Browse code

add password strength check for manual mailboxes

Bernd Wurst authored on10/04/2019 12:28:57
Showing1 changed files
... ...
@@ -85,6 +85,10 @@ function change_mailaccount($id, $arr)
85 85
     }
86 86
 
87 87
     if (isset($arr['password'])) {
88
+        $result = strong_password($arr['password']);
89
+        if ($result !== true) {
90
+            system_failure("Unsicheres Passwort: ".$result);
91
+        }
88 92
         $encpw = encrypt_mail_password($arr['password']);
89 93
         array_push($conditions, "`password`=:password");
90 94
         $values[":password"] = $encpw;
... ...
@@ -135,6 +139,10 @@ function create_mailaccount($arr)
135 139
 
136 140
 
137 141
     if (isset($arr['password'])) {
142
+        $result = strong_password($arr['password']);
143
+        if ($result !== true) {
144
+            system_failure("Unsicheres Passwort: ".$result);
145
+        }
138 146
         $values[':password'] = encrypt_mail_password($arr['password']);
139 147
     }
140 148
 
Browse code

remove whitespace in empty lines

Hanno authored on26/06/2018 23:36:40
Showing1 changed files
... ...
@@ -150,7 +150,7 @@ function create_mailaccount($arr)
150 150
     logger(LOG_INFO, "modules/imap/include/mailaccounts", "imap", "created account »{$arr['account']}«");
151 151
 }
152 152
 
153
-    
153
+
154 154
 function get_mailaccount_id($accountname)
155 155
 {
156 156
     list($local, $domain) = explode('@', $accountname, 2);
... ...
@@ -169,7 +169,7 @@ function get_mailaccount_id($accountname)
169 169
     $acc = $result->fetch();
170 170
     return $acc['id'];
171 171
 }
172
-    
172
+
173 173
 
174 174
 function delete_mailaccount($id)
175 175
 {
Browse code

Fix coding style with php-cs-checker, see https://cs.sensiolabs.org/

Hanno authored on26/06/2018 13:58:19
Showing1 changed files
... ...
@@ -8,7 +8,7 @@ Written 2008-2018 by schokokeks.org Hosting, namely
8 8
 
9 9
 To the extent possible under law, the author(s) have dedicated all copyright and related and neighboring rights to this software to the public domain worldwide. This software is distributed without any warranty.
10 10
 
11
-You should have received a copy of the CC0 Public Domain Dedication along with this software. If not, see 
11
+You should have received a copy of the CC0 Public Domain Dedication along with this software. If not, see
12 12
 http://creativecommons.org/publicdomain/zero/1.0/
13 13
 
14 14
 Nevertheless, in case you use a significant part of this code, we ask (but not require, see the license) that you keep the authors' names in place and return your changes to the public. We would be especially happy if you tell us what you're going to do with this code.
... ...
@@ -24,227 +24,226 @@ require_once('common.php');
24 24
 
25 25
 function mailaccounts($uid)
26 26
 {
27
-  $uid = (int) $uid;
28
-  $result = db_query("SELECT m.id,concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),:masterdomain,`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.uid=:uid ORDER BY if(isnull(`m`.`domain`),:masterdomain,`d`.`domainname`), local", array(":masterdomain" => config("masterdomain"), ":uid" => $uid));
29
-  DEBUG("Found ".@$result->rowCount()." rows!");
30
-  $accounts = array();
31
-  if (@$result->rowCount() > 0)
32
-    while ($acc = @$result->fetch(PDO::FETCH_OBJ))
33
-      array_push($accounts, array('id'=> $acc->id, 'account' => $acc->account, 'mailbox' => $acc->maildir, 'cryptpass' => $acc->cryptpass, 'enabled' => ($acc->aktiv == 1)));
34
-  return $accounts;
27
+    $uid = (int) $uid;
28
+    $result = db_query("SELECT m.id,concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),:masterdomain,`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.uid=:uid ORDER BY if(isnull(`m`.`domain`),:masterdomain,`d`.`domainname`), local", array(":masterdomain" => config("masterdomain"), ":uid" => $uid));
29
+    DEBUG("Found ".@$result->rowCount()." rows!");
30
+    $accounts = array();
31
+    if (@$result->rowCount() > 0) {
32
+        while ($acc = @$result->fetch(PDO::FETCH_OBJ)) {
33
+            array_push($accounts, array('id'=> $acc->id, 'account' => $acc->account, 'mailbox' => $acc->maildir, 'cryptpass' => $acc->cryptpass, 'enabled' => ($acc->aktiv == 1)));
34
+        }
35
+    }
36
+    return $accounts;
35 37
 }
36 38
 
37 39
 function get_mailaccount($id)
38 40
 {
39
-  $id = (int) $id;
40
-  $uid = (int) $_SESSION['userinfo']['uid'];
41
-  $result = db_query("SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),:masterdomain,`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=:mid AND m.uid=:uid", array(":masterdomain" => config("masterdomain"), ":uid" => $uid, ":mid" => $id));
42
-  DEBUG("Found ".$result->rowCount()." rows!");
43
-  if ($result->rowCount() != 1)
44
-    system_failure('Dieser Mailaccount existiert nicht oder gehört Ihnen nicht');
45
-  $acc = $result->fetch(PDO::FETCH_OBJ);
46
-  $ret = array('account' => $acc->account, 'mailbox' => $acc->maildir,  'enabled' => ($acc->aktiv == 1));
47
-  DEBUG(print_r($ret, true));
48
-  return $ret;
41
+    $id = (int) $id;
42
+    $uid = (int) $_SESSION['userinfo']['uid'];
43
+    $result = db_query("SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),:masterdomain,`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=:mid AND m.uid=:uid", array(":masterdomain" => config("masterdomain"), ":uid" => $uid, ":mid" => $id));
44
+    DEBUG("Found ".$result->rowCount()." rows!");
45
+    if ($result->rowCount() != 1) {
46
+        system_failure('Dieser Mailaccount existiert nicht oder gehört Ihnen nicht');
47
+    }
48
+    $acc = $result->fetch(PDO::FETCH_OBJ);
49
+    $ret = array('account' => $acc->account, 'mailbox' => $acc->maildir,  'enabled' => ($acc->aktiv == 1));
50
+    DEBUG(print_r($ret, true));
51
+    return $ret;
49 52
 }
50 53
 
51 54
 function change_mailaccount($id, $arr)
52 55
 {
53
-  $id = (int) $id;
54
-  $uid = (int) $_SESSION['userinfo']['uid'];
55
-  $conditions = array();
56
-  $values = array(":id" => $id, ":uid" => $uid);
56
+    $id = (int) $id;
57
+    $uid = (int) $_SESSION['userinfo']['uid'];
58
+    $conditions = array();
59
+    $values = array(":id" => $id, ":uid" => $uid);
60
+
61
+    if (isset($arr['account'])) {
62
+        list($local, $domain) = explode('@', $arr['account'], 2);
63
+        if ($domain == config('masterdomain')) {
64
+            $values[':domain'] = null;
65
+        } else {
66
+            $domain = new Domain((string) $domain);
67
+            if ($domain->id == null) {
68
+                $values[":domain"] = null;
69
+            } else {
70
+                $domain->ensure_userdomain();
71
+                $values[":domain"] = $domain->id;
72
+            }
73
+        }
74
+        $values[":local"] = $local;
75
+        $conditions[] = "local=:local";
76
+        $conditions[] = "domain=:domain";
77
+    }
78
+    if (isset($arr['mailbox'])) {
79
+        array_push($conditions, "`maildir`=:maildir");
80
+        if ($arr['mailbox'] == '') {
81
+            $values[":maildir"] = null;
82
+        } else {
83
+            $values[":maildir"] = $arr['mailbox'];
84
+        }
85
+    }
86
+
87
+    if (isset($arr['password'])) {
88
+        $encpw = encrypt_mail_password($arr['password']);
89
+        array_push($conditions, "`password`=:password");
90
+        $values[":password"] = $encpw;
91
+    }
92
+
93
+    if (isset($arr['enabled'])) {
94
+        array_push($conditions, "`aktiv`=:aktiv");
95
+        $values[":aktiv"] = ($arr['enabled'] == 'Y' ? 1 : 0);
96
+    }
57 97
 
58
-  if (isset($arr['account']))
59
-  {
60
-    list($local, $domain) = explode('@', $arr['account'], 2);
61
-    if ($domain == config('masterdomain'))
62
-    {
63
-      $values[':domain'] = NULL;
64
-    }
65
-    else
66
-    {
67
-      $domain = new Domain( (string) $domain);
68
-      if ($domain->id == NULL) {
69
-        $values[":domain"] = NULL;
70
-      } else {
71
-        $domain->ensure_userdomain();
72
-        $values[":domain"] = $domain->id;
73
-      }
74
-    }
75
-    $values[":local"] = $local;
76
-    $conditions[] = "local=:local";
77
-    $conditions[] = "domain=:domain";
78
-  }
79
-  if (isset($arr['mailbox'])) {
80
-    array_push($conditions, "`maildir`=:maildir");
81
-    if ($arr['mailbox'] == '')
82
-      $values[":maildir"] = NULL;
83
-    else
84
-      $values[":maildir"] = $arr['mailbox'];
85
-  }
86
-
87
-  if (isset($arr['password']))
88
-  {
89
-    $encpw = encrypt_mail_password($arr['password']);
90
-    array_push($conditions, "`password`=:password");
91
-    $values[":password"] = $encpw;
92
-  }
93
-
94
-  if (isset($arr['enabled'])) {
95
-    array_push($conditions, "`aktiv`=:aktiv");
96
-    $values[":aktiv"] = ($arr['enabled'] == 'Y' ? 1 : 0);
97
-  }
98
-
99
-
100
-  db_query("UPDATE mail.mailaccounts SET ".implode(",", $conditions)." WHERE id=:id AND uid=:uid", $values);
101
-  logger(LOG_INFO, "modules/imap/include/mailaccounts", "imap", "updated account »{$id}«");
102 98
 
