· 7 years ago · Oct 28, 2018, 11:48 AM
1$app->post("/account/",function() use($app){
2 $key=$app->request->post('key');
3 $adds=$app->request->post('adds');
4 $user=preg_replace('/\s+/', '',$app->request->post('user'));
5 if(isset($adds)){ $adds['user']=$user; }
6 $ip=$_SERVER['REMOTE_ADDR'];
7 $method=$app->request->post('action');
8 if($method=='add'){$action='accout_add';}elseif($method=='udp'){$action='accout_upd';}elseif($method=='del'){$action='accout_del';}elseif($method=='list'){$action='accout_list';}elseif($method=='susp'){$action='accout_susp';}elseif($method=='unsp'){$action='accout_unsp';}else{$action='';}
9 $returnf=validate($key,$action,$ip,$adds);
10 if($returnf['status']=='OK'){
11 writelog('Authorized key',$key);
12 if($method=='add'){
13 writelog('Action ADD',$key);
14 $user=preg_replace('/\s+/', '',$app->request->post('user'));
15 $domain=preg_replace('/\s+/', '',$app->request->post('domain'));
16 $password=trim($app->request->post('pass'));
17 $email=preg_replace('/\s+/', '',$app->request->post('email'));
18 $package=preg_replace('/\s+/', '',$app->request->post('package'));
19 $inodes=preg_replace('/\s+/', '',$app->request->post('inode'));
20 $limit_nproc=preg_replace('/\s+/', '',$app->request->post('limit_nproc'));
21 $limit_nofile=preg_replace('/\s+/', '',$app->request->post('limit_nofile'));
22 $server_ips=$app->request->post('server_ips');
23 $backup=$app->request->post('backup');
24 if($backup==''){ $backup='off'; }
25
26 $passmysql=conexbd();
27
28 $mysqli = new mysqli("localhost", "root", $passmysql, "root_cwp");
29 $sel="Select * FROM settings Where id=1";
30 $resp=mysqli_query($mysqli,$sel);
31 $row=mysqli_fetch_assoc($resp);
32 $homedir = $row['homedir'];
33 $apache_port = $row['apache_port'];
34 writelog('ppa '.$passmysql,$key);
35
36 if (!empty ($domain) && !empty ($user) && !empty ($password) && !empty ($email) && !empty($server_ips) && check_valid_domain($domain) == "1" && check_valid_domain($user) == "1"){
37
38 $sel="Select * FROM user Where username='".$user."'";
39 $resp=mysqli_query($mysqli,$sel);
40
41 if($resp->num_rows>0){
42 writelog('already exists in database',$key);
43 $return=array("status"=>"Error","msj"=>"already exists in database");
44 $fomart=strtolower($returnf['format']);
45 $app->response->headers->set("Content-type", "application/".$fomart);
46 $app->response->status(200);
47 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
48 //}else if (grep_passwd($user) == "notempty"){
49 }else if (shell_exec('grep '.$user.': /etc/passwd') != ""){
50 writelog('already exists in /etc/passwd!',$key);
51 $return=array("status"=>"Error","msj"=>"already exists in /etc/passwd!");
52 $fomart=strtolower($returnf['format']);
53 $app->response->headers->set("Content-type", "application/".$fomart);
54 $app->response->status(200);
55 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
56 }else{
57 //writelog('Sigo validnaod',$key);
58 if (file_exists("{$homedir}/{$user}")){
59 writelog('User home folder '.$homedir.'/'.$user.' already exists on server!',$key);
60 $return=array("status"=>"Error","msj"=>"User home folder {$homedir}/{$user} already exists on server!");
61 $fomart=strtolower($returnf['format']);
62 $app->response->headers->set("Content-type", "application/".$fomart);
63 $app->response->status(200);
64 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
65 }else{
66 $sel1="Select * FROM user Where domain='".$domain."'";
67 $resp1=mysqli_query($mysqli,$sel1);
68
69 $sel2="Select * FROM domains Where domain='".$domain."'";
70 $resp2=mysqli_query($mysqli,$sel2);
71
72 if ($resp1->num_rows>0 && $resp2->num_rows>0){
73
74 writelog('Domain {$domain} already exists in database',$key);
75 $return=array("status"=>"Error","msj"=>"Domain {$domain} already exists in database");
76 $fomart=strtolower($returnf['format']);
77 $app->response->headers->set("Content-type", "application/".$fomart);
78 $app->response->status(200);
79 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
80 }else{
81 writelog('pase validaciones',$key);
82 $mysql_result2 = mysqli_query($mysqli, 'SELECT * FROM nameserver');
83 $row2 = mysqli_fetch_array($mysql_result2);
84
85 //$domain = $domain;
86 $username = $user;
87 //$password = $password;
88 //$email = $email;
89 //$inodes = $_POST['inode'];
90 $set_package = $package;
91
92 if (isset($_POST['shell_access'])){
