midoks
/
mdserver-web
mirror of https://github.com/midoks/mdserver-web
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #700 from midoks/dev

Browse Source 
网站防串改优化
pull/710/head
Mr Chen 3 months ago committed by GitHub
parent 4cc5194939 b973a16247
commit 5ff05e8025
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
25 changed files with 2225 additions and 26 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 17
      plugins/ldap/config/ldap.conf
  2. BIN
      plugins/ldap/ico.png
  3. 30
      plugins/ldap/index.html
  4. 338
      plugins/ldap/index.py
  5. 17
      plugins/ldap/info.json
  6. 41
      plugins/ldap/install.sh
  7. 116
      plugins/ldap/js/ldap.js
  8. 3
      plugins/openresty/conf/nginx.conf
  9. 110
      plugins/php/versions/common/ldap.sh
  10. 23
      plugins/php/versions/phplib.conf
  11. 656
      plugins/phpldapadmin/conf/config.php
  12. 38
      plugins/phpldapadmin/conf/phpldapadmin.conf
  13. BIN
      plugins/phpldapadmin/ico.png
  14. 24
      plugins/phpldapadmin/index.html
  15. 517
      plugins/phpldapadmin/index.py
  16. 15
      plugins/phpldapadmin/info.json
  17. 90
      plugins/phpldapadmin/install.sh
  18. 164
      plugins/phpldapadmin/js/phpldapadmin.js
  19. 9
      plugins/phpmyadmin/install.sh
  20. 3
      plugins/redis/info.json
  21. 1
      plugins/tamper_proof_py/init.d/tamper_proof_py.service.tpl
  22. 9
      plugins/tamper_proof_py/install.sh
  23. 28
      plugins/tamper_proof_py/tamper_proof_service.py
  24. 1
      scripts/install/debian.sh
  25. 1
      scripts/install/ubuntu.sh

17
plugins/ldap/config/ldap.conf
Unescape View File

@ -0,0 +1,17 @@
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE dc=example,dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
# TLS certificates (needed for GnuTLS)
TLS_CACERT /etc/ssl/certs/ca-certificates.crt

BIN
plugins/ldap/ico.png
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.9 KiB

30
plugins/ldap/index.html
Unescape View File

@ -0,0 +1,30 @@
<style>
.overflow_hide {
overflow: hidden;
text-overflow: ellipsis;
white-space: nowrap;
vertical-align: middle;
}
</style>
<div class="bt-form">
<div class='plugin_version'></div>
<div class="bt-w-main">
<div class="bt-w-menu">
<p class="bgw" onclick="pluginService('ldap');">服务</p>
<p onclick="pluginInitD('ldap');">自启动</p>
<p onclick="pluginConfigTpl('ldap',$('.plugin_version').attr('version'));">配置修改</p>
<p onclick="pluginLogs('ldap','','run_log');">运行日志</p>
<p onclick="ladpReadme();">相关说明</p>
</div>
<div class="bt-w-con pd15">
<div class="soft-man-con" style="height: 520px; overflow: auto;"></div>
</div>
</div>
</div>
<script type="text/javascript">
$.getScript( "/plugins/file?name=ldap&f=js/ldap.js", function(){
pluginService('ldap', $('.plugin_version').attr('version'));
});
</script>

338
plugins/ldap/index.py
Unescape View File

@ -0,0 +1,338 @@
# coding:utf-8
import sys
import io
import os
import time
import re
web_dir = os.getcwd() + "/web"
if os.path.exists(web_dir):
sys.path.append(web_dir)
os.chdir(web_dir)
import core.mw as mw
app_debug = False
if mw.isAppleSystem():
app_debug = True
def getPluginName():
return 'ldap'
def getPluginDir():
return mw.getPluginDir() + '/' + getPluginName()
def getServerDir():
return mw.getServerDir() + '/' + getPluginName()
def getInitDFile():
current_os = mw.getOs()
if current_os == 'darwin':
return '/tmp/' + getPluginName()
if current_os.startswith('freebsd'):
return '/etc/rc.d/' + getPluginName()
return '/etc/init.d/' + getPluginName()
def getConf():
# path = getServerDir() + "/redis.conf"
path = "/etc/ldap/ldap.conf"
return path
def getConfTpl():
path = getPluginDir() + "/config/redis.conf"
return path
def getInitDTpl():
path = getPluginDir() + "/init.d/" + getPluginName() + ".tpl"
return path
def getArgs():
args = sys.argv[3:]
tmp = {}
args_len = len(args)
if args_len == 1:
t = args[0].strip('{').strip('}')
if t.strip() == '':
tmp = []
else:
t = t.split(':')
tmp[t[0]] = t[1]
tmp[t[0]] = t[1]
elif args_len > 1:
for i in range(len(args)):
t = args[i].split(':')
tmp[t[0]] = t[1]
return tmp
def checkArgs(data, ck=[]):
for i in range(len(ck)):
if not ck[i] in data:
return (False, mw.returnJson(False, '参数:(' + ck[i] + ')没有!'))
return (True, mw.returnJson(True, 'ok'))
def configTpl():
path = "/etc/ldap/schema"
pathFile = os.listdir(path)
tmp = []
for one in pathFile:
file = path + '/' + one
tmp.append(file)
return mw.getJson(tmp)
def readConfigTpl():
args = getArgs()
data = checkArgs(args, ['file'])
if not data[0]:
return data[1]
content = mw.readFile(args['file'])
content = contentReplace(content)
return mw.returnJson(True, 'ok', content)
def getPidFile():
file = getConf()
content = mw.readFile(file)
rep = r'pidfile\s*(.*)'
tmp = re.search(rep, content)
return tmp.groups()[0].strip()
def status():
pid_file = "/var/run/slapd/slapd.pid"
if not os.path.exists(pid_file):
return 'stop'
# data = mw.execShell(
# "ps aux|grep redis |grep -v grep | grep -v python | grep -v mdserver-web | awk '{print $2}'")
# if data[0] == '':
# return 'stop'
return 'start'
def contentReplace(content):
service_path = mw.getServerDir()
content = content.replace('{$ROOT_PATH}', mw.getFatherDir())
return content
def initDreplace():
service_path = mw.getServerDir()
return True
def ladpOp(method):
initDreplace()
current_os = mw.getOs()
if current_os == "darwin":
return 'ok'
if current_os.startswith("freebsd"):
data = mw.execShell('service slapd ' + method)
if data[1] == '':
return 'ok'
return data[1]
data = mw.execShell('systemctl ' + method + ' slapd')
if data[1] == '':
return 'ok'
return data[1]
def start():
return ladpOp('start')
def stop():
return ladpOp('stop')
def restart():
status = ladpOp('restart')
log_file = runLog()
mw.execShell("echo '' > " + log_file)
return status
def reload():
return ladpOp('reload')
def getPort():
conf = getConf()
content = mw.readFile(conf)
rep = r"^(port)\s*([.0-9A-Za-z_& ~]+)"
tmp = re.search(rep, content, re.M)
if tmp:
return tmp.groups()[1]
return '6379'
def initdStatus():
current_os = mw.getOs()
if current_os == 'darwin':
return "Apple Computer does not support"
if current_os.startswith('freebsd'):
initd_bin = getInitDFile()
if os.path.exists(initd_bin):
return 'ok'
shell_cmd = 'systemctl status slapd | grep loaded | grep "enabled;"'
data = mw.execShell(shell_cmd)
if data[0] == '':
return 'fail'
return 'ok'
def initdInstall():
current_os = mw.getOs()
if current_os == 'darwin':
return "Apple Computer does not support"
# freebsd initd install
if current_os.startswith('freebsd'):
import shutil
source_bin = initDreplace()
initd_bin = getInitDFile()
shutil.copyfile(source_bin, initd_bin)
mw.execShell('chmod +x ' + initd_bin)
mw.execShell('sysrc slapd_enable="YES"')
return 'ok'
mw.execShell('systemctl enable slapd')
return 'ok'
def initdUinstall():
current_os = mw.getOs()
if current_os == 'darwin':
return "Apple Computer does not support"
if current_os.startswith('freebsd'):
initd_bin = getInitDFile()
os.remove(initd_bin)
mw.execShell('sysrc slapd_enable="NO"')
return 'ok'
mw.execShell('systemctl disable slapd')
return 'ok'
def runLog():
return getServerDir() + '/data/redis.log'
def getRedisConfInfo():
conf = getConf()
gets = [
{'name': 'bind', 'type': 2, 'ps': '绑定IP(修改绑定IP可能会存在安全隐患)','must_show':1},
{'name': 'port', 'type': 2, 'ps': '绑定端口','must_show':1},
{'name': 'timeout', 'type': 2, 'ps': '空闲链接超时时间,0表示不断开','must_show':1},
{'name': 'maxclients', 'type': 2, 'ps': '最大连接数','must_show':1},
{'name': 'databases', 'type': 2, 'ps': '数据库数量','must_show':1},
{'name': 'requirepass', 'type': 2, 'ps': 'redis密码,留空代表没有设置密码','must_show':1},
{'name': 'maxmemory', 'type': 2, 'ps': 'MB,最大使用内存,0表示不限制','must_show':1},
{'name': 'slaveof', 'type': 2, 'ps': '同步主库地址','must_show':0},
{'name': 'masterauth', 'type': 2, 'ps': '同步主库密码', 'must_show':0}
]
content = mw.readFile(conf)
result = []
for g in gets:
rep = r"^(" + g['name'] + r'\)\s*([.0-9A-Za-z_& ~]+)'
tmp = re.search(rep, content, re.M)
if not tmp:
if g['must_show'] == 0:
continue
g['value'] = ''
result.append(g)
continue
g['value'] = tmp.groups()[1]
if g['name'] == 'maxmemory':
g['value'] = g['value'].strip("mb")
result.append(g)
return result
def getRedisConf():
data = getRedisConfInfo()
return mw.getJson(data)
def submitRedisConf():
gets = ['bind', 'port', 'timeout', 'maxclients',
'databases', 'requirepass', 'maxmemory','slaveof','masterauth']
args = getArgs()
conf = getConf()
content = mw.readFile(conf)
for g in gets:
if g in args:
rep = g + r'\s*([.0-9A-Za-z_& ~]+)'
val = g + ' ' + args[g]
if g == 'maxmemory':
val = g + ' ' + args[g] + "mb"
if g == 'requirepass' and args[g] == '':
content = re.sub('requirepass', '#requirepass', content)
if g == 'requirepass' and args[g] != '':
content = re.sub('#requirepass', 'requirepass', content)
content = re.sub(rep, val, content)
if g != 'requirepass':
content = re.sub(rep, val, content)
mw.writeFile(conf, content)
reload()
return mw.returnJson(True, '设置成功')
if __name__ == "__main__":
func = sys.argv[1]
if func == 'status':
print(status())
elif func == 'start':
print(start())
elif func == 'stop':
print(stop())
elif func == 'restart':
print(restart())
elif func == 'reload':
print(reload())
elif func == 'initd_status':
print(initdStatus())
elif func == 'initd_install':
print(initdInstall())
elif func == 'initd_uninstall':
print(initdUinstall())
elif func == 'run_info':
print(runInfo())
elif func == 'conf':
print(getConf())
elif func == 'run_log':
print(runLog())
elif func == 'get_redis_conf':
print(getRedisConf())
elif func == 'submit_redis_conf':
print(submitRedisConf())
elif func == 'config_tpl':
print(configTpl())
elif func == 'read_config_tpl':
print(readConfigTpl())
else:
print('error')

