Mirrors
/
postfixadmin
mirror of https://github.com/postfixadmin/postfixadmin.git
3
0
Fork 0
Code Releases Activity
Browse Source

final set of refactoring patches (and the rest) 

git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@71 a1433add-5e2c-0410-b055-b7f2511e0802
postfixadmin-2.3
David Goodwin 19 years ago
parent
4eb83c4bdc
commit
3e70f276c2
17 changed files with 364 additions and 375 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 28
      common.php
  2. 25
      create-alias.php
  3. 151
      create-mailbox.php
  4. 11
      delete.php
  5. 16
      edit-active.php
  6. 18
      edit-alias.php
  7. 18
      edit-mailbox.php
  8. 131
      edit-vacation.php
  9. 46
      index.php
  10. 96
      login.php
  11. 4
      logout.php
  12. 9
      main.php
  13. 28
      overview.php
  14. 104
      password.php
  15. 21
      search.php
  16. 10
      sendmail.php
  17. 23
      viewlog.php

28
common.php
View File

@ -0,0 +1,28 @@
<?php
// Postfix Admin
// by Mischa Peters <mischa at high5 dot net>
// Copyright (c) 2002 - 2005 High5!
// Licensed under GPL for more info check GPL-LICENSE.TXT
//
// File: common.php.php
//
// Template File: -none-
//
// Template Variables: -none-
//
// Form POST \ GET Variables: -none-
//
$incpath = dirname(__FILE__);
require_once("$incpath/variables.inc.php");
if(!is_file("$incpath/config.inc.php")) {
// incorrectly setup...
header("Location: setup.php");
exit(0);
}
require_once("$incpath/config.inc.php");
require_once("$incpath/functions.inc.php");
require_once("$incpath/languages/" . check_language () . ".lang");
session_start();

25
create-alias.php
View File

@ -23,21 +23,16 @@
// fDomain
//
if (!isset($incpath)) $incpath = '.';
require_once('common.php');
require ("$incpath/variables.inc.php");
require ("$incpath/config.inc.php");
require ("$incpath/functions.inc.php");
include ("$incpath/languages/" . check_language () . ".lang");
$SESSID_USERNAME = check_session ();
if (!check_admin($SESSID_USERNAME))
{
$list_domains = list_domains_for_admin ($SESSID_USERNAME);
authentication_require_role('admin');
$username = authentication_get_username();
$SESSID_USERNAME = $username;
if(authentication_has_role('global-admin')) {
$list_domains = list_domains ();
}
else
{
$list_domains = list_domains ();
else {
$list_domains = list_domains_for_admin ($username);
}
$pCreate_alias_goto_text = $PALANG['pCreate_alias_goto_text'];
@ -64,7 +59,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
$fGoto = $fGoto . "@" . escape_string ($_POST['fDomain']);
}
if (! (check_admin($SESSID_USERNAME) || check_owner ($SESSID_USERNAME, $fDomain) ))
if (! (authentication_has_role('global-admin') || check_owner ($SESSID_USERNAME, $fDomain) ))
{
$error = 1;
$tAddress = escape_string ($_POST['fAddress']);
@ -149,7 +144,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
include ("$incpath/templates/header.tpl");
if (check_admin($SESSID_USERNAME)) {
if (authentication_has_role('global-admin')) {
include ("$incpath/templates/admin_menu.tpl");
} else {
include ("$incpath/templates/menu.tpl");

