rip and replace.. start

This commit is contained in:
mischa 2022-09-02 21:06:08 +00:00
parent 81954500f3
commit 461ed9a53b
32 changed files with 888 additions and 1116 deletions

1
.gitignore vendored
View File

@ -1,2 +1,3 @@
conf.php
config.inc.php
admin/.htpasswd

77
admin/add-admin.php Normal file
View File

@ -0,0 +1,77 @@
<?php
//
// OpenSMTPD Admin
// by Mischa Peters <mischa at high5 dot nl>
// Copyright (c) 2022 High5!
// License Info: LICENSE.TXT
//
// File: create-admin.php
//
// Template File: admin_create-admin.tpl
//
//
// Template Variables:
//
// tMessage
// tUsername
// tDomains
//
// Form POST \ GET Variables:
//
// fUsername
// fPassword
// fPassword2
// fDomains
//
require("../variables.inc.php");
require("../config.inc.php");
require("../functions.inc.php");
include("../languages/" . check_language() . ".lang");
$list_domains = list_domains();
$list_admins = list_admins();
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$username = filter_input(INPUT_POST, 'username', FILTER_VALIDATE_EMAIL);
$password1 = filter_input(INPUT_POST, 'password1', FILTER_DEFAULT);
$password2 = filter_input(INPUT_POST, 'password2', FILTER_DEFAULT);
$domains = filter_input_array(INPUT_POST, array('domains' => array('filter' => FILTER_VALIDATE_DOMAIN, 'flags' => FILTER_REQUIRE_ARRAY)));
if (empty($username) || in_array($username, array_column($list_admins, 'username'))) {
$message = $PALANG['pAdminCreate_admin_username_error'];
}
if (empty($password1) or ($password1 != $password2)) {
$message = $PALANG['pAdminCreate_admin_password_error'];
}
if (empty($domains['domains'])) {
$message = $PALANG['pAdminCreate_admin_domain_error'];
}
if (empty($message)) {
$hashed = bcrypt($password1);
try {
$dbh = connect_db();
$sth = $dbh->prepare("INSERT INTO admin (username,password,created,modified) VALUES (?,?,NOW(),NOW())");
$sth->bindParam(1, $username, PDO::PARAM_STR);
$sth->bindParam(2, $hashed, PDO::PARAM_STR);
$sth->execute();
foreach ($domains['domains'] as $row) {
$sth = $dbh->prepare("INSERT INTO domain_admins (username,domain,created) VALUES (?,?,NOW())");
$sth->bindParam(1, $username, PDO::PARAM_STR);
$sth->bindParam(2, $row, PDO::PARAM_STR);
$sth->execute();
}
$message = $PALANG['pAdminCreate_admin_result_succes'] . "<br />($username)</br />";
} catch(PDOException $e) {
$message = $PALANG['pAdminCreate_admin_result_error'] . "<br />($username)<br />";
}
}
}
include("../templates/header.tpl");
include("../templates/admin_menu.tpl");
include("../templates/admin_create-admin.tpl");
include("../templates/footer.tpl");
?>

View File

@ -29,67 +29,49 @@ require("../functions.inc.php");
include("../languages/" . check_language() . ".lang");
$list_domains = list_domains();
if ($_SERVER['REQUEST_METHOD'] == "GET") {
$pAdminCreate_admin_username_text = $PALANG['pAdminCreate_admin_username_text'];
$tDomains = array();
include("../templates/header.tpl");
include("../templates/admin_menu.tpl");
include("../templates/admin_create-admin.tpl");
include("../templates/footer.tpl");
}
$list_admins = list_admins();
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$fUsername = escape_string($_POST['fUsername']);
$fPassword = escape_string($_POST['fPassword']);
$fPassword2 = escape_string($_POST['fPassword2']);
if (isset($_POST['fDomains'])) $tDomains = $_POST['fDomains'];
$username = filter_input(INPUT_POST, 'username', FILTER_VALIDATE_EMAIL);
$password1 = filter_input(INPUT_POST, 'password1', FILTER_DEFAULT);
$password2 = filter_input(INPUT_POST, 'password2', FILTER_DEFAULT);
$domains = filter_input_array(INPUT_POST, array('domains' => array('filter' => FILTER_VALIDATE_DOMAIN, 'flags' => FILTER_REQUIRE_ARRAY)));
if (!check_email($fUsername)) {
$error = 1;
$tUsername = escape_string($_POST['fUsername']);
if (isset($_POST['fDomains'])) $tDomains = $_POST['fDomains'];
$pAdminCreate_admin_username_text = $PALANG['pAdminCreate_admin_username_text_error1'];
if (empty($username) || in_array($username, array_column($list_admins, 'username'))) {
$message = $PALANG['pAdminCreate_admin_username_error'];
}
if (empty($fUsername) or admin_exist($fUsername)) {
$error = 1;
$tUsername = escape_string($_POST['fUsername']);
if (isset($_POST['fDomains'])) $tDomains = $_POST['fDomains'];
$pAdminCreate_admin_username_text = $PALANG['pAdminCreate_admin_username_text_error2'];
}
if (empty($fPassword) or ($fPassword != $fPassword2)) {
$error = 1;
$tUsername = escape_string($_POST['fUsername']);
if (isset($_POST['fDomains'])) $tDomains = $_POST['fDomains'];
$pAdminCreate_admin_username_text = $PALANG['pAdminCreate_admin_username_text'];
$pAdminCreate_admin_password_text = $PALANG['pAdminCreate_admin_password_text_error'];
if (empty($password1) or ($password1 != $password2)) {
$message = $PALANG['pAdminCreate_admin_password_error'];
}
if ($error != 1) {
$password = pacrypt("$fPassword");
$pAdminCreate_admin_username_text = $PALANG['pAdminCreate_admin_username_text'];
if (empty($domains['domains'])) {
$message = $PALANG['pAdminCreate_admin_domain_error'];
}
$result = db_query("INSERT INTO admin (username,password,created,modified) VALUES ('$fUsername','$password',NOW(),NOW())");
if ($result['rows'] != 1) {
$tMessage = $PALANG['pAdminCreate_admin_result_error'] . "<br />($fUsername)<br />";
} else {
if (!empty($tDomains[0])) {
for ($i = 0; $i < count($tDomains); $i++) {
$domain = $tDomains[$i];
$result = db_query("INSERT INTO domain_admins (username,domain,created) VALUES ('$fUsername','$domain',NOW())");
}
if (empty($message)) {
$hashed = bcrypt($password1);
try {
$dbh = connect_db();
$sth = $dbh->prepare("INSERT INTO admin (username,password,created,modified) VALUES (?,?,NOW(),NOW())");
$sth->bindParam(1, $username, PDO::PARAM_STR);
$sth->bindParam(2, $hashed, PDO::PARAM_STR);
$sth->execute();
foreach ($domains['domains'] as $row) {
$sth = $dbh->prepare("INSERT INTO domain_admins (username,domain,created) VALUES (?,?,NOW())");
$sth->bindParam(1, $username, PDO::PARAM_STR);
$sth->bindParam(2, $row, PDO::PARAM_STR);
$sth->execute();
}
$tMessage = $PALANG['pAdminCreate_admin_result_succes'] . "<br />($fUsername)</br />";
}
$message = $PALANG['pAdminCreate_admin_result_succes'] . "<br />($username)</br />";
} catch(PDOException $e) {
$message = $PALANG['pAdminCreate_admin_result_error'] . "<br />($username)<br />";
}
}
include("../templates/header.tpl");
include("../templates/admin_menu.tpl");
include("../templates/admin_create-admin.tpl");
include("../templates/footer.tpl");
}
include("../templates/header.tpl");
include("../templates/admin_menu.tpl");
include("../templates/admin_create-admin.tpl");
include("../templates/footer.tpl");
?>

