opensmtpdadmin/functions.inc.php

<?php
// 
// OpenSMTPD Admin 
// by Mischa Peters <mischa at high5 dot nl>
// Copyright (c) 2022 High5!
// License Info: LICENSE.TXT
//
// File: functions.inc.php
//
if(preg_match("/functions.inc.php/", $_SERVER['SCRIPT_NAME'])) {
	header("Location: login.php");
	exit;
}

DEFINE("VERSION",  "version 1.0.0");
DEFINE('ROOT_PATH', dirname(__FILE__) . '/');
require_once ROOT_PATH . 'conf.php';
require_once ROOT_PATH . 'config.inc.php';
require_once ROOT_PATH . 'variables.inc.php';

$version = "1.0.0";

//
// Check of debug is enabled or not
//
if (DEBUG == 'true') {
	ini_set('display_errors', 1);
	ini_set('display_startup_errors', 1);
	error_reporting(E_ALL);
	mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
} else {
	ini_set('display_errors', 0);
	ini_set('display_startup_errors', 0);		
}

//
// check_session
// Action: Check if a session already exists, if not redirect to login.php
// Call: check_session() -or- check_user_session()
//
function check_session() {
	session_start();
	if (!isset($_SESSION['sessid']['username'])) {
		header("Location: login.php");
		exit;
	}
	$SESSID_USERNAME = $_SESSION['sessid']['username'];
	return $SESSID_USERNAME;
}

function check_user_session() {
	session_start();
	if (!isset($_SESSION['userid']['username'])) {
		header("Location: login.php");
		exit;
	}
	$USERID_USERNAME = $_SESSION['userid']['username'];
	return $USERID_USERNAME;
}

//
// check_language
// Action: checks what language the browser uses
// Call: check_language
//
function check_language() {
	global $CONF;
	// Currently only English is supported, no need to run through the check now.
	return $CONF['default_language'];
}

//
// check_string
// Action: checks if a string is valid and returns TRUE is this is the case.
// Call: check_string(string var)
//
function check_string($var) {
	if (preg_match('/^([A-Za-z0-9 ]+)+$/', $var)) {
		return true;
	} else {
		return false;
	}
} 

//
// check_email
// Action: Checks if email is valid and returns TRUE if this is the case.
// Call: check_email(string email)
//
function check_email($email) {
	if (preg_match('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{|}~]+' . '@' . '([-0-9A-Z]+\.)+' . '([0-9A-Z]){2,10}$/i', trim($email))) {
		return true;
	} else {
		return false;
	}
}

//
// escape_string
// Action: Escape a string
// Call: escape_string(string string)
//
function escape_string($string) {
	global $CONF;
	$escaped_string = $string;
	return $escaped_string;
}


//
// check_alias
// Action: Checks if the domain is still able to create aliases.
// Call: check_alias(string domain)
//
function check_alias($domain) {
	$limit = get_domain_properties($domain);
	if ($limit['aliases'] == 0) {
		return true;
	}
	if ($limit['aliases'] < 0) {
		return false;
	}
	if ($limit['alias_count'] >= $limit['aliases']) {
		return false;
	} else {
		return true;
	}
}

//
// check_mailbox
// Action: Checks if the domain is still able to create mailboxes.
// Call: ceck_mailbox(string domain)
//
function check_mailbox($domain) {
	$limit = get_domain_properties($domain);
	if ($limit['mailboxes'] == 0) {
		return true;
	}
	if ($limit['mailboxes'] < 0) {
		return false;
	}
	if ($limit['mailbox_count'] >= $limit['mailboxes']) {
		return false;
	} else {
		return true;
	}
}
//
// connect_db
// Action: make db connection
// Call: connect_db()
//
function connect_db() {
	try {
		$dbh = new PDO(DB_TYPE . ':host='. DB_HOST . ';dbname='. DB_NAME , DB_USER, DB_PASS, array(PDO::ATTR_PERSISTENT => true));
		$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
		return $dbh;
	} catch (PDOException $e) {
		echo 'Connection failed: ' . $e;
		die();
	}
}

