diff --git a/add-alias.php b/add-alias.php index 3c0802d..37ff751 100644 --- a/add-alias.php +++ b/add-alias.php @@ -16,7 +16,7 @@ // domain // goto // -// Form POST / GET Variables: +// POST / GET Variables: // // address // domain @@ -26,9 +26,16 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$list_domains = list_domains($SESSID_USERNAME); +$PERMISSIONS = check_permissions(); $admin = $SESSID_USERNAME ?? ADMIN_EMAIL; +if ($PERMISSIONS == ADMIN_RIGHTS) { + $list_domains = list_domains(); + $list_admins = list_admins(); +} else { + $list_domains = list_domains($SESSID_USERNAME); +} + if ($_SERVER['REQUEST_METHOD'] == "GET") { $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN); $domain_key = array_search($domain, array_column($list_domains, 'domain')); diff --git a/add-mailbox.php b/add-mailbox.php index 91bd255..028b6ba 100644 --- a/add-mailbox.php +++ b/add-mailbox.php @@ -16,7 +16,7 @@ // name // domain // -// Form POST / GET Variables: +// POST / GET Variables: // // username // password1 @@ -28,9 +28,16 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$list_domains = list_domains($SESSID_USERNAME); +$PERMISSIONS = check_permissions(); $admin = $SESSID_USERNAME ?? ADMIN_EMAIL; +if ($PERMISSIONS == ADMIN_RIGHTS) { + $list_domains = list_domains(); + $list_admins = list_admins(); +} else { + $list_domains = list_domains($SESSID_USERNAME); +} + if ($_SERVER['REQUEST_METHOD'] == "GET") { $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN); $domain_key = array_search($domain, array_column($list_domains, 'domain')); diff --git a/admin/.htaccess b/admin/.htaccess deleted file mode 100644 index 4dc0a29..0000000 --- a/admin/.htaccess +++ /dev/null @@ -1,8 +0,0 @@ -AuthUserFile /usr/local/www/mailadmin.high5.net/admin/.htpasswd -AuthGroupFile /dev/null -AuthName "Postfix Admin" -AuthType Basic - - -require valid-user - diff --git a/admin/add-alias.php b/admin/add-alias.php deleted file mode 100644 index ac84b03..0000000 --- a/admin/add-alias.php +++ /dev/null @@ -1,79 +0,0 @@ - -// Copyright (c) 2022 High5! -// License Info: LICENSE.TXT -// -// File: add-alias.php -// -// Template File: add-alias.tpl -// -// Template Variables: -// -// message -// address -// domain -// goto -// -// Form POST / GET Variables: -// -// address -// domain -// goto -// -require_once '../functions.inc.php'; -include '../languages/' . check_language() . '.lang'; - -$list_domains = list_domains(); -$admin = $SESSID_USERNAME ?? ADMIN_EMAIL; - -if ($_SERVER['REQUEST_METHOD'] == "GET") { - $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN); - $domain_key = array_search($domain, array_column($list_domains, 'domain')); - $domain_exist = in_array($domain, array_column($list_domains, 'domain')); -} - -if ($_SERVER['REQUEST_METHOD'] == "POST") { - $address = strtolower(filter_input(INPUT_POST, 'address', FILTER_DEFAULT)); - $domain = filter_input(INPUT_POST, 'domain', FILTER_VALIDATE_DOMAIN); - $goto = strtolower(filter_input(INPUT_POST, 'goto', FILTER_DEFAULT)); - $domain_key = array_search($domain, array_column($list_domains, 'domain')); - $domain_exist = in_array($domain, array_column($list_domains, 'domain')); - $from = filter_var($address . '@' . $domain, FILTER_VALIDATE_EMAIL); - - if (!str_contains($goto, '@')) { - $goto = $goto . "@" . $domain; - } - $goto = filter_var($goto, FILTER_VALIDATE_EMAIL); - - if ($list_domains[$domain_key]['aliases'] != 0 && $list_domains[$domain_key]['alias_count'] >= $list_domains[$domain_key]['aliases']) { - $message = $LANG['Add_alias_address_text_error2']; - } - - if (empty($address) || empty($goto)) { - $message = $LANG['Add_alias_address_text_error1']; - } - - if ($domain_exist && empty($message)) { - try { - $dbh = pdo_connect(); - $sth = $dbh->prepare("INSERT INTO alias (address,goto,domain,created,modified) VALUES (?,?,?,NOW(),NOW())"); - $sth->bindParam(1, $from, PDO::PARAM_STR); - $sth->bindParam(2, $goto, PDO::PARAM_STR); - $sth->bindParam(3, $domain, PDO::PARAM_STR); - $sth->execute(); - logging($admin, $domain, $LANG['Logging_alias_add'], "$from -> $goto"); - $message = $LANG['Add_alias_result_succes'] . "
($from -> $goto)
"; - $address = ''; - $goto = ''; - } catch(PDOException $e) { - $message = $LANG['Add_alias_result_error'] . "
($from -> $goto)
"; - } - } -} -include '../templates/header.tpl'; -include '../templates/admin_menu.tpl'; -include '../templates/add-alias.tpl'; -include '../templates/footer.tpl'; -?> diff --git a/admin/add-mailbox.php b/admin/add-mailbox.php deleted file mode 100644 index 50b2ccb..0000000 --- a/admin/add-mailbox.php +++ /dev/null @@ -1,98 +0,0 @@ - -// Copyright (c) 2022 High5! -// License Info: LICENSE.TXT -// -// File: add-mailbox.php -// -// Template File: add-mailbox.tpl -// -// Template Variables: -// -// message -// username -// name -// domain -// -// Form POST / GET Variables: -// -// username -// password1 -// password2 -// name -// domain -// -require_once '../functions.inc.php'; -include '../languages/' . check_language() . '.lang'; - -$list_domains = list_domains(); -$admin = $SESSID_USERNAME ?? ADMIN_EMAIL; - -if ($_SERVER['REQUEST_METHOD'] == "GET") { - $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN); - $domain_key = array_search($domain, array_column($list_domains, 'domain')); - $domain_exist = in_array($domain, array_column($list_domains, 'domain')); -} - -if ($_SERVER['REQUEST_METHOD'] == "POST") { - $username = strtolower(filter_input(INPUT_POST, 'username', FILTER_DEFAULT)); - $domain = filter_input(INPUT_POST, 'domain', FILTER_VALIDATE_DOMAIN); - $password1 = filter_input(INPUT_POST, 'password1', FILTER_DEFAULT); - $password2 = filter_input(INPUT_POST, 'password2', FILTER_DEFAULT); - $name = filter_input(INPUT_POST, 'name', FILTER_DEFAULT); - $domain_key = array_search($domain, array_column($list_domains, 'domain')); - $domain_exist = in_array($domain, array_column($list_domains, 'domain')); - $from = filter_var($username . '@' . $domain, FILTER_VALIDATE_EMAIL); - - if ($list_domains[$domain_key]['mailboxes'] != 0 && $list_domains[$domain_key]['mailbox_count'] >= $list_domains[$domain_key]['mailboxes']) { - $message = $LANG['Add_mailbox_username_text_error3']; - } - - if (empty($username)) { - $message = $LANG['Add_mailbox_username_text_error1']; - } - - if (empty($password1) or ($password1 != $password2)) { - $message = $LANG['Add_mailbox_password_text_error']; - } - - if ($domain_exist && empty($message)) { - $hashed = bcrypt($password1); - $maildir = $from . "/"; - - try { - $dbh = pdo_connect(); - $sth = $dbh->prepare("INSERT INTO alias (address,goto,domain,created,modified) VALUES (?,'vmail',?,NOW(),NOW())"); - $sth->bindParam(1, $from, PDO::PARAM_STR); - $sth->bindParam(2, $domain, PDO::PARAM_STR); - $sth->execute(); - $username = ''; - } catch(PDOException $e) { - $message = $LANG['Add_alias_result_error'] . "
($from) - $e
"; - } - - try { - $dbh = pdo_connect(); - $sth = $dbh->prepare("INSERT INTO mailbox (username,password,name,maildir,domain,created,modified) VALUES (?,?,?,?,?,NOW(),NOW())"); - $sth->bindParam(1, $from, PDO::PARAM_STR); - $sth->bindParam(2, $hashed, PDO::PARAM_STR); - $sth->bindParam(3, $name, PDO::PARAM_STR); - $sth->bindParam(4, $maildir, PDO::PARAM_STR); - $sth->bindParam(5, $domain, PDO::PARAM_STR); - $sth->execute(); - logging($admin, $domain, $LANG['Logging_mailbox_add'], "$from"); - $message = $LANG['Add_mailbox_result_succes'] . "
($from)"; - $username = ''; - $name = ''; - } catch(PDOException $e) { - $message = $LANG['Add_alias_result_error'] . "
($from) - $e
"; - } - } -} -include '../templates/header.tpl'; -include '../templates/admin_menu.tpl'; -include '../templates/add-mailbox.tpl'; -include '../templates/footer.tpl'; -?> diff --git a/admin/admin.php b/admin/admin.php deleted file mode 100644 index 916eefe..0000000 --- a/admin/admin.php +++ /dev/null @@ -1,135 +0,0 @@ - -// Copyright (c) 2022 High5! -// License Info: LICENSE.TXT -// -// File: admin.php -// -// Template File: admin_admin.tpl -// -// -// Template Variables: -// -// action -// message -// username -// domains -// -// Form POST / GET Variables: -// -// username -// password1 -// password2 -// domains -// -require_once '../functions.inc.php'; -include '../languages/' . check_language() . '.lang'; - -$list_domains = list_domains(); -$list_admins = list_admins(); - -if ($_SERVER['REQUEST_METHOD'] == "GET") { - $action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'add'; - if ($action == 'edit') { - $username = filter_input(INPUT_GET, 'username', FILTER_VALIDATE_EMAIL); - $domains['domains'] = array_column(list_domains($username), 'domain'); - } -} - -if ($_SERVER['REQUEST_METHOD'] == "POST") { - $action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'add'; - $username = filter_input(INPUT_POST, 'username', FILTER_VALIDATE_EMAIL); - $password1 = filter_input(INPUT_POST, 'password1', FILTER_DEFAULT); - $password2 = filter_input(INPUT_POST, 'password2', FILTER_DEFAULT); - $domains = filter_input_array(INPUT_POST, array('domains' => array('filter' => FILTER_VALIDATE_DOMAIN, 'flags' => FILTER_REQUIRE_ARRAY))); - - - if ($action == 'add') { - if (empty($username) || in_array($username, array_column($list_admins, 'username'))) { - $message = $LANG['AdminAdd_admin_username_error']; - } - - if (empty($password1) || $password1 != $password2) { - $message = $LANG['AdminAdd_admin_password_error']; - } - - if (empty($domains['domains'])) { - $message = $LANG['AdminAdd_admin_domain_error']; - } - - if (empty($message)) { - $hashed = bcrypt($password1); - try { - $dbh = pdo_connect(); - $sth = $dbh->prepare("INSERT INTO admin (username,password,created,modified) VALUES (?,?,NOW(),NOW())"); - $sth->bindParam(1, $username, PDO::PARAM_STR); - $sth->bindParam(2, $hashed, PDO::PARAM_STR); - $sth->execute(); - foreach ($domains['domains'] as $row) { - $sth = $dbh->prepare("INSERT INTO domain_admins (username,domain,created) VALUES (?,?,NOW())"); - $sth->bindParam(1, $username, PDO::PARAM_STR); - $sth->bindParam(2, $row, PDO::PARAM_STR); - $sth->execute(); - } - $message = $LANG['AdminAdd_admin_result_succes'] . "
