High5
/
opensmtpdadmin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

merge admin + superadmin

This commit is contained in:
mischa 2022-09-05 18:31:23 +00:00
parent 7df7b1d824
commit 4db75ba328
6 changed files with 455 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

143
admin.php Normal file
View File

@ -0,0 +1,143 @@
<?php
//
// OpenSMTPD Admin
// by Mischa Peters <mischa at high5 dot nl>
// Copyright (c) 2022 High5!
// License Info: LICENSE.TXT
//
// File: admin.php
//
// Template File: admin_admin.tpl
//
//
// Template Variables:
//
// action
// message
// username
// domains
//
// POST / GET Variables:
//
// username
// password1
// password2
// domains
//
require_once './functions.inc.php';
include './languages/' . check_language() . '.lang';
$SESSID_USERNAME = check_session();
$PERMISSIONS = check_permissions();
if ($PERMISSIONS != ADMIN_RIGHTS) {
header("Location: list-domain.php");
die();;
}
$list_domains = list_domains();
$list_admins = list_admins();
if ($_SERVER['REQUEST_METHOD'] == "GET") {
$action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'add';
if ($action == 'edit') {
$username = filter_input(INPUT_GET, 'username', FILTER_VALIDATE_EMAIL);
$domains['domains'] = array_column(list_domains($username), 'domain');
}
}
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'add';
$username = filter_input(INPUT_POST, 'username', FILTER_VALIDATE_EMAIL);
$password1 = filter_input(INPUT_POST, 'password1', FILTER_DEFAULT);
$password2 = filter_input(INPUT_POST, 'password2', FILTER_DEFAULT);
$domains = filter_input_array(INPUT_POST, array('domains' => array('filter' => FILTER_VALIDATE_DOMAIN, 'flags' => FILTER_REQUIRE_ARRAY)));
if ($action == 'add') {
if (empty($username) || in_array($username, array_column($list_admins, 'username'))) {
$message = $LANG['AdminAdd_admin_username_error'];
}
if (empty($password1) || $password1 != $password2) {
$message = $LANG['AdminAdd_admin_password_error'];
}
if (empty($domains['domains'])) {
$message = $LANG['AdminAdd_admin_domain_error'];
}
if (empty($message)) {
$hashed = bcrypt($password1);
try {
$dbh = pdo_connect();
$sth = $dbh->prepare("INSERT INTO admin (username,password,created,modified) VALUES (?,?,NOW(),NOW())");
$sth->bindParam(1, $username, PDO::PARAM_STR);
$sth->bindParam(2, $hashed, PDO::PARAM_STR);
$sth->execute();
foreach ($domains['domains'] as $row) {
$sth = $dbh->prepare("INSERT INTO domain_admins (username,domain,created) VALUES (?,?,NOW())");
$sth->bindParam(1, $username, PDO::PARAM_STR);
$sth->bindParam(2, $row, PDO::PARAM_STR);
$sth->execute();
}
$message = $LANG['AdminAdd_admin_result_succes'] . "<br />($username)</br />";
} catch(PDOException $e) {
$message = $LANG['AdminAdd_admin_result_error'] . "<br />($username)<br />";
}
}
}
if (in_array($username, array_column($list_admins, 'username')) && $action == 'edit') {
if ($password1 != $password2) {
$message = $LANG['AdminAdd_admin_password_error'];
}
if (empty($message) && !empty($password1)) {
$hashed = bcrypt($password1);
try {
$dbh = pdo_connect();
$sth = $dbh->prepare("UPDATE admin SET password=?,modified=NOW() WHERE username=?");
$sth->bindParam(1, $hashed, PDO::PARAM_STR);
$sth->bindParam(2, $username, PDO::PARAM_STR);
$sth->execute();
} catch(PDOException $e) {
$message = $LANG['AdminEdit_admin_result_error'] . "<br />($username)<br />";
}
}
if (empty($domains['domains'])) {
$message = $LANG['AdminAdd_admin_domain_error'];
}
if (empty($message)) {
try {
$dbh = pdo_connect();
$sth = $dbh->prepare("SELECT COUNT(*) FROM domain_admins WHERE username=?");
$sth->execute(array($username));
$count_domain_admins = $sth->fetchColumn();
$sth = $dbh->prepare("DELETE FROM domain_admins WHERE username=?");
$sth->execute(array($username));
if ($sth->rowCount() != $count_domain_admins) {
throw new RuntimeException('Unable to delete entries from the domain_admins table.');
}
foreach ($domains['domains'] as $row) {
$sth = $dbh->prepare("INSERT INTO domain_admins (username,domain,created) VALUES (?,?,NOW())");
$sth->bindParam(1, $username, PDO::PARAM_STR);
$sth->bindParam(2, $row, PDO::PARAM_STR);
$sth->execute();
}
header("Location: list-admin.php");
} catch (RuntimeException $e) {
$message = $LANG['AdminEdit_admin_result_error'];
} catch (PDOException $e) {
$message = $LANG['AdminEdit_admin_result_error'];
}
}
}
}
include './templates/header.tpl';
include './templates/menu.tpl';
include './templates/admin.tpl';
include './templates/footer.tpl';
?>

