opensmtpdadmin/edit-mailbox.php

<?php
// 
// OpenSMTPD Admin 
// by Mischa Peters <mischa at high5 dot nl>
// Copyright (c) 2022 High5!
// License Info: LICENSE.TXT
//
// File: edit-mailbox.php
//
// Template File: edit-mailbox.tpl
//
// Template Variables:
//
// message
// name
//
// Form POST \ GET Variables:
//
// username
// domain
// password1
// password2
// name
//
require_once './functions.inc.php';
include './languages/' . check_language() . '.lang';

$SESSID_USERNAME = check_session();
$list_domains = list_domains($SESSID_USERNAME);
$admin = $SESSID_USERNAME ?? ADMIN_EMAIL;

if ($_SERVER['REQUEST_METHOD'] == "GET") {
        $username = strtolower(filter_input(INPUT_GET, 'username', FILTER_DEFAULT));
        $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN);
        $domain_key = array_search($domain, array_column($list_domains, 'domain'));
	$domain_exist = in_array($domain, array_column($list_domains, 'domain'));

	if ($domain_exist) {
		try {
			$dbh = connect_db();
			$sth = $dbh->prepare("SELECT * FROM mailbox WHERE username=? AND domain=?");
			$sth->bindParam(1, $username, PDO::PARAM_STR);
			$sth->bindParam(2, $domain, PDO::PARAM_STR);
			$sth->execute();
			$mailbox_details = $sth->fetch();
			$name = $mailbox_details['name'];
		} catch(PDOException $e) {
			$message = $LANG['Edit_mailbox_login_error'];
		}
	}
}

if ($_SERVER['REQUEST_METHOD'] == "POST") {
        $username = strtolower(filter_input(INPUT_GET, 'username', FILTER_DEFAULT));
        $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN);
	$password1 = filter_input(INPUT_POST, 'password1', FILTER_DEFAULT);
	$password2 = filter_input(INPUT_POST, 'password2', FILTER_DEFAULT);
	$name = filter_input(INPUT_POST, 'name', FILTER_DEFAULT);
        $domain_key = array_search($domain, array_column($list_domains, 'domain'));
	$domain_exist = in_array($domain, array_column($list_domains, 'domain'));

	if ($password1 != $password2) {
		$message = $LANG['Edit_mailbox_password_text_error'];
	}

	if (empty($message) && isset($domain_key) && !empty($password1)) {
		$hashed = bcrypt($password1);
		try {
			$dbh = connect_db();
			$sth = $dbh->prepare("UPDATE mailbox SET password=?,name=?,modified=NOW() WHERE username=? AND domain=?");
			$sth->bindParam(1, $hashed, PDO::PARAM_STR);
			$sth->bindParam(2, $name, PDO::PARAM_STR);
			$sth->bindParam(3, $username, PDO::PARAM_STR);
			$sth->bindParam(4, $domain, PDO::PARAM_STR);
			$sth->execute();
		} catch(PDOException $e) {
			$message = $LANG['Edit_mailbox_result_error'];
		}	
	}

	if ($domain_exist && empty($message)) {
		try {
			$dbh = connect_db();
			$sth = $dbh->prepare("UPDATE mailbox SET name=?,modified=NOW() WHERE username=? AND domain=?");
			$sth->bindParam(1, $name, PDO::PARAM_STR);
			$sth->bindParam(2, $username, PDO::PARAM_STR);
			$sth->bindParam(3, $domain, PDO::PARAM_STR);
			$sth->execute();
			logging($admin, $domain, "edit mailbox", $username);
			header("Location: list-virtual.php?domain=$domain");
		} catch(PDOException $e) {
			$message = $LANG['Edit_mailbox_result_error'];
		}	
	}
}
include './templates/header.tpl';
include './templates/admin_menu.tpl';
include './templates/edit-mailbox.tpl';
include './templates/footer.tpl';
?>
Initial commit 2022-08-18 14:01:52 +02:00			`<?php`
			`//`
			`// OpenSMTPD Admin`
			`// by Mischa Peters <mischa at high5 dot nl>`
			`// Copyright (c) 2022 High5!`
			`// License Info: LICENSE.TXT`
			`//`
			`// File: edit-mailbox.php`
			`//`
			`// Template File: edit-mailbox.tpl`
			`//`
			`// Template Variables:`
			`//`
alias and mailbox almost indentical 2022-09-04 14:49:44 +02:00			`// message`
			`// name`
Initial commit 2022-08-18 14:01:52 +02:00			`//`
			`// Form POST \ GET Variables:`
			`//`
alias and mailbox almost indentical 2022-09-04 14:49:44 +02:00			`// username`
			`// domain`
			`// password1`
			`// password2`
			`// name`
Initial commit 2022-08-18 14:01:52 +02:00			`//`
alias and mailbox almost indentical 2022-09-04 14:49:44 +02:00			`require_once './functions.inc.php';`
			`include './languages/' . check_language() . '.lang';`
Initial commit 2022-08-18 14:01:52 +02:00
			`$SESSID_USERNAME = check_session();`
alias and mailbox almost indentical 2022-09-04 14:49:44 +02:00			`$list_domains = list_domains($SESSID_USERNAME);`
			`$admin = $SESSID_USERNAME ?? ADMIN_EMAIL;`
Initial commit 2022-08-18 14:01:52 +02:00
			`if ($_SERVER['REQUEST_METHOD'] == "GET") {`
alias and mailbox almost indentical 2022-09-04 14:49:44 +02:00			`$username = strtolower(filter_input(INPUT_GET, 'username', FILTER_DEFAULT));`
			`$domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN);`
extra domain checks 2022-09-04 16:04:56 +02:00			`$domain_key = array_search($domain, array_column($list_domains, 'domain'));`
			`$domain_exist = in_array($domain, array_column($list_domains, 'domain'));`
Initial commit 2022-08-18 14:01:52 +02:00
extra domain checks 2022-09-04 16:04:56 +02:00			`if ($domain_exist) {`
			`try {`
			`$dbh = connect_db();`
			`$sth = $dbh->prepare("SELECT * FROM mailbox WHERE username=? AND domain=?");`
			`$sth->bindParam(1, $username, PDO::PARAM_STR);`
			`$sth->bindParam(2, $domain, PDO::PARAM_STR);`
			`$sth->execute();`
			`$mailbox_details = $sth->fetch();`
			`$name = $mailbox_details['name'];`
			`} catch(PDOException $e) {`
			`$message = $LANG['Edit_mailbox_login_error'];`
			`}`
Initial commit 2022-08-18 14:01:52 +02:00			`}`
			`}`