//
// list_domains
// Action: List all available domains.
// Call: list_domains(string admin (optional))
//
function list_domains($username = null) {
	$dbh = connect_db();
	if (isset($username)) {
		$sth = $dbh->prepare("SELECT * FROM domain INNER JOIN domain_admins ON domain.domain=domain_admins.domain WHERE domain_admins.username=? ORDER BY domain_admins.domain");
		$sth->bindParam(1, $username, PDO::PARAM_STR);
	} else {
		$sth = $dbh->prepare('SELECT * FROM domain ORDER BY domain');
	}
	$sth->execute();
	$list= $sth->fetchAll();

	for ($i = 0; $i < count($list); $i++) {
		$sth = $dbh->prepare("SELECT COUNT(*) FROM alias WHERE domain=? AND goto NOT IN ('vmail')");
		$sth->bindParam(1, $list[$i]['domain'], PDO::PARAM_STR);
		$sth->execute();
		$list[$i]['alias_count'] = $sth->fetchColumn();

		$sth = $dbh->prepare("SELECT COUNT(*) FROM mailbox WHERE domain=?");
		$sth->bindParam(1, $list[$i]['domain'], PDO::PARAM_STR);
		$sth->execute();
		$list[$i]['mailbox_count'] = $sth->fetchColumn();
	}
	return $list;
}

//
// list_aliases
// Action: List all available aliases for domain.
// Call: list_aliases(string domain, int offset)
//
function list_aliases($domain, $offset, $limit) {
	$dbh = connect_db();
	if (ALIAS_CONTROL == 'NO') {
		$sth = $dbh->prepare("SELECT alias.address,alias.goto,alias.modified FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.domain=? AND mailbox.maildir IS NULL ORDER BY alias.address LIMIT ?, ?");
	} else {
		$sth = $dbh->prepare("SELECT alias.address,alias.goto,alias.modified FROM alias WHERE alias.domain=? ORDER BY alias.address LIMIT ?, ?");
	}
	$sth->bindParam(1, $domain, PDO::PARAM_STR);
	$sth->bindParam(2, $offset, PDO::PARAM_INT);
	$sth->bindParam(3, $limit, PDO::PARAM_INT);
	$sth->execute();
	$list = $sth->fetchAll();
	return $list;
}

//
// list_mailboxes
// Action: List all available mailboxes for domain.
// Call: list_mailboxes(string domaini, int offset)
//
function list_mailboxes($domain, $offset, $limit) {
	$dbh = connect_db();
	$sth = $dbh->prepare("SELECT * FROM mailbox WHERE domain=? ORDER BY username LIMIT ?, ?");
	$sth->bindParam(1, $domain, PDO::PARAM_STR);
	$sth->bindParam(2, $offset, PDO::PARAM_INT);
	$sth->bindParam(3, $limit, PDO::PARAM_INT);
	$sth->execute();
	$list = $sth->fetchAll();
	return $list;
}

//
// admin_exist
// Action: Checks if the admin already exists.
// Call: admin_exist(string admin)
//
// was check_admin
//
function admin_exist($username) {
	$result = db_query("SELECT * FROM admin WHERE username='$username'");
	if ($result['rows'] != 1) {
		return false;
	} else {
		return true;
	}
}

//
// domain_exist
// Action: Checks if the domain already exists.
// Call: domain_exist(string domain)
//
function domain_exist($domain) {
	$result = db_query("SELECT * FROM domain WHERE domain='$domain'");
	if ($result['rows'] != 1) {
		return false;
	} else {
		return true;
	}
}

//
// list_admins
// Action: Lists all the admins
// Call: list_admins()
//
function list_admins() {
	$dbh = new PDO(DB_TYPE . ':host='. DB_HOST . ';dbname='. DB_NAME , DB_USER, DB_PASS);
	$sth = $dbh->prepare('SELECT * FROM admin ORDER BY username');
	$sth->execute();
	$list = $sth->fetchAll();

	for ($i = 0; $i < count($list); $i++) {
		$sth = $dbh->prepare("SELECT COUNT(*) FROM domain_admins WHERE username=?");
		$sth->bindParam(1, $list[$i]['username'], PDO::PARAM_STR);
		$sth->execute();
		$list[$i]['domain_count'] = $sth->fetchColumn();
	}
	return $list;
}

//
// generate_password
// Action: Generates a random password
// Call: generate_password()
//
function generate_password() {
	$password = substr(md5(mt_rand()), 0, 8);
	return $password;
}