($username)
"; - } catch(PDOException $e) { - $message = $LANG['AdminAdd_admin_result_error'] . "
($username)
"; - } - } - } - - if (in_array($username, array_column($list_admins, 'username')) && $action == 'edit') { - if ($password1 != $password2) { - $message = $LANG['AdminAdd_admin_password_error']; - } - if (empty($message) && !empty($password1)) { - $hashed = bcrypt($password1); - try { - $dbh = pdo_connect(); - $sth = $dbh->prepare("UPDATE admin SET password=?,modified=NOW() WHERE username=?"); - $sth->bindParam(1, $hashed, PDO::PARAM_STR); - $sth->bindParam(2, $username, PDO::PARAM_STR); - $sth->execute(); - } catch(PDOException $e) { - $message = $LANG['AdminEdit_admin_result_error'] . "
($username)
"; - } - } - - if (empty($domains['domains'])) { - $message = $LANG['AdminAdd_admin_domain_error']; - } - if (empty($message)) { - try { - $dbh = pdo_connect(); - $sth = $dbh->prepare("SELECT COUNT(*) FROM domain_admins WHERE username=?"); - $sth->execute(array($username)); - $count_domain_admins = $sth->fetchColumn(); - - $sth = $dbh->prepare("DELETE FROM domain_admins WHERE username=?"); - $sth->execute(array($username)); - if ($sth->rowCount() != $count_domain_admins) { - throw new RuntimeException('Unable to delete entries from the domain_admins table.'); - } - - foreach ($domains['domains'] as $row) { - $sth = $dbh->prepare("INSERT INTO domain_admins (username,domain,created) VALUES (?,?,NOW())"); - $sth->bindParam(1, $username, PDO::PARAM_STR); - $sth->bindParam(2, $row, PDO::PARAM_STR); - $sth->execute(); - } - header("Location: list-admin.php"); - } catch (RuntimeException $e) { - $message = $LANG['AdminEdit_admin_result_error']; - } catch (PDOException $e) { - $message = $LANG['AdminEdit_admin_result_error']; - } - } - } -} -include '../templates/header.tpl'; -include '../templates/admin_menu.tpl'; -include '../templates/admin_admin.tpl'; -include '../templates/footer.tpl'; -?> diff --git a/admin/backup.php b/admin/backup.php deleted file mode 100644 index 9066fb4..0000000 --- a/admin/backup.php +++ /dev/null @@ -1,68 +0,0 @@ - -// Copyright (c) 2022 High5! -// License Info: LICENSE.TXT -// -// File: backup.php -// -// Template File: -none- -// -// Template Variables: -// -// -none- -// -// Form POST / GET Variables: -// -// -none- -// -require_once '../functions.inc.php'; -include '../languages/' . check_language() . '.lang'; -date_default_timezone_set('Europe/Amsterdam'); - -if ($_SERVER['REQUEST_METHOD'] == "GET") { - umask(077); - $filename = "opensmtpadmin-" . date("Ymd") . "-" . getmypid() . ".sql"; - $backup = "/tmp" . $filename; - $header = "#\n# OpenSMTPD Admin " . VERSION . "\n# Date: " . date("D M j G:i:s T Y") . "\n#\n"; - $tables = array('admin','alias','domain','domain_admins','log','mailbox','vacation'); - - if (!$fh = fopen($backup, 'w')) { - $message = "
Cannot open file ($backup)
"; - include '../templates/header.tpl'; - include '../templates/admin_menu.tpl'; - include '../templates/message.tpl'; - include '../templates/footer.tpl'; - } else { - fwrite($fh, $header); - $dbh = pdo_connect(); - foreach ($tables as $table) { - $sth = $dbh->query("SHOW CREATE TABLE $table"); - $row = $sth->fetch(PDO::FETCH_ASSOC); - fwrite ($fh, $row['Create Table']. "\n\n"); - } - - foreach ($tables as $table) { - $sth = $dbh->query("SELECT * FROM $table"); - while ($row = $sth->fetch(PDO::FETCH_ASSOC)) { - foreach ($row as $k => $v) { - $keys[] = $k; - $values[] = $v; - } - fwrite($fh, "INSERT INTO ". $table . " (". implode (',',$keys) . ") VALUES ('" . implode ('\',\'',$values) . "')\n"); - $keys = array(); - $values = array(); - } - } - } - header("Content-Type: application/octet-stream"); - header("Content-Disposition: attachment; filename=\"$filename\""); - header("Content-Transfer-Encoding: binary"); - header("Content-Length: " . filesize("$backup")); - header("Content-Description: OpenSMTPD Admin"); - $download_backup = fopen("$backup", "r"); - unlink("$backup"); - fpassthru($download_backup); -} -?> diff --git a/admin/delete.php b/admin/delete.php deleted file mode 100644 index 28c56c0..0000000 --- a/admin/delete.php +++ /dev/null @@ -1,193 +0,0 @@ - -// Copyright (c) 2022 High5! -// License Info: LICENSE.TXT -// -// File: delete.php -// -// Template File: message.tpl -// -// Template Variables: -// -// message -// -// Form POST / GET Variables: -// -// table -// where -// delete -// domain -// -require_once '../functions.inc.php'; -include '../languages/' . check_language() . '.lang'; - -$list_domains = list_domains(); -$admin = $SESSID_USERNAME ?? ADMIN_EMAIL; - -if ($_SERVER['REQUEST_METHOD'] == "GET") { - $table = filter_input(INPUT_GET, 'table', FILTER_DEFAULT); - $delete = filter_input(INPUT_GET, 'delete', FILTER_DEFAULT); - $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN); - $domain_key = array_search($domain, array_column($list_domains, 'domain')); - $domain_exist = in_array($domain, array_column($list_domains, 'domain')); - - if ($domain_exist && $table == "domain") { - try { - $dbh = pdo_connect(); - $dbh->beginTransaction(); - - $sth = $dbh->prepare("SELECT COUNT(*) FROM log WHERE domain=?"); - $sth->execute(array($domain)); - $count_log = $sth->fetchColumn(); - - $sth = $dbh->prepare("DELETE FROM log WHERE domain=?"); - $sth->execute(array($domain)); - if ($sth->rowCount() != $count_log) { - throw new RuntimeException('Unable to delete entries from the logs table.'); - } - - $sth = $dbh->prepare("SELECT COUNT(*) FROM vacation WHERE domain=?"); - $sth->execute(array($domain)); - $count_vacation = $sth->fetchColumn(); - - $sth = $dbh->prepare("DELETE FROM vacation WHERE domain=?"); - $sth->execute(array($domain)); - if ($sth->rowCount() != $count_vacation) { - throw new RuntimeException('Unable to delete entries from the vacation table.'); - } - - $sth = $dbh->prepare("SELECT COUNT(*) FROM alias WHERE domain=?"); - $sth->execute(array($domain)); - $count_alias = $sth->fetchColumn(); - - $sth = $dbh->prepare("DELETE FROM alias WHERE domain=?"); - $sth->execute(array($domain)); - if ($sth->rowCount() != $count_alias) { - throw new RuntimeException('Unable to delete entries from the alias table.'); - } - - $sth = $dbh->prepare("SELECT COUNT(*) FROM mailbox WHERE domain=?"); - $sth->execute(array($domain)); - $count_mailbox = $sth->fetchColumn(); - - $sth = $dbh->prepare("DELETE FROM mailbox WHERE domain=?"); - $sth->execute(array($domain)); - if ($sth->rowCount() != $count_mailbox) { - throw new RuntimeException('Unable to delete entries from the mailbox table.'); - } - - $sth = $dbh->prepare("SELECT COUNT(*) FROM domain_admins WHERE domain=?"); - $sth->execute(array($domain)); - $count_domain_admins = $sth->fetchColumn(); - - $sth = $dbh->prepare("DELETE FROM domain_admins WHERE domain=?"); - $sth->execute(array($domain)); - if ($sth->rowCount() != $count_domain_admins) { - throw new RuntimeException('Unable to delete entries from the domain_admins table.'); - } - - $sth = $dbh->prepare("SELECT COUNT(*) FROM domain WHERE domain=?"); - $sth->execute(array($domain)); - $count_domain = $sth->fetchColumn(); - - $sth = $dbh->prepare("DELETE FROM domain WHERE domain=?"); - $sth->execute(array($domain)); - if ($sth->rowCount() != $count_domain) { - throw new RuntimeException('Unable to delete entry from the domain table.'); - } - - $dbh->commit(); - header("Location: list-domain.php"); - } catch (RuntimeException $e) { - $message = $e->getMessage(); - $dbh->rollBack(); - } catch (PDOException $e) { - $message = $e->getMessage(); - } - } - - if ($table == "admin") { - try { - $dbh = pdo_connect(); - $dbh->beginTransaction(); - - $sth = $dbh->prepare("SELECT COUNT(*) FROM admin WHERE username=?"); - $sth->execute(array($delete)); - $count_admin = $sth->fetchColumn(); - - $sth = $dbh->prepare("DELETE FROM admin WHERE username=?"); - $sth->execute(array($delete)); - if ($sth->rowCount() != $count_admin) { - throw new RuntimeException('Unable to delete entry from the admin table.'); - } - - $sth = $dbh->prepare("SELECT COUNT(*) FROM domain_admins WHERE username=?"); - $sth->execute(array($delete)); - $count_domain_admins = $sth->fetchColumn(); - - $sth = $dbh->prepare("DELETE FROM domain_admins WHERE username=?"); - $sth->execute(array($delete)); - if ($sth->rowCount() != $count_domain_admins) { - throw new RuntimeException('Unable to delete entries from the