78
backup.php Normal file
View File

@ -0,0 +1,78 @@
<?php
//
// OpenSMTPD Admin
// by Mischa Peters <mischa at high5 dot nl>
// Copyright (c) 2022 High5!
// License Info: LICENSE.TXT
//
// File: backup.php
//
// Template File: -none-
//
// Template Variables:
//
// -none-
//
// POST / GET Variables:
//
// -none-
//
require_once './functions.inc.php';
include './languages/' . check_language() . '.lang';
date_default_timezone_set('Europe/Amsterdam');
$SESSID_USERNAME = check_session();
$PERMISSIONS = check_permissions();
if ($PERMISSIONS != ADMIN_RIGHTS) {
header("Location: list-domain.php");
die();;
}
if ($_SERVER['REQUEST_METHOD'] == "GET") {
umask(077);
$filename = "opensmtpadmin-" . date("Ymd") . "-" . getmypid() . ".sql";
$backup = "/tmp/" . $filename;
$header = "#\n# OpenSMTPD Admin " . VERSION . "\n# Date: " . date("D M j G:i:s T Y") . "\n#\n";
$tables = array('admin','alias','domain','domain_admins','log','mailbox','vacation');
if (!$fh = fopen($backup, 'w')) {
$message = "<div class=\"error_msg\">Cannot open file ($backup)</div>";
}
if (empty($message)) {
fwrite($fh, $header);
$dbh = pdo_connect();
foreach ($tables as $table) {
$sth = $dbh->query("SHOW CREATE TABLE $table");
$row = $sth->fetch(PDO::FETCH_ASSOC);
fwrite ($fh, $row['Create Table']. "\n\n");
}
foreach ($tables as $table) {
$sth = $dbh->query("SELECT * FROM $table");
while ($row = $sth->fetch(PDO::FETCH_ASSOC)) {
foreach ($row as $k => $v) {
$keys[] = $k;
$values[] = $v;
}
fwrite($fh, "INSERT INTO ". $table . " (". implode (',',$keys) . ") VALUES ('" . implode ('\',\'',$values) . "')\n");
$keys = array();
$values = array();
}
}
header("Content-Type: application/octet-stream");
header("Content-Disposition: attachment; filename=\"$filename\"");
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . filesize("$backup"));
header("Content-Description: OpenSMTPD Admin");
$download_backup = fopen("$backup", "r");
unlink("$backup");
fpassthru($download_backup);
} else {
include './templates/header.tpl';
include './templates/menu.tpl';
include './templates/message.tpl';
include './templates/footer.tpl';
}
}
?>

