Commit a11fac44 authored by Benjamin Sonntag's avatar Benjamin Sonntag
Browse files

finishing email class. Need testing

parent 97923c62
<?php
/*
$Id: mail_doedit.php, author : squidly
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright (C) 2002 by the AlternC Development Team.
http://alternc.org/
----------------------------------------------------------------------
Based on:
Valentin Lacambre's web hosting softwares: http://altern.org/
Copyright (C) 2000-2012 by the AlternC Development Team.
https://alternc.org/
----------------------------------------------------------------------
LICENSE
......@@ -23,7 +19,7 @@
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Purpose of file: Create a new mail account
Purpose of file: Edit mail account settings
----------------------------------------------------------------------
*/
......@@ -31,57 +27,98 @@
require_once("../class/config.php");
$fields = array (
"dom_id" =>array ("request","integer",""),
"mail_id" => array ("request","integer",""),
"pass" => array ("request","string",""),
"passconf" => array("request","string",""),
"is_enabled" => array("request","string",""),
"enable" => array("request","string","")
);
"mail_id" =>array ("request","integer",""),
"pass" => array ("request","string",""),
"passconf" => array("request","string",""),
"quotamb" => array("request","integer",0),
"enabled" => array("request","boolean",true),
"islocal" => array("request","boolean",true),
"recipients" => array("request","string",""),
);
getFields($fields);
/*
* checking the password
*/
$isedit=true; // if we go back to edit, it will know ;)
$error="";
if(isset($pass) && $pass != ""){
if($pass != $passconf){
$error = _("Password do not match");
include ("mail_edit.php");
exit();
}else{
//adding the password
$mail->setpasswd($mail_id,$pass);
header ("Location: /mail_properties.php?mail_id=$mail_id");
}
}
/*
* checking the activation state of the mail
* redirecting according to it.
*/
if($is_enabled == 1){
if(intval($enable)==0){
//desactivation
$mail->disable($mail_id);
header ("Location: /mail_properties.php?mail_id=$mail_id");
}else{
$error = _("Already Activated");
include ("mail_edit.php");
exit();
}
}elseif($is_enabled == 0){
if(intval($enable)==0){
// c'est dja inactif
$error = _("Already disabled ");
include ("mail_edit.php");
exit();
}else{
//Activation
$mail->enable($mail_id);
header ("Location: /mail_properties.php?mail_id=$mail_id");
}
}
// We check that email first ... so that we can compare its status with our ...
if (!$res=$mail->get_details($mail_id)) {
$error=$err->errstr();
include("main.php");
exit();
} else {
/*
* checking the password
*/
if(isset($pass) && $pass != ""){
if($pass != $passconf){
$error = _("Passwords do not match");
include ("mail_edit.php");
exit();
} else {
if (!$mail->set_passwd($mail_id,$pass)) { /* SET THE PASSWORD */
$error=$err->errstr();
include ("mail_edit.php");
exit();
} else {
$error.=$err->errstr()."<br />";
}
}
}
/*
* now the enable/disable status
*/
if ($res["enabled"] && !$enabled) {
if (!$mail->disable($mail_id)) { /* DISABLE */
$error=$err->errstr();
include ("mail_edit.php");
exit();
} else {
$error.=$err->errstr()."<br />";
}
}
if (!$res["enabled"] && $enabled) {
if (!$mail->enable($mail_id)) { /* ENABLE */
$error=$err->errstr();
include ("mail_edit.php");
exit();
} else {
$error.=$err->errstr()."<br />";
}
}
/*
* now the islocal + quota + recipients
*/
if (!$mail->set_details($mail_id,$islocal,$quotamb,$recipients)) { /* SET OTHERS */
$error=$err->errstr();
include ("mail_edit.php");
exit();
} else {
$error.=$err->errstr()."<br />";
}
/*
* Other elements by hooks
*/
$rh=$hooks->invoke("mail_edit_post",array($mail_id));
if (in_array(false,$res,true)) {
include ("mail_edit.php");
exit();
} else {
foreach($rh as $h) if ($h) $error.=$h."<br />";
}
}
if ($error) $error=_("Your email has been edited successfully");
$_REQUEST["domain_id"]=$dom->get_domain_byname($res["domain"]);
include("mail_list.php");
......@@ -26,7 +26,13 @@ require_once("../class/config.php");
include_once("head.php");
$fields = array (
"mail_id" => array ("request", "integer", ""),
"mail_id" =>array ("request","integer",""),
"pass" => array ("request","string",""),
"passconf" => array("request","string",""),
"quotamb" => array("request","integer",0),
"enabled" => array("request","boolean",true),
"islocal" => array("request","boolean",true),
"recipients" => array("request","string",""),
);
getFields($fields);
......@@ -35,22 +41,49 @@ if (!$res=$mail->get_details($mail_id)) {
include("main.php");
exit();
} else {
foreach($res as $key=>$val) $$key=$val;
foreach($res as $key=>$val) $$key=$val;
$quotamb=$quota;
if ($islocal && $mailbox_action=="DELETE") $islocal=false;
if (isset($isedit) && $isedit) getFields($fields); // we came from a POST, so let's get the request again ...
