diff --git a/data/web/admin.php b/data/web/admin.php
index ce3deb69..d97bc141 100644
--- a/data/web/admin.php
+++ b/data/web/admin.php
@@ -261,7 +261,7 @@ $tfa_data = get_tfa();
else {
?>
<div class="row">
- <div class="col-md-1"><input type="checkbox" data-id="dkim" name="multi_select" value="<?=$domain;?>" disabled /></div>
+ <div class="col-md-1"><input type="checkbox" data-id="dkim" name="multi_select" value="<?=$alias_domain;?>" disabled /></div>
<div class="col-md-2 col-md-offset-1">
<p><small>↳ Alias-Domain: <strong><?=htmlspecialchars($alias_domain);?></strong><br /></small><span class="label label-danger"><?=$lang['admin']['dkim_key_missing'];?></span></p>
</div>
diff --git a/data/web/autodiscover.php b/data/web/autodiscover.php
index 391b4a93..f5bcbf8f 100644
--- a/data/web/autodiscover.php
+++ b/data/web/autodiscover.php
@@ -74,7 +74,7 @@ if ($login_role === "user") {
$redis->lTrim('AUTODISCOVER_LOG', 0, 100);
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'msg' => 'Redis: '.$e
);
@@ -128,7 +128,7 @@ if ($login_role === "user") {
$redis->lTrim('AUTODISCOVER_LOG', 0, 100);
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'msg' => 'Redis: '.$e
);
diff --git a/data/web/edit.php b/data/web/edit.php
index d605d3f4..1efbbed3 100644
--- a/data/web/edit.php
+++ b/data/web/edit.php
@@ -28,6 +28,12 @@ if (isset($_SESSION['mailcow_cc_role'])) {
<br />
<form class="form-horizontal" data-id="editalias" role="form" method="post">
<input type="hidden" value="0" name="active">
+ <div class="form-group">
+ <label class="control-label col-sm-2" for="address"><?=$lang['edit']['alias'];?></label>
+ <div class="col-sm-10">
+ <input class="form-control" type="text" name="address" value="<?=htmlspecialchars($result['address']);?>" />
+ </div>
+ </div>
<div class="form-group">
<label class="control-label col-sm-2" for="goto"><?=$lang['edit']['target_address'];?></label>
<div class="col-sm-10">
@@ -636,23 +642,23 @@ if (isset($_SESSION['mailcow_cc_role'])) {
$result = bcc('details', $bcc);
if (!empty($result)) {
?>
- <h4>BCC map</h4>
+ <h4><?=$lang['mailbox']['bcc_map'];?></h4>
<br />
<form class="form-horizontal" data-id="editbcc" role="form" method="post">
<input type="hidden" value="0" name="active">
<div class="form-group">
- <label class="control-label col-sm-2" for="bcc_dest">BCC destination</label>
+ <label class="control-label col-sm-2" for="bcc_dest"><?=$lang['mailbox']['bcc_destination'];?></label>
<div class="col-sm-10">
- <textarea id="bcc_dest" class="form-control" autocapitalize="none" autocorrect="off" rows="10" id="bcc_dest" name="bcc_dest" required><?=$result['bcc_dest'];?></textarea>
- <small>BCC destination must be a single valid email address.</small>
+ <input value="<?=$result['bcc_dest'];?>" type="text" class="form-control" name="bcc_dest" id="bcc_dest">
+ <small><?=$lang['edit']['bcc_dest_format'];?></small>
</div>
</div>
<div class="form-group">
- <label class="control-label col-sm-2" for="type">Type:</label>
+ <label class="control-label col-sm-2" for="type"><?=$lang['mailbox']['bcc_map_type'];?></label>
<div class="col-sm-10">
<select id="addFilterType" name="type" id="type" required>
- <option value="sender" <?=($result['type'] == 'sender') ? 'selected' : null;?>>Sender map</option>
- <option value="rcpt" <?=($result['type'] == 'rcpt') ? 'selected' : null;?>>Recipient map</option>
+ <option value="sender" <?=($result['type'] == 'sender') ? 'selected' : null;?>><?=$lang['mailbox']['bcc_sender_map'];?></option>
+ <option value="rcpt" <?=($result['type'] == 'rcpt') ? 'selected' : null;?>><?=$lang['mailbox']['bcc_rcpt_map'];?></option>
</select>
</div>
</div>