99
+    db_query("UPDATE mail.mailaccounts SET ".implode(",", $conditions)." WHERE id=:id AND uid=:uid", $values);
100
+    logger(LOG_INFO, "modules/imap/include/mailaccounts", "imap", "updated account »{$id}«");
103 101
 }
104 102
 
105 103
 function create_mailaccount($arr)
106 104
 {
107
-  $values = array();
105
+    $values = array();
108 106
 
109
-  if (($arr['account']) == '')
110
-    system_failure('empty account name!');
107
+    if (($arr['account']) == '') {
108
+        system_failure('empty account name!');
109
+    }
111 110
 
112
-  $values[':uid'] = (int) $_SESSION['userinfo']['uid'];
111
+    $values[':uid'] = (int) $_SESSION['userinfo']['uid'];
113 112
 
114
-  list($local, $domain) = explode('@', $arr['account'], 2);
115
-  if ($domain == config('masterdomain'))
116
-  {
117
-    $values[':domain'] = NULL;
118
-  }
119
-  else
120
-  {
121
-    $domain = new Domain( (string) $domain);
122
-    if ($domain->id == NULL)
123
-      $values[':domain'] = NULL;
124
-    else {
125
-      $domain->ensure_userdomain();
126
-      $values[':domain'] = $domain->id;
113
+    list($local, $domain) = explode('@', $arr['account'], 2);
114
+    if ($domain == config('masterdomain')) {
115
+        $values[':domain'] = null;
116
+    } else {
117
+        $domain = new Domain((string) $domain);
118
+        if ($domain->id == null) {
119
+            $values[':domain'] = null;
120
+        } else {
121
+            $domain->ensure_userdomain();
122
+            $values[':domain'] = $domain->id;
123
+        }
127 124
     }
128
-  }
129 125
 
130
-  $values[':local'] = $local;
131
-
132
-  if (isset($arr['mailbox']))
133
-    if ($arr['mailbox'] == '')
134
-      $values[':maildir'] = NULL;
135
-    else
136
-      $values[':maildir'] = $arr['mailbox'];
126
+    $values[':local'] = $local;
137 127
 
128
+    if (isset($arr['mailbox'])) {
129
+        if ($arr['mailbox'] == '') {
130
+            $values[':maildir'] = null;
131
+        } else {
132
+            $values[':maildir'] = $arr['mailbox'];
133
+        }
134
+    }
138 135
 
139
-  if (isset($arr['password']))
140
-  {
141
-    $values[':password'] = encrypt_mail_password($arr['password']);
142
-  }
143 136
 
144
-  if (isset($arr['enabled']))
145
-    $values[':aktiv'] = ($arr['enabled'] == 'Y' ? 1 : 0 );
137
+    if (isset($arr['password'])) {
138
+        $values[':password'] = encrypt_mail_password($arr['password']);
139
+    }
146 140
 
141
+    if (isset($arr['enabled'])) {
142
+        $values[':aktiv'] = ($arr['enabled'] == 'Y' ? 1 : 0);
143
+    }
147 144
 
148
-  $fields = array_map( function ($k) { return substr($k, 1);}, array_keys($values));
149
-  db_query("INSERT INTO mail.mailaccounts (".implode(',', $fields).") VALUES (".implode(",", array_keys($values)).")", $values);
150
-  logger(LOG_INFO, "modules/imap/include/mailaccounts", "imap", "created account »{$arr['account']}«");
151 145
 
146
+    $fields = array_map(function ($k) {
147
+        return substr($k, 1);
148
+    }, array_keys($values));
149
+    db_query("INSERT INTO mail.mailaccounts (".implode(',', $fields).") VALUES (".implode(",", array_keys($values)).")", $values);
150
+    logger(LOG_INFO, "modules/imap/include/mailaccounts", "imap", "created account »{$arr['account']}«");
152 151
 }
153 152
 
154 153
     
155 154
 function get_mailaccount_id($accountname)
156 155
 {
157
-  list($local, $domain) = explode('@', $accountname, 2);
156
+    list($local, $domain) = explode('@', $accountname, 2);
158 157
 
159
-  $args = array(":local" => $local,
158
+    $args = array(":local" => $local,
160 159
                 ":domain" => $domain);
161 160
 
162
-  $result = db_query("SELECT acc.id FROM mail.mailaccounts AS acc LEFT JOIN mail.v_domains AS dom ON (dom.id=acc.domain) WHERE local=:local AND dom.domainname=:domain", $args);
163
-  if (($result->rowCount() == 0) && ($domain == config('masterdomain'))) {
164
-    unset($args[':domain']);
165
-    $result = db_query("SELECT acc.id FROM mail.mailaccounts AS acc WHERE local=:local AND acc.domain IS NULL", $args);
166
-  }
167
-  if ($result->rowCount() != 1) {
168
-    system_failure('account nicht eindeutig');
169
-  }    
170
-  $acc = $result->fetch();
171
-  return $acc['id'];
161
+    $result = db_query("SELECT acc.id FROM mail.mailaccounts AS acc LEFT JOIN mail.v_domains AS dom ON (dom.id=acc.domain) WHERE local=:local AND dom.domainname=:domain", $args);
162
+    if (($result->rowCount() == 0) && ($domain == config('masterdomain'))) {
163
+        unset($args[':domain']);
164
+        $result = db_query("SELECT acc.id FROM mail.mailaccounts AS acc WHERE local=:local AND acc.domain IS NULL", $args);
165
+    }
166
+    if ($result->rowCount() != 1) {
167
+        system_failure('account nicht eindeutig');
168
+    }
169
+    $acc = $result->fetch();
170
+    return $acc['id'];
172 171
 }
173 172
     
174 173
 
175 174
 function delete_mailaccount($id)
176 175
 {
177
-  $id = (int) $id;
178
-  db_query("DELETE FROM mail.mailaccounts WHERE id=?", array($id));
179
-  logger(LOG_INFO, "modules/imap/include/mailaccounts", "imap", "deleted account »{$id}«");
176
+    $id = (int) $id;
177
+    db_query("DELETE FROM mail.mailaccounts WHERE id=?", array($id));
178
+    logger(LOG_INFO, "modules/imap/include/mailaccounts", "imap", "deleted account »{$id}«");
180 179
 }
181 180
 
182 181
 
183 182
 function check_valid($acc)
184 183
 {
185
-  $user = $_SESSION['userinfo'];
186
-  DEBUG("Account-data: ".print_r($acc, true));
187
-  DEBUG("User-data: ".print_r($user, true));
188
-  if ($acc['mailbox'] != '')
189
-  {
190
-    if (substr($acc['mailbox'], 0, strlen($user['homedir'])+1) != $user['homedir'].'/')
191
-      return "Die Mailbox muss innerhalb des Home-Verzeichnisses liegen. Sie haben »".$acc['mailbox']."« als Mailbox angegeben, Ihr Home-Verzeichnis ist »".$user['homedir']."/«.";
192
-    if (! check_path($acc['mailbox']))
193
-      return "Sie verwenden ungültige Zeichen in Ihrem Mailbox-Pfad.";
194
-  }
195
-
196
-  if ($acc['account'] == '' || strpos($acc['account'], '@') == 0)
197
-    return "Es wurde kein Benutzername angegeben!";
198
-  if (strpos($acc['account'], '@') === false)
199
-    return "Es wurde kein Domain-Teil im Account-Name angegeben. Account-Namen müssen einen Domain-Teil enthalten. Im Zweifel versuchen Sie »@".config('masterdomain')."«.";
200
-
201
-  list($local, $domain) = explode('@', $acc['account'], 2);
202
-  verify_input_username($local);
203
-  $tmpdomains = get_domain_list($user['customerno'], $user['uid']);
204
-  $domains = array();
205
-  foreach ($tmpdomains as $dom)
206
-    $domains[] = $dom->fqdn;
207
-
208
-  if (array_search($domain, $domains) === false)
209
-  {
210
-    if ($domain == config('masterdomain'))
211
-    {
212
-      if (substr($local, 0, strlen($user['username'])) != $user['username'] || ($acc['account'][strlen($user['username'])] != '-' && $acc['account'][strlen($user['username'])] != '@'))
213
-      {
214
-        return "Sie haben »@".config('masterdomain')."« als Domain-Teil angegeben, aber der Benutzer-Teil beginnt nicht mit Ihrem Benutzername!";
215
-      }
216
-    }
217
-    else
218
-      return "Der angegebene Domain-Teil (»".htmlentities($domain, ENT_QUOTES, "UTF-8")."«) ist nicht für Ihren Account eingetragen. Sollte dies ein Fehler sein, wenden sie sich bitte an einen Administrator!";
219
-  }
220
-
221
-  return '';
184
+    $user = $_SESSION['userinfo'];
185
+    DEBUG("Account-data: ".print_r($acc, true));
186
+    DEBUG("User-data: ".print_r($user, true));
187
+    if ($acc['mailbox'] != '') {
188
+        if (substr($acc['mailbox'], 0, strlen($user['homedir'])+1) != $user['homedir'].'/') {
189
+            return "Die Mailbox muss innerhalb des Home-Verzeichnisses liegen. Sie haben »".$acc['mailbox']."« als Mailbox angegeben, Ihr Home-Verzeichnis ist »".$user['homedir']."/«.";
190
+        }
191
+        if (! check_path($acc['mailbox'])) {
192
+            return "Sie verwenden ungültige Zeichen in Ihrem Mailbox-Pfad.";
193
+        }
194
+    }
195
+
196
+    if ($acc['account'] == '' || strpos($acc['account'], '@') == 0) {
197
+        return "Es wurde kein Benutzername angegeben!";
198
+    }
199
+    if (strpos($acc['account'], '@') === false) {
200
+        return "Es wurde kein Domain-Teil im Account-Name angegeben. Account-Namen müssen einen Domain-Teil enthalten. Im Zweifel versuchen Sie »@".config('masterdomain')."«.";
201
+    }
202
+
203
+    list($local, $domain) = explode('@', $acc['account'], 2);
204
+    verify_input_username($local);
205
+    $tmpdomains = get_domain_list($user['customerno'], $user['uid']);
206
+    $domains = array();
207
+    foreach ($tmpdomains as $dom) {
208
+        $domains[] = $dom->fqdn;
209
+    }
210
+
211
+    if (array_search($domain, $domains) === false) {
212
+        if ($domain == config('masterdomain')) {
213
+            if (substr($local, 0, strlen($user['username'])) != $user['username'] || ($acc['account'][strlen($user['username'])] != '-' && $acc['account'][strlen($user['username'])] != '@')) {
214
+                return "Sie haben »@".config('masterdomain')."« als Domain-Teil angegeben, aber der Benutzer-Teil beginnt nicht mit Ihrem Benutzername!";
215
+            }
216
+        } else {
217
+            return "Der angegebene Domain-Teil (»".htmlentities($domain, ENT_QUOTES, "UTF-8")."«) ist nicht für Ihren Account eingetragen. Sollte dies ein Fehler sein, wenden sie sich bitte an einen Administrator!";
218
+        }
219
+    }
220
+
221
+    return '';
222 222
 }
223 223
 