93 $ssh_command = "/usr/sbin/useradd {$username} -d {$homedir}/{$username};echo -e \"{$password}\n{$password}\"|/usr/bin/passwd {$username};mkdir {$homedir}/{$username}/public_html;chown -R {$username}:{$username} {$homedir}/{$username}/public_html;chmod 711 {$homedir}/{$username}";
94 }else{
95 $ssh_command = "/usr/sbin/useradd {$username} -d {$homedir}/{$username};echo -e \"{$password}\n{$password}\"|/usr/bin/passwd {$username};/usr/bin/chsh -s /sbin/nologin {$username};mkdir {$homedir}/{$username}/public_html;chown -R {$username}:{$username} {$homedir}/{$username}/public_html;chmod 711 {$homedir}/{$username}";
96 }
97 shell_exec($ssh_command);
98
99 //check if user account exists
100 writelog('check if user account exists',$key);
101 if (file_exists("{$homedir}/{$username}") AND check_valid_username_passwd($username) == "1") {
102 writelog('user Ok',$key);
103 //security limits
104 if (file_exists("/etc/security/limits.d")){
105 shell_exec("echo \"{$username} hard nproc {$limit_nproc}\" > /etc/security/limits.d/{$username}.conf");
106 shell_exec("echo \"{$username} hard nofile {$limit_nofile}\" >> /etc/security/limits.d/{$username}.conf");
107 }else{
108 shell_exec("mkdir /etc/security/limits.d");
109 shell_exec("echo \"{$username} hard nproc {$limit_nproc}\" > /etc/security/limits.d/{$username}.conf");
110 shell_exec("echo \"{$username} hard nofile {$limit_nofile}\" >> /etc/security/limits.d/{$username}.conf");
111 }
112
113 LimitApacheNPROC($username,$limit_nproc); //Limit Apache processes
114
115 //$resultp3 = mysqli_query($mysqli, 'SELECT * FROM packages WHERE id='.$set_package);
116 $resultp3 = mysqli_query($mysqli, 'SELECT * FROM packages WHERE id="'.$set_package.'" OR package_name="'.$set_package.'"');
117 $rowp3 = mysqli_fetch_assoc($resultp3);
118 $set_quota = $rowp3['disk_quota'] * 1024;
119
120 if (empty($inodes)){ $inodes = 0;}
121
122 //echo "command: setquota -u -F vfsv0 {$username} {$set_quota} {$set_quota} {$inodes} {$inodes} /:";
123
124 $quota_part_set = shell_exec("cat /usr/local/cwp/.conf/quota_part.conf");
125 $quota_part_set = remove_empty_line($quota_part_set);
126
127 if (empty($quota_part_set)){ $quota_part_set = "/"; }
128
129 shell_exec("setquota -u -F vfsv0 {$username} {$set_quota} {$set_quota} {$inodes} {$inodes} {$quota_part_set}");
130 shell_exec("quota {$username}");
131
132 //Copy template files if exist
133 if (file_exists("/usr/local/cwpsrv/htdocs/resources/admin/tpl/new_account_tpl")){
134 //echo "--> Template exist. Copying template files to {$homedir}/{$username}/public_html/ <br>";
135 shell_exec("rsync -a /usr/local/cwpsrv/htdocs/resources/admin/tpl/new_account_tpl/ {$homedir}/{$username}/public_html/");
136 shell_exec("/bin/chown -R {$username}:{$username} {$homedir}/{$username}");
137 }
138 //END Copy template files if exist
139
140 //NAT check
141 if (NATedIP() != 0){ $nated_ip = NATedIP(); }else{ $nated_ip = $server_ips; }
142
143 $vhost_core = "\n\n".file_get_contents(get_configurationTemplate("apache"));
144 $vhost_core = str_replace( "IP_REPLACE", $nated_ip, $vhost_core );
145 $vhost_core = str_replace( "PORT_REPLACE", $apache_port, $vhost_core );
146 $vhost_core = str_replace( "PATH_REPLACE", "{$homedir}/{$username}/public_html", $vhost_core );
147 $vhost_core = str_replace( "DOMAIN_REPLACE", $domain, $vhost_core );
148 $vhost_core = str_replace( "USER_REPLACE", $username, $vhost_core );
149 $vhost_core_output = str_replace( "<", "<", $vhost_core );
150 $vhost_core_output = str_replace( ">", ">", $vhost_core_output );
151 //echo "<pre>{$vhost_core_output}</pre><br>";
152 $vhost_file = "/usr/local/apache/conf.d/vhosts.conf";
153 file_put_contents($vhost_file, $vhost_core, FILE_APPEND | LOCK_EX);
154 //mail('josem.nunez@gmail.com','Vhost',$vhost_core);
155 //mysql user create
156 $r_pwd = mysqlroot_pwd();
157 shell_exec("mysql -uroot -p{$r_pwd} -e \"REVOKE ALL PRIVILEGES ON \`{$username}\_%\` . * FROM '{$username}'@'localhost';\"");
158 shell_exec("mysql -uroot -p{$r_pwd} -e \"GRANT ALL ON \`{$username}\_%\` . * TO '{$username}'@'localhost' IDENTIFIED BY '{$password}';\"");
159 shell_exec("mysql -uroot -p{$r_pwd} -e \"flush privileges;\"");
160 unset ($r_pwd);
161 //end mysql user create
162
163 //Create include file in named.conf
164 $zone = "\n".file_get_contents(get_configurationTemplate("named_conf"));
165 $zone = str_replace( "DOMAIN_REPLACE", $domain, $zone );
166 $zone_file = "/etc/named.conf";
167 file_put_contents($zone_file, $zone, FILE_APPEND | LOCK_EX);
