webinterface.git

@@ -40,6 +40,16 @@ function success_msg($msg)

 }

+function we_have_an_error()

+{

+  global $input_error;

+  global $warning;

+

+  return ((count($input_error) + count($warning)) > 0);

+

+}

+

+

 function show_messages()

 {

   global $input_error;

@@ -54,7 +64,7 @@ function show_messages()

     ';

     foreach ($input_error as $error)

     {

-      echo '<li>'.filter_input_general($error)."</li>\n";

+      echo '<li>'.nl2br(filter_input_general($error))."</li>\n";

     }

     echo '</ul>

     </div>';

@@ -66,7 +76,7 @@ function show_messages()

     ';

     foreach ($warning as $msg)

     {

-      echo '<li>'.filter_input_general($msg)."</li>\n";

+      echo '<li>'.nl2br(filter_input_general($msg))."</li>\n";

     }

     echo '</ul>

     </div>';

@@ -78,7 +88,7 @@ function show_messages()

     ';

     foreach ($success_msg as $msg)

     {

-      echo '<li>'.filter_input_general($msg)."</li>\n";

+      echo '<li>'.nl2br(filter_input_general($msg))."</li>\n";

     }

     echo '</ul>

     </div>';

@@ -0,0 +1,32 @@

+<?php

+

+require_once('inc/base.php');

+require_once('inc/security.php');

+require_role(ROLE_SYSTEMUSER);

+

+require_once('vmail.php');

+

+$accounts = get_vmail_accounts();

+

+output('<h3>E-Mail-Accounts</h3>

+<p>Folgende E-Mail-Konten sind eingerichtet:</p>

+<table style="margin-bottom: 1em;">

+<tr><th>Adresse</th><th>Aktion</th><th>...</th><th>&#160;</th></tr>

+');

+

+        foreach ($accounts as $account)

+        {

+	    $action = ($account['type'] == 'mailbox' ? 'Speichern in Postfach' : 'Weiterleiten an '.filter_input_general($account['data']));

+            output('<tr>

+            <td>'.internal_link('edit.php', $account['local'].'@'.$account['domain'], 'id='.$account['id']).'</td>

+            <td>'.$action.'</td>

+            <td><a href="delete.php?account='.$account['id'].'">löschen</a></td></tr>');

+        }

+        output('</table>

+<p><a href="edit.php">Neuen Account anlegen</a></p>

+

+');

+

+

+

+?>

@@ -0,0 +1,139 @@

+<?php

+

+require_once('inc/debug.php');

+require_once('inc/security.php');

+

+require_once('vmail.php');

+

+$title = "E-Mail-Adresse bearbeiten";

+$section = 'vmail_accounts';

+require_role(ROLE_SYSTEMUSER);

+

+$id = (int) $_GET['id'];

+$vhost = empty_account();

+

+if ($id != 0)

+  $account = get_account_details($id);

+

+DEBUG($account);

+if ($id == 0) {

+  output("<h3>Neue E-Mail-Adresse anlegen</h3>");

+  $title = "E-Mail-Adresse anlegen";

+}

+else {

+  output("<h3>E-Mail-Adresse bearbeiten</h3>");

+}

+

+

+$is_forward = ($mailbox['type'] == 'forward');

+$is_mailbox = ( ! $is_forward);

+

+output("<script type=\"text/javascript\">

+  

+  function selectForwarding() {

+    // document.getElementById('forward_options').style.visibility = 'visible';

+    // document.getElementById('mailbox_options').style.visibility = 'hidden';

+    document.getElementById('forward_options').style.display = 'block';

+    document.getElementById('mailbox_options').style.display = 'none';

+    document.getElementById('spamfilter_folder').disabled = true;

+    document.getElementById('virusfilter_folder').disabled = true;

+    }

+  

+  function selectMailbox() {

+    // document.getElementById('mailbox_options').style.visibility = 'visible';

+    // document.getElementById('forward_options').style.visibility = 'hidden';

+    document.getElementById('mailbox_options').style.display = 'block';

+    document.getElementById('forward_options').style.display = 'none';

+    document.getElementById('spamfilter_folder').disabled = false;

+    document.getElementById('virusfilter_folder').disabled = false;

+    }

+  

+  function toggleSpamfilterOptions() {

+    if (document.getElementById('spamfilter').checked)

+      document.getElementById('spamfilter_options').style.display = 'block';

+    else

+      document.getElementById('spamfilter_options').style.display = 'none';

