// Copyright (c) 2022 High5! // License Info: LICENSE.TXT // // File: functions.inc.php // if(preg_match("/functions.inc.php/", $_SERVER['SCRIPT_NAME'])) { header("Location: login.php"); exit; } $version = "1.0.0"; // // Check of debug is enabled or not // if ($CONF['debug'] == 'true') { ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); } else { ini_set('display_errors', 0); ini_set('display_startup_errors', 0); } // // check_session // Action: Check if a session already exists, if not redirect to login.php // Call: check_session() -or- check_user_session() // function check_session() { session_start(); if (!isset($_SESSION['sessid']['username'])) { header("Location: login.php"); exit; } $SESSID_USERNAME = $_SESSION['sessid']['username']; return $SESSID_USERNAME; } function check_user_session() { session_start(); if (!isset($_SESSION['userid']['username'])) { header("Location: login.php"); exit; } $USERID_USERNAME = $_SESSION['userid']['username']; return $USERID_USERNAME; } // // check_language // Action: checks what language the browser uses // Call: check_language // function check_language() { global $CONF; // Currently only English is supported, no need to run through the check now. return $CONF['default_language']; } // // check_string // Action: checks if a string is valid and returns TRUE is this is the case. // Call: check_string(string var) // function check_string($var) { if (preg_match('/^([A-Za-z0-9 ]+)+$/', $var)) { return true; } else { return false; } } // // check_email // Action: Checks if email is valid and returns TRUE if this is the case. // Call: check_email(string email) // function check_email($email) { if (preg_match('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{|}~]+' . '@' . '([-0-9A-Z]+\.)+' . '([0-9A-Z]){2,10}$/i', trim($email))) { return true; } else { return false; } } // // escape_string // Action: Escape a string // Call: escape_string(string string) // function escape_string($string) { global $CONF; $escaped_string = $string; return $escaped_string; } // // get_domain_properties // Action: Get all the properties of a domain. // Call: get_domain_properties(string domain) // function get_domain_properties($domain) { global $CONF; $list = array(); $result = db_query("SELECT COUNT(*) FROM alias WHERE domain='$domain'"); $row = db_row($result['result']); $list['alias_count'] = $row[0]; $result = db_query("SELECT COUNT(*) FROM mailbox WHERE domain='$domain'"); $row = db_row($result['result']); $list['mailbox_count'] = $row[0]; if ($CONF['alias_control'] == "NO") { $list['alias_count'] = $list['alias_count'] - $list['mailbox_count']; } else { $list['alias_count'] = $list['alias_count']; } $result = db_query("SELECT * FROM domain WHERE domain='$domain'"); $row = db_array($result['result']); $list['description'] = $row['description']; $list['aliases'] = $row['aliases']; $list['mailboxes'] = $row['mailboxes']; $list['maxquota'] = $row['maxquota']; $list['transport'] = $row['transport']; $list['backupmx'] = $row['backupmx']; $list['created'] = $row['created']; $list['modified'] = $row['modified']; $list['active'] = $row['active']; if ($CONF['database_type'] == "pgsql") { if ($row['active'] == "t") { $list['active'] = 1; } else { $list['active'] = 0; } if ($row['backupmx'] == "t") { $list['backupmx'] = 1; } else { $list['backupmx'] = 0; } } else { $list['active'] = $row['active']; $list['backupmx'] = $row['backupmx']; } return $list; } // // check_alias // Action: Checks if the domain is still able to create aliases. // Call: check_alias(string domain) // function check_alias($domain) { $limit = get_domain_properties($domain); if ($limit['aliases'] == 0) { return true; } if ($limit['aliases'] < 0) { return false; } if ($limit['alias_count'] >= $limit['aliases']) { return false; } else { return true; } } // // check_mailbox // Action: Checks if the domain is still able to create mailboxes. // Call: ceck_mailbox(string domain) // function check_mailbox($domain) { $limit = get_domain_properties($domain); if ($limit['mailboxes'] == 0) { return true; } if ($limit['mailboxes'] < 0) { return false; } if ($limit['mailbox_count'] >= $limit['mailboxes']) { return false; } else { return