17
plugins/ldap/info.json
Unescape View File

@ -0,0 +1,17 @@
{
"sort":4,
"ps": "LDAP轻量目录服务",
"name": "ldap",
"title": "LDAP",
"shell": "install.sh",
"versions":["1.0"],
"tip": "soft",
"checks": "server/ldap",
"path": "server/ldap",
"display": 1,
"author": "ladp",
"date": "2025-01-28",
"home": "",
"type": 0,
"pid": "4"
}

41
plugins/ldap/install.sh
Unescape View File

@ -0,0 +1,41 @@
#!/bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin:/opt/homebrew/bin
export PATH
curPath=`pwd`
rootPath=$(dirname "$curPath")
rootPath=$(dirname "$rootPath")
serverPath=$(dirname "$rootPath")
sysName=`uname`
sysArch=`arch`
VERSION=$2
# https://juejin.cn/post/7309323953683480588
# 该命令将在本地服务器上查找并返回在 “dc=bytedance,dc=local” 这个起点(和其下的所有子目录)下,所有 cn 属性有值的条目的详细信息
# ldapsearch -x -H ldap://localhost -b "dc=bytedance,dc=local" "(cn=*)"
Install_App()
{
echo '正在安装脚本文件...'
apt install -y slapd ldap-utils
mkdir -p $serverPath/ldap
echo "${VERSION}" > $serverPath/ldap/version.pl
echo "${VERSION}安装完成"
}
Uninstall_App()
{
rm -rf $serverPath/ldap/version.pl
echo "卸载ldap成功"
}
action=$1
if [ "${1}" == 'install' ];then
Install_App
else
Uninstall_App
fi

116
plugins/ldap/js/ldap.js
Unescape View File

@ -0,0 +1,116 @@
function ldapPost(method, version, args,callback){
var loadT = layer.msg('正在获取...', { icon: 16, time: 0, shade: 0.3 });
var req_data = {};
req_data['name'] = 'ldap';
req_data['func'] = method;
req_data['version'] = version;
if (typeof(args) == 'string'){
req_data['args'] = JSON.stringify(toArrayObject(args));
} else {
req_data['args'] = JSON.stringify(args);
}
$.post('/plugins/run', req_data, function(data) {
layer.close(loadT);
if (!data.status){
//错误展示10S
layer.msg(data.msg,{icon:0,time:2000,shade: [10, '#000']});
return;
}
if(typeof(callback) == 'function'){
callback(data);
}
},'json');
}
function ldapPostCallbak(method, version, args,callback){
var loadT = layer.msg('正在获取...', { icon: 16, time: 0, shade: 0.3 });
var req_data = {};
req_data['name'] = 'ldap';
req_data['func'] = method;
args['version'] = version;
if (typeof(args) == 'string'){
req_data['args'] = JSON.stringify(toArrayObject(args));
} else {
req_data['args'] = JSON.stringify(args);
}
$.post('/plugins/callback', req_data, function(data) {
layer.close(loadT);
if (!data.status){
layer.msg(data.msg,{icon:0,time:2000,shade: [0.3, '#000']});
return;
}
if(typeof(callback) == 'function'){
callback(data);
}
},'json');
}
//配置修改
function getLadpConfig(version) {
ladpPost('get_redis_conf', version,'',function(data){
// console.log(data);
var rdata = $.parseJSON(data.data);
// console.log(rdata);
var mlist = '';
for (var i = 0; i < rdata.length; i++) {
var w = '70'
if (rdata[i].name == 'error_reporting') w = '250';
var ibody = '<input style="width: ' + w + 'px;" class="bt-input-text mr5" name="' + rdata[i].name + '" value="' + rdata[i].value + '" type="text" >';
switch (rdata[i].type) {
case 0:
var selected_1 = (rdata[i].value == 1) ? 'selected' : '';
var selected_0 = (rdata[i].value == 0) ? 'selected' : '';
ibody = '<select class="bt-input-text mr5" name="' + rdata[i].name + '" style="width: ' + w + 'px;"><option value="1" ' + selected_1 + '>开启</option><option value="0" ' + selected_0 + '>关闭</option></select>'
break;
case 1:
var selected_1 = (rdata[i].value == 'On') ? 'selected' : '';
var selected_0 = (rdata[i].value == 'Off') ? 'selected' : '';
ibody = '<select class="bt-input-text mr5" name="' + rdata[i].name + '" style="width: ' + w + 'px;"><option value="On" ' + selected_1 + '>开启</option><option value="Off" ' + selected_0 + '>关闭</option></select>'
break;
}
mlist += '<p><span>' + rdata[i].name + '</span>' + ibody + ', <font>' + rdata[i].ps + '</font></p>'
}
var con = '<style>.conf_p p{margin-bottom: 2px}</style><div class="conf_p" style="margin-bottom:0">' + mlist + '\
<div style="margin-top:10px; padding-right:15px" class="text-right"><button class="btn btn-success btn-sm mr5" onclick="getRedisConfig(\'' + version + '\')">刷新</button>\
<button class="btn btn-success btn-sm" onclick="submitConf(\'' + version + '\')">保存</button></div>\
</div>'
$(".soft-man-con").html(con);
});
}
//提交配置
function submitConf(version) {
var data = {
version: version,
bind: $("input[name='bind']").val(),
'port': $("input[name='port']").val(),
'timeout': $("input[name='timeout']").val(),
maxclients: $("input[name='maxclients']").val(),
databases: $("input[name='databases']").val(),
requirepass: $("input[name='requirepass']").val(),
maxmemory: $("input[name='maxmemory']").val(),
};
redisPost('submit_ladp_conf', version, data, function(ret_data){
var rdata = $.parseJSON(ret_data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
});
}
function ladpReadme(){
var readme = '<ul class="help-info-text c7">';
readme += '<li>集群创建1</li>';
readme += '</ul>';
$('.soft-man-con').html(readme);
}

3
plugins/openresty/conf/nginx.conf
Unescape View File

@ -34,10 +34,11 @@ http
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;

110
plugins/php/versions/common/ldap.sh
Unescape View File

@ -0,0 +1,110 @@
#!/bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin:/opt/homebrew/bin
export PATH=$PATH:/opt/homebrew/bin
curPath=`pwd`
rootPath=$(dirname "$curPath")
rootPath=$(dirname "$rootPath")
rootPath=$(dirname "$rootPath")
rootPath=$(dirname "$rootPath")
serverPath=$(dirname "$rootPath")
sourcePath=${serverPath}/source/php
SYS_ARCH=`arch`
actionType=$1
version=$2
LIBNAME=ldap
LIBV=0
LIB_PATH_NAME=lib/php
if [ -d $serverPath/php/${version}/lib64 ];then
LIB_PATH_NAME=lib64
fi
NON_ZTS_FILENAME=`ls $serverPath/php/${version}/${LIB_PATH_NAME}/extensions | grep no-debug-non-zts`
extFile=$serverPath/php/${version}/${LIB_PATH_NAME}/extensions/${NON_ZTS_FILENAME}/${LIBNAME}.so
sysName=`uname`
if [ "$sysName" == "Darwin" ];then
BAK='_bak'
else
BAK=''
fi
Install_lib()
{
isInstall=`cat $serverPath/php/$version/etc/php.ini|grep "${LIBNAME}.so"`
if [ "${isInstall}" != "" ];then
echo "php-$version 已安装${LIBNAME},请选择其它版本!"
return
fi
if [ ! -f "$extFile" ];then
if [ ! -d $sourcePath/php${version}/ext ];then
cd ${rootPath}/plugins/php && /bin/bash ${rootPath}/plugins/php/versions/${version}/install.sh install
fi
cd $sourcePath/php${version}/ext/${LIBNAME}
OPTIONS=""
if [ "${SYS_ARCH}" == "aarch64" ] && [ "$version" -lt "56" ];then
OPTIONS="$OPTIONS --build=aarch64-unknown-linux-gnu --host=aarch64-unknown-linux-gnu"
fi
$serverPath/php/$version/bin/phpize
./configure --with-php-config=$serverPath/php/$version/bin/php-config $OPTIONS
make clean && make && make install && make clean
if [ -d $sourcePath/php${version} ];then
cd ${sourcePath} && rm -rf $sourcePath/php${version}
fi
fi
if [ ! -f "$extFile" ];then
echo "ERROR!"
return
fi
echo "" >> $serverPath/php/$version/etc/php.ini
echo "[${LIBNAME}]" >> $serverPath/php/$version/etc/php.ini
echo "extension=${LIBNAME}.so" >> $serverPath/php/$version/etc/php.ini
cd ${curPath} && bash ${rootPath}/plugins/php/versions/lib.sh $version restart
echo '==========================================================='
echo 'successful!'
}
Uninstall_lib()
{
if [ ! -f "$serverPath/php/$version/bin/php-config" ];then
echo "php-$version 未安装,请选择其它版本!"
return
fi
if [ ! -f "$extFile" ];then
echo "php-$version 未安装${LIBNAME},请选择其它版本!"
return
fi
echo $serverPath/php/$version/etc/php.ini
sed -i $BAK "/${LIBNAME}.so/d" $serverPath/php/$version/etc/php.ini
sed -i $BAK "/${LIBNAME}/d" $serverPath/php/$version/etc/php.ini
rm -f $extFile
cd ${curPath} && bash ${rootPath}/plugins/php/versions/lib.sh $version restart
echo '==============================================='
echo 'successful!'
}
if [ "$actionType" == 'install' ];then
Install_lib
elif [ "$actionType" == 'uninstall' ];then
Uninstall_lib
fi

