diff --git a/admin/add-admin.php b/admin/add-admin.php
deleted file mode 100644
index 89039a3..0000000
--- a/admin/add-admin.php
+++ /dev/null
@@ -1,77 +0,0 @@
-
-// Copyright (c) 2022 High5!
-// License Info: LICENSE.TXT
-//
-// File: create-admin.php
-//
-// Template File: admin_create-admin.tpl
-//
-//
-// Template Variables:
-//
-// tMessage
-// tUsername
-// tDomains
-//
-// Form POST \ GET Variables:
-//
-// fUsername
-// fPassword
-// fPassword2
-// fDomains
-//
-require("../variables.inc.php");
-require("../config.inc.php");
-require("../functions.inc.php");
-include("../languages/" . check_language() . ".lang");
-
-$list_domains = list_domains();
-$list_admins = list_admins();
-
-if ($_SERVER['REQUEST_METHOD'] == "POST") {
- $username = filter_input(INPUT_POST, 'username', FILTER_VALIDATE_EMAIL);
- $password1 = filter_input(INPUT_POST, 'password1', FILTER_DEFAULT);
- $password2 = filter_input(INPUT_POST, 'password2', FILTER_DEFAULT);
- $domains = filter_input_array(INPUT_POST, array('domains' => array('filter' => FILTER_VALIDATE_DOMAIN, 'flags' => FILTER_REQUIRE_ARRAY)));
-
- if (empty($username) || in_array($username, array_column($list_admins, 'username'))) {
- $message = $PALANG['pAdminCreate_admin_username_error'];
- }
-
- if (empty($password1) or ($password1 != $password2)) {
- $message = $PALANG['pAdminCreate_admin_password_error'];
- }
-
- if (empty($domains['domains'])) {
- $message = $PALANG['pAdminCreate_admin_domain_error'];
- }
-
- if (empty($message)) {
- $hashed = bcrypt($password1);
- try {
- $dbh = connect_db();
- $sth = $dbh->prepare("INSERT INTO admin (username,password,created,modified) VALUES (?,?,NOW(),NOW())");
- $sth->bindParam(1, $username, PDO::PARAM_STR);
- $sth->bindParam(2, $hashed, PDO::PARAM_STR);
- $sth->execute();
- foreach ($domains['domains'] as $row) {
- $sth = $dbh->prepare("INSERT INTO domain_admins (username,domain,created) VALUES (?,?,NOW())");
- $sth->bindParam(1, $username, PDO::PARAM_STR);
- $sth->bindParam(2, $row, PDO::PARAM_STR);
- $sth->execute();
- }
- $message = $PALANG['pAdminCreate_admin_result_succes'] . "
($username)";
- } catch(PDOException $e) {
- $message = $PALANG['pAdminCreate_admin_result_error'] . "
($username)
";
- }
- }
-
-}
-include("../templates/header.tpl");
-include("../templates/admin_menu.tpl");
-include("../templates/admin_create-admin.tpl");
-include("../templates/footer.tpl");
-?>
diff --git a/admin/admin.php b/admin/admin.php
new file mode 100644
index 0000000..e6f9a42
--- /dev/null
+++ b/admin/admin.php
@@ -0,0 +1,134 @@
+
+// Copyright (c) 2022 High5!
+// License Info: LICENSE.TXT
+//
+// File: create-admin.php
+//
+// Template File: admin_create-admin.tpl
+//
+//
+// Template Variables:
+//
+// tMessage
+// tUsername
+// tDomains
+//
+// Form POST \ GET Variables:
+//
+// fUsername
+// fPassword
+// fPassword2
+// fDomains
+//
+require_once("../functions.inc.php");
+include("../languages/" . check_language() . ".lang");
+
+$list_domains = list_domains();
+$list_admins = list_admins();
+
+if ($_SERVER['REQUEST_METHOD'] == "GET") {
+ $action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'add';
+ if ($action == 'edit') {
+ $username = filter_input(INPUT_GET, 'username', FILTER_VALIDATE_EMAIL);
+ $domains['domains'] = array_column(list_domains($username), 'domain');
+ }
+}
+
+if ($_SERVER['REQUEST_METHOD'] == "POST") {
+ $action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'add';
+ $username = filter_input(INPUT_POST, 'username', FILTER_VALIDATE_EMAIL);
+ $password1 = filter_input(INPUT_POST, 'password1', FILTER_DEFAULT);
+ $password2 = filter_input(INPUT_POST, 'password2', FILTER_DEFAULT);
+ $domains = filter_input_array(INPUT_POST, array('domains' => array('filter' => FILTER_VALIDATE_DOMAIN, 'flags' => FILTER_REQUIRE_ARRAY)));
+
+
+ if ($action == 'add') {
+ if (empty($username) || in_array($username, array_column($list_admins, 'username'))) {
+ $message = $PALANG['pAdminCreate_admin_username_error'];
+ }
+
+ if (empty($password1) || $password1 != $password2) {
+ $message = $PALANG['pAdminCreate_admin_password_error'];
+ }
+
+ if (empty($domains['domains'])) {
+ $message = $PALANG['pAdminCreate_admin_domain_error'];
