From 6b19346b2064615aeb289c6c3c08114a94b511e3 Mon Sep 17 00:00:00 2001
From: Daniel Winzen <daniel@danwin1210.me>
Date: Sat, 2 Nov 2019 19:41:05 +0100
Subject: [PATCH] Various optimizations

---
 var/www/common.php        | 59 +++++++++++++++++++++++++++-----------
 var/www/cron.php          | 12 +++-----
 var/www/find_old.php      |  6 +---
 var/www/html/admin.php    | 60 ++++++++++++++++++++-------------------
 var/www/html/delete.php   |  6 +---
 var/www/html/faq.php      |  1 +
 var/www/html/files.php    | 18 +++++-------
 var/www/html/home.php     | 31 +++++++++-----------
 var/www/html/index.php    |  1 +
 var/www/html/list.php     | 38 +++++++++++++------------
 var/www/html/log.php      |  5 ----
 var/www/html/login.php    |  6 +---
 var/www/html/password.php |  6 +---
 var/www/html/register.php | 14 ++++-----
 var/www/setup.php         |  7 +++--
 15 files changed, 134 insertions(+), 136 deletions(-)
diff --git a/var/www/common.php b/var/www/common.php
index 8a64de0..72bc793 100644
--- a/var/www/common.php
+++ b/var/www/common.php
@@ -166,7 +166,6 @@ function base32_encode(string $input) : string {
 }
 
 function send_captcha() {
-	global $db;
 	if(!CAPTCHA || !extension_loaded('gd')){
 		return;
 	}
@@ -178,6 +177,7 @@ function send_captcha() {
 	}
 	$randid = mt_rand();
 	$time = time();
+	$db = get_db_instance();
 	$stmt = $db->prepare('INSERT INTO captcha (id, time, code) VALUES (?, ?, ?);');
 	$stmt->execute([$randid, $time, $code]);
 	echo "<tr><td>Copy: ";
@@ -264,7 +264,6 @@ function send_captcha() {
 }
 
 function check_login(){
-	global $db;
 	if(empty($_SESSION['csrf_token'])){
 		$_SESSION['csrf_token']=sha1(uniqid());
 	}
@@ -273,6 +272,7 @@ function check_login(){
 		session_destroy();
 		exit;
 	}
+	$db = get_db_instance();
 	$stmt=$db->prepare('SELECT * FROM users WHERE username=?;');
 	$stmt->execute([$_SESSION['hosting_username']]);
 	if(!$user=$stmt->fetch(PDO::FETCH_ASSOC)){
@@ -293,11 +293,11 @@ function get_system_hash($pass) {
 }
 
 function check_captcha_error() {
-	global $db;
 	if(CAPTCHA){
 		if(!isset($_REQUEST['challenge'])){
 			return 'Error: Wrong Captcha';
 		}else{
+			$db = get_db_instance();
 			$stmt=$db->prepare('SELECT code FROM captcha WHERE id=?;');
 			$stmt->execute([$_REQUEST['challenge']]);
 			$stmt->bindColumn(1, $code);
@@ -318,7 +318,8 @@ function check_captcha_error() {
 	return false;
 }
 
-function rewrite_torrc(PDO $db, string $instance){
+function rewrite_torrc(string $instance){
+	$db = get_db_instance();
 	$update_onion=$db->prepare('UPDATE onions SET private_key=? WHERE onion=?;');
 	$torrc='ClientUseIPv6 1
 ClientUseIPv4 1
@@ -466,7 +467,8 @@ function ed25519_seckey_expand(string $seed) : string {
 	return $sk;
 }
 
-function rewrite_nginx_config(PDO $db){
+function rewrite_nginx_config(){
+	$db = get_db_instance();
 	$nginx='';
 	$rewrites = [];
 	// rewrite rules
@@ -567,7 +569,8 @@ function rewrite_nginx_config(PDO $db){
 	exec('systemctl reload nginx');
 }
 
-function rewrite_php_config(PDO $db, string $key){
+function rewrite_php_config(string $key){
+	$db = get_db_instance();
 	$stmt=$db->prepare("SELECT system_account FROM users WHERE instance = ? AND php=? AND todelete!=1 AND id NOT IN (SELECT user_id FROM new_account);");
 	foreach(array_replace(PHP_VERSIONS, DISABLED_PHP_VERSIONS) as $php_key => $version){
 		$stmt->execute([$key, $php_key]);
@@ -604,7 +607,8 @@ php_admin_value[session.save_path] = /tmp
 	}
 }
 
-function add_mysql_user(PDO $db, string $password) : string {
+function add_mysql_user(string $password) : string {
+	$db = get_db_instance();
 	$mysql_user = '';
 	$stmt = $db->prepare('SELECT null FROM users WHERE mysql_user = ?;');
 	do {
@@ -616,7 +620,8 @@ function add_mysql_user(PDO $db, string $password) : string {
 	return $mysql_user;
 }
 
-function add_user_db(PDO $db, int $user_id) : ?string {
+function add_user_db(int $user_id) : ?string {
+	$db = get_db_instance();
 	$mysql_db = '';
 	$stmt = $db->prepare('SELECT COUNT(*) FROM mysql_databases WHERE user_id = ?;');
 	$stmt->execute([$user_id]);
@@ -641,7 +646,8 @@ function add_user_db(PDO $db, int $user_id) : ?string {
 	return $mysql_db;
 }
 
-function del_user_db(PDO $db, int $user_id, string $mysql_db) {
+function del_user_db(int $user_id, string $mysql_db) {
+	$db = get_db_instance();
 	$stmt = $db->prepare('SELECT mysql_user FROM users WHERE id = ?;');
 	$stmt->execute([$user_id]);
 	$user = $stmt->fetch(PDO::FETCH_ASSOC);
@@ -656,17 +662,20 @@ function del_user_db(PDO $db, int $user_id, string $mysql_db) {
 	}
 }
 
-function get_new_tor_instance(PDO $db){
+function get_new_tor_instance(){
+	$db = get_db_instance();
 	$stmt = $db->query('SELECT s.ID FROM service_instances AS s LEFT JOIN onions AS o ON (s.ID = o.instance) GROUP BY s.ID ORDER BY count(s.ID) LIMIT 1;');
 	return $stmt->fetch(PDO::FETCH_NUM)[0];
 }
 