//
// bcrypt
// Action: Hashs the password with bcrypt
// Call: bcrypt(string cleartextpassword)
//
function bcrypt($password) {
	$options = ['cost' => 8];
	$hashed = password_hash($password, PASSWORD_BCRYPT, $options);
	$hashed = preg_replace('/\$2y\$/', '\$2b\$', $hashed);
	return $hashed;
}

//
// db_connect
// Action: Makes a connection to the database if it doesn't exist
// Call: db_connect()
//
$DEBUG_TEXT = "\n
<p />\n
Please check the documentation and website for more information.\n
<p />\n
";

function db_connect() {
	global $CONF;
	global $DEBUG_TEXT;
	$link = "";

	if ($CONF['database_type'] == "mysqli") {
		if(function_exists("mysqli_connect")) {
			$link = @mysqli_connect($CONF['database_host'], $CONF['database_user'], $CONF['database_password']) or die("<p />DEBUG INFORMATION:<br />Connect: " .  mysqli_connect_error() . "$DEBUG_TEXT");
			$succes = @mysqli_select_db($link, $CONF['database_name']) or die("<p />DEBUG INFORMATION:<br />MySQLi Select Database: " .  mysqli_error() . "$DEBUG_TEXT");
		} else {
			print "<p />DEBUG INFORMATION:<br />MySQL 4.1 functions not available!<br />database_type = 'mysqli' in config.inc.php, are you using a different database? $DEBUG_TEXT";
			die;
		}
	}

	if ($link) {
		return $link;
	} else {
		print "DEBUG INFORMATION:<br />\n";
		print "Connect: Unable to connect to database<br />\n";
		print "<br />\n";
		print "Make sure that you have set the correct database type in the config.inc.php file<br />\n";
		print $DEBUG_TEXT;
		die;
	}
}

//
// db_query
// Action: Sends a query to the database and returns query result and number of rows
// Call: db_query(string query)
//
function db_query($query) {
	global $CONF;
	global $DEBUG_TEXT;
	$result = "";
	$number_rows = "";

	$link = db_connect();

	// database prefix workaround
	if (!empty($CONF['database_prefix'])) {
		if (preg_match("/^SELECT/i", $query)) {
			$query = substr($query, 0, 14) . $CONF['database_prefix'] . substr($query, 14);
		} else {
			$query = substr($query, 0, 6) . $CONF['database_prefix'] . substr($query, 7);
		}
	}
	
	if ($CONF['database_type'] == "mysqli") $result = @mysqli_query($link, $query) or die("<p />DEBUG INFORMATION:<br />Invalid query: " . mysqli_error($link) . "$DEBUG_TEXT");

	if (preg_match("/^SELECT/i", $query)) {
		// if $query was a SELECT statement check the number of rows with [database_type]_num_rows().
		if ($CONF['database_type'] == "mysqli") $number_rows = mysqli_num_rows($result);		
	} else {
		// if $query was something else, UPDATE, DELETE or INSERT check the number of rows with
		// [database_type]_affected_rows().
		if ($CONF['database_type'] == "mysqli") $number_rows = mysqli_affected_rows($link);
	}

	if ($CONF['database_type'] == "mysqli") mysqli_close($link);

	$return = array(
		"result" => $result,
		"rows" => $number_rows
	);
	return $return;
}

// db_row
// Action: Returns a row from a table
// Call: db_row(int result)
//
function db_row($result) {
	global $CONF;
	$row = "";
	if ($CONF['database_type'] == "mysqli") $row = mysqli_fetch_row($result);
	return $row;
}

// db_array
// Action: Returns a row from a table
// Call: db_array(int result)
//
function db_array($result) {
	global $CONF;
	$row = "";
	if ($CONF['database_type'] == "mysqli") $row = mysqli_fetch_array($result);
	return $row;
}

// db_assoc
// Action: Returns a row from a table
// Call: db_assoc(int result)
//
function db_assoc($result) {
	global $CONF;
	$row = "";
	if ($CONF['database_type'] == "mysqli") $row = mysqli_fetch_assoc($result);
	return $row;
}