151
create-mailbox.php
View File

@ -29,26 +29,21 @@
// fMail
//
if (!isset($incpath)) $incpath = '.';
require_once('common.php');
require ("$incpath/variables.inc.php");
require ("$incpath/config.inc.php");
require ("$incpath/functions.inc.php");
include ("$incpath/languages/" . check_language () . ".lang");
$SESSID_USERNAME = check_session ();
if (!check_admin($SESSID_USERNAME))
{
$list_domains = list_domains_for_admin ($SESSID_USERNAME);
}
else
{
authentication_require_role('admin');
$SESSID_USERNAME = authentication_get_username();
if(authentication_has_role('global-admin')) {
$list_domains = list_domains ();
}
else {
$list_domains = list_domains_for_admin ($SESSID_USERNAME);
}
$pCreate_mailbox_password_text = $PALANG['pCreate_mailbox_password_text'];
$pCreate_mailbox_name_text = $PALANG['pCreate_mailbox_name_text'];
$pCreate_mailbox_quota_text = $PALANG['pCreate_mailbox_quota_text'];
$pCreate_mailbox_password_text = $PALANG['pCreate_mailbox_password_text'];
$pCreate_mailbox_name_text = $PALANG['pCreate_mailbox_name_text'];
$pCreate_mailbox_quota_text = $PALANG['pCreate_mailbox_quota_text'];
if ($_SERVER['REQUEST_METHOD'] == "GET")
{
@ -61,8 +56,6 @@ if ($_SERVER['REQUEST_METHOD'] == "GET")
$tQuota = $row['maxquota'];
}
}
if ($_SERVER['REQUEST_METHOD'] == "POST")
@ -79,7 +72,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
if (isset ($_POST['fMail'])) $fMail = escape_string ($_POST['fMail']);
if ( (!check_owner ($SESSID_USERNAME, $fDomain)) && (!check_admin($SESSID_USERNAME)) )
if ( (!check_owner ($SESSID_USERNAME, $fDomain)) && (!authentication_has_role('global-admin')) )
{
$error = 1;
$tUsername = escape_string ($_POST['fUsername']);
@ -98,7 +91,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
$tDomain = $fDomain;
$pCreate_mailbox_username_text = $PALANG['pCreate_mailbox_username_text_error3'];
}
if (empty ($fUsername) or !check_email ($fUsername))
{
$error = 1;
@ -113,7 +106,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
{
if (empty ($fPassword) and empty ($fPassword2) and $CONF['generate_password'] == "YES")
{
$fPassword = generate_password ();
$fPassword = generate_password ();
}
else
{
@ -138,7 +131,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
$pCreate_mailbox_quota_text = $PALANG['pCreate_mailbox_quota_text_error'];
}
}
$result = db_query ("SELECT * FROM $table_alias WHERE address='$fUsername'");
if ($result['rows'] == 1)
{
@ -153,7 +146,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
if ($error != 1)
{
$password = pacrypt ($fPassword);
if ($CONF['domain_path'] == "YES")
{
if ($CONF['domain_in_mailbox'] == "YES")
@ -169,7 +162,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
{
$maildir = $fUsername . "/";
}
if (!empty ($fQuota))
{
$quota = multiply_quota ($fQuota);
@ -178,7 +171,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
{
$quota = 0;
}
if ($fActive == "on")
{
$fActive = 1;
@ -214,7 +207,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
}
else
{
$error=TRUE; // Being pessimistic
if (mailbox_postcreation($fUsername,$fDomain,$maildir))
{
@ -222,7 +215,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
{
$result=db_query("COMMIT");
/* should really not be possible: */
/* should really not be possible: */
/*
if (!$result) die('COMMIT-query failed.');
}
@ -233,14 +226,14 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
{
$result=db_query("ROLLBACK");
/* should really not be possible: */
/* should really not be possible: */
/*
if (!$result) die('ROLLBACK-query failed.');
} else {
/*
When we cannot count on transactions, we need to move forward, despite
the problems.
*/
*/
/*
$error=FALSE;
}
@ -250,14 +243,14 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
if (!$error)
{
db_log ($CONF['admin_email'], $fDomain, "create mailbox", $fUsername);
*/
*/
/*
TODO: this is the start of /create-mailbox code segment that was originally used in /create-mailbox.php instead
of the above from admin/create-mailbox.php.
To be compared / merged.
*/
*/
$result = db_query ("INSERT INTO $table_mailbox (username,password,name,maildir,quota,domain,created,modified,active) VALUES ('$fUsername','$password','$fName','$maildir','$quota','$fDomain',NOW(),NOW(),'$sqlActive')");
if ($result['rows'] != 1 || !mailbox_postcreation($fUsername,$fDomain,$maildir))
@ -272,71 +265,71 @@ TODO: this is the start of /create-mailbox code segment that was originally used
db_log ($SESSID_USERNAME, $fDomain, "create mailbox", "$fUsername");
/*
TODO: this is the end of /create-mailbox.php code segment
*/
$tDomain = $fDomain;
*/
$tDomain = $fDomain;
if (create_mailbox_subfolders($fUsername,$fPassword))
{
$tMessage = $PALANG['pCreate_mailbox_result_succes'] . "<br />($fUsername";
} else {
$tMessage = $PALANG['pCreate_mailbox_result_succes_nosubfolders'] . "<br />($fUsername";
}
if (create_mailbox_subfolders($fUsername,$fPassword))
{
$tMessage = $PALANG['pCreate_mailbox_result_succes'] . "<br />($fUsername";
} else {
$tMessage = $PALANG['pCreate_mailbox_result_succes_nosubfolders'] . "<br />($fUsername";
}
if ($CONF['generate_password'] == "YES")
if ($CONF['generate_password'] == "YES")
{
$tMessage .= " / $fPassword)</br />";
}
else
{
if ($CONF['show_password'] == "YES")
{
$tMessage .= " / $fPassword)</br />";
}
else
{
if ($CONF['show_password'] == "YES")
{
$tMessage .= " / $fPassword)</br />";
}
else
{
$tMessage .= ")</br />";
}
$tMessage .= ")</br />";
}
$tQuota = $CONF['maxquota'];
}
$tQuota = $CONF['maxquota'];
if ($fMail == "on")
{
$fTo = $fUsername;
$fFrom = $SESSID_USERNAME;
$fHeaders = "To: " . $fTo . "\n";
$fHeaders .= "From: " . $fFrom . "\n";
if ($fMail == "on")
if (!empty ($PALANG['charset']))
{
$fTo = $fUsername;
$fFrom = $SESSID_USERNAME;
$fHeaders = "To: " . $fTo . "\n";
$fHeaders .= "From: " . $fFrom . "\n";
if (!empty ($PALANG['charset']))
{
$fHeaders .= "Subject: " . encode_header ($PALANG['pSendmail_subject_text'], $PALANG['charset']) . "\n";
$fHeaders .= "MIME-Version: 1.0\n";
$fHeaders .= "Content-Type: text/plain; charset=" . $PALANG['charset'] . "\n";
$fHeaders .= "Content-Transfer-Encoding: 8bit\n";
}
else
{
$fHeaders .= "Subject: " . $PALANG['pSendmail_subject_text'] . "\n\n";
}
$fHeaders .= $CONF['welcome_text'];
$fHeaders .= "Subject: " . encode_header ($PALANG['pSendmail_subject_text'], $PALANG['charset']) . "\n";
$fHeaders .= "MIME-Version: 1.0\n";
$fHeaders .= "Content-Type: text/plain; charset=" . $PALANG['charset'] . "\n";
$fHeaders .= "Content-Transfer-Encoding: 8bit\n";
}
else
{
$fHeaders .= "Subject: " . $PALANG['pSendmail_subject_text'] . "\n\n";
}
if (!smtp_mail ($fTo, $fFrom, $fHeaders))
{
$tMessage .= "<br />" . $PALANG['pSendmail_result_error'] . "<br />";
}
else
{
$tMessage .= "<br />" . $PALANG['pSendmail_result_succes'] . "<br />";
}
$fHeaders .= $CONF['welcome_text'];
if (!smtp_mail ($fTo, $fFrom, $fHeaders))
{
$tMessage .= "<br />" . $PALANG['pSendmail_result_error'] . "<br />";
}
else
{
$tMessage .= "<br />" . $PALANG['pSendmail_result_succes'] . "<br />";
}
}
}
}
}
include ("$incpath/templates/header.tpl");
if (check_admin($SESSID_USERNAME)) {
if (authentication_has_role('global-admin')) {
include ("$incpath/templates/admin_menu.tpl");
} else {
include ("$incpath/templates/menu.tpl");