96
domain.php Normal file
View File

@ -0,0 +1,96 @@
<?php
//
// OpenSMTPD Admin
// by Mischa Peters <mischa at high5 dot nl>
// Copyright (c) 2022 High5!
// License Info: LICENSE.TXT
//
// File: domain.php
//
// Template File: domain.tpl
//
// Template Variables:
//
// action
// message
// domain
// description
// aliases
// mailboxes
//
// POST / GET Variables:
//
// domain
// description
// aliases
// mailboxes
//
require_once './functions.inc.php';
include './languages/' . check_language() . '.lang';
$SESSID_USERNAME = check_session();
$PERMISSIONS = check_permissions();
if ($PERMISSIONS != ADMIN_RIGHTS) {
header("Location: list-domain.php");
die();
}
$list_domains = list_domains();
if ($_SERVER['REQUEST_METHOD'] == "GET") {
$action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'add';
if ($action == 'edit') {
$domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN);
$domain_key = array_search($domain, array_column($list_domains, 'domain'));
$description = $list_domains[$domain_key]['description'];
$aliases = $list_domains[$domain_key]['aliases'];
$mailboxes = $list_domains[$domain_key]['mailboxes'];
}
}
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'add';
$domain = strtolower(filter_input(INPUT_POST, 'domain', FILTER_VALIDATE_DOMAIN));
$description = filter_input(INPUT_POST, 'description', FILTER_CALLBACK, array('options' => 'htmlspecialchars'));
$aliases = filter_input(INPUT_POST, 'aliases', FILTER_VALIDATE_INT);
$mailboxes = filter_input(INPUT_POST, 'mailboxes', FILTER_VALIDATE_INT);
if (!in_array($domain, array_column($list_domains, 'domain'))) {
try {
$dbh = pdo_connect();
$sth = $dbh->prepare("INSERT INTO domain (domain,description,aliases,mailboxes,created,modified) VALUES (?,?,?,?,NOW(),NOW())");
$sth->bindParam(1, $domain, PDO::PARAM_STR);
$sth->bindParam(2, $description, PDO::PARAM_STR);
$sth->bindParam(3, $aliases, PDO::PARAM_INT);
$sth->bindParam(4, $mailboxes, PDO::PARAM_INT);
$sth->execute();
$message = $LANG['AdminAdd_domain_result_succes'] . "<br />($domain)</br />";
} catch(PDOException $e) {
$message = $LANG['AdminAdd_domain_result_error'] . "<br />($domain)<br />";
}
} else {
$message = $LANG['AdminAdd_domain_domain_text_error'];
}
if (in_array($domain, array_column($list_domains, 'domain')) && $action == 'edit') {
try {
$dbh = pdo_connect();
$sth = $dbh->prepare("UPDATE domain SET description=?,aliases=?,mailboxes=?,modified=NOW() WHERE domain=?");
$sth->bindParam(1, $description, PDO::PARAM_STR);
$sth->bindParam(2, $aliases, PDO::PARAM_INT);
$sth->bindParam(3, $mailboxes, PDO::PARAM_INT);
$sth->bindParam(4, $domain, PDO::PARAM_STR);
$sth->execute();
header("Location: list-domain.php");
} catch(PDOException $e) {
$message = $LANG['AdminEdit_domain_result_error'];
}
}
}
include './templates/header.tpl';
include './templates/menu.tpl';
include './templates/domain.tpl';
include './templates/footer.tpl';
?>

38
list-admin.php Normal file
View File

@ -0,0 +1,38 @@
<?php
//
// OpenSMTPD Admin
// by Mischa Peters <mischa at high5 dot nl>
// Copyright (c) 2022 High5!
// License Info: LICENSE.TXT
//
// File: list-admin.php
//
// Template File: list-admin.tpl
//
// Template Variables:
//
// list_admins
//
// POST / GET Variables:
//
// -none-
//
require './functions.inc.php';
include './languages/' . check_language() . '.lang';
$SESSID_USERNAME = check_session();
$PERMISSIONS = check_permissions();
$admin = $SESSID_USERNAME ?? ADMIN_EMAIL;
$list_admins = array();
if ($_SERVER['REQUEST_METHOD'] == "GET") {
if ($PERMISSIONS == ADMIN_RIGHTS) {
$list_admins = list_admins();
}
}
include './templates/header.tpl';
include './templates/menu.tpl';
include './templates/admin_list-admin.tpl';
include './templates/footer.tpl';
?>

