| Current File : //etc/zpanel/panel/modules/mod_security/code/controller.ext.php |
<?php
/**
* @copyright 2014-2015 Sentora Project (http://www.sentora.org/)
* Sentora is a GPL fork of the ZPanel Project whose original header follows:
*
* ZPanel - A Cross-Platform Open-Source Web Hosting Control panel.
*
* @package ZPanel
* @version $Id$
* @author Bobby Allen - ballen@bobbyallen.me
* @copyright (c) 2008-2014 ZPanel Group - http://www.zpanelcp.com/
* @license http://opensource.org/licenses/gpl-3.0.html GNU Public License v3
*
* This program (ZPanel) is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
class module_controller extends ctrl_module
{
static $ok;
static $ook;
static function get_client_ip()
{
$ipaddress = '';
if (getenv('HTTP_CLIENT_IP'))
$ipaddress = getenv('HTTP_CLIENT_IP');
else if(getenv('HTTP_X_FORWARDED_FOR'))
$ipaddress = getenv('HTTP_X_FORWARDED_FOR');
else if(getenv('HTTP_X_FORWARDED'))
$ipaddress = getenv('HTTP_X_FORWARDED');
else if(getenv('HTTP_FORWARDED_FOR'))
$ipaddress = getenv('HTTP_FORWARDED_FOR');
else if(getenv('HTTP_FORWARDED'))
$ipaddress = getenv('HTTP_FORWARDED');
else if(getenv('REMOTE_ADDR'))
$ipaddress = getenv('REMOTE_ADDR');
else
$ipaddress = 'UNKNOWN';
return $ipaddress;
}
static public function doModSecurityList()
{
global $zdbh;
global $controller;
echo "<h2 style='height:55px;'>Configure Individual Domains</h2>";
$currentuser = ctrl_users::GetUserDetail();
$sql = "SELECT * FROM x_vhosts WHERE vh_acc_fk=:userid AND vh_deleted_ts IS NULL";
$numrows = $zdbh->prepare($sql);
$numrows->bindParam(':userid', $currentuser['userid']);
$numrows->execute();
if ($numrows->fetchColumn() > 0)
{
$sql = $zdbh->prepare($sql);
$sql->bindParam(':userid', $currentuser['userid']);
$res = array();
$sql->execute();
$line .='<form action="./?module=mod_security&action=ChangeModSecurity" method="post">';
$line .= '<table style="width:100%">';
$line .='<tr><td> </td></tr>';
$line .= '<tr><th style="width: 15%;">Domain</th><th style="width: 15%;">Actions</th></tr>';
while ($rowdomain = $sql->fetch())
{
$listdomain = $rowdomain['vh_name_vc'];
$listdomain = trim($listdomain);
$listid = $rowdomain['vh_id_pk'];
$mod_sql = $zdbh->prepare("SELECT * FROM x_modsecurity WHERE x_domain_id=:uid");
$mod_sql->bindParam(':uid', $listid);
$mod_sql->execute();
$modrow = $mod_sql->fetch();
$modstatus = $modrow['x_mod_status'];
$modid = $modrow['x_mod_no'];
$line .= '<tr style="height: 50px;"><td>'.$listdomain.'</td>';
if($modstatus == "ModOn")
{
$line .= '<td><button class="button-loader btn btn-primary" type="submit" id="button" name="ModOn_'.$modid.'" id="ModOn_'.$modid.'" value="ModOn_'.$modid.'" >On</button><button class="button-loader delete btn btn" type="submit" id="button" name="ModOff_'.$modid.'" id="ModOff_'.$modid.'" value="ModOff_'.$modid.'" >Off</button></td></tr>';
}
else
{
$line .= '<td><button class="button-loader btn" type="submit" id="button" name="ModOn_'.$modid.'" id="ModOn_'.$modid.'" value="ModOn_'.$modid.'" >On</button><button class="button-loader delete btn btn-primary" type="submit" id="button" name="ModOff_'.$modid.'" id="ModOff_'.$modid.'" value="ModOff_'.$modid.'" >Off</button></td></tr>';
}
}
$line .= '</table>';
$line .='</form>';
echo $line;
exit;
} else {
echo "You currently do not have any Domain.";
exit;
}
}
static function doChangeModSecurity()
{
global $zdbh;
global $controller;
$currentuser = ctrl_users::GetUserDetail();
$formvars = $controller->GetAllControllerRequests('FORM');
$modimp = implode("",$formvars);
$modexp = explode("_",$modimp);
$modstatus = trim($modexp[0]);
$modid = trim($modexp[1]);
$sql = $zdbh->prepare("UPDATE x_modsecurity SET x_mod_status=:x_mod_status, x_mod_hook=0 WHERE x_mod_no=:id");
$sql->bindParam(':id', $modid);
$sql->bindParam(':x_mod_status', $modstatus);
$sql->execute();
unset($sql);
$sql = $zdbh->prepare("UPDATE x_settings SET so_value_tx='true' WHERE so_name_vc='apache_changed'");
$sql->execute();
unset($sql);
self::SetCallDaemon();
if($modstatus == "ModOn")
{
self::$ok = TRUE;
return FALSE;
}
else
{
self::$ook = TRUE;
return FALSE;
}
}
static function SetCallDaemon()
{
$service_port = 4445 ;
$address = gethostbyname('localhost');
$socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
if ($socket === false)
{
/*
echo "socket_create() failed: reason: " . socket_strerror(socket_last_error()) . "\n";
self::$tryagain=true;
return false;
*/
}
// echo "Attempting to connect to '$address' on port '$service_port'...";
$result = socket_connect($socket, $address, $service_port);
if ($result === false)
{
/*
echo "socket_connect() failed.\nReason: ($result) " . socket_strerror(socket_last_error($socket)) . "\n";
self::$tryagain=true;
return false;
*/
}
socket_set_option($socket, SOL_SOCKET, SO_RCVTIMEO, array("sec" => 1, "usec" =>0));
$in="command DaemonCall ";
socket_write($socket, $in, strlen($in));
socket_close($socket);
}
static function gethelpicon()
{
global $zdbh;
global $controller;
$temp=$controller->GetControllerRequest('URL','module') ;
$val = '/assets/one.txt';
$val1 = '/modules/';
$name=file_get_contents("modules/$temp/assets/helpicon.txt");
return $name;
}
static function getResult()
{
if (!fs_director::CheckForEmptyValue(self::$ok)) {
return ui_sysmessage::shout(ui_language::translate("ModSecurity Enabled."), "zannounceok");
}
if (!fs_director::CheckForEmptyValue(self::$ook)) {
return ui_sysmessage::shout(ui_language::translate("ModSecurity Disabled."), "zannounceok");
}
return "";
}
}