+    }

+  

+  function toggleVirusfilterOptions() {

+    if (document.getElementById('virusfilter').checked)

+      document.getElementById('virusfilter_options').style.display = 'block';

+    else

+      document.getElementById('virusfilter_options').style.display = 'none';

+    }

+

+  </script>");

+

+$form = "

+    <p><strong>E-Mail-Adresse:</strong>&#160;<input type=\"text\" name=\"local\" id=\"local\" size=\"10\" value=\"{$account['local']}\" /><strong style=\"font-size: 1.5em;\">&#160;@&#160;</strong>".domainselect($account['domainid'])."</p>";

+

+$form .= "<p><input type=\"checkbox\" id=\"spamfilter\" name=\"spamfilter\" value=\"1\" ".($account['spamfilter'] != NULL ? 'checked="checked" ' : '')." onclick=\"toggleSpamfilterOptions()\" /><label for=\"spamfilter\">&#160;Spam-Filter</label></p>";

+

+$form .= "<p style=\"margin-left: 2em; ".($account['spamfilter'] != NULL ? '' : 'display: none;')."\" id=\"spamfilter_options\">

+  <em>Was soll mit E-Mails geschehen, die als Spam eingestuft wurden?</em><br />

+  <input type=\"radio\" id=\"spamfilter_folder\" name=\"spamfilter_action\" value=\"folder\" ".($account['spamfilter'] == 'folder' ? 'checked="checked" ' : '')."/><label for=\"spamfilter_folder\">&#160;In IMAP-Unterordner »Spam« ablegen</label><br />

+  <input type=\"radio\" id=\"spamfilter_tag\" name=\"spamfilter_action\" value=\"tag\" ".($account['spamfilter'] == 'tag' ? 'checked="checked" ' : '')."/><label for=\"spamfilter_tag\">&#160;Markieren und ganz normal zustellen</label><br />

+<input type=\"radio\" id=\"spamfilter_delete\" name=\"spamfilter_action\" value=\"delete\" ".($account['spamfilter'] == 'delete' ? 'checked="checked" ' : '')."/><label for=\"spamfilter_delete\">&#160;Löschen</label>

+  </p>

+  ";

+

+  

+$form .= "<p><input type=\"checkbox\" id=\"virusfilter\" name=\"virusfilter\" value=\"1\" ".($account['virusfilter'] != NULL ? 'checked="checked" ' : '')." onclick=\"toggleVirusfilterOptions()\" /><label for=\"virusfilter\">&#160;Viren-Scanner</label></p>";

+

+$form .= "<p style=\"margin-left: 2em; ".($account['virusfilter'] != NULL ? '' : 'display: none;')."\" id=\"virusfilter_options\">

+  <em>Was soll mit E-Mails geschehen, in denen ein Virus erkannt wurde?</em><br />

+  <input type=\"radio\" id=\"virusfilter_folder\" name=\"virusfilter_action\" value=\"folder\" ".($account['virusfilter'] == 'folder' ? 'checked="checked" ' : '')."/><label for=\"virusfilter_folder\">&#160;In IMAP-Unterordner »Viren« ablegen</label><br />

+  <input type=\"radio\" id=\"virusfilter_tag\" name=\"virusfilter_action\" value=\"tag\" ".($account['virusfilter'] == 'tag' ? 'checked="checked" ' : '')."/><label for=\"virusfilter_tag\">&#160;Markieren und ganz normal zustellen</label><br />

+<input type=\"radio\" id=\"virusfilter_delete\" name=\"virusfilter_action\" value=\"delete\" ".($account['virusfilter'] == 'delete' ? 'checked="checked" ' : '')."/><label for=\"virusfilter_delete\">&#160;Löschen</label>

+  </p>

+  ";

+

+$password_message = '';

+if ($is_mailbox and ($account['data'] != ''))

+  $password_message = '<spam style="font-size: 80%"><br /><em>Sie haben bereits ein Passwort gesetzt. Wenn Sie dieses Feld leer lassen, wird das bisherige Passwort beibehalten.</em></span>';

+  

+

+$form .= "<p>

+    <input type=\"radio\" id=\"forward\" name=\"type\" value=\"forward\" ".($is_forward ? 'checked="checked" ' : '')." onclick=\"selectForwarding()\" /><label for=\"forward\">&#160;Weiterleitung an andere E-Mail-Adresse</label></p>

