opensmtpdadmin/admin/admin.php

<?php
// 
// OpenSMTPD Admin 
// by Mischa Peters <mischa at high5 dot nl>
// Copyright (c) 2022 High5!
// License Info: LICENSE.TXT
//
// File: admin.php
//
// Template File: admin_admin.tpl
//
//
// Template Variables:
//
// action
// message
// username
// domains
//
// Form POST \ GET Variables:
//
// username
// password1
// password2
// domains
//
require_once '../functions.inc.php';
include '../languages/' . check_language() . '.lang';

$list_domains = list_domains();
$list_admins = list_admins();

if ($_SERVER['REQUEST_METHOD'] == "GET") {
	$action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'add';
	if ($action == 'edit') {
		$username = filter_input(INPUT_GET, 'username', FILTER_VALIDATE_EMAIL);
		$domains['domains'] = array_column(list_domains($username), 'domain');
	}
}

if ($_SERVER['REQUEST_METHOD'] == "POST") {
	$action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'add';
	$username = filter_input(INPUT_POST, 'username', FILTER_VALIDATE_EMAIL);
	$password1 = filter_input(INPUT_POST, 'password1', FILTER_DEFAULT);
	$password2 = filter_input(INPUT_POST, 'password2', FILTER_DEFAULT);
	$domains = filter_input_array(INPUT_POST, array('domains' => array('filter' => FILTER_VALIDATE_DOMAIN, 'flags' => FILTER_REQUIRE_ARRAY)));


	if ($action == 'add') {
		if (empty($username) || in_array($username, array_column($list_admins, 'username'))) {
			$message = $LANG['AdminAdd_admin_username_error'];
		}

		if (empty($password1) || $password1 != $password2) {
			$message = $LANG['AdminAdd_admin_password_error'];
		}

		if (empty($domains['domains'])) {
			$message = $LANG['AdminAdd_admin_domain_error'];
		}

		if (empty($message)) {
			$hashed = bcrypt($password1);
			try {
				$dbh = pdo_connect();
				$sth = $dbh->prepare("INSERT INTO admin (username,password,created,modified) VALUES (?,?,NOW(),NOW())");
				$sth->bindParam(1, $username, PDO::PARAM_STR);
				$sth->bindParam(2, $hashed, PDO::PARAM_STR);
				$sth->execute();
				foreach ($domains['domains'] as $row) {
					$sth = $dbh->prepare("INSERT INTO domain_admins (username,domain,created) VALUES (?,?,NOW())");
					$sth->bindParam(1, $username, PDO::PARAM_STR);
					$sth->bindParam(2, $row, PDO::PARAM_STR);
					$sth->execute();
				}
				$message = $LANG['AdminAdd_admin_result_succes'] . "<br />($username)</br />";
			} catch(PDOException $e) {
				$message = $LANG['AdminAdd_admin_result_error'] . "<br />($username)<br />";
			}	
		}
	}

	if (in_array($username, array_column($list_admins, 'username')) && $action == 'edit') {
		if ($password1 != $password2) {
			$message = $LANG['AdminAdd_admin_password_error'];
		}
		if (empty($message) && !empty($password1)) {
			$hashed = bcrypt($password1);
			try {
				$dbh = pdo_connect();
				$sth = $dbh->prepare("UPDATE admin SET password=?,modified=NOW() WHERE username=?");
				$sth->bindParam(1, $hashed, PDO::PARAM_STR);
				$sth->bindParam(2, $username, PDO::PARAM_STR);
				$sth->execute();
			} catch(PDOException $e) {
				$message = $LANG['AdminEdit_admin_result_error'] . "<br />($username)<br />";
			}	
		}

		if (empty($domains['domains'])) {
			$message = $LANG['AdminAdd_admin_domain_error'];
		}
		if (empty($message)) {
			try {
				$dbh = pdo_connect();
				$sth = $dbh->prepare("SELECT COUNT(*) FROM domain_admins WHERE username=?");
				$sth->execute(array($username));
				$count_domain_admins = $sth->fetchColumn();