+ }
+
+ if (empty($message)) {
+ $hashed = bcrypt($password1);
+ try {
+ $dbh = connect_db();
+ $sth = $dbh->prepare("INSERT INTO admin (username,password,created,modified) VALUES (?,?,NOW(),NOW())");
+ $sth->bindParam(1, $username, PDO::PARAM_STR);
+ $sth->bindParam(2, $hashed, PDO::PARAM_STR);
+ $sth->execute();
+ foreach ($domains['domains'] as $row) {
+ $sth = $dbh->prepare("INSERT INTO domain_admins (username,domain,created) VALUES (?,?,NOW())");
+ $sth->bindParam(1, $username, PDO::PARAM_STR);
+ $sth->bindParam(2, $row, PDO::PARAM_STR);
+ $sth->execute();
+ }
+ $message = $PALANG['pAdminCreate_admin_result_succes'] . "
($username)";
+ } catch(PDOException $e) {
+ $message = $PALANG['pAdminCreate_admin_result_error'] . "
($username)
";
+ }
+ }
+ }
+
+ if (in_array($username, array_column($list_admins, 'username')) && $action == 'edit') {
+ if ($password1 != $password2) {
+ $message = $PALANG['pAdminCreate_admin_password_error'];
+ }
+ if (empty($message)) {
+ try {
+ $dbh = connect_db();
+ $hashed = bcrypt($password1);
+ $sth= $dbh->prepare("UPDATE admin SET password=?,modified=NOW() WHERE username=?");
+ $sth->bindParam(1, $hashed, PDO::PARAM_STR);
+ $sth->bindParam(2, $username, PDO::PARAM_STR);
+ $sth->execute();
+ } catch(PDOException $e) {
+ $message = $PALANG['pAdminEdit_admin_result_error'] . "
($username)
";
+ }
+ }
+
+ if (empty($domains['domains'])) {
+ $message = $PALANG['pAdminCreate_admin_domain_error'];
+ }
+ if (empty($message)) {
+ try {
+ $dbh = connect_db();
+ $sth = $dbh->prepare("SELECT COUNT(*) FROM domain_admins WHERE username=?");
+ $sth->execute(array($username));
+ $count_domain_admins = $sth->fetchColumn();
+
+ $sth = $dbh->prepare("DELETE FROM domain_admins WHERE username=?");
+ $sth->execute(array($username));
+ if ($sth->rowCount() != $count_domain_admins) {
+ throw new RuntimeException('Unable to delete entries from the domain_admins table.');
+ }
+
+ foreach ($domains['domains'] as $row) {
+ $sth = $dbh->prepare("INSERT INTO domain_admins (username,domain,created) VALUES (?,?,NOW())");
+ $sth->bindParam(1, $username, PDO::PARAM_STR);
+ $sth->bindParam(2, $row, PDO::PARAM_STR);
+ $sth->execute();
+ }
+ header("Location: list-admin.php");
+ } catch (RuntimeException $e) {
+ $message = $PALANG['pAdminEdit_admin_result_error'];
+ } catch (PDOException $e) {
+ $message = $PALANG['pAdminEdit_admin_result_error'];
+ }
+ }
+ }
+}
+include("../templates/header.tpl");
+include("../templates/admin_menu.tpl");
+include("../templates/admin_admin.tpl");
+include("../templates/footer.tpl");
+?>
diff --git a/admin/delete.php b/admin/delete.php
index 59f8fa9..962de78 100644
--- a/admin/delete.php
+++ b/admin/delete.php
@@ -135,6 +135,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") {
$dbh->rollBack();
} catch (PDOException $e) {
$message = $e->getMessage();
+ $dbh->rollBack();
}
}
diff --git a/admin/domain.php b/admin/domain.php
index 9055b22..2e24f6e 100644
--- a/admin/domain.php
+++ b/admin/domain.php
@@ -34,7 +34,7 @@ include '../languages/' . check_language() . '.lang';
$list_domains = list_domains();
if ($_SERVER['REQUEST_METHOD'] == "GET") {
- $action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'new';
+ $action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'add';
if ($action == 'edit') {
$domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN);
$domain_key = array_search($domain, array_column($list_domains, 'domain'));
@@ -45,7 +45,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") {
}
if ($_SERVER['REQUEST_METHOD'] == "POST") {
- $action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'new';
+ $action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'add';
$domain = strtolower(filter_input(INPUT_POST, 'domain', FILTER_VALIDATE_DOMAIN));
$description = filter_input(INPUT_POST, 'description', FILTER_CALLBACK, array('options' => 'htmlspecialchars'));
$aliases = filter_input(INPUT_POST, 'aliases', FILTER_VALIDATE_INT);
diff --git a/admin/edit-admin.php b/admin/edit-admin.php
deleted file mode 100644
index 97388aa..0000000
--- a/admin/edit-admin.php
+++ /dev/null
@@ -1,101 +0,0 @@
-
-// Copyright (c) 2022 High5!