			`if ($_SERVER['REQUEST_METHOD'] == "POST") {`
alias and mailbox almost indentical 2022-09-04 14:49:44 +02:00			`$username = strtolower(filter_input(INPUT_GET, 'username', FILTER_DEFAULT));`
			`$domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN);`
			`$password1 = filter_input(INPUT_POST, 'password1', FILTER_DEFAULT);`
			`$password2 = filter_input(INPUT_POST, 'password2', FILTER_DEFAULT);`
			`$name = filter_input(INPUT_POST, 'name', FILTER_DEFAULT);`
extra domain checks 2022-09-04 16:04:56 +02:00			`$domain_key = array_search($domain, array_column($list_domains, 'domain'));`
			`$domain_exist = in_array($domain, array_column($list_domains, 'domain'));`
Initial commit 2022-08-18 14:01:52 +02:00
alias and mailbox almost indentical 2022-09-04 14:49:44 +02:00			`if ($password1 != $password2) {`
			`$message = $LANG['Edit_mailbox_password_text_error'];`
Initial commit 2022-08-18 14:01:52 +02:00			`}`

alias and mailbox almost indentical 2022-09-04 14:49:44 +02:00			`if (empty($message) && isset($domain_key) && !empty($password1)) {`
			`$hashed = bcrypt($password1);`
			`try {`
			`$dbh = connect_db();`
			`$sth = $dbh->prepare("UPDATE mailbox SET password=?,name=?,modified=NOW() WHERE username=? AND domain=?");`
			`$sth->bindParam(1, $hashed, PDO::PARAM_STR);`
			`$sth->bindParam(2, $name, PDO::PARAM_STR);`
			`$sth->bindParam(3, $username, PDO::PARAM_STR);`
			`$sth->bindParam(4, $domain, PDO::PARAM_STR);`
			`$sth->execute();`
			`} catch(PDOException $e) {`
			`$message = $LANG['Edit_mailbox_result_error'];`
			`}`
Initial commit 2022-08-18 14:01:52 +02:00			`}`

extra domain checks 2022-09-04 16:04:56 +02:00			`if ($domain_exist && empty($message)) {`
alias and mailbox almost indentical 2022-09-04 14:49:44 +02:00			`try {`
			`$dbh = connect_db();`
			`$sth = $dbh->prepare("UPDATE mailbox SET name=?,modified=NOW() WHERE username=? AND domain=?");`
			`$sth->bindParam(1, $name, PDO::PARAM_STR);`
			`$sth->bindParam(2, $username, PDO::PARAM_STR);`
			`$sth->bindParam(3, $domain, PDO::PARAM_STR);`
			`$sth->execute();`
			`logging($admin, $domain, "edit mailbox", $username);`
			`header("Location: list-virtual.php?domain=$domain");`
			`} catch(PDOException $e) {`
			`$message = $LANG['Edit_mailbox_result_error'];`
			`}`
Initial commit 2022-08-18 14:01:52 +02:00			`}`
			`}`
alias and mailbox almost indentical 2022-09-04 14:49:44 +02:00			`include './templates/header.tpl';`
extra domain checks 2022-09-04 16:04:56 +02:00			`include './templates/admin_menu.tpl';`
alias and mailbox almost indentical 2022-09-04 14:49:44 +02:00			`include './templates/edit-mailbox.tpl';`
			`include './templates/footer.tpl';`
Initial commit 2022-08-18 14:01:52 +02:00			`?>`