168
169 //Create DNS zone File
170 $nameserver = $row2['ns1_name'];
171 $nameserver2 = $row2['ns2_name'];
172 $named_tpl = file_get_contents(get_configurationTemplate("named_new_dns_zone"));
173 $named_tpl = str_replace( "DOMAIN_REPLACE", $domain, $named_tpl );
174 $named_tpl = str_replace( "DNS_EMAIL", dns_email($email), $named_tpl );
175 $named_tpl = str_replace( "NS1_REPLACE", $nameserver, $named_tpl );
176 $named_tpl = str_replace( "NS2_REPLACE", $nameserver2, $named_tpl );
177 $named_tpl = str_replace( "IP_REPLACE", $server_ips, $named_tpl );
178
179 file_put_contents('/var/named/'.$domain.'.db', $named_tpl);
180
181 //Account Details
182 /*echo "<pre>
183Account Details
184========================================
185Server IP: {$_SERVER['SERVER_ADDR']}
186Web Panel Login:
187Domain: {$domain}
188Username: {$username}
189Password: {$password}
190Admin Email: {$email}
191
192Panel URL: http://{$_SERVER['SERVER_ADDR']}:2030
193
194NameServers:
195{$nameserver}
196{$nameserver2}
197</pre>";*/ $mysql_conn=$mysqli;
198 if (file_exists("{$homedir}/{$username}/public_html")){
199 shell_exec("/bin/chmod 711 {$homedir}/{$username};/bin/chmod 750 {$homedir}/{$username}/public_html");
200 shell_exec("/bin/chown {$username}:{$username} {$homedir}/{$username};/bin/chown {$username}:nobody {$homedir}/{$username}/public_html");
201
202 $public_html_exist= "[YES]";
203 $updatetime = dateAndTime();
204 $package = $_POST['package'];
205
206 //BACKUP
207 if($backup=='on'){$backup='on';}else{$backup='off';}
208 //if(!isset($_POST['backup'])){ $backup = "off"; }else{$backup = "on";}
209 $backup='on';
210 //QUERY INSERT
211 mysqli_query($mysql_conn, "INSERT user SET username='{$username}', domain='{$domain}', ip_address='{$server_ips}', email='{$email}',setup_date='{$updatetime}', package='{$package}',backup='{$backup}'");
212 }else{
213 $public_html_exist= "[NO]";
214 }
215 //echo "<h3>Check Account Create Details</h3>";
216 //echo "--> Checking if \"{$homedir}/{$username}/public_html\" folder if exist: <b>{$public_html_exist}</b><br><br>";
217 //shell_exec('systemctl reload httpd 2>&1');
218 shell_exec('service httpd reload');
219 shell_exec('/usr/sbin/rndc reload 2>&1');
220
221 //HOOKS
222
223 //AutoSSL Hook
224 /*if (isset($_POST['autossl'])){
225 echo "<h3>AutoSSL:</h3>";
226 echo "<pre>".autoSSL($domain, $username, $email, $nated_ip, "{$row['homedir']}/{$username}/public_html", "443", "www")."</pre>";
227 }*/
228
229 if (file_exists("/usr/local/cwp/.conf/web_server.conf")){
230 $web_server = shell_exec("cat /usr/local/cwp/.conf/web_server.conf");
231 $web_server = remove_empty_line($web_server);
232 }else{
233 $web_server = 1;
234 }
235
236 if ($web_server == 2){
237 hook_nginx_vhost($domain, $server_ips, "{$homedir}/{$username}/public_html","8181");
238 shell_exec("service nginx reload");
239 }
240 if ($web_server == 4){
241 hook_nginx_vhost($domain, $server_ips, "{$homedir}/{$username}/public_html","82");
242 hook_varnish_backends($domain, $server_ips, $apache_port);
243 shell_exec("service nginx reload");
244 shell_exec("service varnish reload");
245 }
246
247 hook_cwpsrv_NewUser($username);
248
249 //DNS Cluster
250 /*if (file_exists("/usr/local/cwp/.conf/dns_cluster.conf")){
251 dns_cluster_sync('/var/named/'.$domain.'.db', "2");
252 }*/
253
254 //checkNameVirtualHost($mysql_conn,$server_ips);
255 hook_add_dkim($domain);
256 writelog('Create account OK',$key);
257 $return=array("status"=>"OK");
258 $fomart=strtolower($returnf['format']);
259 $app->response->headers->set("Content-type", "application/".$fomart);
260 $app->response->status(200);
261 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
262 }else{
263 writelog('User Account {$username} not added !!!',$key);
264 $return=array("status"=>"Error","msj"=>"User Account {$username} not added !!!");
265 $fomart=strtolower($returnf['format']);
266 $app->response->headers->set("Content-type", "application/".$fomart);
267 $app->response->status(200);
268 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
269 }
270 }
271 }
272 }
273 }else{
274 writelog('Check All Fields (only lower caps are allowed and no special characters or empty spaces',$key);
275 $return=array("status"=>"Error","msj"=>"Check All Fields (only lower caps are allowed and no special characters or empty spaces...");
276 $fomart=strtolower($returnf['format']);
277 $app->response->headers->set("Content-type", "application/".$fomart);