domain_admins table.'); - } - - $dbh->commit(); - header("Location: list-admin.php"); - } catch (RuntimeException $e) { - $message = $e->getMessage(); - $dbh->rollBack(); - } catch (PDOException $e) { - $message = $e->getMessage(); - $dbh->rollBack(); - } - } - - if ($domain_exist && ($table == 'alias' || $table == 'mailbox')) { - try { - $dbh = pdo_connect(); - $sth = $dbh->prepare("DELETE FROM alias WHERE address=? AND domain=?"); - $sth->bindParam(1, $delete, PDO::PARAM_STR); - $sth->bindParam(2, $domain, PDO::PARAM_STR); - $sth->execute(); - if ($sth->rowCount() != 1) { - throw new RuntimeException('alias'); - } - logging($admin, $domain, $LANG['Logging_alias_delete'], $delete); - - header("Location: list-virtual.php?domain=$domain"); - } catch (RuntimeException $e) { - $message = $LANG['Delete_delete_error'] . "$delete (" . $e->getMessage() . ")!"; - } catch (PDOException $e) { - $message = $LANG['Delete_delete_error'] . "$delete (alias)! " . $e-getMessage(); - } - - try { - $dbh = pdo_connect(); - $sth = $dbh->prepare("DELETE FROM mailbox WHERE username=? AND domain=?"); - $sth->bindParam(1, $delete, PDO::PARAM_STR); - $sth->bindParam(2, $domain, PDO::PARAM_STR); - $sth->execute(); - if ($sth->rowCount() != 1) { - throw new RuntimeException('mailbox'); - } - logging($admin, $domain, $LANG['Logging_mailbox_delete'], $delete); - - $sth = $dbh->prepare("DELETE FROM vacation WHERE email=? AND domain=?"); - $sth->bindParam(1, $delete, PDO::PARAM_STR); - $sth->bindParam(2, $domain, PDO::PARAM_STR); - $sth->execute(); - header("Location: list-virtual.php?domain=$domain"); - } catch (RuntimeException $e) { - $message = $LANG['Delete_delete_error'] . "$delete (" . $e->getMessage() . ")!"; - } catch (PDOException $e) { - $message = $LANG['Delete_delete_error'] . "$delete (mailbox)!"; - } - } -} -include '../templates/header.tpl'; -include '../templates/admin_menu.tpl'; -include '../templates/message.tpl'; -include '../templates/footer.tpl'; -?> diff --git a/admin/domain.php b/admin/domain.php deleted file mode 100644 index 7bab9d2..0000000 --- a/admin/domain.php +++ /dev/null @@ -1,88 +0,0 @@ - -// Copyright (c) 2022 High5! -// License Info: LICENSE.TXT -// -// File: domain.php -// -// Template File: admin_domain.tpl -// -// Template Variables: -// -// action -// message -// domain -// description -// aliases -// mailboxes -// -// Form POST / GET Variables: -// -// domain -// description -// aliases -// mailboxes -// -require_once '../functions.inc.php'; -include '../languages/' . check_language() . '.lang'; - -$list_domains = list_domains(); - -if ($_SERVER['REQUEST_METHOD'] == "GET") { - $action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'add'; - if ($action == 'edit') { - $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN); - $domain_key = array_search($domain, array_column($list_domains, 'domain')); - $description = $list_domains[$domain_key]['description']; - $aliases = $list_domains[$domain_key]['aliases']; - $mailboxes = $list_domains[$domain_key]['mailboxes']; - } -} - -if ($_SERVER['REQUEST_METHOD'] == "POST") { - $action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT) ?? 'add'; - $domain = strtolower(filter_input(INPUT_POST, 'domain', FILTER_VALIDATE_DOMAIN)); - $description = filter_input(INPUT_POST, 'description', FILTER_CALLBACK, array('options' => 'htmlspecialchars')); - $aliases = filter_input(INPUT_POST, 'aliases', FILTER_VALIDATE_INT); - $mailboxes = filter_input(INPUT_POST, 'mailboxes', FILTER_VALIDATE_INT); - - if (!in_array($domain, array_column($list_domains, 'domain'))) { - try { - $dbh = pdo_connect(); - $sth = $dbh->prepare("INSERT INTO domain (domain,description,aliases,mailboxes,created,modified) VALUES (?,?,?,?,NOW(),NOW())"); - $sth->bindParam(1, $domain, PDO::PARAM_STR); - $sth->bindParam(2, $description, PDO::PARAM_STR); - $sth->bindParam(3, $aliases, PDO::PARAM_INT); - $sth->bindParam(4, $mailboxes, PDO::PARAM_INT); - $sth->execute(); - $message = $LANG['AdminAdd_domain_result_succes'] . "
($domain)
"; - } catch(PDOException $e) { - $message = $LANG['AdminAdd_domain_result_error'] . "
($domain)
"; - } - } else { - $message = $LANG['AdminAdd_domain_domain_text_error']; - } - - if (in_array($domain, array_column($list_domains, 'domain')) && $action == 'edit') { - try { - $dbh = pdo_connect(); - $sth = $dbh->prepare("UPDATE domain SET description=?,aliases=?,mailboxes=?,modified=NOW() WHERE domain=?"); - $sth->bindParam(1, $description, PDO::PARAM_STR); - $sth->bindParam(2, $aliases, PDO::PARAM_INT); - $sth->bindParam(3, $mailboxes, PDO::PARAM_INT); - $sth->bindParam(4, $domain, PDO::PARAM_STR); - $sth->execute(); - header("Location: list-domain.php"); - } catch(PDOException $e) { - $message = $LANG['AdminEdit_domain_result_error']; - } - } -} - -include '../templates/header.tpl'; -include '../templates/admin_menu.tpl'; -include '../templates/admin_domain.tpl'; -include '../templates/footer.tpl'; -?> diff --git a/admin/edit-alias.php b/admin/edit-alias.php deleted file mode 100644 index b1c0010..0000000 --- a/admin/edit-alias.php +++ /dev/null @@ -1,93 +0,0 @@ - -// Copyright (c) 2022 High5! -// License Info: LICENSE.TXT -// -// File: edit-alias.php -// -// Template File: edit-alias.tpl -// -// Template Variables: -// -// message -// goto -// -// Form POST / GET Variables: -// -// address -// domain -// goto -// -require_once '../functions.inc.php'; -include '../languages/' . check_language() . '.lang'; - -$list_domains = list_domains(); -$admin = $SESSID_USERNAME ?? ADMIN_EMAIL; - -if ($_SERVER['REQUEST_METHOD'] == "GET") { - $address = filter_input(INPUT_GET, 'address', FILTER_VALIDATE_EMAIL); - $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN); - $domain_key = array_search($domain, array_column($list_domains, 'domain')); - $domain_exist = in_array($domain, array_column($list_domains, 'domain')); - - if ($domain_exist) { - try { - $dbh = pdo_connect(); - $sth = $dbh->prepare("SELECT goto FROM alias WHERE address=? AND domain=?"); - $sth->bindParam(1, $address, PDO::PARAM_STR); - $sth->bindParam(2, $domain, PDO::PARAM_STR); - $sth->execute(); - $goto = $sth->fetch(PDO::FETCH_COLUMN); - $goto = explode(',', $goto); - } catch(PDOException $e) { - $message = $LANG['Edit_alias_address_error']; - } - } -} - -if ($_SERVER['REQUEST_METHOD'] == "POST") { - $address = strtolower(filter_input(INPUT_GET, 'address', FILTER_VALIDATE_EMAIL)); - $domain = strtolower(filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN)); - $goto = strtolower(filter_input(INPUT_POST, 'goto', FILTER_DEFAULT)); - $domain_key = array_search($domain, array_column($list_domains, 'domain')); - $domain_exist = in_array($domain, array_column($list_domains, 'domain')); - - if (empty($goto)) { - $goto = array(); - $message = $LANG['Edit_alias_goto_text_error1']; - } else { - $goto = preg_replace('/\\\r\\\n/', ',', $goto); - $goto = preg_replace('/\r\n/', ',', $goto); - $goto = preg_replace('/[\s]+/i', '', $goto); - $goto = preg_replace('/\,*$/', '', $goto); - $validate_goto = explode(',', $goto); - foreach ($validate_goto as $row) { - if (!filter_var($row, FILTER_VALIDATE_EMAIL)) { - $goto = explode(',', $goto); - $message = $LANG['Edit_alias_goto_text_error2'] . "$row"; - } - } - } - - if ($domain_exist && empty($message)) { - try { - $dbh = pdo_connect(); - $sth = $dbh->prepare("UPDATE alias SET goto=?,modified=NOW() WHERE address=? AND domain=?"); - $sth->bindParam(1, $goto, PDO::PARAM_STR); - $sth->bindParam(2, $address, PDO::PARAM_STR); - $sth->bindParam(3, $domain, PDO::PARAM_STR); - $sth->execute(); - logging($admin, $domain, $LANG['Logging_alias_edit'], "$address -> $goto"); - header("Location: list-virtual.php?domain=$domain"); - } catch(PDOException $e) { - $message = $LANG['Edit_alias_result_error']; - } - } -} -include '../templates/header.tpl'; -include '../templates/admin_menu.tpl'; -include '../templates/edit-alias.tpl'; -include '../templates/footer.tpl'; -?