webinterface.git

@@ -0,0 +1,59 @@

+<?php

+

+require_once('session/start.php');

+

+require_once('mailaccounts.php');

+

+require_role(ROLE_MAILACCOUNT);

+

+$account = $_SESSION['accountname'];

+

+$title = "Passwort ändern";

+

+if ($_POST['password1'] != '')

+{

+  check_form_token('imap_chpass');

+  $result = find_role($_SESSION['mailaccount'], $_POST['old_password']);

+

+  if ($_POST['old_password'] == '')

+    input_error('Altes Passwort nicht angegeben!');

+  elseif (! $result & ROLE_MAILACCOUNT)

+    input_error('Das bisherige Passwort ist nicht korrekt!');

+  elseif ($_POST['password2'] != $_POST['password1'])

+    input_error('Die Bestätigung ist nicht identisch mit dem neuen Passwort!');

+  elseif ($_POST['password2'] == '')

+    input_error('Sie müssen das neue Passwort zweimal eingeben!');

+  elseif (($check = strong_password($_POST['password1'])) !== true)

+    input_error("Das Passwort ist zu einfach (cracklib sagt: {$check})!");

+  else {

+    change_mailaccount(get_mailaccount_id($_SESSION['mailaccount']), array('password' => $_POST['password1']));

+    if (! $debugmode)

+      header('Location: chpass.php');

+    else

+      output('');

+  }

+}

+

+

+

+output('<h3>Passwort &auml;ndern</h3>

+<p>Hier k&ouml;nnen Sie Ihr Passwort &auml;ndern.</p>

+'.html_form('imap_chpass', 'chpass.php', '', '<table>

+  <tr>

+    <td>bisheriges Passwort:</td>  <td><input type="password" name="old_password" value="" /></td>

+  </tr>

+  <tr>

+    <td>neues Passwort:</td>       <td><input type="password" name="password1" value="" /></td>

+  </tr>

+  <tr>

+    <td>Best&auml;tigung:<br /><span style="font-size: 80%;">(nochmal neues Passwort)</span></td>

+                                   <td><input type="password" name="password2" value="" /></td>

+  </tr>

+</table>

+<p><input type="submit" value="Speichern" /></p>

+'));

+

+

+

+

+?>

@@ -118,6 +118,23 @@ function create_mailaccount($arr)

 }

+function get_mailaccount_id($accountname)

+{

+  list($local, $domain) = explode('@', $accountname, 2);

+  if ($domain == 'schokokeks.org')

+    $domain = '';

+

+  $local = mysql_real_escape_string($local);

+  $domain = maybe_null($domain);

+

+  $result = db_query("SELECT acc.id FROM mail.mailaccounts AS acc LEFT JOIN mail.v_domains AS dom ON (dom.id=acc.domain) WHERE local='{$local}' AND dom.domainname={$domain}");

+  if (mysql_num_rows($result) != 1)

+    system_failure('account nicht eindeutig');

+  $acc = mysql_fetch_assoc($result);

+  return $acc['id'];

+}

+    

+

 function delete_mailaccount($id)

 {

   $id = (int) $id;

@@ -8,6 +8,10 @@ if ($role & ROLE_SYSTEMUSER)

 {

   $menu["imap_accounts"] = array("label" => "IMAP/POP3", "file" => "accounts.php", "weight" => 10);

 }

+elseif ($role & ROLE_MAILACCOUNT)

+{

+  $menu["imap_chpass"] = array("label" => "Passwort ändern", "file" => "chpass.php", "weight" => 10);

+}

 if (empty($menu))

   $menu = false;

@@ -61,10 +61,9 @@ output('<h3>Passwort &auml;ndern</h3>

     <td>Best&auml;tigung:<br /><span style="font-size: 80%;">(nochmal neues Passwort)</span></td>

                                    <td><input type="password" name="password2" value="" /></td>

   </tr>

-  <tr>

-    <td>&nbsp;</td><td><input type="submit" value="Speichern" /></td>

-  </tr>

-</table>'));

+</table>

+<p><input type="submit" value="Speichern" /></p>

+'));

@@ -18,6 +18,9 @@ switch ($_SESSION['role'])

 case ROLE_ANONYMOUS:

   login_screen('');

   break;

+case ROLE_MAILACCOUNT:

+  $role = "{$_SESSION['mailaccount']}, angemeldet als IMAP/POP3-Account";

+  break;

 case ROLE_SYSTEMUSER:

   $role = "{$_SESSION['userinfo']['name']}, angemeldet als Benutzer";

   break;

@@ -4,16 +4,15 @@ $menu = array();

 $role = $_SESSION['role'];

-switch ($role)

-{

-  case ROLE_ANONYMOUS:

+if ($role == ROLE_ANONYMOUS) {

   $menu["index_login"] = array("label" => "Login", "file" => "index.php", "weight" => 0);

-    break;

-  default:

-    $menu["index_logout"] = array("label" => "Logout", "file" => "logout.php", "weight" => 99);

+} else {

+  if ($role & (ROLE_SYSTEMUSER | ROLE_CUSTOMER)) {

     $menu["index_chpass"] = array("label" => "Passwort ändern", "file" => "chpass.php", "weight" => 98);

-    $menu["index_index"] = array("label" => "Übersicht", "file" => "index.php", "weight" => 0);

+  }

+  $menu["index_logout"] = array("label" => "Logout", "file" => "logout.php", "weight" => 99);

+  $menu["index_index"] = array("label" => "Übersicht", "file" => "index.php", "weight" => 0);

 }

 if (empty($menu))

@@ -7,7 +7,7 @@ require_once('inc/error.php');

 require_once('inc/db_connect.php');

 define('ROLE_ANONYMOUS', 0);

-define('ROLE_DOMAINADMIN', 1);

+define('ROLE_MAILACCOUNT', 1);

 define('ROLE_SYSTEMUSER', 2);

 define('ROLE_CUSTOMER', 4);

 define('ROLE_SYSADMIN', 8);

@@ -51,6 +51,25 @@ function find_role($login, $password, $i_am_admin = False)

     return ROLE_CUSTOMER;

   }

+  // Mail-Account

+  $account = $login;

+  if (! strstr($account, '@')) {

+    $account .= '@schokokeks.org';

+  }

+  $result = db_query("SELECT cryptpass FROM mail.courier_mailaccounts WHERE account='{$account}' LIMIT 1;");

+  if (@mysql_num_rows($result) > 0)

+  {

+    $entry = mysql_fetch_object($result);

+    $db_password = $entry->cryptpass;

+    $hash = crypt($password, $db_password);

+    if ($hash == $db_password || $i_am_admin)

+    {

+      return ROLE_MAILACCOUNT;

+    }

+  }

+  

+

+

   // Nothing?

   return NULL;

 }

@@ -169,6 +188,15 @@ function setup_session($role, $useridentity)

     set_customer_lastlogin($info['customerno']);

     logger("session/start.php", "login", "logged in customer no »{$info['customerno']}«");

   }

+  if ($role & ROLE_MAILACCOUNT)

+  {

+    $id = $useridentity;

+    if (! strstr($id, '@'))

+      $id .= '@schokokeks.org';

+    $_SESSION['mailaccount'] = $id;

+    DEBUG("We are mailaccount: {$_SESSION['mailaccount']}");

+  }

+

 }

 ?>