+    <p style=\"margin-left: 2em; ".($is_mailbox ? 'display: none' : '')."\" id=\"forward_options\">Weiterleitung an:&#160;<input type=\"text\" id=\"forward_to\" name=\"forward_to\" value=\"".($is_forward ? $account['data'] : '')."\" /></p>

+    <p><input type=\"radio\" id=\"mailbox\" name=\"type\" value=\"mailbox\" ".($is_mailbox ? 'checked="checked" ' : '')." onclick=\"selectMailbox()\" /><label for=\"mailbox\">&#160;In Mailbox speichern</label></p>

+    <p style=\"margin-left: 2em; ".($is_forward ? 'display: none' : '')."\" id=\"mailbox_options\">Passwort für Abruf:&#160;<input type=\"password\" id=\"password\" name=\"password\" value=\"\" />{$password_message}</p>";

+    

+/*

+$form .= "<tr><td>PHP</td>

+    <td><select name=\"php\" id=\"php\">

+      <option value=\"none\" ".($vhost['php'] == NULL ? 'selected="selected"' : '')." >kein PHP</option>

+      <option value=\"mod_php\" ".($vhost['php'] == 'mod_php' ? 'selected="selected"' : '')." >als Apache-Modul</option>

+      <option value=\"fastcgi\" ".($vhost['php'] == 'fastcgi' ? 'selected="selected"' : '')." >FastCGI</option>

+    </select>

+    </td>

+    <td id=\"defaultphp\">als Apache-Modul</td></tr>

+    <tr><td>SSL-Verschlüsselung</td>

+    <td><select name=\"ssl\" id=\"ssl\">

+      <option value=\"none\" ".($vhost['ssl'] == NULL ? 'selected="selected"' : '')." >SSL optional anbieten</option>

+      <option value=\"http\" ".($vhost['ssl'] == 'http' ? 'selected="selected"' : '')." >kein SSL</option>

+      <option value=\"https\" ".($vhost['ssl'] == 'https' ? 'selected="selected"' : '')." >nur SSL</option>

+      <option value=\"forward\" ".($vhost['ssl'] == 'forward' ? 'selected="selected"' : '')." >Immer auf SSL umleiten</option>

+    </select>

+    </td>

+    <td id=\"defaultssl\">SSL optional anbieten</td></tr>

+    <tr>

+      <td>Logfiles <span class=\"warning\">*</span></td>

+      <td><select name=\"logtype\" id=\"logtype\">

+      <option value=\"none\" ".($vhost['logtype'] == NULL ? 'selected="selected"' : '')." >keine Logfiles</option>

+      <option value=\"anonymous\" ".($vhost['logtype'] == 'anonymous' ? 'selected="selected"' : '')." >anonymisiert</option>

+      <option value=\"default\" ".($vhost['logtype'] == 'default' ? 'selected="selected"' : '')." >vollständige Logfile</option>

+    </select><br />

+    <input type=\"checkbox\" id=\"errorlog\" name=\"errorlog\" value=\"1\" ".($vhost['errorlog'] == 1 ? ' checked="checked" ' : '')." />&#160;<label for=\"errorlog\">Fehlerprotokoll (error_log) einschalten</label>

+    </td>

+    <td id=\"defaultlogtype\">keine Logfiles</td></tr>

+    ";

+

+*/

+$form .= '

+  <p><input type="submit" value="Speichern" />&#160;&#160;&#160;&#160;'.internal_link('accounts.php', 'Abbrechen').'</p>';

+

+output(html_form('vmail_edit_mailbox', 'save.php', 'action=edit'.($id != 0 ? '&id='.$id : ''), $form));

+

+

+?>

@@ -0,0 +1,239 @@

+<?php

+require_once('inc/base.php');

+require_once('inc/debug.php');

+

+

+function user_has_vmail_domain() 

+{

+	$role = $_SESSION['role'];

+	if (! ($role & ROLE_SYSTEMUSER)) {

+		return false;

+	}

+	$uid = (int) $_SESSION['userinfo']['uid'];

+	$result = db_query("SELECT COUNT(*) FROM mail.v_vmail_domains WHERE useraccount='{$uid}'");

+	$row = mysql_fetch_array($result);

+	$count = $row[0];

+	DEBUG("User has {$count} vmail-domains");

+	return ( (int) $count > 0 );

+}

+

+

+function empty_account()

+{

+	$account = array(

+		'id' => NULL,

+		'local' => '',

+		'domain' => NULL,

+		'type' => 'mailbox',

+		'data' => NULL,

+		'spamfilter' => NULL,

+		'virusfilter' => NULL,

+		'spamexpire' => 7,

+		'virusexpire' => 7

+		);