View File

@ -14,13 +14,13 @@
// tMessage
// tAddress
// tGoto
// tDomain
// domain
//
// Form POST \ GET Variables:
//
// fAddress
// address
// fGoto
// fDomain
// domain
//
require("../variables.inc.php");
require("../config.inc.php");
@ -29,74 +29,40 @@ include("../languages/" . check_language() . ".lang");
$list_domains = list_domains();
if ($_SERVER['REQUEST_METHOD'] == "GET") {
$pCreate_alias_goto_text = $PALANG['pCreate_alias_goto_text'];
if (isset($_GET['domain'])) $tDomain = escape_string($_GET['domain']);
}
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$pCreate_alias_goto_text = $PALANG['pCreate_alias_goto_text'];
$address = strtolower(filter_input(INPUT_POST, 'address', FILTER_DEFAULT));
$domain = filter_input(INPUT_POST, 'domain', FILTER_VALIDATE_DOMAIN);
$goto = strtolower(filter_input(INPUT_POST, 'goto', FILTER_DEFAULT));
$domain_key = array_search($domain, array_column($list_domains, 'domain'));
$fAddress = escape_string($_POST['fAddress']) . "@" . escape_string($_POST['fDomain']);
$fAddress = strtolower($fAddress);
$fGoto = escape_string($_POST['fGoto']);
$fGoto = strtolower($fGoto);
$fDomain = escape_string($_POST['fDomain']);
$from = filter_var($address . '@' . $domain, FILTER_VALIDATE_EMAIL);
if (!str_contains($goto, '@')) {
$goto = $goto . "@" . $domain;
}
$goto = filter_var($goto, FILTER_VALIDATE_EMAIL);
if (!preg_match('/@/',$fGoto)) {
$fGoto = $fGoto . "@" . escape_string($_POST['fDomain']);
}
if (!check_alias($fDomain)) {
$error = 1;
$tAddress = escape_string($_POST['fAddress']);
$tGoto = $fGoto;
$tDomain = $fDomain;
$pCreate_alias_address_text = $PALANG['pCreate_alias_address_text_error3'];
}
if (empty($fAddress) or !check_email($fAddress))
{
$error = 1;
$tAddress = escape_string($_POST['fAddress']);
$tGoto = $fGoto;
$tDomain = $fDomain;
$pCreate_alias_address_text = $PALANG['pCreate_alias_address_text_error1'];
if ($list_domains[$domain_key]['alias_count'] < 0 || $list_domains[$domain_key]['alias_count'] >= $list_domains[$domain_key]['aliases']) {
$message = $PALANG['pCreate_alias_address_text_error2'];
}
if (empty($fGoto) or !check_email($fGoto))
{
$error = 1;
$tAddress = escape_string($_POST['fAddress']);
$tGoto = $fGoto;
$tDomain = $fDomain;
$pCreate_alias_goto_text = $PALANG['pCreate_alias_goto_text_error'];
if (empty($address) || empty($goto)) {
$message = $PALANG['pCreate_alias_address_text_error1'];
}
if (escape_string($_POST['fAddress']) == "*") $fAddress = "@" . escape_string($_POST['fDomain']);
$result = db_query("SELECT * FROM alias WHERE address='$fAddress'");
if ($result['rows'] == 1) {
$error = 1;
$tAddress = escape_string($_POST['fAddress']);
$tGoto = $fGoto;
$tDomain = $fDomain;
$pCreate_alias_address_text = $PALANG['pCreate_alias_address_text_error2'];
}
if ($error != 1) {
if (preg_match('/^\*@(.*)$/', $fGoto, $match)) $fGoto = "@" . $match[1];
$result = db_query("INSERT INTO alias (address,goto,domain,created,modified) VALUES ('$fAddress','$fGoto','$fDomain',NOW(),NOW())");
if ($result['rows'] != 1) {
$tDomain = $fDomain;
$tMessage = $PALANG['pCreate_alias_result_error'] . "<br />($fAddress -> $fGoto)<br />";
} else {
db_log($CONF['admin_email'], $fDomain, "create alias", "$fAddress -> $fGoto");
$tDomain = $fDomain;
$tMessage = $PALANG['pCreate_alias_result_succes'] . "<br />($fAddress -> $fGoto)</br />";
if (empty($message)) {
try {
$dbh = connect_db();
$sth = $dbh->prepare("INSERT INTO alias (address,goto,domain,created,modified) VALUES (?,?,?,NOW(),NOW())");
$sth->bindParam(1, $from, PDO::PARAM_STR);
$sth->bindParam(2, $goto, PDO::PARAM_STR);
$sth->bindParam(3, $domain, PDO::PARAM_STR);
$sth->execute();
logging(ADMIN_EMAIL, $domain, "create alias", "$from -> $goto");
$message = $PALANG['pCreate_alias_result_succes'] . "<br />($from -> $goto)</br />";
$address = '';
$goto = '';
} catch(PDOException $e) {
$message = $PALANG['pCreate_alias_result_error'] . "<br />($from -> $goto) - $e<br />";
}
}
}