23
plugins/php/versions/phplib.conf
Unescape View File

@ -183,10 +183,31 @@
"83"
],
"type": "通用扩展",
"msg": "加密软件!",
"msg": "加密软件",
"shell": "mcrypt.sh",
"check": "mcrypt.so"
},
{
"name": "ldap",
"versions": [
"55",
"56",
"70",
"71",
"72",
"73",
"74",
"80",
"81",
"82",
"83",
"84"
],
"type": "通用扩展",
"msg": "轻型目录访问协议",
"shell": "ldap.sh",
"check": "ldap.so"
},
{
"name": "mysql_xdevapi",
"versions": [

656
plugins/phpldapadmin/conf/config.php
Unescape View File

@ -0,0 +1,656 @@
<?php
/** NOTE **
** Make sure that <?php is the FIRST line of this file!
** IE: There should NOT be any blank lines or spaces BEFORE <?php
**/
/**
* The phpLDAPadmin config file
* See: http://phpldapadmin.sourceforge.net/wiki/index.php/Config.php
*
* This is where you can customise some of the phpLDAPadmin defaults
* that are defined in config_default.php.
*
* To override a default, use the $config->custom variable to do so.
* For example, the default for defining the language in config_default.php
*
* $this->default->appearance['language'] = array(
* 'desc'=>'Language',
* 'default'=>'auto');
*
* to override this, use $config->custom->appearance['language'] = 'en_EN';
*
* This file is also used to configure your LDAP server connections.
*
* You must specify at least one LDAP server there. You may add
* as many as you like. You can also specify your language, and
* many other options.
*
* NOTE: Commented out values in this file prefixed by //, represent the
* defaults that have been defined in config_default.php.
* Commented out values prefixed by #, dont reflect their default value, you can
* check config_default.php if you want to see what the default is.
*
* DONT change config_default.php, you changes will be lost by the next release
* of PLA. Instead change this file - as it will NOT be replaced by a new
* version of phpLDAPadmin.
*/
/*********************************************
* Useful important configuration overrides *
*********************************************/
/* If you are asked to put PLA in debug mode, this is how you do it: */
# $config->custom->debug['level'] = 255;
# $config->custom->debug['syslog'] = true;
# $config->custom->debug['file'] = '/tmp/pla_debug.log';
/* phpLDAPadmin can encrypt the content of sensitive cookies if you set this
to a big random string. */
// $config->custom->session['blowfish'] = null;
/* If your auth_type is http, you can override your HTTP Authentication Realm. */
// $config->custom->session['http_realm'] = sprintf('%s %s',app_name(),'login');
/* The language setting. If you set this to 'auto', phpLDAPadmin will attempt
to determine your language automatically.
If PLA doesnt show (all) strings in your language, then you can do some
translation at http://translations.launchpad.net/phpldapadmin and download
the translation files, replacing those provided with PLA.
(We'll pick up the translations before making the next release too!) */
// $config->custom->appearance['language'] = 'auto';
/* The temporary storage directory where we will put jpegPhoto data
This directory must be readable and writable by your web server. */
// $config->custom->jpeg['tmpdir'] = '/tmp'; // Example for Unix systems
# $config->custom->jpeg['tmpdir'] = 'c:\\temp'; // Example for Windows systems
/* Set this to (bool)true if you do NOT want a random salt used when
calling crypt(). Instead, use the first two letters of the user's
password. This is insecure but unfortunately needed for some older
environments. */
# $config->custom->password['no_random_crypt_salt'] = true;
/* If you want to restrict password available types (encryption algorithms)
Should be subset of:
array(
''=>'clear',
'bcrypt'=>'bcrypt',
'blowfish'=>'blowfish',
'crypt'=>'crypt',
'ext_des'=>'ext_des',
'md5'=>'md5',
'k5key'=>'k5key',
'md5crypt'=>'md5crypt',
'sha'=>'sha',
'smd5'=>'smd5',
'ssha'=>'ssha',
'sha256'=>'sha256',
'ssha256'=>'ssha256',
'sha384'=>'sha384',
'ssha384'=>'ssha384',
'sha512'=>'sha512',
'ssha512'=>'ssha512',
'sha256crypt'=>'sha256crypt',
'sha512crypt'=>'sha512crypt',
'argon2i'=>'argon2i',
'argon2id'=>'argon2id',
)*/
# $config->custom->password['available_types'] = array(''=>'clear','md5'=>'md5');
/* PHP script timeout control. If php runs longer than this many seconds then
PHP will stop with an Maximum Execution time error. Increase this value from
the default if queries to your LDAP server are slow. The default is either
30 seconds or the setting of max_exection_time if this is null. */
// $config->custom->session['timelimit'] = 30;
/* Our local timezone
This is to make sure that when we ask the system for the current time, we
get the right local time. If this is not set, all time() calculations will
assume UTC if you have not set PHP date.timezone. */
// $config->custom->appearance['timezone'] = null;
# $config->custom->appearance['timezone'] = 'Australia/Melbourne';
/*********************************************
* Commands *
*********************************************/
/* Command availability ; if you don't authorize a command the command
links will not be shown and the command action will not be permitted.
For better security, set also ACL in your ldap directory. */
/*
$config->custom->commands['cmd'] = array(
'entry_internal_attributes_show' => true,
'entry_refresh' => true,
'oslinks' => true,
'switch_template' => true
);
$config->custom->commands['script'] = array(
'add_attr_form' => true,
'add_oclass_form' => true,
'add_value_form' => true,
'collapse' => true,
'compare' => true,
'compare_form' => true,
'copy' => true,
'copy_form' => true,
'create' => true,
'create_confirm' => true,
'delete' => true,
'delete_attr' => true,
'delete_form' => true,
'draw_tree_node' => true,
'expand' => true,
'export' => true,
'export_form' => true,
'import' => true,
'import_form' => true,
'login' => true,
'logout' => true,
'login_form' => true,
'mass_delete' => true,
'mass_edit' => true,
'mass_update' => true,
'modify_member_form' => true,
'monitor' => true,
'purge_cache' => true,
'query_engine' => true,
'rename' => true,
'rename_form' => true,
'rdelete' => true,
'refresh' => true,
'schema' => true,
'server_info' => true,
'show_cache' => true,
'template_engine' => true,
'update_confirm' => true,
'update' => true
);
*/
/*********************************************
* Appearance *
*********************************************/
/* If you want to choose the appearance of the tree, specify a class name which
inherits from the Tree class. */
// $config->custom->appearance['tree'] = 'AJAXTree';
# $config->custom->appearance['tree'] = 'HTMLTree';
/* Just show your custom templates. */
// $config->custom->appearance['custom_templates_only'] = false;
/* Disable the default template. */
// $config->custom->appearance['disable_default_template'] = false;
/* Hide the warnings for invalid objectClasses/attributes in templates. */
// $config->custom->appearance['hide_template_warning'] = false;
/* Set to true if you would like to hide header and footer parts. */
// $config->custom->appearance['minimalMode'] = false;
/* Configure what objects are shown in left hand tree */
// $config->custom->appearance['tree_filter'] = '(objectclass=*)';
/* The height and width of the tree. If these values are not set, then
no tree scroll bars are provided. */
// $config->custom->appearance['tree_height'] = null;
# $config->custom->appearance['tree_height'] = 600;
// $config->custom->appearance['tree_width'] = null;
# $config->custom->appearance['tree_width'] = 250;
/* Number of tree command icons to show, 0 = show all icons on 1 row. */
// $config->custom->appearance['tree_icons'] = 0;
# $config->custom->appearance['tree_icons'] = 4;
/* Confirm create and update operations, allowing you to review the changes
and optionally skip attributes during the create/update operation. */
// $config->custom->confirm['create'] = true;
// $config->custom->confirm['update'] = true;
/* Confirm copy operations, and treat them like create operations. This allows
you to edit the attributes (thus changing any that might conflict with
uniqueness) before creating the new entry. */
// $config->custom->confirm['copy'] = true;
/*********************************************
* User-friendly attribute translation *
*********************************************/
/* Use this array to map attribute names to user friendly names. For example, if
you don't want to see "facsimileTelephoneNumber" but rather "Fax". */
// $config->custom->appearance['friendly_attrs'] = array();
$config->custom->appearance['friendly_attrs'] = array(
'facsimileTelephoneNumber' => 'Fax',
'gid' => 'Group',
'mail' => 'Email',
'telephoneNumber' => 'Telephone',
'uid' => 'User Name',
'userPassword' => 'Password'
);
/*********************************************
* Hidden attributes *
*********************************************/
/* You may want to hide certain attributes from being edited. If you want to
hide attributes from the user, you should use your LDAP servers ACLs.
NOTE: The user must be able to read the hide_attrs_exempt entry to be
excluded. */
// $config->custom->appearance['hide_attrs'] = array();
# $config->custom->appearance['hide_attrs'] = array('objectClass');
/* Members of this list will be exempt from the hidden attributes. */
// $config->custom->appearance['hide_attrs_exempt'] = null;
# $config->custom->appearance['hide_attrs_exempt'] = 'cn=PLA UnHide,ou=Groups,c=AU';
/*********************************************
* Read-only attributes *
*********************************************/
/* You may want to phpLDAPadmin to display certain attributes as read only,
meaning that users will not be presented a form for modifying those
attributes, and they will not be allowed to be modified on the "back-end"
either. You may configure this list here:
NOTE: The user must be able to read the readonly_attrs_exempt entry to be
excluded. */
// $config->custom->appearance['readonly_attrs'] = array();
/* Members of this list will be exempt from the readonly attributes. */
// $config->custom->appearance['readonly_attrs_exempt'] = null;
# $config->custom->appearance['readonly_attrs_exempt'] = 'cn=PLA ReadWrite,ou=Groups,c=AU';
/*********************************************
* Group attributes *
*********************************************/
/* Add "modify group members" link to the attribute. */
// $config->custom->modify_member['groupattr'] = array('member','uniqueMember','memberUid','sudoUser');
/* Configure filter for member search. This only applies to "modify group members" feature */
// $config->custom->modify_member['filter'] = '(objectclass=Person)';
/* Attribute that is added to the group member attribute. */
// $config->custom->modify_member['attr'] = 'dn';
/* For Posix attributes */
// $config->custom->modify_member['posixattr'] = 'uid';
// $config->custom->modify_member['posixfilter'] = '(uid=*)';
// $config->custom->modify_member['posixgroupattr'] = 'memberUid';
/*********************************************
* Support for attrs display order *
*********************************************/
/* Use this array if you want to have your attributes displayed in a specific
order. You can use default attribute names or their fridenly names.
For example, "sn" will be displayed right after "givenName". All the other
attributes that are not specified in this array will be displayed after in
alphabetical order. */
// $config->custom->appearance['attr_display_order'] = array();
# $config->custom->appearance['attr_display_order'] = array(
# 'givenName',
# 'sn',
# 'cn',
# 'displayName',
# 'uid',
# 'uidNumber',
# 'gidNumber',
# 'homeDirectory',
# 'mail',
# 'userPassword'
# );
/*********************************************
* Define your LDAP servers in this section *
*********************************************/
$servers = new Datastore();
/* $servers->NewServer('ldap_pla') must be called before each new LDAP server
declaration. */
$servers->newServer('ldap_pla');
/* A convenient name that will appear in the tree viewer and throughout
phpLDAPadmin to identify this LDAP server to users. */
$servers->setValue('server','name','My LDAP Server');
/* Examples:
'ldap.example.com',
'ldaps://ldap.example.com/',
'ldapi://%2fusr%local%2fvar%2frun%2fldapi'
(Unix socket at /usr/local/var/run/ldap) */
// $servers->setValue('server','host','127.0.0.1');
/* The port your LDAP server listens on (no quotes). 389 is standard. */
// $servers->setValue('server','port',389);
/* Array of base DNs of your LDAP server. Leave this blank to have phpLDAPadmin
auto-detect it for you. */
// $servers->setValue('server','base',array(''));
/* Five options for auth_type:
1. 'cookie': you will login via a web form, and a client-side cookie will
store your login dn and password.
2. 'session': same as cookie but your login dn and password are stored on the
web server in a persistent session variable.
3. 'http': same as session but your login dn and password are retrieved via
HTTP authentication.
4. 'config': specify your login dn and password here in this config file. No
login will be required to use phpLDAPadmin for this server.
5. 'sasl': login will be taken from the webserver's kerberos authentication.
Currently only GSSAPI has been tested (using mod_auth_kerb).
6. 'sasl_external': login will be taken from SASL external mechanism.
Choose wisely to protect your authentication information appropriately for
your situation. If you choose 'cookie', your cookie contents will be
encrypted using blowfish and the secret your specify above as
session['blowfish']. */
// $servers->setValue('login','auth_type','session');
/* The DN of the user for phpLDAPadmin to bind with. For anonymous binds or
'cookie','session' or 'sasl' auth_types, LEAVE THE LOGIN_DN AND LOGIN_PASS
BLANK. If you specify a login_attr in conjunction with a cookie or session
