308 lines
16 KiB
PHP
308 lines
16 KiB
PHP
<?php
|
|
require('../common.php');
|
|
$db = get_db_instance();
|
|
$user=check_login();
|
|
header('Content-Type: text/html; charset=UTF-8');
|
|
if(isset($_POST['action']) && $_POST['action']==='add_db'){
|
|
if($error=check_csrf_error()){
|
|
die($error);
|
|
}
|
|
add_user_db($user['id']);
|
|
}
|
|
if(isset($_POST['action']) && $_POST['action']==='del_db' && !empty($_POST['db'])){
|
|
if($error=check_csrf_error()){
|
|
die($error);
|
|
}
|
|
print_header(_('Delete database'));
|
|
?>
|
|
<p><?php printf(_("This will delete your database %s and all data associated with it. It can't be un-done. Are you sure?"), htmlspecialchars($_POST['db'])); ?></p>
|
|
<form method="post" action="home.php"><input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token']; ?>">
|
|
<input type="hidden" name="db" value="<?php echo htmlspecialchars($_POST['db']); ?>">
|
|
<button type="submit" name="action" value="del_db_2"><?php echo _('Yes, delete'); ?></button>
|
|
</form>
|
|
<p><a href="home.php"><?php echo _("No, don't delete"); ?></a></p>
|
|
</body></html><?php
|
|
exit;
|
|
}
|
|
if(isset($_POST['action']) && $_POST['action']==='del_db_2' && !empty($_POST['db'])){
|
|
if($error=check_csrf_error()){
|
|
die($error);
|
|
}
|
|
del_user_db($user['id'], $_POST['db']);
|
|
}
|
|
if(isset($_POST['action']) && $_POST['action']==='del_onion' && !empty($_POST['onion'])){
|
|
if($error=check_csrf_error()){
|
|
die($error);
|
|
}
|
|
print_header(_('Delete onion domain'));
|
|
?>
|
|
<p><?php printf(_("This will delete your onion domain %s and all data asociated with it. It can't be un-done. Are you sure?"), htmlspecialchars($_POST['onion']).'.onion'); ?></p>
|
|
<form method="post" action="home.php"><input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token']; ?>">
|
|
<input type="hidden" name="onion" value="<?php echo htmlspecialchars($_POST['onion']); ?>">
|
|
<button type="submit" name="action" value="del_onion_2"><?php echo _('Yes, delete'); ?></button>
|
|
</form>
|
|
<p><a href="home.php"><?php echo _("No, don't delete"); ?></a></p>
|
|
</body></html><?php
|
|
exit;
|
|
}
|
|
if(isset($_POST['action']) && $_POST['action']==='add_onion'){
|
|
if($error=check_csrf_error()){
|
|
die($error);
|
|
}
|
|
$ok = true;
|
|
if(isset($_REQUEST['onion_type']) && $_REQUEST['onion_type']==='custom' && isset($_REQUEST['private_key']) && !empty(trim($_REQUEST['private_key']))){
|
|
$priv_key = trim($_REQUEST['private_key']);
|
|
$data = private_key_to_onion($priv_key);
|
|
$onion = $data['onion'];
|
|
$onion_version = $data['version'];
|
|
if(!$data['ok']){
|
|
$msg = '<p role="alert" style="color:red">'.$data['message'].'</p>';
|
|
$ok = false;
|
|
} else {
|
|
$check=$db->prepare('SELECT null FROM onions WHERE onion=?;');
|
|
$check->execute([$onion]);
|
|
if($check->fetch(PDO::FETCH_NUM)){
|
|
$msg = '<p role="alert" style="color:red">'._('Error onion already exists.').'</p>';
|
|
$ok = false;
|
|
}
|
|
}
|
|
}else{
|
|
$onion_version = 3;
|
|
if(isset($_REQUEST['onion_type']) && in_array($_REQUEST['onion_type'], [2, 3])){
|
|
$onion_version = $_REQUEST['onion_type'];
|
|
}
|
|
$check=$db->prepare('SELECT null FROM onions WHERE onion=?;');
|
|
do{
|
|
$data = generate_new_onion($onion_version);
|
|
$priv_key = $data['priv_key'];
|
|
$onion = $data['onion'];
|
|
$onion_version = $data['version'];
|
|
$check->execute([$onion]);
|
|
}while($check->fetch(PDO::FETCH_NUM));