-function add_user_onion(PDO $db, int $user_id, string $onion, string $priv_key, int $onion_version) {
-		$stmt=$db->prepare('INSERT INTO onions (user_id, onion, private_key, version, enabled, enable_smtp, instance) VALUES (?, ?, ?, ?, 1, 0, ?);');
-		$stmt->execute([$user_id, $onion, $priv_key, $onion_version, get_new_tor_instance($db)]);
+function add_user_onion(int $user_id, string $onion, string $priv_key, int $onion_version) {
+	$db = get_db_instance();
+	$stmt=$db->prepare('INSERT INTO onions (user_id, onion, private_key, version, enabled, enable_smtp, instance) VALUES (?, ?, ?, ?, 1, 0, ?);');
+	$stmt->execute([$user_id, $onion, $priv_key, $onion_version, get_new_tor_instance()]);
 }
 
-function del_user_onion(PDO $db, int $user_id, string $onion) {
+function del_user_onion(int $user_id, string $onion) {
+	$db = get_db_instance();
 	$stmt = $db->prepare('SELECT null FROM onions WHERE user_id = ? AND onion = ? AND enabled IN (0, 1);');
 	$stmt->execute([$user_id, $onion]);
 	if($stmt->fetch()){
@@ -675,7 +684,7 @@ function del_user_onion(PDO $db, int $user_id, string $onion) {
 	}
 }
 
-function add_user_domain(PDO $db, int $user_id, string $domain) : string {
+function add_user_domain(int $user_id, string $domain) : string {
 	$domain = strtolower($domain);
 	if(strlen($domain) > 255){
 		return "Domain can't be longer than 255 characters.";
@@ -692,6 +701,7 @@ function add_user_domain(PDO $db, int $user_id, string $domain) : string {
 			return 'Invalid domain';
 		}
 	}
+	$db = get_db_instance();
 	$stmt = $db->prepare('SELECT null FROM domains WHERE domain = ?;');
 	$stmt->execute([$domain]);
 	if($stmt->fetch()){
@@ -702,7 +712,8 @@ function add_user_domain(PDO $db, int $user_id, string $domain) : string {
 	return '';
 }
 
-function del_user_domain(PDO $db, int $user_id, string $domain) {
+function del_user_domain(int $user_id, string $domain) {
+	$db = get_db_instance();
 	$stmt = $db->prepare('SELECT null FROM domains WHERE user_id = ? AND domain = ? AND enabled IN (0, 1);');
 	$stmt->execute([$user_id, $domain]);
 	if($stmt->fetch()){
@@ -718,7 +729,8 @@ function check_csrf_error(){
 	return false;
 }
 
-function enqueue_instance_reload($db, $instance = null){
+function enqueue_instance_reload($instance = null){
+	$db = get_db_instance();
 	if($instance === null){
 		$stmt=$db->prepare('UPDATE service_instances SET reload = 1 LIMIT 1;');
 	}else{
@@ -726,3 +738,16 @@ function enqueue_instance_reload($db, $instance = null){
 		$stmt->execute([$instance]);
 	}
 }
+
+function get_db_instance(){
+	static $db = null;
+	if($db !== null){
+		return $db;
+	}
+	try{
+		$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
+	}catch(PDOException $e){
+		die('No Connection to MySQL database!');
+	}
+	return $db;
+}
diff --git a/var/www/cron.php b/var/www/cron.php
index 75925d1..4de6ea4 100644
--- a/var/www/cron.php
+++ b/var/www/cron.php
@@ -1,10 +1,6 @@
 <?php
 include('common.php');
-try{
-	$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
-}catch(PDOException $e){
-	die('No Connection to MySQL database!');
-}
+$db = get_db_instance();
 
 //instances to reload
 $reload=[];
@@ -77,11 +73,11 @@ foreach($onions as $onion){
 
 //reload services
 if(!empty($reload)){
-	rewrite_nginx_config($db);
+	rewrite_nginx_config();
 }
 foreach($reload as $key => $val){
-	rewrite_php_config($db, $key);
-	rewrite_torrc($db, $key);
+	rewrite_php_config($key);
+	rewrite_torrc($key);
 }
 
 //continue deleting old accounts
diff --git a/var/www/find_old.php b/var/www/find_old.php
index 0f2c6dd..4b0ab35 100644
--- a/var/www/find_old.php
+++ b/var/www/find_old.php
@@ -1,10 +1,6 @@
 <?php
 include('common.php');
-try{
-	$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
-}catch(PDOException $e){
-	die('No Connection to MySQL database!');
-}
+$db = get_db_instance();
 
