servnest
/
servnest
1
1
Fork 0
Code Issues 4 Pull Requests Releases Wiki Activity
318 Commits 2 Branches 0 Tags 907 KiB
Commit Graph

34 Commits

Author SHA1 Message Date
Miraty 0496feb8fb Use custom certbot config path 2024-01-28 19:21:01 +01:00
Miraty e96d61703b ns/sync.php: instant sync when adding new sync 2023-10-08 00:50:48 +02:00
Miraty 40e67b0c0c declare(strict_types=1); 2023-07-17 21:15:18 +02:00
Miraty 973a129079 Add type in functions signatures 2023-06-20 00:36:58 +02:00
Miraty 7f7bcadb58 Fix important vulnerability in reg/ds.php + exescape 
In page reg/ds.php, POST parameter 'key' was directly sent to shell, allowing for remote arbitrary commands execution.

This commit fixes this vulnerability, and uses a new function to automatically escape every shell command arguments as an additional generic protection.
 2023-06-19 02:15:43 +02:00
Miraty 067e1ccf42 Allow SSH keys authentication for SFTP(Go) 2023-06-15 03:35:42 +02:00
Miraty e4ae765486 init.php + jobs + job to delete old testing accounts 2023-06-08 17:36:44 +02:00
Miraty f05a55a7fa Display string rules, reg: allow "-" for subdomains 2023-06-05 00:18:10 +02:00
Miraty 3749aa9b4a Fix exec()'s $output 2023-04-23 16:36:41 +02:00
Miraty b5b2f95bf5 rm --recursive > rm -r for BusyBox compatibility 2023-04-23 03:19:10 +02:00
Miraty 813927e03e Ensure domains are not too long 2023-04-21 19:01:46 +02:00
Miraty d51f9dfac3 Set umask to 0077 everywhere 2023-04-19 14:59:07 +02:00
Miraty bd06fc7fbf Use Apache 
- Allows customization through .htaccess
- No need to configure or reload a server when adding a site
- Content negotiation
 2023-04-10 00:50:42 +02:00
Miraty abb9aabf5b Advanced services status management 2023-03-09 01:35:30 +01:00
Miraty 335b826559 Gettext internationalization and english translation 2023-01-21 01:27:52 +01:00
Miraty a3da268ead ht: subdomain and subpath on shared domain 2022-12-22 01:44:57 +01:00
Miraty f15681999b Internal ID, Argon2 for usernames, username changes 2022-11-30 23:12:42 +01:00
Miraty 05db184fa6 ht: More restrictive directory names 2022-11-28 17:16:30 +01:00
Miraty dc3c976d37 Make services reloading systemd-agnostic 2022-11-23 22:21:34 +01:00
Miraty 567034b8fe Fix regDeleteDomain security flaw + D regex modifier 
regDeleteDomain() in fn/reg.php used too loose pattern matching for data deletion, that also deleted other domains that included the deleted domain
 2022-11-20 18:17:03 +01:00
Miraty 18d976217b Use single quotes instead of double quotes 2022-11-20 15:11:54 +01:00
Miraty 938dbe4040 ht: limit directory size to 64 chars 2022-10-09 23:32:04 +02:00
Miraty 763762f08b fn success/userError/serverError > output($code) 2022-09-15 19:18:48 +02:00
Miraty 3571c456fd Delete unused le_enabled in "sites" table 2022-09-14 18:34:44 +02:00
Miraty 5885f7a416 Factorize "INSERT INTO" SQL queries with insert() 2022-09-14 17:19:17 +02:00
Miraty f06e42645a ht: Allow domains ending with a dot 2022-09-14 13:49:15 +02:00
Miraty 674dd1f699 Integrate Let's Encrypt into (add|del)-http-dns.php 2022-09-06 02:40:18 +02:00
Miraty 17f6f486fc Allow any unicode letter and number in user's values 2022-06-25 16:43:58 +02:00
Miraty 9fa902f768 Store Tor config and keys in $username/$dir 2022-06-22 00:37:06 +02:00
Miraty 6dbc63a36a Add form to delete account 
Move service-specific deletion code to functions
 2022-06-18 04:22:05 +02:00
Miraty d9440231ac del-http-onion.php + query() 2022-06-11 23:42:48 +02:00
Miraty 5e6da92d01 Cleaner ht.php 2022-06-10 16:42:55 +02:00
Miraty ab09c84514 Remove niver.log 2022-06-10 03:14:58 +02:00
Miraty fac61531dd Create fn/ directory 2022-05-31 19:12:14 +02:00