Mirrors
/
postfixadmin
mirror of https://github.com/postfixadmin/postfixadmin.git
3
0
Fork 0
Code Releases Activity
Browse Source

Initial Import in SourceForge 

git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/tags/postfixadmin-1.5.3@1 a1433add-5e2c-0410-b055-b7f2511e0802
postfixadmin-1.5.3
Mischa Peters 19 years ago
commit
5dea249821
32 changed files with 2018 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 76
      CHANGELOG.TXT
  2. 106
      INSTALL.TXT
  3. 50
      LICENSE.TXT
  4. 90
      UPGRADE.TXT
  5. 8
      admin/.htaccess
  6. 1
      admin/.htpasswd
  7. 36
      admin/adminview.php
  8. 49
      admin/delete.php
  9. 42
      admin/domainview.php
  10. 3
      admin/index.php
  11. 36
      admin/modify.php
  12. 58
      admin/newadmin.php
  13. 55
      admin/newdomain.php
  14. 37
      admin/passwd.php
  15. 41
      admin/sendmail.php
  16. 76
      admin/virtualview.php
  17. 51
      alias.php
  18. 39
      changename.php
  19. 56
      config.inc.php.sample
  20. 51
      delete.php
  21. 3
      index.php
  22. 84
      login.php
  23. 18
      logout.php
  24. 75
      mailbox.php
  25. 80
      main.php
  26. 63
      modify.php
  27. 347
      my_lib.php
  28. 58
      passwd.php
  29. 44
      pwd.php
  30. 45
      sendmail.php
  31. 184
      stylesheet.css
  32. 56
      vcp.php

76
CHANGELOG.TXT
View File

@ -0,0 +1,76 @@
#############################
# Postfix Admin Release 1.x #
#############################
#
# 2003 (c) High5!
# Created by: Mischa Peters <mischa at high5 dot net>
#
Version 1.5.3 -- 2003/06/06
----------------------------
- Fixed: Even more minor bugs in regards to declaration of variables.
(Thanx Aquilante and Kyle_m)
Version 1.5.2 -- 2003/06/05
----------------------------
- Fixed: Minor bugs in regards to declaration of variables.
Version 1.5.1 -- 2003/06/04
----------------------------
- Added: Optional mailbox per domain directory structure. (Thanx Jim)
- Added: Option to completely control the stored aliases. (Thanx Alex)
- Change: config.inc.php is renamed to config.inc.php.sample. (Thanx Alex)
- Fixed: $PHP_SELF in config.inc.php and my_lib.php. (Thanx Jim)
Version 1.5.0 -- 2003/05/28
----------------------------
- Added: Support for "Back to Main Site"
- Added: config.inc.php as the main configuration file.
- Added: Drop down box for domain selection when adding a new admin.
- Added: Resend of test email to newly created mailbox.
- Added: Mailbox and Aliases count for domainview.
- Added: Change description of domain without deleting the complete
domain.
- Added: Change name of mailbox user without deleting the mailbox.
- Added: Expire headers for unnecessary reloads. (Thanx Alex)
- Removed: Completely removed the site_lib.php.
- Removed: my_lib.php from the admin directory.
- Removed: Symlink to index.php.
- Fix: Code clean up.
- Fix: Minor bugs and cosmetic fixes.
- Fix: Modified check_string() to check numbers and returns false if not
matched. (Thanx btaber)
- Fix: Correct session handling in login.php (Thanx Yen-Wei Liu)
- Fix: Correct deletion of RFC822 email addresses. (Thanx Yen-Wei Liu)
Version 1.4.0 -- 2003/04/07
----------------------------
- Added: When deleting a domain, all aliases and mailboxes for that domain
are also deleted from the database.
- Added: Add standard aliases for every domain that is created.
These aliases can point to the main "local" administrator.
The aliases are configured in the config.php in the admin directory.
- Change: The layout of my_lib.php and site_lib.php have been changed.
- Change: Modifying an alias is now done with TEXTAREA for more
flexibility.
- Fix: Minor bugs and cosmetic fixes.
Version 1.3.8a -- 2003/03/31
----------------------------
- Fix: After deletion of a domain it would not return to the correct page.
Version 1.3.8 -- 2003/03/25
----------------------------
- Added: Admin password change. No longer needed to delete and re-enter
the admin user for a specific domain.
Version 1.3.7 -- 2002/12/24
----------------------------
- Initial public release of Postfix Admin.

106
INSTALL.TXT
View File

@ -0,0 +1,106 @@
#############################
# Postfix Admin Release 1.x #
#############################
#
# 2003 (c) High5!
# Created by: Mischa Peters <mischa at high5 dot net>
#
# Detailed instructions on how to install / upgrade Postfix Admin can be
# found in UPGRADE.TXT
#
# Unpack Postfix Admin in the directory where you want it. For example: /usr/local/www/<site>/postfixadmin
# There is also an Admin Admin part, change directory to the "admin" directory
# and change the path to the .htpasswd file in the .htaccess file.
#
# Some other information that you might want to look at is in the config.php
# file.
#
# In order to be able to read & write from the database I have created a
# seperate user in MySQL. I do this because Postfix Admin needs to have more
# rights on the Postfix database. If you are worried abour the password for
# the database. I have Postfix Admin running as the WebServer owner:group,
# that way your postfix username and password are somewhat protected against
# local users.
#
# You can use this file to create the tables that are needed to use postfix
# with mysql. The bottom part is for Postfix Admin.
#
# You can do this from the command line with:
#
# mysql -u root [-p] < INSTALL.TXT
#
# Postfix / MySQL
#
USE mysql
INSERT INTO user (Host, User, Password) VALUES ('localhost','postfix',password('postfix'));
INSERT INTO db (Host, Db, User, Select_priv) VALUES ('localhost','postfix','postfix','Y');
CREATE DATABASE postfix;
#
# Table structure for table alias
#
USE postfix;
CREATE TABLE alias (
address varchar(255) NOT NULL default '',
goto text NOT NULL,
domain varchar(255) NOT NULL default '',
create_date datetime NOT NULL default '0000-00-00 00:00:00',
change_date datetime NOT NULL default '0000-00-00 00:00:00',
active tinyint(4) NOT NULL default '1',
PRIMARY KEY (address)
) TYPE=MyISAM COMMENT='Virtual Aliases - mysql_virtual_alias_maps';
#
# Table structure for table domain
#
USE postfix;
CREATE TABLE domain (
domain varchar(255) NOT NULL default '',
description varchar(255) NOT NULL default '',
create_date datetime NOT NULL default '0000-00-00 00:00:00',
change_date datetime NOT NULL default '0000-00-00 00:00:00',
active tinyint(4) NOT NULL default '1',
PRIMARY KEY (domain)
) TYPE=MyISAM COMMENT='Virtual Domains - mysql_virtual_domains_maps';
#
# Table structure for table mailbox
#
USE postfix;
CREATE TABLE mailbox (
username varchar(255) NOT NULL default '',
password varchar(255) NOT NULL default '',
name varchar(255) NOT NULL default '',
maildir varchar(255) NOT NULL default '',
domain varchar(255) NOT NULL default '',
create_date datetime NOT NULL default '0000-00-00 00:00:00',
change_date datetime NOT NULL default '0000-00-00 00:00:00',
active tinyint(4) NOT NULL default '1',
PRIMARY KEY (username)
) TYPE=MyISAM COMMENT='Virtual Mailboxes - mysql_virtual_mailbox_maps';
#
#
#
#
# Postfix Admin User & Table
#
USE mysql
INSERT INTO user (Host, User, Password) VALUES ('localhost','postfixadmin',password('postfixadmin'));
INSERT INTO db (Host, Db, User, Select_priv, Insert_priv, Update_priv, Delete_priv) VALUES ('localhost', 'postfix', 'postfixadmin', 'Y', 'Y', 'Y', 'Y');
#
# Table structure for table admin
#
USE postfix;
CREATE TABLE admin (
username varchar(255) NOT NULL default '',
password varchar(255) NOT NULL default '',
domain varchar(255) NOT NULL default '',
create_date datetime NOT NULL default '0000-00-00 00:00:00',
change_date datetime NOT NULL default '0000-00-00 00:00:00',
active tinyint(4) NOT NULL default '1',
PRIMARY KEY (username)
) TYPE=MyISAM COMMENT='Virtual Admins - Store Virtual Domain Admins';