278 $app->response->status(200);
279 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
280 }
281 }
282 if($method=='udp'){
283 $user=$app->request->post('user');
284 if($user!='root'){
285 if($user==''){
286 $return=array("status"=>"Error", "msj"=>"must indicate a user");
287 $fomart=strtolower($returnf['format']);
288 $app->response->headers->set("Content-type", "application/".$fomart);
289 $app->response->status(200);
290 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
291 }
292 if(!file_exists('/home/'.$user.'/')){
293 $return=array("status"=>"Error", "msj"=>"User does not exist");
294 $fomart=strtolower($returnf['format']);
295 $app->response->headers->set("Content-type", "application/".$fomart);
296 $app->response->status(200);
297 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
298 }
299 $email=$app->request->post('email');
300 /*if($email==''){
301 $return=array("status"=>"Error", "msj"=>"You must indicate an email");
302 $fomart=strtolower($returnf['format']);
303 $app->response->headers->set("Content-type", "application/".$fomart);
304 $app->response->status(200);
305 if($fomart=='json'){
306 $app->response->body(json_encode($return));
307 }else{
308 $app->response->body(array2xml($return));
309 }
310 }*/
311 $package=$app->request->post('package');
312 if($package=!''){
313 if(strpos($package, '@')!==false){
314 $idpack=str_replace('@','',$package);
315 }else{
316 $pass = conexbd();
317 $mysqli = new mysqli("localhost", "root", trim($pass), "root_cwp");
318 $query = 'SELECT * FROM packages WHERE package_name ="' . trim($package) . '"';
319 $result = mysqli_query($mysqli, $query);
320 if ($result->num_rows == 0) {
321 $return=array("status"=>"Error", "msj"=>"There is no package with this name");
322 $fomart=strtolower($returnf['format']);
323 $app->response->headers->set("Content-type", "application/".$fomart);
324 $app->response->status(200);
325 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
326 }else{
327 $row=mysqli_fetch_assoc($result);
328 $idpack=$row['id'];
329 }
330 }
331 }
332 $backup=$app->request->post('backup');
333 $inode=$app->request->post('inode');
334 $processes=$app->request->post('processes');
335 $openfiles=$app->request->post('openfiles');
336
337 $sw=0;
338 $pass = conexbd();
339 $mysqli = new mysqli("localhost", "root", trim($pass), "root_cwp");
340
341 if($email!=''){
342 if(mysqli_query($mysqli,'UPDATE user SET email="'.$email.'" WHERE username="'.trim($user).'"')){ $sw++;}
343 }
344 if($backup!=''){
345 if(mysqli_query($mysqli,'UPDATE user SET backup="'.$backup.'" WHERE username="'.trim($user).'"')){ $sw++;}
346 }
347 if($package!=''){
348 if(mysqli_query($mysqli,'UPDATE user SET package="'.$package.'" WHERE username="'.trim($user).'"')){ $sw++;}
349 }
350
351 if($sw>0){
352 $return=array("status"=>"OK");
353 $fomart=strtolower($returnf['format']);
354 $app->response->headers->set("Content-type", "application/".$fomart);
355 $app->response->status(200);
356 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
357 }else{
358 $return=array("status"=>"Error","msj"=>"There was an error updating");
359 $fomart=strtolower($returnf['format']);
360 $app->response->headers->set("Content-type", "application/".$fomart);
361 $app->response->status(200);
362 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
363 }
364 }else{
365 $return=array("status"=>"Error","msj"=>"User is root");
366 $fomart=strtolower($returnf['format']);
367 $app->response->headers->set("Content-type", "application/".$fomart);
368 $app->response->status(200);
369 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
370 }
371
372 }
373 if($method=='del'){ // PENDIENTE
374 $user=$app->request->post('user');
375 $homedir='/home';
376 if ($user!='root'){
377 if(file_exists('/home/'.$user.'/')){
378 shell_exec("chattr -R -i /home/{$user}/public_html");
379 shell_exec("pkill -9 {$user}");
380 shell_exec("ps uaxf|grep \"^{$user} \"|awk {'print \$2'}|xargs kill -9");
381 $ssh_command = "/usr/sbin/userdel -r {$user} 2>&1";
382 shell_exec($ssh_command);
383
384 if (!file_exists("{$homedir}/{$user}/")){
385 // No need for all domains
386 RemoveLimitApacheNPROC($user);
387
388 //Needed for all domains/subdomains
389 foreach (getUserDomains($user) as $domain_for_removal){
390
391 //Remove DNS Zone file
392 if (file_exists("/var/named/{$domain_for_removal}.db")){
393 shell_exec("rm -f /var/named/{$domain_for_removal}.db");
394 }
395
