Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2026-03-02 02:10:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

Security Improvements.

Browse Source
This commit is contained in:
usmannasir
2018-01-18 22:31:31 +05:00
parent 625f1d7218
commit 4e58548bfe
2 changed files with 23 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
websiteFunctions/views.py
View File

@@ -1112,6 +1112,14 @@ def installWordpress(request):
else:
finalPath = "/home/" + domainName + "/public_html/"
## Security Check
if finalPath.find("..") > -1:
data_ret = {'installStatus': 0,
'error_message': "Specified path must be inside virtual host home!"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
try:
website = ChildDomains.objects.get(domain=domainName)
externalApp = website.master.externalApp
@@ -1155,11 +1163,8 @@ def installWordpress(request):
db = Databases(website=website, dbName=dbName, dbUser=dbUser)
db.save()
## Installation
execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/virtualHostUtilities.py"
execPath = execPath + " installWordPress --virtualHostName " + domainName + " --virtualHostUser " + externalApp + " --path " + finalPath + " --dbName " + dbName + " --dbUser " + dbUser + " --dbPassword " + dbPassword
@@ -1213,6 +1218,13 @@ def installJoomla(request):
else:
finalPath = "/home/" + domainName + "/public_html/"
if finalPath.find("..") > -1:
data_ret = {'installStatus': 0,
'error_message': "Specified path must be inside virtual host home!"}
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
try:
website = ChildDomains.objects.get(domain=domainName)
externalApp = website.master.externalApp