View File

@ -28,70 +28,38 @@
// fMaxquota
// fDefaultaliases
//
require("../variables.inc.php");
require("../config.inc.php");
require("../functions.inc.php");
include("../languages/" . check_language() . ".lang");
if ($_SERVER['REQUEST_METHOD'] == "GET") {
$tAliases = $CONF['aliases'];
$tMailboxes = $CONF['mailboxes'];
$tMaxquota = $CONF['maxquota'];
}
require_once '../functions.inc.php';
include '../languages/' . check_language() . '.lang';
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$fDomain = escape_string($_POST['fDomain']);
!empty($_POST['fDescription']) ? $fDescription = escape_string($_POST['fDescription']) : $fDescription = "No Description";
$fAliases = escape_string($_POST['fAliases']);
$fMailboxes = escape_string($_POST['fMailboxes']);
!empty($_POST['fMaxquota']) ? $fMaxquota = escape_string($_POST['fMaxquota']) : $fMaxquota = "0";
!empty($_POST['fTransport']) ? $fTransport = escape_string($_POST['fTransport']) : $fTransport = "virtual";
if (isset($_POST['fDefaultaliases'])) $fDefaultaliases = escape_string($_POST['fDefaultaliases']);
isset($_POST['fBackupmx']) ? $fBackupmx = escape_string($_POST['fBackupmx']) : $fBackupmx = "0";
if (empty($fDomain) or domain_exist($fDomain)) {
$error = 1;
$tDomain = escape_string($_POST['fDomain']);
$tDescription = escape_string($_POST['fDescription']);
$tAliases = escape_string($_POST['fAliases']);
$tMailboxes = escape_string($_POST['fMailboxes']);
if (isset($_POST['fMaxquota'])) $tMaxquota = escape_string($_POST['fMaxquota']);
if (isset($_POST['fTransport'])) $tTransport = escape_string($_POST['fTransport']);
if (isset($_POST['fDefaultaliases'])) $tDefaultaliases = escape_string($_POST['fDefaultaliases']);
if (isset($_POST['fBackupmx'])) $tBackupmx = escape_string($_POST['fBackupmx']);
$pAdminCreate_domain_domain_text = $PALANG['pAdminCreate_domain_domain_text_error'];
}
if ($error != 1) {
$tAliases = $CONF['aliases'];
$tMailboxes = $CONF['mailboxes'];
$tMaxquota = $CONF['maxquota'];
$list_domains = list_domains();
if ($fBackupmx == "on") {
$fAliases = -1;
$fMailboxes = -1;
$fMaxquota = -1;
$fBackupmx = 1;
} else {
$fBackupmx = 0;
}
$result = db_query("INSERT INTO domain (domain,description,aliases,mailboxes,maxquota,transport,backupmx,created,modified) VALUES ('$fDomain','$fDescription',$fAliases,$fMailboxes,$fMaxquota,'$fTransport',$fBackupmx,NOW(),NOW())");
if ($result['rows'] != 1) {
$tMessage = $PALANG['pAdminCreate_domain_result_error'] . "<br />($fDomain)<br />";
} else {
if ($fDefaultaliases == "on") {
foreach ($CONF['default_aliases'] as $address=>$goto) {
$address = $address . "@" . $fDomain;
$result = db_query("INSERT INTO alias (address,goto,domain,created,modified) VALUES ('$address','$goto','$fDomain',NOW(),NOW())");
}
}
$tMessage = $PALANG['pAdminCreate_domain_result_succes'] . "<br />($fDomain)</br />";
$domain = strtolower(filter_input(INPUT_POST, 'domain', FILTER_VALIDATE_DOMAIN));
$description = filter_input(INPUT_POST, 'description', FILTER_CALLBACK, array('options' => 'htmlspecialchars'));
$aliases = filter_input(INPUT_POST, 'aliases', FILTER_VALIDATE_INT);
$mailboxes = filter_input(INPUT_POST, 'mailboxes', FILTER_VALIDATE_INT);
if (!in_array($domain, array_column($list_domains, 'domain'))) {
try {
$dbh = connect_db();
$sth = $dbh->prepare("INSERT INTO domain (domain,description,aliases,mailboxes,created,modified) VALUES (?,?,?,?,NOW(),NOW())");
$sth->bindParam(1, $domain, PDO::PARAM_STR);
$sth->bindParam(2, $description, PDO::PARAM_STR);
$sth->bindParam(3, $aliases, PDO::PARAM_INT);
$sth->bindParam(4, $mailboxes, PDO::PARAM_INT);
$sth->execute();
$message = $PALANG['pAdminCreate_domain_result_succes'] . "<br />($domain)</br />";
} catch(PDOException $e) {
$message = $PALANG['pAdminCreate_domain_result_error'] . "<br />($domain)<br />";
}
} else {
$message = $PALANG['pAdminCreate_domain_domain_text_error'];
}
}
include("../templates/header.tpl");
include("../templates/admin_menu.tpl");
include("../templates/admin_create-domain.tpl");
include("../templates/footer.tpl");
include '../templates/header.tpl';
include '../templates/admin_menu.tpl';
include '../templates/admin_create-domain.tpl';
include '../templates/footer.tpl';
?>