396 //delete Virtual FTP hosts
397 $list_ftp_users = shell_exec("pure-pw list|grep \"@{$domain_for_removal}\"");
398 $splited_list_ftp_users = preg_split ("/\n/", $list_ftp_users);
399 foreach($splited_list_ftp_users as $splited_result1) {
400 if (!empty($splited_result1)){
401 $line_split_result = preg_split ("/[\t,]/", $splited_result1);
402 //echo "Deleting Virtual FTP account: {$line_split_result[0]} <br>";
403 shell_exec("pure-pw userdel '{$line_split_result[0]}' -m");
404 }
405 }
406
407 if (!file_exists("/var/named/{$domain_for_removal}.db")){
408 //echo "DNS Zone File for {$domain_for_removal} removed from the server.<br>";
409 }
410
411 //Remove DNS Zone
412 $replace_named = file_get_contents('/etc/named.conf');
413 preg_match("'\/\/ zone {$domain_for_removal}(.*?)\/\/ zone_end {$domain_for_removal}'si", $replace_named, $match);
414 //$replacment = $match[1];
415 if (!empty($match[1])){
416 //echo "Config for {$domain_for_removal} found in named.conf .... ";
417 $replace_named = str_replace( "{$match[1]}", "", $replace_named );
418 $replace_named = str_replace( "// zone {$domain_for_removal}", "", $replace_named );
419 $replace_named = str_replace( "// zone_end {$domain_for_removal}", "", $replace_named );
420 $zone_file = "/etc/named.conf";
421 file_put_contents($zone_file, $replace_named, LOCK_EX);
422 //echo "Removing config for {$domain_for_removal} from named.conf<br>";
423 }else{
424 //echo "Config for {$domain_for_removal} not found in named.conf .... ";
425 }
426 //END Remove DNS Zone
427
428 //DNS Cluster
429 if (file_exists("/usr/local/cwp/.conf/dns_cluster.conf")){
430 //dns_cluster_sync("/var/named/{$domain_for_removal}.db", "2");
431 }
432
433 //Remove vhost Data
434 /*
435 $replace_vhost = file_get_contents('/usr/local/apache/conf.d/vhosts.conf');
436 preg_match("'# vhost_start {$domain_for_removal}(.*?)# vhost_end {$domain_for_removal}'si", $replace_vhost, $match_vhost);
437 $replacment_vhost = $match_vhost[1];
438 if (!empty($replacment_vhost)){
439 echo "Config for {$domain_for_removal} found in vHosts .... ";
440 }
441 else{
442 echo "Config for {$domain_for_removal} not found in vHosts .... ";
443 }
444
445 $replace_vhost = str_replace( "{$replacment_vhost}", "", $replace_vhost );
446 $replace_vhost = str_replace( "# vhost_start {$domain_for_removal}", "", $replace_vhost );
447 $replace_vhost = str_replace( "# vhost_end {$domain_for_removal}", "", $replace_vhost );
448 $vhost_file = "/usr/local/apache/conf.d/vhosts.conf";
449 file_put_contents($vhost_file, $replace_vhost, LOCK_EX);
450 echo "Removing config for {$domain_for_removal} from vHosts<br>";
451 //END Remove vhost Data
452 */
453
454 //Remove suspend config (if exists)
455
456 if (file_exists("/usr/local/cwp/users/suspended/{$user}")){
457 shell_exec("rm -f /usr/local/cwp/users/suspended/{$user}");
458 }
459
460
461 $vhostManager = VhostsManager::load('/usr/local/apache/conf.d/vhosts.conf');
462 $vhostManager->deleteVhostByServerName($domain_for_removal)->save();
463
464 //AutoSSL removal
465 autoSSL_remove($domain_for_removal);
466
467 //Email removal
468
469 if (file_exists("/var/vmail/{$domain_for_removal}/")){
470 if (!empty($domain_for_removal)){
471 shell_exec("rm -Rf /var/vmail/{$domain_for_removal}");
472 }
473 }
474
475 //DKIM REMOVAL
476
477 if (file_exists("/etc/opendkim/userkeys/{$domain_for_removal}/")){
478 if (!empty($domain_for_removal)){
479 shell_exec("rm -Rf /etc/opendkim/userkeys/{$domain_for_removal}");
480 }
481 }
482
483 if (file_exists("/etc/opendkim/KeyTable")){
484 if (!empty($domain_for_removal)){
485 shell_exec("sed -i '/^default._domainkey.{$domain_for_removal} /d' /etc/opendkim/KeyTable");
486 }
487 }
488
489 if (file_exists("/etc/opendkim/TrustedHosts")){
490 if (!empty($domain_for_removal)){
491 shell_exec("sed -i '/^{$domain_for_removal}[[:blank:]]*\$/d' /etc/opendkim/TrustedHosts"); // Ignores empty space [[:blank:]]*
492 }
493 }
494
495 //Remove all email accounts
496 if (!empty($domain_for_removal)){
497 $pass = conexbd();
498 $mysql_conn = new mysqli("localhost", "root", trim($pass), "postfix");
499 mysqli_query($mysql_conn, "DELETE FROM mailbox WHERE domain = '{$domain_for_removal}'");
500 mysqli_query($mysql_conn, "DELETE FROM alias WHERE domain = '{$domain_for_removal}'");
501 mysqli_query($mysql_conn, "DELETE FROM domain WHERE domain = '{$domain_for_removal}'");
502 mysqli_query($mysql_conn, "DELETE FROM vacation WHERE domain = '{$domain_for_removal}'");