 //delete tmp files older than 24 hours
 $stmt=$db->query('SELECT system_account FROM users;');
diff --git a/var/www/html/admin.php b/var/www/html/admin.php
index 99fcaea..00a10b3 100644
--- a/var/www/html/admin.php
+++ b/var/www/html/admin.php
@@ -1,23 +1,23 @@
 <?php
 include('../common.php');
-try{
-	$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
-}catch(PDOException $e){
-	die('No Connection to MySQL database!');
-}
+$db = get_db_instance();
 header('Content-Type: text/html; charset=UTF-8');
 session_start(['name'=>'hosting_admin']);
 if($_SERVER['REQUEST_METHOD']==='HEAD'){
 	exit; // headers sent, no further processing needed
 }
-echo '<!DOCTYPE html><html><head>';
-echo '<title>Daniel\'s Hosting - Admin panel</title>';
-echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">';
-echo '<meta name="author" content="Daniel Winzen">';
-echo '<meta name="viewport" content="width=device-width, initial-scale=1">';
-echo '<link rel="canonical" href="'.CANONICAL_URL. $_SERVER['SCRIPT_NAME'] .'">';
-echo '</head><body>';
-echo '<h1>Hosting - Admin panel</h1>';
+?>
+<!DOCTYPE html><html><head>
+<title>Daniel's Hosting - Admin panel</title>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<meta name="author" content="Daniel Winzen">
+<meta name="viewport" content="width=device-width, initial-scale=1">
+<link rel="canonical" href="'.CANONICAL_URL. $_SERVER['SCRIPT_NAME'] .'">
+<style>td{padding:5px;}</style>
+<base target="_blank">
+</head><body>
+<h1>Hosting - Admin panel</h1>
+<?php
 $error=false;
 if($_SERVER['REQUEST_METHOD']==='POST' && isset($_POST['pass']) && $_POST['pass']===ADMIN_PASSWORD){
 	if(!($error=check_captcha_error())){
@@ -26,7 +26,7 @@ if($_SERVER['REQUEST_METHOD']==='POST' && isset($_POST['pass']) && $_POST['pass'
 	}
 }
 if(empty($_SESSION['logged_in'])){
-	echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST"><table>';
+	echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST" target="_self"><table>';
 	echo "<tr><td>Password </td><td><input type=\"password\" name=\"pass\" size=\"30\" required autofocus></td></tr>";
 	send_captcha();
 	echo "<tr><td colspan=\"2\"><input type=\"submit\" name=\"action\" value=\"login\"></td></tr>";
@@ -42,9 +42,9 @@ if(empty($_SESSION['logged_in'])){
 	if(REQUIRE_APPROVAL){
 		$stmt=$db->query('SELECT COUNT(*) FROM new_account WHERE approved=0;');
 		$cnt=$stmt->fetch(PDO::FETCH_NUM)[0];
-		echo '<a href="' . $_SERVER['SCRIPT_NAME'] . "?action=approve\">Approve pending sites ($cnt)</a> | ";
+		echo '<a href="' . $_SERVER['SCRIPT_NAME'] . "?action=approve\" target=\"_self\">Approve pending sites ($cnt)</a> | ";
 	}
-	echo '<a href="' . $_SERVER['SCRIPT_NAME'] . '?action=list">List of accounts</a> | <a href="' . $_SERVER['SCRIPT_NAME'] . '?action=delete">Delete accounts</a> | <a href="' . $_SERVER['SCRIPT_NAME'] . '?action=suspend">Suspend hidden services</a> | <a href="' . $_SERVER['SCRIPT_NAME'] . '?action=edit">Edit hidden services</a> | <a href="' . $_SERVER['SCRIPT_NAME'] . '?action=logout">Logout</a></p>';
+	echo '<a href="' . $_SERVER['SCRIPT_NAME'] . '?action=list" target="_self">List of accounts</a> | <a href="' . $_SERVER['SCRIPT_NAME'] . '?action=delete" target="_self">Delete accounts</a> | <a href="' . $_SERVER['SCRIPT_NAME'] . '?action=suspend" target="_self">Suspend hidden services</a> | <a href="' . $_SERVER['SCRIPT_NAME'] . '?action=edit" target="_self">Edit hidden services</a> | <a href="' . $_SERVER['SCRIPT_NAME'] . '?action=logout" target="_self">Logout</a></p>';
 	if(empty($_REQUEST['action']) || $_REQUEST['action']==='login'){
 		echo '<p>Welcome to the admin panel!</p>';
 	}elseif($_REQUEST['action'] === 'logout'){
@@ -52,7 +52,8 @@ if(empty($_SESSION['logged_in'])){
 		header('Location: ' . $_SERVER['SCRIPT_NAME']);
 		exit;
 	}elseif($_REQUEST['action'] === 'list'){
-		echo '<form action="' . $_SERVER['SCRIPT_NAME'] . "\" method=\"POST\"><input type=\"hidden\" name=\"csrf_token\" value=\"$_SESSION[csrf_token]\">";
+		echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST">';
+		echo '<input type="hidden" name="csrf_token" value="' . $_SESSION['csrf_token'] . '">';
 		echo '<table border="1">';
 		echo '<tr><th>Username</th><th>Onion link</th><th>Action</th></tr>';
 		$stmt=$db->query('SELECT users.username, onions.onion, onions.enabled FROM users INNER JOIN onions ON (onions.user_id=users.id) ORDER BY users.username;');
@@ -70,7 +71,7 @@ if(empty($_SESSION['logged_in'])){
 					echo '<br>';
 				}
 				if($onion[1]=='1'){
-					echo "<a href=\"http://$onion[0].onion\" target=\"_blank\">$onion[0].onion</a>";
+					echo "<a href=\"http://$onion[0].onion\">$onion[0].onion</a>";
 				}else{
 					echo "$onion[0].onion";
 				}
@@ -89,12 +90,13 @@ if(empty($_SESSION['logged_in'])){
 				echo '<p style="color:green;">Successfully approved</p>';
 			}
 		}
-		echo '<form action="' . $_SERVER['SCRIPT_NAME'] . "\" method=\"POST\"><input type=\"hidden\" name=\"csrf_token\" value=\"$_SESSION[csrf_token]\">";
+		echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST" target="_self">';
+		echo '<input type="hidden" name="csrf_token" value="' . $_SESSION['csrf_token'] . '">';
 		echo '<table border="1">';
 		echo '<tr><th>Username</th><th>Onion address</th><th>Action</th></tr>';
 		$stmt=$db->query('SELECT users.username, onions.onion FROM users INNER JOIN new_account ON (users.id=new_account.user_id) INNER JOIN onions ON (onions.user_id=users.id) WHERE new_account.approved=0 ORDER BY users.username;');
 		while($tmp=$stmt->fetch(PDO::FETCH_NUM)){