?>
<h3><?php printf(_("Editing the email %s"),$res["address"]."@".$res["domain"]); ?></h3>
<hr id="topbar"/>
<br />
<?php
if (isset($error)) {
echo "<p class=\"error\">$error</p>";
}
?>
<form action="mail_doedit.php" method="post" name="main" id="main">
<input type="hidden" name="mail_id" value="<?php echo $mail_id; ?>" />
<table class="tedit">
<tr><th colspan="2"><b><?php __("Is this email enabled?"); ?></b></th></tr>
<tr><td style="width: 50%; text-align: justify"><?php __("You can enable or disable this email anytime. This will bounce any mail received on this address, but will not delete the stored email, or the redirections or password."); ?><br />
</td>
<td>
<p>
<input type="radio" name="enabled" id="enabled0" class="inc" value="0"<?php cbox($enabled==0); ?> /><label for="enabled0"><?php __("No (email disabled)"); ?></label>
<input type="radio" name="enabled" id="enabled1" class="inc" value="1"<?php cbox($enabled==1); ?> /><label for="enabled1"><?php __("Yes (email enabled)"); ?></label>
</p>
</td></tr>
<tr><th colspan="2"><b><?php __("Is it a POP/IMAP account?"); ?></b></th></tr>
<tr><td style="width: 50%; text-align: justify"><?php __("POP/IMAP accounts are receiving emails in the server. To read those emails, you can use a Webmail, or a mail client such as Thunderbird. If you don't use POP/IMAP, you can configure your email to be a redirection to other existing emails. The maximum size is in megabytes, use 0 to make it infinite."); ?><br />
<p>&nbsp;</p>
<?php if ($islocal) { ?>
<p><?php printf(_('This mailbox is currently using %1$s / %2$s'),format_size($used),format_size($quotabytes)); ?></p>
<?php } ?>
<?php if ($mailbox_action=="DELETE") { ?>
<p><span class="error"><?php __("This mailbox is pending deletion. You can recover its mails by setting it to 'Yes' NOW!"); ?></span></p>
<?php } ?>
</td>
<td>
<p>
......@@ -61,7 +94,7 @@ foreach($res as $key=>$val) $$key=$val;
<table class="tedit" >
<tr><td><label for="pass"><?php __("Enter a POP/IMAP password"); ?></label></td><td><input type="password" class="int" name="pass" id="pass" value="" size="20" maxlength="32" /></td></tr>
<tr><td><label for="passconf"><?php __("Confirm password"); ?></label></td><td><input type="password" class="int" name="passconf" id="passconf" value="" size="20" maxlength="32" /></td></tr>
<tr><td><label for="quota"><?php __("Maximum allowed size of this Mailbox"); ?></label></td><td><input type="text" class="int intleft" style="text-align: right" name="quota" id="quota" value="<?php ehe($quota); ?>" size="7" maxlength="6" /><span class="int intright"><?php __("MB"); ?></span></td></tr>
<tr><td><label for="quotamb"><?php __("Maximum allowed size of this Mailbox"); ?></label></td><td><input type="text" class="int intleft" style="text-align: right" name="quotamb" id="quotamb" value="<?php ehe($quotamb); ?>" size="7" maxlength="6" /><span class="int intright"><?php __("MB"); ?></span></td></tr>
</table>
</div>
</td></tr>
......@@ -101,14 +134,14 @@ function popoff() {
$('#turnoff').show();
$('#poptbl').addClass('grey');
$('#pass').attr("disabled", "disabled");
$('#quota').attr("disabled", "disabled");
$('#quotamb').attr("disabled", "disabled");
$('#passconf').attr("disabled", "disabled");
}
function popon() {
$('#turnoff').hide();
$('#poptbl').removeClass('grey');
$('#pass').removeAttr("disabled");
$('#quota').removeAttr("disabled");
$('#quotamb').removeAttr("disabled");
$('#passconf').removeAttr("disabled");
}
</script>
......
