search-box">
<td class="step-right">
<?
list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"].":");
$webmail = "http://".$http_host."/webmail/";
if (!empty($_SESSION['MAIL_URL'])) $webmail = $_SESSION['MAIL_URL'];
?>
<a class="vst" href="<?=$webmail?>" target="_blank"><?=__('open webmail')?> <i></i></a>
</td>
<td class="l-sort-toolbar__search-box step-left">
<form action="/search/" method="get">
<input type="hidden" name="token" value="<?=$_SESSION['token']?>" />
<input type="text" name="q" class="search-input" value="<? echo isset($_POST['q']) ? htmlspecialchars($_POST['q']) : '' ?>" />
Expand Down Expand Up @@ -140,7 +148,7 @@
<div class="l-unit__stat-cols clearfix">
<div class="l-unit__stat-col l-unit__stat-col--left"><?=__('Quota')?>:</div>
<div class="l-unit__stat-col l-unit__stat-col--right">
<b><?=$data[$key]['QUOTA']?></b>
<b><? echo __($data[$key]['QUOTA'])?></b>
</div>
</div>
</td>
Expand Down
6 changes: 6 additions & 0 deletions web/unsuspend/cron/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,12 @@

include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

// Check user
if ($_SESSION['user'] != 'admin') {
header("Location: /list/user");
Expand Down
7 changes: 7 additions & 0 deletions web/unsuspend/db/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,13 @@
session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");


// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

// Check user
if ($_SESSION['user'] != 'admin') {
header("Location: /list/user");
Expand Down
6 changes: 6 additions & 0 deletions web/unsuspend/dns/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@
session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

// Check user
if ($_SESSION['user'] != 'admin') {
header("Location: /list/user");
Expand Down
6 changes: 6 additions & 0 deletions web/unsuspend/firewall/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@
session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

// Check user
if ($_SESSION['user'] != 'admin') {
header("Location: /list/user");
Expand Down
6 changes: 6 additions & 0 deletions web/unsuspend/mail/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@
session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

// Check user
if ($_SESSION['user'] != 'admin') {
header("Location: /list/user");
Expand Down
6 changes: 6 additions & 0 deletions web/unsuspend/user/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,12 @@
$TAB = 'USER';
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

// Check user
if ($_SESSION['user'] != 'admin') {
header("Location: /list/user");
Expand Down
6 changes: 6 additions & 0 deletions web/unsuspend/web/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,12 @@
session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
header('location: /login/');
exit();
}

// Check user
if ($_SESSION['user'] != 'admin') {
header("Location: /list/user");
Expand Down