224 224
 
225 225
 function imap_on_vmail_domain()
226 226
 {
227
-  $uid = (int) $_SESSION['userinfo']['uid'];
228
-  $result = db_query("SELECT m.id FROM mail.mailaccounts AS m INNER JOIN mail.virtual_mail_domains AS vd USING (domain) WHERE vd.hostname IS NULL AND m.uid=?", array($uid));
229
-  if ($result->rowCount() > 0)
230
-    return true;
231
-  return false;
227
+    $uid = (int) $_SESSION['userinfo']['uid'];
228
+    $result = db_query("SELECT m.id FROM mail.mailaccounts AS m INNER JOIN mail.virtual_mail_domains AS vd USING (domain) WHERE vd.hostname IS NULL AND m.uid=?", array($uid));
229
+    if ($result->rowCount() > 0) {
230
+        return true;
231
+    }
232
+    return false;
232 233
 }
233 234
 
234 235
 function user_has_only_vmail_domains()
235 236
 {
236
-  $uid = (int) $_SESSION['userinfo']['uid'];
237
-  $result = db_query("SELECT id FROM mail.v_vmail_domains WHERE useraccount=?", array($uid));
238
-  // User hat keine VMail-Domains
239
-  if ($result->rowCount() == 0)
237
+    $uid = (int) $_SESSION['userinfo']['uid'];
238
+    $result = db_query("SELECT id FROM mail.v_vmail_domains WHERE useraccount=?", array($uid));
239
+    // User hat keine VMail-Domains
240
+    if ($result->rowCount() == 0) {
241
+        return false;
242
+    }
243
+    $result = db_query("SELECT d.id FROM mail.v_domains AS d LEFT JOIN mail.v_vmail_domains AS vd USING (domainname) WHERE vd.id IS NULL AND d.user=?", array($uid));
244
+    // User hat keine Domains die nicht vmail-Domains sind
245
+    if ($result->rowCount() == 0) {
246
+        return true;
247
+    }
240 248
     return false;
241
-  $result = db_query("SELECT d.id FROM mail.v_domains AS d LEFT JOIN mail.v_vmail_domains AS vd USING (domainname) WHERE vd.id IS NULL AND d.user=?", array($uid));
242
-  // User hat keine Domains die nicht vmail-Domains sind
243
-  if ($result->rowCount() == 0)
244
-    return true;
245
-  return false;
246 249
 }
247
-
248
-
249
-
250
-?>
Browse code

Copyright year update

Bernd Wurst authored on13/01/2018 06:07:05
Showing1 changed files
... ...
@@ -2,7 +2,7 @@
2 2
 /*
3 3
 This file belongs to the Webinterface of schokokeks.org Hosting
4 4
 
5
-Written 2008-2014 by schokokeks.org Hosting, namely
5
+Written 2008-2018 by schokokeks.org Hosting, namely
6 6
   Bernd Wurst <bernd@schokokeks.org>
7 7
   Hanno Böck <hanno@schokokeks.org>
8 8
 
Browse code

Ermögliche das Ändern von Passwörtern, wenn man als E-Mail-Account mit der Endung @[masterdomain] angemeldet ist.

schokokeks.org web services authored on11/04/2014 17:07:22
Showing1 changed files
... ...
@@ -160,8 +160,13 @@ function get_mailaccount_id($accountname)
160 160
                 ":domain" => $domain);
161 161
 
162 162
   $result = db_query("SELECT acc.id FROM mail.mailaccounts AS acc LEFT JOIN mail.v_domains AS dom ON (dom.id=acc.domain) WHERE local=:local AND dom.domainname=:domain", $args);
163
-  if ($result->rowCount() != 1)
163
+  if (($result->rowCount() == 0) && ($domain == config('masterdomain'))) {
164
+    unset($args[':domain']);
165
+    $result = db_query("SELECT acc.id FROM mail.mailaccounts AS acc WHERE local=:local AND acc.domain IS NULL", $args);
166
+  }
167
+  if ($result->rowCount() != 1) {
164 168
     system_failure('account nicht eindeutig');
169
+  }    
165 170
   $acc = $result->fetch();
166 171
   return $acc['id'];
167 172
 }
Browse code

Lizenzinfos in eigenes Modul ausgelagert und Copyright auf 2014 angepasst

Bernd Wurst authored on08/02/2014 05:45:07
Showing1 changed files
... ...
@@ -2,7 +2,7 @@
2 2
 /*
3 3
 This file belongs to the Webinterface of schokokeks.org Hosting
4 4
 
5
-Written 2008-2013 by schokokeks.org Hosting, namely
5
+Written 2008-2014 by schokokeks.org Hosting, namely
6 6
   Bernd Wurst <bernd@schokokeks.org>
7 7
   Hanno Böck <hanno@schokokeks.org>
8 8
 
Browse code

Warnung bei manuellen Accounts auf vmail-Domain optimiert

Bernd Wurst authored on07/02/2014 05:16:19
Showing1 changed files
... ...
@@ -220,7 +220,7 @@ function check_valid($acc)
220 220
 function imap_on_vmail_domain()
221 221
 {
222 222
   $uid = (int) $_SESSION['userinfo']['uid'];
223
-  $result = db_query("SELECT m.id FROM mail.mailaccounts AS m INNER JOIN mail.virtual_mail_domains AS vd USING (domain) WHERE m.uid=?", array($uid));
223
+  $result = db_query("SELECT m.id FROM mail.mailaccounts AS m INNER JOIN mail.virtual_mail_domains AS vd USING (domain) WHERE vd.hostname IS NULL AND m.uid=?", array($uid));
224 224
   if ($result->rowCount() > 0)
225 225
     return true;
226 226
   return false;
Browse code

Bugfix: E-Mail-User konnte sein Passwort nicht mehr ändern

Bernd Wurst authored on07/02/2014 05:13:04
Showing1 changed files
... ...
@@ -52,7 +52,7 @@ function change_mailaccount($id, $arr)
52 52
 {
53 53
   $id = (int) $id;
54 54
   $uid = (int) $_SESSION['userinfo']['uid'];
55
-  $conditions = array("local=:local", "domain=:domain");
55
+  $conditions = array();
56 56
   $values = array(":id" => $id, ":uid" => $uid);
57 57
 
58 58
   if (isset($arr['account']))
... ...
@@ -73,6 +73,8 @@ function change_mailaccount($id, $arr)
73 73
       }
74 74
     }
75 75
     $values[":local"] = $local;
76
+    $conditions[] = "local=:local";
77
+    $conditions[] = "domain=:domain";
76 78
   }
77 79
   if (isset($arr['mailbox'])) {
78 80
     array_push($conditions, "`maildir`=:maildir");
... ...
@@ -96,7 +98,7 @@ function change_mailaccount($id, $arr)
96 98
 
97 99
 
98 100
   db_query("UPDATE mail.mailaccounts SET ".implode(",", $conditions)." WHERE id=:id AND uid=:uid", $values);
99
-  logger(LOG_INFO, "modules/imap/include/mailaccounts", "imap", "updated account »{$arr['account']}«");
101
+  logger(LOG_INFO, "modules/imap/include/mailaccounts", "imap", "updated account »{$id}«");
100 102
 
101 103
 }
102 104
 
Browse code

Weitere Umstellungen auf prepared statements

Bernd Wurst authored on03/02/2014 20:49:24
Showing1 changed files
... ...
@@ -77,9 +77,9 @@ function change_mailaccount($id, $arr)
77 77
   if (isset($arr['mailbox'])) {
78 78
     array_push($conditions, "`maildir`=:maildir");
79 79
     if ($arr['mailbox'] == '')
80
-      $values[":mailbox"] = NULL;
80
+      $values[":maildir"] = NULL;
81 81
     else
82
-      $values[":mailbox"] = $arr['mailbox'];
82
+      $values[":maildir"] = $arr['mailbox'];
83 83
   }
84 84
 
85 85
   if (isset($arr['password']))
... ...
@@ -131,7 +131,7 @@ function create_mailaccount($arr)
131 131
     if ($arr['mailbox'] == '')
132 132
       $values[':maildir'] = NULL;
133 133
     else
134
-      $values[':maildir']= $arr['mailbox'];
134
+      $values[':maildir'] = $arr['mailbox'];
135 135
 
