mirror of
https://github.com/myronblair/novacpx
synced 2026-06-30 17:50:41 -05:00
Fix #4-#8: mail virtual domains, DNS verified, reseller isolation, missing DB tables
#4: Postfix virtual mailbox config (virtual_mailbox_domains/maps, vmail user, maildir at /var/mail/vhosts/%d/%n). Dovecot SQL backend pointed at novacpx.email_accounts with SHA512-CRYPT passdb and per-domain Maildir userdb. #5: BIND9 confirmed working — dig @localhost resolves testdomain1.com correctly. #6: Certbot 2.9.0 confirmed installed; domains.document_root wired; infrastructure ready for live domain issuance (testdomain1.com not publicly resolvable so dry-run expected to fail). #7: Fixed all broken user-panel API queries — missing tables (databases, ftp_accounts, ssl_certs, cron_jobs, php_configs, notifications) created; `databases` reserved-word backtick-quoted across DatabaseManager+endpoints; domains.php is_primary→type=main, doc_root→document_root column fixes; DNSManager::createZone call signature fixed; stats/account auto-resolves account_id for user role. #8: assert_account_access() helper added to api/index.php; reseller ownership check wired into email, ftp, databases, domains, dns, ssl endpoints. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -15,7 +15,7 @@ class DatabaseManager {
|
||||
$pdo->exec("FLUSH PRIVILEGES");
|
||||
|
||||
return (int)$db->insert(
|
||||
"INSERT INTO databases (account_id, db_name, db_user, db_pass, db_type) VALUES (?,?,?,?,?)",
|
||||
"INSERT INTO `databases`(account_id, db_name, db_user, db_pass, db_type) VALUES (?,?,?,?,?)",
|
||||
[$accountId, $dbName, $dbUser, encrypt($dbPass), 'mysql']
|
||||
);
|
||||
}
|
||||
@@ -28,7 +28,7 @@ class DatabaseManager {
|
||||
shell_exec("sudo -u postgres createdb -O {$dbUser} {$dbName} 2>/dev/null");
|
||||
|
||||
return (int)$db->insert(
|
||||
"INSERT INTO databases (account_id, db_name, db_user, db_pass, db_type) VALUES (?,?,?,?,?)",
|
||||
"INSERT INTO `databases`(account_id, db_name, db_user, db_pass, db_type) VALUES (?,?,?,?,?)",
|
||||
[$accountId, $dbName, $dbUser, encrypt($dbPass), 'postgresql']
|
||||
);
|
||||
}
|
||||
@@ -43,12 +43,12 @@ class DatabaseManager {
|
||||
shell_exec("sudo -u postgres dropdb --if-exists " . escapeshellarg($dbName) . " 2>/dev/null");
|
||||
shell_exec("sudo -u postgres dropuser --if-exists " . escapeshellarg($dbUser) . " 2>/dev/null");
|
||||
}
|
||||
DB::getInstance()->execute("DELETE FROM databases WHERE db_name = ? AND db_type = ?", [$dbName, $type]);
|
||||
DB::getInstance()->execute("DELETE FROM `databases` WHERE db_name = ? AND db_type = ?", [$dbName, $type]);
|
||||
}
|
||||
|
||||
public static function changePassword(int $id, string $newPass): void {
|
||||
$db = DB::getInstance();
|
||||
$dbe = $db->fetchOne("SELECT * FROM databases WHERE id = ?", [$id]);
|
||||
$dbe = $db->fetchOne("SELECT * FROM `databases` WHERE id = ?", [$id]);
|
||||
if (!$dbe) throw new RuntimeException("Database not found");
|
||||
if ($dbe['db_type'] === 'mysql') {
|
||||
$pdo = $db->pdo();
|
||||
@@ -56,7 +56,7 @@ class DatabaseManager {
|
||||
} else {
|
||||
shell_exec("sudo -u postgres psql -c \"ALTER USER {$dbe['db_user']} WITH PASSWORD " . escapeshellarg($newPass) . "\" 2>/dev/null");
|
||||
}
|
||||
$db->execute("UPDATE databases SET db_pass = ? WHERE id = ?", [encrypt($newPass), $id]);
|
||||
$db->execute("UPDATE `databases` SET db_pass = ? WHERE id = ?", [encrypt($newPass), $id]);
|
||||
}
|
||||
|
||||
public static function getSize(string $dbName, string $type = 'mysql'): float {
|
||||
|
||||
Reference in New Issue
Block a user