diff --git a/data/web/inc/footer.inc.php b/data/web/inc/footer.inc.php
index d7b80723..cdef8e0b 100644
--- a/data/web/inc/footer.inc.php
+++ b/data/web/inc/footer.inc.php
@@ -29,7 +29,7 @@ $(window).load(function() {
});
$(document).ready(function() {
window.mailcow_alert_box = function(message, type) {
- msg = $('<span/>').html(message).text();
+ msg = $('<span/>').text(message).text();
if (type == 'danger') {
auto_hide = 0;
$('#' + localStorage.getItem("add_modal")).modal('show');
@@ -42,9 +42,11 @@ $(document).ready(function() {
<?php
$alertbox_log_parser = alertbox_log_parser($_SESSION);
if (is_array($alertbox_log_parser)) {
+ foreach($alertbox_log_parser as $log) {
?>
- mailcow_alert_box(<?=$alertbox_log_parser['msg'];?>, <?=$alertbox_log_parser['type'];?>);
+ mailcow_alert_box(<?=$log['msg'];?>, <?=$log['type'];?>);
<?php
+ }
unset($_SESSION['return']);
}
?>
diff --git a/data/web/inc/functions.address_rewriting.inc.php b/data/web/inc/functions.address_rewriting.inc.php
index ce10d676..36fc4946 100644
--- a/data/web/inc/functions.address_rewriting.inc.php
+++ b/data/web/inc/functions.address_rewriting.inc.php
@@ -8,7 +8,7 @@ function bcc($_action, $_data = null, $attr = null) {
switch ($_action) {
case 'add':
if (!isset($_SESSION['acl']['bcc_maps']) || $_SESSION['acl']['bcc_maps'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => 'access_denied'
@@ -20,7 +20,7 @@ function bcc($_action, $_data = null, $attr = null) {
$active = intval($_data['active']);
$type = $_data['type'];
if ($type != 'sender' && $type != 'rcpt') {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => 'invalid_bcc_map_type'
@@ -28,7 +28,7 @@ function bcc($_action, $_data = null, $attr = null) {
return false;
}
if (empty($bcc_dest)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => 'bcc_empty'
@@ -37,7 +37,7 @@ function bcc($_action, $_data = null, $attr = null) {
}
if (is_valid_domain_name($local_dest)) {
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $local_dest)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => 'access_denied'
@@ -49,7 +49,7 @@ function bcc($_action, $_data = null, $attr = null) {
}
elseif (filter_var($local_dest, FILTER_VALIDATE_EMAIL)) {
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $local_dest)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => 'access_denied'
@@ -66,29 +66,21 @@ function bcc($_action, $_data = null, $attr = null) {
return false;
}
if (!filter_var($bcc_dest, FILTER_VALIDATE_EMAIL)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => 'bcc_must_be_email'
);
return false;
}
- try {
- $stmt = $pdo->prepare("SELECT `id` FROM `bcc_maps`
- WHERE `local_dest` = :local_dest AND `type` = :type");
- $stmt->execute(array(':local_dest' => $local_dest_sane, ':type' => $type));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+
+ $stmt = $pdo->prepare("SELECT `id` FROM `bcc_maps`
+ WHERE `local_dest` = :local_dest AND `type` = :type");
+ $stmt->execute(array(':local_dest' => $local_dest_sane, ':type' => $type));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+
if ($num_results != 0) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => array('bcc_exists', htmlspecialchars($local_dest_sane), $type)
@@ -107,14 +99,14 @@ function bcc($_action, $_data = null, $attr = null) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => array('mysql_error', $e)
);
return false;
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => 'bcc_saved'
@@ -122,7 +114,7 @@ function bcc($_action, $_data = null, $attr = null) {
break;
case 'edit':
if (!isset($_SESSION['acl']['bcc_maps']) || $_SESSION['acl']['bcc_maps'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => 'access_denied'