136 136
 
137 137
   if (isset($arr['password']))
Browse code

email-Modul auf prepared-statements umgestellt

Bernd Wurst authored on02/02/2014 08:03:52
Showing1 changed files
... ...
@@ -25,7 +25,7 @@ require_once('common.php');
25 25
 function mailaccounts($uid)
26 26
 {
27 27
   $uid = (int) $uid;
28
-  $result = db_query("SELECT m.id,concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'".config('masterdomain')."',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.uid=$uid ORDER BY if(isnull(`m`.`domain`),'".config('masterdomain')."',`d`.`domainname`), local");
28
+  $result = db_query("SELECT m.id,concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),:masterdomain,`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.uid=:uid ORDER BY if(isnull(`m`.`domain`),:masterdomain,`d`.`domainname`), local", array(":masterdomain" => config("masterdomain"), ":uid" => $uid));
29 29
   DEBUG("Found ".@$result->rowCount()." rows!");
30 30
   $accounts = array();
31 31
   if (@$result->rowCount() > 0)
... ...
@@ -38,7 +38,7 @@ function get_mailaccount($id)
38 38
 {
39 39
   $id = (int) $id;
40 40
   $uid = (int) $_SESSION['userinfo']['uid'];
41
-  $result = db_query("SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'".config('masterdomain')."',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=$id AND m.uid={$uid}");
41
+  $result = db_query("SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),:masterdomain,`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=:mid AND m.uid=:uid", array(":masterdomain" => config("masterdomain"), ":uid" => $uid, ":mid" => $id));
42 42
   DEBUG("Found ".$result->rowCount()." rows!");
43 43
   if ($result->rowCount() != 1)
44 44
     system_failure('Dieser Mailaccount existiert nicht oder gehört Ihnen nicht');
... ...
@@ -52,45 +52,50 @@ function change_mailaccount($id, $arr)
52 52
 {
53 53
   $id = (int) $id;
54 54
   $uid = (int) $_SESSION['userinfo']['uid'];
55
-  $conditions = array();
55
+  $conditions = array("local=:local", "domain=:domain");
56
+  $values = array(":id" => $id, ":uid" => $uid);
56 57
 
57 58
   if (isset($arr['account']))
58 59
   {
59 60
     list($local, $domain) = explode('@', $arr['account'], 2);
60 61
     if ($domain == config('masterdomain'))
61 62
     {
62
-      $values['domain'] = "NULL";
63
+      $values[':domain'] = NULL;
63 64
     }
64 65
     else
65 66
     {
66 67
       $domain = new Domain( (string) $domain);
67
-      if ($domain->id == NULL)
68
-        array_push($conditions, "domain=NULL");
69
-      else
70
-      {
68
+      if ($domain->id == NULL) {
69
+        $values[":domain"] = NULL;
70
+      } else {
71 71
         $domain->ensure_userdomain();
72
-        array_push($conditions, "domain={$domain->id}");
72
+        $values[":domain"] = $domain->id;
73 73
       }
74 74
     }
75
-    array_push($conditions, "local='".db_escape_string($local)."'");
75
+    $values[":local"] = $local;
76 76
   }
77
-  if (isset($arr['mailbox']))
77
+  if (isset($arr['mailbox'])) {
78
+    array_push($conditions, "`maildir`=:maildir");
78 79
     if ($arr['mailbox'] == '')
79
-      array_push($conditions, "`maildir`=NULL");
80
+      $values[":mailbox"] = NULL;
80 81
     else
81
-      array_push($conditions, "`maildir`='".db_escape_string($arr['mailbox'])."'");
82
+      $values[":mailbox"] = $arr['mailbox'];
83
+  }
82 84
 
83 85
   if (isset($arr['password']))
84 86
   {
85 87
     $encpw = encrypt_mail_password($arr['password']);
86
-    array_push($conditions, "`password`='$encpw'");
88
+    array_push($conditions, "`password`=:password");
89
+    $values[":password"] = $encpw;
87 90
   }
88 91
 
89
-  if (isset($arr['enabled']))
90
-    array_push($conditions, "`aktiv`=".($arr['enabled'] == 'Y' ? "1" : "0"));
92
+  if (isset($arr['enabled'])) {
93
+    array_push($conditions, "`aktiv`=:aktiv");
94
+    $values[":aktiv"] = ($arr['enabled'] == 'Y' ? 1 : 0);
95
+  }
91 96
 
92 97
 
93
-  db_query("UPDATE mail.mailaccounts SET ".implode(",", $conditions)." WHERE id='$id' AND uid={$uid}");
98
+  db_query("UPDATE mail.mailaccounts SET ".implode(",", $conditions)." WHERE id=:id AND uid=:uid", $values);
94 99
   logger(LOG_INFO, "modules/imap/include/mailaccounts", "imap", "updated account »{$arr['account']}«");
95 100
 
96 101
 }
... ...
@@ -102,43 +107,44 @@ function create_mailaccount($arr)
102 107
   if (($arr['account']) == '')
103 108
     system_failure('empty account name!');
104 109
 
105
-  $values['uid'] = (int) $_SESSION['userinfo']['uid'];
110
+  $values[':uid'] = (int) $_SESSION['userinfo']['uid'];
106 111
 
107 112
   list($local, $domain) = explode('@', $arr['account'], 2);
108 113
   if ($domain == config('masterdomain'))
109 114
   {
110
-    $values['domain'] = "NULL";
115
+    $values[':domain'] = NULL;
111 116
   }
112 117
   else
113 118
   {
114 119
     $domain = new Domain( (string) $domain);
115 120
     if ($domain->id == NULL)
116
-      $values['domain'] = "NULL";
121
+      $values[':domain'] = NULL;
117 122
     else {
118 123
       $domain->ensure_userdomain();
119
-      $values['domain'] = $domain->id;
124
+      $values[':domain'] = $domain->id;
120 125
     }
121 126
   }
122 127
 
123
-  $values['local'] = "'".db_escape_string($local)."'";
128
+  $values[':local'] = $local;
124 129
 
125 130
   if (isset($arr['mailbox']))
126 131
     if ($arr['mailbox'] == '')
127
-      $values['maildir'] = 'NULL';
132
+      $values[':maildir'] = NULL;
128 133
     else
129
-      $values['maildir']= "'".db_escape_string($arr['mailbox'])."'";
134
+      $values[':maildir']= $arr['mailbox'];
130 135
 
131 136
 
132 137
   if (isset($arr['password']))
133 138
   {
134
-    $values['password'] = "'".encrypt_mail_password($arr['password'])."'";
139
+    $values[':password'] = encrypt_mail_password($arr['password']);
135 140
   }
136 141
 
137 142
   if (isset($arr['enabled']))
138
-    $values['aktiv'] = ($arr['enabled'] == 'Y' ? "1" : "0" );
143
+    $values[':aktiv'] = ($arr['enabled'] == 'Y' ? 1 : 0 );
139 144
 
140 145
 
141
-  db_query("INSERT INTO mail.mailaccounts (".implode(',', array_keys($values)).") VALUES (".implode(",", array_values($values)).")");
146
+  $fields = array_map( function ($k) { return substr($k, 1);}, array_keys($values));
147
+  db_query("INSERT INTO mail.mailaccounts (".implode(',', $fields).") VALUES (".implode(",", array_keys($values)).")", $values);
142 148
   logger(LOG_INFO, "modules/imap/include/mailaccounts", "imap", "created account »{$arr['account']}«");
143 149
 
144 150
 }
... ...
@@ -148,10 +154,10 @@ function get_mailaccount_id($accountname)
148 154
 {
149 155
   list($local, $domain) = explode('@', $accountname, 2);
150 156
 
151
-  $local = db_escape_string($local);
152
-  $domain = db_escape_string($domain);
157
+  $args = array(":local" => $local,
158
+                ":domain" => $domain);
153 159
 
154
-  $result = db_query("SELECT acc.id FROM mail.mailaccounts AS acc LEFT JOIN mail.v_domains AS dom ON (dom.id=acc.domain) WHERE local='{$local}' AND dom.domainname='{$domain}'");
160
+  $result = db_query("SELECT acc.id FROM mail.mailaccounts AS acc LEFT JOIN mail.v_domains AS dom ON (dom.id=acc.domain) WHERE local=:local AND dom.domainname=:domain", $args);
155 161
   if ($result->rowCount() != 1)
156 162
     system_failure('account nicht eindeutig');
157 163
   $acc = $result->fetch();
... ...
@@ -162,7 +168,7 @@ function get_mailaccount_id($accountname)
162 168
 function delete_mailaccount($id)
163 169
 {
164 170
   $id = (int) $id;
165
-  db_query("DELETE FROM mail.mailaccounts WHERE id=".$id." LIMIT 1");
171
+  db_query("DELETE FROM mail.mailaccounts WHERE id=?", array($id));
166 172
   logger(LOG_INFO, "modules/imap/include/mailaccounts", "imap", "deleted account »{$id}«");
167 173
 }
168 174
 
... ...
@@ -212,7 +218,7 @@ function check_valid($acc)
212 218
 function imap_on_vmail_domain()
213 219
 {
214 220
   $uid = (int) $_SESSION['userinfo']['uid'];
215
-  $result = db_query("SELECT m.id FROM mail.mailaccounts AS m INNER JOIN mail.virtual_mail_domains AS vd USING (domain) WHERE m.uid={$uid}");
221
+  $result = db_query("SELECT m.id FROM mail.mailaccounts AS m INNER JOIN mail.virtual_mail_domains AS vd USING (domain) WHERE m.uid=?", array($uid));
216 222
   if ($result->rowCount() > 0)
217 223
     return true;
218 224
   return false;
... ...
@@ -221,11 +227,11 @@ function imap_on_vmail_domain()
221 227
 function user_has_only_vmail_domains()
222 228
 {
223 229
   $uid = (int) $_SESSION['userinfo']['uid'];
224
-  $result = db_query("SELECT id FROM mail.v_vmail_domains WHERE useraccount={$uid}");
230
+  $result = db_query("SELECT id FROM mail.v_vmail_domains WHERE useraccount=?", array($uid));
225 231
   // User hat keine VMail-Domains
226 232
   if ($result->rowCount() == 0)
227 233
     return false;
228
-  $result = db_query("SELECT d.id FROM mail.v_domains AS d LEFT JOIN mail.v_vmail_domains AS vd USING (domainname) WHERE vd.id IS NULL AND d.user={$uid}");
234
+  $result = db_query("SELECT d.id FROM mail.v_domains AS d LEFT JOIN mail.v_vmail_domains AS vd USING (domainname) WHERE vd.id IS NULL AND d.user=?", array($uid));
229 235
   // User hat keine Domains die nicht vmail-Domains sind
230 236
   if ($result->rowCount() == 0)
231 237
     return true;
Browse code

Umstellung auf PDO-Datenbankverbindung

Bernd Wurst authored on01/02/2014 18:38:23
Showing1 changed files
... ...
@@ -15,7 +15,6 @@ Nevertheless, in case you use a significant part of this code, we ask (but not r
15 15
 */
16 16
 
17 17
 require_once('inc/debug.php');
18
-require_once('inc/db_connect.php');
19 18
 require_once('inc/base.php');
20 19
 require_once('inc/security.php');
21 20
 
... ...
@@ -27,10 +26,10 @@ function mailaccounts($uid)
27 26
 {
28 27
   $uid = (int) $uid;
29 28
   $result = db_query("SELECT m.id,concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'".config('masterdomain')."',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.uid=$uid ORDER BY if(isnull(`m`.`domain`),'".config('masterdomain')."',`d`.`domainname`), local");
30
-  DEBUG("Found ".@mysql_num_rows($result)." rows!");
29
+  DEBUG("Found ".@$result->rowCount()." rows!");
31 30
   $accounts = array();
32
-  if (@mysql_num_rows($result) > 0)
33
-    while ($acc = @mysql_fetch_object($result))
31
+  if (@$result->rowCount() > 0)
32
+    while ($acc = @$result->fetch(PDO::FETCH_OBJ))
34 33
       array_push($accounts, array('id'=> $acc->id, 'account' => $acc->account, 'mailbox' => $acc->maildir, 'cryptpass' => $acc->cryptpass, 'enabled' => ($acc->aktiv == 1)));
35 34
   return $accounts;
36 35
 }
... ...
@@ -40,10 +39,10 @@ function get_mailaccount($id)
40 39
   $id = (int) $id;
41 40
   $uid = (int) $_SESSION['userinfo']['uid'];
42 41
   $result = db_query("SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'".config('masterdomain')."',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=$id AND m.uid={$uid}");
43
-  DEBUG("Found ".mysql_num_rows($result)." rows!");
44
-  if (mysql_num_rows($result) != 1)
42
+  DEBUG("Found ".$result->rowCount()." rows!");
43
+  if ($result->rowCount() != 1)
45 44
     system_failure('Dieser Mailaccount existiert nicht oder gehört Ihnen nicht');
46
-  $acc = mysql_fetch_object($result);
45
+  $acc = $result->fetch(PDO::FETCH_OBJ);
47 46
   $ret = array('account' => $acc->account, 'mailbox' => $acc->maildir,  'enabled' => ($acc->aktiv == 1));
48 47
   DEBUG(print_r($ret, true));
49 48
   return $ret;
... ...
@@ -73,13 +72,13 @@ function change_mailaccount($id, $arr)
73 72
         array_push($conditions, "domain={$domain->id}");
74 73
       }
75 74
     }
76
-    array_push($conditions, "local='".mysql_real_escape_string($local)."'");
75
+    array_push($conditions, "local='".db_escape_string($local)."'");
77 76
   }
78 77
   if (isset($arr['mailbox']))
79 78
     if ($arr['mailbox'] == '')
80 79
       array_push($conditions, "`maildir`=NULL");
81 80
     else
82
-      array_push($conditions, "`maildir`='".mysql_real_escape_string($arr['mailbox'])."'");
81
+      array_push($conditions, "`maildir`='".db_escape_string($arr['mailbox'])."'");
83 82
 
84 83
   if (isset($arr['password']))
85 84
   {
... ...
@@ -121,13 +120,13 @@ function create_mailaccount($arr)
121 120
     }
122 121
   }
123 122
 
124
-  $values['local'] = "'".mysql_real_escape_string($local)."'";
123
+  $values['local'] = "'".db_escape_string($local)."'";
125 124
 
126 125
   if (isset($arr['mailbox']))
127 126
     if ($arr['mailbox'] == '')
128 127
       $values['maildir'] = 'NULL';
129 128
     else
130
-      $values['maildir']= "'".mysql_real_escape_string($arr['mailbox'])."'";
129
+      $values['maildir']= "'".db_escape_string($arr['mailbox'])."'";
131 130
 
132 131
 
133 132
   if (isset($arr['password']))
... ...
@@ -149,13 +148,13 @@ function get_mailaccount_id($accountname)
149 148
 {
150 149
   list($local, $domain) = explode('@', $accountname, 2);
151 150
 
152
-  $local = mysql_real_escape_string($local);
153
-  $domain = mysql_real_escape_string($domain);
151
+  $local = db_escape_string($local);
152
+  $domain = db_escape_string($domain);
154 153
 
155 154
   $result = db_query("SELECT acc.id FROM mail.mailaccounts AS acc LEFT JOIN mail.v_domains AS dom ON (dom.id=acc.domain) WHERE local='{$local}' AND dom.domainname='{$domain}'");
156
-  if (mysql_num_rows($result) != 1)
155
+  if ($result->rowCount() != 1)
157 156
     system_failure('account nicht eindeutig');
158
-  $acc = mysql_fetch_assoc($result);
157
+  $acc = $result->fetch();
159 158
   return $acc['id'];
160 159
 }
161 160
     
... ...
@@ -214,7 +213,7 @@ function imap_on_vmail_domain()
214 213
 {
215 214
   $uid = (int) $_SESSION['userinfo']['uid'];
216 215
   $result = db_query("SELECT m.id FROM mail.mailaccounts AS m INNER JOIN mail.virtual_mail_domains AS vd USING (domain) WHERE m.uid={$uid}");
217
-  if (mysql_num_rows($result) > 0)
216
+  if ($result->rowCount() > 0)
218 217
     return true;
219 218
   return false;
220 219
 }
... ...
@@ -224,11 +223,11 @@ function user_has_only_vmail_domains()
224 223
   $uid = (int) $_SESSION['userinfo']['uid'];
225 224
   $result = db_query("SELECT id FROM mail.v_vmail_domains WHERE useraccount={$uid}");
226 225
   // User hat keine VMail-Domains
227
-  if (mysql_num_rows($result) == 0)
226
+  if ($result->rowCount() == 0)
228 227
     return false;
229 228
   $result = db_query("SELECT d.id FROM mail.v_domains AS d LEFT JOIN mail.v_vmail_domains AS vd USING (domainname) WHERE vd.id IS NULL AND d.user={$uid}");
230 229
   // User hat keine Domains die nicht vmail-Domains sind
231
-  if (mysql_num_rows($result) == 0)
230
+  if ($result->rowCount() == 0)
232 231
     return true;
233 232
   return false;
234 233
 }
Browse code

Löschen fremder Mailaccounts war bisher möglich

Bernd Wurst authored on18/04/2013 06:35:48
Showing1 changed files
... ...
@@ -38,7 +38,8 @@ function mailaccounts($uid)
38 38
 function get_mailaccount($id)
39 39
 {
40 40
   $id = (int) $id;
41
-  $result = db_query("SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'".config('masterdomain')."',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=$id");
41
+  $uid = (int) $_SESSION['userinfo']['uid'];
42
+  $result = db_query("SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'".config('masterdomain')."',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=$id AND m.uid={$uid}");
42 43
   DEBUG("Found ".mysql_num_rows($result)." rows!");
43 44
   if (mysql_num_rows($result) != 1)
44 45
     system_failure('Dieser Mailaccount existiert nicht oder gehört Ihnen nicht');
... ...
@@ -51,6 +52,7 @@ function get_mailaccount($id)
51 52
 function change_mailaccount($id, $arr)
52 53
 {
53 54
   $id = (int) $id;
55
+  $uid = (int) $_SESSION['userinfo']['uid'];
54 56
   $conditions = array();
55 57
 
56 58
   if (isset($arr['account']))
... ...
@@ -89,7 +91,7 @@ function change_mailaccount($id, $arr)
89 91
     array_push($conditions, "`aktiv`=".($arr['enabled'] == 'Y' ? "1" : "0"));
90 92
 
91 93
 
92
-  db_query("UPDATE mail.mailaccounts SET ".implode(",", $conditions)." WHERE id='$id' LIMIT 1");
94
+  db_query("UPDATE mail.mailaccounts SET ".implode(",", $conditions)." WHERE id='$id' AND uid={$uid}");
93 95
   logger(LOG_INFO, "modules/imap/include/mailaccounts", "imap", "updated account »{$arr['account']}«");
94 96
 
95 97
 }
Browse code

Updated copyright notice (2012 => 2013)

Bernd Wurst authored on19/01/2013 10:49:50
Showing1 changed files
... ...
@@ -2,7 +2,7 @@
2 2
 /*
3 3
 This file belongs to the Webinterface of schokokeks.org Hosting
4 4
 
5
-Written 2008-2012 by schokokeks.org Hosting, namely
5
+Written 2008-2013 by schokokeks.org Hosting, namely
6 6
   Bernd Wurst <bernd@schokokeks.org>
7 7
   Hanno Böck <hanno@schokokeks.org>
8 8
 