-			echo "<tr><td>$tmp[0]</td><td><a href=\"http://$tmp[1].onion\" target=\"_blank\">$tmp[1].onion</a></td><td><button type=\"submit\" name=\"action\" value=\"approve_$tmp[1]\">Approve</button><button type=\"submit\" name=\"action\" value=\"delete_$tmp[1]\">Delete</button></td></tr>";
+			echo "<tr><td>$tmp[0]</td><td><a href=\"http://$tmp[1].onion\">$tmp[1].onion</a></td><td><button type=\"submit\" name=\"action\" value=\"approve_$tmp[1]\">Approve</button><button type=\"submit\" name=\"action\" value=\"delete_$tmp[1]\">Delete</button></td></tr>";
 		}
 		echo '</table></form>';
 	}elseif(substr($_REQUEST['action'], 0, 6) === 'delete'){
@@ -105,7 +107,7 @@ if(empty($_SESSION['logged_in'])){
 			$onion = substr($_REQUEST['action'], 7);
 		}
 		echo '<p>Delete accouts:</p>';
-		echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST">';
+		echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST" target="_self">';
 		echo '<input type="hidden" name="csrf_token" value="' . $_SESSION['csrf_token'] . '">';
 		echo '<p>Onion address: <input type="text" name="onion" size="30" value="';
 		echo htmlspecialchars($onion);
@@ -136,8 +138,8 @@ if(empty($_SESSION['logged_in'])){
 			$onion = substr($_REQUEST['action'], 8);
 		}
 		echo '<p>Suspend hidden service:</p>';
-		echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST">';
-		echo '<input type="hidden" name="csrf_token" value="'.$_SESSION['csrf_token'].'">';
+		echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST" target="_self">';
+		echo '<input type="hidden" name="csrf_token" value="' . $_SESSION['csrf_token'] . '">';
 		echo '<p>Onion address: <input type="text" name="onion" size="30" value="';
 		echo htmlspecialchars($onion);
 		echo '" required autofocus></p>';
@@ -152,7 +154,7 @@ if(empty($_SESSION['logged_in'])){
 					$stmt=$db->prepare('UPDATE onions SET enabled=-2 WHERE onion=?;');
 					$stmt->execute([$match[1]]);
 					echo "<p style=\"color:green;\">Successfully queued for suspension!</p>";
-					enqueue_instance_reload($db, $instance[0]);
+					enqueue_instance_reload($instance[0]);
 				}else{
 					echo "<p style=\"color:red;\">Onion address not hosted by us!</p>";
 				}
@@ -168,8 +170,8 @@ if(empty($_SESSION['logged_in'])){
 			$onion = substr($_REQUEST['action'], 5);
 		}
 		echo '<p>Edit hidden service:</p>';
-		echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST">';
-		echo '<input type="hidden" name="csrf_token" value="'.$_SESSION['csrf_token'].'">';
+		echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST" target="_self">';
+		echo '<input type="hidden" name="csrf_token" value="' . $_SESSION['csrf_token'] . '">';
 		echo '<p>Onion address: <input type="text" name="onion" size="30" value="';
 		echo htmlspecialchars($onion);
 		echo '" required autofocus></p>';
@@ -200,15 +202,15 @@ if(empty($_SESSION['logged_in'])){
 							$max_streams = 65535;
 						}
 						$stmt->execute([$enabled, $enable_smtp, $num_intros, $max_streams, $match[1]]);
-						enqueue_instance_reload($db, $onion[1]);
+						enqueue_instance_reload($onion[1]);
 						echo "<p style=\"color:green;\">Changes successfully saved!</p>";
 					}
 				}
 				$stmt=$db->prepare('SELECT onion, enabled, enable_smtp, num_intros, max_streams, version FROM onions WHERE onion=?;');
 				$stmt->execute([$match[1]]);
 				if($onion=$stmt->fetch(PDO::FETCH_NUM)){
-					echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST">';
-					echo '<input type="hidden" name="csrf_token" value="'.$_SESSION['csrf_token'].'">';
+					echo '<form action="' . $_SERVER['SCRIPT_NAME'] . '" method="POST" target="_self">';
+					echo '<input type="hidden" name="csrf_token" value="' . $_SESSION['csrf_token'] . '">';
 					echo '<table border="1"><tr><th>Onion</th><th>Enabled</th><th>SMTP enabled</th><th>Nr. of intros</th><th>Max streams per rend circuit</th><th>Save</th></tr>';
 					echo '<tr><td><input type="text" name="onion" size="15" value="'.$onion[0].'" required autofocus></td>';
 					echo '<td><label><input type="checkbox" name="enabled" value="1"';
diff --git a/var/www/html/delete.php b/var/www/html/delete.php
index 48ffef0..32d0cb9 100644
--- a/var/www/html/delete.php
+++ b/var/www/html/delete.php
@@ -1,10 +1,6 @@
 <?php
 include('../common.php');
-try{
-	$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
-}catch(PDOException $e){
-	die('No Connection to MySQL database!');
-}
+$db = get_db_instance();
 session_start();
 $user=check_login();
 $msg='';
diff --git a/var/www/html/faq.php b/var/www/html/faq.php
index 559c101..a86cf53 100644
--- a/var/www/html/faq.php
+++ b/var/www/html/faq.php
@@ -1,6 +1,7 @@
 <?php
 include('../common.php');
 header('Content-Type: text/html; charset=UTF-8');
+header('X-Accel-Expires: 60');
 ?>
 <!DOCTYPE html><html><head>
 <title>Daniel's Hosting - FAQ</title>
diff --git a/var/www/html/files.php b/var/www/html/files.php
index 577cb7c..6358b5c 100644
--- a/var/www/html/files.php
+++ b/var/www/html/files.php
@@ -1,10 +1,6 @@
 <?php
 include('../common.php');
-try{
-	$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
-}catch(PDOException $e){
-	die('No Connection to MySQL database!');
-}
+$db = get_db_instance();
 session_start();
 $user=check_login();
 if(!empty($_POST['ftp_pass'])){
@@ -137,7 +133,7 @@ if(!empty($_POST['mkfile']) && !empty($_POST['name'])){
 	}
 	$tmpfile='/tmp/'.uniqid();
 	touch($tmpfile);
-	ftp_put($ftp, $_POST['name'], $tmpfile, FTP_BINARY);
+	@ftp_put($ftp, $_POST['name'], $tmpfile, FTP_BINARY);
 	unlink($tmpfile);
 }
 