> diff --git a/admin/edit-mailbox.php b/admin/edit-mailbox.php deleted file mode 100644 index c0f358a..0000000 --- a/admin/edit-mailbox.php +++ /dev/null @@ -1,99 +0,0 @@ - -// Copyright (c) 2022 High5! -// License Info: LICENSE.TXT -// -// File: edit-mailbox.php -// -// Template File: edit-mailbox.tpl -// -// Template Variables: -// -// message -// name -// -// Form POST / GET Variables: -// -// username -// domain -// password1 -// password2 -// name -// -require_once '../functions.inc.php'; -include '../languages/' . check_language() . '.lang'; - -$list_domains = list_domains(); -$admin = $SESSID_USERNAME ?? ADMIN_EMAIL; - -if ($_SERVER['REQUEST_METHOD'] == "GET") { - $username = strtolower(filter_input(INPUT_GET, 'username', FILTER_DEFAULT)); - $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN); - $domain_key = array_search($domain, array_column($list_domains, 'domain')); - $domain_exist = in_array($domain, array_column($list_domains, 'domain')); - - if ($domain_exist) { - try { - $dbh = pdo_connect(); - $sth = $dbh->prepare("SELECT * FROM mailbox WHERE username=? AND domain=?"); - $sth->bindParam(1, $username, PDO::PARAM_STR); - $sth->bindParam(2, $domain, PDO::PARAM_STR); - $sth->execute(); - $mailbox_details = $sth->fetch(); - $name = $mailbox_details['name']; - } catch(PDOException $e) { - $message = $LANG['Edit_mailbox_login_error']; - } - } -} - -if ($_SERVER['REQUEST_METHOD'] == "POST") { - $username = strtolower(filter_input(INPUT_GET, 'username', FILTER_DEFAULT)); - $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN); - $password1 = filter_input(INPUT_POST, 'password1', FILTER_DEFAULT); - $password2 = filter_input(INPUT_POST, 'password2', FILTER_DEFAULT); - $name = filter_input(INPUT_POST, 'name', FILTER_DEFAULT); - $domain_key = array_search($domain, array_column($list_domains, 'domain')); - $domain_exist = in_array($domain, array_column($list_domains, 'domain')); - - if ($password1 != $password2) { - $message = $LANG['Edit_mailbox_password_text_error']; - } - - if (empty($message) && isset($domain_key) && !empty($password1)) { - $hashed = bcrypt($password1); - try { - $dbh = pdo_connect(); - $sth = $dbh->prepare("UPDATE mailbox SET password=?,name=?,modified=NOW() WHERE username=? AND domain=?"); - $sth->bindParam(1, $hashed, PDO::PARAM_STR); - $sth->bindParam(2, $name, PDO::PARAM_STR); - $sth->bindParam(3, $username, PDO::PARAM_STR); - $sth->bindParam(4, $domain, PDO::PARAM_STR); - $sth->execute(); - } catch(PDOException $e) { - $message = $LANG['Edit_mailbox_result_error']; - } - } - - if ($domain_exist && empty($message)) { - try { - $dbh = pdo_connect(); - $sth = $dbh->prepare("UPDATE mailbox SET name=?,modified=NOW() WHERE username=? AND domain=?"); - $sth->bindParam(1, $name, PDO::PARAM_STR); - $sth->bindParam(2, $username, PDO::PARAM_STR); - $sth->bindParam(3, $domain, PDO::PARAM_STR); - $sth->execute(); - logging($admin, $domain, $LANG['Logging_mailbox_edit'], $username); - header("Location: list-virtual.php?domain=$domain"); - } catch(PDOException $e) { - $message = $LANG['Edit_mailbox_result_error']; - } - } -} -include '../templates/header.tpl'; -include '../templates/admin_menu.tpl'; -include '../templates/edit-mailbox.tpl'; -include '../templates/footer.tpl'; -?> diff --git a/admin/index.php b/admin/index.php deleted file mode 100644 index 383d9fe..0000000 --- a/admin/index.php +++ /dev/null @@ -1,22 +0,0 @@ - -// Copyright (c) 2022 High5! -// License Info: LICENSE.TXT -// -// File: index.php -// -// Template File: -none- -// -// Template Variables: -// -// -none- -// -// Form POST / GET Variables: -// -// -none- -// -header ("Location: list-domain.php"); -exit; -?> diff --git a/admin/list-admin.php b/admin/list-admin.php deleted file mode 100644 index cade867..0000000 --- a/admin/list-admin.php +++ /dev/null @@ -1,29 +0,0 @@ - -// Copyright (c) 2022 High5! -// License Info: LICENSE.TXT -// -// File: list-admin.php -// -// Template File: list-admin.tpl -// -// Template Variables: -// -// list_admins -// -// Form POST / GET Variables: -// -// -none- -// -require '../functions.inc.php'; -include '../languages/' . check_language() . '.lang'; - -$list_admins = list_admins(); - -include '../templates/header.tpl'; -include '../templates/admin_menu.tpl'; -include '../templates/admin_list-admin.tpl'; -include '../templates/footer.tpl'; -?> diff --git a/admin/list-domain.php b/admin/list-domain.php deleted file mode 100644 index 278f796..0000000 --- a/admin/list-domain.php +++ /dev/null @@ -1,36 +0,0 @@ - -// Copyright (c) 2022 High5! -// License Info: LICENSE.TXT -// -// File: list-domain.php -// -// Template File: admin_list-domain.tpl -// -// Template Variables: -// -// list_domains -// -// Form POST / GET Variables: -// -// username -// -require_once '../functions.inc.php'; -include '../languages/' . check_language() . '.lang'; - -$list_admins = list_admins(); - -if ($_SERVER['REQUEST_METHOD'] == "GET") { - $username = filter_input(INPUT_GET, 'username', FILTER_VALIDATE_EMAIL); - $list_domains = list_domains($username); -} else { - $list_domains = list_domains(); -} - -include '../templates/header.tpl'; -include '../templates/admin_menu.tpl'; -include '../templates/admin_list-domain.tpl'; -include '../templates/footer.tpl'; -?> diff --git a/admin/list-virtual.php b/admin/list-virtual.php deleted file mode 100644 index 2eb9ced..0000000 --- a/admin/list-virtual.php +++ /dev/null @@ -1,42 +0,0 @@ - -// Copyright (c) 2022 High5! -// License Info: LICENSE.TXT -// -// File: list-virtual.php -// -// Template File: admin_list-virtual.tpl -// -// Template Variables: -// -// list_alias -// list_mailbox -// -// Form POST / GET Variables: -// -// domain -// offset -// -require_once '../functions.inc.php'; -include '../languages/' . check_language() . '.lang'; - -$list_domains = list_domains(); - -if ($_SERVER['REQUEST_METHOD'] == "GET") { - $offset = filter_input(INPUT_GET, 'offset', FILTER_VALIDATE_INT) ?? '0'; - $limit = PAGE_SIZE; - if (count($list_domains) > 0) { - $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN) ?? $list_domains[0]['domain']; - $domain_key = array_search($domain, array_column($list_domains, 'domain')); - $list_alias = list_aliases($domain, $offset, $limit); - $list_mailbox = list_mailboxes($domain, $offset, $limit); - } -} - -include '../templates/header.tpl'; -include '../templates/admin_menu.tpl'; -include '../templates/admin_list-virtual.tpl'; -include '../templates/footer.tpl'; -?> diff --git a/admin/search.php b/admin/search.php deleted file mode 100644 index dc79b30..0000000 --- a/admin/search.php +++ /dev/null @@ -1,59 +0,0 @@ - -// Copyright (c) 2022 High5! -// License Info: LICENSE.TXT -// -// File: search.php -// -// Template File: search.tpl -// -// Template Variables: -// -// list_alias -// list_mailbox -// -// Form POST / GET Variables: -// -// search -// -require_once '../functions.inc.php'; -include '../languages/' . check_language() . '.lang'; - -$list_domains = list_domains(); - -if ($_SERVER['REQUEST_METHOD'] == "POST") { - $search = filter_input(INPUT_POST, 'search', FILTER_DEFAULT); - - if (isset($search)) { - $dbh = pdo_connect(); - $sth = $dbh->prepare("SELECT alias.address,alias.goto,alias.modified,alias.domain FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.address LIKE ? AND mailbox.maildir IS NULL ORDER BY alias.address"); - $sth->bindValue(1, '%'.$search.'%', PDO::PARAM_STR); - $sth->execute(); - $list_alias = $sth->fetchAll(); - foreach ($list_alias as $key => $value) { - if (!in_array($value['domain'], array_column($list_domains, 'domain'))) { - unset($list_alias[$key]); - } - } - - $sth = $dbh->prepare("SELECT * FROM mailbox WHERE username LIKE ? ORDER BY username"); - $sth->bindValue(1, '%'.$search.'%', PDO::PARAM_STR); - $sth->execute(); - $list_mailbox = $sth->fetchAll(); - foreach ($list_mailbox as $key => $value) { - if (!in_array($value['domain'], array_column($list_domains, 'domain'))) { - unset($list_mailbox[$key]); - } - } - } else { - $list_alias = array(); - $list_mailbox = array(); - } -} -include '../templates/header.tpl'; -include '../templates/admin_menu.tpl'; -include '../templates/search.tpl'; -include '../templates/footer.tpl'; -?> diff --git a/admin/viewlog.php b/admin/viewlog.php deleted file mode 100644 index b8eaec0..0000000 --- a/admin/viewlog.php +++ /dev/null @@ -1,43 +0,0 @@ - -// Copyright (c) 2022 High5! -// License Info: LICENSE.TXT -// -// File: viewlog.php -// -// Template File: viewlog.tpl -// -// Template Variables: -// -// log -// -// Form POST / GET Variables: -// -// domain -// -require_once '../functions.inc.php'; -include '../languages/' . check_language() . '.lang'; - -$list_domains = list_domains(); - -if ($_SERVER['REQUEST_METHOD'] == "GET") { - $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN) ?? $list_domains[0]['domain']; - $domain_key = array_search($domain, array_column($list_domains, 'domain')); - $domain_exist = in_array($domain, array_column($list_domains, 'domain')); - - if ($domain_exist) { - $dbh = pdo_connect(); - $sth = $dbh->prepare("SELECT * FROM log WHERE domain=? ORDER BY timestamp DESC LIMIT 10"); - $sth->bindParam(1, $domain, PDO::PARAM_STR); - $sth->execute(); - $log = $sth->fetchAll(); - } -} - -include '../templates/header.tpl'; -include '../templates/admin_menu.tpl'; -include '../templates/viewlog.tpl'; -include '../templates/footer.tpl'; -?> diff --git a/delete.php b/delete.php index 022631a..1634808 100644 --- a/delete.php +++ b/delete.php @@ -13,7 +13,7 @@ // // message // -// Form POST / GET Variables: +// POST / GET Variables: // // table // where diff --git a/edit-alias.php b/edit-alias.php index c271581..bb066d9 100644 --- a/edit-alias.php +++ b/edit-alias.php @@ -14,7 +14,7 @@ // message // goto // -// Form POST / GET Variables: +// POST / GET Variables: // // address // domain @@ -24,9 +24,16 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$list_domains = list_domains($SESSID_USERNAME); +$PERMISSIONS = check_permissions(); $admin = $SESSID_USERNAME ?? ADMIN_EMAIL; +if ($PERMISSIONS == ADMIN_RIGHTS) { + $list_domains = list_domains(); + $list_admins = list_admins(); +} else { + $list_domains = list_domains($SESSID_USERNAME); +} + if ($_SERVER['REQUEST_METHOD'] == "GET") { $address = filter_input(INPUT_GET, 'address', FILTER_VALIDATE_EMAIL); $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN); @@ -88,7 +95,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { } } include './templates/header.tpl'; -include './templates/admin_menu.tpl'; +include './templates/menu.tpl'; include './templates/edit-alias.tpl'; include './templates/footer.tpl'; ?