Browse code

Added license tags for CC0, README and COPYING

Bernd Wurst authored on11/03/2012 15:40:04
Showing1 changed files
... ...
@@ -1,4 +1,18 @@
1 1
 <?php
2
+/*
3
+This file belongs to the Webinterface of schokokeks.org Hosting
4
+
5
+Written 2008-2012 by schokokeks.org Hosting, namely
6
+  Bernd Wurst <bernd@schokokeks.org>
7
+  Hanno Böck <hanno@schokokeks.org>
8
+
9
+To the extent possible under law, the author(s) have dedicated all copyright and related and neighboring rights to this software to the public domain worldwide. This software is distributed without any warranty.
10
+
11
+You should have received a copy of the CC0 Public Domain Dedication along with this software. If not, see 
12
+http://creativecommons.org/publicdomain/zero/1.0/
13
+
14
+Nevertheless, in case you use a significant part of this code, we ask (but not require, see the license) that you keep the authors' names in place and return your changes to the public. We would be especially happy if you tell us what you're going to do with this code.
15
+*/
2 16
 
3 17
 require_once('inc/debug.php');
4 18
 require_once('inc/db_connect.php');
Browse code

IMAP-Accounts alphabetisch sortiert ausgeben

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@1969 87cf0b9e-d624-0410-a070-f6ee81989793

bernd authored on01/04/2011 05:51:33
Showing1 changed files
... ...
@@ -12,7 +12,7 @@ require_once('common.php');
12 12
 function mailaccounts($uid)
13 13
 {
14 14
   $uid = (int) $uid;
15
-  $result = db_query("SELECT m.id,concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'".config('masterdomain')."',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.uid=$uid");
15
+  $result = db_query("SELECT m.id,concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'".config('masterdomain')."',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.uid=$uid ORDER BY if(isnull(`m`.`domain`),'".config('masterdomain')."',`d`.`domainname`), local");
16 16
   DEBUG("Found ".@mysql_num_rows($result)." rows!");
17 17
   $accounts = array();
18 18
   if (@mysql_num_rows($result) > 0)
Browse code

Keine Domains => Dann auch keine VMail-Domains

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@1542 87cf0b9e-d624-0410-a070-f6ee81989793

bernd authored on18/12/2009 13:23:33
Showing1 changed files
... ...
@@ -23,7 +23,7 @@ function mailaccounts($uid)
23 23
 
24 24
 function get_mailaccount($id)
25 25
 {
26
-  $uid = (int) $uid;
26
+  $id = (int) $id;
27 27
   $result = db_query("SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'".config('masterdomain')."',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=$id");
28 28
   DEBUG("Found ".mysql_num_rows($result)." rows!");
29 29
   if (mysql_num_rows($result) != 1)
... ...
@@ -206,7 +206,12 @@ function imap_on_vmail_domain()
206 206
 function user_has_only_vmail_domains()
207 207
 {
208 208
   $uid = (int) $_SESSION['userinfo']['uid'];
209
+  $result = db_query("SELECT id FROM mail.v_vmail_domains WHERE useraccount={$uid}");
210
+  // User hat keine VMail-Domains
211
+  if (mysql_num_rows($result) == 0)
212
+    return false;
209 213
   $result = db_query("SELECT d.id FROM mail.v_domains AS d LEFT JOIN mail.v_vmail_domains AS vd USING (domainname) WHERE vd.id IS NULL AND d.user={$uid}");
214
+  // User hat keine Domains die nicht vmail-Domains sind
210 215
   if (mysql_num_rows($result) == 0)
211 216
     return true;
212 217
   return false;
Browse code

Logger mit Logleveln

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@1466 87cf0b9e-d624-0410-a070-f6ee81989793

bernd authored on14/09/2009 13:31:08
Showing1 changed files
... ...
@@ -76,7 +76,7 @@ function change_mailaccount($id, $arr)
76 76
 
77 77
 
78 78
   db_query("UPDATE mail.mailaccounts SET ".implode(",", $conditions)." WHERE id='$id' LIMIT 1");
79
-  logger("modules/imap/include/mailaccounts", "imap", "updated account »{$arr['account']}«");
79
+  logger(LOG_INFO, "modules/imap/include/mailaccounts", "imap", "updated account »{$arr['account']}«");
80 80
 
81 81
 }
82 82
 
... ...
@@ -124,7 +124,7 @@ function create_mailaccount($arr)
124 124
 
125 125
 
126 126
   db_query("INSERT INTO mail.mailaccounts (".implode(',', array_keys($values)).") VALUES (".implode(",", array_values($values)).")");
127
-  logger("modules/imap/include/mailaccounts", "imap", "created account »{$arr['account']}«");
127
+  logger(LOG_INFO, "modules/imap/include/mailaccounts", "imap", "created account »{$arr['account']}«");
128 128
 
129 129
 }
130 130
 
... ...
@@ -148,7 +148,7 @@ function delete_mailaccount($id)
148 148
 {
149 149
   $id = (int) $id;
150 150
   db_query("DELETE FROM mail.mailaccounts WHERE id=".$id." LIMIT 1");
151
-  logger("modules/imap/include/mailaccounts", "imap", "deleted account »{$id}«");
151
+  logger(LOG_INFO, "modules/imap/include/mailaccounts", "imap", "deleted account »{$id}«");
152 152
 }
153 153
 
154 154
 
Browse code

Erlaube @schokokeks.org-IMAP

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@1465 87cf0b9e-d624-0410-a070-f6ee81989793

bernd authored on12/09/2009 08:59:54
Showing1 changed files
... ...
@@ -42,13 +42,20 @@ function change_mailaccount($id, $arr)
42 42
   if (isset($arr['account']))
43 43
   {
44 44
     list($local, $domain) = explode('@', $arr['account'], 2);
45
-    $domain = new Domain( (string) $domain);
46
-    if ($domain->id == NULL)
47
-      array_push($conditions, "domain=NULL");
45
+    if ($domain == config('masterdomain'))
46
+    {
47
+      $values['domain'] = "NULL";
48
+    }
48 49
     else
49 50
     {
50
-      $domain->ensure_userdomain();
51
-      array_push($conditions, "domain={$domain->id}");
51
+      $domain = new Domain( (string) $domain);
52
+      if ($domain->id == NULL)
53
+        array_push($conditions, "domain=NULL");
54
+      else
55
+      {
56
+        $domain->ensure_userdomain();
57
+        array_push($conditions, "domain={$domain->id}");
58
+      }
52 59
     }
53 60
     array_push($conditions, "local='".mysql_real_escape_string($local)."'");
54 61
   }
Browse code

Erlaube wieder @schokokeks.org für Mailaccounts

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@1464 87cf0b9e-d624-0410-a070-f6ee81989793

bernd authored on10/09/2009 06:56:05
Showing1 changed files
... ...
@@ -83,12 +83,19 @@ function create_mailaccount($arr)
83 83
   $values['uid'] = (int) $_SESSION['userinfo']['uid'];
84 84
 
85 85
   list($local, $domain) = explode('@', $arr['account'], 2);
86
-  $domain = new Domain( (string) $domain);
87
-  if ($domain->id == NULL)
86
+  if ($domain == config('masterdomain'))
87
+  {
88 88
     $values['domain'] = "NULL";
89
-  else {
90
-    $domain->ensure_userdomain();
91
-    $values['domain'] = $domain->id;
89
+  }
90
+  else
91
+  {
92
+    $domain = new Domain( (string) $domain);
93
+    if ($domain->id == NULL)
94
+      $values['domain'] = "NULL";
95
+    else {
96
+      $domain->ensure_userdomain();
97
+      $values['domain'] = $domain->id;
98
+    }
92 99
   }
93 100
 
94 101
   $values['local'] = "'".mysql_real_escape_string($local)."'";
Browse code

Sicherstellen, dass die Domain auch dem User gehört

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@1398 87cf0b9e-d624-0410-a070-f6ee81989793

bernd authored on19/06/2009 10:05:56
Showing1 changed files
... ...
@@ -46,8 +46,10 @@ function change_mailaccount($id, $arr)
46 46
     if ($domain->id == NULL)
47 47
       array_push($conditions, "domain=NULL");
48 48
     else
49
+    {
50
+      $domain->ensure_userdomain();
49 51
       array_push($conditions, "domain={$domain->id}");
50
-
52
+    }
51 53
     array_push($conditions, "local='".mysql_real_escape_string($local)."'");
52 54
   }
53 55
   if (isset($arr['mailbox']))
... ...
@@ -84,8 +86,10 @@ function create_mailaccount($arr)
84 86
   $domain = new Domain( (string) $domain);
85 87
   if ($domain->id == NULL)
86 88
     $values['domain'] = "NULL";
87
-  else
89
+  else {
90
+    $domain->ensure_userdomain();
88 91
     $values['domain'] = $domain->id;
92
+  }
89 93
 
90 94
   $values['local'] = "'".mysql_real_escape_string($local)."'";
91 95
 
Browse code

IMAP-Accounts deutlicher deprecaten

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@1392 87cf0b9e-d624-0410-a070-f6ee81989793

bernd authored on06/06/2009 13:28:53
Showing1 changed files
... ...
@@ -26,6 +26,8 @@ function get_mailaccount($id)
26 26
   $uid = (int) $uid;
27 27
   $result = db_query("SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'".config('masterdomain')."',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=$id");
28 28
   DEBUG("Found ".mysql_num_rows($result)." rows!");
29
+  if (mysql_num_rows($result) != 1)
30
+    system_failure('Dieser Mailaccount existiert nicht oder gehört Ihnen nicht');
29 31
   $acc = mysql_fetch_object($result);
30 32
   $ret = array('account' => $acc->account, 'mailbox' => $acc->maildir,  'enabled' => ($acc->aktiv == 1));
31 33
   DEBUG(print_r($ret, true));
... ...
@@ -174,5 +176,24 @@ function check_valid($acc)
174 176
 }
175 177
 
