High5
/
opensmtpdadmin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

unified search

This commit is contained in:
mischa 2022-09-04 18:44:32 +00:00
parent f364ad2a18
commit a628e105b0
4 changed files with 61 additions and 329 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
admin/search.php
View File

@ -21,6 +21,8 @@
require_once '../functions.inc.php'; require_once '../functions.inc.php';
include '../languages/' . check_language() . '.lang'; include '../languages/' . check_language() . '.lang';
$list_domains = list_domains();
$search = filter_input(INPUT_POST, 'search', FILTER_DEFAULT); $search = filter_input(INPUT_POST, 'search', FILTER_DEFAULT);
if (isset($search)) { if (isset($search)) {
@ -29,11 +31,21 @@ if (isset($search)) {
$sth->bindValue(1, '%'.$search.'%', PDO::PARAM_STR); $sth->bindValue(1, '%'.$search.'%', PDO::PARAM_STR);
$sth->execute(); $sth->execute();
$list_alias = $sth->fetchAll(); $list_alias = $sth->fetchAll();
foreach ($list_alias as $key => $value) {
if (!in_array($value['domain'], array_column($list_domains, 'domain'))) {
unset($list_alias[$key]);
}
}
$sth = $dbh->prepare("SELECT * FROM mailbox WHERE username LIKE ? ORDER BY username"); $sth = $dbh->prepare("SELECT * FROM mailbox WHERE username LIKE ? ORDER BY username");
$sth->bindValue(1, '%'.$search.'%', PDO::PARAM_STR); $sth->bindValue(1, '%'.$search.'%', PDO::PARAM_STR);
$sth->execute(); $sth->execute();
$list_mailbox = $sth->fetchAll(); $list_mailbox = $sth->fetchAll();
foreach ($list_mailbox as $key => $value) {
if (!in_array($value['domain'], array_column($list_domains, 'domain'))) {
unset($list_mailbox[$key]);
}
}
} else { } else {
$list_alias = array(); $list_alias = array();
$list_mailbox = array(); $list_mailbox = array();
@ -41,6 +53,6 @@ if (isset($search)) {
include '../templates/header.tpl'; include '../templates/header.tpl';
include '../templates/admin_menu.tpl'; include '../templates/admin_menu.tpl';
include '../templates/admin_search.tpl'; include '../templates/search.tpl';
include '../templates/footer.tpl'; include '../templates/footer.tpl';
?> ?>