//
// db_delete
// Action: Deletes a row from a specified table
// Call: db_delete(string table, string where, string delete)
//
function db_delete($table,$where,$delete) {
	$result = db_query("DELETE FROM $table WHERE $where='$delete'");
	if ($result['rows'] >= 1) {
		return $result['rows'];
	} else {
		return true;
	}
}

// logging
// Action: Logs actions from admin
// Call: logging(string username, string domain, string action, string data)
//
function logging($username, $domain, $action, $data) {
	$remote_addr = $_SERVER['HTTP_X_CLIENTIP'] ?? $_SERVER['REMOTE_ADDR'];
	$username = $username . ' (' . $remote_addr . ')';
	if (LOGGING == 'YES') {
		$dbh = connect_db();
		$sth = $dbh->prepare("INSERT INTO log (timestamp,username,domain,action,data) VALUES (NOW(),?,?,?,?)");
		$sth->bindParam(1, $username, PDO::PARAM_STR);
		$sth->bindParam(2, $domain, PDO::PARAM_STR);
		$sth->bindParam(3, $action, PDO::PARAM_STR);
		$sth->bindParam(4, $data, PDO::PARAM_STR);
		$sth->execute();
	}
}
//
// db_log
// Action: Logs actions from admin
// Call: db_log(string username, string domain, string action, string data)
//
function db_log($username, $domain, $action, $data) {
	global $CONF;
	if (isset($_SERVER['HTTP_X_CLIENTIP'])) {
		$REMOTE_ADDR = $_SERVER['HTTP_X_CLIENTIP'];
	} else {
		$REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
	}

	if ($CONF['logging'] == 'YES') {
		$result = db_query("INSERT INTO log (timestamp, username, domain, action, data) VALUES (NOW(), '$username ($REMOTE_ADDR)', '$domain', '$action', '$data')");
		if ($result['rows'] != 1) {
			return false;
		} else {
			return true;
		}
	}
}
?>
Initial commit 2022-08-18 14:01:52 +02:00			`<?php`
			`//`
			`// OpenSMTPD Admin`
			`// by Mischa Peters <mischa at high5 dot nl>`
			`// Copyright (c) 2022 High5!`
			`// License Info: LICENSE.TXT`
			`//`
			`// File: functions.inc.php`
			`//`
			`if(preg_match("/functions.inc.php/", $_SERVER['SCRIPT_NAME'])) {`
			`header("Location: login.php");`
			`exit;`
			`}`

rip and replace.. start 2022-09-02 23:06:08 +02:00			`DEFINE("VERSION", "version 1.0.0");`
			`DEFINE('ROOT_PATH', dirname(__FILE__) . '/');`
			`require_once ROOT_PATH . 'conf.php';`
			`require_once ROOT_PATH . 'config.inc.php';`
			`require_once ROOT_PATH . 'variables.inc.php';`

Initial commit 2022-08-18 14:01:52 +02:00			`$version = "1.0.0";`

			`//`
make debug output optional 2022-08-21 12:49:50 +02:00			`// Check of debug is enabled or not`
			`//`
rip and replace.. start 2022-09-02 23:06:08 +02:00			`if (DEBUG == 'true') {`
make debug output optional 2022-08-21 12:49:50 +02:00			`ini_set('display_errors', 1);`
			`ini_set('display_startup_errors', 1);`
			`error_reporting(E_ALL);`
			`mysqli_report(MYSQLI_REPORT_ERROR \| MYSQLI_REPORT_STRICT);`
			`} else {`
			`ini_set('display_errors', 0);`
			`ini_set('display_startup_errors', 0);`
			`}`

			`//`
Initial commit 2022-08-18 14:01:52 +02:00			`// check_session`
			`// Action: Check if a session already exists, if not redirect to login.php`
			`// Call: check_session() -or- check_user_session()`
			`//`
			`function check_session() {`
			`session_start();`
			`if (!isset($_SESSION['sessid']['username'])) {`
			`header("Location: login.php");`
			`exit;`
			`}`
			`$SESSID_USERNAME = $_SESSION['sessid']['username'];`
			`return $SESSID_USERNAME;`
			`}`

			`function check_user_session() {`
			`session_start();`
			`if (!isset($_SESSION['userid']['username'])) {`
			`header("Location: login.php");`
			`exit;`
			`}`
			`$USERID_USERNAME = $_SESSION['userid']['username'];`
			`return $USERID_USERNAME;`
			`}`