......@@ -424,7 +424,7 @@ span#emaildom {
}
.tedit td, .tedit th {
border: 1px solid #aaa;
padding: 6px 10px;
padding: 10px;
margin: 0;
}
......
......@@ -46,7 +46,8 @@ Merci de revenir plus tard.";
*/
ini_set('display_errors', true);
// Some constant
// FIXME: Some constant, we put them here so that we can change them later ;) LFS
define('ALTERNC_MAIL', "/var/alternc/mail");
define('ALTERNC_HTML', "/var/alternc/html");
define('ALTERNC_PANEL', "/var/alternc/bureau");
define('ALTERNC_LOGS', "/var/alternc/logs");
......
......@@ -169,7 +169,7 @@ class m_mail {
// Validate the email syntax:
$m=$mail."@".$domain;
if (!filter_var($m,FILTER_VALIDATE_EMAIL)){
if (!filter_var($m,FILTER_VALIDATE_EMAIL) || (strpos($m,"..")!==false) || (strpos($m,"/")!==false) ) {
$err->raise("mail",_("The email you entered is syntaxically incorrect"));
return false;
}
......@@ -211,10 +211,13 @@ class m_mail {
$err->log("mail","get_details");
$mail_id=intval($mail_id);
// Validate that this email is owned by me...
if (!($mail=$this->is_it_my_mail($mail_id))) {
return false;
}
// We fetch all the informations for that email: these will fill the hastable :
$db->query("SELECT a.address, a.password, a.`enabled`, d.domaine AS domain, m.quota, m.quota*1024*1024 AS quotabytes, m.bytes AS used, NOT ISNULL(m.id) AS islocal, a.type, r.recipients, m.lastlogin
FROM (address a LEFT JOIN mailbox m ON m.address_id=a.id) LEFT JOIN recipient r ON r.address_id=a.id, domaines d WHERE a.id=$mail_id AND d.id=a.domain_id;");
$db->query("SELECT a.address, a.password, a.enabled, d.domaine AS domain, m.quota, m.quota*1024*1024 AS quotabytes, m.bytes AS used, NOT ISNULL(m.id) AS islocal, a.type, r.recipients, m.lastlogin, a.mail_action, m.mail_action AS mailbox_action FROM (address a LEFT JOIN mailbox m ON m.address_id=a.id) LEFT JOIN recipient r ON r.address_id=a.id, domaines d WHERE a.id=".$mail_id." AND d.id=a.domain_id;");
if (! $db->next_record()) return false;
$details=$db->Record;
// if necessary, fill the typedata with data from hooks ...
......@@ -226,6 +229,8 @@ class m_mail {
}
private $isitmy_cache=array();
/* ----------------------------------------------------------------- */
/** Check if an email is mine ...
*
......@@ -236,12 +241,15 @@ class m_mail {
function is_it_my_mail($mail_id){
global $err,$db,$cuid;
$mail_id=intval($mail_id);
// cache it (may be called more than one time in the same page).
if (isset($this->isitmy_cache[$mail_id])) return $this->isitmy_cache[$mail_id];
$db->query("SELECT concat(a.address,'@',d.domaine) AS email FROM address a, domaines d WHERE d.id=a.domain_id AND a.id=$mail_id AND d.compte=$cuid;");
if ($db->next_record()) {
return $db->f("email");
return $this->isitmy_cache[$mail_id]=$db->f("email");
} else {
$err->raise("mail",_("This email is not yours, you can't change anything on it"));
return false;
return $this->isitmy_cache[$mail_id]=false;
}
}
......@@ -353,6 +361,101 @@ class m_mail {
}
/* ----------------------------------------------------------------- */
/** set the password of an email address.
* @param $mail_id integer email ID
* @param $pass string the new password.
* @return boolean true if the password has been set, false else, raise an error.