auth_type, then you can also specify the bind_id/bind_pass here for searching
the directory for users (ie, if your LDAP server does not allow anonymous
binds. */
// $servers->setValue('login','bind_id','');
# $servers->setValue('login','bind_id','cn=Manager,dc=example,dc=com');
/* Your LDAP password. If you specified an empty bind_id above, this MUST also
be blank. */
// $servers->setValue('login','bind_pass','');
# $servers->setValue('login','bind_pass','secret');
/* Use TLS (Transport Layer Security) to connect to the LDAP server. */
// $servers->setValue('server','tls',false);
/* TLS Certificate Authority file (overrides ldap.conf, PHP 7.1+) */
// $servers->setValue('server','tls_cacert',null);
# $servers->setValue('server','tls_cacert','/etc/openldap/certs/ca.crt');
/* TLS Certificate Authority hashed directory (overrides ldap.conf, PHP 7.1+) */
// $servers->setValue('server','tls_cacertdir',null);
# $servers->setValue('server','tls_cacertdir','/etc/openldap/certs');
/* TLS Client Certificate file (PHP 7.1+) */
// $servers->setValue('server','tls_cert',null);
# $servers->setValue('server','tls_cert','/etc/pki/tls/certs/ldap_user.crt');
/* TLS Client Certificate Key file (PHP 7.1+) */
// $servers->setValue('server','tls_key',null);
# $servers->setValue('server','tls_key','/etc/pki/tls/private/ldap_user.key');
/************************************
* SASL Authentication *
************************************/
/* Enable SASL authentication LDAP SASL authentication requires PHP 5.x
configured with --with-ldap-sasl=DIR. If this option is disabled (ie, set to
false), then all other sasl options are ignored. */
# $servers->setValue('login','auth_type','sasl');
/* SASL GSSAPI auth mechanism (requires auth_type of sasl) */
// $servers->setValue('sasl','mech','GSSAPI');
/* SASL PLAIN support... this mech converts simple binds to SASL
PLAIN binds using any auth_type (or other bind_id/pass) as credentials.
NOTE: auth_type must be simple auth compatible (ie not sasl) */
# $servers->setValue('sasl','mech','PLAIN');
/* SASL EXTERNAL support... really a different auth_type */
# $servers->setValue('login','auth_type','sasl_external');
/* SASL authentication realm name */
// $servers->setValue('sasl','realm','');
# $servers->setValue('sasl','realm','EXAMPLE.COM');
/* SASL authorization ID name
If this option is undefined, authorization id will be computed from bind DN,
using authz_id_regex and authz_id_replacement. */
// $servers->setValue('sasl','authz_id', null);
/* SASL authorization id regex and replacement
When authz_id property is not set (default), phpLDAPAdmin will try to
figure out authorization id by itself from bind distinguished name (DN).
This procedure is done by calling preg_replace() php function in the
following way:
$authz_id = preg_replace($sasl_authz_id_regex,$sasl_authz_id_replacement,
$bind_dn);
For info about pcre regexes, see:
- pcre(3), perlre(3)
- http://www.php.net/preg_replace */
// $servers->setValue('sasl','authz_id_regex',null);
// $servers->setValue('sasl','authz_id_replacement',null);
# $servers->setValue('sasl','authz_id_regex','/^uid=([^,]+)(.+)/i');
# $servers->setValue('sasl','authz_id_replacement','$1');
/* SASL auth security props.
See http://beepcore-tcl.sourceforge.net/tclsasl.html#anchor5 for explanation. */
// $servers->setValue('sasl','props',null);
/* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5,
blowfish, crypt or leave blank for now default algorithm. */
// $servers->setValue('appearance','pla_password_hash','md5');
/* If you specified 'cookie' or 'session' as the auth_type above, you can
optionally specify here an attribute to use when logging in. If you enter
'uid' and login as 'dsmith', phpLDAPadmin will search for (uid=dsmith)
and log in as that user.
Leave blank or specify 'dn' to use full DN for logging in. Note also that if
your LDAP server requires you to login to perform searches, you can enter the
DN to use when searching in 'bind_id' and 'bind_pass' above. */
// $servers->setValue('login','attr','dn');
/* Base DNs to used for logins. If this value is not set, then the LDAP server
Base DNs are used. */
// $servers->setValue('login','base',array());
/* If 'login,attr' is used above such that phpLDAPadmin will search for your DN
at login, you may restrict the search to a specific objectClasses. EG, set this
to array('posixAccount') or array('inetOrgPerson',..), depending upon your
setup. */
// $servers->setValue('login','class',array());
/* If login_attr was set to 'dn', it is possible to specify a template string to
build the DN from. Use '%s' where user input should be inserted. A user may
still enter the complete DN. In this case the template will not be used. */
// $servers->setValue('login','bind_dn_template',null);
# $servers->setValue('login','bind_dn_template','cn=%s,ou=people,dc=example,dc=com');
/* If you specified something different from 'dn', for example 'uid', as the
login_attr above, you can optionally specify here to fall back to
authentication with dn.
This is useful, when users should be able to log in with their uid, but
the ldap administrator wants to log in with his root-dn, that does not
necessarily have the uid attribute.
When using this feature, login_class is ignored. */
// $servers->setValue('login','fallback_dn',false);
/* Specify true If you want phpLDAPadmin to not display or permit any
modification to the LDAP server. */
// $servers->setValue('server','read_only',false);
/* Specify false if you do not want phpLDAPadmin to draw the 'Create new' links
in the tree viewer. */
// $servers->setValue('appearance','show_create',true);
/* Set to true if you would like to initially open the first level of each tree. */
// $servers->setValue('appearance','open_tree',false);
/* Set to true to display authorization ID in place of login dn (PHP 7.2+) */
// $servers->setValue('appearance','show_authz',false);
/* This feature allows phpLDAPadmin to automatically determine the next
available uidNumber for a new entry. */
// $servers->setValue('auto_number','enable',true);
/* The mechanism to use when finding the next available uidNumber. Two possible
values: 'uidpool' or 'search'.
The 'uidpool' mechanism uses an existing uidPool entry in your LDAP server to
blindly lookup the next available uidNumber. The 'search' mechanism searches
for entries with a uidNumber value and finds the first available uidNumber
(slower). */
// $servers->setValue('auto_number','mechanism','search');
/* The DN of the search base when the 'search' mechanism is used above. */
# $servers->setValue('auto_number','search_base','ou=People,dc=example,dc=com');
/* The minimum number to use when searching for the next available number
(only when 'search' is used for auto_number. */
// $servers->setValue('auto_number','min',array('uidNumber'=>1000,'gidNumber'=>500));
/* If you set this, then phpldapadmin will bind to LDAP with this user ID when
searching for the uidnumber. The idea is, this user id would have full
(readonly) access to uidnumber in your ldap directory (the logged in user
may not), so that you can be guaranteed to get a unique uidnumber for your
directory. */
// $servers->setValue('auto_number','dn',null);
/* The password for the dn above. */
// $servers->setValue('auto_number','pass',null);
/* Enable anonymous bind login. */
// $servers->setValue('login','anon_bind',true);
/* Use customized page with prefix when available. */
# $servers->setValue('custom','pages_prefix','custom_');
/* If you set this, then only these DNs are allowed to log in. This array can
contain individual users, groups or ldap search filter(s). Keep in mind that
the user has not authenticated yet, so this will be an anonymous search to
the LDAP server, so make your ACLs allow these searches to return results! */
# $servers->setValue('login','allowed_dns',array(
# 'uid=stran,ou=People,dc=example,dc=com',
# '(&(gidNumber=811)(objectClass=groupOfNames))',
# '(|(uidNumber=200)(uidNumber=201))',
# 'cn=callcenter,ou=Group,dc=example,dc=com'));
/* Set this if you dont want this LDAP server to show in the tree */
// $servers->setValue('server','visible',true);
/* Set this if you want to hide the base DNs that dont exist instead of
displaying the message "The base entry doesnt exist, create it?"
// $servers->setValue('server','hide_noaccess_base',false);
# $servers->setValue('server','hide_noaccess_base',true);
/* This is the time out value in minutes for the server. After as many minutes
of inactivity you will be automatically logged out. If not set, the default
value will be ( session_cache_expire()-1 ) */
# $servers->setValue('login','timeout',30);
/* Set this if you want phpldapadmin to perform rename operation on entry which
has children. Certain servers are known to allow it, certain are not. */
// $servers->setValue('server','branch_rename',false);
/* If you set this, then phpldapadmin will show these attributes as
internal attributes, even if they are not defined in your schema. */
// $servers->setValue('server','custom_sys_attrs',array(''));
# $servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime'));
/* If you set this, then phpldapadmin will show these attributes on
objects, even if they are not defined in your schema. */
// $servers->setValue('server','custom_attrs',array(''));
# $servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
/* These attributes will be forced to MAY attributes and become option in the
templates. If they are not defined in the templates, then they wont appear
as per normal template processing. You may want to do this because your LDAP
server may automatically calculate a default value.
In Fedora Directory Server using the DNA Plugin one could ignore uidNumber,
gidNumber and sambaSID. */
// $servers->setValue('server','force_may',array(''));
# $servers->setValue('server','force_may',array('uidNumber','gidNumber','sambaSID'));
/*********************************************
* Unique attributes *
*********************************************/
/* You may want phpLDAPadmin to enforce some attributes to have unique values
(ie: not belong to other entries in your tree. This (together with
'unique','dn' and 'unique','pass' option will not let updates to
occur with other attributes have the same value. */
# $servers->setValue('unique','attrs',array('mail','uid','uidNumber'));
/* If you set this, then phpldapadmin will bind to LDAP with this user ID when
searching for attribute uniqueness. The idea is, this user id would have full
(readonly) access to your ldap directory (the logged in user may not), so
that you can be guaranteed to get a unique uidnumber for your directory. */
// $servers->setValue('unique','dn',null);
/* The password for the dn above. */
// $servers->setValue('unique','pass',null);
/**************************************************************************
* If you want to configure additional LDAP servers, do so below. *
* Remove the commented lines and use this section as a template for all *
* your other LDAP servers. *
**************************************************************************/
/*
$servers->newServer('ldap_pla');
$servers->setValue('server','name','LDAP Server');
$servers->setValue('server','host','127.0.0.1');
$servers->setValue('server','port',389);
$servers->setValue('server','base',array(''));
$servers->setValue('login','auth_type','cookie');
$servers->setValue('login','bind_id','');
$servers->setValue('login','bind_pass','');
$servers->setValue('server','tls',false);
# SASL auth
$servers->setValue('login','auth_type','sasl');
$servers->setValue('sasl','mech','GSSAPI');
$servers->setValue('sasl','realm','EXAMPLE.COM');
$servers->setValue('sasl','authz_id',null);
$servers->setValue('sasl','authz_id_regex','/^uid=([^,]+)(.+)/i');
$servers->setValue('sasl','authz_id_replacement','$1');
$servers->setValue('sasl','props',null);
$servers->setValue('appearance','pla_password_hash','md5');
$servers->setValue('login','attr','dn');
$servers->setValue('login','fallback_dn',false);
$servers->setValue('login','class',null);
$servers->setValue('server','read_only',false);
$servers->setValue('appearance','show_create',true);
$servers->setValue('auto_number','enable',true);
$servers->setValue('auto_number','mechanism','search');
$servers->setValue('auto_number','search_base',null);
$servers->setValue('auto_number','min',array('uidNumber'=>1000,'gidNumber'=>500));
$servers->setValue('auto_number','dn',null);
$servers->setValue('auto_number','pass',null);
$servers->setValue('login','anon_bind',true);
$servers->setValue('custom','pages_prefix','custom_');
$servers->setValue('unique','attrs',array('mail','uid','uidNumber'));
$servers->setValue('unique','dn',null);
$servers->setValue('unique','pass',null);
$servers->setValue('server','visible',true);
$servers->setValue('login','timeout',30);
$servers->setValue('server','branch_rename',false);
$servers->setValue('server','custom_sys_attrs',array('passwordExpirationTime','passwordAllowChangeTime'));
$servers->setValue('server','custom_attrs',array('nsRoleDN','nsRole','nsAccountLock'));
$servers->setValue('server','force_may',array('uidNumber','gidNumber','sambaSID'));
*/
/***********************************************************************************
* If you want to configure Google reCAPTCHA on autentication form, do so below. *
* Remove the commented lines and use this section as a template for all *
* reCAPTCHA v2 Generate on https://www.google.com/recaptcha/ *
* *
* IMPORTANT: Select reCAPTCHA v2 on Type of reCAPTCHA *
***********************************************************************************/
$config->custom->session['reCAPTCHA-enable'] = false;
$config->custom->session['reCAPTCHA-key-site'] = '<put-here-key-site>';
$config->custom->session['reCAPTCHA-key-server'] = '<put-here-key-server>';
?>