			`//`
			`// check_language`
			`// Action: checks what language the browser uses`
			`// Call: check_language`
			`//`
			`function check_language() {`
			`global $CONF;`
			`// Currently only English is supported, no need to run through the check now.`
			`return $CONF['default_language'];`
			`}`

			`//`
			`// check_string`
			`// Action: checks if a string is valid and returns TRUE is this is the case.`
			`// Call: check_string(string var)`
			`//`
			`function check_string($var) {`
			`if (preg_match('/^([A-Za-z0-9 ]+)+$/', $var)) {`
			`return true;`
			`} else {`
			`return false;`
			`}`
			`}`

			`//`
			`// check_email`
			`// Action: Checks if email is valid and returns TRUE if this is the case.`
			`// Call: check_email(string email)`
			`//`
			`function check_email($email) {`
			`if (preg_match('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{\|}~]+' . '@' . '([-0-9A-Z]+\.)+' . '([0-9A-Z]){2,10}$/i', trim($email))) {`
			`return true;`
			`} else {`
			`return false;`
			`}`
			`}`

			`//`
			`// escape_string`
			`// Action: Escape a string`
			`// Call: escape_string(string string)`
			`//`
			`function escape_string($string) {`
			`global $CONF;`
			`$escaped_string = $string;`
			`return $escaped_string;`
			`}`


			`//`
			`// check_alias`
			`// Action: Checks if the domain is still able to create aliases.`
			`// Call: check_alias(string domain)`
			`//`
			`function check_alias($domain) {`
			`$limit = get_domain_properties($domain);`
			`if ($limit['aliases'] == 0) {`
			`return true;`
			`}`
			`if ($limit['aliases'] < 0) {`
			`return false;`
			`}`
			`if ($limit['alias_count'] >= $limit['aliases']) {`
			`return false;`
			`} else {`
			`return true;`
			`}`
			`}`

			`//`
			`// check_mailbox`
			`// Action: Checks if the domain is still able to create mailboxes.`
			`// Call: ceck_mailbox(string domain)`
			`//`
			`function check_mailbox($domain) {`
			`$limit = get_domain_properties($domain);`
			`if ($limit['mailboxes'] == 0) {`
			`return true;`
			`}`
			`if ($limit['mailboxes'] < 0) {`
			`return false;`
			`}`
			`if ($limit['mailbox_count'] >= $limit['mailboxes']) {`
			`return false;`
			`} else {`
			`return true;`
			`}`
			`}`
			`//`
rip and replace.. start 2022-09-02 23:06:08 +02:00			`// connect_db`
			`// Action: make db connection`
			`// Call: connect_db()`
			`//`
			`function connect_db() {`
			`try {`
			`$dbh = new PDO(DB_TYPE . ':host='. DB_HOST . ';dbname='. DB_NAME , DB_USER, DB_PASS, array(PDO::ATTR_PERSISTENT => true));`
			`$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);`
			`return $dbh;`
			`} catch (PDOException $e) {`
			`echo 'Connection failed: ' . $e;`
			`die();`
Initial commit 2022-08-18 14:01:52 +02:00			`}`
			`}`

			`//`
rip and replace.. start 2022-09-02 23:06:08 +02:00			`// list_domains`
			`// Action: List all available domains.`
			`// Call: list_domains(string admin (optional))`
Initial commit 2022-08-18 14:01:52 +02:00			`//`
rip and replace.. start 2022-09-02 23:06:08 +02:00			`function list_domains($username = null) {`
			`$dbh = connect_db();`
			`if (isset($username)) {`
			`$sth = $dbh->prepare("SELECT * FROM domain INNER JOIN domain_admins ON domain.domain=domain_admins.domain WHERE domain_admins.username=? ORDER BY domain_admins.domain");`
			`$sth->bindParam(1, $username, PDO::PARAM_STR);`
Initial commit 2022-08-18 14:01:52 +02:00			`} else {`
rip and replace.. start 2022-09-02 23:06:08 +02:00			`$sth = $dbh->prepare('SELECT * FROM domain ORDER BY domain');`
			`}`
			`$sth->execute();`
			`$list= $sth->fetchAll();`

