Mirrors
/
postfixadmin
mirror of https://github.com/postfixadmin/postfixadmin.git
3
0
Fork 0
Code Releases Activity
PostfixAdmin - web based virtual user administration interface for Postfix mail servers https://postfixadmin.github.io/postfixadmin/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2634 Commits
11 Branches
66 Tags
24 MiB
Tree: postfixadm
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'postfixadm'
${ noResults }
postfixadmin/edit-alias.php

138 lines
3.6 KiB
Raw Permalink Normal View History

Initial Import in SourceForge git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
update license headers git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@107 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
rename templates to .php instead of .tpl git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@250 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
update license headers git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@107 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
- merged edit-alias.php and admin/edit-alias.php - merged identical parts of GET and POST code git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@41 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
final set of refactoring patches (and the rest) git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@71 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
- merged edit-alias.php and admin/edit-alias.php - merged identical parts of GET and POST code git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@41 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
final set of refactoring patches (and the rest) git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@71 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
Initial Import in SourceForge git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
final set of refactoring patches (and the rest) git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@71 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
Initial Import in SourceForge git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
final set of refactoring patches (and the rest) git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@71 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
Initial Import in SourceForge git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
- merged edit-alias.php and admin/edit-alias.php - merged identical parts of GET and POST code git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@41 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
Initial Import in SourceForge git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
edit-alias.php: - correctly recognize empty input (first cleanup whitespace, then check). Before this fix, aliases with empty goto could be created by entering some spaces or newlines. https://sourceforge.net/tracker/index.php?func=detail&aid=1839061&group_id=191583&atid=937964 git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@248 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
Initial Import in SourceForge git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
edit-alias.php: - correctly recognize empty input (first cleanup whitespace, then check). Before this fix, aliases with empty goto could be created by entering some spaces or newlines. https://sourceforge.net/tracker/index.php?func=detail&aid=1839061&group_id=191583&atid=937964 git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@248 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
Initial Import in SourceForge git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
db_log patch from amsys - make db logging translatable git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@90 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
- merged edit-alias.php and admin/edit-alias.php - merged identical parts of GET and POST code git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@41 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
merged overview.php into list-domain.php and list-virtual.php list-domain.php: - added several admin/superadmin switches and permission checks - merged GET and POST code - Note: still different templates for superadmins (admin_list-domain.tpl) and admins (overview-get.tpl) because of large layout difference list-virtual.php: - added several admin/superadmin switches and permission checks - added check for admins without any domains (redirects to domain list, which can handle this situation) - migrated FIXME from overview.php -> David, please review the query and remove the FIXME afterwards overview.php: - DELETED - no longer needed overview.tpl: - RENAMED overview.tpl to list-virtual.tpl - removed admin/superadmin filename switch - removed $incpath switch for images menu.tpl: - menu for domain admins now has "domain list" and "virtual list" instead of "overview" delete.php, edit-active.php, edit-alias.php, edit-mailbox.php, search.php: - changed redirect to list-virtual.php overview-get.tpl: - changed link to list-virtual.php main.tpl: - changed overview link to list-domain.php git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@181 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
Initial Import in SourceForge git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
- merged edit-alias.php and admin/edit-alias.php - merged identical parts of GET and POST code git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@41 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
fix possible XSS hole (security fix) git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@253 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
rename templates to .php instead of .tpl git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@250 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
edit-alias.php: - correctly recognize empty input (first cleanup whitespace, then check). Before this fix, aliases with empty goto could be created by entering some spaces or newlines. https://sourceforge.net/tracker/index.php?func=detail&aid=1839061&group_id=191583&atid=937964 git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@248 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
Initial Import in SourceForge git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1 a1433add-5e2c-0410-b055-b7f2511e0802
19 years ago
  1. <?php
  2. /**
  3. * Postfix Admin
  4. *
  5. * LICENSE
  6. * This source file is subject to the GPL license that is bundled with
  7. * this package in the file LICENSE.TXT.
  8. *
  9. * Further details on the project are available at :
  10. * http://www.postfixadmin.com or http://postfixadmin.sf.net
  11. *
  12. * @version $Id$
  13. * @license GNU GPL v2 or later.
  14. *
  15. * File: edit-alias.php
  16. * Used to update an alias.