503 }
504 }
505 //END Needed for all domains/subdomains
506
507 // ModSecurity Custom rules per domain and custom apache configuration
508 if (file_exists("/usr/local/apache/userdata/{$user}/")){
509 if (!empty($user)){
510 shell_exec("rm -Rf /usr/local/apache/userdata/{$user}");
511 }
512 }
513
514 // MySQL Data
515 $pass = conexbd();
516 $mysql2_conn = new mysqli("localhost", "root", trim($pass), "root_cwp");
517 mysqli_query($mysql2_conn, "DELETE FROM subdomains WHERE user = '{$user}'"); //Delete subdomains from mysql database
518 mysqli_query($mysql2_conn, "DELETE FROM domains WHERE user = '{$user}'"); //Delete domains from mysql database
519 mysqli_query($mysql2_conn, "DELETE FROM user WHERE username = '{$user}'")or(mysqli_error());
520 //echo "User and domains deleted from MySQL database.<br>";
521
522
523 //MySQL
524 $account = $user;
525 $s_mysql_users = shell_exec("mysql -uroot -p{$pass } -e 'SELECT User,host FROM mysql.user' -B -N|awk {'print $1,$2'}");
526 $s_mysql_databases = shell_exec("mysql -uroot -p{$pass} -e \"SHOW DATABASES like '".$account."\_%'\" -B -N");
527
528
529 $s_splited_rows = preg_split ("/\n/", $s_mysql_users );
530 foreach($s_splited_rows as $splited_result) {
531 if (!empty($splited_result)){
532 //echo "<br>=====================<br> USER Name: {$splited_result}<br>";
533 $splited_col= preg_split ("/ /", $splited_result);
534 //echo "1: {$splited_col[0]}, 2: {$splited_col[1]}<br>";
535 $splited_db= preg_split ("/_/", $splited_col[0]);
536 if (!empty($splited_db[1])){
537 if ($splited_db[0] == $account){
538 //echo "Deleted1 {$splited_col[0]}:{$splited_col[1]}";
539 exec("mysql -uroot -p{$pass} -e \"DROP USER '{$splited_col[0]}'@'{$splited_col[1]}'\"");
540 $flush_privileges = "1";
541 }
542 }
543 else{
544 if ($splited_db[0] == $account){
545 //echo "Deleted1-else {$splited_col[0]}:{$splited_col[1]}";
546 exec("mysql -uroot -p{$pass} -e \"DROP USER '{$splited_col[0]}'@'{$splited_col[1]}'\"");
547 $flush_privileges = "1";
548 }
549 }
550 }
551 }
552
553 if ($flush_privileges == "1"){ //flush privileges if there were changes
554 exec("mysql -uroot -p{$pass} -e \"flush privileges;\"");
555 }
556
557 //databases
558 $db_splited_rows = preg_split ("/\n/", $s_mysql_databases );
559 foreach($db_splited_rows as $db_splited_result) {
560 if (!empty($db_splited_result) AND $db_splited_result != "root_cwp" AND $db_splited_result != "mysql" AND $db_splited_result != "postfix"){
561 //echo "Deleting Database: {$db_splited_result} <br>";
562 shell_exec("mysql -uroot -p{$pass} -e \"DROP DATABASE {$db_splited_result}\"");
563 }
564 }
565 //End MySQL
566
567 //Remove suspend config (if exists)
568 if (file_exists("/usr/local/apache/conf.d/suspended_accounts/{$user}.conf")){
569 shell_exec("rm -f /usr/local/apache/conf.d/suspended_accounts/{$user}.conf");
570 }
571
572 //Remove ulimits
573 if (file_exists("/etc/security/limits.d/{$user}.conf")){
574 shell_exec("rm -f /etc/security/limits.d/{$user}.conf");
575 }
576
577 hook_cwpsrv_NewUserRemove($user);
578
579 //Apache userdata (modsecurity)
580 if (file_exists("/usr/local/apache/userdata/{$user}")){
581 shell_exec("rm -Rf /usr/local/apache/userdata/{$user}");
582 }
583 $return=array("status"=>"OK");
584 $fomart=strtolower($returnf['format']);
585 $app->response->headers->set("Content-type", "application/".$fomart);
586 $app->response->status(200);
587 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
588 }else{
589 $return=array("status"=>"Error");
590 $fomart=strtolower($returnf['format']);
591 $app->response->headers->set("Content-type", "application/".$fomart);
592 $app->response->status(200);
593 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
594 }
595 }else{
596 $return=array("status"=>"Error","msj"=>"User does not exist");
597 $fomart=strtolower($returnf['format']);
598 $app->response->headers->set("Content-type", "application/".$fomart);
599 $app->response->status(200);
600 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
601 }
602 }
603 }
604 if($method=='list'){
605 //$user=$app->request->post('user');
606 $pass = conexbd();
607 $mysqli = new mysqli("localhost", "root", trim($pass), "root_cwp");
608 $sql='SELECT packages.package_name, packages.id as idpackage, `user`.backup, `user`.setup_date, `user`.email, `user`.ip_address, `user`.domain, `user`.username, `user`.id FROM `user` Inner Join packages ON `user`.package = packages.id ORDER BY `user`.id ASC';