			`for ($i = 0; $i < count($list); $i++) {`
			`$sth = $dbh->prepare("SELECT COUNT(*) FROM alias WHERE domain=? AND goto NOT IN ('vmail')");`
			`$sth->bindParam(1, $list[$i]['domain'], PDO::PARAM_STR);`
			`$sth->execute();`
			`$list[$i]['alias_count'] = $sth->fetchColumn();`

			`$sth = $dbh->prepare("SELECT COUNT(*) FROM mailbox WHERE domain=?");`
			`$sth->bindParam(1, $list[$i]['domain'], PDO::PARAM_STR);`
			`$sth->execute();`
			`$list[$i]['mailbox_count'] = $sth->fetchColumn();`
Initial commit 2022-08-18 14:01:52 +02:00			`}`
rip and replace.. start 2022-09-02 23:06:08 +02:00			`return $list;`
Initial commit 2022-08-18 14:01:52 +02:00			`}`

			`//`
rip and replace.. start 2022-09-02 23:06:08 +02:00			`// list_aliases`
			`// Action: List all available aliases for domain.`
			`// Call: list_aliases(string domain, int offset)`
Initial commit 2022-08-18 14:01:52 +02:00			`//`
rip and replace.. start 2022-09-02 23:06:08 +02:00			`function list_aliases($domain, $offset, $limit) {`
			`$dbh = connect_db();`
			`if (ALIAS_CONTROL == 'NO') {`
			`$sth = $dbh->prepare("SELECT alias.address,alias.goto,alias.modified FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.domain=? AND mailbox.maildir IS NULL ORDER BY alias.address LIMIT ?, ?");`
			`} else {`
			`$sth = $dbh->prepare("SELECT alias.address,alias.goto,alias.modified FROM alias WHERE alias.domain=? ORDER BY alias.address LIMIT ?, ?");`
Initial commit 2022-08-18 14:01:52 +02:00			`}`
rip and replace.. start 2022-09-02 23:06:08 +02:00			`$sth->bindParam(1, $domain, PDO::PARAM_STR);`
			`$sth->bindParam(2, $offset, PDO::PARAM_INT);`
			`$sth->bindParam(3, $limit, PDO::PARAM_INT);`
			`$sth->execute();`
			`$list = $sth->fetchAll();`
Initial commit 2022-08-18 14:01:52 +02:00			`return $list;`
			`}`

			`//`
rip and replace.. start 2022-09-02 23:06:08 +02:00			`// list_mailboxes`
			`// Action: List all available mailboxes for domain.`
			`// Call: list_mailboxes(string domaini, int offset)`
Initial commit 2022-08-18 14:01:52 +02:00			`//`
rip and replace.. start 2022-09-02 23:06:08 +02:00			`function list_mailboxes($domain, $offset, $limit) {`
			`$dbh = connect_db();`
			`$sth = $dbh->prepare("SELECT * FROM mailbox WHERE domain=? ORDER BY username LIMIT ?, ?");`
			`$sth->bindParam(1, $domain, PDO::PARAM_STR);`
			`$sth->bindParam(2, $offset, PDO::PARAM_INT);`
			`$sth->bindParam(3, $limit, PDO::PARAM_INT);`
			`$sth->execute();`
			`$list = $sth->fetchAll();`
Initial commit 2022-08-18 14:01:52 +02:00			`return $list;`
			`}`

			`//`
			`// admin_exist`
			`// Action: Checks if the admin already exists.`
			`// Call: admin_exist(string admin)`
			`//`
			`// was check_admin`
			`//`
			`function admin_exist($username) {`
			`$result = db_query("SELECT * FROM admin WHERE username='$username'");`
			`if ($result['rows'] != 1) {`
			`return false;`
			`} else {`
			`return true;`
			`}`
			`}`

			`//`
			`// domain_exist`
			`// Action: Checks if the domain already exists.`
			`// Call: domain_exist(string domain)`
			`//`
			`function domain_exist($domain) {`
			`$result = db_query("SELECT * FROM domain WHERE domain='$domain'");`
			`if ($result['rows'] != 1) {`
			`return false;`
			`} else {`
			`return true;`
			`}`
			`}`