38
plugins/phpldapadmin/conf/phpldapadmin.conf
Unescape View File

@ -0,0 +1,38 @@
server
{
listen 888;
server_name 127.0.0.1;
index index.html index.htm index.php;
root {$SERVER_PATH}/phpldapadmin;
#error_page 404 /404.html;
include {$PHP_CONF_PATH}/enable-php-{$PHP_VER}.conf;
#AUTH_START
auth_basic "Authorization";
auth_basic_user_file {$SERVER_PATH}/phpldapadmin/pma.pass;
#AUTH_END
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /.*\.(log|pass|json|pl)$ {
deny all;
}
location ~ /\.
{
deny all;
}
access_log {$SERVER_PATH}/phpldapadmin/access.log;
error_log {$SERVER_PATH}/phpldapadmin/error.log;
}

BIN
plugins/phpldapadmin/ico.png
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.2 KiB

24
plugins/phpldapadmin/index.html
Unescape View File

@ -0,0 +1,24 @@
<div class="bt-form">
<div class="bt-w-main">
<div class="bt-w-menu">
<p class="bgw" onclick="pluginService('phpldapadmin');">服务</p>
<p onclick="pluginConfig('phpldapadmin');">重写模版</p>
<p onclick="homePage()">主页</p>
<p onclick="phpVer(56)">PHP版本</p>
<p onclick="safeConf();">安全设置</p>
<p onclick="pluginLogs('phpldapadmin','','access_log');">访问日志</p>
<p onclick="pluginLogs('phpldapadmin','','error_log');">错误日志</p>
<p onclick="pluginConfig('phpldapadmin','','config_inc');" title="config.inc.php">配置</p>
</div>
<div class="bt-w-con pd15">
<div class="soft-man-con"></div>
</div>
</div>
</div>
<script type="text/javascript">
resetPluginWinHeight(500);
$.getScript( "/plugins/file?name=phpldapadmin&f=js/phpldapadmin.js", function(){
pluginService('phpldapadmin');
});
</script>