> diff --git a/edit-mailbox.php b/edit-mailbox.php index f225334..680e293 100644 --- a/edit-mailbox.php +++ b/edit-mailbox.php @@ -14,7 +14,7 @@ // message // name // -// Form POST / GET Variables: +// POST / GET Variables: // // username // domain @@ -26,9 +26,16 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$list_domains = list_domains($SESSID_USERNAME); +$PERMISSIONS = check_permissions(); $admin = $SESSID_USERNAME ?? ADMIN_EMAIL; +if ($PERMISSIONS == ADMIN_RIGHTS) { + $list_domains = list_domains(); + $list_admins = list_admins(); +} else { + $list_domains = list_domains($SESSID_USERNAME); +} + if ($_SERVER['REQUEST_METHOD'] == "GET") { $username = strtolower(filter_input(INPUT_GET, 'username', FILTER_DEFAULT)); $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN); @@ -94,7 +101,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { } } include './templates/header.tpl'; -include './templates/admin_menu.tpl'; +include './templates/menu.tpl'; include './templates/edit-mailbox.tpl'; include './templates/footer.tpl'; ?> diff --git a/functions.inc.php b/functions.inc.php index 19b6e17..a8b8fec 100644 --- a/functions.inc.php +++ b/functions.inc.php @@ -43,6 +43,12 @@ function check_session($session = "sessid") { return $_SESSION[$session]['username']; } +function check_permissions($session = "sessid") { + if (!empty($_SESSION[$session]['rights'])) { + return $_SESSION[$session]['rights']; + } +} + // // check_language // Action: checks what language the browser uses diff --git a/index.php b/index.php index ca5d939..9969344 100644 --- a/index.php +++ b/index.php @@ -13,7 +13,7 @@ // // -none- // -// Form POST / GET Variables: +// POST / GET Variables: // // -none- // diff --git a/languages/en.lang b/languages/en.lang index 7b15caa..d8bd600 100644 --- a/languages/en.lang +++ b/languages/en.lang @@ -11,49 +11,46 @@ $LANG['confirm'] = 'Are you sure you want to delete this?\n'; $LANG['confirm_domain'] = 'Do you really want to delete all records for this domain?\nThis can not be undone! '; $LANG['check_update'] = 'Check for update'; -$LANG['Login_welcome'] = 'Mail admins login here to administer your domain.'; +$LANG['Login_welcome'] = 'Mail admins login here to administer your domain'; $LANG['Login_username'] = 'Login (email)'; $LANG['Login_password'] = 'Password'; $LANG['Login_button'] = 'Login'; $LANG['Login_incorrect'] = 'Your login or password is not correct.'; $LANG['Login_login_users'] = 'Users click here to login to the user section.'; -$LANG['Menu_overview'] = 'List Domains'; -$LANG['Menu_create_alias'] = 'Add Alias'; -$LANG['Menu_create_mailbox'] = 'Add Mailbox'; +$LANG['Menu_list_domain'] = 'List Domains'; +$LANG['Menu_list_virtual'] = 'List Virtuals'; +$LANG['Menu_add_alias'] = 'Add Alias'; +$LANG['Menu_add_mailbox'] = 'Add Mailbox'; $LANG['Menu_sendmail'] = 'Send Email'; $LANG['Menu_password'] = 'Password'; $LANG['Menu_viewlog'] = 'View Log'; $LANG['Menu_logout'] = 'Logout'; -$LANG['Overview_disabled'] = 'Disabled'; -$LANG['Overview_unlimited'] = 'Unlimited'; -$LANG['Overview_title'] = ':: Defined Domains'; -$LANG['Overview_up_arrow'] = 'Go Top'; -$LANG['Overview_right_arrow'] = 'Next Page'; -$LANG['Overview_left_arrow'] = 'Previus Page'; -$LANG['Overview_alias_title'] = ':: Alias'; -$LANG['Overview_mailbox_title'] = ':: Mailboxes'; -$LANG['Overview_button'] = 'Go'; -$LANG['Overview_welcome'] = 'Overview for '; -$LANG['Overview_alias_alias_count'] = 'Aliases'; -$LANG['Overview_alias_mailbox_count'] = 'Mailboxes'; -$LANG['Overview_alias_address'] = 'From'; -$LANG['Overview_alias_goto'] = 'To'; -$LANG['Overview_alias_modified'] = 'Last Modified'; -$LANG['Overview_mailbox_username'] = 'Email'; -$LANG['Overview_mailbox_name'] = 'Name'; -$LANG['Overview_mailbox_modified'] = 'Last Modified'; +$LANG['List_modified'] = 'Last Modified'; +$LANG['List_button'] = 'Go'; +$LANG['List_up_arrow'] = 'Top'; +$LANG['List_right_arrow'] = 'Next Page'; +$LANG['List_left_arrow'] = 'Previous Page'; -$LANG['Overview_get_domain'] = 'Domain'; -$LANG['Overview_get_aliases'] = 'Aliases'; -$LANG['Overview_get_mailboxes'] = 'Mailboxes'; -$LANG['Overview_get_modified'] = 'Last Modified'; +$LANG['List_domain_domain'] = 'Domain'; +$LANG['List_domain_description'] = 'Description'; +$LANG['List_domain_aliases'] = 'Aliases'; +$LANG['List_domain_mailboxes'] = 'Mailboxes'; +$LANG['List_domain_unlimited'] = 'unlimited'; + +$LANG['List_virtual_welcome'] = 'Overview for '; +$LANG['List_virtual_alias_title'] = ':: Alias'; +$LANG['List_virtual_alias_address'] = 'From'; +$LANG['List_virtual_alias_goto'] = 'To'; +$LANG['List_virtual_mailbox_title'] = ':: Mailboxes'; +$LANG['List_virtual_mailbox_username'] = 'Email'; +$LANG['List_virtual_mailbox_name'] = 'Name'; $LANG['Delete_delete_error'] = 'Unable to delete the entry '; $LANG['Delete_domain_error'] = 'This domain is not yours '; -$LANG['Add_alias_welcome'] = 'Create a new alias for your domain.'; +$LANG['Add_alias_welcome'] = 'Create a new alias for your domain'; $LANG['Add_alias_address'] = 'Alias'; $LANG['Add_alias_address_text_error1'] = 'The ALIAS or TO is not valid.'; $LANG['Add_alias_address_text_error2'] = 'You have reached your limit to create aliases.'; @@ -64,7 +61,7 @@ $LANG['Add_alias_result_error'] = 'This email address al $LANG['Add_alias_result_succes'] = 'The alias has been added to the alias table.'; $LANG['Add_alias_catchall_text'] = 'To create a catch-all use an "*" as alias.
For domain to domain forwarding use "*@domain.tld" as to.'; -$LANG['Edit_alias_welcome'] = 'Edit an alias for your domain.
One entry per line.'; +$LANG['Edit_alias_welcome'] = 'Edit an alias for your domain
one entry per line'; $LANG['Edit_alias_address'] = 'Alias'; $LANG['Edit_alias_address_error'] = 'Unable to locate alias.'; $LANG['Edit_alias_goto'] = 'To'; @@ -74,7 +71,7 @@ $LANG['Edit_alias_domain_error'] = 'This domain is not y $LANG['Edit_alias_button'] = 'Edit Alias'; $LANG['Edit_alias_result_error'] = 'Unable to modify the alias.'; -$LANG['Add_mailbox_welcome'] = 'Create a new mailbox for your domain.'; +$LANG['Add_mailbox_welcome'] = 'Create a new mailbox for your domain'; $LANG['Add_mailbox_username'] = 'Username'; $LANG['Add_mailbox_username_text_error1'] = 'The USERNAME is not valid.'; $LANG['Add_mailbox_username_text_error2'] = 'This email address already exists, please choose a different one.'; @@ -90,7 +87,7 @@ $LANG['Add_mailbox_button'] = 'Add Mailbox'; $LANG['Add_mailbox_result_error'] = 'Unable to add the mailbox to the mailbox table.'; $LANG['Add_mailbox_result_succes'] = 'The mailbox has been added to the mailbox table.'; -$LANG['Edit_mailbox_welcome'] = 'Edit a mailbox for your domain.'; +$LANG['Edit_mailbox_welcome'] = 'Edit a mailbox for your domain'; $LANG['Edit_mailbox_username'] = 'Username'; $LANG['Edit_mailbox_username_error'] = 'Unable to locate mailbox.'; $LANG['Edit_mailbox_password'] = 'New Password'; @@ -101,7 +98,7 @@ $LANG['Edit_mailbox_domain_error'] = 'This domain is not $LANG['Edit_mailbox_button'] = 'Edit Mailbox'; $LANG['Edit_mailbox_result_error'] = 'Unable to modify the mailbox.'; -$LANG['Password_welcome'] = 'Change your login password.'; +$LANG['Password_welcome'] = 'Change your login password'; $LANG['Password_admin'] = 'Login'; $LANG['Password_admin_text_error'] = 'The LOGIN that you supplied doesn\'t match a mailbox.'; $LANG['Password_password_current'] = 'Current Password'; @@ -122,7 +119,7 @@ $LANG['Viewlog_data'] = 'Data'; $LANG['Viewlog_button'] = 'Go'; $LANG['Viewlog_result_error'] = 'Unable to find the logs.'; -$LANG['Sendmail_welcome'] = 'Send an email.'; +$LANG['Sendmail_welcome'] = 'Send an email'; $LANG['Sendmail_admin'] = 'From'; $LANG['Sendmail_to'] = 'To'; $LANG['Sendmail_to_text_error'] = 'TO is empty or is not a valid email address.'; @@ -136,7 +133,6 @@ $LANG['Sendmail_result_succes'] = 'The mailbox has been created.'; $LANG['AdminMenu_list_domain'] = 'List Domains'; $LANG['AdminMenu_list_admin'] = 'List Admins'; -$LANG['AdminMenu_list_virtual'] = 'List Virtuals'; $LANG['AdminMenu_viewlog'] = 'View Log'; $LANG['AdminMenu_backup'] = 'Backup'; $LANG['AdminMenu_create_domain_admins'] = 'Domain Admins'; @@ -210,7 +206,7 @@ $LANG['AdminEdit_admin_button'] = 'Edit Admin'; $LANG['AdminEdit_admin_result_error'] = 'Unable to modify admin.'; $LANG['AdminEdit_admin_result_succes'] = 'Admin has been modified.'; -$LANG['UsersLogin_welcome'] = 'Mailbox users login to change your password and aliases.'; +$LANG['UsersLogin_welcome'] = 'Mailbox users login to change your password and aliases'; $LANG['UsersLogin_username'] = 'Login (email)'; $LANG['UsersLogin_password'] = 'Password'; $LANG['UsersLogin_button'] = 'Login'; @@ -221,7 +217,7 @@ $LANG['UsersMenu_vacation'] = 'Auto Response'; $LANG['UsersMenu_edit_alias'] = 'Change your forward'; $LANG['UsersMenu_password'] = 'Change Password'; -$LANG['UsersVacation_welcome'] = 'Auto Response.'; +$LANG['UsersVacation_welcome'] = 'Auto Response'; $LANG['UsersVacation_welcome_text'] = 'You already have an auto response configured.'; $LANG['UsersVacation_subject'] = 'Subject'; $LANG['UsersVacation_subject_text'] = 'Out of Office'; diff --git