View File

@ -15,83 +15,170 @@
//
// Form POST \ GET Variables:
//
// fTable
// fWhere
// fDelete
// fDomain
// table
// where
// delete
// domain
//
require("../variables.inc.php");
require("../config.inc.php");
require("../functions.inc.php");
require_once("../functions.inc.php");
include("../languages/" . check_language() . ".lang");
if ($_SERVER['REQUEST_METHOD'] == "GET") {
if (isset($_GET['table'])) $fTable = escape_string($_GET['table']);
if (isset($_GET['where'])) $fWhere = escape_string($_GET['where']);
if (isset($_GET['delete'])) $fDelete = escape_string($_GET['delete']);
if (isset($_GET['domain'])) $fDomain = escape_string($_GET['domain']);
if (empty($fTable)) {
$error = 1;
}
if ($fTable == "domain") {
$result_domain = db_delete("domain",$fWhere,$fDelete);
$result_domain_admins = db_delete("domain_admins",$fWhere,$fDelete);
$result_alias = db_delete("alias",$fWhere,$fDelete);
$result_mailbox = db_delete("mailbox",$fWhere,$fDelete);
$result_log = db_delete("log",$fWhere,$fDelete);
if ($CONF['vacation'] == "YES") {
$result_vacation = db_delete("vacation",$fWhere,$fDelete);
}
$table = strtolower(filter_input(INPUT_GET, 'table', FILTER_DEFAULT));
$delete = filter_input(INPUT_GET, 'delete', FILTER_DEFAULT);
$domain = filter_input(INPUT_GET, 'domain', FILTER_DEFAULT);
if (!($result_domain == 1) and ($result_domain_admins >= 0) and ($result_alias >= 0) and ($result_mailbox >= 0) and ($result_vacation >= 0)) {
$error = 1;
$tMessage = $PALANG['pAdminDelete_domain_error'];
} else {
$url = "list-domain.php";
}
}
if ($fTable == "admin") {
$result_admin = db_delete("admin",$fWhere,$fDelete);
$result_domain_admins = db_delete("domain_admins",$fWhere,$fDelete);
if (!($result_admin == 1) and ($result_domain_admins >= 0)) {
$error = 1;
$tMessage = $PALANG['pAdminDelete_admin_error'];
} else {
$url = "list-admin.php";
}
}
if ($table == "domain") {
try {
$dbh = connect_db();
$dbh->beginTransaction();
if ($fTable == "alias" or $fTable == "mailbox") {
$result = db_query("DELETE FROM alias WHERE address='$fDelete' AND domain='$fDomain'");
if ($result['rows'] != 1) {
$error = 1;
$tMessage = $PALANG['pDelete_delete_error'] . "<b>$fDelete</b> (alias)!</div>";
} else {
$url = "list-virtual.php?domain=$fDomain";
db_log($CONF['admin_email'], $fDomain, "delete alias", $fDelete);
}
$sth = $dbh->prepare("SELECT COUNT(*) FROM log WHERE domain=?");
$sth->execute(array($domain));
$count_log = $sth->fetchColumn();
$result = db_query("SELECT * FROM mailbox WHERE username='$fDelete' AND domain='$fDomain'");
if ($result['rows'] == 1) {
$result = db_query("DELETE FROM mailbox WHERE username='$fDelete' AND domain='$fDomain'");
if ($result['rows'] != 1) {
$error = 1;
$tMessage = $PALANG['pDelete_delete_error'] . "<b>$fDelete</b> (mailbox)!</div>";
} else {
$url = "list-virtual.php?domain=$fDomain";
db_query("DELETE FROM vacation WHERE email='$fDelete' AND domain='$fDomain'");
db_log($CONF['admin_email'], $fDomain, "delete mailbox", $fDelete);
$sth = $dbh->prepare("DELETE FROM log WHERE domain=?");
$sth->execute(array($domain));
if ($sth->rowCount() != $count_log) {
throw new RuntimeException('Unable to delete entries from the logs table.');
}
$sth = $dbh->prepare("SELECT COUNT(*) FROM vacation WHERE domain=?");
$sth->execute(array($domain));
$count_vacation = $sth->fetchColumn();
$sth = $dbh->prepare("DELETE FROM vacation WHERE domain=?");
$sth->execute(array($domain));
if ($sth->rowCount() != $count_vacation) {
throw new RuntimeException('Unable to delete entries from the vacation table.');
}
$sth = $dbh->prepare("SELECT COUNT(*) FROM alias WHERE domain=?");
$sth->execute(array($domain));
$count_alias = $sth->fetchColumn();
$sth = $dbh->prepare("DELETE FROM alias WHERE domain=?");
$sth->execute(array($domain));
if ($sth->rowCount() != $count_alias) {
throw new RuntimeException('Unable to delete entries from the alias table.');
}
$sth = $dbh->prepare("SELECT COUNT(*) FROM mailbox WHERE domain=?");
$sth->execute(array($domain));
$count_mailbox = $sth->fetchColumn();
$sth = $dbh->prepare("DELETE FROM mailbox WHERE domain=?");
$sth->execute(array($domain));
if ($sth->rowCount() != $count_mailbox) {
throw new RuntimeException('Unable to delete entries from the mailbox table.');
}
$sth = $dbh->prepare("SELECT COUNT(*) FROM domain_admins WHERE domain=?");
$sth->execute(array($domain));
$count_domain_admins = $sth->fetchColumn();
$sth = $dbh->prepare("DELETE FROM domain_admins WHERE domain=?");
$sth->execute(array($domain));
if ($sth->rowCount() != $count_domain_admins) {
throw new RuntimeException('Unable to delete entries from the domain_admins table.');
}
$sth = $dbh->prepare("SELECT COUNT(*) FROM domain WHERE domain=?");
$sth->execute(array($domain));
$count_domain = $sth->fetchColumn();
$sth = $dbh->prepare("DELETE FROM domain WHERE domain=?");
$sth->execute(array($domain));
if ($sth->rowCount() != $count_domain) {
throw new RuntimeException('Unable to delete entry from the domain table.');
}
$dbh->commit();
header("Location: list-domain.php");
} catch (RuntimeException $e) {
$message = $e->getMessage();
$dbh->rollBack();
} catch (PDOException $e) {
$message = $e->getMessage();
}
}
if ($table == "admin") {
try {
$dbh = connect_db();
$dbh->beginTransaction();
$sth = $dbh->prepare("SELECT COUNT(*) FROM admin WHERE username=?");
$sth->execute(array($delete));
$count_admin = $sth->fetchColumn();
$sth = $dbh->prepare("DELETE FROM admin WHERE username=?");
$sth->execute(array($delete));
if ($sth->rowCount() != $count_admin) {
throw new RuntimeException('Unable to delete entry from the admin table.');
}
$sth = $dbh->prepare("SELECT COUNT(*) FROM domain_admins WHERE username=?");
$sth->execute(array($delete));
$count_domain_admins = $sth->fetchColumn();
$sth = $dbh->prepare("DELETE FROM domain_admins WHERE username=?");
$sth->execute(array($delete));
if ($sth->rowCount() != $count_domain_admins) {
throw new RuntimeException('Unable to delete entries from the domain_admins table.');
}
$dbh->commit();
header("Location: list-admin.php");
} catch (RuntimeException $e) {
$message = $e->getMessage();
$dbh->rollBack();
} catch (PDOException $e) {
$message = $e->getMessage();
}
}
if ($error != 1) {
header("Location: $url");
exit;
if ($table == 'alias' || $table == 'mailbox') {
try {
$dbh = connect_db();
$sth = $dbh->prepare("DELETE FROM alias WHERE address=? AND domain=?");
$sth->bindParam(1, $delete, PDO::PARAM_STR);
$sth->bindParam(2, $domain, PDO::PARAM_STR);
$sth->execute();
if ($sth->rowCount() != 1) {
throw new RuntimeException('alias');
}
logging(ADMIN_EMAIL, $domain, "delete alias", $delete);
header("Location: list-virtual.php?domain=$domain");
} catch (RuntimeException $e) {
$message = $PALANG['pDelete_delete_error'] . "<b>$delete</b> (" . $e->getMessage() . ")!</span>";
} catch (PDOException $e) {
$message = $PALANG['pDelete_delete_error'] . "<b>$delete</b> (alias)!</span> " . $e-getMessage();
}
try {
$dbh = connect_db();
$sth = $dbh->prepare("DELETE FROM mailbox WHERE username=? AND domain=?");
$sth->bindParam(1, $delete, PDO::PARAM_STR);
$sth->bindParam(2, $domain, PDO::PARAM_STR);
$sth->execute();
if ($sth->rowCount() != 1) {
throw new RuntimeException('mailbox');
}
logging(ADMIN_EMAIL, $domain, "delete mailbox", $delete);
$sth = $dbh->prepare("DELETE FROM vacation WHERE email=? AND domain=?");
$sth->bindParam(1, $delete, PDO::PARAM_STR);
$sth->bindParam(2, $domain, PDO::PARAM_STR);
$sth->execute();
header("Location: list-virtual.php?domain=$domain");
} catch (RuntimeException $e) {
$message = $PALANG['pDelete_delete_error'] . "<b>$delete</b> (" . $e->getMessage() . ")!</span>";
} catch (PDOException $e) {
$message = $PALANG['pDelete_delete_error'] . "<b>$delete</b> (mailbox)!</span>";
}
}
}
include("../templates/header.tpl");

