search

hestiacp / hestiacp

Hestia Control Panel | A lightweight and powerful control panel for the modern web.
https://hestiacp.com
GNU General Public License v3.0
3.31k stars 674 forks source link

[Bug] Adding/Editing IP will cause 500 internal server error #4312

Open tenent007963 opened 6 months ago

tenent007963 commented 6 months ago

Describe the bug

Editing or adding new IP in Network section will cause a temporary 500 internal server error, no changes are saved during the error. Investigating the log and network requests indicates a "v_owner" variable is missing from the POST request, and exceptions not handled properly.

Tell us how to replicate the bug

  1. Click "Server Settings"
  2. Click "Configure"
  3. Click "Network"
  4. Add IP Address/Edit IP Address
  5. make changes and click "Save"

Which components are affected by this bug?

Firewall (Iptables, Fail2ban)

Hestia Control Panel Version

1.8.11

Operating system

Ubuntu 20.04

Log capture

[error] 1109#0: *199 FastCGI sent in stderr: "PHP message: PHP Warning:  Undefined array key "v_owner" in /usr/local/hestia/web/add/ip/index.php on line 51; PHP message: PHP Fatal error:  Uncaught TypeError: Hestiacp\quoteshellarg\quoteshellarg(): Argument #1 ($arg) must be of type string, null given, called in /usr/local/hestia/web/add/ip/index.php on line 51 and defined in /usr/local/hestia/web/inc/vendor/hestiacp/phpquoteshellarg/src/Hestiacp/quoteshellarg/quoteshellarg.php:14
tenent007963 commented 6 months ago

Temporary fix: Using inspect element, find v_owner select tag and add this line in it: <option name="admin">admin</option>

jaapmarcus commented 6 months ago

Known issue it has been fixed allready in the codebase

tenent007963 commented 6 months ago

Are you by any chance referring to this code block?

<div x-cloak x-show="!showUserTable" id="usrtable">
    <div class="u-mb10">
        <label for="v_owner" class="form-label"><?= _("Assigned User") ?></label>
        <select class="form-select" name="v_owner" id="v_owner">
            <?php
                foreach ($users as $key => $value) {
                    echo "\t\t\t\t<option value=\"".htmlentities($value)."\"";
                    if ((!empty($v_owner)) && ( $value == $v_owner )) echo ' selected';
                    echo ">".htmlentities($value)."</option>\n";
                }
            ?>
        </select>
    </div>
</div>

If yes, then I'm afraid this is the exact code that is causing the control panel to not give any available options to select. I've check the last updated version of add_ip.php together with the latest release version, apparently it doesn't work as intended.

arielesp commented 3 months ago

hello Will this fix be released? thanks

arielesp commented 3 months ago

I found the problem .. its about user hestiamail in /etc/passwd with user email@ .. Its generating a extra count for loop Just remove the mail from user hestiamail in /etc/passwd thats everything works again.

Halibuben commented 1 month ago

I found the problem .. its about user hestiamail in /etc/passwd with user email@ .. Its generating a extra count for loop Just remove the mail from user hestiamail in /etc/passwd thats everything works again.

it works! If someone did not understand, here is the line from /etc/passwd hestiamail:x:1000:1000:myemail@bubka.com:/home/hestiamail:/bin/sh remove myemail@bubka.com