50
LICENSE.TXT
View File

@ -0,0 +1,50 @@
License for Postfix Admin:
The contents of this file are subject to the Mozilla Public License
Version 1.1 (the "License"); you may not use this file except in
compliance with the License. You may obtain a copy of the License at
http://www.mozilla.org/MPL/
Software distributed under the License is distributed on an "AS IS"
basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
License for the specific language governing rights and limitations
under the License.
The Original Code is Postfix Admin.
The Initial Developer of the Original Code is Mischa Peters <mischa@high5.net>.
Portions created by Mischa Peters are Copyright (c) 2002, 2003.
All Rights Reserved.
Contributor(s):
This project includes work by Mischa Peters and others that is:
Copyright (c) 2002,2003 Mischa Peters
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
Neither the names of the copyright holders nor the names of the XLW
Group and its contributors may be used to endorse or promote products
derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

90
UPGRADE.TXT
View File

@ -0,0 +1,90 @@
#############################
# Postfix Admin Release 1.x #
#############################
#
# 2003 (c) High5!
# Created by: Mischa Peters <mischa at high5 dot net>
#
Upgrade from 1.4.x and older
----------------------------
Since some features have been added to this release which are partially
coming from config.inc.php it's wise to do a complete upgrade and modify your
settings in the new config.inc.php.
1. Backup old installation
---------------------------
Make a backup of your current Postfix Admin directory. If you use "cp", be
sure to use the "-Rp" options. -R means recursive, and -p will save the
permissions in the directory.
In this example, we assume that your httpd document directory is
/usr/local/www, that your Postfix Admin install is located at
/usr/local/www/postfixadmin, and that your new Postfix Admin version is 1.5.0.
Substitute version numbers and names as required.
$ cd /usr/local/www
$ cp -Rp postfixadmin postfixadmin.old
2. Unarchive new Postfix Admin
------------------------------
Make sure that you are in your /usr/local/postfixadmin/ directory and then unarchive the
Postfix Admin archive (whatever the filename is):
$ tar -zxvf postfixadmin-1.5.0.tgz
3. Change permissions
----------------------
Since the database password is stored in the config.inc.php it's a good idea
to have Postfix Admin set to the permission of the webserver. In this
example, we assume that user "www" and group "www" are the web server as is
often the case with Apache.
$ cd /usr/local/www
$ chown -R www:www postfixadmin-1.5.0
This is also a good idea for the file permissions.
$ cd /usr/local/www/postfixadmin-1.5.0
$ chmod 640 *.php *.css
$ cd /usr/local/www/postfixadmin-1.5.0/admin
$ chmod 640 *.php *.css
Additionally, if "chown user:group" doesn't work, you can use "chown user"
and "chgrp group" instead. See the man pages for these commands for more
information.
4. Create the MySQL Tables
--------------------------
In INSTALL.TXT you can find the table structure that you need in order to
configure Postfix Admin and Postfix in general to work with Virtual Domains
and Users
5. Configure
------------
Look at the file config.inc.php in the root of Postfix Admin, here you can
specify the username and possword of the Postfix Admin user as well as the
database name.
In this file you can also find the text that is displayed as the title,
header and footer. You can change this as you see fit.
To change the background and text color please check the stylesheet.css
In config.inc.php in the admin directory you can find an array of default
aliases that are created when a new domain is created. You can change these
aliases so that they reflect your setup.
The default password for the admin part of Postfix Admin is admin/admin.
This is specified in the .htpasswd file in the admin directory.
Make sure that the location of the .htpasswd file matches your path.
6. Done
-------
This is all that is needed. Fire up your browser and go to the site that you
specified to host Postfix Admin.

8
admin/.htaccess
View File

@ -0,0 +1,8 @@
AuthUserFile /usr/local/postfixadmin/admin/.htpasswd
AuthGroupFile /dev/null
AuthName "Postfix Admin"
AuthType Basic
<limit GET POST>
require valid-user
</limit>

1
admin/.htpasswd
View File

@ -0,0 +1 @@
admin:$apr1$5awhn...$NvPhYnYme5lGzdXBd3/P//

36
admin/adminview.php
View File

@ -0,0 +1,36 @@
<?php
require "../config.inc.php";
require "../my_lib.php";
print_header("admin");
$result = db_query("SELECT * FROM admin ORDER BY domain,username");
if ($result['rows'] > 0) {
print "<table border=\"1\" cellpadding=\"2\" cellspacing=\"2\" width=\"75%\">\n";
print "<tr class=\"header\">";
print "<td>Domain Name</td>";
print "<td>Admin Alias</td>";
print "<td>Last Modified</td>";
print "<td>Active</td>";
print "<td colspan=\"2\">&nbsp;</td>";
print "</tr>";
while ($row = mysql_fetch_array ($result['result'])) {
print "<tr onMouseOver=\"this.bgColor = '#dfdfdf'\" onMouseOut =\"this.bgColor = '#ffffff'\" bgcolor=\"#ffffff\">";
print "<td><a href=\"virtualview.php?where=" . $row['domain'] . "\">" . $row['domain'] . "</a></td>";
print "<td>" . $row['username'] . "</td>";
print "<td>" . $row['change_date'] . "</td>";
print "<td>" . $row['active'] . "</td>";
print "<td><a href=\"passwd.php?username=" . $row['username'] . "\">edit</a></td>";
print "<td><a href=\"delete.php?table=admin&where=username&delete=" . $row['username'] . "\" onclick=\"return confirm ('Are you sure you want to delete this?')\">del</a></td>";
print "</tr>\n";
}
print "</table>\n";
print "<p />\n";
print "Found: " . $result['rows'] . "<br />\n";
} else {
print "<p />\n";
print "Nothing Found in the Admin Table!\n";
}
print_footer();
?>

49
admin/delete.php
View File

@ -0,0 +1,49 @@
<?php
require "../config.inc.php";
require "../my_lib.php";
$table = $_GET['table'];
$where = $_GET['where'];
$delete = $_GET['delete'];
$url = "$table" . "view.php";
if ($table == "domain") {
$r_domain = db_delete("domain",$where,$delete);
$r_admin = db_delete("admin",$where,$delete);
$r_alias = db_delete("alias",$where,$delete);
$r_mailbox = db_delete("mailbox",$where,$delete);
if (($r_domain == 1) and ($r_admin >= 0) and ($r_alias >= 0) and ($r_mailbox >= 0)) {
header("Location: $url");
} else {
print_header();
print "<hr />\n";
print "<b>Unable</b> to delete all entries for complete domain deletion!<p>\n";
print "Domain delete: $r_domain<br>\n";
print "Admin delete: $r_admin<br>\n";
print "Alias delete: $r_alias<br>\n";
print "Mailbox delete: $r_mailbox<br>\n";
print "<p />\n";
print_footer();
}
} else {
$result = db_delete ($table,$where,$delete);
if ($result == 1) {
header("Location: $url");
} else {
print_header();
print "<hr />\n";
print "<b>Unable</b> to delete entry $delete from the $table table!\n";
print "<p />\n";
print_footer();
}
}
function db_delete ($table,$where,$delete) {
$result = db_query("DELETE FROM $table WHERE $where='$delete'");
if ($result['rows'] >= 1) {
return $result['rows'];
} else {
return true;
}
}
?>