-// License Info: LICENSE.TXT
-//
-// File: edit-admin.php
-//
-// Template File: admin_edit-admin.tpl
-//
-// Template Variables:
-//
-// tDescription
-// tAliases
-// tMailboxes
-// tMaxquota
-// tActive
-//
-// Form POST \ GET Variables:
-//
-// fDescription
-// fAliases
-// fMailboxes
-// fMaxquota
-// fActive
-//
-require("../variables.inc.php");
-require("../config.inc.php");
-require("../functions.inc.php");
-include("../languages/" . check_language() . ".lang");
-if ($_SERVER['REQUEST_METHOD'] == "GET") {
- $username = escape_string($_GET['username']);
-
- $list_domains = list_domains();
- $tDomains = list_domains_for_admin($username);
-
- $result = db_query("SELECT * FROM admin WHERE username='$username'");
- if ($result['rows'] == 1) {
- $row = db_array($result['result']);
- $tActive = $row['active'];
- }
-
- include("../templates/header.tpl");
- include("../templates/admin_menu.tpl");
- include("../templates/admin_edit-admin.tpl");
- include("../templates/footer.tpl");
-}
-
-if ($_SERVER['REQUEST_METHOD'] == "POST") {
- $username = escape_string($_GET['username']);
- $fPassword = escape_string($_POST['fPassword']);
- $fPassword2 = escape_string($_POST['fPassword2']);
- $fActive = escape_string($_POST['fActive']);
- if (isset($_POST['fDomains'])) $tDomains = $_POST['fDomains'];
-
- $list_domains = list_domains();
-
- if ($fPassword != $fPassword2) {
- $error = 1;
- $tActive = escape_string($_POST['fActive']);
- $tDomains = escape_string($_POST['fDomains']);
- $pAdminEdit_admin_password_text = $PALANG['pAdminEdit_admin_password_text_error'];
- }
-
- if ($error != 1) {
- if (empty($fPassword) and empty($fPassword2)) {
- if ($fActive == "on") $fActive = 1;
- $result = db_query("UPDATE admin SET modified=NOW(),active='$fActive' WHERE username='$username'");
- } else {
- $password = pacrypt($fPassword);
- if ($fActive == "on") $fActive = 1;
- $result = db_query("UPDATE admin SET password='$password',modified=NOW(),active='$fActive' WHERE username='$username'");
- }
-
- if (count($tDomains) > 0) {
- for ($i = 0; $i < count($tDomains); $i++) {
- $domain = $tDomains[$i];
- $result_domains = db_query("INSERT INTO domain_admins (username,domain,created) VALUES ('$username','$domain',NOW())");
- }
- }
-
- if ($result['rows'] == 1) {
- if (isset($tDomains[0])) {
- $result = db_query("DELETE FROM domain_admins WHERE username='$username'");
- for ($i = 0; $i < count($tDomains); $i++) {
- $domain = $tDomains[$i];
- $result = db_query("INSERT INTO domain_admins (username,domain,created) VALUES ('$username','$domain',NOW())");
- }
- }
- header("Location: list-admin.php");
- } else {
- $tMessage = $PALANG['pAdminEdit_admin_result_error'];
- }
- }
- include("../templates/header.tpl");
- include("../templates/admin_menu.tpl");
- include("../templates/admin_edit-admin.tpl");
- include("../templates/footer.tpl");
-}
-?>
diff --git a/templates/admin_add-admin.tpl b/templates/admin_admin.tpl
similarity index 100%
rename from templates/admin_add-admin.tpl
rename to templates/admin_admin.tpl
diff --git a/templates/admin_list-admin.tpl b/templates/admin_list-admin.tpl
index cb01b55..620e6c0 100644
--- a/templates/admin_list-admin.tpl
+++ b/templates/admin_list-admin.tpl
@@ -16,7 +16,7 @@ if (count($list_admins) > 0) {
echo "