91
admin/domain.php Normal file
View File

@ -0,0 +1,91 @@
<?php
//
// OpenSMTPD Admin
// by Mischa Peters <mischa at high5 dot nl>
// Copyright (c) 2022 High5!
// License Info: LICENSE.TXT
//
// File: create-domain.php
//
// Template File: admin_create-domain.tpl
//
// Template Variables:
//
// tMessage
// tDomain
// tDescription
// tAliases
// tMailboxes
// tMaxquota
// tDefaultaliases
//
// Form POST \ GET Variables:
//
// fDomain
// fDescription
// fAliases
// fMailboxes
// fMaxquota
// fDefaultaliases
//
require_once '../functions.inc.php';
include '../languages/' . check_language() . '.lang';
$list_domains = list_domains();
if ($_SERVER['REQUEST_METHOD'] == "GET") {
$action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'new';
if ($action == 'edit') {
$domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN);
$domain_key = array_search($domain, array_column($list_domains, 'domain'));
$description = $list_domains[$domain_key]['description'];
$aliases = $list_domains[$domain_key]['aliases'];
$mailboxes = $list_domains[$domain_key]['mailboxes'];
}
}
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'new';
$domain = strtolower(filter_input(INPUT_POST, 'domain', FILTER_VALIDATE_DOMAIN));
$description = filter_input(INPUT_POST, 'description', FILTER_CALLBACK, array('options' => 'htmlspecialchars'));
$aliases = filter_input(INPUT_POST, 'aliases', FILTER_VALIDATE_INT);
$mailboxes = filter_input(INPUT_POST, 'mailboxes', FILTER_VALIDATE_INT);
if (!in_array($domain, array_column($list_domains, 'domain'))) {
try {
$dbh = connect_db();
$sth = $dbh->prepare("INSERT INTO domain (domain,description,aliases,mailboxes,created,modified) VALUES (?,?,?,?,NOW(),NOW())");
$sth->bindParam(1, $domain, PDO::PARAM_STR);
$sth->bindParam(2, $description, PDO::PARAM_STR);
$sth->bindParam(3, $aliases, PDO::PARAM_INT);
$sth->bindParam(4, $mailboxes, PDO::PARAM_INT);
$sth->execute();
$message = $PALANG['pAdminCreate_domain_result_succes'] . "<br />($domain)</br />";
} catch(PDOException $e) {
$message = $PALANG['pAdminCreate_domain_result_error'] . "<br />($domain)<br />";
}
} else {
$message = $PALANG['pAdminCreate_domain_domain_text_error'];
}
if (in_array($domain, array_column($list_domains, 'domain')) && $action == 'edit') {
try {
$dbh = connect_db();
$sth = $dbh->prepare("UPDATE domain SET description=?,aliases=?,mailboxes=?,modified=NOW() WHERE domain=?");
$sth->bindParam(1, $description, PDO::PARAM_STR);
$sth->bindParam(2, $aliases, PDO::PARAM_INT);
$sth->bindParam(3, $mailboxes, PDO::PARAM_INT);
$sth->bindParam(4, $domain, PDO::PARAM_STR);
$sth->execute();
header("Location: list-domain.php");
} catch(PDOException $e) {
$message = $PALANG['pAdminEdit_domain_result_error'];
}
}
}
include '../templates/header.tpl';
include '../templates/admin_menu.tpl';
include '../templates/admin_domain.tpl';
include '../templates/footer.tpl';
?>

View File

@ -25,22 +25,18 @@
// fMaxquota
// fActive
//
require("../variables.inc.php");
require("../config.inc.php");
require("../functions.inc.php");
include("../languages/" . check_language() . ".lang");
$list_domains = list_domains();
if ($_SERVER['REQUEST_METHOD'] == "GET") {
$domain = escape_string($_GET['domain']);
$domain_properties = get_domain_properties($domain);
$tDescription = $domain_properties['description'];
$tAliases = $domain_properties['aliases'];
$tMailboxes = $domain_properties['mailboxes'];
$tMaxquota = $domain_properties['maxquota'];
$tTransport = $domain_properties['transport'];
$tBackupmx = $domain_properties['backupmx'];
$tActive = $domain_properties['active'];
$action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT);
$domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN);
$domain_key = array_search($domain, array_column($list_domains, 'domain'));
$description = $list_domains[$domain_key]['description'];
$aliases = $list_domains[$domain_key]['aliases'];
$mailboxes = $list_domains[$domain_key]['mailboxes'];
}
if ($_SERVER['REQUEST_METHOD'] == "POST") {
@ -49,21 +45,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
$fDescription = escape_string($_POST['fDescription']);
$fAliases = escape_string($_POST['fAliases']);
$fMailboxes = escape_string($_POST['fMailboxes']);
if (isset($_POST['fMaxquote']) ? $fMaxquota = escape_string($_POST['fMaxquota']) : $fMaxquota = "0");
if (isset($_POST['fTransport'])) $fTransport = escape_string($_POST['fTransport']);
if (isset($_POST['fBackupmx'])) $fBackupmx = escape_string($_POST['fBackupmx']);
if (isset($_POST['fActive'])) $fActive = escape_string($_POST['fActive']);
if ($fBackupmx == "on") {
$fAliases = -1;
$fMailboxes = -1;
$fMaxquota = -1;
$fBackupmx = 1;
} else {
$fBackupmx = 0;
}
$fActive = ($fActive == "on" ? 1 : 0);
$result = db_query("UPDATE domain SET description='$fDescription',aliases='$fAliases',mailboxes='$fMailboxes',maxquota='$fMaxquota',transport='$fTransport',backupmx='$fBackupmx',active='$fActive',modified=NOW() WHERE domain='$domain'");
if ($result['rows'] == 1) {
@ -74,6 +56,6 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
}
include("../templates/header.tpl");
include("../templates/admin_menu.tpl");
include("../templates/admin_edit-domain.tpl");
include("../templates/admin_add-domain.tpl");
include("../templates/footer.tpl");
?>