11
delete.php
View File

@ -18,12 +18,12 @@
// fDelete
// fDomain
//
require ("./variables.inc.php");
require ("./config.inc.php");
require ("./functions.inc.php");
include ("./languages/" . check_language () . ".lang");
$SESSID_USERNAME = check_session();
require_once('common.php');
authentication_require_role('admin');
$SESSID_USERNAME = authentication_get_username();
if ($_SERVER['REQUEST_METHOD'] == "GET")
{
@ -43,6 +43,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET")
else
{
if ($CONF['database_type'] == "pgsql") db_query('BEGIN');
$result = db_query ("DELETE FROM $table_alias WHERE address='$fDelete' AND domain='$fDomain'");
if ($result['rows'] != 1)
{

16
edit-active.php
View File

@ -20,14 +20,10 @@
// fReturn
//
if (!isset($incpath)) $incpath = '.';
require_once('common.php');
require ("$incpath/variables.inc.php");
require ("$incpath/config.inc.php");
require ("$incpath/functions.inc.php");
include ("$incpath/languages/" . check_language () . ".lang");
$SESSID_USERNAME = check_session ();
authentication_require_role('admin');
$SESSID_USERNAME = authentication_get_username();
if ($_SERVER['REQUEST_METHOD'] == "GET")
{
@ -36,7 +32,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET")
if (isset ($_GET['domain'])) $fDomain = escape_string ($_GET['domain']);
if (isset ($_GET['return'])) $fReturn = escape_string ($_GET['return']);
if (! (check_owner ($SESSID_USERNAME, $fDomain) || check_admin($SESSID_USERNAME) ) )
if (! (check_owner ($SESSID_USERNAME, $fDomain) || authentication_has_role('global-admin') ) )
{
$error = 1;
$tMessage = $PALANG['pEdit_mailbox_domain_error'] . "<b>$fDomain</b>!</font>";
@ -83,7 +79,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET")
}
else
{
if (check_admin($SESSID_USERNAME)) {
if (authentication_has_role('global-admin')) {
header ("Location: list-virtual.php?domain=$fDomain");
} else {
header ("Location: overview.php?domain=$fDomain");
@ -95,7 +91,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET")
include ("$incpath/templates/header.tpl");
if (check_admin($SESSID_USERNAME)) {
if (authentication_has_role('global-admin')) {
include ("$incpath/templates/admin_menu.tpl");
} else {
include ("$incpath/templates/menu.tpl");

18
edit-alias.php
View File

@ -21,21 +21,17 @@
// fGoto
//
if (!isset($incpath)) $incpath = '.';
require_once('common.php');
require ("$incpath/variables.inc.php");
require ("$incpath/config.inc.php");
require ("$incpath/functions.inc.php");
include ("$incpath/languages/" . check_language () . ".lang");
$SESSID_USERNAME = check_session ();
authentication_require_role('admin');
$SESSID_USERNAME = authentication_get_username();
if ($_SERVER['REQUEST_METHOD'] == "GET")
{
if (isset ($_GET['address'])) $fAddress = escape_string ($_GET['address']);
if (isset ($_GET['domain'])) $fDomain = escape_string ($_GET['domain']);
if (check_owner ($SESSID_USERNAME, $fDomain) || check_admin($SESSID_USERNAME))
if (check_owner ($SESSID_USERNAME, $fDomain) || authentication_has_role('global-admin'))
{
$result = db_query ("SELECT * FROM $table_alias WHERE address='$fAddress' AND domain='$fDomain'");
if ($result['rows'] == 1)
@ -60,7 +56,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
if (isset ($_POST['fGoto'])) $fGoto = escape_string ($_POST['fGoto']);
$fGoto = strtolower ($fGoto);
if (! (check_owner ($SESSID_USERNAME, $fDomain) || check_admin($SESSID_USERNAME)) )
if (! (check_owner ($SESSID_USERNAME, $fDomain) || authentication_has_role('global-admin')) )
{
$error = 1;
$tGoto = $_POST['fGoto'];
@ -114,7 +110,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
{
db_log ($SESSID_USERNAME, $fDomain, "edit alias", "$fAddress -> $goto");
if (check_admin($SESSID_USERNAME)) {
if (authentication_has_role('global-admin')) {
header ("Location: list-virtual.php?domain=$fDomain");
} else {
header ("Location: overview.php?domain=$fDomain");
@ -126,7 +122,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
include ("$incpath/templates/header.tpl");
if (check_admin($SESSID_USERNAME)) {
if (authentication_has_role('global-admin')) {
include ("$incpath/templates/admin_menu.tpl");
} else {
include ("$incpath/templates/menu.tpl");

