diff --git a/README.md b/README.md
index a8d65a6..fa2feab 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-### root@cpanelsrv [~]# *Engintron v1.15.0 (Build 20210504) updated on May 4th, 2021*
+### root@cpanelsrv [~]# *Engintron v1.16.0 (Build 20210908) updated on September 8th, 2021*
**Have a look at the [CHANGELOG](https://engintron.com/docs/#/pages/Changelog) for more information on this latest release**
diff --git a/app/engintron.conf b/app/engintron.conf
index 6cd8d52..d5a8b8a 100644
--- a/app/engintron.conf
+++ b/app/engintron.conf
@@ -1,5 +1,5 @@
# /**
-# * @version 1.15.0
+# * @version 1.16.0
# * @package Engintron for cPanel/WHM
# * @author Fotis Evangelou (https://kodeka.io)
# * @url https://engintron.com
diff --git a/app/engintron.php b/app/engintron.php
index b57a90e..8ce0c94 100644
--- a/app/engintron.php
+++ b/app/engintron.php
@@ -1,6 +1,6 @@
&1'))));
define('CENTOS_RELEASE', trim(shell_exec('rpm -q --qf "%{VERSION}" $(rpm -q --whatprovides redhat-release)')));
define('CPANEL_RELEASE', trim(shell_exec('/usr/local/cpanel/cpanel -V')));
@@ -77,11 +77,6 @@ function checkacl()
}
// Get params
-$op = $_GET['op'];
-$f = $_GET['f'];
-$s = $_GET['s'];
-$state = $_GET['state'];
-
$allowed_files = array(
'/etc/crontab',
'/etc/my.cnf',
@@ -96,6 +91,19 @@ function checkacl()
'/etc/nginx/proxy_params_static'
);
+$allowed_services = array(
+ 'apache',
+ 'cron',
+ 'mysql',
+ 'nginx',
+);
+
+$op = $_GET['op'];
+$f = $_GET['f'];
+$s = (isset($_GET['s']) && in_array($_GET['s'], $allowed_services)) ? $_GET['s'] : '';
+$ps = (isset($_POST['s']) && in_array($_POST['s'], $allowed_services)) ? $_POST['s'] : '';
+$state = $_GET['state'];
+
// Operations
switch ($op) {
case "view":
@@ -112,19 +120,21 @@ function checkacl()
$message = ''.$f.' has been updated';
if (isset($_POST['c'])) {
$message .= '
';
- switch ($_POST['s']) {
- case "nginx":
- $message .= nl2br(shell_exec("service nginx reload"));
- break;
- case "apache":
- $message .= nl2br(shell_exec("/scripts/restartsrv_httpd"));
- break;
- case "mysql":
- $message .= nl2br(shell_exec("rm -rvf /var/lib/mysql/ib_logfile*; touch /var/lib/mysql/mysql.sock; touch /var/lib/mysql/mysql.pid; chown -R mysql:mysql /var/lib/mysql; /scripts/restartsrv_mysql"));
- break;
- case "cron":
- $message .= nl2br(shell_exec("service crond restart"));
- break;
+ if ($ps) {
+ switch ($ps) {
+ case "nginx":
+ $message .= nl2br(shell_exec("service nginx reload"));
+ break;
+ case "apache":
+ $message .= nl2br(shell_exec("/scripts/restartsrv_httpd"));
+ break;
+ case "mysql":
+ $message .= nl2br(shell_exec("rm -rvf /var/lib/mysql/ib_logfile*; touch /var/lib/mysql/mysql.sock; touch /var/lib/mysql/mysql.pid; chown -R mysql:mysql /var/lib/mysql; /scripts/restartsrv_mysql"));
+ break;
+ case "cron":
+ $message .= nl2br(shell_exec("service crond restart"));
+ break;
+ }
}
}
}
@@ -167,7 +177,7 @@ function checkacl()
if (empty($_POST['access_entries'])) {
$entries = 100;
} else {
- $entries = $_POST['access_entries'];
+ $entries = (int) $_POST['access_entries'];
}
$ret = "Showing last {$entries} entries from /var/log/nginx/error.log
";
$ret .= strip_tags(shell_exec("tail -{$entries} /var/log/nginx/error.log"));
@@ -177,7 +187,7 @@ function checkacl()
if (empty($_POST['error_entries'])) {
$entries = 100;
} else {
- $entries = $_POST['error_entries'];
+ $entries = (int) $_POST['error_entries'];
}
$ret = "Showing last {$entries} entries from /var/log/nginx/access.log
";
$ret .= strip_tags(shell_exec("tail -{$entries} /var/log/nginx/access.log"));
@@ -600,21 +610,21 @@ function checkacl()
integrates the popular Nginx® web server as a "reverse caching proxy" in front of Apache in cPanel®.
+integrates the popular Nginx® web server as a "reverse caching proxy" in front of Apache in cPanel®.
Nginx will cache & serve static assets like CSS, JavaScript, images etc. as well as dynamic HTML with a 1 second micro-cache. This process will reduce CPU & RAM usage on your server, while increasing your overall serving capacity. The result is a faster performing cPanel server.
-Engintron is both free & open source.
Report issues/bugs or help us improve it.
Star Tweet #engintron Rate on cPApps +
Engintron is both free & open source.
Report issues/bugs or help us improve it.
Star Tweet #engintron Rate on cPApps
-Looking for commercial support? Get in touch with us.
+Looking for commercial support? Get in touch with us.