				$sth = $dbh->prepare("DELETE FROM domain_admins WHERE username=?");
				$sth->execute(array($username));
				if ($sth->rowCount() != $count_domain_admins) {
					throw new RuntimeException('Unable to delete entries from the domain_admins table.');
				}

				foreach ($domains['domains'] as $row) {
					$sth = $dbh->prepare("INSERT INTO domain_admins (username,domain,created) VALUES (?,?,NOW())");
					$sth->bindParam(1, $username, PDO::PARAM_STR);
					$sth->bindParam(2, $row, PDO::PARAM_STR);
					$sth->execute();
				}
				header("Location: list-admin.php");
			} catch (RuntimeException $e) {
				$message = $LANG['AdminEdit_admin_result_error'];
			} catch (PDOException $e) {
				$message = $LANG['AdminEdit_admin_result_error'];
			}
		}
	}
}
include '../templates/header.tpl';
include '../templates/admin_menu.tpl';
include '../templates/admin_admin.tpl';
include '../templates/footer.tpl';
?>
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`<?php`
			`//`
			`// OpenSMTPD Admin`
			`// by Mischa Peters <mischa at high5 dot nl>`
			`// Copyright (c) 2022 High5!`
			`// License Info: LICENSE.TXT`
			`//`
strip urlencode / active from templates 2022-09-03 10:44:32 +02:00			`// File: admin.php`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`//`
strip urlencode / active from templates 2022-09-03 10:44:32 +02:00			`// Template File: admin_admin.tpl`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`//`
			`//`
			`// Template Variables:`
			`//`
strip urlencode / active from templates 2022-09-03 10:44:32 +02:00			`// action`
			`// message`
			`// username`
			`// domains`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`//`
			`// Form POST \ GET Variables:`
			`//`
strip urlencode / active from templates 2022-09-03 10:44:32 +02:00			`// username`
			`// password1`
			`// password2`
			`// domains`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`//`
strip urlencode / active from templates 2022-09-03 10:44:32 +02:00			`require_once '../functions.inc.php';`
			`include '../languages/' . check_language() . '.lang';`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00
			`$list_domains = list_domains();`
			`$list_admins = list_admins();`

			`if ($_SERVER['REQUEST_METHOD'] == "GET") {`
			`$action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'add';`
			`if ($action == 'edit') {`
			`$username = filter_input(INPUT_GET, 'username', FILTER_VALIDATE_EMAIL);`
			`$domains['domains'] = array_column(list_domains($username), 'domain');`
			`}`
			`}`

			`if ($_SERVER['REQUEST_METHOD'] == "POST") {`
			`$action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'add';`
			`$username = filter_input(INPUT_POST, 'username', FILTER_VALIDATE_EMAIL);`
			`$password1 = filter_input(INPUT_POST, 'password1', FILTER_DEFAULT);`
			`$password2 = filter_input(INPUT_POST, 'password2', FILTER_DEFAULT);`
			`$domains = filter_input_array(INPUT_POST, array('domains' => array('filter' => FILTER_VALIDATE_DOMAIN, 'flags' => FILTER_REQUIRE_ARRAY)));`


			`if ($action == 'add') {`
			`if (empty($username) \|\| in_array($username, array_column($list_admins, 'username'))) {`
PALANG -> LANG, pVar -> Var 2022-09-03 11:30:40 +02:00			`$message = $LANG['AdminAdd_admin_username_error'];`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`}`

			`if (empty($password1) \|\| $password1 != $password2) {`
PALANG -> LANG, pVar -> Var 2022-09-03 11:30:40 +02:00			`$message = $LANG['AdminAdd_admin_password_error'];`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`}`

			`if (empty($domains['domains'])) {`
PALANG -> LANG, pVar -> Var 2022-09-03 11:30:40 +02:00			`$message = $LANG['AdminAdd_admin_domain_error'];`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`}`