241
functions.inc.php
View File

@ -54,83 +54,6 @@ function check_language() {
return DEFAULT_LANGUAGE; return DEFAULT_LANGUAGE;
} }
//
// check_string
// Action: checks if a string is valid and returns TRUE is this is the case.
// Call: check_string(string var)
//
function check_string($var) {
if (preg_match('/^([A-Za-z0-9 ]+)+$/', $var)) {
return true;
} else {
return false;
}
}
//
// check_email
// Action: Checks if email is valid and returns TRUE if this is the case.
// Call: check_email(string email)
//
function check_email($email) {
if (preg_match('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{|}~]+' . '@' . '([-0-9A-Z]+\.)+' . '([0-9A-Z]){2,10}$/i', trim($email))) {
return true;
} else {
return false;
}
}
//
// escape_string
// Action: Escape a string
// Call: escape_string(string string)
//
function escape_string($string) {
global $CONF;
$escaped_string = $string;
return $escaped_string;
}
//
// check_alias
// Action: Checks if the domain is still able to create aliases.
// Call: check_alias(string domain)
//
function check_alias($domain) {
$limit = get_domain_properties($domain);
if ($limit['aliases'] == 0) {
return true;
}
if ($limit['aliases'] < 0) {
return false;
}
if ($limit['alias_count'] >= $limit['aliases']) {
return false;
} else {
return true;
}
}
//
// check_mailbox
// Action: Checks if the domain is still able to create mailboxes.
// Call: ceck_mailbox(string domain)
//
function check_mailbox($domain) {
$limit = get_domain_properties($domain);
if ($limit['mailboxes'] == 0) {
return true;
}
if ($limit['mailboxes'] < 0) {
return false;
}
if ($limit['mailbox_count'] >= $limit['mailboxes']) {
return false;
} else {
return true;
}
}
// //
// connect_db // connect_db
// Action: make db connection // Action: make db connection
@ -213,36 +136,6 @@ function list_mailboxes($domain, $offset, $limit) {
return $list; return $list;
} }
//
// admin_exist
// Action: Checks if the admin already exists.
// Call: admin_exist(string admin)
//
// was check_admin
//
function admin_exist($username) {
$result = db_query("SELECT * FROM admin WHERE username='$username'");
if ($result['rows'] != 1) {
return false;
} else {
return true;
}
}
//
// domain_exist
// Action: Checks if the domain already exists.
// Call: domain_exist(string domain)
//
function domain_exist($domain) {
$result = db_query("SELECT * FROM domain WHERE domain='$domain'");
if ($result['rows'] != 1) {
return false;
} else {
return true;
}
}
// //
// list_admins // list_admins
// Action: Lists all the admins // Action: Lists all the admins
@ -263,16 +156,6 @@ function list_admins() {
return $list; return $list;
} }
//
// generate_password
// Action: Generates a random password
// Call: generate_password()
//
function generate_password() {
$password = substr(md5(mt_rand()), 0, 8);
return $password;
}
// //
// bcrypt // bcrypt
// Action: Hashs the password with bcrypt // Action: Hashs the password with bcrypt
@ -285,108 +168,6 @@ function bcrypt($password) {
return $hashed; return $hashed;
} }
//
// db_connect
// Action: Makes a connection to the database if it doesn't exist
// Call: db_connect()
//
$DEBUG_TEXT = "\n
<p />\n
Please check the documentation and website for more information.\n
<p />\n
";
function db_connect() {
global $CONF;
global $DEBUG_TEXT;
$link = "";
if ($CONF['database_type'] == "mysqli") {
if(function_exists("mysqli_connect")) {
