High5
/
opensmtpdadmin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
opensmtpdadmin/functions.inc.php

203 lines
5.6 KiB
PHP
Raw Permalink Blame History

<?php
//
// OpenSMTPD Admin
// by Mischa Peters <mischa at high5 dot nl>
// Copyright (c) 2022-2023 High5!
// License Info: LICENSE.TXT
//
// File: functions.inc.php
//
if (preg_match("/functions.inc.php/", $_SERVER['SCRIPT_NAME'])) {
header("Location: login.php");
die();
}
DEFINE("VERSION", "version 1.1");
DEFINE('ROOT_PATH', dirname(__FILE__) . DIRECTORY_SEPARATOR);
require_once ROOT_PATH . 'conf.php';
//
// Check if debug is enabled or not
//
if (DEBUG == 'true') {
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
} else {
ini_set('display_errors', 0);
ini_set('display_startup_errors', 0);
}
//
// check_session
// Action: Check if a session already exists, if not redirect to login.php
// Call: check_session()
//
function check_session() {
session_start();
if (empty($_SESSION['sessid']['username'])) {
header("Location: login.php");
exit;
}
return $_SESSION['sessid']['username'];
}
//
// check_role
// Action: Check which role is assighed
// Call: check_role()
//
function check_role($username) {
$dbh = pdo_connect();
$sth = $dbh->prepare("SELECT role FROM admin WHERE username=?");
$sth->bindParam(1, $username, PDO::PARAM_STR);
$sth->execute();
$row = $sth->fetch(PDO::FETCH_ASSOC);
if (!empty($row)) {
return $row['role'];
}
}
//
// check_language
// Action: checks what language the browser uses
// Call: check_language
// Currently only English is supported, no need to run through the check now.
//
function check_language() {
return DEFAULT_LANGUAGE;
}
//
// bcrypt
// Action: Hashes the password with bcrypt, make it OpenBSD friendly
// Call: bcrypt(string cleartextpassword)
//
function bcrypt($password) {
$options = ['cost' => 8];
$hashed = password_hash($password, PASSWORD_BCRYPT, $options);
$hashed = preg_replace('/\$2y\$/', '\$2b\$', $hashed);
return $hashed;
}
//
// pdo_connect
// Action: make PDO db connection
// Call: pdo_connect()
//
function pdo_connect() {
try {
$dbh = new PDO(DB_TYPE . ':host='. DB_HOST . ';dbname='. DB_NAME , DB_USER, DB_PASS, array(PDO::ATTR_PERSISTENT => true));
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
return $dbh;
} catch (PDOException $e) {
echo 'Connection failed: ' . $e;
die();
}
}
//
// list_domains
// Action: list all available domains for admin
// Call: list_domains(string admin (optional))
//
function list_domains($username = null) {
$dbh = pdo_connect();
if (isset($username)) {
$sth = $dbh->prepare("SELECT * FROM domain INNER JOIN domain_admins ON domain.domain=domain_admins.domain WHERE domain_admins.username=? ORDER BY domain_admins.domain");
$sth->bindParam(1, $username, PDO::PARAM_STR);
} else {
$sth = $dbh->prepare('SELECT * FROM domain ORDER BY domain');
}
$sth->execute();
$list = $sth->fetchAll();
for ($i = 0; $i < count($list); $i++) {
$sth = $dbh->prepare("SELECT COUNT(*) FROM alias WHERE domain=? AND goto NOT IN ('vmail')");
$sth->bindParam(1, $list[$i]['domain'], PDO::PARAM_STR);
$sth->execute();
$list[$i]['alias_count'] = $sth->fetchColumn();
$sth = $dbh->prepare("SELECT COUNT(*) FROM mailbox WHERE domain=?");
$sth->bindParam(1, $list[$i]['domain'], PDO::PARAM_STR);
$sth->execute();
$list[$i]['mailbox_count'] = $sth->fetchColumn();
}
return $list;
}
//
// list_aliases
// Action: list all available aliases for domain
// Call: list_aliases(string domain, int offset)
//
function list_aliases($domain, $offset, $limit) {
$dbh = pdo_connect();
if (ALIAS_CONTROL == 'NO') {
$sth = $dbh->prepare("SELECT alias.address,alias.goto,alias.modified FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.domain=? AND mailbox.maildir IS NULL ORDER BY alias.address LIMIT ?, ?");
} else {
$sth = $dbh->prepare("SELECT alias.address,alias.goto,alias.modified FROM alias WHERE alias.domain=? ORDER BY alias.address LIMIT ?, ?");
}
$sth->bindParam(1, $domain, PDO::PARAM_STR);
$sth->bindParam(2, $offset, PDO::PARAM_INT);
$sth->bindParam(3, $limit, PDO::PARAM_INT);
$sth->execute();
$list = $sth->fetchAll();
return $list;
}
//
// list_mailboxes
// Action: list all available mailboxes for domain
// Call: list_mailboxes(string domaini, int offset)
//
function list_mailboxes($domain, $offset, $limit) {
$dbh = pdo_connect();
$sth = $dbh->prepare("SELECT * FROM mailbox WHERE domain=? ORDER BY username LIMIT ?, ?");
$sth->bindParam(1, $domain, PDO::PARAM_STR);
$sth->bindParam(2, $offset, PDO::PARAM_INT);
$sth->bindParam(3, $limit, PDO::PARAM_INT);
$sth->execute();
$list = $sth->fetchAll();
return $list;
}
//
// list_admins
// Action: lists all the admins
// Call: list_admins()
//
function list_admins() {
$dbh = pdo_connect();
$sth = $dbh->prepare('SELECT * FROM admin ORDER BY username');
$sth->execute();
$list = $sth->fetchAll();
for ($i = 0; $i < count($list); $i++) {
$sth = $dbh->prepare("SELECT COUNT(*) FROM domain_admins WHERE username=?");
$sth->bindParam(1, $list[$i]['username'], PDO::PARAM_STR);
$sth->execute();
$list[$i]['domain_count'] = $sth->fetchColumn();
}
return $list;
}
// logging
// Action: logs actions from admin
// Call: logging(string username, string domain, string action, string data)
//
function logging($username, $domain, $action, $data) {
$remote_addr = $_SERVER['HTTP_X_CLIENTIP'] ?? $_SERVER['REMOTE_ADDR'];
$username = $username . ' (' . $remote_addr . ')';
if (LOGGING == 'YES') {
$dbh = pdo_connect();
$sth = $dbh->prepare("INSERT INTO log (timestamp,username,domain,action,data) VALUES (NOW(),?,?,?,?)");
$sth->bindParam(1, $username, PDO::PARAM_STR);
$sth->bindParam(2, $domain, PDO::PARAM_STR);
$sth->bindParam(3, $action, PDO::PARAM_STR);
$sth->bindParam(4, $data, PDO::PARAM_STR);
$sth->execute();
}
}
?>
Reference in New Issue View Git Blame Copy Permalink