+	return $account;

+

+}

+

+function get_account_details($id)

+{

+	$id = (int) $id;

+	$uid = (int) $_SESSION['userinfo']['uid'];

+	$result = db_query("SELECT id, local, domainid as domain, type, data, spamfilter, virusfilter from mail.v_virtual_mail WHERE useraccount='{$uid}' AND id={$id} LIMIT 1");

+	if (mysql_num_rows($result) == 0)

+		system_failure('Ungültige ID oder kein eigener Account');

+	return mysql_fetch_assoc($result);;

+	

+}

+

+function get_vmail_accounts()

+{

+	$uid = (int) $_SESSION['userinfo']['uid'];

+	$result = db_query("SELECT * from mail.v_virtual_mail WHERE useraccount='{$uid}'");

+	$ret = array();

+	while ($line = mysql_fetch_assoc($result))

+	{

+		array_push($ret, $line);

+	}

+	DEBUG($ret);

+	return $ret;

+}

+

+

+

+function get_vmail_domains()

+{

+	$uid = (int) $_SESSION['userinfo']['uid'];

+	$result = db_query("SELECT id, domainname FROM mail.v_vmail_domains WHERE useraccount='{$uid}'");

+	if (mysql_num_rows($result) == 0)

+		system_failure('Sie haben keine Domains für virtuelle Mail-Verarbeitung');

+	$ret = array();

+	while ($tmp = mysql_fetch_object($result))

+		array_push($ret, $tmp);

+	return $ret;

+}

+

+

+

+function domainselect($selected = NULL, $selectattribute = '')

+{

+  global $domainlist;

+  if ($domainlist == NULL)

+    $domainlist = get_vmail_domains();

+  $selected = (int) $selected;

+

+  $ret = '<select id="domain" name="domain" size="1" '.$selectattribute.' >';

+  foreach ($domainlist as $dom)

+  {

+    $s = ($selected == $dom->id) ? ' selected="selected" ': '';

+    $ret .= "<option value=\"{$dom->id}\"{$s}>{$dom->domainname}</option>\n";

+  }

+  $ret .= '</select>';

+  return $ret;

+}

+

+

+function encrypt_mail_password($pw)

+{

+  DEBUG("unencrypted PW: ".$pw);

+  require_once('inc/base.php');

+  $salt = random_string(8);

+  $encpw = crypt($pw, "\$1\${$salt}\$");

+  DEBUG("encrypted PW: ".$encpw);

+  return chop($encpw);

+

+}

+

+

+

+function save_vmail_account($account)

+{

+  $uid = (int) $_SESSION['userinfo']['uid'];

+  $id = $account['id'];

+  if ($id != NULL)

+  {

+    $id = (int) $id;

+    $oldaccount = get_account_details($id);

+    // Erzeugt einen system_error() wenn ID ungültig

+  }

+  // Ab hier ist $id sicher, entweder NULL oder eine gültige ID des aktuellen users

+

+  $account['local'] = filter_input_username($account['local']);

+  if ($account['local'] == '')

+  {

+    input_error('Die E-Mail-Adresse braucht eine Angabe vor dem »@«!');

+    return false;

+  }

+  $account['domain'] = (int) $account['domain'];

+  $domainlist = get_vmail_domains();

+  $valid_domain = false;

+  foreach ($domainlist as $dom)

+  {

+    if ($dom->id == $account['domain'])

+    {

+      $valid_domain = true;

+      break;

+    }

+  }

+  if (($account['domain'] == 0) || (! $valid_domain))

+  {

+    input_error('Bitte wählen Sie eine Ihrer Domains aus!');

+    return false;

+  }

+  $type = NULL;

+  switch ($account['type'])

+  {

+    case 'forward':

+                     $account['data'] = filter_input_general($account['data']);

+                     if (! check_emailaddr($account['data']))

+		       system_failure('Das Weiterleitungs-Ziel ist keine E-Mail-Adresse!');

+		     $type = 'forward';

+                     break;

+    case 'mailbox':

+                     $account['data'] = stripslashes($account['data']);

+                     if ($account['data'] != '')

+                     {

+                       $crack = strong_password($account['data']);

+                       if ($crack !== true)

+                       {

+                         input_error('Ihr Passwort ist zu einfach. bitte wählen Sie ein sicheres Passwort!'."\nDie Fehlermeldung lautet: »{$crack}«");

+                         return false;