View File

@ -11,30 +11,19 @@
//
// Template Variables:
//
// -none-
// list_admins
//
// Form POST \ GET Variables:
//
// -none-
//
require("../variables.inc.php");
require("../config.inc.php");
require("../functions.inc.php");
include("../languages/" . check_language() . ".lang");
require '../functions.inc.php';
include '../languages/' . check_language() . '.lang';
$list_admins = list_admins();
if (!empty($list_admins)) {
$list_admins_count = count($list_admins);
if ((is_array($list_admins) and $list_admins_count > 0)) {
for ($i = 0; $i < $list_admins_count; $i++) {
$admin_properties[$i] = get_admin_properties($list_admins[$i]);
}
}
}
include("../templates/header.tpl");
include("../templates/admin_menu.tpl");
include("../templates/admin_list-admin.tpl");
include("../templates/footer.tpl");
include '../templates/header.tpl';
include '../templates/admin_menu.tpl';
include '../templates/admin_list-admin.tpl';
include '../templates/footer.tpl';
?>

View File

@ -11,51 +11,26 @@
//
// Template Variables:
//
// -none-
// list_domains
//
// Form POST \ GET Variables:
// Form GET Variables:
//
// fUsername
// username
//
require("../variables.inc.php");
require("../config.inc.php");
require("../functions.inc.php");
include("../languages/" . check_language() . ".lang");
require_once '../functions.inc.php';
include '../languages/' . check_language() . '.lang';
$list_admins = list_admins();
if ($_SERVER['REQUEST_METHOD'] == "GET") {
if (isset($_GET['username'])) {
$fUsername = escape_string($_GET['username']);
$list_domains = list_domains_for_admin($fUsername);
if ($list_domains != 0) {
for ($i = 0; $i < count($list_domains); $i++) {
$domain_properties[$i] = get_domain_properties($list_domains[$i]);
}
}
} else {
$list_domains = list_domains();
if ((is_array($list_domains) and count($list_domains) > 0)) {
for ($i = 0; $i < count($list_domains); $i++) {
$domain_properties[$i] = get_domain_properties($list_domains[$i]);
}
}
}
$username = filter_input(INPUT_GET, 'username', FILTER_VALIDATE_EMAIL);
$list_domains = list_domains($username);
} else {
$list_domains = list_domains();
}
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$fUsername = escape_string($_POST['fUsername']);
$list_domains = list_domains_for_admin($fUsername);
if (!empty($list_domains)) {
for ($i = 0; $i < count($list_domains); $i++) {
$domain_properties[$i] = get_domain_properties($list_domains[$i]);
}
}
}
include("../templates/header.tpl");
include("../templates/admin_menu.tpl");
include("../templates/admin_list-domain.tpl");
include("../templates/footer.tpl");
include '../templates/header.tpl';
include '../templates/admin_menu.tpl';
include '../templates/admin_list-domain.tpl';
include '../templates/footer.tpl';
?>

View File

@ -11,117 +11,32 @@
//
// Template Variables:
//
// tMessage
// tAlias
// tMailbox
// list_alias
// list_mailbox
//
// Form POST \ GET Variables:
// Form GET Variables:
//
// fDomain
// domain
// offset
//
require("../variables.inc.php");
require("../config.inc.php");
require("../functions.inc.php");
include("../languages/" . check_language() . ".lang");
require_once '../functions.inc.php';
include '../languages/' . check_language() . '.lang';
$list_domains = list_domains();
$tAlias = array();
$tMailbox = array();
if ($_SERVER['REQUEST_METHOD'] == "GET") {
$fDisplay = 0;
$page_size = $CONF['page_size'];
if (isset($_GET['domain'])) $fDomain = escape_string($_GET['domain']);
if (isset($_GET['limit'])) $fDisplay = escape_string($_GET['limit']);
if ((is_array($list_domains) and count($list_domains) > 0)) if (empty($fDomain)) $fDomain = $list_domains[0];
$limit = get_domain_properties($fDomain);
if ((is_array($list_domains) and count($list_domains) > 0)) if (empty($fDomain)) $fDomain = $list_domains[1];
if ($CONF['alias_control'] == "YES") {
$query = "SELECT alias.address,alias.goto,alias.modified FROM alias WHERE alias.domain='$fDomain' ORDER BY alias.address LIMIT $fDisplay, $page_size";
} else {
$query = "SELECT alias.address,alias.goto,alias.modified FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.domain='$fDomain' AND mailbox.maildir IS NULL ORDER BY alias.address LIMIT $fDisplay, $page_size";
}
$result = db_query("$query");
if ($result['rows'] > 0) {
while ($row = db_array($result['result'])) {
$tAlias[] = $row;
}
}
$result = db_query("SELECT * FROM mailbox WHERE domain='$fDomain' ORDER BY username LIMIT $fDisplay, $page_size");
if ($result['rows'] > 0) {
while ($row = db_array($result['result'])) {
$tMailbox[] = $row;
}
}
if (isset($limit)) {
if ($fDisplay >= $page_size) {
$tDisplay_back_show = 1;
$tDisplay_back = $fDisplay - $page_size;
}
if (($limit['alias_count'] > $page_size) or ($limit['mailbox_count'] > $page_size)) {
$tDisplay_up_show = 1;
}
if ((($fDisplay + $page_size) < $limit['alias_count']) or (($fDisplay + $page_size) < $limit['mailbox_count'])) {
$tDisplay_next_show = 1;
$tDisplay_next = $fDisplay + $page_size;
}
$offset = filter_input(INPUT_GET, 'offset', FILTER_VALIDATE_INT) ?? '0';
$limit = PAGE_SIZE;
if (count($list_domains) > 0) {
$domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN) ?? $list_domains[0]['domain'];
$selected_domain = array_search($domain, array_column($list_domains, 'domain'));
$list_alias = list_aliases($domain, $offset, $limit);
$list_mailbox = list_mailboxes($domain, $offset, $limit);
}
}
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$fDisplay = 0;
$page_size = $CONF['page_size'];
$fDomain = escape_string($_POST['fDomain']);
if (isset($_POST['limit'])) $fDisplay = escape_string($_POST['limit']);
$limit = get_domain_properties($fDomain);
if ($CONF['alias_control'] == "YES") {
$query = "SELECT alias.address,alias.goto,alias.modified FROM alias WHERE alias.domain='$fDomain' ORDER BY alias.address LIMIT $fDisplay, $page_size";
} else {
$query = "SELECT alias.address,alias.goto,alias.modified FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.domain='$fDomain' AND mailbox.maildir IS NULL ORDER BY alias.address LIMIT $fDisplay, $page_size";
}
$result = db_query("$query");
if ($result['rows'] > 0) {
while ($row = db_array($result['result'])) {
$tAlias[] = $row;
}
}
$result = db_query("SELECT * FROM mailbox WHERE domain='$fDomain' ORDER BY username LIMIT $fDisplay, $page_size");
if ($result['rows'] > 0) {
while ($row = db_array($result['result'])) {
$tMailbox[] = $row;
}
}
if (isset($limit)) {
if ($fDisplay >= $page_size) {
$tDisplay_back_show = 1;
$tDisplay_back = $fDisplay - $page_size;
}
if (($limit['alias_count'] > $page_size) or ($limit['mailbox_count'] > $page_size)) {
$tDisplay_up_show = 1;
}
if ((($fDisplay + $page_size) < $limit['alias_count']) or (($fDisplay + $page_size) < $limit['mailbox_count'])) {
$tDisplay_next_show = 1;
$tDisplay_next = $fDisplay + $page_size;
}
}
}
include("../templates/header.tpl");
include("../templates/admin_menu.tpl");
include("../templates/admin_list-virtual.tpl");
include("../templates/footer.tpl");
include '../templates/header.tpl';
include '../templates/admin_menu.tpl';
include '../templates/admin_list-virtual.tpl';
include '../templates/footer.tpl';
?>