18
edit-mailbox.php
View File

@ -26,14 +26,10 @@
// fActive
//
if (!isset($incpath)) $incpath = '.';
require_once('common.php');
require ("$incpath/variables.inc.php");
require ("$incpath/config.inc.php");
require ("$incpath/functions.inc.php");
include ("$incpath/languages/" . check_language () . ".lang");
$SESSID_USERNAME = check_session ();
authentication_require_role('admin');
$SESSID_USERNAME = authentication_get_username();
if (isset ($_GET['username'])) $fUsername = escape_string ($_GET['username']);
$fUsername = strtolower ($fUsername);
@ -44,7 +40,7 @@ $pEdit_mailbox_quota_text = $PALANG['pEdit_mailbox_quota_text'];
if ($_SERVER['REQUEST_METHOD'] == "GET")
{
if (check_owner ($SESSID_USERNAME, $fDomain) || check_admin($SESSID_USERNAME))
if (check_owner ($SESSID_USERNAME, $fDomain) || authentication_has_role('global-admin'))
{
$result = db_query ("SELECT * FROM $table_mailbox WHERE username='$fUsername' AND domain='$fDomain'");
if ($result['rows'] == 1)
@ -79,7 +75,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
if (isset ($_POST['fQuota'])) $fQuota = intval ($_POST['fQuota']);
if (isset ($_POST['fActive'])) $fActive = escape_string ($_POST['fActive']);
if (! (check_owner ($SESSID_USERNAME, $fDomain) || check_admin($SESSID_USERNAME)) )
if (! (check_owner ($SESSID_USERNAME, $fDomain) || authentication_has_role('global-admin')) )
{
$error = 1;
$tName = $fName;
@ -153,7 +149,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
{
db_log ($SESSID_USERNAME, $fDomain, "edit mailbox", $fUsername);
if (check_admin($SESSID_USERNAME)) {
if (authentication_has_role('global-admin')) {
header ("Location: list-virtual.php?domain=$fDomain");
} else {
header ("Location: overview.php?domain=$fDomain");
@ -165,7 +161,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
include ("$incpath/templates/header.tpl");
if (check_admin($SESSID_USERNAME)) {
if (authentication_has_role('global-admin')) {
include ("$incpath/templates/admin_menu.tpl");
} else {
include ("$incpath/templates/menu.tpl");