			`//`
			`// list_admins`
			`// Action: Lists all the admins`
			`// Call: list_admins()`
			`//`
			`function list_admins() {`
rip and replace.. start 2022-09-02 23:06:08 +02:00			`$dbh = new PDO(DB_TYPE . ':host='. DB_HOST . ';dbname='. DB_NAME , DB_USER, DB_PASS);`
			`$sth = $dbh->prepare('SELECT * FROM admin ORDER BY username');`
			`$sth->execute();`
			`$list = $sth->fetchAll();`

			`for ($i = 0; $i < count($list); $i++) {`
			`$sth = $dbh->prepare("SELECT COUNT(*) FROM domain_admins WHERE username=?");`
			`$sth->bindParam(1, $list[$i]['username'], PDO::PARAM_STR);`
			`$sth->execute();`
			`$list[$i]['domain_count'] = $sth->fetchColumn();`
Initial commit 2022-08-18 14:01:52 +02:00			`}`
			`return $list;`
			`}`

			`//`
			`// generate_password`
			`// Action: Generates a random password`
			`// Call: generate_password()`
			`//`
			`function generate_password() {`
			`$password = substr(md5(mt_rand()), 0, 8);`
			`return $password;`
			`}`

			`//`
rip and replace.. start 2022-09-02 23:06:08 +02:00			`// bcrypt`
			`// Action: Hashs the password with bcrypt`
			`// Call: bcrypt(string cleartextpassword)`
Initial commit 2022-08-18 14:01:52 +02:00			`//`
rip and replace.. start 2022-09-02 23:06:08 +02:00			`function bcrypt($password) {`
			`$options = ['cost' => 8];`
			`$hashed = password_hash($password, PASSWORD_BCRYPT, $options);`
			`$hashed = preg_replace('/\$2y\$/', '\$2b\$', $hashed);`
			`return $hashed;`
Initial commit 2022-08-18 14:01:52 +02:00			`}`

			`//`
			`// db_connect`
			`// Action: Makes a connection to the database if it doesn't exist`
			`// Call: db_connect()`
			`//`
			`$DEBUG_TEXT = "\n`
			`<p />\n`
			`Please check the documentation and website for more information.\n`
			`<p />\n`
			`";`

			`function db_connect() {`
			`global $CONF;`
			`global $DEBUG_TEXT;`
			`$link = "";`

			`if ($CONF['database_type'] == "mysqli") {`
			`if(function_exists("mysqli_connect")) {`
			`$link = @mysqli_connect($CONF['database_host'], $CONF['database_user'], $CONF['database_password']) or die("<p />DEBUG INFORMATION:<br />Connect: " . mysqli_connect_error() . "$DEBUG_TEXT");`
			`$succes = @mysqli_select_db($link, $CONF['database_name']) or die("<p />DEBUG INFORMATION:<br />MySQLi Select Database: " . mysqli_error() . "$DEBUG_TEXT");`
			`} else {`
			`print "<p />DEBUG INFORMATION:<br />MySQL 4.1 functions not available!<br />database_type = 'mysqli' in config.inc.php, are you using a different database? $DEBUG_TEXT";`
			`die;`
			`}`
			`}`

			`if ($link) {`
			`return $link;`
			`} else {`
			`print "DEBUG INFORMATION:<br />\n";`
			`print "Connect: Unable to connect to database<br />\n";`
			`print "<br />\n";`
			`print "Make sure that you have set the correct database type in the config.inc.php file<br />\n";`
			`print $DEBUG_TEXT;`
			`die;`
			`}`
			`}`

			`//`
			`// db_query`
			`// Action: Sends a query to the database and returns query result and number of rows`
			`// Call: db_query(string query)`
			`//`
			`function db_query($query) {`
			`global $CONF;`
			`global $DEBUG_TEXT;`
			`$result = "";`
			`$number_rows = "";`

			`$link = db_connect();`

			`// database prefix workaround`
			`if (!empty($CONF['database_prefix'])) {`
			`if (preg_match("/^SELECT/i", $query)) {`
			`$query = substr($query, 0, 14) . $CONF['database_prefix'] . substr($query, 14);`
			`} else {`
			`$query = substr($query, 0, 6) . $CONF['database_prefix'] . substr($query, 7);`
			`}`
			`}`

			`if ($CONF['database_type'] == "mysqli") $result = @mysqli_query($link, $query) or die("<p />DEBUG INFORMATION:<br />Invalid query: " . mysqli_error($link) . "$DEBUG_TEXT");`