@@ -139,53 +131,45 @@ function bcc($_action, $_data = null, $attr = null) {
$type = (!empty($_data['type'])) ? $_data['type'] : $is_now['type'];
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
$active = intval($_data['active']);
if (!filter_var($bcc_dest, FILTER_VALIDATE_EMAIL)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
- 'msg' => 'bcc_must_be_email'
+ 'msg' => array('bcc_must_be_email', $bcc_dest)
);
- return false;
+ continue;
}
if (empty($bcc_dest)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
- 'msg' => 'bcc_empty'
+ 'msg' => array('bcc_must_be_email', $bcc_dest)
);
- return false;
+ continue;
}
try {
$stmt = $pdo->prepare("SELECT `id` FROM `bcc_maps`
WHERE `local_dest` = :local_dest AND `type` = :type");
$stmt->execute(array(':local_dest' => $local_dest, ':type' => $type));
$id_now = $stmt->fetch(PDO::FETCH_ASSOC)['id'];
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
- if (isset($id_now) && $id_now != $id) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data, $_attr),
- 'msg' => array('bcc_exists', htmlspecialchars($local_dest), $type)
- );
- return false;
- }
- try {
+
+ if (isset($id_now) && $id_now != $id) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_data, $_attr),
+ 'msg' => array('bcc_exists', htmlspecialchars($local_dest), $type)
+ );
+ continue;
+ }
+
$stmt = $pdo->prepare("UPDATE `bcc_maps` SET `bcc_dest` = :bcc_dest, `active` = :active, `type` = :type WHERE `id`= :id");
$stmt->execute(array(
':bcc_dest' => $bcc_dest,
@@ -195,45 +179,37 @@ function bcc($_action, $_data = null, $attr = null) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => array('mysql_error', $e)
);
- return false;
+ continue;
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_data, $_attr),
+ 'msg' => array('bcc_edited', $bcc_dest)
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_data, $_attr),
- 'msg' => 'bcc_edited'
- );
break;
case 'details':
$bccdata = array();
$id = intval($_data);
- try {
- $stmt = $pdo->prepare("SELECT `id`,
- `local_dest`,
- `bcc_dest`,
- `active` AS `active_int`,
- CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`,
- `type`,
- `created`,
- `domain`,
- `modified` FROM `bcc_maps`
- WHERE `id` = :id");
- $stmt->execute(array(':id' => $id));
- $bccdata = $stmt->fetch(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+
+ $stmt = $pdo->prepare("SELECT `id`,
+ `local_dest`,
+ `bcc_dest`,
+ `active` AS `active_int`,
+ CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`,
+ `type`,
+ `created`,
+ `domain`,
+ `modified` FROM `bcc_maps`
+ WHERE `id` = :id");
+ $stmt->execute(array(':id' => $id));
+ $bccdata = $stmt->fetch(PDO::FETCH_ASSOC);
+
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $bccdata['domain'])) {
$bccdata = null;
return false;
@@ -244,18 +220,10 @@ function bcc($_action, $_data = null, $attr = null) {
$bccdata = array();
$all_items = array();
$id = intval($_data);
- try {
- $stmt = $pdo->query("SELECT `id`, `domain` FROM `bcc_maps`");
- $all_items = $stmt->fetchAll(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+
+ $stmt = $pdo->query("SELECT `id`, `domain` FROM `bcc_maps`");
+ $all_items = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
foreach ($all_items as $i) {
if (hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $i['domain'])) {
$bccdata[] = $i['id'];
@@ -275,31 +243,30 @@ function bcc($_action, $_data = null, $attr = null) {
$stmt->execute(array(':id' => $id));
$domain = $stmt->fetch(PDO::FETCH_ASSOC)['domain'];
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
$stmt = $pdo->prepare("DELETE FROM `bcc_maps` WHERE `id`= :id");
$stmt->execute(array(':id' => $id));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => array('mysql_error', $e)