131
edit-vacation.php
View File

@ -1,4 +1,6 @@
<?php
// XXX TODO - Remove the code duplication between this file (for admins) and users/vacation.php
// - too much of the code is identical for there not to be some refactoring possible.
//
// Postfix Admin
// by Mischa Peters <mischa at high5 dot net>
@ -11,6 +13,7 @@
//
// Template Variables:
//
// tUseremail
// tMessage
// tSubject
// tBody
@ -25,38 +28,27 @@
// fQuota
// fActive
//
// This is a copy of the superadmin edit-vacation.php with
// template references changed
//
if (!isset($incpath)) $incpath = '.';
require_once('common.php');
$SESSID_USERNAME = authentication_get_username();
require ("$incpath/variables.inc.php");
require ("$incpath/config.inc.php");
require ("$incpath/functions.inc.php");
include ("$incpath/languages/" . check_language () . ".lang");
if($CONF['vacation'] == 'NO') {
header("Location: " . $CONF['postfix_admin_url'] . "/main.php");
exit(0);
}
$vacation_domain = $CONF['vacation_domain'];
$vacation_goto = preg_replace('/@/', '#', $SESSID_USERNAME);
$vacation_goto = $vacation_goto . '@' . $vacation_domain;
$SESSID_USERNAME = check_session ();
(($CONF['vacation'] == 'NO') ? header("Location: " . $CONF['postfix_admin_url'] . "/main.php") && exit : '1');
$tmp = preg_split ('/@/', $SESSID_USERNAME);
$USERID_DOMAIN = $tmp[1];
if (isset ($_GET['username'])) $fUsername = escape_string ($_GET['username']);
if (isset ($_GET['domain'])) $fDomain = escape_string ($_GET['domain']);
if (check_admin($SESSID_USERNAME))
{
$fCanceltarget= $CONF['postfix_admin_url'] . "/admin/list-virtual.php?domain=$fDomain";
}
else
{
if (check_owner ($SESSID_USERNAME, $fDomain))
{
$fCanceltarget= $CONF['postfix_admin_url'] . "/overview.php?domain=$fDomain";
}
//unauthorized, exit
else { exit; }
}
$fCanceltarget = $CONF['postfix_admin_url'] . '/main.php';
if ($_SERVER['REQUEST_METHOD'] == "GET")
{
@ -74,72 +66,70 @@ if ($_SERVER['REQUEST_METHOD'] == "GET")
if ($tSubject == '') { $tSubject = $PALANG['pUsersVacation_subject_text']; }
if ($tBody == '') { $tBody = $PALANG['pUsersVacation_body_text']; }
}
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
$vacation_domain = $CONF['vacation_domain'];
if (isset ($_POST['fSubject'])) $fSubject = escape_string ($_POST['fSubject']);
if (isset ($_POST['fBody'])) $fBody = escape_string ($_POST['fBody']);
if (isset ($_POST['fChange'])) $fChange = escape_string ($_POST['fChange']);
if (isset ($_POST['fBack'])) $fBack = escape_string ($_POST['fBack']);
if (isset ($_GET['domain'])) $fDomain = escape_string ($_GET['domain']);
if (isset ($_GET['username'])) $fUsername = escape_string ($_GET['username']);
if (isset ($_GET['domain'])) {
$fDomain = escape_string ($_GET['domain']);
}
else {
$fDomain = $USERID_DOMAIN;
}
if (isset ($_GET['username'])) {
$fUsername = escape_string ($_GET['username']);
}
else {
$fUsername = authentication_get_username();
}
$tUseremail = $fUsername;
if ($tSubject == '') { $tSubject = $PALANG['pUsersVacation_subject_text']; }
if ($tBody == '') { $tBody = $PALANG['pUsersVacation_body_text']; }
//if change, remove old one, then set new one
//if change, remove old one, then perhaps set new one
if (!empty ($fBack) || !empty ($fChange))
{
//if we find an existing vacation entry, delete it
$result = db_query("SELECT * FROM $table_vacation WHERE email='$fUsername'");
if ($result['rows'] == 1)
{
$result = db_query ("DELETE FROM $table_vacation WHERE email='$fUsername'");
if ($result['rows'] != 1)
{
$error = 1;
$tMessage = $PALANG['pVacation_result_error'];
$tMessage = "cannot remove $fUsername from $table_vacation";
}
else
{
$tMessage = $PALANG['pVacation_result_success'];
}
$result = db_query ("SELECT * FROM $table_alias WHERE address='$fUsername'");
//if we find an existing vacation entry, delete it
$result = db_query("SELECT * FROM $table_vacation WHERE email='$fUsername'");
if ($result['rows'] == 1)
{
$row = db_array ($result['result']);
$goto = $row['goto'];
//only one of these will do something, first handles address at beginning and middle, second at end
$goto= preg_replace ( "/$fUsername@$vacation_domain,/", '', $goto);
$goto= preg_replace ( "/,$fUsername@$vacation_domain/", '', $goto);
$result = db_query ("UPDATE $table_alias SET goto='$goto',modified=NOW() WHERE address='$fUsername'");
$result = db_query ("DELETE FROM $table_vacation WHERE email='$fUsername'");
if ($result['rows'] != 1)
{
$error = 1;
$tMessage = $PALANG['pVacation_result_error'];
}
else
$result = db_query ("SELECT * FROM $table_alias WHERE address='$fUsername'");
if ($result['rows'] == 1)
{
$tMessage = $PALANG['pVacation_result_success'];
$row = db_array ($result['result']);
$goto = $row['goto'];
//only one of these will do something, first handles address at beginning and middle, second at end
$goto= preg_replace ( "/$vacation_goto,/", '', $goto);
$goto= preg_replace ( "/,$vacation_goto/", '', $goto);
$result = db_query ("UPDATE $table_alias SET goto='$goto',modified=NOW() WHERE address='$fUsername'");
if ($result['rows'] != 1)
{
$error = 1;
}
}
}
}
}
//Set the vacation data for $fUsername
if (!empty ($fChange))
{
$goto = '';
$result = db_query ("SELECT * FROM $table_alias WHERE address='$fUsername'");
if ($result['rows'] == 1)
{
@ -149,30 +139,37 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
($CONF['database_type']=='pgsql') ? $Active='true' : $Active=1;
$result = db_query ("INSERT INTO $table_vacation (email,subject,body,domain,created,active) VALUES ('$fUsername','$fSubject','$fBody','$fDomain',NOW(),$Active)");
if ($result['rows'] != 1)
{
$error = 1;
$tMessage = $PALANG['pVacation_result_error'];
}
$goto = $goto . "," . "$fUsername@$vacation_domain";
$goto = $goto . "," . $vacation_goto;
$result = db_query ("UPDATE $table_alias SET goto='$goto',modified=NOW() WHERE address='$fUsername'");
if ($result['rows'] != 1)
{
$error = 1;
$tMessage = $PALANG['pVacation_result_error'];
}
else
{
header ("Location: $fCanceltarget");
exit;
}
}
}
if($error == 0) {
if(!empty ($fBack)) {
$tMessage = $PALANG['pVacation_result_removed'];
}
if(!empty($fChange)) {
$tMessage= $PALANG['pVacation_result_added'];
}
}
else {
$tMessage = $PALANG['pVacation_result_error'];
}
$tUseremail = $SESSID_USERNAME;
include ("$incpath/templates/header.tpl");
if (check_admin($SESSID_USERNAME)) {
if (authentication_has_role('global-admin')) {
include ("$incpath/templates/admin_menu.tpl");
} else {
include ("$incpath/templates/menu.tpl");

46
index.php
View File

@ -19,36 +19,30 @@
//
if (!file_exists (realpath ("./setup.php")))
{
header ("Location: login.php");
exit;
header ("Location: login.php");
exit;
}
else
{
print <<< EOF
print <<< EOF
<html>
<head>
<title>Welcome to Postfix Admin</title>
</head>
<body>
<img id="login_header_logo" src="images/postbox.png" />
<img id="login_header_logo2" src="images/postfixadmin2.png" />
<h1>Welcome to Postfix Admin</h1>
It seems that you are running this version of Postfix Admin for the first time.<br />
<p />
You can now run <a href="setup.php">setup</a> to make sure that all the functions are available for Postfix Admin to run.<br />
<p />
If you still encounter any problems please check the documentation and website for more information.
<p />
Your donations keep this project running...
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="image" src="https://www.paypal.com/en_US/i/btn/x-click-but04.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
<input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHDgYJKoZIhvcNAQcEoIIG/zCCBvsCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYAaWZJT9HWnL5r84t1G3lE63Fs8NGVgfq49mgflefUQOeVfKUG7NXZOkJT/FxH+SLf2c20VGRhol6vr0EqlMbJYkqeAJJIEHDVe8OiiYV1MYDWBRoJ5TRUCVurbFq9DnMokHohXBsdYjtAAxwvw6m9MZucVkZfg83QsgrfqeFpDNTELMAkGBSsOAwIaBQAwgYsGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIC0DzenYGQ6SAaKk6zKCl+ULUPl5c4pT4u0dpzFLw3sXBESPspq92l37FQXdxLzp2qaeP2StIXgU828PbJxt5ilucTLmnfkhpoeSdbvrlfiYJQbI1kjtHi0gIO4Hp0iUmaRaOTAEcNYfO84xxce0rJlfdoIIDhzCCA4MwggLsoAMCAQICAQAwDQYJKoZIhvcNAQEFBQAwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMB4XDTA0MDIxMzEwMTMxNVoXDTM1MDIxMzEwMTMxNVowgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBR07d/ETMS1ycjtkpkvjXZe9k+6CieLuLsPumsJ7QC1odNz3sJiCbs2wC0nLE0uLGaEtXynIgRqIddYCHx88pb5HTXv4SZeuv0Rqq4+axW9PLAAATU8w04qqjaSXgbGLP3NmohqM6bV9kZZwZLR/klDaQGo1u9uDb9lr4Yn+rBQIDAQABo4HuMIHrMB0GA1UdDgQWBBSWn3y7xm8XvVk/UtcKG+wQ1mSUazCBuwYDVR0jBIGzMIGwgBSWn3y7xm8XvVk/UtcKG+wQ1mSUa6GBlKSBkTCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb22CAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCBXzpWmoBa5e9fo6ujionW1hUhPkOBakTr3YCDjbYfvJEiv/2P+IobhOGJr85+XHhN0v4gUkEDI8r2/rNk1m0GA8HKddvTjyGw/XqXa+LSTlDYkqI8OwR8GEYj4efEtcRpRYBxV8KxAW93YDWzFGvruKnnLbDAF6VR5w/cCMn5hzGCAZowggGWAgEBMIGUMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbQIBADAJBgUrDgMCGgUAoF0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDQwOTE3MTUwNzEzWjAjBgkqhkiG9w0BCQQxFgQUXsDlCR/SO8MRWqCsrkZ7wbU4RZAwDQYJKoZIhvcNAQEBBQAEgYCPDjlGd7bghDtcCDiPl7DPgV6/vT4vc5bn5ygoqIahQF5Asu9v+Qocb+vMEPq+IZampJ/XlcGzwmzY23IfeVAq4aosqM265rDxyfmnzmiApO/KCJS7pN8dBVeDLEXGNYo1s73Ch0lETohWwYHKNKk+Wwe3+6tFhumthRHbpqQ4dw==-----END PKCS7-----">
</form>
<p />
<a href="http://high5.net/postfixadmin/">Postfix Admin</a><br />
<a href="http://forums.high5.net/index.php?showforum=7">Knowledge Base</a>
</body>
<head>
<title>Welcome to Postfix Admin</title>
</head>
<body>
<img id="login_header_logo" src="images/postbox.png" />
<img id="login_header_logo2" src="images/postfixadmin2.png" />
<h1>Welcome to Postfix Admin</h1>
It seems that you are running this version of Postfix Admin for the first time.<br />
<p />
You can now run <a href="setup.php">setup</a> to make sure that all the functions are available for Postfix Admin to run.<br />
<p />
If you still encounter any problems, please check the documentation and website for more information.
<p />
<p />
<a href="http://postfixadmin.org">Postfix Admin</a> web site<br />
<a href="http://sourceforge.net/forum/forum.php?forum_id=676076">Knowledge Base</a>
</body>
</html>
EOF;
}