@@ -155,7 +151,7 @@ if(!empty($_POST['rename_2']) && !empty($_POST['files'])){
 		die($error);
 	}
 	foreach($_POST['files'] as $old=>$new){
-		ftp_rename($ftp, $old, $new);
+		@ftp_rename($ftp, $old, $new);
 	}
 }
 
@@ -174,7 +170,7 @@ if(!empty($_POST['edit_2']) && !empty($_POST['files'])){
 	$tmpfile='/tmp/'.uniqid();
 	foreach($_POST['files'] as $name=>$content){
 		file_put_contents($tmpfile, $content);
-		ftp_put($ftp, $name, $tmpfile, FTP_BINARY);
+		@ftp_put($ftp, $name, $tmpfile, FTP_BINARY);
 	}
 	unlink($tmpfile);
 }
@@ -197,7 +193,7 @@ if(!empty($_POST['unzip']) && !empty($_POST['files'])){
 			continue;
 		}
 		$tmpfile='/tmp/'.uniqid().'.zip';
-		if(!ftp_get($ftp, $tmpfile, $file, FTP_BINARY)){
+		if(@!ftp_get($ftp, $tmpfile, $file, FTP_BINARY)){
 			continue;
 		}
 		//prevent zip-bombs
@@ -232,7 +228,7 @@ if(!empty($_FILES['files'])){
 	$c=count($_FILES['files']['name']);
 	for($i=0; $i<$c; ++$i){
 		if($_FILES['files']['error'][$i]===UPLOAD_ERR_OK){
-			ftp_put($ftp, $dir.$_FILES['files']['name'][$i], $_FILES['files']['tmp_name'][$i], FTP_BINARY);
+			@ftp_put($ftp, $dir.$_FILES['files']['name'][$i], $_FILES['files']['tmp_name'][$i], FTP_BINARY);
 			unlink($_FILES['files']['tmp_name'][$i]);
 		}
 	}
@@ -424,7 +420,7 @@ function ftp_recursive_upload($ftp, $path){
 			ftp_chdir($ftp, '..');
 			rmdir($dir->path.$file);
 		}else{
-			ftp_put($ftp, $file, $dir->path.$file, FTP_BINARY);
+			@ftp_put($ftp, $file, $dir->path.$file, FTP_BINARY);
 			unlink($dir->path.$file);
 		}
 	}
diff --git a/var/www/html/home.php b/var/www/html/home.php
index 1f24701..f90d85f 100644
--- a/var/www/html/home.php
+++ b/var/www/html/home.php
@@ -1,17 +1,13 @@
 <?php
 include('../common.php');
-try{
-	$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
-}catch(PDOException $e){
-	die('No Connection to MySQL database!');
-}
+$db = get_db_instance();
 session_start();
 $user=check_login();
 if(isset($_POST['action']) && $_POST['action']==='add_db'){
 	if($error=check_csrf_error()){
 		die($error);
 	}
-	add_user_db($db, $user['id']);
+	add_user_db($user['id']);
 }
 if(isset($_POST['action']) && $_POST['action']==='del_db' && !empty($_POST['db'])){
 	if($error=check_csrf_error()){
@@ -37,7 +33,7 @@ if(isset($_POST['action']) && $_POST['action']==='del_db_2' && !empty($_POST['db
 	if($error=check_csrf_error()){
 		die($error);
 	}
-	del_user_db($db, $user['id'], $_POST['db']);
+	del_user_db($user['id'], $_POST['db']);
 }
 if(isset($_POST['action']) && $_POST['action']==='del_onion' && !empty($_POST['onion'])){
 	if($error=check_csrf_error()){
@@ -102,24 +98,24 @@ if(isset($_POST['action']) && $_POST['action']==='add_onion'){
 		$ok = false;
 	}
 	if($ok){
-		add_user_onion($db, $user['id'], $onion, $priv_key, $onion_version);
+		add_user_onion($user['id'], $onion, $priv_key, $onion_version);
 	}
 }
 if(isset($_POST['action']) && $_POST['action']==='del_onion_2' && !empty($_POST['onion'])){
 	if($error=check_csrf_error()){
 		die($error);
 	}
-	del_user_onion($db, $user['id'], $_POST['onion']);
+	del_user_onion($user['id'], $_POST['onion']);
 }
 if(isset($_POST['action']) && $_POST['action']==='add_domain' && !empty($_POST['domain'])){
 	if($error=check_csrf_error()){
 		die($error);
 	}
-	$error = add_user_domain($db, $user['id'], $_POST['domain']);
+	$error = add_user_domain($user['id'], $_POST['domain']);
 	if(!empty($error)){
 		$msg = "<p style=\"color:red;\">$error</p>";
 	}else{
-		enqueue_instance_reload($db);
+		enqueue_instance_reload();
 	}
 }
 if(isset($_POST['action']) && $_POST['action']==='del_domain' && !empty($_POST['domain'])){
@@ -146,8 +142,8 @@ if(isset($_POST['action']) && $_POST['action']==='del_domain_2' && !empty($_POST
 	if($error=check_csrf_error()){
 		die($error);
 	}
-	del_user_domain($db, $user['id'], $_POST['domain']);
-	enqueue_instance_reload($db);
+	del_user_domain($user['id'], $_POST['domain']);
+	enqueue_instance_reload();
 }
 if(isset($_REQUEST['action']) && isset($_REQUEST['onion']) && $_REQUEST['action']==='edit_onion'){
 	if($error=check_csrf_error()){
@@ -174,7 +170,7 @@ if(isset($_REQUEST['action']) && isset($_REQUEST['onion']) && $_REQUEST['action'
 			$max_streams = 65535;
 		}
 		$stmt->execute([$enabled, $enable_smtp, $num_intros, $max_streams, $_REQUEST['onion']]);
-		enqueue_instance_reload($db, substr($_REQUEST['onion'], 0, 1));
+		enqueue_instance_reload(substr($_REQUEST['onion'], 0, 1));
 	}
 }
 if(isset($_REQUEST['action']) && isset($_POST['domain']) && $_POST['action']==='edit_domain'){
@@ -187,7 +183,7 @@ if(isset($_REQUEST['action']) && isset($_POST['domain']) && $_POST['action']==='
 		$stmt=$db->prepare('UPDATE domains SET enabled = ? WHERE domain = ?;');
 		$enabled = isset($_POST['enabled']) ? 1 : 0;
 		$stmt->execute([$enabled, $_POST['domain']]);
-		enqueue_instance_reload($db);
+		enqueue_instance_reload();
 	}
 }
 