+                       }

+                       $account['data'] = encrypt_mail_password($account['data']);

+                     }

+                     $type = 'mailbox';

+                     break;

+  }

+  if ($type == NULL)

+  {

+    input_error('Problem mit der »type«-Variable!');

+    return false;

+  }

+

+  $spam = 'NULL';

+  switch ($account['spamfilter'])

+  {

+    case 'folder':

+      if ($type == 'forward')

+      {

+        input_error('Sie können nicht in einen IMAP-Unterordner zustellen lassen, wenn Sie gar kein IMAP-Konto anlegen!');

+	return false;

+      }

+      $spam = "'folder'";

+      break;

+    case 'tag':

+      $spam = "'tag'";

+      break;

+    case 'delete':

+      $spam = "'delete'";

+      break;

+  }

+

+  $virus = 'NULL';

+  switch ($account['virusfilter'])

+  {

+    case 'folder':

+      if ($type == 'forward')

+      {

+        input_error('Sie können nicht in einen IMAP-Unterordner zustellen lassen, wenn Sie gar kein IMAP-Konto anlegen!');

+	return false;

+      }

+      $virus = "'folder'";

+      break;

+    case 'tag':

+      $virus = "'tag'";

+      break;

+    case 'delete':

+      $virus = "'delete'";

+      break;

+  }

+

+  $account['local'] = mysql_real_escape_string($account['local']);

+  $account['data'] = mysql_real_escape_string($account['data']);

+  $account['spamexpire'] = (int) $account['spamexpire'];

+  $account['virusexpire'] = (int) $account['virusexpire'];

+

+  $query = '';

+  if ($id == NULL)

+  {

+    $query = "INSERT INTO mail.virtual_mail (local, domain, type, data, spamfilter, virusfilter, spamexpire, virusexpire) VALUES ";

+    $query .= "('{$account['local']}', {$account['domain']}, '{$type}', '{$account['data']}', {$spam}, {$virus}, {$account['spamexpire']}, {$account['virusexpire']});";

+  }

+  else

+  {

+    $password = ", data='{$account['data']}'";

+    if ($account['data'] == '')

+      $password = '';

+    $query = "UPDATE mail.virtual_mail SET local='{$account['local']}', domain={$account['domain']}, type='{$type}'{$password}, ";

+    $query .= "spamfilter={$spam}, virusfilter={$virus}, spamexpire={$account['spamexpire']}, virusexpire={$account['virusexpire']} ";

+    $query .= "WHERE id={$id} LIMIT 1;";

+  }

+  db_query($query); 

+

+

+}

+

+

+

+

+?>

@@ -0,0 +1,20 @@

+<?php

+

+$menu = array();

+

+$role = $_SESSION['role'];

+

+require_once('include/vmail.php');

+

+

+if (($role & ROLE_SYSTEMUSER) && user_has_vmail_domain())

+{

+  $menu["vmail_accounts"] = array("label" => "E-Mail", "file" => "accounts.php", "weight" => 10);

+}

+

+

+if (empty($menu))

+  $menu = false;

+

+

+?>

@@ -0,0 +1,50 @@

+<?php

+

+require_once('session/start.php');

+

+require_once('vmail.php');

+

+require_role(ROLE_SYSTEMUSER);

+

+require_once("inc/debug.php");

+global $debugmode;

+

+

+if ($_GET['action'] == 'edit')

+{

+  check_form_token('vmail_edit_mailbox');

+  $id = (int) $_GET['id'];

+

+  $account = empty_account();

+  $account['id'] = NULL;

+  if ($id)

+    $account['id'] = $id;

+  $account['local'] = $_POST['local'];

+  $account['domain'] = (int) $_POST['domain'];

+  $account['type'] = $_POST['type'];

+  if ($_POST['type'] == 'mailbox')

+    $account['data'] = $_POST['password'];

+  else

+    $account['data'] = $_POST['forward_to'];

+  $account['spamfilter'] = $_POST['spamfilter_action'];

+  if ($_POST['spamfilter'] != '1')

+    $account['spamfilter'] = NULL;

+  $account['virusfilter'] = $_POST['virusfilter_action'];

+  if ($_POST['virusfilter'] != '1')

+    $account['virusfilter'] = NULL;

+

+  DEBUG($account);

+

+  save_vmail_account($account);

+

+  if (! ($debugmode || we_have_an_error()))

+    header('Location: accounts.php');

+

+}

+else

+  system_failure("Unimplemented action");

+

+output('');

+

+

+?>