*/
function set_passwd($mail_id,$pass){
global $db,$err,$admin;
$err->log("mail","setpasswd");
if (!($email=$this->is_it_my_mail($mail_id))) return false;
if (!$admin->checkPolicy("pop",$email,$pass)) return false;
if (!$db->query("UPDATE address SET password='"._md5cr($pass)."' where id=$mail_id;")) return false;
return true;
}
/* ----------------------------------------------------------------- */
/** Enables an email address.
* @param $mail_id integer Email ID
* @return boolean true if the email has been enabled.
*/
function enable($mail_id){
global $db,$err;
$err->log("mail","enable");
if (!($email=$this->is_it_my_mail($mail_id))) return false;
if (!$db->query("UPDATE address SET `enabled`=1 where id=$mail_id;")) return false;
return true;
}
/* ----------------------------------------------------------------- */
/** Disables an email address.
* @param $mail_id integer Email ID
* @return boolean true if the email has been enabled.
*/
function disable($mail_id){
global $db,$err;
$err->log("mail","disable");
if (!($email=$this->is_it_my_mail($mail_id))) return false;
if (!$db->query("UPDATE address SET `enabled`=0 where id=$mail_id;")) return false;
return true;
}
/* ----------------------------------------------------------------- */
/** Function used to update an email settings
* should be used by the web interface, not by third-party programs.
*
* @param $mail_id integer the number of the email to delete
* @param $islocal boolean is it a POP/IMAP mailbox ?
* @param $quotamb integer if islocal=1, quota in MB
* @param $recipients string recipients, one mail per line.
* @return true if the email has been properly edited
* or false if an error occured ($err is filled accordingly)
*/
function set_details($mail_id, $islocal, $quotamb, $recipients) {
global $err,$db,$cuid,$quota,$dom,$hooks;
$err->log("mail","set_details");
if (!($me=$this->get_details($mail_id))) {
return false;
}
if ($me["islocal"] && !$islocal) {
// delete pop
$db->query("UPDATE mailbox SET mail_action='DELETE' WHERE address_id=".$mail_id.";");
}
if (!$me["islocal"] && $islocal) {
// create pop
$path=ALTERNC_MAIL."/".substr($me["address"]."_",0,1)."/".$me["address"]."_".$me["domain"];
$db->query("INSERT INTO mailbox SET address_id=".$mail_id.", path='".addslashes($path)."';");
}
if ($me["islocal"] && $islocal && $me["mailbox_action"]=="DELETE") {
$db->query("UPDATE mailbox SET mail_action='' WHERE mail_action='DELETE' AND address_id=".$mail_id.";");
}
if ($islocal) {
$db->query("UPDATE mailbox SET quota=".intval($quotamb)." WHERE address_id=".$mail_id.";");
}
$r=explode("\n",$recipients);
$red="";
foreach($r as $m) {
$m=trim($m);
if ($m && filter_var($m,FILTER_VALIDATE_EMAIL)) {
$red.=$m."\n";
}
}
$db->query("DELETE FROM recipient WHERE address_id=".$mail_id.";");
if ($m) {
$db->query("INSERT INTO recipient SET address_id=".$mail_id.", recipients='".addslashes($red)."';");
}
return true;
}
/* ############################################################ */
......@@ -443,39 +546,6 @@ class m_mail {
/**
* activate a mail address.
* @param integer mail_id: unique mail identifier
*/
function enable($mail_id){
global $db,$err;
$err->log("mail","enable");
if( !$db->query("UPDATE address SET `enabled`=1 where id=$mail_id;"))return false;
}
/**
* disable a mail address.
* @param integer mail_id: unique mail identifier
*/
function disable($mail_id){
global $db,$err;
$err->log("mail","enable");
if( !$db->query("UPDATE address SET `enabled`=0 where id=$mail_id;")) return false;
}
/**
* setpasswd a mail address.
* @param integer mail_id: unique mail identifier
*/
function setpasswd($mail_id,$pass,$passwd_type){
global $db,$err,$admin;
$err->log("mail","setpasswd");
if(!$admin->checkPolicy("pop",$mail_full,$pass)) return false;
if(!$db->query("UPDATE address SET password='"._md5cr($pass)."' where id=$mail_id;")) return false;
}
/**
* mail_delete a mail address.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment