diff --git a/README.md b/README.md index dcdace0..fd99507 100644 --- a/README.md +++ b/README.md @@ -10,6 +10,7 @@ Database needed to use SQL with OpenSMTPD CREATE TABLE `admin` ( `username` varchar(255) NOT NULL DEFAULT '', `password` varchar(255) NOT NULL DEFAULT '', + `role` varchar(32) DEFAULT NULL, `created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', `modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', PRIMARY KEY (`username`), diff --git a/add-alias.php b/add-alias.php index 37ff751..39547c7 100644 --- a/add-alias.php +++ b/add-alias.php @@ -26,12 +26,10 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$PERMISSIONS = check_permissions(); -$admin = $SESSID_USERNAME ?? ADMIN_EMAIL; +$ROLE = check_role(); -if ($PERMISSIONS == ADMIN_RIGHTS) { +if ($ROLE == ADMIN_ROLE) { $list_domains = list_domains(); - $list_admins = list_admins(); } else { $list_domains = list_domains($SESSID_USERNAME); } @@ -71,7 +69,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { $sth->bindParam(2, $goto, PDO::PARAM_STR); $sth->bindParam(3, $domain, PDO::PARAM_STR); $sth->execute(); - logging($admin, $domain, $LANG['Logging_alias_add'], "$from -> $goto"); + logging($SESSID_USERNAME, $domain, $LANG['Logging_alias_add'], "$from -> $goto"); $message = $LANG['Add_alias_result_succes'] . "
($from -> $goto)
"; $address = ''; $goto = ''; diff --git a/add-mailbox.php b/add-mailbox.php index 028b6ba..e059c12 100644 --- a/add-mailbox.php +++ b/add-mailbox.php @@ -28,12 +28,10 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$PERMISSIONS = check_permissions(); -$admin = $SESSID_USERNAME ?? ADMIN_EMAIL; +$ROLE = check_role(); -if ($PERMISSIONS == ADMIN_RIGHTS) { +if ($ROLE == ADMIN_ROLE) { $list_domains = list_domains(); - $list_admins = list_admins(); } else { $list_domains = list_domains($SESSID_USERNAME); } @@ -90,7 +88,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { $sth->bindParam(4, $maildir, PDO::PARAM_STR); $sth->bindParam(5, $domain, PDO::PARAM_STR); $sth->execute(); - logging($admin, $domain, $LANG['Logging_mailbox_add'], "$from"); + logging($SESSID_USERNAME, $domain, $LANG['Logging_mailbox_add'], "$from"); $message = $LANG['Add_mailbox_result_succes'] . "
($from)"; $username = ''; $name = ''; diff --git a/admin.php b/admin.php index 4e76234..9a523ce 100644 --- a/admin.php +++ b/admin.php @@ -28,9 +28,9 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$PERMISSIONS = check_permissions(); +$ROLE = check_role(); -if ($PERMISSIONS != ADMIN_RIGHTS) { +if ($ROLE != ADMIN_ROLE) { header("Location: list-domain.php"); die();; } diff --git a/backup.php b/backup.php index d9546e3..35a6e2e 100644 --- a/backup.php +++ b/backup.php @@ -22,9 +22,9 @@ include './languages/' . check_language() . '.lang'; date_default_timezone_set('Europe/Amsterdam'); $SESSID_USERNAME = check_session(); -$PERMISSIONS = check_permissions(); +$ROLE = check_role(); -if ($PERMISSIONS != ADMIN_RIGHTS) { +if ($ROLE != ADMIN_ROLE) { header("Location: list-domain.php"); die();; } diff --git a/conf.php-sample b/conf.php-sample index 45c60f8..d850067 100644 --- a/conf.php-sample +++ b/conf.php-sample @@ -23,6 +23,9 @@ define('DB_NAME', ''); define('ALIASES', '10'); define('MAILBOXES', '10'); +// Mail Admin Administrator tag +define('ADMIN_RIGHTS', 'ADMINISTRATOR'); + // Expose virtual mail construct 'vmail' to admins. define('ALIAS_CONTROL', 'NO'); diff --git a/delete.php b/delete.php index 1634808..db9b622 100644 --- a/delete.php +++ b/delete.php @@ -25,7 +25,6 @@ include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); $list_domains = list_domains($SESSID_USERNAME); -$admin = $SESSID_USERNAME ?? ADMIN_EMAIL; if ($_SERVER['REQUEST_METHOD'] == "GET") { $table = filter_input(INPUT_GET, 'table', FILTER_DEFAULT); @@ -44,7 +43,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") { if ($sth->rowCount() != 1) { throw new RuntimeException('alias'); } - logging($admin, $domain, $LANG['Logging_alias_delete'], $delete); + logging($SESSID_USERNAME, $domain, $LANG['Logging_alias_delete'], $delete); header("Location: list-virtual.php?domain=$domain"); } catch (RuntimeException $e) { @@ -67,7 +66,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") { if ($sth->rowCount() != 1) { throw new RuntimeException('mailbox'); } - logging($admin, $domain, $LANG['Logging_mailbox_delete'], $delete); + logging($SESSID_USERNAME, $domain, $LANG['Logging_mailbox_delete'], $delete); $sth = $dbh->prepare("DELETE FROM vacation WHERE email=? AND domain=?"); $sth->bindParam(1, $delete, PDO::PARAM_STR); diff --git a/domain.php b/domain.php index 77985b2..a88ed48 100644 --- a/domain.php +++ b/domain.php @@ -29,9 +29,9 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$PERMISSIONS = check_permissions(); +$ROLE = check_role(); -if ($PERMISSIONS != ADMIN_RIGHTS) { +if ($ROLE != ADMIN_ROLE) { header("Location: list-domain.php"); die(); } diff --git a/edit-alias.php b/edit-alias.php index bb066d9..6b69dac 100644 --- a/edit-alias.php +++ b/edit-alias.php @@ -24,10 +24,9 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$PERMISSIONS = check_permissions(); -$admin = $SESSID_USERNAME ?? ADMIN_EMAIL; +$ROLE = check_role(); -if ($PERMISSIONS == ADMIN_RIGHTS) { +if ($ROLE == ADMIN_ROLE) { $list_domains = list_domains(); $list_admins = list_admins(); } else { @@ -87,7 +86,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { $sth->bindParam(2, $address, PDO::PARAM_STR); $sth->bindParam(3, $domain, PDO::PARAM_STR); $sth->execute(); - logging($admin, $domain, $LANG['Logging_alias_edit'], "$address -> $goto"); + logging($SESSID_USERNAME, $domain, $LANG['Logging_alias_edit'], "$address -> $goto"); header("Location: list-virtual.php?domain=$domain"); } catch(PDOException $e) { $message = $LANG['Edit_alias_result_error']; diff --git a/edit-mailbox.php b/edit-mailbox.php index 680e293..594f5d0 100644 --- a/edit-mailbox.php +++ b/edit-mailbox.php @@ -26,10 +26,9 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$PERMISSIONS = check_permissions(); -$admin = $SESSID_USERNAME ?? ADMIN_EMAIL; +$ROLE = check_role(); -if ($PERMISSIONS == ADMIN_RIGHTS) { +if ($ROLE == ADMIN_ROLE) { $list_domains = list_domains(); $list_admins = list_admins(); } else { @@ -93,7 +92,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { $sth->bindParam(2, $username, PDO::PARAM_STR); $sth->bindParam(3, $domain, PDO::PARAM_STR); $sth->execute(); - logging($admin, $domain, $LANG['Logging_mailbox_edit'], $username); + logging($SESSID_USERNAME, $domain, $LANG['Logging_mailbox_edit'], $username); header("Location: list-virtual.php?domain=$domain"); } catch(PDOException $e) { $message = $LANG['Edit_mailbox_result_error']; diff --git a/functions.inc.php b/functions.inc.php index a8b8fec..fb06cfd 100644 --- a/functions.inc.php +++ b/functions.inc.php @@ -43,9 +43,14 @@ function check_session($session = "sessid") { return $_SESSION[$session]['username']; } -function check_permissions($session = "sessid") { - if (!empty($_SESSION[$session]['rights'])) { - return $_SESSION[$session]['rights']; +// +// check_role +// Action: Check which role is assighed +// Call: check_role() +// +function check_role($session = "sessid") { + if (!empty($_SESSION[$session]['role'])) { + return $_SESSION[$session]['role']; } } diff --git a/languages/en.lang b/languages/en.lang index d8bd600..a08a122 100644 --- a/languages/en.lang +++ b/languages/en.lang @@ -20,10 +20,14 @@ $LANG['Login_login_users'] = 'Users click here to login to the user section.'; $LANG['Menu_list_domain'] = 'List Domains'; $LANG['Menu_list_virtual'] = 'List Virtuals'; -$LANG['Menu_add_alias'] = 'Add Alias'; -$LANG['Menu_add_mailbox'] = 'Add Mailbox'; +$LANG['Menu_list_admin'] = 'List Admins'; +$LANG['Menu_backup'] = 'Backup'; +$LANG['Menu_add_domain'] = 'Add Domain'; +$LANG['Menu_add_admin'] = 'Add Admin'; $LANG['Menu_sendmail'] = 'Send Email'; $LANG['Menu_password'] = 'Password'; +$LANG['Menu_add_alias'] = 'Add Alias'; +$LANG['Menu_add_mailbox'] = 'Add Mailbox'; $LANG['Menu_viewlog'] = 'View Log'; $LANG['Menu_logout'] = 'Logout'; @@ -131,37 +135,11 @@ $LANG['Sendmail_button'] = 'Send Message'; $LANG['Sendmail_result_error'] = 'Unable to send message.'; $LANG['Sendmail_result_succes'] = 'The mailbox has been created.'; -$LANG['AdminMenu_list_domain'] = 'List Domains'; -$LANG['AdminMenu_list_admin'] = 'List Admins'; -$LANG['AdminMenu_viewlog'] = 'View Log'; -$LANG['AdminMenu_backup'] = 'Backup'; -$LANG['AdminMenu_create_domain_admins'] = 'Domain Admins'; -$LANG['AdminMenu_create_domain'] = 'Add Domain'; -$LANG['AdminMenu_create_admin'] = 'Add Admin'; -$LANG['AdminMenu_create_alias'] = 'Add Alias'; -$LANG['AdminMenu_create_mailbox'] = 'Add Mailbox'; - $LANG['AdminList_admin_domain'] = 'Domain'; $LANG['AdminList_admin_username'] = 'Admin'; $LANG['AdminList_admin_count'] = 'Domains'; $LANG['AdminList_admin_modified'] = 'Last Modified'; - -$LANG['AdminList_domain_domain'] = 'Domain'; -$LANG['AdminList_domain_description'] = 'Description'; -$LANG['AdminList_domain_aliases'] = 'Aliases'; -$LANG['AdminList_domain_mailboxes'] = 'Mailboxes'; -$LANG['AdminList_domain_modified'] = 'Last Modified'; - -$LANG['AdminList_virtual_button'] = 'Go'; -$LANG['AdminList_virtual_welcome'] = 'Overview for '; -$LANG['AdminList_virtual_alias_alias_count'] = 'Aliases'; -$LANG['AdminList_virtual_alias_mailbox_count'] = 'Mailboxes'; -$LANG['AdminList_virtual_alias_address'] = 'From'; -$LANG['AdminList_virtual_alias_goto'] = 'To'; -$LANG['AdminList_virtual_alias_modified'] = 'Last Modified'; -$LANG['AdminList_virtual_mailbox_username'] = 'Email'; -$LANG['AdminList_virtual_mailbox_name'] = 'Name'; -$LANG['AdminList_virtual_mailbox_modified'] = 'Last Modified'; +$LANG['AdminList_admin_active'] = 'Active'; $LANG['AdminAdd_domain_welcome'] = 'Add a new domain'; $LANG['AdminAdd_domain_domain'] = 'Domain'; diff --git a/list-admin.php b/list-admin.php index 161567f..a1e2fbd 100644 --- a/list-admin.php +++ b/list-admin.php @@ -21,18 +21,17 @@ require './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$PERMISSIONS = check_permissions(); -$admin = $SESSID_USERNAME ?? ADMIN_EMAIL; +$ROLE = check_role(); $list_admins = array(); if ($_SERVER['REQUEST_METHOD'] == "GET") { - if ($PERMISSIONS == ADMIN_RIGHTS) { + if ($ROLE == ADMIN_ROLE) { $list_admins = list_admins(); } } include './templates/header.tpl'; include './templates/menu.tpl'; -include './templates/admin_list-admin.tpl'; +include './templates/list-admin.tpl'; include './templates/footer.tpl'; ?> diff --git a/list-domain.php b/list-domain.php index 19cd5ae..1726709 100644 --- a/list-domain.php +++ b/list-domain.php @@ -21,11 +21,11 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$PERMISSIONS = check_permissions(); +$ROLE = check_role(); if ($_SERVER['REQUEST_METHOD'] == "GET") { $username = filter_input(INPUT_GET, 'username', FILTER_VALIDATE_EMAIL); - if ($PERMISSIONS == ADMIN_RIGHTS) { + if ($ROLE == ADMIN_ROLE) { $list_admins = list_admins(); if (empty($username)) { $list_domains = list_domains(); diff --git a/list-virtual.php b/list-virtual.php index 6ec0b7d..071a35f 100644 --- a/list-virtual.php +++ b/list-virtual.php @@ -23,9 +23,9 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$PERMISSIONS = check_permissions(); +$ROLE = check_role(); -if ($PERMISSIONS == ADMIN_RIGHTS) { +if ($ROLE == ADMIN_ROLE) { $list_domains = list_domains(); } else { $list_domains = list_domains($SESSID_USERNAME); diff --git a/login.php b/login.php index ad4aead..cd9aec8 100644 --- a/login.php +++ b/login.php @@ -28,7 +28,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if (!empty($username) && !empty($password)) { $dbh = pdo_connect(); - $sth = $dbh->prepare("SELECT password,rights FROM admin WHERE username=?"); + $sth = $dbh->prepare("SELECT password,role FROM admin WHERE username=?"); $sth->bindParam(1, $username, PDO::PARAM_STR); $sth->execute(); $row = $sth->fetch(PDO::FETCH_ASSOC); @@ -45,7 +45,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if (empty($message)) { session_start(); $_SESSION['sessid']['username'] = $username; - $_SESSION['sessid']['rights'] = $row['rights']; + $_SESSION['sessid']['role'] = $row['role']; header("Location: list-domain.php"); exit; } diff --git a/password.php b/password.php index a597172..d399e4e 100644 --- a/password.php +++ b/password.php @@ -23,10 +23,10 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$PERMISSIONS = check_permissions(); -$admin = $SESSID_USERNAME ?? ADMIN_EMAIL; +$ROLE = check_role(); +$SESSID_USERNAME = $SESSID_USERNAME ?? ADMIN_EMAIL; -if ($PERMISSIONS == ADMIN_RIGHTS) { +if ($ROLE == ADMIN_ROLE) { $list_domains = list_domains(); $list_admins = list_admins(); } else { diff --git a/search.php b/search.php index 51dafff..3e1a088 100644 --- a/search.php +++ b/search.php @@ -22,9 +22,9 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$PERMISSIONS = check_permissions(); +$ROLE = check_role(); -if ($PERMISSIONS == ADMIN_RIGHTS) { +if ($ROLE == ADMIN_ROLE) { $list_domains = list_domains(); } else { $list_domains = list_domains($SESSID_USERNAME); diff --git a/sendmail.php b/sendmail.php index a6ba630..900ade8 100644 --- a/sendmail.php +++ b/sendmail.php @@ -26,10 +26,10 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$PERMISSIONS = check_permissions(); -$admin = $SESSID_USERNAME ?? ADMIN_EMAIL; +$ROLE = check_role(); +$SESSID_USERNAME = $SESSID_USERNAME ?? ADMIN_EMAIL; -if ($PERMISSIONS == ADMIN_RIGHTS) { +if ($ROLE == ADMIN_ROLE) { $list_domains = list_domains(); $list_admins = list_admins(); } else { diff --git a/templates/list-admin.tpl b/templates/list-admin.tpl new file mode 100644 index 0000000..13b97de --- /dev/null +++ b/templates/list-admin.tpl @@ -0,0 +1,22 @@ + 0) { + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + + foreach ($list_admins as $row) { + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + } + echo "
" . $LANG['AdminList_admin_username'] . "" . $LANG['AdminList_admin_count'] . "" . $LANG['List_modified'] . " 
" . $row['username'] . "" . $row['domain_count'] . "" . $row['modified'] . "" . $LANG['edit'] . "" . $LANG['del'] . "
"; +} +?> diff --git a/templates/list-domain.tpl b/templates/list-domain.tpl index f3f1a1b..57a1f59 100644 --- a/templates/list-domain.tpl +++ b/templates/list-domain.tpl @@ -1,5 +1,5 @@
- +