			`if (preg_match("/^SELECT/i", $query)) {`
			`// if $query was a SELECT statement check the number of rows with [database_type]_num_rows().`
			`if ($CONF['database_type'] == "mysqli") $number_rows = mysqli_num_rows($result);`
			`} else {`
			`// if $query was something else, UPDATE, DELETE or INSERT check the number of rows with`
			`// [database_type]_affected_rows().`
			`if ($CONF['database_type'] == "mysqli") $number_rows = mysqli_affected_rows($link);`
			`}`

			`if ($CONF['database_type'] == "mysqli") mysqli_close($link);`

			`$return = array(`
			`"result" => $result,`
			`"rows" => $number_rows`
			`);`
			`return $return;`
			`}`

			`// db_row`
			`// Action: Returns a row from a table`
			`// Call: db_row(int result)`
			`//`
			`function db_row($result) {`
			`global $CONF;`
			`$row = "";`
			`if ($CONF['database_type'] == "mysqli") $row = mysqli_fetch_row($result);`
			`return $row;`
			`}`

			`// db_array`
			`// Action: Returns a row from a table`
			`// Call: db_array(int result)`
			`//`
			`function db_array($result) {`
			`global $CONF;`
			`$row = "";`
			`if ($CONF['database_type'] == "mysqli") $row = mysqli_fetch_array($result);`
			`return $row;`
			`}`

			`// db_assoc`
			`// Action: Returns a row from a table`
			`// Call: db_assoc(int result)`
			`//`
			`function db_assoc($result) {`
			`global $CONF;`
			`$row = "";`
			`if ($CONF['database_type'] == "mysqli") $row = mysqli_fetch_assoc($result);`
			`return $row;`
			`}`

			`//`
			`// db_delete`
			`// Action: Deletes a row from a specified table`
			`// Call: db_delete(string table, string where, string delete)`
			`//`
			`function db_delete($table,$where,$delete) {`
			`$result = db_query("DELETE FROM $table WHERE $where='$delete'");`
			`if ($result['rows'] >= 1) {`
			`return $result['rows'];`
			`} else {`
			`return true;`
			`}`
			`}`

rip and replace.. start 2022-09-02 23:06:08 +02:00			`// logging`
			`// Action: Logs actions from admin`
			`// Call: logging(string username, string domain, string action, string data)`
			`//`
			`function logging($username, $domain, $action, $data) {`
			`$remote_addr = $_SERVER['HTTP_X_CLIENTIP'] ?? $_SERVER['REMOTE_ADDR'];`
			`$username = $username . ' (' . $remote_addr . ')';`
			`if (LOGGING == 'YES') {`
			`$dbh = connect_db();`
			`$sth = $dbh->prepare("INSERT INTO log (timestamp,username,domain,action,data) VALUES (NOW(),?,?,?,?)");`
			`$sth->bindParam(1, $username, PDO::PARAM_STR);`
			`$sth->bindParam(2, $domain, PDO::PARAM_STR);`
			`$sth->bindParam(3, $action, PDO::PARAM_STR);`
			`$sth->bindParam(4, $data, PDO::PARAM_STR);`
			`$sth->execute();`
			`}`
			`}`
Initial commit 2022-08-18 14:01:52 +02:00			`//`
			`// db_log`
			`// Action: Logs actions from admin`
			`// Call: db_log(string username, string domain, string action, string data)`
			`//`
			`function db_log($username, $domain, $action, $data) {`
			`global $CONF;`
rip and replace.. start 2022-09-02 23:06:08 +02:00			`if (isset($_SERVER['HTTP_X_CLIENTIP'])) {`
Initial commit 2022-08-18 14:01:52 +02:00			`$REMOTE_ADDR = $_SERVER['HTTP_X_CLIENTIP'];`
			`} else {`
			`$REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];`
			`}`

			`if ($CONF['logging'] == 'YES') {`
			`$result = db_query("INSERT INTO log (timestamp, username, domain, action, data) VALUES (NOW(), '$username ($REMOTE_ADDR)', '$domain', '$action', '$data')");`
			`if ($result['rows'] != 1) {`
			`return false;`
			`} else {`
			`return true;`
			`}`
			`}`
			`}`
			`?>`