View File

@ -24,12 +24,14 @@ require("./functions.inc.php");
include("./languages/" . check_language() . ".lang");
$SESSID_USERNAME = check_session();
$list_domains = list_domains_for_admin($SESSID_USERNAME);
if ($_SERVER['REQUEST_METHOD'] == "GET") {
if (isset($_GET['delete'])) $fDelete = escape_string($_GET['delete']);
if (isset($_GET['domain'])) $fDomain = escape_string($_GET['domain']);
if (!check_owner($SESSID_USERNAME, $fDomain)) {
if (in_array($_GET['domain'], array_column($list_domains, 'domain'))) {
#if (!check_owner($SESSID_USERNAME, $fDomain)) {
$error = 1;
$tMessage = $PALANG['pDelete_domain_error'] . "<b>$fDomain</b>!</div>";
} else {

View File

@ -12,12 +12,18 @@ if(preg_match("/functions.inc.php/", $_SERVER['SCRIPT_NAME'])) {
exit;
}
DEFINE("VERSION", "version 1.0.0");
DEFINE('ROOT_PATH', dirname(__FILE__) . '/');
require_once ROOT_PATH . 'conf.php';
require_once ROOT_PATH . 'config.inc.php';
require_once ROOT_PATH . 'variables.inc.php';
$version = "1.0.0";
//
// Check of debug is enabled or not
//
if ($CONF['debug'] == 'true') {
if (DEBUG == 'true') {
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
@ -100,59 +106,6 @@ function escape_string($string) {
return $escaped_string;
}
//
// get_domain_properties
// Action: Get all the properties of a domain.
// Call: get_domain_properties(string domain)
//
function get_domain_properties($domain) {
global $CONF;
$list = array();
$result = db_query("SELECT COUNT(*) FROM alias WHERE domain='$domain'");
$row = db_row($result['result']);
$list['alias_count'] = $row[0];
$result = db_query("SELECT COUNT(*) FROM mailbox WHERE domain='$domain'");
$row = db_row($result['result']);
$list['mailbox_count'] = $row[0];
if ($CONF['alias_control'] == "NO") {
$list['alias_count'] = $list['alias_count'] - $list['mailbox_count'];
} else {
$list['alias_count'] = $list['alias_count'];
}
$result = db_query("SELECT * FROM domain WHERE domain='$domain'");
$row = db_array($result['result']);
$list['description'] = $row['description'];
$list['aliases'] = $row['aliases'];
$list['mailboxes'] = $row['mailboxes'];
$list['maxquota'] = $row['maxquota'];
$list['transport'] = $row['transport'];
$list['backupmx'] = $row['backupmx'];
$list['created'] = $row['created'];
$list['modified'] = $row['modified'];
$list['active'] = $row['active'];
if ($CONF['database_type'] == "pgsql") {
if ($row['active'] == "t")
{
$list['active'] = 1;
} else {
$list['active'] = 0;
}
if ($row['backupmx'] == "t") {
$list['backupmx'] = 1;
} else {
$list['backupmx'] = 0;
}
} else {
$list['active'] = $row['active'];
$list['backupmx'] = $row['backupmx'];
}
return $list;
}
//
// check_alias
@ -193,79 +146,85 @@ function check_mailbox($domain) {
return true;
}
}
//
// check_quota
// Action: Checks if the user is creating a mailbox with the correct quota
// Call: check_quota(string domain)
// connect_db
// Action: make db connection
// Call: connect_db()
//
function check_quota($quota, $domain) {
$limit = get_domain_properties($domain);
if ($limit['maxquota'] == 0) {
return true;
function connect_db() {
try {
$dbh = new PDO(DB_TYPE . ':host='. DB_HOST . ';dbname='. DB_NAME , DB_USER, DB_PASS, array(PDO::ATTR_PERSISTENT => true));
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
return $dbh;
} catch (PDOException $e) {
echo 'Connection failed: ' . $e;
die();
}
if (($limit['maxquota'] < 0) and ($quota < 0)) {
return true;
}
if (($limit['maxquota'] > 0) and ($quota == 0)) {
return false;
}
if ($quota > $limit['maxquota']) {
return false;
} else {
return true;
}
}
//
// check_owner
// Action: Checks if the admin is the owner of the domain.
// Call: check_owner(string admin, string domain)
//
function check_owner($username, $domain) {
$result = db_query("SELECT * FROM domain_admins WHERE username='$username' AND domain='$domain' AND active='1'");
if ($result['rows'] != 1) {
return false;
} else {
return true;
}
}
//
// list_domains_for_admin
// Action: Lists all the domains for an admin.
// Call: list_domains_for_admin(string admin)
//
function list_domains_for_admin($username) {
$list = array();
$result = db_query("SELECT * FROM domain LEFT JOIN domain_admins ON domain.domain=domain_admins.domain WHERE domain_admins.username='$username' AND domain.active='1' AND domain.backupmx='0' ORDER BY domain_admins.domain");
if ($result['rows'] > 0) {
$i = 0;
while ($row = db_array($result['result'])) {
$list[$i] = $row['domain'];
$i++;
}
}
return $list;
}
//
// list_domains
// Action: List all available domains.
// Call: list_domains()
// Call: list_domains(string admin (optional))
//
function list_domains() {
$list = array();
$result = db_query("SELECT * FROM domain ORDER BY domain");
if ($result['rows'] > 0) {
$i = 0;
while ($row = db_array($result['result'])) {
$list[$i] = $row['domain'];
$i++;
}
function list_domains($username = null) {
$dbh = connect_db();
if (isset($username)) {
$sth = $dbh->prepare("SELECT * FROM domain INNER JOIN domain_admins ON domain.domain=domain_admins.domain WHERE domain_admins.username=? ORDER BY domain_admins.domain");
$sth->bindParam(1, $username, PDO::PARAM_STR);
} else {
$sth = $dbh->prepare('SELECT * FROM domain ORDER BY domain');
}
$sth->execute();