@@ -296,7 +292,8 @@ while($mysql=$stmt->fetch(PDO::FETCH_ASSOC)){
 	echo '<form action="home.php" method="post">';
 	echo '<input type="hidden" name="csrf_token" value="'.$_SESSION['csrf_token'].'">';
 	echo '<input type="hidden" name="db" value="'.$mysql['mysql_database'].'">';
-	echo "<tr><td>$mysql[mysql_database]</td><td>localhost</td><td>$user[mysql_user]</td><td><button type=\"submit\" name=\"action\" value=\"del_db\">Delete</button></td></tr>";
+	echo '<tr><td>'.htmlspecialchars($mysql['mysql_database']).'</td><td>localhost</td><td>'.htmlspecialchars($user['mysql_user']).'</td>';
+	echo '<td><button type="submit" name="action" value="del_db">Delete</button></td></tr>';
 	echo '</form>';
 }
 echo '</table>';
@@ -304,7 +301,7 @@ if($count_dbs<MAX_NUM_USER_DBS){
 	echo '<p><form action="home.php" method="post"><input type="hidden" name="csrf_token" value="'.$_SESSION['csrf_token'].'"><button type="submit" name="action" value="add_db">Add new database</button></form></p>';
 }
 echo '<p><a href="password.php?type=sql">Change MySQL password</a></p>';
-echo '<p>You can use <a href="/phpmyadmin/" target="_blank">PHPMyAdmin</a> and <a href="/adminer/" target="_blank">Adminer</a> for web based database administration.</p>';
+echo '<p>You can use <a href="/phpmyadmin/" target="_blank">PHPMyAdmin</a> and <a href="/adminer/?username='.htmlspecialchars($user['mysql_user']).'" target="_blank">Adminer</a> for web based database administration.</p>';
 echo '<h3>System Account</h3>';
 echo '<table border="1">';
 echo '<tr><th>Username</th><th>Host</th><th>FTP Port</th><th>SFTP Port</th><th>POP3 Port</th><th>IMAP Port</th><th>SMTP port</th></tr>';
diff --git a/var/www/html/index.php b/var/www/html/index.php
index a652ee9..ce3110f 100644
--- a/var/www/html/index.php
+++ b/var/www/html/index.php
@@ -1,6 +1,7 @@
 <?php
 include('../common.php');
 header('Content-Type: text/html; charset=UTF-8');
+header('X-Accel-Expires: 60');
 ?>
 <!DOCTYPE html><html><head>
 <title>Daniel's Hosting</title>
diff --git a/var/www/html/list.php b/var/www/html/list.php
index fcb7f25..85e9298 100644
--- a/var/www/html/list.php
+++ b/var/www/html/list.php
@@ -1,20 +1,21 @@
 <?php
-header('Content-Type: text/html; charset=UTF-8');
 include_once('../common.php');
-try{
-	$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
-}catch(PDOException $e){
-	die('No Connection to MySQL database!');
-}
-echo '<!DOCTYPE html><html><head>';
-echo '<title>Daniel\'s Hosting - List of hosted sites</title>';
-echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">';
-echo '<meta name="author" content="Daniel Winzen">';
-echo '<meta name="viewport" content="width=device-width, initial-scale=1">';
-echo '<link rel="canonical" href="' . CANONICAL_URL . $_SERVER['SCRIPT_NAME'] . '">';
-echo '</head><body>';
-echo '<h1>Hosting - List of hosted sites</h1>';
-echo '<p><a href="index.php">Info</a> | <a href="register.php">Register</a> | <a href="login.php">Login</a> | List of hosted sites | <a href="faq.php">FAQ</a></p>';
+header('Content-Type: text/html; charset=UTF-8');
+header('X-Accel-Expires: 60');
+$db = get_db_instance();
+?>
+<!DOCTYPE html><html><head>
+<title>Daniel's Hosting - List of hosted sites</title>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<meta name="author" content="Daniel Winzen">
+<meta name="viewport" content="width=device-width, initial-scale=1">
+<link rel="canonical" href="<?php echo CANONICAL_URL . $_SERVER['SCRIPT_NAME']; ?>">
+<style>td{padding:5px;}</style>
+<base target="_blank">
+</head><body>
+<h1>Hosting - List of hosted sites</h1>
+<p><a href="index.php" target="_self">Info</a> | <a href="register.php" target="_self">Register</a> | <a href="login.php" target="_self">Login</a> | List of hosted sites | <a href="faq.php" target="_self">FAQ</a></p>
+<?php
 $stmt=$db->query('SELECT COUNT(*) FROM users WHERE public=1;');
 $count=$stmt->fetch(PDO::FETCH_NUM);
 $stmt=$db->query('SELECT COUNT(*) FROM users WHERE public=0;');
@@ -24,7 +25,8 @@ echo '<table border="1">';
 echo '<tr><td>Onion link</td></tr>';
 $stmt=$db->query('SELECT onions.onion FROM users INNER JOIN onions ON (onions.user_id=users.id) WHERE users.public=1 ORDER BY onions.onion;');
 while($tmp=$stmt->fetch(PDO::FETCH_NUM)){
-	echo "<tr><td><a href=\"http://$tmp[0].onion\" target=\"_blank\">$tmp[0].onion</a></td></tr>";
+	echo "<tr><td><a href=\"http://$tmp[0].onion\">$tmp[0].onion</a></td></tr>";
 }
-echo '</table>';
-echo '</body></html>';
+?>
+</table>
+</body></html>
diff --git a/var/www/html/log.php b/var/www/html/log.php
index 001ad63..97e31d3 100644
--- a/var/www/html/log.php
+++ b/var/www/html/log.php
@@ -1,10 +1,5 @@
 <?php
 include('../common.php');
-try{
-	$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
-}catch(PDOException $e){
-	die('No Connection to MySQL database!');
-}
 session_start();
 $user=check_login();
 if(!isset($_REQUEST['old']) || $_REQUEST['old']==0){
diff --git a/var/www/html/login.php b/var/www/html/login.php
index ccd24c0..b3ac3c2 100644
--- a/var/www/html/login.php
+++ b/var/www/html/login.php
@@ -1,10 +1,6 @@
 <?php
 include('../common.php');
-try{
-	$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
-}catch(PDOException $e){
-	die('No Connection to MySQL database!');
-}
+$db = get_db_instance();
 header('Content-Type: text/html; charset=UTF-8');
 session_start();
 if(!empty($_SESSION['hosting_username'])){
diff --git a/var/www/html/password.php b/var/www/html/password.php
index 3de7e4d..1ad12da 100644
--- a/var/www/html/password.php
+++ b/var/www/html/password.php
@@ -1,10 +1,6 @@
 <?php
 include('../common.php');
-try{
-	$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
-}catch(PDOException $e){
-	die('No Connection to MySQL database!');
-}
+$db = get_db_instance();
 session_start();
 $user=check_login();
 if(!isset($_REQUEST['type'])){
diff --git a/var/www/html/register.php b/var/www/html/register.php
index e3713be..0b2c10b 100644
--- a/var/www/html/register.php
+++ b/var/www/html/register.php
@@ -1,10 +1,6 @@
 <?php
 include('../common.php');
-try{
-	$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
-}catch(PDOException $e){
-	die('No Connection to MySQL database!');
-}
+$db = get_db_instance();
 header('Content-Type: text/html; charset=UTF-8');
 session_start();
 if(!empty($_SESSION['hosting_username'])){
@@ -106,14 +102,14 @@ if($_SERVER['REQUEST_METHOD']==='POST'){
 		echo '<p style="color:red;">To prevent abuse a site can only be registered every 60 seconds, but one has already been registered within the last 60 seconds. Please try again.</p>';
 		$ok=false;
 	}elseif($ok){
-		$mysql_user = add_mysql_user($db, $_POST['pass']);
+		$mysql_user = add_mysql_user($_POST['pass']);
 		$stmt=$db->prepare('INSERT INTO users (username, system_account, password, dateadded, public, php, autoindex, mysql_user, instance) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?);');
-		$stmt->execute([$_POST['username'], substr("$onion.onion", 0, 32), $hash, time(), $public_list, $php, $autoindex, $mysql_user, get_new_tor_instance($db)]);
+		$stmt->execute([$_POST['username'], substr("$onion.onion", 0, 32), $hash, time(), $public_list, $php, $autoindex, $mysql_user, get_new_tor_instance()]);
 		$user_id = $db->lastInsertId();
 		$stmt = $db->prepare('INSERT INTO disk_quota (user_id, quota_size, quota_files) VALUES (?, ?, ?);');
 		$stmt->execute([$user_id, DEFAULT_QUOTA_SIZE, DEFAULT_QUOTA_FILES]);
-		add_user_onion($db, $user_id, $onion, $priv_key, $onion_version);
-		add_user_db($db, $user_id);
+		add_user_onion($user_id, $onion, $priv_key, $onion_version);
+		add_user_db($user_id);
 		$stmt=$db->prepare('INSERT INTO new_account (user_id, password) VALUES (?, ?);');
 		$stmt->execute([$user_id, get_system_hash($_POST['pass'])]);
 		if(EMAIL_TO!==''){
diff --git a/var/www/setup.php b/var/www/setup.php
index b8bf96c..dc5a44e 100644
--- a/var/www/setup.php
+++ b/var/www/setup.php
@@ -272,6 +272,9 @@ if(!SKIP_USER_CHROOT_UPDATE){
 		exec('grep ' . escapeshellarg($tmp['system_account']) . ' /etc/passwd >> ' . escapeshellarg("/home/$tmp[system_account]/etc/passwd"));
 	}
 }
+if(!file_exists("/etc/nginx/sites-enabled/")){
+	mkdir("/etc/nginx/sites-enabled/", 0755, true);
+}
 file_put_contents('/etc/nginx/sites-enabled/default', NGINX_DEFAULT);
 if(!file_exists("/etc/nginx/streams-enabled/")){
 	mkdir("/etc/nginx/streams-enabled/", 0755, true);
@@ -290,11 +293,11 @@ foreach(SERVICE_INSTANCES as $instance){
 		exec('useradd -d '.escapeshellarg("/var/lib/tor-instances/$instance").' -r -s /bin/false -M -U '.escapeshellarg("_tor-$instance"));
 		exec('install -Z -d -m 02700 -o '.escapeshellarg("_tor-$instance").' -g '.escapeshellarg("_tor-$instance").' '.escapeshellarg("/var/lib/tor-instances/$instance"));
 		exec('install -d '.escapeshellarg("/etc/tor/instances/$instance"));
-		rewrite_torrc($db, $instance);
+		rewrite_torrc($instance);
 		exec("systemctl enable ".escapeshellarg("tor@$instance"));
 		exec("systemctl start ".escapeshellarg("tor@$instance"));
 		foreach(PHP_VERSIONS as $version){
-			rewrite_php_config($db, $instance);
+			rewrite_php_config($instance);
 			exec("systemctl enable ".escapeshellarg("php$version-fpm@$instance"));
 			exec("systemctl start ".escapeshellarg("php$version-fpm@$instance"));
 		}

