Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2025-11-18 03:01:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

Enhance text readability and error handling: Add readability fixes CSS for improved contrast across UI elements. Update text colors in various components for better visibility. Enhance FTP error handling with user-friendly messages and improved path validation in both frontend and backend. Update HTML templates to provide clearer instructions and examples for FTP path input.

Browse Source
This commit is contained in:
Master3395
2025-09-21 22:26:18 +02:00
parent f5d4c46c37
commit 3432432f91
9 changed files with 734 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
plogical/ftpUtilities.py
View File

@@ -89,11 +89,35 @@ class FTPUtilities:
@staticmethod
def ftpFunctions(path,externalApp):
try:
command = 'mkdir %s' % (path)
ProcessUtilities.executioner(command, externalApp)
return 1,'None'
# Enhanced path validation and creation
import os
# Check if path already exists
if os.path.exists(path):
# Path exists, ensure it's a directory
if not os.path.isdir(path):
return 0, "Specified path exists but is not a directory"
# Set proper permissions
command = 'chown -R %s:%s %s' % (externalApp, externalApp, path)
ProcessUtilities.executioner(command, externalApp)
return 1, 'None'
else:
# Create the directory with proper permissions
command = 'mkdir -p %s' % (path)
result = ProcessUtilities.executioner(command, externalApp)
if result == 0:
# Set proper ownership
command = 'chown -R %s:%s %s' % (externalApp, externalApp, path)
ProcessUtilities.executioner(command, externalApp)
# Set proper permissions (755)
command = 'chmod 755 %s' % (path)
ProcessUtilities.executioner(command, externalApp)
return 1, 'None'
else:
return 0, "Failed to create directory: %s" % path
except BaseException as msg:
logging.CyberCPLogFileWriter.writeToFile(
@@ -118,30 +142,43 @@ class FTPUtilities:
## gid , uid ends
path = path.lstrip("/")
# Enhanced path validation and handling
if path and path.strip() and path != 'None':
# Clean the path
path = path.strip().lstrip("/")
# Additional security checks
if path.find("..") > -1 or path.find("~") > -1 or path.startswith("/"):
raise BaseException("Invalid path: Path must be relative and not contain '..' or '~' or start with '/'")
# Check for dangerous characters
dangerous_chars = [';', '|', '&', '$', '`', '\'', '"', '<', '>', '*', '?']
if any(char in path for char in dangerous_chars):
raise BaseException("Invalid path: Path contains dangerous characters")
# Construct full path
full_path = "/home/" + domainName + "/" + path
# Additional security: ensure path is within domain directory
domain_home = "/home/" + domainName
if not os.path.abspath(full_path).startswith(os.path.abspath(domain_home)):
raise BaseException("Security violation: Path must be within domain directory")
if path != 'None':
path = "/home/" + domainName + "/" + path
## Security Check
if path.find("..") > -1:
raise BaseException("Specified path must be inside virtual host home!")
result = FTPUtilities.ftpFunctions(path, externalApp)
result = FTPUtilities.ftpFunctions(full_path, externalApp)
if result[0] == 1:
pass
path = full_path
else:
raise BaseException(result[1])
raise BaseException("Path validation failed: " + result[1])
else:
path = "/home/" + domainName
# Enhanced symlink handling
if os.path.islink(path):
print("0, %s file is symlinked." % (path))
return 0
logging.CyberCPLogFileWriter.writeToFile(
"FTP path is symlinked: %s" % path)
raise BaseException("Cannot create FTP account: Path is a symbolic link")
ProcessUtilities.decideDistro()