shukivaknin/gniza4cp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
122 Commits 1 Branch 0 Tags
6ecba2ae4360f66bc99ce4eec7cf38eeb2db8180
Commit Graph

7 Commits

Author SHA1 Message Date
shuki
4408917aec Redesign cPanel restore plugin to match WHM workflow 
Replace the 8-card category grid with a unified restore workflow:
- index.live.cgi: now serves as Step 1 (remote + snapshot selection)
- restore.live.cgi: Step 2 (Full Account/Selective mode toggle with
  type checkboxes, exclude paths, file browser), Step 3 (multi-type
  confirmation), Step 4 (multi-type execution via AdminBin)

Also update cPanel plugin icon from gniza.svg source.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-05 03:13:53 +02:00
shuki
0aa5e26a02 Fix cPanel icon: use 48x48 PNG for sprite compatibility 
The SVG had negative coordinates that rendered off-screen in cPanel's
sprite sheet. Export to clean 48x48 PNG (2.8KB) instead.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-05 01:48:14 +02:00
shuki
70ef4d3bcd Use gniza SVG icon for cPanel plugin 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-05 01:40:22 +02:00
shuki
c1555da3c7 Use gniza backup PNG icon for cPanel plugin 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-05 00:52:59 +02:00
shuki
5bb85c35ef Fix cPanel icon: replace headphones with backup/restore icon 
Server box with data rows (navy) and circular restore arrow (copper)
matching gniza brand colors.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-05 00:42:42 +02:00
shuki
f297d40a85 Add lightweight cPanel icon and update plugin registration 
Replace 378KB VTracer-traced logo with a clean 1KB 48x48 SVG icon
for cPanel's icon system. Update install.json, install.sh, and
uninstall.sh to reference the new icon. Also update README with
skip-suspended flag and schedule config fields.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-05 00:40:57 +02:00
shuki
1f68ea1058 Security hardening, static analysis fixes, and expanded test coverage 
- Fix CRITICAL: safe config parser replacing shell source, sshpass -e,
  CSRF with /dev/urandom, symlink-safe file I/O
- Fix HIGH: input validation for timestamps/accounts, path traversal
  prevention in Runner.pm, AJAX CSRF on all endpoints
- Fix MEDIUM: umask 077, chmod 700 on config dirs, Config.pm TOCTOU lock,
  rsync exit code capture bug, RSYNC_EXTRA_OPTS character validation
- ShellCheck: fix word-splitting in notify.sh, safe rm in pkgacct.sh,
  suppress cross-file SC2034 false positives
- Perl::Critic: return undef→bare return, return (sort), unpack @_,
  explicit return on void subs, rename Config::write→save
- Remove dead code: enforce_retention_all(), rsync_dry_run()
- Add require_cmd checks for rsync/ssh/hostname/gzip at startup
- Escape $hint/$tip in CGI helper functions for defense-in-depth
- Expand tests from 17→40: validate_timestamp, validate_account_name,
  _safe_source_config (including malicious input), numeric validation

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-04 23:57:26 +02:00