|
|
}
|
|
$priv_key=trim(str_replace("\r", '', $priv_key));
|
|
$stmt = $db->prepare('SELECT COUNT(*) FROM onions WHERE user_id = ?;');
|
|
$stmt->execute([$user['id']]);
|
|
$count = $stmt->fetch(PDO::FETCH_NUM);
|
|
if($count[0]>=MAX_NUM_USER_ONIONS) {
|
|
$ok = false;
|
|
}
|
|
if($ok){
|
|
add_user_onion($user['id'], $onion, $priv_key, $onion_version);
|
|
}
|
|
}
|
|
if(isset($_POST['action']) && $_POST['action']==='del_onion_2' && !empty($_POST['onion'])){
|
|
if($error=check_csrf_error()){
|
|
die($error);
|
|
}
|
|
del_user_onion($user['id'], $_POST['onion']);
|
|
}
|
|
if(isset($_POST['action']) && $_POST['action']==='add_domain' && !empty($_POST['domain'])){
|
|
if($error=check_csrf_error()){
|
|
die($error);
|
|
}
|
|
$error = add_user_domain($user['id'], $_POST['domain']);
|
|
if(!empty($error)){
|
|
$msg = '<p role="alert" style="color:red">'.$error.'</p>';
|
|
}
|
|
}
|
|
if(isset($_POST['action']) && $_POST['action']==='del_domain' && !empty($_POST['domain'])){
|
|
if($error=check_csrf_error()){
|
|
die($error);
|
|
}
|
|
print_header(_('Delete domain'));
|
|
?>
|
|
<p><?php printf(_("This will delete your domain %s and all data asociated with it. It can't be un-done. Are you sure?"), htmlspecialchars($_POST['domain'])); ?></p>
|
|
<form method="post" action="home.php"><input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token']; ?>">
|
|
<input type="hidden" name="domain" value="<?php echo htmlspecialchars($_POST['domain']); ?>">
|
|
<button type="submit" name="action" value="del_domain_2"><?php echo _('Yes, delete'); ?></button>
|
|
</form>
|
|
<p><a href="home.php"><?php echo _("No, don't delete"); ?></a></p>
|
|
</body></html><?php
|
|
exit;
|
|
}
|
|
if(isset($_POST['action']) && $_POST['action']==='del_domain_2' && !empty($_POST['domain'])){
|
|
if($error=check_csrf_error()){
|
|
die($error);
|
|
}
|
|
del_user_domain($user['id'], $_POST['domain']);
|
|
}
|
|
if(isset($_REQUEST['action']) && isset($_REQUEST['onion']) && $_REQUEST['action']==='edit_onion'){
|
|
if($error=check_csrf_error()){
|
|
die($error);
|
|
}
|
|
$stmt=$db->prepare('SELECT onions.version, onions.instance FROM onions INNER JOIN users ON (users.id=onions.user_id) WHERE onions.onion = ? AND users.id = ? AND onions.enabled IN (0, 1);');
|
|
$stmt->execute([$_REQUEST['onion'], $user['id']]);
|
|
if($onion=$stmt->fetch(PDO::FETCH_ASSOC)){
|
|
$stmt=$db->prepare('UPDATE onions SET enabled = ?, enable_smtp = ?, num_intros = ?, max_streams = ? WHERE onion = ?;');
|
|
$enabled = isset($_REQUEST['enabled']) ? 1 : 0;
|
|
$enable_smtp = isset($_REQUEST['enable_smtp']) ? 1 : 0;
|
|
$num_intros = intval($_REQUEST['num_intros']);
|
|
if($num_intros<3){
|
|
$num_intros = 3;
|
|
}elseif($onion['version']==2 && $num_intros>10){
|
|
$num_intros = 10;
|
|
}elseif($num_intros>20){
|
|
$num_intros = 20;
|
|
}
|
|
$max_streams = intval($_REQUEST['max_streams']);
|
|
if($max_streams<0){
|
|
$max_streams = 0;
|
|
}elseif($max_streams>65535){
|
|
$max_streams = 65535;
|
|
}
|
|
$stmt->execute([$enabled, $enable_smtp, $num_intros, $max_streams, $_REQUEST['onion']]);
|
|
enqueue_instance_reload($onion['instance']);
|
|
}
|
|
}
|
|
if(isset($_REQUEST['action']) && isset($_POST['domain']) && $_POST['action']==='edit_domain'){
|
|
if($error=check_csrf_error()){
|
|
die($error);
|
|
}
|
|
$stmt=$db->prepare('SELECT null FROM domains WHERE domain = ? AND user_id = ? AND enabled IN (0, 1);');
|
|
$stmt->execute([$_POST['domain'], $user['id']]);