42
admin/domainview.php
View File

@ -0,0 +1,42 @@
<?php
require "../config.inc.php";
require "../my_lib.php";
print_header("admin");
$result = db_query("SELECT * FROM domain ORDER BY domain");
if ($result['rows'] > 0) {
print "<table border=\"1\" cellpadding=\"2\" cellspacing=\"2\" width=\"75%\">\n";
print "<tr class=\"header\">";
print "<td>Domain</td>";
print "<td>Description</td>";
print "<td>Aliases</td>";
print "<td>Mailboxes</td>";
print "<td>Last Modified</td>";
print "<td>&nbsp;</td>";
print "<td>&nbsp;</td>";
print "</tr>";
while ($row = mysql_fetch_array ($result['result'])) {
$row_domain = $row['domain'];
print "<tr onMouseOver=\"this.bgColor = '#dfdfdf'\" onMouseOut =\"this.bgColor = '#ffffff'\" bgcolor=\"#ffffff\">";
print "<td><a href=\"virtualview.php?where=" . $row['domain'] . "\">" . $row['domain'] . "</a></td>";
print "<td>" . $row['description'] . "</td>";
$aliases = db_query("SELECT * FROM alias WHERE domain='$row_domain'");
print "<td>" . $aliases['rows'] . "</td>";
$mailbox = db_query("SELECT * FROM mailbox WHERE domain='$row_domain'");
print "<td>" . $mailbox['rows'] . "</td>";
print "<td>" . $row['change_date'] . "</td>";
print "<td><a href=\"modify.php?modify=" . $row['domain'] . "\">edit</a></td>";
print "<td><a href=\"delete.php?table=domain&where=domain&delete=" . $row['domain'] . "\" onclick=\"return confirm ('Do you really want to delete all records for this domain? This can not be undone!')\">del</a></td>";
print "</tr>\n";
}
print "</table>\n";
print "<p />\n";
print "Found: " . $result['rows'] . "<br />\n";
} else {
print "<p />\n";
print "Nothing Found in the Domain Table!\n";
}
print_footer();
?>

3
admin/index.php
View File

@ -0,0 +1,3 @@
<?php
header ("Location: adminview.php");
?>

36
admin/modify.php
View File

@ -0,0 +1,36 @@
<?php
require "../config.inc.php";
require "../my_lib.php";
$modify = $_GET['modify'];
if (!empty($_POST['submit'])) {
$domain = $_POST['domain'];
$description = $_POST['description'];
$aliases = $_POST['aliases'];
if (empty($domain) or empty($description)) print_error("You will need to fill all fields.", "YES", "ADMIN");
if (check_email($domain)) print_error("The domain that you have supplied is not a valid domain, please go back.", "YES", "ADMIN");
$result = db_query ("UPDATE domain SET description='$description', change_date=NOW() WHERE domain='$domain'");
if ($result['rows'] == 1) {
header("Location: domainview.php");
} else {
print_error("Unable to modify: <i>$domain</i> to the domain table!", "YES", "ADMIN");
}
}
print_header("admin");
?>
Create a new domain.
<p />
<form method="post">
<table class="form">
<tr><td>Domain:</td><td><input type="hidden" name="domain" value="<?php print "$modify"; ?>"><?php print "$modify"; ?></td></tr>
<tr><td>Description:</td><td><input type="text" name="description"></td></tr>
<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Modify Domain"></td></tr>
</table>
</form>
<?php
print_footer();
?>

58
admin/newadmin.php
View File

@ -0,0 +1,58 @@
<?php
require "../config.inc.php";
require "../my_lib.php";
print_header("admin");
if (!empty($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$domain = $_POST['domain'];
$passwd = md5crypt("$password");
if (empty($username) or empty($password) or empty($domain)) print_error("You will need to fill all fields.");
if (!check_email($username)) print_error("The email address that you have supplied at <b>Email</b> is not a valid email address, please go back.");
$result = db_query ("SELECT * FROM domain WHERE domain='$domain'");
if ($result['rows'] != 1) print_error("The domain <b>$domain</b> is not present in the domain table!");
$result = db_query ("SELECT * FROM admin WHERE username='$username'");
if ($result['rows'] == 1) print_error("This email address already exists, please choose a different one.");
$result = db_query ("INSERT INTO admin (username,password,domain,create_date,change_date) VALUES('$username','$passwd','$domain',NOW(),NOW())");
if ($result['rows'] == 1) {
print "<i>$username</i> has been <b>added</b> to the admin table!\n";
print "<p>\n";
} else {
print_error("Unable to add <i>$username</i> to the mailbox table!");
}
}
?>
Create a new admin for a domain.
<p />
<form method="post">
<table class="form">
<tr><td>Email:</td><td><input type="text" name="username"></td></tr>
<tr><td>Passwd:</td><td><input type="text" name="password"></td></tr>
<tr><td>Domain:</td><td>
<select name="domain">
<?php
$result = db_query("SELECT domain FROM domain ORDER BY domain");
while ($row = mysql_fetch_array ($result['result'])) {
print "<option>" . $row['domain'] . "</option>";
}
?>
</select>
</td></tr>
<!--
<tr><td>Add mail aliases:</td><td><input type="checkbox" name="admin_aliases"> (for domain admin)</td></tr>
<tr><td>Add mail aliases:</td><td><input type="checkbox" name="uber_aliases"> (for uber admin)</td></tr>
-->
<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Add Admin"></td></tr>
</table>
</form>
<?php
print_footer();
?>

55
admin/newdomain.php
View File

@ -0,0 +1,55 @@
<?php
require "../config.inc.php";
require "../my_lib.php";
print_header("admin");
if (!empty($_POST['submit'])) {
$domain = $_POST['domain'];
$description = $_POST['description'];
$aliases = $_POST['aliases'];
if (empty($domain) or empty($description)) print_error ("You will need to fill all fields.");
if (check_email($domain)) print_error("The domain that you have supplied is not a valid domain, please go back.");
$result = db_query ("SELECT * FROM domain WHERE domain='$domain'");
if ($result['rows'] == 1) print_error ("This domain already exists, please choose a different one.");
$result = db_query ("INSERT INTO domain (domain,description,create_date,change_date) VALUES('$domain','$description',NOW(),NOW())");
if ($result['rows'] == 1) {
print "<i>$domain</i> has been <b>added</b> to the domain table!\n";
print "<p>\n";
} else {
print_error ("Unable to add: <i>$domain</i> to the domain table!");
}
if ($aliases == "on") {
$alias_keys = array_keys($default_aliases);
$alias_values = array_values($default_aliases);
for ($i = 0; $i < count($alias_keys); $i++) {
$address = $alias_keys[$i] . "@" . $domain;
$result = db_query ("INSERT INTO alias (address,goto,domain,create_date,change_date) VALUES('$address','$alias_values[$i]','$domain',NOW(),NOW())");
if ($result['rows'] == 1) {
print "<i>$address</i> has been <b>added</b> to the alias table!<br>\n";
} else {
print_error ("Unable to add: <i>$address</i> to the alias table!");
}
}
print "<p />\n";
}
}
?>
Create a new domain.
<p />
<form method="post">
<table class="form">
<tr><td>Domain:</td><td><input type="text" name="domain"></td></tr>
<tr><td>Description:</td><td><input type="text" name="description"></td></tr>
<tr><td>Add default mail aliases:</td><td><input type="checkbox" name="aliases"></td></tr>
<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Add Domain"></td></tr>
</table>
</form>
<?php
print_footer();
?>

37
admin/passwd.php
View File

@ -0,0 +1,37 @@
<?php
require "../config.inc.php";
require "../my_lib.php";
print_header("admin");
$username = $_GET['username'];
if (!empty($_POST['submit'])) {
$form_new_passwd1 = $_POST['form_new_passwd1'];
if (empty($form_new_passwd1)) {
print_error("You will need to fill in the password field!");
}
$new_passwd = md5crypt($form_new_passwd1);
$result = db_query("UPDATE admin SET password='$new_passwd',change_date=NOW() WHERE username='$username'");
if ($result['rows'] == 1) {
print "The password has been updated!\n";
print "<p />\n";
print_footer();
exit;
} else {
print_error("Unable to update your password!");
}
}
?>
Change admin password.
<p>
<form name="passwd" method="post">
<table class="form">
<tr><td>Login:</td><td><?php print "$username"; ?></td></tr>
<tr><td>New Password:</td><td><input type="text" name="form_new_passwd1"></td></tr>
<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Enter"></td></tr>
</table>
</form>
<?php
print_footer();
?>

41
admin/sendmail.php
View File

@ -0,0 +1,41 @@
<?php
require "../config.inc.php";
require "../my_lib.php";
print_header("admin");
if (!empty($_POST['submit'])) {
$to = $_POST['to'];
if (empty($to)) print_error("You need to select an email address.");
$headers = "From: $admin_email";
$subject = "Welcome";
$message = "Hi,\n\nWelcome to your new email account.\n\n";
if (!mail($to, $subject, $message, $headers)) {
print_error("Unable to send message to $to!");
}
print "Successfully send email to $to\n";
print "<p />\n";
}
?>
Send test message to a new mailbox.
<p />
<form name="mailbox" method="post">
<table class="form">
<tr><td>From:</td><td><?php print "$admin_email"; ?></td></tr>
<tr><td>To:</td><td>
<select name="to">
<?php
$result = db_query("SELECT username FROM mailbox ORDER BY domain");
while ($row = mysql_fetch_array ($result['result'])) {
print "<option>" . $row['username'] . "</option>";
}
?>
</select>
<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Send Message"></td></tr>
</table>
</form>
<?php
print_footer();
?>