$link = @mysqli_connect($CONF['database_host'], $CONF['database_user'], $CONF['database_password']) or die("<p />DEBUG INFORMATION:<br />Connect: " . mysqli_connect_error() . "$DEBUG_TEXT");
$succes = @mysqli_select_db($link, $CONF['database_name']) or die("<p />DEBUG INFORMATION:<br />MySQLi Select Database: " . mysqli_error() . "$DEBUG_TEXT");
} else {
print "<p />DEBUG INFORMATION:<br />MySQL 4.1 functions not available!<br />database_type = 'mysqli' in config.inc.php, are you using a different database? $DEBUG_TEXT";
die;
}
}
if ($link) {
return $link;
} else {
print "DEBUG INFORMATION:<br />\n";
print "Connect: Unable to connect to database<br />\n";
print "<br />\n";
print "Make sure that you have set the correct database type in the config.inc.php file<br />\n";
print $DEBUG_TEXT;
die;
}
}
//
// db_query
// Action: Sends a query to the database and returns query result and number of rows
// Call: db_query(string query)
//
function db_query($query) {
global $CONF;
global $DEBUG_TEXT;
$result = "";
$number_rows = "";
$link = db_connect();
// database prefix workaround
if (!empty($CONF['database_prefix'])) {
if (preg_match("/^SELECT/i", $query)) {
$query = substr($query, 0, 14) . $CONF['database_prefix'] . substr($query, 14);
} else {
$query = substr($query, 0, 6) . $CONF['database_prefix'] . substr($query, 7);
}
}
if ($CONF['database_type'] == "mysqli") $result = @mysqli_query($link, $query) or die("<p />DEBUG INFORMATION:<br />Invalid query: " . mysqli_error($link) . "$DEBUG_TEXT");
if (preg_match("/^SELECT/i", $query)) {
// if $query was a SELECT statement check the number of rows with [database_type]_num_rows().
if ($CONF['database_type'] == "mysqli") $number_rows = mysqli_num_rows($result);
} else {
// if $query was something else, UPDATE, DELETE or INSERT check the number of rows with
// [database_type]_affected_rows().
if ($CONF['database_type'] == "mysqli") $number_rows = mysqli_affected_rows($link);
}
if ($CONF['database_type'] == "mysqli") mysqli_close($link);
$return = array(
"result" => $result,
"rows" => $number_rows
);
return $return;
}
// db_row
// Action: Returns a row from a table
// Call: db_row(int result)
//
function db_row($result) {
global $CONF;
$row = "";
if ($CONF['database_type'] == "mysqli") $row = mysqli_fetch_row($result);
return $row;
}
// db_array
// Action: Returns a row from a table
// Call: db_array(int result)
//
function db_array($result) {
global $CONF;
$row = "";
if ($CONF['database_type'] == "mysqli") $row = mysqli_fetch_array($result);
return $row;
}
// logging // logging
// Action: Logs actions from admin // Action: Logs actions from admin
// Call: logging(string username, string domain, string action, string data) // Call: logging(string username, string domain, string action, string data)
@ -404,26 +185,4 @@ function logging($username, $domain, $action, $data) {
$sth->execute(); $sth->execute();
} }
} }
//
// db_log
// Action: Logs actions from admin
// Call: db_log(string username, string domain, string action, string data)
//
function db_log($username, $domain, $action, $data) {
global $CONF;
if (isset($_SERVER['HTTP_X_CLIENTIP'])) {
$REMOTE_ADDR = $_SERVER['HTTP_X_CLIENTIP'];
} else {
$REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
}
if ($CONF['logging'] == 'YES') {
$result = db_query("INSERT INTO log (timestamp, username, domain, action, data) VALUES (NOW(), '$username ($REMOTE_ADDR)', '$domain', '$action', '$data')");
if ($result['rows'] != 1) {
return false;
} else {
return true;
}
}
}
?> ?>