609 $result = mysqli_query($mysqli, $sql);
610 if ($result->num_rows == 0) {
611 $return = array("status" => "OK","msj"=>"no records exist");
612 $fomart=strtolower($returnf['format']);
613 $app->response->headers->set("Content-type", "application/".$fomart);
614 $app->response->status(200);
615 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
616 }else{
617 $accounts=array();
618 $i=0;
619 while($row=mysqli_fetch_assoc($result)){
620 $accounts[$i]['package_name']=$row['package_name'];
621 $accounts[$i]['idpackage']=$row['idpackage'];
622 $accounts[$i]['id']=$row['id'];
623 $accounts[$i]['backup']=$row['backup'];
624 $accounts[$i]['username']=$row['username'];
625 $accounts[$i]['email']=$row['email'];
626 $accounts[$i]['setup_date']=$row['setup_date'];
627 $accounts[$i]['ip_address']=$row['ip_address'];
628 $accounts[$i]['domain']=$row['domain'];
629 $i++;
630 }
631 $return = array("status" => "OK","msj"=>$accounts);
632 $fomart=strtolower($returnf['format']);
633 $app->response->headers->set("Content-type", "application/".$fomart);
634 $app->response->status(200);
635 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
636 }
637 }
638 if($method=='susp'){
639 $user=$app->request->post('user');
640 if($user!='root'){
641 shell_exec("passwd -l {$user}");
642 if (!file_exists("/usr/local/cwp/users/suspended")){
643 shell_exec("mkdir -p /usr/local/cwp/users/suspended/");
644 }
645
646 //Fix cwp-phpfpm crash
647 if (file_exists("/usr/local/cwp/php71/etc/php-fpm.d/users/{$user}.conf")){
648 shell_exec("mv /usr/local/cwp/php71/etc/php-fpm.d/users/{$user}.conf /usr/local/cwp/php71/etc/php-fpm.d/users/{$user}.suspended");
649 }
650
651 //Apache Suspend
652 shell_exec("echo '1' > /usr/local/cwp/users/suspended/{$user}");
653 if (!file_exists("/usr/local/apache/htdocs/suspended-page")){
654 shell_exec("mkdir -p /usr/local/apache/htdocs/suspended-page");
655 shell_exec("touch /usr/local/apache/htdocs/suspended-page/index.html;echo \"Account Suspended\" > /usr/local/apache/htdocs/suspended-page/index.html'");
656 shell_exec("chown nobody.nobody -R /usr/local/apache/htdocs/suspended-page/");
657 }
658 //New Account Suspensions
659 $main_suspensionFile = "/usr/local/apache/conf.d/account_suspensions.conf";
660 if (!file_exists($main_suspensionFile)){
661 shell_exec("touch {$main_suspensionFile};echo \"Include /usr/local/apache/conf.d/suspended_accounts/*.conf\" > {$main_suspensionFile }");
662 }
663 if (!file_exists("/usr/local/apache/conf.d/suspended_accounts")){
664 shell_exec("mkdir -p /usr/local/apache/conf.d/suspended_accounts");
665 }
666 //empty conf requird
667 if (!file_exists("/usr/local/apache/conf.d/suspended_accounts/empty.conf")){
668 shell_exec("touch /usr/local/apache/conf.d/suspended_accounts/empty.conf");
669 }
670 $account_suspendTemplate = '<Directory \"MYHOMEDIR\">
671 AllowOverride none
672 RedirectMatch .* http://MYSERVER-IP/suspended-page/
673 </Directory>';
674
675 $pass = conexbd();
676 $mysqli = new mysqli("localhost", "root", trim($pass), "root_cwp");
677 $query = 'SELECT * FROM settings WHERE id =1';
678 $result = mysqli_query($mysqli, $query);
679 $row=mysqli_fetch_assoc($result);
680
681 shell_exec("echo \"{$account_suspendTemplate}\" > /usr/local/apache/conf.d/suspended_accounts/{$user}.conf");
682 shell_exec("sed -i 's|MYHOMEDIR|/home/{$user}|g' /usr/local/apache/conf.d/suspended_accounts/{$user}.conf");
683 shell_exec("sed -i 's|MYSERVER-IP|{$row['shared_ip']}|g' /usr/local/apache/conf.d/suspended_accounts/{$user}.conf");
684
685 //quota suspend
686 $quota_part_set = shell_exec("cat /usr/local/cwp/.conf/quota_part.conf");
687 $quota_part_set = preg_replace('/(^[\r\n]*|[\r\n]+)[\s\t]*[\r\n]+/', '\n', $quota_part_set);
688 //remove_empty_line($quota_part_set);
689
690 $pass = conexbd();
691 $mysql_conn_postfix = new mysqli("localhost", "root", trim($pass), "postfix");
692
693 foreach (getUserDomains($user) as $domain_for_removal){
694 if (!empty($domain_for_removal)){
695 mysqli_query($mysql_conn_postfix, "UPDATE mailbox SET active = 4 WHERE domain = '{$domain_for_removal}' AND active = 1");
696 mysqli_query($mysql_conn_postfix, "UPDATE alias SET active = 4 WHERE domain = '{$domain_for_removal}' AND active = 1");
697 mysqli_query($mysql_conn_postfix, "UPDATE domain SET active = 4 WHERE domain = '{$domain_for_removal}' AND active = 1");