76
admin/virtualview.php
View File

@ -0,0 +1,76 @@
<?php
require "../config.inc.php";
require "../my_lib.php";
print_header("admin");
$where = $_GET['where'];
if (!empty($where)) {
$query = "SELECT alias.address,alias.goto,alias.change_date,alias.active FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.domain='$where' AND mailbox.maildir IS NULL ORDER BY alias.address";
print "Domain: $where\n";
print "<p />\n";
} else {
$query = "SELECT * FROM alias $where ORDER BY domain, address";
}
$result = db_query("$query");
if ($result['rows'] > 0) {
print "<center>\n";
print "<table border=\"1\">\n";
print "<tr class=\"header\">";
print "<td>From</td>";
print "<td>To</td>";
print "<td>Last Modified</td>";
print "<td>Active</td>";
print "</tr>";
while ($row = mysql_fetch_array ($result['result'])) {
print "<tr onMouseOver=\"this.bgColor = '#dfdfdf'\" onMouseOut =\"this.bgColor = '#ffffff'\" bgcolor=\"#ffffff\">";
print "<td>" . $row['address'] . "</td>";
print "<td>" . ereg_replace (",", "<br>", $row['goto']) . "</td>";
print "<td>" . $row['change_date'] . "</td>";
print "<td>" . $row['active'] . "</td>";
print "</tr>\n";
}
print "</table>\n";
print "</center>\n";
print "Found: " . $result['rows'] . "\n";
print "<p>\n";
} else {
print "Nothing Found in the Alias Table!\n";
print "<p>\n";
}
if (!empty($where)) {
$query = "SELECT * FROM mailbox WHERE domain='$where'";
} else {
$query = "SELECT * FROM mailbox ORDER BY domain, username";
}
$result = db_query("$query");
if ($result['rows'] > 0) {
print "<center>\n";
print "<table border=\"1\">\n";
print "<tr class=\"header\">";
print "<td>Email</td>";
print "<td>Name</td>";
print "<td>Mailbox</td>";
print "<td>Last Modified</td>";
print "<td>Active</td>";
print "</tr>";
while ($row = mysql_fetch_array ($result['result'])) {
print "<tr>";
print "<td>" . $row['username'] . "</td>";
print "<td>" . $row['name'] . "</td>";
print "<td>" . $row['maildir'] . "</td>";
print "<td>" . $row['change_date'] . "</td>";
print "<td>" . $row['active'] . "</td>";
print "</tr>\n";
}
print "</table>\n";
print "</center>\n";
print "Found: " . $result['rows'] . "<br>\n";
} else {
print "<p>\n";
print "Nothing Found in the Mailbox Table!\n";
}
print_footer();
?>

51
alias.php
View File

@ -0,0 +1,51 @@
<?php
require "config.inc.php";
require "my_lib.php";
$sessid = check_session();
$sessid_domain = $sessid['domain'];
$sessid_username = $sessid['username'];
print_header("menu");
if (!empty($_POST['submit'])) {
$address = $_POST['address'];
$goto = $_POST['goto'];
$address_value = $address;
$address = $address . "@" . $sessid_domain;
if (empty($address) or empty($goto)) print_error("You will need to fill both fields.");
if (!check_email($address)) print_error("The email address that you have supplied at <b>Alias</b> is not a valid email address, please go back.");
if (!check_email($goto)) print_error("The email address that you have supplied at <b>To</b> is not a valid email address, please go back.");
if ($address_value == "none") $address = "@" . $sessid_domain;
$result = db_query("SELECT * FROM alias WHERE address='$address'");
if ($result['rows'] == 1) print_error("This email address already exists, please choose a different one.");
$result = db_query("INSERT INTO alias (address,goto,domain,create_date,change_date) VALUES('$address','$goto','$sessid_domain',NOW(),NOW())");
if ($result['rows'] == 1) {
print "<p>\n";
print "<i>$address</i> -> <i>$goto</i> has been <b>added</b> to the alias table!\n";
print "<p>\n";
} else {
print_error("Unable to add: <i>$address</i> -> <i>$goto</i> to the alias table!");
}
}
?>
Create a new alias for your domain.
<p>
<form name="alias" method="post">
<table class="form">
<tr><td>Alias:</td><td><input type="text" name="address"></td><td>@<?php print "$sessid_domain" ?></td></tr>
<tr><td>To:</td><td><input type="text" name="goto"></td><td>Where the mail needs to be send to.<br>Use "edit" in the overview to add more<br>then one email address.</td></tr>
<tr><td colspan="3" align="center"><input type="submit" name="submit" value="Add Alias"></td></tr>
</table>
</form>
If you want to add a catchall enter "none" in the alias field.
<?php
print_footer();
?>

39
changename.php
View File

@ -0,0 +1,39 @@
<?php
require "config.inc.php";
require "my_lib.php";
$sessid = check_session();
$sessid_domain = $sessid['domain'];
$sessid_username = $sessid['username'];
$url = "main.php?" . session_name() . "=" . session_id();
$username = $_GET['username'];
$name = $_GET['name'];
if (!empty($_POST['submit'])) {
$form_new_name = $_POST['form_new_name'];
if (empty($form_new_name)) print_error("You will need to enter a name!", "YES", "MENU");
$result = db_query("UPDATE mailbox SET name='$form_new_name',change_date=NOW() WHERE username='$username' AND domain='$sessid_domain'");
if ($result['rows'] == 1) {
header("Location: $url");
} else {
print_error("Unable to update your name!", "YES", "MENU");
}
}
print_header("menu");
?>
Change password.
<p>
<form name="changename" method="post">
<table class="form">
<tr><td>Login:</td><td><?php print "$username"; ?></td></tr>
<tr><td>Name:</td><td><input type="text" name="form_new_name" value="<?php print "$name"; ?>"></td></tr>
<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Enter"></td></tr>
</table>
</form>
<?php
print_footer();
?>

56
config.inc.php.sample
View File

@ -0,0 +1,56 @@
<?php
//
// If config.inc.php is called directly, redirect to login.php
//
if (ereg("config.inc.php", $_SERVER[PHP_SELF])) {
header("Location: login.php");
}
// Login information for the database
$db_host = "localhost";
$db_name = "postfix";
$db_user = "postfixadmin";
$db_pass = "postfixadmin";
// Default aliases that need to be created for all domains
$default_aliases = array (
"abuse" => "abuse@example.com",
"hostmaster" => "hostmaster@example.com",
"postmaster" => "postmaster@example.com",
"webmaster" => "webmaster@example.com"
);
// Back to main website information
$organization_name = "domain.com";
$organization_link = "http://domain.com";
// Admin email address
$admin_email = "admin@domain.com";
// If you wish to keep each domain in its own subdirectory beneath the
// $virtual_mailbox_base directory, set this to "YES".
$use_subdir = "";
// If you want to view the aliases that are created for the mailboxes set
// this to "YES".
$alias_control = "";
// Specify the table where you have your quotas, leave empty if you don't
// enforce quotas. For example a 2MB mailbox quota:
// $quota_table = "quota";
// $default_quota = "2000000";
$quota_table = "";
$default_quota = "";
// Show Postfix Admin information
$show_postfix_admin_info = "YES";
// Title used for all pages except login.php
$title = "Mail Admin";
// Header used for login.php
$welcome_header = ":: Welcome to Mail Admin ::";
// Title used for login.php
$welcome_title = ":: Welcome to Mail Admin ::";
?>