517
plugins/phpldapadmin/index.py
Unescape View File

@ -0,0 +1,517 @@
# coding:utf-8
import sys
import io
import os
import time
import re
import json
web_dir = os.getcwd() + "/web"
if os.path.exists(web_dir):
sys.path.append(web_dir)
os.chdir(web_dir)
import core.mw as mw
import thisdb
from utils.site import sites as MwSites
app_debug = False
if mw.isAppleSystem():
app_debug = True
def getPluginName():
return 'phpldapadmin'
def getPluginDir():
return mw.getPluginDir() + '/' + getPluginName()
def getServerDir():
return mw.getServerDir() + '/' + getPluginName()
def getArgs():
args = sys.argv[2:]
tmp = {}
args_len = len(args)
if args_len == 1:
t = args[0].strip('{').strip('}')
t = t.split(':')
tmp[t[0]] = t[1]
elif args_len > 1:
for i in range(len(args)):
t = args[i].split(':')
tmp[t[0]] = t[1]
return tmp
def checkArgs(data, ck=[]):
for i in range(len(ck)):
if not ck[i] in data:
return (False, mw.returnJson(False, '参数:(' + ck[i] + ')没有!'))
return (True, mw.returnJson(True, 'ok'))
def getConf():
return mw.getServerDir() + '/web_conf/nginx/vhost/phpldapadmin.conf'
def getConfInc():
return getServerDir() + "/" + getCfg()['path'] + '/config/config.php'
def getPort():
file = getConf()
content = mw.readFile(file)
rep = r'listen\s*(.*);'
tmp = re.search(rep, content)
return tmp.groups()[0].strip()
def getHomePage():
try:
port = getPort()
ip = '127.0.0.1'
if not mw.isAppleSystem():
ip = mw.getLocalIp()
cfg = getCfg()
auth = cfg['username']+':'+cfg['password']
rand_path = cfg['path']
url = 'http://' + auth + '@' + ip + ':' + port + '/' + rand_path + '/index.php'
return mw.returnJson(True, 'OK', url)
except Exception as e:
return mw.returnJson(False, '插件未启动!')
def getPhpVer(expect=74):
php_vers = MwSites.instance().getPhpVersion()
v = php_vers['data']
is_find = False
for i in range(len(v)):
t = str(v[i]['version'])
if (t == expect):
is_find = True
return str(t)
if not is_find:
if len(v) > 1:
return v[1]['version']
return v[0]['version']
return str(expect)
def getCachePhpVer():
cacheFile = getServerDir() + '/php.pl'
v = ''
if os.path.exists(cacheFile):
v = mw.readFile(cacheFile)
else:
v = getPhpVer()
mw.writeFile(cacheFile, v)
return v
def contentReplace(content):
service_path = mw.getServerDir()
php_ver = getCachePhpVer()
tmp = mw.execShell('cat /dev/urandom | head -n 32 | md5sum | head -c 16')
blowfish_secret = tmp[0].strip()
# print php_ver
php_conf_dir = mw.getServerDir() + '/web_conf/php/conf'
content = content.replace('{$ROOT_PATH}', mw.getFatherDir())
content = content.replace('{$SERVER_PATH}', service_path)
content = content.replace('{$PHP_CONF_PATH}', php_conf_dir)
content = content.replace('{$PHP_VER}', php_ver)
content = content.replace('{$BLOWFISH_SECRET}', blowfish_secret)
cfg = getCfg()
if cfg['choose'] == "mysql":
content = content.replace('{$CHOOSE_DB}', 'mysql')
content = content.replace('{$CHOOSE_DB_DIR}', 'mysql')
elif cfg['choose'] == "mysql-community":
content = content.replace('{$CHOOSE_DB}', 'mysql-community')
content = content.replace('{$CHOOSE_DB_DIR}', 'mysql-community')
elif cfg['choose'] == "mysql-apt":
content = content.replace('{$CHOOSE_DB}', 'mysql')
content = content.replace('{$CHOOSE_DB_DIR}', 'mysql-apt')
elif cfg['choose'] == "mysql-yum":
content = content.replace('{$CHOOSE_DB}', 'mysql')
content = content.replace('{$CHOOSE_DB_DIR}', 'mysql-yum')
else:
content = content.replace('{$CHOOSE_DB}', 'MariaDB')
content = content.replace('{$CHOOSE_DB_DIR}', 'mariadb')
content = content.replace('{$PMA_PATH}', cfg['path'])
port = cfg["port"]
rep = r'listen\s*(.*);'
content = re.sub(rep, "listen " + port + ';', content)
return content
def initCfg():
cfg = getServerDir() + "/cfg.json"
if not os.path.exists(cfg):
data = {}
data['port'] = '988'
data['choose'] = 'mysql'
data['path'] = ''
data['username'] = 'admin'
data['password'] = 'admin'
mw.writeFile(cfg, json.dumps(data))
def setCfg(key, val):
cfg = getServerDir() + "/cfg.json"
data = mw.readFile(cfg)
data = json.loads(data)
data[key] = val
mw.writeFile(cfg, json.dumps(data))
def getCfg():
cfg = getServerDir() + "/cfg.json"
data = mw.readFile(cfg)
data = json.loads(data)
return data
def returnCfg():
cfg = getServerDir() + "/cfg.json"
data = mw.readFile(cfg)
return data
def status():
conf = getConf()
conf_inc = getServerDir() + "/" + getCfg()["path"] + '/config/config.php'
# 两个文件都在,才算启动成功
if os.path.exists(conf) and os.path.exists(conf_inc):
return 'start'
return 'stop'
def __release_port(port):
from collections import namedtuple
try:
from utils.firewall import Firewall as MwFirewall
MwFirewall.instance().addAcceptPort(port, 'phpLDAPadmin默认端口', 'port')
return port
except Exception as e:
return "Release failed {}".format(e)
def __delete_port(port):
from collections import namedtuple
try:
from utils.firewall import Firewall as MwFirewall
MwFirewall.instance().delAcceptPortCmd(port, 'tcp')
return port
except Exception as e:
return "Release failed {}".format(e)
def openPort():
conf = getCfg()
port = conf['port']
for i in [port]:
__release_port(i)
return True
def delPort():
conf = getCfg()
port = conf['port']
for i in [port]:
__delete_port(i)
return True
def start():
initCfg()
openPort()
pma_dir = getServerDir() + "/phpldapadmin"
if os.path.exists(pma_dir):
rand_str = mw.getRandomString(6)
rand_str = rand_str.lower()
pma_dir_dst = pma_dir + "_" + rand_str
mw.execShell("mv " + pma_dir + " " + pma_dir_dst)
setCfg('path', 'phpldapadmin_' + rand_str)
file_tpl = getPluginDir() + '/conf/phpldapadmin.conf'
file_run = getConf()
if not os.path.exists(file_run):
centent = mw.readFile(file_tpl)
centent = contentReplace(centent)
mw.writeFile(file_run, centent)
pma_path = getServerDir() + '/pma.pass'
if not os.path.exists(pma_path):
username = mw.getRandomString(8)
password = mw.getRandomString(10)
pass_cmd = username + ':' + mw.hasPwd(password)
setCfg('username', username)
setCfg('password', password)
mw.writeFile(pma_path, pass_cmd)
tmp = getServerDir() + "/" + getCfg()["path"] + '/tmp'
if not os.path.exists(tmp):
os.mkdir(tmp)
mw.execShell("chown -R www:www " + tmp)
conf_run = getServerDir() + "/" + getCfg()["path"] + '/config/config.php'
if not os.path.exists(conf_run):
conf_tpl = getPluginDir() + '/conf/config.php'
centent = mw.readFile(conf_tpl)
centent = contentReplace(centent)
mw.writeFile(conf_run, centent)
log_a = accessLog()
log_e = errorLog()
for i in [log_a, log_e]:
if os.path.exists(i):
cmd = "echo '' > " + i
mw.execShell(cmd)
mw.restartWeb()
return 'ok'
def stop():
conf = getConf()
if os.path.exists(conf):
os.remove(conf)
delPort()
mw.restartWeb()
return 'ok'
def restart():
return start()
def reload():
file_tpl = getPluginDir() + '/conf/phpldapadmin.conf'
file_run = getConf()
if os.path.exists(file_run):
centent = mw.readFile(file_tpl)
centent = contentReplace(centent)
mw.writeFile(file_run, centent)
return start()
def setPhpVer():
args = getArgs()
if not 'phpver' in args:
return 'phpver missing'
cacheFile = getServerDir() + '/php.pl'
mw.writeFile(cacheFile, args['phpver'])
file_tpl = getPluginDir() + '/conf/phpldapadmin.conf'
file_run = getConf()
content = mw.readFile(file_tpl)
content = contentReplace(content)
mw.writeFile(file_run, content)
mw.restartWeb()
return 'ok'
def getSetPhpVer():
cacheFile = getServerDir() + '/php.pl'
if os.path.exists(cacheFile):
return mw.readFile(cacheFile).strip()
return ''
def getPmaOption():
data = getCfg()
return mw.returnJson(True, 'ok', data)
def getPmaPort():
try:
port = getPort()
return mw.returnJson(True, 'OK', port)
except Exception as e:
# print(e)
return mw.returnJson(False, '插件未启动!')
def setPmaPort():
args = getArgs()
data = checkArgs(args, ['port'])
if not data[0]:
return data[1]
port = args['port']
if port == '80':
return mw.returnJson(False, '80端不能使用!')
file = getConf()
if not os.path.exists(file):
return mw.returnJson(False, '插件未启动!')
content = mw.readFile(file)
rep = r'listen\s*(.*);'
content = re.sub(rep, "listen " + port + ';', content)
mw.writeFile(file, content)
setCfg("port", port)
mw.restartWeb()
return mw.returnJson(True, '修改成功!')
def setPmaUsername():
args = getArgs()
data = checkArgs(args, ['username'])
if not data[0]:
return data[1]
username = args['username']
setCfg('username', username)
cfg = getCfg()
pma_path = getServerDir() + '/pma.pass'
username = mw.getRandomString(10)
pass_cmd = cfg['username'] + ':' + mw.hasPwd(cfg['password'])
mw.writeFile(pma_path, pass_cmd)
mw.restartWeb()
return mw.returnJson(True, '修改成功!')
def setPmaPassword():
args = getArgs()
data = checkArgs(args, ['password'])
if not data[0]:
return data[1]
password = args['password']
setCfg('password', password)
cfg = getCfg()
pma_path = getServerDir() + '/pma.pass'
username = mw.getRandomString(10)
pass_cmd = cfg['username'] + ':' + mw.hasPwd(cfg['password'])
mw.writeFile(pma_path, pass_cmd)
mw.restartWeb()
return mw.returnJson(True, '修改成功!')
def setPmaPath():
args = getArgs()
data = checkArgs(args, ['path'])
if not data[0]:
return data[1]
path = args['path']
if len(path) < 5:
return mw.returnJson(False, '不能小于5位!')
old_path = getServerDir() + "/" + getCfg()['path']
new_path = getServerDir() + "/" + path
mw.execShell("mv " + old_path + " " + new_path)
setCfg('path', path)
return mw.returnJson(True, '修改成功!')
def accessLog():
return getServerDir() + '/access.log'
def errorLog():
return getServerDir() + '/error.log'
def installVersion():
return mw.readFile(getServerDir() + '/version.pl')
def pluginsDbSupport():
data = {}
data['installed'] = 'no'
install_path = getServerDir()
if not os.path.exists(install_path):
return mw.returnJson(True, 'ok', data)
data['installed'] = 'ok'
data['status'] = status()
if (data['status'] == 'stop'):
return mw.returnJson(True, 'ok', data)
data['cfg'] = getCfg()
port = getPort()
ip = '127.0.0.1'
if not mw.isAppleSystem():
ip = thisdb.getOption('server_ip')
cfg = data['cfg']
auth = cfg['username']+':'+cfg['password']
rand_path = cfg['path']
home_page = 'http://' + auth + '@' + ip + ':' + port + '/' + rand_path + '/index.php'
data['home_page'] = home_page
data['version'] = installVersion().strip()
return mw.returnJson(True, 'ok', data)
if __name__ == "__main__":
func = sys.argv[1]
if func == 'status':
print(status())
elif func == 'start':
print(start())
elif func == 'stop':
print(stop())
elif func == 'restart':
print(restart())
elif func == 'reload':
print(reload())
elif func == 'conf':
print(getConf())
elif func == 'version':
print(installVersion())
elif func == 'get_cfg':
print(returnCfg())
elif func == 'config_inc':
print(getConfInc())
elif func == 'get_home_page':
print(getHomePage())
elif func == 'set_php_ver':
print(setPhpVer())
elif func == 'get_set_php_ver':
print(getSetPhpVer())
elif func == 'get_pma_port':
print(getPmaPort())
elif func == 'set_pma_port':
print(setPmaPort())
elif func == 'get_pma_option':
print(getPmaOption())
elif func == 'set_pma_username':
print(setPmaUsername())
elif func == 'set_pma_password':
print(setPmaPassword())
elif func == 'set_pma_path':
print(setPmaPath())
elif func == 'access_log':
print(accessLog())
elif func == 'error_log':
print(errorLog())
elif func == 'plugins_db_support':
print(pluginsDbSupport())
else:
print('error')