a/list-domain.php b/list-domain.php index 8ac84c4..19cd5ae 100644 --- a/list-domain.php +++ b/list-domain.php @@ -21,8 +21,21 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$list_domains = list_domains($SESSID_USERNAME); +$PERMISSIONS = check_permissions(); +if ($_SERVER['REQUEST_METHOD'] == "GET") { + $username = filter_input(INPUT_GET, 'username', FILTER_VALIDATE_EMAIL); + if ($PERMISSIONS == ADMIN_RIGHTS) { + $list_admins = list_admins(); + if (empty($username)) { + $list_domains = list_domains(); + } else { + $list_domains = list_domains($username); + } + } else { + $list_domains = list_domains($SESSID_USERNAME); + } +} include './templates/header.tpl'; include './templates/menu.tpl'; include './templates/list-domain.tpl'; diff --git a/list-virtual.php b/list-virtual.php index ce380e6..6ec0b7d 100644 --- a/list-virtual.php +++ b/list-virtual.php @@ -14,7 +14,7 @@ // list_alias // list_mailbox // -// Form POST / GET Variables: +// POST / GET Variables: // // domain // offset @@ -23,12 +23,18 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$list_domains = list_domains($SESSID_USERNAME); +$PERMISSIONS = check_permissions(); + +if ($PERMISSIONS == ADMIN_RIGHTS) { + $list_domains = list_domains(); +} else { + $list_domains = list_domains($SESSID_USERNAME); +} if ($_SERVER['REQUEST_METHOD'] == "GET") { $offset = filter_input(INPUT_GET, 'offset', FILTER_VALIDATE_INT) ?? '0'; $limit = PAGE_SIZE; - $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN); + $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN) ?? $list_domains[0]['domain']; if (in_array($domain, array_column($list_domains, 'domain'))) { $domain_key = array_search($domain, array_column($list_domains, 'domain')); $list_alias = list_aliases($domain, $offset, $limit); diff --git a/login.php b/login.php index f1b237b..ad4aead 100644 --- a/login.php +++ b/login.php @@ -28,24 +28,24 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if (!empty($username) && !empty($password)) { $dbh = pdo_connect(); - $sth = $dbh->prepare("SELECT password FROM admin WHERE username=?"); + $sth = $dbh->prepare("SELECT password,rights FROM admin WHERE username=?"); $sth->bindParam(1, $username, PDO::PARAM_STR); $sth->execute(); - $row = $sth->fetch(PDO::FETCH_COLUMN); + $row = $sth->fetch(PDO::FETCH_ASSOC); } - if (!empty($row)) { - if (!password_verify($password, $row)) { + if (!empty($row['password'])) { + if (!password_verify($password, $row['password'])) { $message = $LANG['Login_incorrect']; } } else { $message = $LANG['Login_incorrect']; } - if (empty($message)) { session_start(); $_SESSION['sessid']['username'] = $username; + $_SESSION['sessid']['rights'] = $row['rights']; header("Location: list-domain.php"); exit; } diff --git a/logout.php b/logout.php index f837b17..bcfabf0 100644 --- a/logout.php +++ b/logout.php @@ -13,7 +13,7 @@ // // -none- // -// Form POST / GET Variables: +// POST / GET Variables: // // -none- // diff --git a/password.php b/password.php index 5f9280c..a597172 100644 --- a/password.php +++ b/password.php @@ -13,7 +13,7 @@ // // message // -// Form POST / GET Variables: +// POST / GET Variables: // // password_current // password1 @@ -23,6 +23,15 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); +$PERMISSIONS = check_permissions(); +$admin = $SESSID_USERNAME ?? ADMIN_EMAIL; + +if ($PERMISSIONS == ADMIN_RIGHTS) { + $list_domains = list_domains(); + $list_admins = list_admins(); +} else { + $list_domains = list_domains($SESSID_USERNAME); +} if ($_SERVER['REQUEST_METHOD'] == "POST") { $username = $SESSID_USERNAME; diff --git a/search.php b/search.php index 7cb0646..51dafff 100644 --- a/search.php +++ b/search.php @@ -14,7 +14,7 @@ // list_alias // list_mailbox // -// Form POST / GET Variables: +// POST / GET Variables: // // search // @@ -22,7 +22,13 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$list_domains = list_domains($SESSID_USERNAME); +$PERMISSIONS = check_permissions(); + +if ($PERMISSIONS == ADMIN_RIGHTS) { + $list_domains = list_domains(); +} else { + $list_domains = list_domains($SESSID_USERNAME); +} if ($_SERVER['REQUEST_METHOD'] == "POST") { $search = filter_input(INPUT_POST, 'search', FILTER_DEFAULT); diff --git a/sendmail.php b/sendmail.php index 18a4943..a6ba630 100644 --- a/sendmail.php +++ b/sendmail.php @@ -16,7 +16,7 @@ // subject // body // -// Form POST / GET Variables: +// POST / GET Variables: // // to // subject @@ -26,6 +26,15 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); +$PERMISSIONS = check_permissions(); +$admin = $SESSID_USERNAME ?? ADMIN_EMAIL; + +if ($PERMISSIONS == ADMIN_RIGHTS) { + $list_domains = list_domains(); + $list_admins = list_admins(); +} else { + $list_domains = list_domains($SESSID_USERNAME); +} if ($_SERVER['REQUEST_METHOD'] == "POST") { $to = strtolower(filter_input(INPUT_POST, 'to', FILTER_VALIDATE_EMAIL)); diff --git a/stylesheet.css b/stylesheet.css index 0b35034..b81f490 100644 --- a/stylesheet.css +++ b/stylesheet.css @@ -163,7 +163,7 @@ a:visited, a:active { border-left: 4px solid #40B33C; } -#overview, #admin_domains, #admin_virtual { +#overview { width: 1024px; margin: 0 auto; background: #AFE1A6; /*#9ACD32;*/ diff --git a/templates/add-alias.tpl b/templates/add-alias.tpl index 1f4cdcf..4be8b03 100644 --- a/templates/add-alias.tpl +++ b/templates/add-alias.tpl @@ -13,7 +13,7 @@ foreach ($list_domains as $row) { echo '\n"; + echo ">" . $row['domain'] . ""; } ?> diff --git a/templates/add-mailbox.tpl b/templates/add-mailbox.tpl index 26f3cce..fb174ff 100644 --- a/templates/add-mailbox.tpl +++ b/templates/add-mailbox.tpl @@ -13,7 +13,7 @@ foreach ($list_domains as $row) { echo '\n"; + echo ">" . $row['domain'] . ""; } ?> diff --git a/templates/admin_admin.tpl b/templates/admin_admin.tpl index 4c92fb9..53fd0ee 100644 --- a/templates/admin_admin.tpl +++ b/templates/admin_admin.tpl @@ -32,7 +32,7 @@ foreach ($list_domains as $row) { echo '\n"; + echo ">" . $row['domain'] . ""; } ?> diff --git a/templates/admin_list-admin.tpl b/templates/admin_list-admin.tpl index 47d31ee..4020f60 100644 --- a/templates/admin_list-admin.tpl +++ b/templates/admin_list-admin.tpl @@ -1,24 +1,24 @@ 0) { - echo "\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; + echo "
" . $LANG['AdminList_admin_username'] . "" . $LANG['AdminList_admin_count'] . "" . $LANG['AdminList_admin_modified'] . " 
"; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; foreach ($list_admins as $row) { - echo " \n"; + echo " "; echo " "; echo " "; echo " "; echo " "; echo " "; - echo " \n"; + echo " "; } - echo "
" . $LANG['AdminList_admin_username'] . "" . $LANG['AdminList_admin_count'] . "" . $LANG['AdminList_admin_modified'] . " 
" . $row['username'] . "" . $row['domain_count'] . "" . $row['modified'] . "" . $LANG['edit'] . "" . $LANG['del'] . "
\n"; + echo ""; } ?> diff --git a/templates/admin_list-domain.tpl b/templates/admin_list-domain.tpl index 366f82f..5bf5a8b 100644 --- a/templates/admin_list-domain.tpl +++ b/templates/admin_list-domain.tpl @@ -1,12 +1,12 @@
- 0) { foreach ($list_admins as $row) { echo '\n"; + echo ">" . $row['username'] . ""; } } ?> @@ -19,17 +19,17 @@ if (count($list_admins) > 0) {
0) { - echo "\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; + echo "
" . $LANG['AdminList_domain_domain'] . "" . $LANG['AdminList_domain_description'] . "" . $LANG['AdminList_domain_aliases'] . "" . $LANG['AdminList_domain_mailboxes'] . "" . $LANG['AdminList_domain_modified'] . " 
"; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; foreach ($list_domains as $row) { - echo " \n"; + echo " "; echo ""; echo ""; echo ""; @@ -37,9 +37,8 @@ if (count($list_domains) > 0) { echo ""; echo ""; echo ""; - echo "\n"; + echo ""; } - - echo "
" . $LANG['AdminList_domain_domain'] . "" . $LANG['AdminList_domain_description'] . "" . $LANG['AdminList_domain_aliases'] . "" . $LANG['AdminList_domain_mailboxes'] . "" . $LANG['AdminList_domain_modified'] . " 
" . $row['domain'] . "" . $row['description'] . "" . $row['alias_count'] . " / " . $row['aliases'] . "" . $row['modified'] . "" . $LANG['edit'] . "" . $LANG['del'] . "
\n"; + echo ""; } ?> diff --git a/templates/admin_list-virtual.tpl b/templates/admin_list-virtual.tpl index 6688e7d..6a15e0a 100644 --- a/templates/admin_list-virtual.tpl +++ b/templates/admin_list-virtual.tpl @@ -6,7 +6,7 @@ if (count($list_domains) > 0) { foreach ($list_domains as $row) { echo '\n"; + echo ">" . $row['domain'] . ""; } } ?> @@ -26,65 +26,65 @@ if (count($list_domains) > 0) { $limit || $list_domains[$domain_key]['mailbox_count'] > $limit) { - echo "
\n"; + echo "
"; if ($offset >= $limit) { - echo "\n"; + echo ""; } if (($list_domains[$domain_key]['alias_count'] > $limit) || ($list_domains[$domain_key]['mailbox_count'] > $limit)) { - echo "\n"; + echo ""; } if ((($offset + $limit) < $list_domains[$domain_key]['alias_count']) || (($offset + $limit) < $list_domains[$domain_key]['mailbox_count'])) { - echo "\n"; + echo ""; } - echo "
\n"; + echo "
"; } if (count($list_alias) > 0) { - echo "\n"; - echo " \n"; + echo "
"; + echo " "; echo " "; echo " "; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; foreach ($list_alias as $row) { - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; } - echo "