  17. *
  18. * Template File: edit-alias.php
  19. *
  20. * Template Variables:
  21. *
  22. * tMessage
  23. * tGoto
  24. *
  25. * Form POST \ GET Variables:
  26. *
  27. * fAddress
  28. * fDomain
  29. * fGoto
  30. */
  32. require_once('common.php');
  34. authentication_require_role('admin');
  35. $SESSID_USERNAME = authentication_get_username();
  37. if ($_SERVER['REQUEST_METHOD'] == "GET")
  38. {
  39. if (isset ($_GET['address'])) $fAddress = escape_string ($_GET['address']);
  40. if (isset ($_GET['domain'])) $fDomain = escape_string ($_GET['domain']);
  42. if (check_owner ($SESSID_USERNAME, $fDomain) || authentication_has_role('global-admin'))
  43. {
  44. $result = db_query ("SELECT * FROM $table_alias WHERE address='$fAddress' AND domain='$fDomain'");
  45. if ($result['rows'] == 1)
  46. {
  47. $row = db_array ($result['result']);
  48. $tGoto = $row['goto'];
  49. }
  50. }
  51. else
  52. {
  53. $tMessage = $PALANG['pEdit_alias_address_error'];
  54. }
  55. }
  57. if ($_SERVER['REQUEST_METHOD'] == "POST")
  58. {
  59. $pEdit_alias_goto = $PALANG['pEdit_alias_goto'];
  61. if (isset ($_GET['address'])) $fAddress = escape_string ($_GET['address']);
  62. $fAddress = strtolower ($fAddress);
  63. if (isset ($_GET['domain'])) $fDomain = escape_string ($_GET['domain']);
  64. if (isset ($_POST['fGoto'])) $fGoto = escape_string ($_POST['fGoto']);
  65. $fGoto = strtolower ($fGoto);
  67. if (! (check_owner ($SESSID_USERNAME, $fDomain) || authentication_has_role('global-admin')) )
  68. {
  69. $error = 1;
  70. $tGoto = $_POST['fGoto'];
  71. $tMessage = $PALANG['pEdit_alias_domain_error'] . "$fDomain</span>";
  72. }
  73. elseif (!check_alias_owner ($SESSID_USERNAME, $fAddress))
  74. {
  75. $error = 1;
  76. $tGoto = $fGoto;
  77. $tMessage = $PALANG['pEdit_alias_result_error'];
  78. }
  80. $goto = preg_replace ('/\\\r\\\n/', ',', $fGoto);
  81. $goto = preg_replace ('/\r\n/', ',', $goto);
  82. $goto = preg_replace ('/[\s]+/i', '', $goto);
  83. $goto = preg_replace ('/,*$|^,*/', '', $goto);
  84. $goto = preg_replace ('/,,*/', ',', $goto);
  86. if (empty ($goto))
  87. {
  88. $error = 1;
  89. $tGoto = $_POST['fGoto'];
  90. $tMessage = $PALANG['pEdit_alias_goto_text_error1'];
  91. }
  93. if ($error != 1)
  94. {
  95. $array = preg_split ('/,/', $goto);
  96. }
  97. else
  98. {
  99. $array = array();
  100. }
  102. for ($i = 0; $i < sizeof ($array); $i++) {
  103. if (in_array ("$array[$i]", $CONF['default_aliases'])) continue;
  104. if (empty ($array[$i])) continue; # TODO: should never happen - remove after 2.2 release
  105. if (!check_email ($array[$i]))
  106. {
  107. $error = 1;
  108. $tGoto = $goto;
  109. $tMessage = $PALANG['pEdit_alias_goto_text_error2'] . "$array[$i]</span>";
  110. }
  111. }
  113. if ($error != 1)
  114. {
  115. $result = db_query ("UPDATE $table_alias SET goto='$goto',modified=NOW() WHERE address='$fAddress' AND domain='$fDomain'");
  116. if ($result['rows'] != 1)
  117. {
  118. $tMessage = $PALANG['pEdit_alias_result_error'];
  119. }
  120. else
  121. {
  122. db_log ($SESSID_USERNAME, $fDomain, 'edit_alias', "$fAddress -> $goto");
  124. header ("Location: list-virtual.php?domain=$fDomain");
  125. exit;
  126. }
  127. }
  128. }
  130. $fAddress = htmlentities($fAddress, ENT_QUOTES);
  131. $fDomain = htmlentities($fDomain, ENT_QUOTES);
  132. include ("templates/header.php");
  133. include ("templates/menu.php");
  134. include ("templates/edit-alias.php");
  135. include ("templates/footer.php");
  137. /* vim: set expandtab softtabstop=3 tabstop=3 shiftwidth=3: */
  138. ?>