99
search.php
View File

@ -11,82 +11,49 @@
// //
// Template Variables: // Template Variables:
// //
// tAlias // list_alias
// tMailbox // list_mailbox
// //
// Form POST \ GET Variables: // Form POST \ GET Variables:
// //
// fSearch // search
// //
require("./variables.inc.php"); require_once './functions.inc.php';
require("./config.inc.php"); include './languages/' . check_language() . '.lang';
require("./functions.inc.php");
include("./languages/" . check_language() . ".lang");
$SESSID_USERNAME = check_session(); $SESSID_USERNAME = check_session();
$list_domains = list_domains($SESSID_USERNAME);
$tAlias = array(); $search = filter_input(INPUT_POST, 'search', FILTER_DEFAULT);
$tMailbox = array();
if ($_SERVER['REQUEST_METHOD'] == "GET") { if (isset($search)) {
if (isset($_GET['search'])) $fSearch = escape_string($_GET['search']); $dbh = connect_db();
$sth = $dbh->prepare("SELECT alias.address,alias.goto,alias.modified,alias.domain FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.address LIKE ? AND mailbox.maildir IS NULL ORDER BY alias.address");
$sth->bindValue(1, '%'.$search.'%', PDO::PARAM_STR);
$sth->execute();
$list_alias = $sth->fetchAll();
foreach ($list_alias as $key => $value) {
if (!in_array($value['domain'], array_column($list_domains, 'domain'))) {
unset($list_alias[$key]);
}
}
if ($CONF['alias_control'] == "YES") { $sth = $dbh->prepare("SELECT * FROM mailbox WHERE username LIKE ? ORDER BY username");
$query = "SELECT alias.address,alias.goto,alias.modified,alias.domain FROM alias WHERE alias.address LIKE '%$fSearch%' OR alias.goto LIKE '%$fSearch%' ORDER BY alias.address"; $sth->bindValue(1, '%'.$search.'%', PDO::PARAM_STR);
$sth->execute();
$list_mailbox = $sth->fetchAll();
foreach ($list_mailbox as $key => $value) {
if (!in_array($value['domain'], array_column($list_domains, 'domain'))) {
unset($list_mailbox[$key]);
}
}
} else { } else {
$query = "SELECT alias.address,alias.goto,alias.modified,alias.domain FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.address LIKE '%$fSearch%' AND mailbox.maildir IS NULL ORDER BY alias.address"; $list_alias = array();
$list_mailbox = array();
} }
$result = db_query("$query"); include './templates/header.tpl';
include './templates/menu.tpl';
if ($result['rows'] > 0) { include './templates/search.tpl';
while ($row = db_array($result['result'])) { include './templates/footer.tpl';
if (check_owner($SESSID_USERNAME, $row['domain'])) {
$tAlias[] = $row;
}
}
}
$result = db_query("SELECT * FROM mailbox WHERE username LIKE '%$fSearch%' ORDER BY username");
if ($result['rows'] > 0) {
while ($row = db_array($result['result'])) {
if (check_owner($SESSID_USERNAME, $row['domain'])) {
$tMailbox[] = $row;
}
}
}
}
if ($_SERVER['REQUEST_METHOD'] == "POST") {
if (isset($_POST['search'])) $fSearch = escape_string($_POST['search']);
if ($CONF['alias_control'] == "YES") {
$query = "SELECT alias.address,alias.goto,alias.modified,alias.domain FROM alias WHERE alias.address LIKE '%$fSearch%' OR alias.goto LIKE '%$fSearch%' ORDER BY alias.address";
} else {
$query = "SELECT alias.address,alias.goto,alias.modified,alias.domain FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.address LIKE '%$fSearch%' AND mailbox.maildir IS NULL ORDER BY alias.address";
}
$result = db_query("$query");
if ($result['rows'] > 0) {
while ($row = db_array($result['result'])) {
if (check_owner($SESSID_USERNAME, $row['domain'])) {
$tAlias[] = $row;
}
}
}
$result = db_query("SELECT * FROM mailbox WHERE username LIKE '%$fSearch%' ORDER BY username");
if ($result['rows'] > 0) {
while ($row = db_array($result['result'])) {
if (check_owner($SESSID_USERNAME, $row['domain'])) {
$tMailbox[] = $row;
}
}
}
}
include("./templates/header.tpl");
include("./templates/menu.tpl");
include("./templates/search.tpl");
include("./templates/footer.tpl");
?> ?>