true; } } // // check_quota // Action: Checks if the user is creating a mailbox with the correct quota // Call: check_quota(string domain) // function check_quota($quota, $domain) { $limit = get_domain_properties($domain); if ($limit['maxquota'] == 0) { return true; } if (($limit['maxquota'] < 0) and ($quota < 0)) { return true; } if (($limit['maxquota'] > 0) and ($quota == 0)) { return false; } if ($quota > $limit['maxquota']) { return false; } else { return true; } } // // check_owner // Action: Checks if the admin is the owner of the domain. // Call: check_owner(string admin, string domain) // function check_owner($username, $domain) { $result = db_query("SELECT * FROM domain_admins WHERE username='$username' AND domain='$domain' AND active='1'"); if ($result['rows'] != 1) { return false; } else { return true; } } // // list_domains_for_admin // Action: Lists all the domains for an admin. // Call: list_domains_for_admin(string admin) // function list_domains_for_admin($username) { $list = array(); $result = db_query("SELECT * FROM domain LEFT JOIN domain_admins ON domain.domain=domain_admins.domain WHERE domain_admins.username='$username' AND domain.active='1' AND domain.backupmx='0' ORDER BY domain_admins.domain"); if ($result['rows'] > 0) { $i = 0; while ($row = db_array($result['result'])) { $list[$i] = $row['domain']; $i++; } } return $list; } // // list_domains // Action: List all available domains. // Call: list_domains() // function list_domains() { $list = array(); $result = db_query("SELECT * FROM domain ORDER BY domain"); if ($result['rows'] > 0) { $i = 0; while ($row = db_array($result['result'])) { $list[$i] = $row['domain']; $i++; } } return $list; } // // admin_exist // Action: Checks if the admin already exists. // Call: admin_exist(string admin) // // was check_admin // function admin_exist($username) { $result = db_query("SELECT * FROM admin WHERE username='$username'"); if ($result['rows'] != 1) { return false; } else { return true; } } // // domain_exist // Action: Checks if the domain already exists. // Call: domain_exist(string domain) // function domain_exist($domain) { $result = db_query("SELECT * FROM domain WHERE domain='$domain'"); if ($result['rows'] != 1) { return false; } else { return true; } } // // list_admins // Action: Lists all the admins // Call: list_admins() // // was admin_list_admins // function list_admins() { $list = array(); $result = db_query("SELECT * FROM admin ORDER BY username"); if ($result['rows'] > 0) { $i = 0; while ($row = db_array($result['result'])) { $list[$i] = $row['username']; $i++; } } return $list; } // // get_admin_properties // Action: Get all the admin properties. // Call: get_admin_properties(string admin) function get_admin_properties($username) { $list = array(); $result = db_query("SELECT COUNT(*) FROM domain_admins WHERE username='$username'"); $row = db_row($result['result']); $list['domain_count'] = $row[0]; $result = db_query("SELECT * FROM admin WHERE username='$username'"); $row = db_array($result['result']); $list['created'] = $row['created']; $list['modified'] = $row['modified']; $list['active'] = $row['active']; return $list; } // // generate_password // Action: Generates a random password // Call: generate_password() // function generate_password() { $password = substr(md5(mt_rand()), 0, 8); return $password; } // // pacrypt // Action: Encrypts password based on config settings // Call: pacrypt(string cleartextpassword) // function pacrypt($pw, $pw_db="") { global $CONF; $password = ""; if ($CONF['encrypt'] == 'bcrypt') { $options = ['cost' => 8]; $password = password_hash($pw, PASSWORD_BCRYPT, $options); $password = preg_replace('/\$2y\$/', '\$2b\$', $password); } return $password; } // // db_connect // Action: Makes a connection to the database if it doesn't exist // Call: db_connect() // $DEBUG_TEXT = "\n
\n Please check the documentation and website for more information.\n \n "; function db_connect() { global $CONF; global $DEBUG_TEXT; $link = ""; if ($CONF['database_type'] == "mysqli") { if(function_exists("mysqli_connect")) { $link = @mysqli_connect($CONF['database_host'], $CONF['database_user'], $CONF['database_password']) or die("DEBUG INFORMATION: