webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 1) <?php
modules/imap/include/mailaccounts.php 2)
modules/imap/include/mailaccounts.php 3) require_once('inc/debug.php');
modules/imap/include/mailaccounts.php 4) require_once('inc/db_connect.php');
|
Logging aktiviert
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 5) require_once('inc/base.php');
|
XSS/CSRF-Bugs behoben
bernd authored 16 years ago
|
modules/imap/include/mailaccounts.php 6) require_once('inc/security.php');
|
webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 7)
|
Domain-Klasse benutzen
bernd authored 16 years ago
|
modules/imap/include/mailaccounts.php 8) require_once('class/domain.php');
modules/imap/include/mailaccounts.php 9)
|
Alles in das email-modul ve...
bernd authored 16 years ago
|
modules/email/include/mailaccounts.php 10) require_once('common.php');
modules/email/include/mailaccounts.php 11)
|
webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 12) function mailaccounts($uid)
modules/imap/include/mailaccounts.php 13) {
modules/imap/include/mailaccounts.php 14) $uid = (int) $uid;
|
Einige Dummheiten repariert...
bernd authored 15 years ago
|
modules/email/include/mailaccounts.php 15) $result = db_query("SELECT m.id,concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'".config('masterdomain')."',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.uid=$uid");
|
webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 16) DEBUG("Found ".@mysql_num_rows($result)." rows!");
modules/imap/include/mailaccounts.php 17) $accounts = array();
modules/imap/include/mailaccounts.php 18) if (@mysql_num_rows($result) > 0)
modules/imap/include/mailaccounts.php 19) while ($acc = @mysql_fetch_object($result))
modules/imap/include/mailaccounts.php 20) array_push($accounts, array('id'=> $acc->id, 'account' => $acc->account, 'mailbox' => $acc->maildir, 'cryptpass' => $acc->cryptpass, 'enabled' => ($acc->aktiv == 1)));
modules/imap/include/mailaccounts.php 21) return $accounts;
modules/imap/include/mailaccounts.php 22) }
modules/imap/include/mailaccounts.php 23)
modules/imap/include/mailaccounts.php 24) function get_mailaccount($id)
modules/imap/include/mailaccounts.php 25) {
modules/imap/include/mailaccounts.php 26) $uid = (int) $uid;
|
Einige Dummheiten repariert...
bernd authored 15 years ago
|
modules/email/include/mailaccounts.php 27) $result = db_query("SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'".config('masterdomain')."',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=$id");
|
webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 28) DEBUG("Found ".mysql_num_rows($result)." rows!");
|
IMAP-Accounts deutlicher de...
bernd authored 15 years ago
|
modules/email/include/mailaccounts.php 29) if (mysql_num_rows($result) != 1)
modules/email/include/mailaccounts.php 30) system_failure('Dieser Mailaccount existiert nicht oder gehört Ihnen nicht');
|
webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 31) $acc = mysql_fetch_object($result);
modules/imap/include/mailaccounts.php 32) $ret = array('account' => $acc->account, 'mailbox' => $acc->maildir, 'enabled' => ($acc->aktiv == 1));
modules/imap/include/mailaccounts.php 33) DEBUG(print_r($ret, true));
modules/imap/include/mailaccounts.php 34) return $ret;
modules/imap/include/mailaccounts.php 35) }
modules/imap/include/mailaccounts.php 36)
modules/imap/include/mailaccounts.php 37) function change_mailaccount($id, $arr)
modules/imap/include/mailaccounts.php 38) {
modules/imap/include/mailaccounts.php 39) $id = (int) $id;
modules/imap/include/mailaccounts.php 40) $conditions = array();
modules/imap/include/mailaccounts.php 41)
modules/imap/include/mailaccounts.php 42) if (isset($arr['account']))
modules/imap/include/mailaccounts.php 43) {
modules/imap/include/mailaccounts.php 44) list($local, $domain) = explode('@', $arr['account'], 2);
|
Domain-Klasse benutzen
bernd authored 16 years ago
|
modules/imap/include/mailaccounts.php 45) $domain = new Domain( (string) $domain);
modules/imap/include/mailaccounts.php 46) if ($domain->id == NULL)
modules/imap/include/mailaccounts.php 47) array_push($conditions, "domain=NULL");
modules/imap/include/mailaccounts.php 48) else
modules/imap/include/mailaccounts.php 49) array_push($conditions, "domain={$domain->id}");
modules/imap/include/mailaccounts.php 50)
modules/imap/include/mailaccounts.php 51) array_push($conditions, "local='".mysql_real_escape_string($local)."'");
|
webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 52) }
modules/imap/include/mailaccounts.php 53) if (isset($arr['mailbox']))
modules/imap/include/mailaccounts.php 54) if ($arr['mailbox'] == '')
modules/imap/include/mailaccounts.php 55) array_push($conditions, "`maildir`=NULL");
modules/imap/include/mailaccounts.php 56) else
modules/imap/include/mailaccounts.php 57) array_push($conditions, "`maildir`='".mysql_real_escape_string($arr['mailbox'])."'");
modules/imap/include/mailaccounts.php 58)
modules/imap/include/mailaccounts.php 59) if (isset($arr['password']))
modules/imap/include/mailaccounts.php 60) {
modules/imap/include/mailaccounts.php 61) $encpw = encrypt_mail_password($arr['password']);
modules/imap/include/mailaccounts.php 62) array_push($conditions, "`password`='$encpw'");
modules/imap/include/mailaccounts.php 63) }
modules/imap/include/mailaccounts.php 64)
modules/imap/include/mailaccounts.php 65) if (isset($arr['enabled']))
modules/imap/include/mailaccounts.php 66) array_push($conditions, "`aktiv`=".($arr['enabled'] == 'Y' ? "1" : "0"));
modules/imap/include/mailaccounts.php 67)
modules/imap/include/mailaccounts.php 68)
|
sql-abfragen abstrahiert
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 69) db_query("UPDATE mail.mailaccounts SET ".implode(",", $conditions)." WHERE id='$id' LIMIT 1");
|
eliminate .php extensions f...
bernd authored 15 years ago
|
modules/email/include/mailaccounts.php 70) logger("modules/imap/include/mailaccounts", "imap", "updated account »{$arr['account']}«");
|
webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 71)
modules/imap/include/mailaccounts.php 72) }
modules/imap/include/mailaccounts.php 73)
modules/imap/include/mailaccounts.php 74) function create_mailaccount($arr)
modules/imap/include/mailaccounts.php 75) {
modules/imap/include/mailaccounts.php 76) $values = array();
modules/imap/include/mailaccounts.php 77)
modules/imap/include/mailaccounts.php 78) if (($arr['account']) == '')
modules/imap/include/mailaccounts.php 79) system_failure('empty account name!');
modules/imap/include/mailaccounts.php 80)
modules/imap/include/mailaccounts.php 81) $values['uid'] = (int) $_SESSION['userinfo']['uid'];
modules/imap/include/mailaccounts.php 82)
modules/imap/include/mailaccounts.php 83) list($local, $domain) = explode('@', $arr['account'], 2);
|
Domain-Klasse benutzen
bernd authored 16 years ago
|
modules/imap/include/mailaccounts.php 84) $domain = new Domain( (string) $domain);
modules/imap/include/mailaccounts.php 85) if ($domain->id == NULL)
modules/imap/include/mailaccounts.php 86) $values['domain'] = "NULL";
modules/imap/include/mailaccounts.php 87) else
modules/imap/include/mailaccounts.php 88) $values['domain'] = $domain->id;
modules/imap/include/mailaccounts.php 89)
|
webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 90) $values['local'] = "'".mysql_real_escape_string($local)."'";
modules/imap/include/mailaccounts.php 91)
modules/imap/include/mailaccounts.php 92) if (isset($arr['mailbox']))
modules/imap/include/mailaccounts.php 93) if ($arr['mailbox'] == '')
modules/imap/include/mailaccounts.php 94) $values['maildir'] = 'NULL';
modules/imap/include/mailaccounts.php 95) else
modules/imap/include/mailaccounts.php 96) $values['maildir']= "'".mysql_real_escape_string($arr['mailbox'])."'";
modules/imap/include/mailaccounts.php 97)
modules/imap/include/mailaccounts.php 98)
modules/imap/include/mailaccounts.php 99) if (isset($arr['password']))
modules/imap/include/mailaccounts.php 100) {
modules/imap/include/mailaccounts.php 101) $values['password'] = "'".encrypt_mail_password($arr['password'])."'";
modules/imap/include/mailaccounts.php 102) }
modules/imap/include/mailaccounts.php 103)
modules/imap/include/mailaccounts.php 104) if (isset($arr['enabled']))
modules/imap/include/mailaccounts.php 105) $values['aktiv'] = ($arr['enabled'] == 'Y' ? "1" : "0" );
modules/imap/include/mailaccounts.php 106)
modules/imap/include/mailaccounts.php 107)
|
sql-abfragen abstrahiert
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 108) db_query("INSERT INTO mail.mailaccounts (".implode(',', array_keys($values)).") VALUES (".implode(",", array_values($values)).")");
|
eliminate .php extensions f...
bernd authored 15 years ago
|
modules/email/include/mailaccounts.php 109) logger("modules/imap/include/mailaccounts", "imap", "created account »{$arr['account']}«");
|
webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 110)
modules/imap/include/mailaccounts.php 111) }
modules/imap/include/mailaccounts.php 112)
|
Auch mailaccounts können si...
bernd authored 16 years ago
|
modules/imap/include/mailaccounts.php 113)
modules/imap/include/mailaccounts.php 114) function get_mailaccount_id($accountname)
modules/imap/include/mailaccounts.php 115) {
modules/imap/include/mailaccounts.php 116) list($local, $domain) = explode('@', $accountname, 2);
modules/imap/include/mailaccounts.php 117)
modules/imap/include/mailaccounts.php 118) $local = mysql_real_escape_string($local);
|
Fehler beim Passwort-Ändern...
bernd authored 16 years ago
|
modules/email/include/mailaccounts.php 119) $domain = mysql_real_escape_string($domain);
|
Auch mailaccounts können si...
bernd authored 16 years ago
|
modules/imap/include/mailaccounts.php 120)
|
Fehler beim Passwort-Ändern...
bernd authored 16 years ago
|
modules/email/include/mailaccounts.php 121) $result = db_query("SELECT acc.id FROM mail.mailaccounts AS acc LEFT JOIN mail.v_domains AS dom ON (dom.id=acc.domain) WHERE local='{$local}' AND dom.domainname='{$domain}'");
|
Auch mailaccounts können si...
bernd authored 16 years ago
|
modules/imap/include/mailaccounts.php 122) if (mysql_num_rows($result) != 1)
modules/imap/include/mailaccounts.php 123) system_failure('account nicht eindeutig');
modules/imap/include/mailaccounts.php 124) $acc = mysql_fetch_assoc($result);
modules/imap/include/mailaccounts.php 125) return $acc['id'];
modules/imap/include/mailaccounts.php 126) }
modules/imap/include/mailaccounts.php 127)
|
webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 128)
modules/imap/include/mailaccounts.php 129) function delete_mailaccount($id)
modules/imap/include/mailaccounts.php 130) {
modules/imap/include/mailaccounts.php 131) $id = (int) $id;
|
sql-abfragen abstrahiert
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 132) db_query("DELETE FROM mail.mailaccounts WHERE id=".$id." LIMIT 1");
|
eliminate .php extensions f...
bernd authored 15 years ago
|
modules/email/include/mailaccounts.php 133) logger("modules/imap/include/mailaccounts", "imap", "deleted account »{$id}«");
|
webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 134) }
modules/imap/include/mailaccounts.php 135)
modules/imap/include/mailaccounts.php 136)
modules/imap/include/mailaccounts.php 137) function check_valid($acc)
modules/imap/include/mailaccounts.php 138) {
modules/imap/include/mailaccounts.php 139) $user = $_SESSION['userinfo'];
modules/imap/include/mailaccounts.php 140) DEBUG("Account-data: ".print_r($acc, true));
modules/imap/include/mailaccounts.php 141) DEBUG("User-data: ".print_r($user, true));
modules/imap/include/mailaccounts.php 142) if ($acc['mailbox'] != '')
modules/imap/include/mailaccounts.php 143) {
modules/imap/include/mailaccounts.php 144) if (substr($acc['mailbox'], 0, strlen($user['homedir'])+1) != $user['homedir'].'/')
|
XSS/CSRF-Bugs behoben
bernd authored 16 years ago
|
modules/imap/include/mailaccounts.php 145) return "Die Mailbox muss innerhalb des Home-Verzeichnisses liegen. Sie haben »".$acc['mailbox']."« als Mailbox angegeben, Ihr Home-Verzeichnis ist »".$user['homedir']."/«.";
modules/imap/include/mailaccounts.php 146) if (! check_path($acc['mailbox']))
|
webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 147) return "Sie verwenden ungültige Zeichen in Ihrem Mailbox-Pfad.";
modules/imap/include/mailaccounts.php 148) }
modules/imap/include/mailaccounts.php 149)
modules/imap/include/mailaccounts.php 150) if ($acc['account'] == '' || strpos($acc['account'], '@') == 0)
modules/imap/include/mailaccounts.php 151) return "Es wurde kein Benutzername angegeben!";
modules/imap/include/mailaccounts.php 152) if (strpos($acc['account'], '@') === false)
|
Einige Dummheiten repariert...
bernd authored 15 years ago
|
modules/email/include/mailaccounts.php 153) return "Es wurde kein Domain-Teil im Account-Name angegeben. Account-Namen müssen einen Domain-Teil enthalten. Im Zweifel versuchen Sie »@".config('masterdomain')."«.";
|
webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 154)
modules/imap/include/mailaccounts.php 155) list($local, $domain) = explode('@', $acc['account'], 2);
|
Hatte die Kompatibilität ge...
hanno authored 16 years ago
|
modules/imap/include/mailaccounts.php 156) verify_input_username($local);
|
Domain-Klasse benutzen
bernd authored 16 years ago
|
modules/imap/include/mailaccounts.php 157) $tmpdomains = get_domain_list($user['customerno'], $user['uid']);
|
webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 158) $domains = array();
modules/imap/include/mailaccounts.php 159) foreach ($tmpdomains as $dom)
|
Domain-Klasse benutzen
bernd authored 16 years ago
|
modules/imap/include/mailaccounts.php 160) $domains[] = $dom->fqdn;
|
webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 161)
modules/imap/include/mailaccounts.php 162) if (array_search($domain, $domains) === false)
modules/imap/include/mailaccounts.php 163) {
|
Mehr config-optionen und co...
bernd authored 15 years ago
|
modules/email/include/mailaccounts.php 164) if ($domain == config('masterdomain'))
|
webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 165) {
modules/imap/include/mailaccounts.php 166) if (substr($local, 0, strlen($user['username'])) != $user['username'] || ($acc['account'][strlen($user['username'])] != '-' && $acc['account'][strlen($user['username'])] != '@'))
modules/imap/include/mailaccounts.php 167) {
|
Einige Dummheiten repariert...
bernd authored 15 years ago
|
modules/email/include/mailaccounts.php 168) return "Sie haben »@".config('masterdomain')."« als Domain-Teil angegeben, aber der Benutzer-Teil beginnt nicht mit Ihrem Benutzername!";
|
webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 169) }
modules/imap/include/mailaccounts.php 170) }
modules/imap/include/mailaccounts.php 171) else
|
XSS/CSRF-Bugs behoben
bernd authored 16 years ago
|
modules/imap/include/mailaccounts.php 172) return "Der angegebene Domain-Teil (»".htmlentities($domain, ENT_QUOTES, "UTF-8")."«) ist nicht für Ihren Account eingetragen. Sollte dies ein Fehler sein, wenden sie sich bitte an einen Administrator!";
|
webinterface => /webinterface
bernd authored 17 years ago
|
modules/imap/include/mailaccounts.php 173) }
modules/imap/include/mailaccounts.php 174)
modules/imap/include/mailaccounts.php 175) return '';
modules/imap/include/mailaccounts.php 176) }
modules/imap/include/mailaccounts.php 177)
modules/imap/include/mailaccounts.php 178)
|
IMAP-Accounts deutlicher de...
bernd authored 15 years ago
|
modules/email/include/mailaccounts.php 179) function imap_on_vmail_domain()
modules/email/include/mailaccounts.php 180) {
modules/email/include/mailaccounts.php 181) $uid = (int) $_SESSION['userinfo']['uid'];
modules/email/include/mailaccounts.php 182) $result = db_query("SELECT m.id FROM mail.mailaccounts AS m INNER JOIN mail.virtual_mail_domains AS vd USING (domain) WHERE m.uid={$uid}");
modules/email/include/mailaccounts.php 183) if (mysql_num_rows($result) > 0)
modules/email/include/mailaccounts.php 184) return true;
modules/email/include/mailaccounts.php 185) return false;
modules/email/include/mailaccounts.php 186) }
modules/email/include/mailaccounts.php 187)
modules/email/include/mailaccounts.php 188) function user_has_only_vmail_domains()
modules/email/include/mailaccounts.php 189) {
modules/email/include/mailaccounts.php 190) $uid = (int) $_SESSION['userinfo']['uid'];
modules/email/include/mailaccounts.php 191) $result = db_query("SELECT d.id FROM mail.v_domains AS d LEFT JOIN mail.v_vmail_domains AS vd USING (domainname) WHERE vd.id IS NULL AND d.user={$uid}");
modules/email/include/mailaccounts.php 192) if (mysql_num_rows($result) == 0)
modules/email/include/mailaccounts.php 193) return true;
modules/email/include/mailaccounts.php 194) return false;
modules/email/include/mailaccounts.php 195) }
modules/email/include/mailaccounts.php 196)
modules/email/include/mailaccounts.php 197)
|