176 178
 
179
+function imap_on_vmail_domain()
180
+{
181
+  $uid = (int) $_SESSION['userinfo']['uid'];
182
+  $result = db_query("SELECT m.id FROM mail.mailaccounts AS m INNER JOIN mail.virtual_mail_domains AS vd USING (domain) WHERE m.uid={$uid}");
183
+  if (mysql_num_rows($result) > 0)
184
+    return true;
185
+  return false;
186
+}
187
+
188
+function user_has_only_vmail_domains()
189
+{
190
+  $uid = (int) $_SESSION['userinfo']['uid'];
191
+  $result = db_query("SELECT d.id FROM mail.v_domains AS d LEFT JOIN mail.v_vmail_domains AS vd USING (domainname) WHERE vd.id IS NULL AND d.user={$uid}");
192
+  if (mysql_num_rows($result) == 0)
193
+    return true;
194
+  return false;
195
+}
196
+
197
+
177 198
 
178 199
 ?>
Browse code

Einige Dummheiten repariert, die beim ersetzen von $config durch config() aufgetreten sind. Zudem einige Closing-Tag-mismatches repariert, die man nur sieht wenn man XHTML-Modus einschaltet

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@1377 87cf0b9e-d624-0410-a070-f6ee81989793

bernd authored on23/05/2009 15:55:23
Showing1 changed files
... ...
@@ -12,7 +12,7 @@ require_once('common.php');
12 12
 function mailaccounts($uid)
13 13
 {
14 14
   $uid = (int) $uid;
15
-  $result = db_query("SELECT m.id,concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'{config('masterdomain')}',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.uid=$uid");
15
+  $result = db_query("SELECT m.id,concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'".config('masterdomain')."',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.uid=$uid");
16 16
   DEBUG("Found ".@mysql_num_rows($result)." rows!");
17 17
   $accounts = array();
18 18
   if (@mysql_num_rows($result) > 0)
... ...
@@ -24,7 +24,7 @@ function mailaccounts($uid)
24 24
 function get_mailaccount($id)
25 25
 {
26 26
   $uid = (int) $uid;
27
-  $result = db_query("SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'{config('masterdomain')}',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=$id");
27
+  $result = db_query("SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'".config('masterdomain')."',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=$id");
28 28
   DEBUG("Found ".mysql_num_rows($result)." rows!");
29 29
   $acc = mysql_fetch_object($result);
30 30
   $ret = array('account' => $acc->account, 'mailbox' => $acc->maildir,  'enabled' => ($acc->aktiv == 1));
... ...
@@ -148,7 +148,7 @@ function check_valid($acc)
148 148
   if ($acc['account'] == '' || strpos($acc['account'], '@') == 0)
149 149
     return "Es wurde kein Benutzername angegeben!";
150 150
   if (strpos($acc['account'], '@') === false)
151
-    return "Es wurde kein Domain-Teil im Account-Name angegeben. Account-Namen müssen einen Domain-Teil enthalten. Im Zweifel versuchen Sie »@{config('masterdomain')}«.";
151
+    return "Es wurde kein Domain-Teil im Account-Name angegeben. Account-Namen müssen einen Domain-Teil enthalten. Im Zweifel versuchen Sie »@".config('masterdomain')."«.";
152 152
 
153 153
   list($local, $domain) = explode('@', $acc['account'], 2);
154 154
   verify_input_username($local);
... ...
@@ -163,7 +163,7 @@ function check_valid($acc)
163 163
     {
164 164
       if (substr($local, 0, strlen($user['username'])) != $user['username'] || ($acc['account'][strlen($user['username'])] != '-' && $acc['account'][strlen($user['username'])] != '@'))
165 165
       {
166
-        return "Sie haben »@{config('masterdomain')}« als Domain-Teil angegeben, aber der Benutzer-Teil beginnt nicht mit Ihrem Benutzername!";
166
+        return "Sie haben »@".config('masterdomain')."« als Domain-Teil angegeben, aber der Benutzer-Teil beginnt nicht mit Ihrem Benutzername!";
167 167
       }
168 168
     }
169 169
     else
Browse code

Mehr config-optionen und config via Wrapper-Funktion benutzen

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@1376 87cf0b9e-d624-0410-a070-f6ee81989793

bernd authored on23/05/2009 15:24:52
Showing1 changed files
... ...
@@ -11,9 +11,8 @@ require_once('common.php');
11 11
 
12 12
 function mailaccounts($uid)
13 13
 {
14
-  global $config;
15 14
   $uid = (int) $uid;
16
-  $result = db_query("SELECT m.id,concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'{$config['masterdomain']}',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.uid=$uid");
15
+  $result = db_query("SELECT m.id,concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'{config('masterdomain')}',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.uid=$uid");
17 16
   DEBUG("Found ".@mysql_num_rows($result)." rows!");
18 17
   $accounts = array();
19 18
   if (@mysql_num_rows($result) > 0)
... ...
@@ -24,9 +23,8 @@ function mailaccounts($uid)
24 23
 
25 24
 function get_mailaccount($id)
26 25
 {
27
-  global $config;
28 26
   $uid = (int) $uid;
29
-  $result = db_query("SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'{$config['masterdomain']}',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=$id");
27
+  $result = db_query("SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'{config('masterdomain')}',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=$id");
30 28
   DEBUG("Found ".mysql_num_rows($result)." rows!");
31 29
   $acc = mysql_fetch_object($result);
32 30
   $ret = array('account' => $acc->account, 'mailbox' => $acc->maildir,  'enabled' => ($acc->aktiv == 1));
... ...
@@ -136,7 +134,6 @@ function delete_mailaccount($id)
136 134
 
137 135
 function check_valid($acc)
138 136
 {
139
-  global $config;
140 137
   $user = $_SESSION['userinfo'];
141 138
   DEBUG("Account-data: ".print_r($acc, true));
142 139
   DEBUG("User-data: ".print_r($user, true));
... ...
@@ -151,7 +148,7 @@ function check_valid($acc)
151 148
   if ($acc['account'] == '' || strpos($acc['account'], '@') == 0)
152 149
     return "Es wurde kein Benutzername angegeben!";
153 150
   if (strpos($acc['account'], '@') === false)
154
-    return "Es wurde kein Domain-Teil im Account-Name angegeben. Account-Namen müssen einen Domain-Teil enthalten. Im Zweifel versuchen Sie »@{$config['masterdomain']}«.";
151
+    return "Es wurde kein Domain-Teil im Account-Name angegeben. Account-Namen müssen einen Domain-Teil enthalten. Im Zweifel versuchen Sie »@{config('masterdomain')}«.";
155 152
 
156 153
   list($local, $domain) = explode('@', $acc['account'], 2);
157 154
   verify_input_username($local);
... ...
@@ -162,11 +159,11 @@ function check_valid($acc)
162 159
 
163 160
   if (array_search($domain, $domains) === false)
164 161
   {
165
-    if ($domain == $config['masterdomain'])
162
+    if ($domain == config('masterdomain'))
166 163
     {
167 164
       if (substr($local, 0, strlen($user['username'])) != $user['username'] || ($acc['account'][strlen($user['username'])] != '-' && $acc['account'][strlen($user['username'])] != '@'))
168 165
       {
169
-        return "Sie haben »@{$config['masterdomain']}« als Domain-Teil angegeben, aber der Benutzer-Teil beginnt nicht mit Ihrem Benutzername!";
166
+        return "Sie haben »@{config('masterdomain')}« als Domain-Teil angegeben, aber der Benutzer-Teil beginnt nicht mit Ihrem Benutzername!";
170 167
       }
171 168
     }
172 169
     else
Browse code

Benutzer config-Variablen für masterdomain

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@1272 87cf0b9e-d624-0410-a070-f6ee81989793

bernd authored on27/02/2009 11:35:16
Showing1 changed files
... ...
@@ -11,8 +11,9 @@ require_once('common.php');
11 11
 
12 12
 function mailaccounts($uid)
13 13
 {
14
+  global $config;
14 15
   $uid = (int) $uid;
15
-  $result = db_query("SELECT m.id,concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),_utf8'schokokeks.org',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.uid=$uid");
16
+  $result = db_query("SELECT m.id,concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'{$config['masterdomain']}',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.uid=$uid");
16 17
   DEBUG("Found ".@mysql_num_rows($result)." rows!");
17 18
   $accounts = array();
18 19
   if (@mysql_num_rows($result) > 0)
... ...
@@ -23,8 +24,9 @@ function mailaccounts($uid)
23 24
 
24 25
 function get_mailaccount($id)
25 26
 {
27
+  global $config;
26 28
   $uid = (int) $uid;
27
-  $result = db_query("SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),_utf8'schokokeks.org',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=$id");
29
+  $result = db_query("SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),'{$config['masterdomain']}',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=$id");
28 30
   DEBUG("Found ".mysql_num_rows($result)." rows!");
29 31
   $acc = mysql_fetch_object($result);
30 32
   $ret = array('account' => $acc->account, 'mailbox' => $acc->maildir,  'enabled' => ($acc->aktiv == 1));
... ...
@@ -134,6 +136,7 @@ function delete_mailaccount($id)
134 136
 
135 137
 function check_valid($acc)
136 138
 {
139
+  global $config;
137 140
   $user = $_SESSION['userinfo'];
138 141
   DEBUG("Account-data: ".print_r($acc, true));
139 142
   DEBUG("User-data: ".print_r($user, true));
... ...
@@ -148,7 +151,7 @@ function check_valid($acc)
148 151
   if ($acc['account'] == '' || strpos($acc['account'], '@') == 0)
149 152
     return "Es wurde kein Benutzername angegeben!";
150 153
   if (strpos($acc['account'], '@') === false)
151
-    return "Es wurde kein Domain-Teil im Account-Name angegeben. Account-Namen müssen einen Domain-Teil enthalten. Im Zweifel versuchen Sie »@schokokeks.org«.";
154
+    return "Es wurde kein Domain-Teil im Account-Name angegeben. Account-Namen müssen einen Domain-Teil enthalten. Im Zweifel versuchen Sie »@{$config['masterdomain']}«.";
152 155
 