51
delete.php
View File

@ -0,0 +1,51 @@
<?php
require "config.inc.php";
require "my_lib.php";
$sessid = check_session();
$sessid_domain = $sessid['domain'];
$sessid_username = $sessid['username'];
$table = $_GET['table'];
$where = $_GET['where'];
$delete = $_GET['delete'];
$url = "main.php?" . session_name() . "=" . session_id();
if ($table == "alias") {
$query = "DELETE FROM alias WHERE address='$delete' AND domain='$sessid_domain'";
$result = db_query ("$query");
if ($result['rows'] != 1) {
print_error ("Unable to delete entry <b>$delete</b> from the $table table!", "YES", "MENU");
}
$query = "SELECT * FROM mailbox WHERE username='$delete' AND domain='$sessid_domain'";
$result = db_query ("$query");
if ($result['rows'] == 1) {
$query = "DELETE FROM mailbox WHERE username='$delete' AND domain='$sessid_domain'";
$result = db_query ("$query");
if ($result['rows'] == 1) {
header("Location: $url");
} else {
print_error ("Unable to delete entry <b>$delete</b> from the $table table!", "YES", "MENU");
}
}
header("Location: $url");
}
if ($table == "mailbox") {
$query = "DELETE FROM mailbox WHERE username='$delete' AND domain='$sessid_domain'";
$result = db_query ("$query");
if ($result['rows'] != 1) {
print_error ("Unable to delete entry <b>$delete</b> from the $table table!", "YES", "MENU");
}
$query = "DELETE FROM alias WHERE address='$delete' AND domain='$sessid_domain'";
$result = db_query ("$query");
if ($result['rows'] == 1) {
header("Location: $url");
} else {
print_error ("Unable to delete entry <b>$delete</b> from the $table table!", "YES", "MENU");
}
}
?>

3
index.php
View File

@ -0,0 +1,3 @@
<?php
header ("Location: login.php");
?>

84
login.php
View File

@ -0,0 +1,84 @@
<?php
//
// login.php
//
require "config.inc.php";
require "my_lib.php";
if (!empty($_POST['submit'])) {
$form_login = $_POST['form_login'];
$form_passwd = $_POST['form_passwd'];
$result = db_query("SELECT password FROM admin WHERE username='$form_login'");
if ($result['rows'] == 1) {
$row = mysql_fetch_array($result['result']);
$db_passwd = $row[password];
$salt = preg_split('/\$/', $row[password]);
$checked_passwd = md5crypt($form_passwd, $salt[2]);
$result = db_query ("SELECT * FROM admin WHERE username='$form_login' AND password='$checked_passwd' AND active='1'");
if ($result['rows'] == 1) {
session_name("SessID");
session_start();
session_register("sessid");
$row = mysql_fetch_array($result['result']);
$_SESSION['sessid'] = array (
"domain" => $row[domain],
"username" => $row[username]
);
} else {
print_header();
print "<h1>Mail Admin</h1>\n";
print "<hr>\n";
print_error ("Either the password that you supplied is incorrect, or you are not authorized to view this page.<br />Go back and try again.\n");
}
} else {
print_header();
print "<h1>Mail Admin</h1>\n";
print "<hr>\n";
print_error ("The login that you supplied is not correct, please press BACK and try again.");
}
header("Location: main.php?" . session_name() . "=" . session_id());
}
print_header("", $welcome_title, "YES");
?>
<center>
<table width="10%" border="0" cellspacing="0" cellpadding="0" height="100">
<tr bgcolor="#999999"><td colspan="3" height="1">
</tr>
<tr>
<td bgcolor="#999999" width="1">
</td>
<td bgcolor="#EEEEEE" valign="top">
<table border="0" cellspacing="0" cellpadding="6">
</td>
<form name="login" method="post">
<td colspan="2" align="center">
<br />
<b>Mail admins login here to administrate your domain.</b>
<br />
<br />
<input type="text" name="form_login" style="width:149px" value="mailadmin@domain.com" size="12" onFocus="if (this.value=='mailadmin@domain.com') this.value='';" onBlur= "if (this.value=='') his.value='mailadmin@domain.com';" />
<br />
<input type="password" name="form_passwd" style="width:149px" value="password" size="12" onFocus="if (this.value=='password') this.value='';" onBlur="if (this.value=='') his.value='password';" />
<br />
<input type="submit" name="submit" value="Login" />
<br />
</td>
</form>
</tr>
</table>
<p />
<a href="vcp.php">Users click here to change your email password.</a>
</td>
<td bgcolor="#999999" width="1">
</td>
</tr>
<tr bgcolor="#999999"><td colspan="3" height="1">
</tr>
</table>
<?php
print_footer("NO");
?>

18
logout.php
View File

@ -0,0 +1,18 @@
<?php
//
// logout.php
//
require "config.inc.php";
require "my_lib.php";
$sessid = check_session();
session_unset();
session_destroy();
print_header();
print "<h1>Mail Admin</h1>\n";
print "<hr />\n";
print "You are logged out\n";
print "<p>\n";
print "<a href=\"login.php\">Login again</a>\n";
print "</p>\n";
print_footer();
?>

75
mailbox.php
View File

@ -0,0 +1,75 @@
<?php
require "config.inc.php";
require "my_lib.php";
$sessid = check_session();
$sessid_domain = $sessid['domain'];
$sessid_username = $sessid['username'];
print_header("menu");
if (!empty($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$name = $_POST['name'];
$quota = $_POST['quota'];
$username = $username . "@" . $sessid_domain;
$passwd = md5crypt("$password");
$maildir = $username . "/";
if (empty($username) or empty($password)) print_error("You need to fill all fields.");
if (!check_email($username)) print_error("The email address that you have supplied at <b>Email</b> is not a valid email address, please go back.");
if ($password != $password2) print_error("The passwords that you supplied don't match!");
if (!check_string($name)) print_error("The name that you have supplied at <b>Name</b> is not valid, please go back.");
$result = db_query("SELECT * FROM alias WHERE address='$username'");
if ($result['rows'] == 1) print_error("This email address already exists, please choose a different one.");
$result = db_query("INSERT INTO alias (address,goto,domain,create_date,change_date) VALUES('$username','$username','$sessid_domain',NOW(),NOW())");
if ($result['rows'] != 1) print_error("Unable to add: <i>$username</i> to the alias table!");
if ($use_subdir == "YES") $maildir = $sessid_domain . "/" . $maildir;
if (!empty($quota_table)) {
$result = db_query("INSERT INTO mailbox (username,password,name,maildir,domain,create_date,change_date,$quota_table) VALUES('$username','$passwd','$name','$maildir','$sessid_domain',NOW(),NOW(),'$quota') ");
} else {
$result = db_query("INSERT INTO mailbox (username,password,name,maildir,domain,create_date,change_date) VALUES('$username','$passwd','$name','$maildir','$sessid_domain',NOW(),NOW())");
}
if ($result['rows'] == 1) {
$headers = "From: $sessid_username";
$subject = "Welcome";
$message = "Hi $name,\n\nWelcome to your new email account.\n\n";
print "<i>$username</i> has been <b>added</b> to the mailbox table!\n";
print "<p>\n";
print "<b>NOTE:</b>\n";
if (!mail($username, $subject, $message, $headers)) {
print "The user needs to first receive an email in order to use the account.<br>\n";
}
print "User needs to login with the full email address, in this case: $username\n";
print "<p>\n";
} else {
print_error("Unable to add: <i>$username</i> to the mailbox table!");
}
}
?>
Create a new local mailbox for your domain.
<p>
<form name="mailbox" method="post">
<table class="form">
<tr><td>Email:</td><td><input type="text" name="username"></td><td>@<?php print "$sessid_domain"; ?></td></tr>
<tr><td>Password:</td><td><input type="password" name="password"></td><td>Password for POP/IMAP</td></tr>
<tr><td>Password (again):</td><td><input type="password" name="password2"></td><td>&nbsp;</td></tr>
<tr><td>Name:</td><td><input type="text" name="name"></td><td>Full name</td></tr>
<?php if (!empty($quota_table)) print "<tr><td>Quota:</td><td><input type=\"text\" name=\"quota\" value=\"$default_quota\"></td><td>&nbsp;</td></tr>\n"; ?>
<tr><td colspan="3" align="center"><input type="submit" name="submit" value="Add Mailbox"></td></tr>
</table>
</form>
<?php
print_footer();
?>