698 mysqli_query($mysql_conn_postfix, "UPDATE vacation SET active = 4 WHERE domain = '{$domain_for_removal}' AND active = 1");
699 }
700 }
701
702 if (empty($quota_part_set)){ $quota_part_set = "/"; }
703 shell_exec("setquota -u -F vfsv0 {$user} 1 1 1 1 {$quota_part_set}");
704 shell_exec("quota -s {$user}");
705 shell_exec("service httpd reload");
706 writelog('Suspend '.$user.' OK',$key);
707 $return = array("status" => "OK");
708 $fomart=strtolower($returnf['format']);
709 $app->response->headers->set("Content-type", "application/".$fomart);
710 $app->response->status(200);
711 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
712 }else{
713 writelog('Suspend '.$user.' Error..',$key);
714 $return = array("status" => "Error..");
715 $fomart=strtolower($returnf['format']);
716 $app->response->headers->set("Content-type", "application/".$fomart);
717 $app->response->status(200);
718 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
719 }
720 }
721 if($method=='unsp'){
722 $user=$app->request->post('user');
723 if($user!='root') {
724 shell_exec("passwd -u {$user}");
725 if (file_exists("/usr/local/cwp/users/suspended/{$user}")) {
726 shell_exec("rm -f /usr/local/cwp/users/suspended/{$user}");
727 }
728
729 //Fix cwp-phpfpm crash
730 if (file_exists("/usr/local/cwp/php71/etc/php-fpm.d/users/{$user}.suspended")){
731 shell_exec("mv /usr/local/cwp/php71/etc/php-fpm.d/users/{$user}.suspended /usr/local/cwp/php71/etc/php-fpm.d/users/{$user}.conf");
732 }
733
734
735
736 shell_exec("sed -i '/suspended-page/d' /home/{$user}/public_html/.htaccess");
737 shell_exec("chown {$user}.{$user} /home/{$user}/public_html/.htaccess");
738 shell_exec("rm -f /usr/local/apache/conf.d/suspended_accounts/{$user}.conf");
739
740 //quota unsuspend
741 //$set_package = $_POST['package'];
742 //$mysql_result_pkgs = query_singlerow( $table = "packages", "`id` = '{$set_package}'" );
743 $pass = conexbd();
744 $mysqli = new mysqli("localhost", "root", trim($pass), "root_cwp");
745 $select = 'SELECT packages.disk_quota FROM user Inner Join packages ON user.package = packages.id WHERE user.username = "' . $user . '"';
746 $result = mysqli_query($mysqli, $select);
747 $row = mysqli_fetch_assoc($result);
748 $set_quota = $row['disk_quota'] * 1024;
749
750 $quota_part_set = shell_exec("cat /usr/local/cwp/.conf/quota_part.conf");
751 //$quota_part_set = remove_empty_line($quota_part_set);
752 $quota_part_set = preg_replace('/(^[\r\n]*|[\r\n]+)[\s\t]*[\r\n]+/', '\n', $quota_part_set);
753
754
755 $pass = conexbd();
756 $mysql_conn_postfix = new mysqli("localhost", "root", trim($pass), "postfix");
757
758 foreach (getUserDomains($user) as $domain_for_removal){
759 if (!empty($domain_for_removal)){
760 mysqli_query($mysql_conn_postfix, "UPDATE mailbox SET active = 1 WHERE domain = '{$domain_for_removal}' AND active = 4");
761 mysqli_query($mysql_conn_postfix, "UPDATE alias SET active = 1 WHERE domain = '{$domain_for_removal}' AND active = 4");
762 mysqli_query($mysql_conn_postfix, "UPDATE domain SET active = 1 WHERE domain = '{$domain_for_removal}' AND active = 4");
763 mysqli_query($mysql_conn_postfix, "UPDATE vacation SET active = 1 WHERE domain = '{$domain_for_removal}' AND active = 4");
764 }
765 }
766
767
768 if (empty($quota_part_set)) { $quota_part_set = "/"; }
769 shell_exec("setquota -u -F vfsv0 {$user} {$set_quota} {$set_quota} 0 0 {$quota_part_set}");
770 shell_exec("quota -s {$user}");
771 shell_exec("service httpd reload");
772 $return = array("status" => "OK");
773 $fomart=strtolower($returnf['format']);
774 $app->response->headers->set("Content-type", "application/".$fomart);
775 $app->response->status(200);
776 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
777 }else{
778 $return = array("status" => "Error..");
779 $fomart=strtolower($returnf['format']);
780 $app->response->headers->set("Content-type", "application/".$fomart);
781 $app->response->status(200);
782 if($fomart=='json'){ $app->response->body(json_encode($return)); }else{ $app->response->body(array2xml($return,false)); }
783 }
784 }
785 }else{
786 if((!isset($returnf['format']))or($returnf['format']=='JSON')){
787 $app->response->headers->set("Content-type", "application/json");
788 $app->response->status(200);
789 $app->response->body(json_encode($returnf));
790 }elseif($returnf['format']=='XML'){
791 $app->response->headers->set("Content-type", "application/xml");
792 $app->response->status(200);
793 $app->response->body($returnf);
794 }
795 }
796});