96
login.php
View File

@ -19,65 +19,63 @@
// fUsername
// fPassword
//
require ("./variables.inc.php");
require ("./config.inc.php");
require ("./functions.inc.php");
include ("./languages/" . check_language () . ".lang");
require_once('common.php');
if ($_SERVER['REQUEST_METHOD'] == "GET")
{
include ("./templates/header.tpl");
include ("./templates/login.tpl");
include ("./templates/footer.tpl");
include ("./templates/header.tpl");
include ("./templates/login.tpl");
include ("./templates/footer.tpl");
}
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
if (isset ($_POST['fUsername'])) $fUsername = escape_string ($_POST['fUsername']);
if (isset ($_POST['fPassword'])) $fPassword = escape_string ($_POST['fPassword']);
$fUsername = '';
$fPassword = '';
if (isset ($_POST['fUsername'])) $fUsername = escape_string ($_POST['fUsername']);
if (isset ($_POST['fPassword'])) $fPassword = escape_string ($_POST['fPassword']);
$result = db_query ("SELECT password FROM $table_admin WHERE username='$fUsername' AND active='1'");
if ($result['rows'] == 1)
{
$row = db_array ($result['result']);
$password = pacrypt ($fPassword, $row['password']);
$result = db_query ("SELECT password FROM $table_admin WHERE username='$fUsername' AND active='1'");
if ($result['rows'] == 1)
{
$row = db_array ($result['result']);
$password = pacrypt ($fPassword, $row['password']);
$result = db_query ("SELECT * FROM $table_admin WHERE username='$fUsername' AND password='$password' AND active='1'");
if ($result['rows'] != 1)
{
$error = 1;
$tMessage = $PALANG['pLogin_password_incorrect'];
$tUsername = $fUsername;
}
}
else
{
$error = 1;
$tMessage = $PALANG['pLogin_username_incorrect'];
}
$result = db_query ("SELECT * FROM $table_admin WHERE username='$fUsername' AND password='$password' AND active='1'");
if ($result['rows'] != 1)
{
$error = 1;
$tMessage = $PALANG['pLogin_password_incorrect'];
$tUsername = $fUsername;
}
}
else
{
$error = 1;
$tMessage = $PALANG['pLogin_username_incorrect'];
}
if ($error != 1)
{
session_regenerate_id();
$_SESSION['sessid'] = array();
$_SESSION['sessid']['username'] = $fUsername;
$_SESSION['sessid']['roles'] = array();
$_SESSION['sessid']['roles'][] = 'admin';
if ($error != 1)
{
session_start();
session_register("sessid");
$_SESSION['sessid']['username'] = $fUsername;
// they've logged in, so see if they are a domain admin, as well.
$result = db_query ("SELECT * FROM $table_domain_admins WHERE username='$fUsername' AND domain='ALL' AND active='1'");
if ($result['rows'] == 1)
{
$_SESSION['sessid']['roles'][] = 'global-admin';
header("Location: admin/list-admin.php");
exit(0);
}
header("Location: main.php");
exit(0);
}
$result = db_query ("SELECT * FROM $table_domain_admins WHERE username='$fUsername' AND domain='ALL' AND active='1'");
if ($result['rows'] == 1)
{
$row = db_array ($result['result']);
if ($fUsername == $row['username'])
{
header("Location: admin/index.php");
exit;
}
}
header("Location: main.php");
exit;
}
include ("./templates/header.tpl");
include ("./templates/login.tpl");
include ("./templates/footer.tpl");
include ("./templates/header.tpl");
include ("./templates/login.tpl");
include ("./templates/footer.tpl");
}
?>

4
logout.php
View File

@ -17,10 +17,8 @@
//
// -none-
//
require ("./config.inc.php");
require ("./functions.inc.php");
$SESSID_USERNAME = check_session ();
require_once('common.php');
session_unset ();
session_destroy ();

9
main.php
View File

@ -17,11 +17,12 @@
//
// -none-
//
require ("./config.inc.php");
require ("./functions.inc.php");
include ("./languages/" . check_language () . ".lang");
$SESSID_USERNAME = check_session ();
require_once('common.php');
$SESSID_USERNAME = authentication_get_username();
authentication_require_role('admin');
if ($_SERVER["REQUEST_METHOD"] == "GET")
{

28
overview.php
View File

@ -23,20 +23,19 @@
// fDomain
// limit
//
require ("./variables.inc.php");
require ("./config.inc.php");
require ("./functions.inc.php");
include ("./languages/" . check_language () . ".lang");
$SESSID_USERNAME = check_session();
if (!check_admin($SESSID_USERNAME))
{
$list_domains = list_domains_for_admin ($SESSID_USERNAME);
}
else
{
require_once('common.php');
authentication_require_role('admin');
$SESSID_USERNAME = authentication_get_username();
if(authentication_has_role('global-admin')) {
$list_domains = list_domains ();
}
else {
$list_domains = list_domains_for_admin ($SESSID_USERNAME);
}
$tAlias = array();
$tMailbox = array();
@ -103,7 +102,12 @@ if ($_SERVER['REQUEST_METHOD'] == "GET")
$row['created']=gmstrftime('%c %Z',$row['uts_created']);
$row['modified']=gmstrftime('%c %Z',$row['uts_modified']);
$row['active']=('t'==$row['active']) ? 1 : 0;
$row['v_active']=('t'==$row['v_active']) ? 1 : 0;
if(isset($row['v_active'])) {
$row['v_active']=('t'==$row['v_active']) ? 1 : 0;
}
else {
$row['v_active'] = -1 ; //unknown; broken query above..
}
unset($row['uts_created']);
unset($row['uts_modified']);
}