80
main.php
View File

@ -0,0 +1,80 @@
<?php
require "config.inc.php";
require "my_lib.php";
$sessid = check_session();
$sessid_domain = $sessid['domain'];
$sessid_username = $sessid['username'];
print_header("menu");
print "Domain: $sessid_domain\n";
print "<p />\n";
if ($alias_control == "YES") {
$query = "SELECT alias.address,alias.goto,alias.change_date FROM alias WHERE alias.domain='$sessid_domain' ORDER BY alias.address";
} else {
$query = "SELECT alias.address,alias.goto,alias.change_date FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.domain='$sessid_domain' AND mailbox.maildir IS NULL ORDER BY alias.address";
}
$result = db_query ("$query");
if ($result['rows'] > 0) {
print "<center>\n";
print "<table border=\"1\">\n";
print "<tr class=\"header\">";
print "<td>From</td>";
print "<td>To</td>";
print "<td>Last Modified</td>";
print "<td colspan=\"2\">&nbsp;</td>";
print "</tr>";
while ($row = mysql_fetch_array ($result['result'])) {
print "<tr onMouseOver=\"this.bgColor = '#dfdfdf'\" onMouseOut =\"this.bgColor = '#ffffff'\" bgcolor=\"#ffffff\">";
print "<td>" . $row['address'] . "</td>";
print "<td>" . ereg_replace (",", "<br>", $row['goto']) . "</td>";
print "<td>" . $row['change_date'] . "</td>";
print "<td><a href=\"modify.php?" . session_name() . "=" . session_id() . "&modify=" . $row['address'] . "\">edit</a></td>";
print "<td><a href=\"delete.php?" . session_name() . "=" . session_id() . "&table=alias" . "&delete=" . urlencode($row['address']) . "\"onclick=\"return confirm ('Are you sure you want to delete this?')\">del</a></td>";
print "</tr>\n";
}
print "</table>\n";
print "</center>\n";
print "<p />\n";
} else {
print "Nothing Found in the Alias Table!\n";
print "<p />\n";
}
$query = "SELECT * FROM mailbox WHERE domain='$sessid_domain' ORDER BY username";
$result = db_query ("$query");
if ($result['rows'] > 0) {
print "<center>\n";
print "<table border=\"1\">\n";
print "<tr class=\"header\">";
print "<td>Email</td>";
print "<td>Name</td>";
if (!empty($quota_table)) print "<td>Quota</td>";
print "<td>Last Modified</td>";
print "<td colspan=\"2\">&nbsp;</td>";
print "</tr>";
while ($row = mysql_fetch_array ($result['result'])) {
print "<tr onMouseOver=\"this.bgColor = '#dfdfdf'\" onMouseOut =\"this.bgColor = '#ffffff'\" bgcolor=\"#ffffff\">";
print "<td>" . $row['username'] . "</td>";
print "<td><a href=\"changename.php?" . session_name() . "=" . session_id() . "&username=" . $row['username'] . "&name=" . $row['name'] . "\">" . $row['name'] . "</a></td>";
if (!empty($quota_table)) print "<td>" . $row[$quota_table] . "</td>";
print "<td>" . $row['change_date'] . "</td>";
print "<td><a href=\"pwd.php?" . session_name() . "=" . session_id() . "&username=" . $row['username'] . "\">edit</a></td>";
print "<td><a href=\"delete.php?" . session_name() . "=" . session_id() . "&table=mailbox" . "&delete=" . urlencode($row['username']) . "\"onclick=\"return confirm ('Are you sure you want to delete this?')\">del</a></td>";
print "</tr>\n";
}
print "</table>\n";
print "</center>\n";
print "<p />\n";
} else {
print "Nothing Found in the Mailbox Table!\n";
print "<p />\n";
}
print_footer();
?>

63
modify.php
View File

@ -0,0 +1,63 @@
<?php
require "config.inc.php";
require "my_lib.php";
$sessid = check_session();
$sessid_domain = $sessid['domain'];
$sessid_username = $sessid['username'];
$url = "main.php?" . session_name() . "=" . session_id();
$modify = $_GET['modify'];
if (!empty($_POST['submit'])) {
$goto = $_POST['goto'];
if (empty($goto)) print_error("You didn't enter anything at <b>To:</b>.", "YES", "MENU");
$goto = preg_replace('/\r\n/', ',', $goto);
$goto = preg_replace('/\,*$/', '', $goto);
$array = preg_split('/,/', $goto);
for ($i = 0; $i < sizeof($array); $i++) {
if (in_array("$array[$i]", $default_aliases)) continue;
if (empty($array[$i])) continue;
if (!check_email($array[$i])) print_error("The email address <b>$array[$i]</b> is not a valid email address, please go back.", "YES", "MENU");
}
$result = db_query("UPDATE alias SET goto='$goto', change_date=NOW() WHERE address='$modify' AND domain='$sessid_domain'");
if ($result['rows'] == 1) {
header("Location: $url");
} else {
print_error("Unable to update: <i>$address</i> -> <i>$goto</i> in the alias table!", "YES", "MENU");
}
}
$query = "SELECT * FROM alias WHERE address='$modify' AND domain='$sessid_domain'";
$result = db_query("$query");
if ($result['rows'] == 1) {
$row = mysql_fetch_array ($result['result']);
} else {
print_error("Unable to find the alias!","YES", "MENU");
}
print_header("menu");
?>
Change an alias for your domain.
<p>
<form name="modify" method="post">
<table class="form">
<tr><td>Alias:</td><td><?php print "$modify"; ?></td></tr>
<tr><td colspan="2">&nbsp;</td></tr>
<tr><td colspan="2" align="center"><b>Enter your email aliases below. One per line!</b></td></tr>
<tr><td valign="top">To:</td><td><textarea rows="24" cols="80" name="goto">
<?php
$array = preg_split('/,/', $row[goto]);
for ($i = 0 ; $i < sizeof($array) ; $i++) {
if (empty($array[$i])) continue;
print "$array[$i]\n";
}
?>
</textarea></td></tr>
<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Modify Alias"></td></tr>
</table>
</form>
<?php
print_footer();
?>