|
|
if($onion=$stmt->fetch(PDO::FETCH_NUM)){
|
|
$stmt=$db->prepare('UPDATE domains SET enabled = ? WHERE domain = ?;');
|
|
$enabled = isset($_POST['enabled']) ? 1 : 0;
|
|
$stmt->execute([$enabled, $_POST['domain']]);
|
|
enqueue_instance_reload();
|
|
}
|
|
}
|
|
print_header(_('Dashboard'), '#custom_onion:not(checked)+#private_key{display:none;}#custom_onion:checked+#private_key{display:block;}td{padding:5px}meter{width:200px}');
|
|
dashboard_menu($user, 'home.php');
|
|
if(!empty($msg)){
|
|
echo $msg;
|
|
}
|
|
echo '<p>'.sprintf(_('Enter system account password to check your %s mail:'), $user['system_account'].'@' . ADDRESS).'</td><td><form action="squirrelmail/src/redirect.php" method="post" target="_blank"><input type="hidden" name="login_username" value="'.$user['system_account'].'"><input type="password" name="secretkey"><button type="submit">'._('Login to webmail').'</button></form></p>';
|
|
echo '<h3>'._('Onion domains').'</h3>';
|
|
echo '<table border="1">';
|
|
echo '<tr><th>'._('Onion').'</th><th>'._('Private key').'</th><th>'._('Enabled').'</th><th>'._('SMTP enabled').'</th><th>'._('Nr. of intros').'</th><th>'._('Max streams per rend circuit').'</th><th>'._('Action').'</th></tr>';
|
|
$stmt=$db->prepare('SELECT onion, private_key, enabled, enable_smtp, num_intros, max_streams FROM onions WHERE user_id = ?;');
|
|
$stmt->execute([$user['id']]);
|
|
$count_onions = 0;
|
|
while($onion=$stmt->fetch(PDO::FETCH_ASSOC)){
|
|
++$count_onions;
|
|
echo "<form action=\"home.php\" method=\"post\"><input type=\"hidden\" name=\"csrf_token\" value=\"$_SESSION[csrf_token]\"><input type=\"hidden\" name=\"onion\" value=\"$onion[onion]\"><tr><td><a href=\"http://$onion[onion].onion\" target=\"_blank\">$onion[onion].onion</a></td><td>";
|
|
if(isset($_REQUEST['show_priv'])){
|
|
echo "<pre>$onion[private_key]</pre>";
|
|
}else{
|
|
echo '<a href="home.php?show_priv=1">'._('Show private key').'</a>';
|
|
}
|
|
echo '</td><td><label><input type="checkbox" name="enabled" value="1"';
|
|
echo $onion['enabled'] ? ' checked' : '';
|
|
echo '>'._('Enabled').'</label></td>';
|
|
echo '<td><label><input type="checkbox" name="enable_smtp" value="1"';
|
|
echo $onion['enable_smtp'] ? ' checked' : '';
|
|
echo '>'._('Enabled').'</label></td>';
|
|
echo '<td><input type="number" name="num_intros" min="3" max="20" value="'.$onion['num_intros'].'"></td>';
|
|
echo '<td><input type="number" name="max_streams" min="0" max="65535" value="'.$onion['max_streams'].'"></td>';
|
|
if(in_array($onion['enabled'], [0, 1])){
|
|
echo '<td><button type="submit" name="action" value="edit_onion">'._('Save').'</button>';
|
|
echo '<button type="submit" name="action" value="del_onion">'._('Delete').'</button></td>';
|
|
}else{
|
|
echo '<td>'._('Unavailable').'</td>';
|
|
}
|
|
echo '</tr></form>';
|
|
}
|
|
if($count_onions<MAX_NUM_USER_ONIONS){
|
|
echo "<form action=\"home.php\" method=\"post\"><input type=\"hidden\" name=\"csrf_token\" value=\"$_SESSION[csrf_token]\">";
|
|
echo '<tr><td colspan="6">'._('Add additional hidden service:').'<br>';
|
|
echo '<label><input type="radio" name="onion_type" value="3"';
|
|
echo (!isset($_POST['onion_type']) || $_POST['onion_type']==3) ? ' checked' : '';
|
|
echo '>'._('Random v3 Address').'</label>';
|
|
echo '<label><input type="radio" name="onion_type" value="2"';
|
|
echo isset($_POST['onion_type']) && $_POST['onion_type']==2 ? ' checked' : '';
|