153 156
   list($local, $domain) = explode('@', $acc['account'], 2);
154 157
   verify_input_username($local);
... ...
@@ -159,11 +162,11 @@ function check_valid($acc)
159 162
 
160 163
   if (array_search($domain, $domains) === false)
161 164
   {
162
-    if ($domain == "schokokeks.org")
165
+    if ($domain == $config['masterdomain'])
163 166
     {
164 167
       if (substr($local, 0, strlen($user['username'])) != $user['username'] || ($acc['account'][strlen($user['username'])] != '-' && $acc['account'][strlen($user['username'])] != '@'))
165 168
       {
166
-        return "Sie haben »@schokokeks.org« als Domain-Teil angegeben, aber der Benutzer-Teil beginnt nicht mit Ihrem Benutzername!";
169
+        return "Sie haben »@{$config['masterdomain']}« als Domain-Teil angegeben, aber der Benutzer-Teil beginnt nicht mit Ihrem Benutzername!";
167 170
       }
168 171
     }
169 172
     else
Browse code

eliminate .php extensions for URLs

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@1128 87cf0b9e-d624-0410-a070-f6ee81989793

bernd authored on08/08/2008 19:32:32
Showing1 changed files
... ...
@@ -65,7 +65,7 @@ function change_mailaccount($id, $arr)
65 65
 
66 66
 
67 67
   db_query("UPDATE mail.mailaccounts SET ".implode(",", $conditions)." WHERE id='$id' LIMIT 1");
68
-  logger("modules/imap/include/mailaccounts.php", "imap", "updated account »{$arr['account']}«");
68
+  logger("modules/imap/include/mailaccounts", "imap", "updated account »{$arr['account']}«");
69 69
 
70 70
 }
71 71
 
... ...
@@ -104,7 +104,7 @@ function create_mailaccount($arr)
104 104
 
105 105
 
106 106
   db_query("INSERT INTO mail.mailaccounts (".implode(',', array_keys($values)).") VALUES (".implode(",", array_values($values)).")");
107
-  logger("modules/imap/include/mailaccounts.php", "imap", "created account »{$arr['account']}«");
107
+  logger("modules/imap/include/mailaccounts", "imap", "created account »{$arr['account']}«");
108 108
 
109 109
 }
110 110
 
... ...
@@ -128,7 +128,7 @@ function delete_mailaccount($id)
128 128
 {
129 129
   $id = (int) $id;
130 130
   db_query("DELETE FROM mail.mailaccounts WHERE id=".$id." LIMIT 1");
131
-  logger("modules/imap/include/mailaccounts.php", "imap", "deleted account »{$id}«");
131
+  logger("modules/imap/include/mailaccounts", "imap", "deleted account »{$id}«");
132 132
 }
133 133
 
134 134
 
Browse code

Fehler beim Passwort-Ändern von Mailaccounts behoben.

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@1110 87cf0b9e-d624-0410-a070-f6ee81989793

bernd authored on06/06/2008 07:15:13
Showing1 changed files
... ...
@@ -112,13 +112,11 @@ function create_mailaccount($arr)
112 112
 function get_mailaccount_id($accountname)
113 113
 {
114 114
   list($local, $domain) = explode('@', $accountname, 2);
115
-  if ($domain == 'schokokeks.org')
116
-    $domain = '';
117 115
 
118 116
   $local = mysql_real_escape_string($local);
119
-  $domain = maybe_null($domain);
117
+  $domain = mysql_real_escape_string($domain);
120 118
 
121
-  $result = db_query("SELECT acc.id FROM mail.mailaccounts AS acc LEFT JOIN mail.v_domains AS dom ON (dom.id=acc.domain) WHERE local='{$local}' AND dom.domainname={$domain}");
119
+  $result = db_query("SELECT acc.id FROM mail.mailaccounts AS acc LEFT JOIN mail.v_domains AS dom ON (dom.id=acc.domain) WHERE local='{$local}' AND dom.domainname='{$domain}'");
122 120
   if (mysql_num_rows($result) != 1)
123 121
     system_failure('account nicht eindeutig');
124 122
   $acc = mysql_fetch_assoc($result);
Browse code

Alles in das email-modul verschoben

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@1016 87cf0b9e-d624-0410-a070-f6ee81989793

bernd authored on03/04/2008 16:02:28
Showing1 changed files
... ...
@@ -7,6 +7,8 @@ require_once('inc/security.php');
7 7
 
8 8
 require_once('class/domain.php');
9 9
 
10
+require_once('common.php');
11
+
10 12
 function mailaccounts($uid)
11 13
 {
12 14
   $uid = (int) $uid;
... ...
@@ -30,17 +32,6 @@ function get_mailaccount($id)
30 32
   return $ret;
31 33
 }
32 34
 
33
-function encrypt_mail_password($pw)
34
-{
35
-  DEBUG("unencrypted PW: ".$pw);
36
-  require_once('inc/base.php');
37
-  $salt = random_string(8);
38
-  $encpw = crypt($pw, "\$1\${$salt}\$");
39
-  DEBUG("encrypted PW: ".$encpw);
40
-  return chop($encpw);
41
-
42
-}
43
-
44 35
 function change_mailaccount($id, $arr)
45 36
 {
46 37
   $id = (int) $id;
Browse code

Großer VMail-move

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@1012 87cf0b9e-d624-0410-a070-f6ee81989793

bernd authored on03/04/2008 10:38:22
Showing1 changed files
1 1
new file mode 100644
... ...
@@ -0,0 +1,189 @@
1
+<?php
2
+
3
+require_once('inc/debug.php');
4
+require_once('inc/db_connect.php');
5
+require_once('inc/base.php');
6
+require_once('inc/security.php');
7
+
8
+require_once('class/domain.php');
9
+
10
+function mailaccounts($uid)
11
+{
12
+  $uid = (int) $uid;
13
+  $result = db_query("SELECT m.id,concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),_utf8'schokokeks.org',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.uid=$uid");
14
+  DEBUG("Found ".@mysql_num_rows($result)." rows!");
15
+  $accounts = array();
16
+  if (@mysql_num_rows($result) > 0)
17
+    while ($acc = @mysql_fetch_object($result))
18
+      array_push($accounts, array('id'=> $acc->id, 'account' => $acc->account, 'mailbox' => $acc->maildir, 'cryptpass' => $acc->cryptpass, 'enabled' => ($acc->aktiv == 1)));
19
+  return $accounts;
20
+}
21
+
22
+function get_mailaccount($id)
23
+{
24
+  $uid = (int) $uid;
25
+  $result = db_query("SELECT concat_ws('@',`m`.`local`,if(isnull(`m`.`domain`),_utf8'schokokeks.org',`d`.`domainname`)) AS `account`, `m`.`password` AS `cryptpass`,`m`.`maildir` AS `maildir`,aktiv from (`mail`.`mailaccounts` `m` left join `mail`.`v_domains` `d` on((`d`.`id` = `m`.`domain`))) WHERE m.id=$id");
26
+  DEBUG("Found ".mysql_num_rows($result)." rows!");
27
+  $acc = mysql_fetch_object($result);
28
+  $ret = array('account' => $acc->account, 'mailbox' => $acc->maildir,  'enabled' => ($acc->aktiv == 1));
29
+  DEBUG(print_r($ret, true));
30
+  return $ret;
31
+}
32
+
33
+function encrypt_mail_password($pw)
34
+{
35
+  DEBUG("unencrypted PW: ".$pw);
36
+  require_once('inc/base.php');
37
+  $salt = random_string(8);
38
+  $encpw = crypt($pw, "\$1\${$salt}\$");
39
+  DEBUG("encrypted PW: ".$encpw);
40
+  return chop($encpw);
41
+
42
+}
43
+
44
+function change_mailaccount($id, $arr)
45
+{
46
+  $id = (int) $id;
47
+  $conditions = array();
48
+
49
+  if (isset($arr['account']))
50
+  {
51
+    list($local, $domain) = explode('@', $arr['account'], 2);
52
+    $domain = new Domain( (string) $domain);
53
+    if ($domain->id == NULL)
54
+      array_push($conditions, "domain=NULL");
55
+    else
56
+      array_push($conditions, "domain={$domain->id}");
57
+
58
+    array_push($conditions, "local='".mysql_real_escape_string($local)."'");
59
+  }
60
+  if (isset($arr['mailbox']))
61
+    if ($arr['mailbox'] == '')
62
+      array_push($conditions, "`maildir`=NULL");
63
+    else
64
+      array_push($conditions, "`maildir`='".mysql_real_escape_string($arr['mailbox'])."'");
65
+
66
+  if (isset($arr['password']))
67
+  {
68
+    $encpw = encrypt_mail_password($arr['password']);
69
+    array_push($conditions, "`password`='$encpw'");
70
+  }
71
+
72
+  if (isset($arr['enabled']))
73
+    array_push($conditions, "`aktiv`=".($arr['enabled'] == 'Y' ? "1" : "0"));
74
+
75
+
76
+  db_query("UPDATE mail.mailaccounts SET ".implode(",", $conditions)." WHERE id='$id' LIMIT 1");
77
+  logger("modules/imap/include/mailaccounts.php", "imap", "updated account »{$arr['account']}«");
78
+
79
+}
80
+
81
+function create_mailaccount($arr)
82
+{
83
+  $values = array();
84
+
85
+  if ((