34
templates/search.tpl
View File

@ -1,11 +1,11 @@
<div id="overview"> <div id="overview">
<h4><?php echo $LANG['Search_welcome'] . $fSearch; ?></h4> <h4><?php echo $LANG['Search_welcome'] . $search; ?></h4>
<form name="search" method="post" action="search.php"> <form name="search" method="post" action="search.php">
<input type="textbox" name="search"> <input type="textbox" name="search">
</form> </form>
</div> </div>
<?php <?php
if (count($tAlias) > 0) { if (count($list_alias) > 0) {
echo "<table id=\"alias_table\">\n"; echo "<table id=\"alias_table\">\n";
echo " <tr>\n"; echo " <tr>\n";
echo " <td colspan=\"5\"><h3>".$LANG['Overview_alias_title']."</h3></td>"; echo " <td colspan=\"5\"><h3>".$LANG['Overview_alias_title']."</h3></td>";
@ -17,22 +17,19 @@ if (count($tAlias) > 0) {
echo " <td colspan=\"2\">&nbsp;</td>\n"; echo " <td colspan=\"2\">&nbsp;</td>\n";
echo " </tr>\n"; echo " </tr>\n";
for ($i = 0; $i < count($tAlias); $i++) { foreach ($list_alias as $row) {
if ((is_array($tAlias) and count($tAlias) > 0)) {
echo " <tr class=\"hilightoff\" onMouseOver=\"className='hilighton';\" onMouseOut=\"className='hilightoff';\">\n"; echo " <tr class=\"hilightoff\" onMouseOver=\"className='hilighton';\" onMouseOut=\"className='hilightoff';\">\n";
echo " <td>" . $tAlias[$i]['address'] . "</td>\n"; echo " <td>" . $row['address'] . "</td>\n";
echo " <td>" . preg_replace("/,/", "<br>", $tAlias[$i]['goto']) . "</td>\n"; echo " <td>" . preg_replace("/,/", "<br>", $row['goto']) . "</td>\n";
echo " <td>" . $tAlias[$i]['modified'] . "</td>\n"; echo " <td>" . $row['modified'] . "</td>\n";
echo " <td><a href=\"edit-alias.php?address=" . $tAlias[$i]['address'] . "&domain=" . $tAlias[$i]['domain'] . "\">" . $LANG['edit'] . "</a></td>\n"; echo " <td><a href=\"edit-alias.php?action=edit&address=" . $row['address'] . "&domain=" . $row['domain'] . "\">" . $LANG['edit'] . "</a></td>\n";
echo " <td><a href=\"delete.php?table=alias&delete=" . $tAlias[$i]['address'] . "&domain=" . $tAlias[$i]['domain'] . "\"onclick=\"return confirm ('" . $LANG['confirm'] . $LANG['Overview_get_aliases'] . ": ". $tAlias[$i]['address'] . "')\">" . $LANG['del'] . "</a></td>\n"; echo " <td><a href=\"delete.php?table=alias&delete=" . $row['address'] . "&domain=" . $row['domain'] . "\"onclick=\"return confirm ('" . $LANG['confirm'] . $LANG['Overview_get_aliases'] . ": ". $row['address'] . "')\">" . $LANG['del'] . "</a></td>\n";
echo " </tr>\n"; echo " </tr>\n";
} }
}
echo "</table>\n"; echo "</table>\n";
} }
if (count($tMailbox) > 0) { if (count($list_mailbox) > 0) {
echo "<table id=\"mailbox_table\">\n"; echo "<table id=\"mailbox_table\">\n";
echo " <tr>\n"; echo " <tr>\n";
echo " <td colspan=\"7\"><h3>".$LANG['Overview_mailbox_title']."</h3></td>"; echo " <td colspan=\"7\"><h3>".$LANG['Overview_mailbox_title']."</h3></td>";
@ -41,20 +38,17 @@ if (count($tMailbox) > 0) {
echo " <td>" . $LANG['Overview_mailbox_username'] . "</td>\n"; echo " <td>" . $LANG['Overview_mailbox_username'] . "</td>\n";
echo " <td>" . $LANG['Overview_mailbox_name'] . "</td>\n"; echo " <td>" . $LANG['Overview_mailbox_name'] . "</td>\n";
echo " <td>" . $LANG['Overview_mailbox_modified'] . "</td>\n"; echo " <td>" . $LANG['Overview_mailbox_modified'] . "</td>\n";
echo " <td>" . $LANG['Overview_mailbox_active'] . "</td>\n";
echo " <td colspan=\"2\">&nbsp;</td>\n"; echo " <td colspan=\"2\">&nbsp;</td>\n";
echo " </tr>\n"; echo " </tr>\n";
for ($i = 0; $i < count($tMailbox); $i++) { foreach ($list_mailbox as $row) {
if ((is_array($tMailbox) and count($tMailbox) > 0)) {
echo " <tr class=\"hilightoff\" onMouseOver=\"className='hilighton';\" onMouseOut=\"className='hilightoff';\">\n"; echo " <tr class=\"hilightoff\" onMouseOver=\"className='hilighton';\" onMouseOut=\"className='hilightoff';\">\n";
echo " <td>" . $tMailbox[$i]['username'] . "</td>\n"; echo " <td>" . $row['username'] . "</td>\n";
echo " <td>" . $tMailbox[$i]['name'] . "</td>\n"; echo " <td>" . $row['name'] . "</td>\n";
echo " <td><a href=\"edit-mailbox.php?username=" . $tMailbox[$i]['username'] . "&domain=" . $tMailbox[$i]['domain'] . "\">" . $LANG['edit'] . "</a></td>\n"; echo " <td><a href=\"edit-mailbox.php?action=edit&username=" . $row['username'] . "&domain=" . $row['domain'] . "\">" . $LANG['edit'] . "</a></td>\n";
echo " <td><a href=\"delete.php?table=mailbox&delete=" . $tMailbox[$i]['username'] . "&domain=" . $tMailbox[$i]['domain'] . "\"onclick=\"return confirm ('" . $LANG['confirm'] . $LANG['Overview_get_mailboxes'] . ": ". $tMailbox[$i]['username'] . "')\">" . $LANG['del'] . "</a></td>\n"; echo " <td><a href=\"delete.php?table=mailbox&delete=" . $row['username'] . "&domain=" . $row['domain'] . "\"onclick=\"return confirm ('" . $LANG['confirm'] . $LANG['Overview_get_mailboxes'] . ": ". $row['username'] . "')\">" . $LANG['del'] . "</a></td>\n";
echo " </tr>\n"; echo " </tr>\n";
} }
}
echo "</table>\n"; echo "</table>\n";
} }
?> ?>