" . $LANG['Overview_alias_title'] . "

" . $LANG['AdminList_virtual_alias_address'] . "" . $LANG['AdminList_virtual_alias_goto'] . "" . $LANG['AdminList_virtual_alias_modified'] . " 
" . $LANG['AdminList_virtual_alias_address'] . "" . $LANG['AdminList_virtual_alias_goto'] . "" . $LANG['AdminList_virtual_alias_modified'] . " 
" . $row['address'] . "" . preg_replace("/,/", "
", $row['goto']) . "		" . $row['modified'] . "" . $LANG['edit'] . "" . $LANG['del'] . "
" . $row['address'] . "" . preg_replace("/,/", "
", $row['goto']) . "		" . $row['modified'] . "" . $LANG['edit'] . "" . $LANG['del'] . "
\n"; + echo ""; } if (count($list_mailbox) > 0) { - echo "\n"; - echo " \n"; + echo "
"; + echo " "; echo " "; echo " "; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; foreach ($list_mailbox as $row) { - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; } - echo "

" . $LANG['Overview_mailbox_title'] . "

" . $LANG['AdminList_virtual_mailbox_username'] . "" . $LANG['AdminList_virtual_mailbox_name'] . "" . $LANG['AdminList_virtual_mailbox_modified'] . " 
" . $LANG['AdminList_virtual_mailbox_username'] . "" . $LANG['AdminList_virtual_mailbox_name'] . "" . $LANG['AdminList_virtual_mailbox_modified'] . " 
" . $row['username'] . "" . $row['name'] . "" . $row['modified'] . "" . $LANG['edit'] . "" . $LANG['del'] . "
" . $row['username'] . "" . $row['name'] . "" . $row['modified'] . "" . $LANG['edit'] . "" . $LANG['del'] . "
\n"; + echo ""; } ?> diff --git a/templates/admin_menu.tpl b/templates/admin_menu.tpl index b9eda7a..bfe8370 100644 --- a/templates/admin_menu.tpl +++ b/templates/admin_menu.tpl @@ -3,10 +3,13 @@
    • +
    • +
    • +
    • diff --git a/templates/edit-alias.tpl b/templates/edit-alias.tpl index 30313b2..8ee1dc7 100644 --- a/templates/edit-alias.tpl +++ b/templates/edit-alias.tpl @@ -14,7 +14,7 @@ diff --git a/templates/footer.tpl b/templates/footer.tpl index 4fbca6c..40fdfe3 100644 --- a/templates/footer.tpl +++ b/templates/footer.tpl @@ -3,7 +3,7 @@ " . FOOTER_TEXT . "\n"; + echo "" . FOOTER_TEXT . ""; } ?> diff --git a/templates/header.tpl b/templates/header.tpl index fbd6649..705f4dc 100644 --- a/templates/header.tpl +++ b/templates/header.tpl @@ -11,8 +11,8 @@ \n"; -if (file_exists(realpath("../stylesheet.css"))) echo "\n"; +if (file_exists(realpath("./stylesheet.css"))) echo ""; +if (file_exists(realpath("../stylesheet.css"))) echo ""; ?> OpenSMTPD Admin - <?php echo $_SERVER['HTTP_HOST']; ?> @@ -20,15 +20,15 @@ if (file_exists(realpath("../stylesheet.css"))) echo " \n"; - echo "\n"; + echo ""; + echo ""; } if (file_exists(realpath("../stylesheet.css"))) { - echo "\n"; - echo "\n"; + echo ""; + echo ""; } if (SHOW_HEADER == "YES" && HEADER_TEXT) { - echo "