104
password.php
View File

@ -19,71 +19,71 @@
// fPassword
// fPassword2
//
require ("./variables.inc.php");
require ("./config.inc.php");
require ("./functions.inc.php");
include ("./languages/" . check_language () . ".lang");
$SESSID_USERNAME = check_session ();
require_once('common.php');
authentication_require_role('admin');
$SESSID_USERNAME = authentication_get_username();
if ($_SERVER['REQUEST_METHOD'] == "GET")
{
include ("./templates/header.tpl");
include ("./templates/menu.tpl");
include ("./templates/password.tpl");
include ("./templates/footer.tpl");
include ("./templates/header.tpl");
include ("./templates/menu.tpl");
include ("./templates/password.tpl");
include ("./templates/footer.tpl");
}
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
if (isset ($_POST['fPassword_current'])) $fPassword_current = escape_string ($_POST['fPassword_current']);
if (isset ($_POST['fPassword'])) $fPassword = escape_string ($_POST['fPassword']);
if (isset ($_POST['fPassword2'])) $fPassword2 = escape_string ($_POST['fPassword2']);
if (isset ($_POST['fPassword_current'])) $fPassword_current = escape_string ($_POST['fPassword_current']);
if (isset ($_POST['fPassword'])) $fPassword = escape_string ($_POST['fPassword']);
if (isset ($_POST['fPassword2'])) $fPassword2 = escape_string ($_POST['fPassword2']);
$username = $SESSID_USERNAME;
$username = $SESSID_USERNAME;
$result = db_query ("SELECT * FROM $table_admin WHERE username='$username'");
if ($result['rows'] == 1)
{
$row = db_array ($result['result']);
$checked_password = pacrypt ($fPassword_current, $row['password']);
$result = db_query ("SELECT * FROM $table_admin WHERE username='$username'");
if ($result['rows'] == 1)
{
$row = db_array ($result['result']);
$checked_password = pacrypt ($fPassword_current, $row['password']);
$result = db_query ("SELECT * FROM $table_admin WHERE username='$username' AND password='$checked_password'");
if ($result['rows'] != 1)
{
$error = 1;
$pPassword_password_current_text = $PALANG['pPassword_password_current_text_error'];
}
}
else
{
$error = 1;
$pPassword_email_text = $PALANG['pPassword_email_text_error'];
}
$result = db_query ("SELECT * FROM $table_admin WHERE username='$username' AND password='$checked_password'");
if ($result['rows'] != 1)
{
$error = 1;
$pPassword_password_current_text = $PALANG['pPassword_password_current_text_error'];
}
}
else
{
$error = 1;
$pPassword_email_text = $PALANG['pPassword_email_text_error'];
}
if (empty ($fPassword) or ($fPassword != $fPassword2))
{
$error = 1;
$pPassword_password_text = $PALANG['pPassword_password_text_error'];
}
if (empty ($fPassword) or ($fPassword != $fPassword2))
{
$error = 1;
$pPassword_password_text = $PALANG['pPassword_password_text_error'];
}
if ($error != 1)
{
$password = pacrypt ($fPassword);
$result = db_query ("UPDATE $table_admin SET password='$password',modified=NOW() WHERE username='$username'");
if ($result['rows'] == 1)
{
$tMessage = $PALANG['pPassword_result_succes'];
}
else
{
$tMessage = $PALANG['pPassword_result_error'];
}
}
if ($error != 1)
{
$password = pacrypt ($fPassword);
$result = db_query ("UPDATE $table_admin SET password='$password',modified=NOW() WHERE username='$username'");
if ($result['rows'] == 1)
{
$tMessage = $PALANG['pPassword_result_succes'];
}
else
{
$tMessage = $PALANG['pPassword_result_error'];
}
}
include ("./templates/header.tpl");
include ("./templates/menu.tpl");
include ("./templates/password.tpl");
include ("./templates/footer.tpl");
include ("./templates/header.tpl");
include ("./templates/menu.tpl");
include ("./templates/password.tpl");
include ("./templates/footer.tpl");
}
?>

21
search.php
View File

@ -20,20 +20,17 @@
// fGo
// fDomain
//
require ("./variables.inc.php");
require ("./config.inc.php");
require ("./functions.inc.php");
include ("./languages/" . check_language () . ".lang");
$SESSID_USERNAME = check_session();
if (!check_admin($SESSID_USERNAME))
{
$list_domains = list_domains_for_admin ($SESSID_USERNAME);
}
else
{
require_once('common.php');
authentication_require_role('admin');
$SESSID_USERNAME = authentication_get_username();
if(authentication_has_role('global-admin')) {
$list_domains = list_domains ();
}
else {
$list_domains = list_domains_for_admin ($SESSID_USERNAME);
}
$tAlias = array();
@ -109,7 +106,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
if (empty ($fSearch) && !empty ($fGo))
{
if (check_admin($SESSID_USERNAME))
if (authentication_has_role('global-admin'))
{
header("Location: list-virtual.php?domain=" . $fDomain ) && exit;
}

10
sendmail.php
View File

@ -22,14 +22,14 @@
// fSubject
// fBody
//
require ("./variables.inc.php");
require ("./config.inc.php");
require ("./functions.inc.php");
include ("./languages/" . check_language () . ".lang");
$SESSID_USERNAME = check_session ();
require_once('common.php');
authentication_require_role('admin');
(($CONF['sendmail'] == 'NO') ? header("Location: " . $CONF['postfix_admin_url'] . "/main.php") && exit : '1');
$SESSID_USERNAME = authentication_get_username();
if ($_SERVER['REQUEST_METHOD'] == "GET")
{
include ("./templates/header.tpl");

23
viewlog.php
View File

@ -19,22 +19,17 @@
// fDomain
//
if (!isset($incpath)) $incpath = '.';
require ("$incpath/variables.inc.php");
require ("$incpath/config.inc.php");
require ("$incpath/functions.inc.php");
include ("$incpath/languages/" . check_language () . ".lang");
require_once('common.php');
$SESSID_USERNAME = check_session();
if (!check_admin($SESSID_USERNAME))
{
$list_domains = list_domains_for_admin ($SESSID_USERNAME);
}
else
{
authentication_require_role('admin');
$SESSID_USERNAME = authentication_get_username();
if(authentication_has_role('global-admin')) {
$list_domains = list_domains ();
}
else {
$list_domains = list_domains_for_admin ($SESSID_USERNAME);
}
if ($_SERVER['REQUEST_METHOD'] == "GET")
{
@ -45,7 +40,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET")
die('Unknown request method');
}
if (! (check_owner ($SESSID_USERNAME, $fDomain) || check_admin($SESSID_USERNAME)) )
if (! (check_owner ($SESSID_USERNAME, $fDomain) || authentication_has_role('global-admin')))
{
$error = 1;
$tMessage = $PALANG['pViewlog_result_error'];
@ -74,7 +69,7 @@ if ($error != 1)
include ("$incpath/templates/header.tpl");
if (check_admin($SESSID_USERNAME)) {
if (authentication_has_role('global-admin')) {
include ("$incpath/templates/admin_menu.tpl");
} else {
include ("$incpath/templates/menu.tpl");

Write Preview
Loading…
Cancel
Save