|
echo '>'._('Random v2 Address').'</label>';
|
|
echo '<label><input id="custom_onion" type="radio" name="onion_type" value="custom"';
|
|
echo isset($_POST['onion_type']) && $_POST['onion_type']==='custom' ? ' checked' : '';
|
|
echo '>'._('Custom private key');
|
|
echo '<textarea id="private_key" name="private_key" rows="5" cols="28">';
|
|
echo isset($_REQUEST['private_key']) ? htmlspecialchars($_REQUEST['private_key']) : '';
|
|
echo '</textarea>';
|
|
echo '</label></td><td><button type="submit" name="action" value="add_onion">'._('Add onion').'</button></td></tr></form>';
|
|
}
|
|
echo '</table>';
|
|
if(MAX_NUM_USER_DOMAINS>0){
|
|
echo '<h3>'._('Clearnet domains').'</h3>';
|
|
echo '<table border="1">';
|
|
echo '<tr><th>'._('Domain').'</th><th>'._('Enabled').'</th><th>'._('Action').'</th></tr>';
|
|
$stmt=$db->prepare('SELECT domain, enabled FROM domains WHERE user_id = ?;');
|
|
$stmt->execute([$user['id']]);
|
|
$count_domains = 0;
|
|
while($domain=$stmt->fetch(PDO::FETCH_ASSOC)){
|
|
++$count_domains;
|
|
echo "<form action=\"home.php\" method=\"post\"><input type=\"hidden\" name=\"csrf_token\" value=\"$_SESSION[csrf_token]\"><input type=\"hidden\" name=\"domain\" value=\"$domain[domain]\"><tr><td><a href=\"https://$domain[domain]\" target=\"_blank\">$domain[domain]</a></td>";
|
|
echo '<td><label><input type="checkbox" name="enabled" value="1"';
|
|
echo $domain['enabled'] ? ' checked' : '';
|
|
echo '>'._('Enabled').'</label></td>';
|
|
if(in_array($domain['enabled'], [0, 1])){
|
|
echo '<td><button type="submit" name="action" value="edit_domain">'._('Save').'</button>';
|
|
echo '<button type="submit" name="action" value="del_domain">'._('Delete').'</button></td>';
|
|
}else{
|
|
echo '<td>'._('Unavailable').'</td>';
|
|
}
|
|
echo '</tr></form>';
|
|
}
|
|
if($count_domains<MAX_NUM_USER_DOMAINS){
|
|
echo "<form action=\"home.php\" method=\"post\"><input type=\"hidden\" name=\"csrf_token\" value=\"$_SESSION[csrf_token]\">";
|
|
echo '<tr><td colspan="2">'._('Add additional domain:').'<br>';
|
|
echo '<input type="text" name="domain" value="';
|
|
echo isset($_POST['domain']) ? htmlspecialchars($_POST['domain']) : '';
|
|
echo '">';
|
|
echo '</td><td><button type="submit" name="action" value="add_domain">'._('Add domain').'</button></td></tr></form>';
|
|
}
|
|
echo '</table>';
|
|
echo '<p>'.sprintf(_('To enable your clearnet domain, edit your DNS settings and enter %1$s as your A record and %2$s as your AAAA record. Once you have modified your DNS settings, <a href="%3$s" target="_blank">contact me</a> to configure the SSL certificate. You may also use any subdomain of %4$s'), CLEARNET_A, CLEARNET_AAAA, CONTACT_URL, CLEARNET_SUBDOMAINS).'</p>';
|
|
}
|
|
echo '<h3>'._('MySQL Database').'</h3>';
|
|
echo '<table border="1">';
|
|
echo '<tr><th>'._('Database').'</th><th>'._('Host').'</th><th>'._('User').'</th><th>'._('Action').'</th></tr>';
|
|
$stmt=$db->prepare('SELECT mysql_database FROM mysql_databases WHERE user_id = ?;');
|
|
$stmt->execute([$user['id']]);
|
|
$count_dbs = 0;
|
|
while($mysql=$stmt->fetch(PDO::FETCH_ASSOC)){
|
|
++$count_dbs;
|
|
echo '<form action="home.php" method="post">';
|
|
echo '<input type="hidden" name="csrf_token" value="'.$_SESSION['csrf_token'].'">';
|
|
echo '<input type="hidden" name="db" value="'.$mysql['mysql_database'].'">';
|
|
echo '<tr><td>'.htmlspecialchars($mysql['mysql_database']).'</td><td>localhost</td><td>'.htmlspecialchars($user['mysql_user']).'</td>';