53
templates/admin.tpl Normal file
View File

@ -0,0 +1,53 @@
<div id="edit_form">
<form name="create_admin" method="post">
<table>
<tr>
<?php if ($action == 'edit') { ?>
<td colspan="2"><h3><?php echo $LANG['AdminEdit_admin_welcome']; ?></h3></td>
<?php } else { ?>
<td colspan="2"><h3><?php echo $LANG['AdminAdd_admin_welcome']; ?></h3></td>
<?php } ?>
</tr>
<tr>
<td><?php echo $LANG['AdminAdd_admin_username'] . ":"; ?></td>
<?php if ($action == 'edit') { ?>
<td><input class="flat" type="hidden" name="username" value="<?php echo $username; ?>" /><?php echo $username; ?></td>
<?php } else { ?>
<td><input class="flat" type="text" name="username" value="<?php echo $username ?? ''; ?>" /></td>
<?php } ?>
</tr>
<tr>
<td><?php echo $LANG['AdminAdd_admin_password1'] . ":"; ?></td>
<td><input class="flat" type="password" name="password1" /></td>
</tr>
<tr>
<td><?php echo $LANG['AdminAdd_admin_password2'] . ":"; ?></td>
<td><input class="flat" type="password" name="password2" /></td>
</tr>
<tr>
<td><?php echo $LANG['AdminAdd_admin_address'] . ":"; ?></td>
<td>
<select name="domains[]" size="10" multiple="multiple">
<?php
foreach ($list_domains as $row) {
echo '<option value="' . $row['domain'] . '"';
if (isset($domains['domains']) && in_array($row['domain'], $domains['domains'])) echo ' selected';
echo ">" . $row['domain'] . "</option>";
}
?>
</select>
</td>
</tr>
<tr>
<?php if ($action == 'edit') { ?>
<td colspan="2" class="hlp_center"><input class="button" type="submit" name="submit" value="<?php echo $LANG['AdminEdit_admin_button']; ?>" /></td>
<?php } else { ?>
<td colspan="2" class="hlp_center"><input class="button" type="submit" name="submit" value="<?php echo $LANG['AdminAdd_admin_button']; ?>" /></td>
<?php } ?>
</tr>
<tr>
<td colspan="2" class="standout"><?php echo $message ?? '&nbsp;'; ?></td>
</tr>
</table>
</form>
</div>

47
templates/domain.tpl Normal file
View File

@ -0,0 +1,47 @@
<div id="edit_form">
<form name="create_domain" method="post">
<table>
<tr>
<?php if ($action == 'edit') { ?>
<td colspan="3"><h3><?php echo $LANG['AdminEdit_domain_welcome']; ?></h3></td>
<?php } else { ?>
<td colspan="3"><h3><?php echo $LANG['AdminAdd_domain_welcome']; ?></h3></td>
<?php } ?>
</tr>
<tr>
<td><?php echo $LANG['AdminAdd_domain_domain'] . ":"; ?></td>
<?php if ($action == 'edit') { ?>
<td><input class="flat" type="hidden" name="domain" value="<?php echo $domain; ?>" /><?php echo $domain; ?></td>
<?php } else { ?>
<td><input class="flat" type="text" name="domain" value="<?php echo $domain ?? ''; ?>" /></td>
<td>&nbsp;</td>
<?php } ?>
</tr>
<tr>
<td><?php echo $LANG['AdminAdd_domain_description'] . ":"; ?></td>
<td><input class="flat" type="text" name="description" value="<?php echo $description ?? ''; ?>" /></td>
<td>&nbsp;</td>
</tr>
<tr>
<td><?php echo $LANG['AdminAdd_domain_aliases'] . ":"; ?></td>
<td><input class="flat" type="text" name="aliases" value="<?php echo $aliases ?? ALIASES; ?>" /></td>
<td><?php echo $LANG['AdminAdd_domain_aliases_text']; ?></td>
</tr>
<tr>
<td><?php echo $LANG['AdminAdd_domain_mailboxes'] . ":"; ?></td>
<td><input class="flat" type="text" name="mailboxes" value="<?php echo $mailboxes ?? MAILBOXES; ?>" /></td>
<td><?php echo $LANG['AdminAdd_domain_mailboxes_text']; ?></td>
</tr>
<tr>
<?php if ($action == 'edit') { ?>
<td colspan="3" class="hlp_center"><input class="button" type="submit" name="submit" value="<?php echo $LANG['AdminEdit_domain_button']; ?>" /></td>
<?php } else { ?>
<td colspan="3" class="hlp_center"><input class="button" type="submit" name="submit" value="<?php echo $LANG['AdminAdd_domain_button']; ?>" /></td>
<?php } ?>
</tr>
<tr>
<td colspan="3" class="standout"><?php echo $message ?? '&nbsp;'; ?></td>
</tr>
</table>
</form>
</div>