347
my_lib.php
View File

@ -0,0 +1,347 @@
<?php
//
// If my_lib.php is called directly, redirect to login.php
//
if (ereg("my_lib.php", $_SERVER[PHP_SELF])) {
header("Location: login.php");
}
$version = "Postfix Admin v1.5.3";
//
// check_session
// Action: Check if a session already exists, if not redirect to login.php
// Call: check_session()
//
function check_session() {
session_name("SessID");
session_start();
if (!session_is_registered("sessid")) {
// if session is not registered redirect to login.php
header("Location: login.php");
exit;
}
$sessid["domain"] = $_SESSION["sessid"]["domain"];
$sessid["username"] = $_SESSION["sessid"]["username"];
return $sessid;
}
//
// check_string
// Action: checks if a string is valid and returns TRUE is this is the case.
// Call: check_string(string var)
//
function check_string($var) {
if (preg_match('/^([A-Za-z0-9 ]+)+$/', $var)){
return true;
} else {
return false;
}
}
//
// check_escape
// Action: checks to see if there are chars that need to be escaped
// Call: check_escape(string var)
//
function check_escape($var) {
$search = array ("'<script[^>]*?>.*?</script>'si",
"'<[\/\!]*?[^<>]*?>'si",
"'\''i");
$replace = array ("",
"",
"");
$escaped = preg_replace ($search, $replace, $var);
return $escaped;
}
//
// check_email
// Action: Checks if email is valid and returns TRUE if this is the case.
// Call: check_email(string email)
//
function check_email($email) {
return (preg_match('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{|}~]+' . '@' . '([-0-9A-Z]+\.)+' . '([0-9A-Z]){2,4}$/i', trim($email)));
}
//
// md5crypt
// Action: Creates an MD5 passwd that is readable by FreeBSD daemons
// Call: md5crypt(string cleartextpasswd)
//
$MAGIC = "$1$";
$ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
function md5crypt($pw, $salt="", $magic="") {
global $MAGIC;
if ($magic == "") $magic = $MAGIC;
if ($salt == "") $salt = create_salt();
$slist = explode("$", $salt);
if ($slist[0] == "1") $salt = $slist[1];
$salt = substr($salt, 0, 8);
$ctx = $pw . $magic . $salt;
$final = hex2bin(md5($pw . $salt . $pw));
for ($i=strlen($pw); $i>0; $i-=16) {
if ($i > 16)
$ctx .= substr($final,0,16);
else
$ctx .= substr($final,0,$i);
}
$i = strlen($pw);
while ($i > 0) {
if ($i & 1) $ctx .= chr(0);
else $ctx .= $pw[0];
$i = $i >> 1;
}
$final = hex2bin(md5($ctx));
for ($i=0;$i<1000;$i++) {
$ctx1 = "";
if ($i & 1) $ctx1 .= $pw;
else $ctx1 .= substr($final,0,16);
if ($i % 3) $ctx1 .= $salt;
if ($i % 7) $ctx1 .= $pw;
if ($i & 1) $ctx1 .= substr($final,0,16);
else $ctx1 .= $pw;
$final = hex2bin(md5($ctx1));
}
$passwd = "";
$passwd .= to64( ( (ord($final[0]) << 16) | (ord($final[6]) << 8) | (ord($final[12])) ), 4);
$passwd .= to64( ( (ord($final[1]) << 16) | (ord($final[7]) << 8) | (ord($final[13])) ), 4);
$passwd .= to64( ( (ord($final[2]) << 16) | (ord($final[8]) << 8) | (ord($final[14])) ), 4);
$passwd .= to64( ( (ord($final[3]) << 16) | (ord($final[9]) << 8) | (ord($final[15])) ), 4);
$passwd .= to64( ( (ord($final[4]) << 16) | (ord($final[10]) << 8) | (ord($final[5])) ), 4);
$passwd .= to64( ord($final[11]), 2);
return "$magic$salt\$$passwd";
}
function create_salt() {
srand((double)microtime()*1000000);
$salt = substr(md5(rand(0,9999999)), 0, 8);
return $salt;
}
function hex2bin($str) {
$len = strlen($str);
$nstr = "";
for ($i=0;$i<$len;$i+=2) {
$num = sscanf(substr($str,$i,2), "%x");
$nstr.=chr($num[0]);
}
return $nstr;
}
function to64($v, $n) {
global $ITOA64;
$ret = "";
while (($n - 1) >= 0) {
$n--;
$ret .= $ITOA64[$v & 0x3f];
$v = $v >> 6;
}
return $ret;
}
//
// print_header
// Action: Prints out the default header for every page
// Call: print_header([string title])
//
function print_header($menu = "", $title = "", $welcome = "NO") {
if (empty($title)) global $title;
global $welcome_header;
header("Expires: Sun, 16 Mar 2003 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
print "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n";
print "<html xmlns=\"http://www.w3.org/1999/xhtml\">\n";
print "<head>\n";
print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\n";
if (file_exists(realpath("./stylesheet.css"))) print "<link rel=\"stylesheet\" href=\"stylesheet.css\">\n";
if (file_exists(realpath("../stylesheet.css"))) print "<link rel=\"stylesheet\" href=\"../stylesheet.css\">\n";
print "<title>$title</title>\n";
print "</head>\n";
print "<body>\n";
print "<center>\n";
if ($welcome == "YES") {
print "<h1>$welcome_header</h1>\n";
print "<p />\n";
}
if ($menu == "admin") print_admin_menu();
if ($menu == "menu") print_menu();
}
//
// print_footer
// Action: Prints out the default footer for every page
// Call: print_footer()
//
function print_footer($hr = "YES") {
global $version;
global $organization_link;
global $organization_name;
global $show_postfix_admin_info;
if ($hr == "YES") print "<hr class=\"footer\" />\n";
print "<p class=\"footer\">\n";
if ($show_postfix_admin_info == "YES") print "<a target=\"blank\" href=\"http://high5.net/\"><font color=black>$version</font></a><br />\n";
if (!empty($organization_link)) print "<p><a href=\"$organization_link\">Back to $organization_name</a><p />\n";
print "</p>\n";
print "</center>\n";
print "</body>\n";
print "</html>\n";
}
//
// print_menu
// Action: Prints out the requirement menu bar
// Call: print_menu()
//
function print_menu() {
print "<table>\n";
print "<tr>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=\"_top\" href=\"main.php?" . session_name() . "=" . session_id() . "\">Overview</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=\"_top\" href=\"alias.php?" . session_name() . "=" . session_id() . "\">Add Alias</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"mailbox.php?" . session_name() . "=" . session_id() . "\">Add Mailbox</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"sendmail.php?" . session_name() . "=" . session_id() . "\">Send Email</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"passwd.php?" . session_name() . "=" . session_id() . "\">Passwd</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"logout.php?" . session_name() . "=" . session_id() . "\">Logout</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "</tr>\n";
print "</table>\n";
print "<hr />\n";
}
//
// print_admin_menu
// Action: Prints out the requirement admin menu bar
// Call: print_admin_menu()
//
function print_admin_menu() {
print "<table>\n";
print "<tr>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"adminview.php\">Admin View</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"domainview.php\">Domain View</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"virtualview.php\">Virtual View</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"sendmail.php\">Send Email</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"newadmin.php\">New Admin</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"newdomain.php\">New Domain</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "</tr>\n";
print "</table>\n";
print "<hr />\n";
}
//
// print_error
// Action: Prints an error message and exits/dies
// Call: print_error(string error message);
//
function print_error($msg, $header = "NO", $menu = "", $hr = "NO") {
if ($header == "YES") print_header();
if ($menu == "ADMIN") print_admin_menu();
if ($menu == "MENU") print_menu();
if ($hr == "YES") print "<hr />\n";
print "<p class=\"error\">\n";
print "$msg\n";
print "</p>\n";
print_footer();
exit;
}
//
// db_connect
// Action: Makes a connection to the database if it doesn't exist
// Call: db_connect()
//
function db_connect() {
global $db_host;
global $db_name;
global $db_user;
global $db_pass;
$link = mysql_connect($db_host, $db_user, $db_pass) or print_error("Could not connect to database server: <b>$db_host</b>.");
$succes = mysql_select_db($db_name, $link) or print_error("Could not select database: <b>$db_name</b>.");
return $link;
}
//
// db_query
// Action: Sends a query to the database and returns query result and number of rows
// Call: db_query(string query)
//
function db_query($query) {
$link = db_connect();
$result = mysql_query($query, $link) or print_error("Could not query the table.<br>", "NO");
// if $query was a select statement check the number of rows with mysql_num_rows().
if (eregi("^select", $query)) {
$number_rows = mysql_num_rows($result);
// if $query was something else, UPDATE, DELETE or INSERT check the number of rows with
// mysql_affected_rows().
} else {
$number_rows = mysql_affected_rows($link);
}
$return = array (
"result" => $result,
"rows" => $number_rows
);
return $return;
}
?>

58
passwd.php
View File

@ -0,0 +1,58 @@
<?php
require "config.inc.php";
require "my_lib.php";
$sessid = check_session();
print_header("menu");
if (!empty($_POST['submit'])) {
$form_passwd = $_POST['form_passwd'];
$form_new_passwd1 = $_POST['form_new_passwd1'];
$form_new_passwd2 = $_POST['form_new_passwd2'];
if (empty($form_passwd) or empty($form_new_passwd1) or empty($form_new_passwd2)) print_error("You will need to fill all fields!");
if ($form_new_passwd1 != $form_new_passwd2) print_error("The new passwords that you supplied don't match!");
$result = db_query("SELECT password FROM admin WHERE username='$sessid[username]'");
if ($result['rows'] == 1) {
$row = mysql_fetch_array($result['result']);
$db_passwd = $row[password];
$keys = preg_split('/\$/', $row[password]);
$checked_passwd = md5crypt($form_passwd, $keys[2]);
$result = db_query("SELECT * FROM admin WHERE username='$sessid[username]' AND password='$checked_passwd' AND active='1'");
if ($result['rows'] != 1) print_error("The password that you have entered doesn't match your current password!");
}
$new_passwd = md5crypt($form_new_passwd1);
$result = db_query("UPDATE admin SET password='$new_passwd',change_date=NOW() WHERE username='$sessid[username]'");
if ($result['rows'] == 1) {
print "Your password has been updated!\n";
session_unset();
session_destroy();
print "<p>\n";
print "<a href=login.php>Login</a>\n";
print_footer();
exit;
} else {
print_error("Unable to update your password!");
}
}
?>
Change your password.
<p>
<form name="passwd" method="post">
<table class="form">
<tr><td>Login:</td><td><?php print "$sessid[username]"; ?></td></tr>
<tr><td>Current Password:</td><td><input type="password" name="form_passwd"></td></tr>
<tr><td>New Password:</td><td><input type="password" name="form_new_passwd1"></td></tr>
<tr><td>New Password (again):</td><td><input type="password" name="form_new_passwd2"></td></tr>
<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Change Password"></td></tr>
</table>
</form>
<?php
print_footer();
?>