$list= $sth->fetchAll();
for ($i = 0; $i < count($list); $i++) {
$sth = $dbh->prepare("SELECT COUNT(*) FROM alias WHERE domain=? AND goto NOT IN ('vmail')");
$sth->bindParam(1, $list[$i]['domain'], PDO::PARAM_STR);
$sth->execute();
$list[$i]['alias_count'] = $sth->fetchColumn();
$sth = $dbh->prepare("SELECT COUNT(*) FROM mailbox WHERE domain=?");
$sth->bindParam(1, $list[$i]['domain'], PDO::PARAM_STR);
$sth->execute();
$list[$i]['mailbox_count'] = $sth->fetchColumn();
}
return $list;
}
//
// list_aliases
// Action: List all available aliases for domain.
// Call: list_aliases(string domain, int offset)
//
function list_aliases($domain, $offset, $limit) {
$dbh = connect_db();
if (ALIAS_CONTROL == 'NO') {
$sth = $dbh->prepare("SELECT alias.address,alias.goto,alias.modified FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.domain=? AND mailbox.maildir IS NULL ORDER BY alias.address LIMIT ?, ?");
} else {
$sth = $dbh->prepare("SELECT alias.address,alias.goto,alias.modified FROM alias WHERE alias.domain=? ORDER BY alias.address LIMIT ?, ?");
}
$sth->bindParam(1, $domain, PDO::PARAM_STR);
$sth->bindParam(2, $offset, PDO::PARAM_INT);
$sth->bindParam(3, $limit, PDO::PARAM_INT);
$sth->execute();
$list = $sth->fetchAll();
return $list;
}
//
// list_mailboxes
// Action: List all available mailboxes for domain.
// Call: list_mailboxes(string domaini, int offset)
//
function list_mailboxes($domain, $offset, $limit) {
$dbh = connect_db();
$sth = $dbh->prepare("SELECT * FROM mailbox WHERE domain=? ORDER BY username LIMIT ?, ?");
$sth->bindParam(1, $domain, PDO::PARAM_STR);
$sth->bindParam(2, $offset, PDO::PARAM_INT);
$sth->bindParam(3, $limit, PDO::PARAM_INT);
$sth->execute();
$list = $sth->fetchAll();
return $list;
}
@ -304,38 +263,18 @@ function domain_exist($domain) {
// Action: Lists all the admins
// Call: list_admins()
//
// was admin_list_admins
//
function list_admins() {
$list = array();
$result = db_query("SELECT * FROM admin ORDER BY username");
if ($result['rows'] > 0) {
$i = 0;
while ($row = db_array($result['result'])) {
$list[$i] = $row['username'];
$i++;
}
}
return $list;
}
$dbh = new PDO(DB_TYPE . ':host='. DB_HOST . ';dbname='. DB_NAME , DB_USER, DB_PASS);
$sth = $dbh->prepare('SELECT * FROM admin ORDER BY username');
$sth->execute();
$list = $sth->fetchAll();
//
// get_admin_properties
// Action: Get all the admin properties.
// Call: get_admin_properties(string admin)
function get_admin_properties($username) {
$list = array();
$result = db_query("SELECT COUNT(*) FROM domain_admins WHERE username='$username'");
$row = db_row($result['result']);
$list['domain_count'] = $row[0];
$result = db_query("SELECT * FROM admin WHERE username='$username'");
$row = db_array($result['result']);
$list['created'] = $row['created'];
$list['modified'] = $row['modified'];
$list['active'] = $row['active'];
for ($i = 0; $i < count($list); $i++) {
$sth = $dbh->prepare("SELECT COUNT(*) FROM domain_admins WHERE username=?");
$sth->bindParam(1, $list[$i]['username'], PDO::PARAM_STR);
$sth->execute();
$list[$i]['domain_count'] = $sth->fetchColumn();
}
return $list;
}
@ -350,20 +289,15 @@ function generate_password() {
}
//
// pacrypt
// Action: Encrypts password based on config settings
// Call: pacrypt(string cleartextpassword)
// bcrypt
// Action: Hashs the password with bcrypt
// Call: bcrypt(string cleartextpassword)
//
function pacrypt($pw, $pw_db="") {
global $CONF;
$password = "";
if ($CONF['encrypt'] == 'bcrypt') {
$options = ['cost' => 8];
$password = password_hash($pw, PASSWORD_BCRYPT, $options);
$password = preg_replace('/\$2y\$/', '\$2b\$', $password);
}
return $password;
function bcrypt($password) {
$options = ['cost' => 8];
$hashed = password_hash($password, PASSWORD_BCRYPT, $options);
$hashed = preg_replace('/\$2y\$/', '\$2b\$', $hashed);
return $hashed;
}
//
@ -392,16 +326,6 @@ function db_connect() {
}
}
if ($CONF['database_type'] == "pgsql") {
if(function_exists("pg_connect")) {
$connect_string = "host=" . $CONF['database_host'] . " dbname=" . $CONF['database_name'] . " user=" . $CONF['database_user'] . " password=" . $CONF['database_password'];
$link = @pg_connect($connect_string) or die("<p />DEBUG INFORMATION:<br />Connect: " . pg_last_error() . "$DEBUG_TEXT");
} else {
print "<p />DEBUG INFORMATION:<br />PostgreSQL functions not available!<br />database_type = 'pgsql' in config.inc.php, are you using a different database? $DEBUG_TEXT";
die;
}
}
if ($link) {
return $link;
} else {
@ -437,28 +361,17 @@ function db_query($query) {
}
if ($CONF['database_type'] == "mysqli") $result = @mysqli_query($link, $query) or die("<p />DEBUG INFORMATION:<br />Invalid query: " . mysqli_error($link) . "$DEBUG_TEXT");
if ($CONF['database_type'] == "pgsql") {
if (preg_match("/LIMIT/i", $query)) {
$search = "/LIMIT(\w+), (\w+)/";
$replace = "LIMIT \$2 OFFSET \$1";
$query = preg_replace($search, $replace, $query);
}
$result = @pg_query($link, $query) or die("<p />DEBUG INFORMATION:<br />Invalid query: " . pg_last_error() . "$DEBUG_TEXT");
}
if (preg_match("/^SELECT/i", $query)) {
// if $query was a SELECT statement check the number of rows with [database_type]_num_rows().
if ($CONF['databa