15
plugins/phpldapadmin/info.json
Unescape View File

@ -0,0 +1,15 @@
{
"title":"phpLDAPadmin",
"tip":"soft",
"name":"phpldapadmin",
"type":"运行环境",
"ps":"LDAP管理工具",
"versions":["1.2.6.7"],
"shell":"install.sh",
"checks":"server/phpldapadmin",
"path": "server/phpldapadmin",
"author":"leenooks",
"home":"https://github.com/leenooks/phpLDAPadmin",
"date":"2025-1-28",
"pid": "2"
}

90
plugins/phpldapadmin/install.sh
Unescape View File

@ -0,0 +1,90 @@
#!/bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin:/opt/homebrew/bin
export PATH
curPath=`pwd`
rootPath=$(dirname "$curPath")
rootPath=$(dirname "$rootPath")
serverPath=$(dirname "$rootPath")
# cd /www/server/mdserver-web/plugins/phpldapadmin && bash install.sh install 1.2.6.7
# cd /www/server/mdserver-web && python3 plugins/phpldapadmin/index.py start
if [ -f ${rootPath}/bin/activate ];then
source ${rootPath}/bin/activate
fi
if [ "$sys_os" == "Darwin" ];then
BAK='_bak'
else
BAK=''
fi
sysName=`uname`
echo "use system: ${sysName}"
if [ "${sysName}" == "Darwin" ]; then
OSNAME='macos'
elif grep -Eqi "CentOS" /etc/issue || grep -Eq "CentOS" /etc/*-release; then
OSNAME='centos'
elif grep -Eqi "Fedora" /etc/issue || grep -Eq "Fedora" /etc/*-release; then
OSNAME='fedora'
elif grep -Eqi "Debian" /etc/issue || grep -Eq "Debian" /etc/*-release; then
OSNAME='debian'
elif grep -Eqi "Ubuntu" /etc/issue || grep -Eq "Ubuntu" /etc/*-release; then
OSNAME='ubuntu'
elif grep -Eqi "Raspbian" /etc/issue || grep -Eq "Raspbian" /etc/*-release; then
OSNAME='raspbian'
else
OSNAME='unknow'
fi
Install_App()
{
if [ -d $serverPath/phpldapadmin ];then
exit 0
fi
mkdir -p ${serverPath}/phpldapadmin
mkdir -p ${serverPath}/source/phpldapadmin
echo "${1}" > ${serverPath}/phpldapadmin/version.pl
VER=$1
# https://github.com/leenooks/phpLDAPadmin/archive/refs/tags/1.2.6.7.tar.gz
FDIR=phpLDAPadmin-${VER}
FILE=${VER}.tar.gz
DOWNLOAD=https://github.com/leenooks/phpLDAPadmin/archive/refs/tags/${FILE}
if [ ! -f $serverPath/source/phpmyadmin/$FILE ];then
wget --no-check-certificate -O $serverPath/source/phpldapadmin/$FILE $DOWNLOAD
fi
if [ ! -d $serverPath/source/phpldapadmin/$FDIR ];then
cd $serverPath/source/phpldapadmin && tar zxvf $FILE
fi
cp -r $serverPath/source/phpldapadmin/$FDIR $serverPath/phpldapadmin/
cd $serverPath/phpldapadmin/ && mv $FDIR phpldapadmin
# rm -rf $serverPath/source/phpldapadmin/$FDIR
cd ${rootPath} && python3 ${rootPath}/plugins/phpldapadmin/index.py start
echo '安装完成'
}
Uninstall_App()
{
cd ${rootPath} && python3 ${rootPath}/plugins/phpldapadmin/index.py stop
rm -rf ${serverPath}/phpldapadmin
echo '卸载完成'
}
action=$1
if [ "${1}" == 'install' ];then
Install_App $2
else
Uninstall_App $2
fi

164
plugins/phpldapadmin/js/phpldapadmin.js
Unescape View File

@ -0,0 +1,164 @@
function str2Obj(str){
var data = {};
kv = str.split('&');
for(i in kv){
v = kv[i].split('=');
data[v[0]] = v[1];
}
return data;
}
function pmaPost(method,args,callback){
var _args = null;
if (typeof(args) == 'string'){
_args = JSON.stringify(str2Obj(args));
} else {
_args = JSON.stringify(args);
}
var loadT = layer.msg('正在获取...', { icon: 16, time: 0, shade: 0.3 });
$.post('/plugins/run', {name:'phpldapadmin', func:method, args:_args}, function(data) {
layer.close(loadT);
if (!data.status){
layer.msg(data.msg,{icon:0,time:2000,shade: [0.3, '#000']});
return;
}
if(typeof(callback) == 'function'){
callback(data);
}
},'json');
}
function pmaAsyncPost(method,args){
var _args = null;
if (typeof(args) == 'string'){
_args = JSON.stringify(str2Obj(args));
} else {
_args = JSON.stringify(args);
}
return syncPost('/plugins/run', {name:'phpldapadmin', func:method, args:_args});
}
function homePage(){
pmaPost('get_home_page', '', function(data){
var rdata = $.parseJSON(data.data);
if (!rdata.status){
layer.msg(rdata.msg,{icon:0,time:2000,shade: [0.3, '#000']});
return;
}
var con = '<button class="btn btn-default btn-sm" onclick="window.open(\'' + rdata.data + '\')">主页</button>';
$(".soft-man-con").html(con);
});
}
//phpmyadmin切换php版本
function phpVer(version) {
var _version = pmaAsyncPost('get_set_php_ver','')
if (_version['data'] != ''){
version = _version['data'];
}
$.post('/site/get_php_version', function(data) {
var rdata = data['data'];
// console.log(rdata);
var body = "<div class='ver line'><span class='tname'>PHP版本</span><select id='phpver' class='bt-input-text mr20' name='phpVersion' style='width:110px'>";
var optionSelect = '';
for (var i = 0; i < rdata.length; i++) {
optionSelect = rdata[i].version == version ? 'selected' : '';
body += "<option value='" + rdata[i].version + "' " + optionSelect + ">" + rdata[i].name + "</option>"
}
body += '</select><button class="btn btn-success btn-sm" onclick="phpVerChange(\'phpversion\',\'get\')">保存</button></div>';
$(".soft-man-con").html(body);
},'json');
}
function phpVerChange(type, msg) {
var phpver = $("#phpver").val();
pmaPost('set_php_ver', 'phpver='+phpver, function(data){
if ( data.data == 'ok' ){
layer.msg('设置成功!',{icon:1,time:2000,shade: [0.3, '#000']});
} else {
layer.msg('设置失败!',{icon:2,time:2000,shade: [0.3, '#000']});
}
});
}
//phpmyadmin安全设置
function safeConf() {
pmaPost('get_pma_option', {}, function(rdata){
var rdata = $.parseJSON(rdata.data);
if (!rdata.status){
layer.msg(rdata.msg,{icon:2,time:2000,shade: [0.3, '#000']});
return;
}
var cfg = rdata.data;
var con = '<div class="ver line">\
<span class="tname">访问端口</span>\
<input style="width:110px" class="bt-input-text phpmyadmindk mr20" name="Name" id="pmport" value="' + cfg['port'] + '" placeholder="phpmyadmin访问端口" maxlength="5" type="number">\
<button class="btn btn-success btn-sm" onclick="setPamPort()">保存</button>\
</div>\
<div class="ver line">\
<span class="tname">用户名</span>\
<input style="width:110px" class="bt-input-text mr20" name="username" id="pmport" value="' + cfg['username'] + '" placeholder="认证用户名" type="text">\
<button class="btn btn-success btn-sm" onclick="setPmaUsername()">保存</button>\
</div>\
<div class="ver line">\
<span class="tname">密码</span>\
<input style="width:110px" class="bt-input-text mr20" name="password" id="pmport" value="' + cfg['password'] + '" placeholder="密码" type="text">\
<button class="btn btn-success btn-sm" onclick="setPmaPassword()">保存</button>\
</div>\
<hr/>\
<div class="ver line">\
<span class="tname">路径名</span>\
<input style="width:180px" class="bt-input-text mr20" name="path" id="pmport" value="' + cfg['path'] + '" placeholder="" type="text">\
<button class="btn btn-success btn-sm" onclick="setPmaPath()">保存</button>\
</div>';
$(".soft-man-con").html(con);
});
}
function setPmaUsername(){
var username = $("input[name=username]").val();
pmaPost('set_pma_username',{'username':username}, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
});
}
function setPmaPassword(){
var password = $("input[name=password]").val();
pmaPost('set_pma_password',{'password':password}, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
});
}
function setPmaPath(){
var path = $("input[name=path]").val();
pmaPost('set_pma_path',{'path':path}, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
});
}
//修改phpmyadmin端口
function setPamPort() {
var pmport = $("#pmport").val();
if (pmport < 80 || pmport > 65535) {
layer.msg('端口范围不合法!', { icon: 2 });
return;
}
var data = 'port=' + pmport;
pmaPost('set_pma_port',data, function(data){
var rdata = $.parseJSON(data.data);
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
});
}