    " . HEADER_TEXT . "

    \n"; + echo "

    " . HEADER_TEXT . "

    "; } ?> diff --git a/templates/list-domain.tpl b/templates/list-domain.tpl index a00158a..f3f1a1b 100644 --- a/templates/list-domain.tpl +++ b/templates/list-domain.tpl @@ -1,28 +1,47 @@
    + + + + + Search:
    \n"; -echo " \n"; -echo "

    ".$LANG['Overview_title']."

    "; -echo " "; -echo " \n"; -echo " " . $LANG['Overview_get_domain'] . "\n"; -echo " " . $LANG['Overview_get_aliases'] . "\n"; -echo " " . $LANG['Overview_get_mailboxes'] . "\n"; -echo " \n"; -foreach ($list_domains as $row) { - if ($row['aliases'] == 0) $row['aliases'] = $LANG['Overview_unlimited']; - if ($row['mailboxes'] == 0) $row['mailboxes'] = $LANG['Overview_unlimited']; - if ($row['aliases'] < 0) $row['aliases'] = $LANG['Overview_disabled']; - if ($row['mailboxes'] < 0) $row['mailboxes'] = $LANG['Overview_disabled']; - echo " \n"; - echo " " . $row['domain'] . "\n"; - echo " " . $row['alias_count'] . " / " . $row['aliases'] . "\n"; - echo " " . $row['mailbox_count'] . " / " . $row['mailboxes'] . "\n"; - echo " \n"; +if (count($list_domains) > 0) { + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + if ($PERMISSIONS == ADMIN_RIGHTS) echo ""; + echo ""; + foreach ($list_domains as $row) { + if ($row['aliases'] == 0) $row['aliases'] = $LANG['List_domain_unlimited']; + if ($row['mailboxes'] == 0) $row['mailboxes'] = $LANG['List_domain_unlimited']; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + if ($PERMISSIONS == ADMIN_RIGHTS) echo ""; + if ($PERMISSIONS == ADMIN_RIGHTS) echo ""; + echo " "; + } +echo "
    " . $LANG['List_domain_domain'] . "" . $LANG['List_domain_description'] . "" . $LANG['List_domain_aliases'] . "" . $LANG['List_domain_mailboxes'] . "" . $LANG['List_modified'] . " 
    " . $row['domain'] . "" . $row['description'] . "" . $row['alias_count'] . " / " . $row['aliases'] . "" . $row['mailbox_count'] . " / " . $row['mailboxes'] . "" . $row['modified'] . "" . $LANG['edit'] . "" . $LANG['del'] . "
    "; } -echo "\n"; -?> + diff --git a/templates/list-virtual.tpl b/templates/list-virtual.tpl index 93c7bd6..557aabb 100644 --- a/templates/list-virtual.tpl +++ b/templates/list-virtual.tpl @@ -6,22 +6,20 @@ if (count($list_domains) > 0) { foreach ($list_domains as $row) { echo '\n"; + echo ">" . $row['domain'] . ""; } } -if ($list_domains[$domain_key]['aliases'] == 0) $list_domains[$domain_key]['aliases'] = $LANG['Overview_unlimited']; -if ($list_domains[$domain_key]['aliases'] < 0) $list_domains[$domain_key]['aliases'] = $LANG['Overview_disabled']; -if ($list_domains[$domain_key]['mailboxes'] == 0) $list_domains[$domain_key]['mailboxes'] = $LANG['Overview_unlimited']; -if ($list_domains[$domain_key]['mailboxes'] < 0) $list_domains[$domain_key]['mailboxes'] = $LANG['Overview_disabled']; +if ($list_domains[$domain_key]['aliases'] == 0) $list_domains[$domain_key]['aliases'] = $LANG['List_domain_unlimited']; +if ($list_domains[$domain_key]['mailboxes'] == 0) $list_domains[$domain_key]['mailboxes'] = $LANG['List_domain_unlimited']; ?> - + -

    -

    -

    +

    +

    +

    @@ -29,66 +27,66 @@ if ($list_domains[$domain_key]['mailboxes'] < 0) $list_domains[$domain_key]['mai $limit || $list_domains[$domain_key]['mailbox_count'] > $limit) { - echo "
    \n"; + echo "
    "; if ($offset >= $limit) { - echo "\n"; + echo ""; } if (($list_domains[$domain_key]['alias_count'] > $limit) || ($list_domains[$domain_key]['mailbox_count'] > $limit)) { - echo "\n"; + echo ""; } if ((($offset + $limit) < $list_domains[$domain_key]['alias_count']) || (($offset + $limit) < $list_domains[$domain_key]['mailbox_count'])) { - echo "\n"; + echo ""; } - echo "
    \n"; + echo "
    "; } if (count($list_alias) > 0) { - echo "\n"; - echo " \n"; - echo " "; - echo " "; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; + echo "

    ".$LANG['Overview_alias_title']."

    " . $LANG['Overview_alias_address'] . "" . $LANG['Overview_alias_goto'] . "" . $LANG['Overview_alias_modified'] . " 
    "; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; foreach ($list_alias as $row) { - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; } - echo "

    " . $LANG['List_virtual_alias_title'] . "

    " . $LANG['List_virtual_alias_address'] . "" . $LANG['List_virtual_alias_goto'] . "" . $LANG['List_modified'] . " 
    " . $row['address'] . "" . preg_replace("/,/", "
    ", $row['goto']) . "    		" . $row['modified'] . "" . $LANG['edit'] . "" . $LANG['del'] . "
    " . $row['address'] . "" . preg_replace("/,/", "
    ", $row['goto']) . "    		" . $row['modified'] . "" . $LANG['edit'] . "" . $LANG['del'] . "
    \n"; + echo ""; } if (count($list_mailbox) > 0) { - echo "\n"; - echo " \n"; - echo " "; - echo " "; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; + echo "

    ".$LANG['Overview_mailbox_title']."

    " . $LANG['Overview_mailbox_username'] . "" . $LANG['Overview_mailbox_name'] . "" . $LANG['Overview_mailbox_modified'] . " 
    "; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; foreach ($list_mailbox as $row) { - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; } - echo "

    " . $LANG['List_virtual_mailbox_title'] . "

    " . $LANG['List_virtual_mailbox_username'] . "" . $LANG['List_virtual_mailbox_name'] . "" . $LANG['List_modified'] . " 
    " . $row['username'] . "" . $row['name'] . "" . $row['modified'] . "" . $LANG['edit'] . "" . $LANG['del'] . "
    " . $row['username'] . "" . $row['name'] . "" . $row['modified'] . "" . $LANG['edit'] . "" . $LANG['del'] . "
    \n"; + echo ""; } ?> diff --git a/templates/menu.tpl b/templates/menu.tpl index 20902c0..09fed86 100644 --- a/templates/menu.tpl +++ b/templates/menu.tpl @@ -1,17 +1,27 @@ \n"; + echo "
    "; include("motd.txt"); echo "
    "; } diff --git a/templates/search.tpl b/templates/search.tpl index 5ceca7e..04e4f62 100644 --- a/templates/search.tpl +++ b/templates/search.tpl @@ -6,50 +6,50 @@ 0) { - echo "\n"; - echo " \n"; - echo " "; + echo "

    ".$LANG['Overview_alias_title']."

    "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; echo " "; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; foreach ($list_alias as $row) { - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; } - echo "

    " . $LANG['List_virtual_alias_title'] . "

    " . $LANG['List_virtual_alias_address'] . "" . $LANG['List_virtual_alias_goto'] . "" . $LANG['List_modified'] . " 
    " . $LANG['Overview_alias_address'] . "" . $LANG['Overview_alias_goto'] . "" . $LANG['Overview_alias_modified'] . " 
    " . $row['address'] . "" . preg_replace("/,/", "
    ", $row['goto']) . "    		" . $row['modified'] . "" . $LANG['edit'] . "" . $LANG['del'] . "
    " . $row['address'] . "" . preg_replace("/,/", "
    ", $row['goto']) . "    		" . $row['modified'] . "" . $LANG['edit'] . "" . $LANG['del'] . "
    \n"; + echo ""; } if (count($list_mailbox) > 0) { - echo "\n"; - echo " \n"; - echo " "; + echo "

    ".$LANG['Overview_mailbox_title']."

    "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; echo " "; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; foreach ($list_mailbox as $row) { - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; } - echo "

    " . $LANG['List_virtual_mailbox_title'] . "

    " . $LANG['List_virtual_mailbox_username'] . "" . $LANG['List_virtual_mailbox_name'] . "" . $LANG['List_modified'] . " 
    " . $LANG['Overview_mailbox_username'] . "" . $LANG['Overview_mailbox_name'] . "" . $LANG['Overview_mailbox_modified'] . " 
    " . $row['username'] . "" . $row['name'] . "" . $row['modified'] . "" . $LANG['edit'] . "" . $LANG['del'] . "
    " . $row['username'] . "" . $row['name'] . "" . $row['modified'] . "" . $LANG['edit'] . "" . $LANG['del'] . "
    \n"; + echo ""; } ?> diff --git a/templates/users_menu.tpl b/templates/users_menu.tpl index c599a2d..191db98 100644 --- a/templates/users_menu.tpl +++ b/templates/users_menu.tpl @@ -10,7 +10,7 @@ \n"; + echo "
    "; include("../motd-users.txt"); echo "
    "; } diff --git a/templates/viewlog.tpl b/templates/viewlog.tpl index 33a8b1e..d6b6755 100644 --- a/templates/viewlog.tpl +++ b/templates/viewlog.tpl @@ -6,7 +6,7 @@ if (count($list_domains) > 0) { foreach ($list_domains as $row) { echo '\n"; + echo ">" . $row['domain'] . ""; } } ?> @@ -16,29 +16,29 @@ if (count($list_domains) > 0) { 0) { - echo "\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; + echo "

    ".$LANG['Viewlog_welcome']." ".$domain."

    " . $LANG['Viewlog_timestamp'] . "" . $LANG['Viewlog_username'] . "" . $LANG['Viewlog_domain'] . "" . $LANG['Viewlog_action'] . "" . $LANG['Viewlog_data'] . "
    "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; foreach ($log as $row) { if (strlen($row['data']) > 35) $row['data'] = substr($row['data'], 0, 35) . " ..."; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; + echo " "; } - echo "

    ".$LANG['Viewlog_welcome']." ".$domain."

    " . $LANG['Viewlog_timestamp'] . "" . $LANG['Viewlog_username'] . "" . $LANG['Viewlog_domain'] . "" . $LANG['Viewlog_action'] . "" . $LANG['Viewlog_data'] . "
    " . $row['timestamp'] . "" . $row['username'] . "" . $row['domain'] . "" . $row['action'] . "" . $row['data'] . "
    " . $row['timestamp'] . "" . $row['username'] . "" . $row['domain'] . "" . $row['action'] . "" . $row['data'] . "
    \n"; - echo "

    \n"; + echo ""; + echo "

    "; } ?> diff --git a/viewlog.php b/viewlog.php index 6ccfcb4..18a826b 100644 --- a/viewlog.php +++ b/viewlog.php @@ -13,7 +13,7 @@ // // log // -// Form POST / GET Variables: +// POST / GET Variables: // // domain // @@ -21,7 +21,15 @@ require_once './functions.inc.php'; include './languages/' . check_language() . '.lang'; $SESSID_USERNAME = check_session(); -$list_domains = list_domains($SESSID_USERNAME); +$PERMISSIONS = check_permissions(); +$admin = $SESSID_USERNAME ?? ADMIN_EMAIL; + +if ($PERMISSIONS == ADMIN_RIGHTS) { + $list_domains = list_domains(); + $list_admins = list_admins(); +} else { + $list_domains = list_domains($SESSID_USERNAME); +} if ($_SERVER['REQUEST_METHOD'] == "GET") { $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN) ?? $list_domains[0]['domain'];