			`if (empty($message)) {`
			`$hashed = bcrypt($password1);`
			`try {`
connect_db -> pdo_connect 2022-09-04 20:50:21 +02:00			`$dbh = pdo_connect();`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`$sth = $dbh->prepare("INSERT INTO admin (username,password,created,modified) VALUES (?,?,NOW(),NOW())");`
			`$sth->bindParam(1, $username, PDO::PARAM_STR);`
			`$sth->bindParam(2, $hashed, PDO::PARAM_STR);`
			`$sth->execute();`
			`foreach ($domains['domains'] as $row) {`
			`$sth = $dbh->prepare("INSERT INTO domain_admins (username,domain,created) VALUES (?,?,NOW())");`
			`$sth->bindParam(1, $username, PDO::PARAM_STR);`
			`$sth->bindParam(2, $row, PDO::PARAM_STR);`
			`$sth->execute();`
			`}`
PALANG -> LANG, pVar -> Var 2022-09-03 11:30:40 +02:00			`$message = $LANG['AdminAdd_admin_result_succes'] . "<br />($username)</br />";`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`} catch(PDOException $e) {`
PALANG -> LANG, pVar -> Var 2022-09-03 11:30:40 +02:00			`$message = $LANG['AdminAdd_admin_result_error'] . "<br />($username)<br />";`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`}`
			`}`
			`}`

			`if (in_array($username, array_column($list_admins, 'username')) && $action == 'edit') {`
			`if ($password1 != $password2) {`
PALANG -> LANG, pVar -> Var 2022-09-03 11:30:40 +02:00			`$message = $LANG['AdminAdd_admin_password_error'];`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`}`
alias and mailbox almost indentical 2022-09-04 14:49:44 +02:00			`if (empty($message) && !empty($password1)) {`
print -> echo 2022-09-04 11:38:47 +02:00			`$hashed = bcrypt($password1);`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`try {`
connect_db -> pdo_connect 2022-09-04 20:50:21 +02:00			`$dbh = pdo_connect();`
print -> echo 2022-09-04 11:38:47 +02:00			`$sth = $dbh->prepare("UPDATE admin SET password=?,modified=NOW() WHERE username=?");`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`$sth->bindParam(1, $hashed, PDO::PARAM_STR);`
			`$sth->bindParam(2, $username, PDO::PARAM_STR);`
			`$sth->execute();`
			`} catch(PDOException $e) {`
PALANG -> LANG, pVar -> Var 2022-09-03 11:30:40 +02:00			`$message = $LANG['AdminEdit_admin_result_error'] . "<br />($username)<br />";`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`}`
			`}`

			`if (empty($domains['domains'])) {`
PALANG -> LANG, pVar -> Var 2022-09-03 11:30:40 +02:00			`$message = $LANG['AdminAdd_admin_domain_error'];`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`}`
			`if (empty($message)) {`
			`try {`
connect_db -> pdo_connect 2022-09-04 20:50:21 +02:00			`$dbh = pdo_connect();`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`$sth = $dbh->prepare("SELECT COUNT(*) FROM domain_admins WHERE username=?");`
			`$sth->execute(array($username));`
			`$count_domain_admins = $sth->fetchColumn();`

			`$sth = $dbh->prepare("DELETE FROM domain_admins WHERE username=?");`
			`$sth->execute(array($username));`
			`if ($sth->rowCount() != $count_domain_admins) {`
			`throw new RuntimeException('Unable to delete entries from the domain_admins table.');`
			`}`

			`foreach ($domains['domains'] as $row) {`
			`$sth = $dbh->prepare("INSERT INTO domain_admins (username,domain,created) VALUES (?,?,NOW())");`
			`$sth->bindParam(1, $username, PDO::PARAM_STR);`
			`$sth->bindParam(2, $row, PDO::PARAM_STR);`
			`$sth->execute();`
			`}`
			`header("Location: list-admin.php");`
			`} catch (RuntimeException $e) {`
PALANG -> LANG, pVar -> Var 2022-09-03 11:30:40 +02:00			`$message = $LANG['AdminEdit_admin_result_error'];`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`} catch (PDOException $e) {`
PALANG -> LANG, pVar -> Var 2022-09-03 11:30:40 +02:00			`$message = $LANG['AdminEdit_admin_result_error'];`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`}`
			`}`
			`}`
			`}`
strip urlencode / active from templates 2022-09-03 10:44:32 +02:00			`include '../templates/header.tpl';`
			`include '../templates/admin_menu.tpl';`
			`include '../templates/admin_admin.tpl';`
			`include '../templates/footer.tpl';`
consolidate add/edit admin to single file 2022-09-03 08:39:34 +02:00			`?>`