|
|
echo '<td><button type="submit" name="action" value="del_db">'._('Delete').'</button></td></tr>';
|
|
echo '</form>';
|
|
}
|
|
echo '</table>';
|
|
if($count_dbs<MAX_NUM_USER_DBS){
|
|
echo '<p><form action="home.php" method="post"><input type="hidden" name="csrf_token" value="'.$_SESSION['csrf_token'].'"><button type="submit" name="action" value="add_db">'._('Add new database').'</button></form></p>';
|
|
}
|
|
?>
|
|
<p><a href="password.php?type=sql"><?php echo _('Change MySQL password'); ?></a></p>
|
|
<p><?php printf(_('You can use <a href="/phpmyadmin/" target="_blank">PHPMyAdmin</a> and <a href="/adminer/?username=%s" target="_blank">Adminer</a> for web based database administration.'), rawurlencode($user['mysql_user'])); ?></p>
|
|
<h3><?php echo _('System Account'); ?></h3>
|
|
<table border="1">
|
|
<tr><th><?php echo _('Username'); ?></th><th><?php echo _('Host'); ?></th><th><?php echo _('SFTP Port'); ?></th><th><?php echo _('POP3 Port'); ?></th><th><?php echo _('IMAP Port'); ?></th><th><?php echo _('SMTP port'); ?></th></tr>
|
|
<?php
|
|
foreach(SERVERS as $server=>$tmp){
|
|
echo "<tr><td>$user[system_account]</td><td>$server</td><td>$tmp[sftp]</td><td>$tmp[pop3]</td><td>$tmp[imap]</td><td>$tmp[smtp]</td></tr>";
|
|
}
|
|
?>
|
|
</table>
|
|
<p><a href="password.php?type=sys"><?php echo _('Change system account password'); ?></a></p>
|
|
<p><?php echo _('You can use the <a target="_blank" href="files.php">FileManager</a> for web based file management.'); ?></p>
|
|
<?php
|
|
$stmt = $db->prepare('SELECT quota_size, quota_size_used, quota_files, quota_files_used FROM disk_quota WHERE user_id = ?;');
|
|
$stmt->execute([$user['id']]);
|
|
$quota = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
$quota_usage = $quota['quota_size_used'] / $quota['quota_size'];
|
|
$quota_files_usage = $quota['quota_files_used'] / $quota['quota_files'];
|
|
$usage_text = bytes_to_human_readable($quota['quota_size_used'] * 1024) . ' of ' . bytes_to_human_readable($quota['quota_size'] * 1024) . ' - ' . round($quota_usage * 100, 2).'%';
|
|
$usage_files_text = sprintf(_('%1$d of %2$d - %3$f%%'), $quota['quota_files_used'], $quota['quota_files'], round($quota_files_usage * 100, 2));
|
|
?>
|
|
<p><?php echo _('Your disk usage:'); ?> <meter value="<?php echo round($quota_usage, 2); ?>"><?php echo $usage_text; ?></meter> - <?php printf(_('%s (updated hourly)'), $usage_text); ?> <?php echo ENABLE_UPGRADES ? '<a href="upgrade.php?upgrade=1g_quota">'._('Upgrade').'</a>' : ''; ?></p>
|
|
<p><?php echo _('Your file number usage:'); ?> <meter value="<?php echo round($quota_files_usage, 2); ?>"><?php echo $usage_files_text; ?></meter> - <?php printf(_('%s (updated hourly)'), $usage_files_text); ?> <?php echo ENABLE_UPGRADES ? '<a href="upgrade.php?upgrade=100k_files_quota">'._('Upgrade').'</a>' : ''; ?></p>
|
|
<h3><?php echo _('Logs'); ?></h3>
|
|
<table border="1">
|
|
<tr><th><?php echo _('Date'); ?></th><th>access.log</th><th>error.log</th></tr>
|
|
<tr><td><?php echo _('Today'); ?></td><td><a href="log.php?type=access&old=0" target="_blank">access.log</a></td><td><a href="log.php?type=error&old=0" target="_blank">error.log</a></td></tr>
|
|
<tr><td><?php echo _('Yesterday'); ?></td><td><a href="log.php?type=access&old=1" target="_blank">access.log</a></td><td><a href="log.php?type=error&old=1" target="_blank">error.log</a></td></tr>
|
|
</table>
|
|
</body></html>
|