Onion	Enabled	SMTP enabled
	Daniel's Hosting - FAQ diff --git a/var/www/html/files.php b/var/www/html/files.php index 577cb7c..6358b5c 100644 --- a/var/www/html/files.php +++ b/var/www/html/files.php @@ -1,10 +1,6 @@ PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]); -}catch(PDOException $e){ - die('No Connection to MySQL database!'); -} +$db = get_db_instance(); session_start(); $user=check_login(); if(!empty($_POST['ftp_pass'])){ @@ -137,7 +133,7 @@ if(!empty($_POST['mkfile']) && !empty($_POST['name'])){ } $tmpfile='/tmp/'.uniqid(); touch($tmpfile); - ftp_put($ftp, $_POST['name'], $tmpfile, FTP_BINARY); + @ftp_put($ftp, $_POST['name'], $tmpfile, FTP_BINARY); unlink($tmpfile); } @@ -155,7 +151,7 @@ if(!empty($_POST['rename_2']) && !empty($_POST['files'])){ die($error); } foreach($_POST['files'] as $old=>$new){ - ftp_rename($ftp, $old, $new); + @ftp_rename($ftp, $old, $new); } } @@ -174,7 +170,7 @@ if(!empty($_POST['edit_2']) && !empty($_POST['files'])){ $tmpfile='/tmp/'.uniqid(); foreach($_POST['files'] as $name=>$content){ file_put_contents($tmpfile, $content); - ftp_put($ftp, $name, $tmpfile, FTP_BINARY); + @ftp_put($ftp, $name, $tmpfile, FTP_BINARY); } unlink($tmpfile); } @@ -197,7 +193,7 @@ if(!empty($_POST['unzip']) && !empty($_POST['files'])){ continue; } $tmpfile='/tmp/'.uniqid().'.zip'; - if(!ftp_get($ftp, $tmpfile, $file, FTP_BINARY)){ + if(@!ftp_get($ftp, $tmpfile, $file, FTP_BINARY)){ continue; } //prevent zip-bombs @@ -232,7 +228,7 @@ if(!empty($_FILES['files'])){ $c=count($_FILES['files']['name']); for($i=0; $i<$c; ++$i){ if($_FILES['files']['error'][$i]===UPLOAD_ERR_OK){ - ftp_put($ftp, $dir.$_FILES['files']['name'][$i], $_FILES['files']['tmp_name'][$i], FTP_BINARY); + @ftp_put($ftp, $dir.$_FILES['files']['name'][$i], $_FILES['files']['tmp_name'][$i], FTP_BINARY); unlink($_FILES['files']['tmp_name'][$i]); } } @@ -424,7 +420,7 @@ function ftp_recursive_upload($ftp, $path){ ftp_chdir($ftp, '..'); rmdir($dir->path.$file); }else{ - ftp_put($ftp, $file, $dir->path.$file, FTP_BINARY); + @ftp_put($ftp, $file, $dir->path.$file, FTP_BINARY); unlink($dir->path.$file); } } diff --git a/var/www/html/home.php b/var/www/html/home.php index 1f24701..f90d85f 100644 --- a/var/www/html/home.php +++ b/var/www/html/home.php @@ -1,17 +1,13 @@ PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]); -}catch(PDOException $e){ - die('No Connection to MySQL database!'); -} +$db = get_db_instance(); session_start(); $user=check_login(); if(isset($_POST['action']) && $_POST['action']==='add_db'){ if($error=check_csrf_error()){ die($error); } - add_user_db($db, $user['id']); + add_user_db($user['id']); } if(isset($_POST['action']) && $_POST['action']==='del_db' && !empty($_POST['db'])){ if($error=check_csrf_error()){ @@ -37,7 +33,7 @@ if(isset($_POST['action']) && $_POST['action']==='del_db_2' && !empty($_POST['db if($error=check_csrf_error()){ die($error); } - del_user_db($db, $user['id'], $_POST['db']); + del_user_db($user['id'], $_POST['db']); } if(isset($_POST['action']) && $_POST['action']==='del_onion' && !empty($_POST['onion'])){ if($error=check_csrf_error()){ @@ -102,24 +98,24 @@ if(isset($_POST['action']) && $_POST['action']==='add_onion'){ $ok = false; } if($ok){ - add_user_onion($db, $user['id'], $onion, $priv_key, $onion_version); + add_user_onion($user['id'], $onion, $priv_key, $onion_version); } } if(isset($_POST['action']) && $_POST['action']==='del_onion_2' && !empty($_POST['onion'])){ if($error=check_csrf_error()){ die($error); } - del_user_onion($db, $user['id'], $_POST['onion']); + del_user_onion($user['id'], $_POST['onion']); } if(isset($_POST['action']) && $_POST['action']==='add_domain' && !empty($_POST['domain'])){ if($error=check_csrf_error()){ die($error); } - $error = add_user_domain($db, $user['id'], $_POST['domain']); + $error = add_user_domain($user['id'], $_POST['domain']); if(!empty($error)){ $msg = " $error "; }else{ - enqueue_instance_reload($db); + enqueue_instance_reload(); } } if(isset($_POST['action']) && $_POST['action']==='del_domain' && !empty($_POST['domain'])){ @@ -146,8 +142,8 @@ if(isset($_POST['action']) && $_POST['action']==='del_domain_2' && !empty($_POST if($error=check_csrf_error()){ die($error); } - del_user_domain($db, $user['id'], $_POST['domain']); - enqueue_instance_reload($db); + del_user_domain($user['id'], $_POST['domain']); + enqueue_instance_reload(); } if(isset($_REQUEST['action']) && isset($_REQUEST['onion']) && $_REQUEST['action']==='edit_onion'){ if($error=check_csrf_error()){ @@ -174,7 +170,7 @@ if(isset($_REQUEST['action']) && isset($_REQUEST['onion']) && $_REQUEST['action' $max_streams = 65535; } $stmt->execute([$enabled, $enable_smtp, $num_intros, $max_streams, $_REQUEST['onion']]); - enqueue_instance_reload($db, substr($_REQUEST['onion'], 0, 1)); + enqueue_instance_reload(substr($_REQUEST['onion'], 0, 1)); } } if(isset($_REQUEST['action']) && isset($_POST['domain']) && $_POST['action']==='edit_domain'){ @@ -187,7 +183,7 @@ if(isset($_REQUEST['action']) && isset($_POST['domain']) && $_POST['action']===' $stmt=$db->prepare('UPDATE domains SET enabled = ? WHERE domain = ?;'); $enabled = isset($_POST['enabled']) ? 1 : 0; $stmt->execute([$enabled, $_POST['domain']]); - enqueue_instance_reload($db); + enqueue_instance_reload(); } } @@ -296,7 +292,8 @@ while($mysql=$stmt->fetch(PDO::FETCH_ASSOC)){ echo ''; echo ''; echo ''; - echo "
$mysql[mysql_database]	localhost	$user[mysql_user]
'.htmlspecialchars($mysql['mysql_database']).'	localhost	'.htmlspecialchars($user['mysql_user']).'