44
pwd.php
View File

@ -0,0 +1,44 @@
<?php
require "config.inc.php";
require "my_lib.php";
$sessid = check_session();
$sessid_domain = $sessid['domain'];
$sessid_username = $sessid['username'];
$url = "main.php?" . session_name() . "=" . session_id();
$username = $_GET['username'];
if (!empty($_POST['submit'])) {
$form_new_passwd1 = $_POST['form_new_passwd1'];
$form_new_passwd2 = $_POST['form_new_passwd2'];
if (empty($form_new_passwd1) or empty($form_new_passwd2)) print_error("You will need to fill both password fields!", "YES", "MENU");
if ($form_new_passwd1 != $form_new_passwd2) print_error("The new passwords that you supplied don't match!", "YES", "MENU");
$new_passwd = md5crypt($form_new_passwd1);
$result = db_query("UPDATE mailbox SET password='$new_passwd',change_date=NOW() WHERE username='$username' AND domain='$sessid_domain'");
if ($result['rows'] == 1) {
header("Location: $url");
} else {
print_error("Unable to update your password!", "YES", "MENU");
}
}
print_header("menu");
?>
Change password.
<p>
<form name="passwd" method="post">
<table class="form">
<tr><td>Login:</td><td><?php print "$username"; ?></td></tr>
<tr><td>New Password:</td><td><input type="password" name="form_new_passwd1"></td></tr>
<tr><td>New Password (again):</td><td><input type="password" name="form_new_passwd2"></td></tr>
<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Enter"></td></tr>
</table>
</form>
<?php
print_footer();
?>

45
sendmail.php
View File

@ -0,0 +1,45 @@
<?php
require "config.inc.php";
require "my_lib.php";
$sessid = check_session();
$sessid_domain = $sessid['domain'];
$sessid_username = $sessid['username'];
print_header("menu");
if (!empty($_POST['submit'])) {
$to = $_POST['to'];
if (empty($to)) print_error("You need to select an email address.");
$headers = "From: $sessid_username";
$subject = "Welcome";
$message = "Hi,\n\nWelcome to your new email account.\n\n";
if (!mail($to, $subject, $message, $headers)) {
print_error("Unable to send message to $to!");
}
print "Successfully send email to $to\n";
print "<p>\n";
}
?>
Send test message to a new mailbox.
<p>
<form name="mailbox" method="post">
<table class="form">
<tr><td>From:</td><td><?php print "$sessid_username"; ?></td></tr>
<tr><td>To:</td><td>
<select name="to">
<?php
$result = db_query("SELECT username FROM mailbox WHERE domain='$sessid_domain' ORDER BY domain");
while ($row = mysql_fetch_array ($result['result'])) {
print "<option>" . $row['username'] . "</option>";
}
?>
</select>
<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Send Message"></td></tr>
</table>
</form>
<?php
print_footer();
?>

184
stylesheet.css
View File

@ -0,0 +1,184 @@
body {
background: white;
color: black;
font-family: Verdana;
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 13px;
margin: 8px;
padding: 0px;
text-align: center;
}
h1 {
font-family: Verdana;
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 18px;
font-weight: bold;
margin-bottom: 0px;
margin-top: 20px;
}
a {
color: blue;
font-family: Verdana;
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 11px;
text-decoration: none;
}
a:visited {
color: blue;
font-family: Verdana;
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 11px;
text-decoration: none;
}
hr {
line-heigt: 1px;
margin-top: 10px;
margin-bottom: 10px;
width: 640px;
text-align: center;
}
hr.footer {
margin-top: 10px;
margin-bottom: 0px;
width: 640px;
}
p {
font-family: Verdana;
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 13px;
margin-top: 13px;
text-align: center;
}
p.footer {
font-family: Verdana;
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 11px;
margin-bottom: 0px;
margin-top: 5px;
text-align: center;
}
p.error {
color: red;
font-family: Verdana;
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 13px;
text-align: center;
}
table {
font-family: Verdana;
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 11px;
width: 640px;
text-align: left;
margin-top: 0px;
margin-bottom: 0px;
padding-top: 0px;
}
table.auto {
font-family: Verdana;
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 11px;
width: auto;
text-align: left;
margin-top: 0px;
margin-bottom: 0px;
padding-top: 0px;
}
table.form {
font-size: 11px;
padding-left: 0px;
padding-right: 0px;
text-align: left;
width: auto;
}
td {
font-family: Verdana;
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 11px;
padding-left: 5px;
padding-right: 5px;
}
tr.header {
font-family: Verdana;
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
padding-left: 11px;
padding-right: 11px;
}
td.center {
text-align: center;
}
td.header {
font-family: Verdana;
font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight: bold;
padding-left: 11px;
padding-right: 11px;
text-align: center;
}
td.highlight {
font-family: Verdana;
font-family: Verdana, Arial, Helvetica, sans-serif;
background: rgb(169,194,162);
padding-left: 5px;
padding-right: 5px;
}
td.menu {
text-align: center;
background: #dfdfdf;
border-top: 1px solid #999;
border-right: 1px solid #999;
border-left: 1px solid #999;
border-bottom: 1px solid #999;
border-radius: 2px;
-moz-border-radius: 2px;
padding-bottom: 5px;
padding-top: 5px;
}
td.right {
text-align: center;
padding-left: 0px;
padding-right: 0px;
margin-left: 0px;
margin-right: 0px;
}
input {
font-family: Verdana;
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 11px;
float: none;
clear: none;
}
input.button {
font-family: Verdana;
font-family: Verdana, Arial, Helvetica, sans-serif;
background: rgb(232,236,176)
}
textarea {
font-family: Verdana;
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 11px;
}

56
vcp.php
View File

@ -0,0 +1,56 @@
<?php
require "config.inc.php";
require "my_lib.php";
print_header("", "", "YES");
if (!empty($_POST['submit'])) {
$form_login = $_POST['form_login'];
$form_passwd = $_POST['form_passwd'];
$form_new_passwd1 = $_POST['form_new_passwd1'];
$form_new_passwd2 = $_POST['form_new_passwd2'];
if (empty($form_login) or empty($form_passwd) or empty($form_new_passwd1) or empty($form_new_passwd2)) print_error("You didn't enter all fields!", "", "", "YES");
if ($form_new_passwd1 != $form_new_passwd2) print_error("The passwords that you supplied don't match!", "", "", "YES");
$result = db_query("SELECT * FROM mailbox WHERE username='$form_login' AND active='1'");
if ($result['rows'] != 1) print_error("The mailbox does not exist!", "", "", "YES");
$result = db_query("SELECT password FROM mailbox WHERE username='$form_login'");
if ($result['rows'] == 1) {
$row = mysql_fetch_array($result['result']);
$db_passwd = $row[password];
$keys = preg_split('/\$/', $row[password]);
$checked_passwd = md5crypt($form_passwd, $keys[2]);
$result = db_query("SELECT * FROM mailbox WHERE username='$form_login' AND password='$checked_passwd' AND active='1'");
if ($result['rows'] != 1) print_error("The password that you have entered doesn't match your current password!", "", "", "YES");
}
$new_passwd = md5crypt($form_new_passwd1);
$result = db_query("UPDATE mailbox SET password='$new_passwd',change_date=NOW() WHERE username='$form_login'");
if ($result['rows'] == 1) {
print "<hr />\n";
print "Your password has been updated!\n";
print_footer();
exit;
} else {
print_error("Unable to update your password!", "", "", "YES");
}
}
?>
Change your mailbox password.
<p>
<form name="vcp" method="post">
<table class="form">
<tr><td>Email:</td><td><input type="text" name="form_login"></td></tr>
<tr><td>Current Password:</td><td><input type="password" name="form_passwd"></td></tr>
<tr><td>New Password:</td><td><input type="password" name="form_new_passwd1"></td></tr>
<tr><td>New Password (again):</td><td><input type="password" name="form_new_passwd2"></td></tr>
<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Change Password"></td></tr>
</table>
</form>
<?php
print_footer("NO");
?>
Write Preview
Loading…
Cancel
Save