9
plugins/phpmyadmin/install.sh
Unescape View File

@ -44,7 +44,6 @@ Install_phpmyadmin()
exit 0
fi
mkdir -p ${serverPath}/phpmyadmin
mkdir -p ${serverPath}/source/phpmyadmin
echo "${1}" > ${serverPath}/phpmyadmin/version.pl
@ -62,15 +61,15 @@ Install_phpmyadmin()
if [ ! -d $serverPath/source/phpmyadmin/$FDIR ];then
cd $serverPath/source/phpmyadmin && tar zxvf $FILE
fi
mkdir -p ${serverPath}/phpmyadmin
cp -r $serverPath/source/phpmyadmin/$FDIR $serverPath/phpmyadmin/
cd $serverPath/phpmyadmin/ && mv $FDIR phpmyadmin
rm -rf $serverPath/source/phpmyadmin/$FDIR
echo '安装完成'
cd ${rootPath} && python3 ${rootPath}/plugins/phpmyadmin/index.py start
echo '安装完成'
}
Uninstall_phpmyadmin()

3
plugins/redis/info.json
Unescape View File

@ -4,8 +4,7 @@
"name": "redis",
"title": "Redis",
"shell": "install.sh",
"versions":["4.0.14","5.0.14","6.0.20","6.2.16","7.0.15","7.2.6", "7.4.1"],
"updates":["4.0.14","5.0.14","6.0.20","6.2.16","7.0.15","7.2.6", "7.4.1"],
"versions":["4.0.14","5.0.14","6.0.20","6.2.16","7.0.15","7.2.7", "7.4.2"],
"tip": "soft",
"checks": "server/redis",
"path": "server/redis",

1
plugins/tamper_proof_py/init.d/tamper_proof_py.service.tpl
Unescape View File

@ -7,7 +7,6 @@ Type=forking
ExecStart={$SERVER_PATH}/init.d/tamper_proof_py start
ExecStop={$SERVER_PATH}/init.d/tamper_proof_py stop
ExecReload={$SERVER_PATH}/init.d/tamper_proof_py reload
ExecRestart={$SERVER_PATH}/init.d/tamper_proof_py restart
KillMode=process
Restart=on-failure

9
plugins/tamper_proof_py/install.sh
Unescape View File

@ -7,12 +7,19 @@ rootPath=$(dirname "$curPath")
rootPath=$(dirname "$rootPath")
serverPath=$(dirname "$rootPath")
pip install pyinotify
# pip install pyinotify
if [ -f ${rootPath}/bin/activate ];then
source ${rootPath}/bin/activate
fi
pip install pyinotify
# cd /www/server/mdserver-web/plugins/tamper_proof_py && bash install.sh install 1.0
# cd /www/server/mdserver-web && python3 plugins/tamper_proof_py/index.py start 1.0
# cd /www/server/mdserver-web && python3 plugins/tamper_proof_py/index.py service_admin {"serviceStatus":"start"}
# systemctl start tamper_proof_py
# systemctl status tamper_proof_py
SYSOS=`uname`
VERSION=$2
APP_NAME=tamper_proof_py

28
plugins/tamper_proof_py/tamper_proof_service.py
Unescape View File

@ -1,3 +1,4 @@
# coding=utf-8
# +--------------------------------------------------------------------
# | 事件型防篡改
@ -426,7 +427,7 @@ class MyEventHandler(pyinotify.ProcessEvent):
sites = self.get_sites()
print("")
print("=" * 60)
print("{}】正在关闭防篡改,请稍候...".format(mw.formatDate()))
print("{}Disabling anti tampering, please wait...".format(mw.formatDate()))
print("-" * 60)
for siteInfo in sites:
tip = self._PLUGIN_PATH + '/tips/' + siteInfo['siteName'] + '.pl'
@ -436,17 +437,16 @@ class MyEventHandler(pyinotify.ProcessEvent):
continue
if sys.version_info[0] == 2:
print(
"{}】|-解锁网站[{}]".format(mw.formatDate(), siteInfo['siteName'])),
"{}】|-Unlock website[{}]".format(mw.formatDate(), siteInfo['siteName'])),
else:
os.system(
"echo -e '{}】|-解锁网站[{}]\c'".format(mw.formatDate(), siteInfo['siteName']))
os.system("echo -e '{}|-Unlock website[{}]\c'".format(mw.formatDate(), siteInfo['siteName']))
#print("【{}】|-解锁网站[{}]".format(mw.format_date(),siteInfo['siteName']),end=" ")
self.unlock(siteInfo['path'])
if os.path.exists(tip):
os.remove(tip)
print("\t=> 完成")
print("\t=> complete")
print("-" * 60)
print('|-防篡改已关闭')
print('|-Anti tampering has been turned off')
print("=" * 60)
print(">>>>>>>>>>END<<<<<<<<<<")
@ -493,7 +493,7 @@ def run():
# 处理网站属性
sites = event.get_sites()
print("=" * 60)
print("{}】正在启动防篡改,请稍候...".format(mw.formatDate()))
print("{} Starting anti tampering, please wait...".format(mw.formatDate()))
print("-" * 60)
tip_path = event._PLUGIN_PATH + '/tips/'
if not os.path.exists(tip_path):
@ -505,13 +505,11 @@ def run():
if not siteInfo['open']:
continue
if sys.version_info[0] == 2:
print("{}】|-网站[{}]".format(mw.formatDate(),
siteInfo['siteName'])),
print("{}|-website[{}]".format(mw.formatDate(),siteInfo['siteName'])),
else:
os.system(
"echo -e '{}】|-网站[{}]\c'".format(mw.formatDate(), siteInfo['siteName']))
os.system("echo -e '{}|-website[{}]\c'".format(mw.formatDate(), siteInfo['siteName']))
# print("【{}】|-网站[{}]".format(public.format_date(),siteInfo['siteName']),end=" ")
mw.writeFile(speed_file, "正在处理网站[{}],请稍候...".format(
mw.writeFile(speed_file, "Processing website[{}]please wait a moment...".format(
siteInfo['siteName']))
if not os.path.exists(tip):
event.list_DIR(siteInfo['path'], siteInfo)
@ -522,14 +520,14 @@ def run():
print(mw.getTracebackInfo())
tout = round(time.time() - s, 2)
mw.writeFile(tip, '1')
print("\t\t=> 完成,耗时 {}".format(tout))
print("\t\t=> Completed, time-consuming {}s".format(tout))
# 启动服务
endtime = round(time.time() - starttime, 2)
mw.writeLog('防篡改程序', "网站防篡改服务已成功启动,耗时[%s]秒" % endtime)
mw.writeLog('防篡改程序', "The website anti tampering service has been successfully started,[%s]s" % endtime)
notifier = pyinotify.Notifier(watchManager, event)
print("-" * 60)
print('|-防篡改服务已启动')
print('|-Anti tampering service has been started')
print("=" * 60)
end_tips = ">>>>>>>>>>END<<<<<<<<<<"
print(end_tips)

1
scripts/install/debian.sh
Unescape View File

@ -88,6 +88,7 @@ apt install -y libmecab2
apt install -y dnsutils
apt install -y apache2-utils
apt install -y numactl
P_VER=`python3 -V | awk '{print $2}'`
if version_ge "$P_VER" "3.11.0" ;then

1
scripts/install/ubuntu.sh
Unescape View File

@ -47,6 +47,7 @@ apt install -y numactl
apt install -y libaio1t64
apt install -y dnsutils
apt install -y numactl
# https://www.php.net/manual/zh/mysql-xdevapi.installation.php
apt install -y libprotobuf-dev

Write Preview
Loading…
Cancel
Save