);
- return false;
+ continue;
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_data, $_attr),
+ 'msg' => array('bcc_deleted', $id)
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_data, $_attr),
- 'msg' => array('bcc_deleted', implode(', ', $ids))
- );
- return true;
break;
}
}
@@ -325,7 +292,7 @@ function recipient_map($_action, $_data = null, $attr = null) {
$old_dest_sane = $old_dest;
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => array('invalid_recipient_map_old', htmlspecialchars($old_dest))
@@ -333,7 +300,7 @@ function recipient_map($_action, $_data = null, $attr = null) {
return false;
}
if (!filter_var($new_dest, FILTER_VALIDATE_EMAIL)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => array('invalid_recipient_map_new', htmlspecialchars($new_dest))
@@ -345,7 +312,7 @@ function recipient_map($_action, $_data = null, $attr = null) {
$old_dests_existing[] = recipient_map('details', $rmap)['recipient_map_old'];
}
if (in_array($old_dest_sane, $old_dests_existing)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => array('recipient_map_entry_exists', htmlspecialchars($old_dest))
@@ -362,14 +329,14 @@ function recipient_map($_action, $_data = null, $attr = null) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => array('mysql_error', $e)
);
return false;
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => array('recipient_map_entry_saved', htmlspecialchars($old_dest_sane))
@@ -388,12 +355,12 @@ function recipient_map($_action, $_data = null, $attr = null) {
}
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
if (is_valid_domain_name($old_dest)) {
$old_dest_sane = '@' . idn_to_ascii($old_dest);
@@ -402,21 +369,21 @@ function recipient_map($_action, $_data = null, $attr = null) {
$old_dest_sane = $old_dest;
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => array('invalid_recipient_map_old', htmlspecialchars($old_dest))
);
- return false;
+ continue;
}
$active = intval($_data['active']);
if (!filter_var($new_dest, FILTER_VALIDATE_EMAIL)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => array('invalid_recipient_map_new', htmlspecialchars($new_dest))
);
- return false;
+ continue;
}
$rmaps = recipient_map('get');
foreach ($rmaps as $rmap) {
@@ -424,12 +391,12 @@ function recipient_map($_action, $_data = null, $attr = null) {
}
if (in_array($old_dest_sane, $old_dests_existing) &&
recipient_map('details', $id)['recipient_map_old'] != $old_dest_sane) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => array('recipient_map_entry_exists', htmlspecialchars($old_dest_sane))
);
- return false;
+ continue;
}
try {
$stmt = $pdo->prepare("UPDATE `recipient_maps` SET
@@ -445,61 +412,45 @@ function recipient_map($_action, $_data = null, $attr = null) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => array('mysql_error', $e)
);
return false;
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_data, $_attr),
+ 'msg' => array('recipient_map_entry_saved', htmlspecialchars($old_dest_sane))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_data, $_attr),
- 'msg' => array('recipient_map_entry_saved', htmlspecialchars($old_dest))
- );
break;
case 'details':
$mapdata = array();
$id = intval($_data);
- try {
- $stmt = $pdo->prepare("SELECT `id`,
- `old_dest` AS `recipient_map_old`,
- `new_dest` AS `recipient_map_new`,
- `active` AS `active_int`,
- CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`,
- `created`,
- `modified` FROM `recipient_maps`
- WHERE `id` = :id");
- $stmt->execute(array(':id' => $id));
- $mapdata = $stmt->fetch(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+
+ $stmt = $pdo->prepare("SELECT `id`,
+ `old_dest` AS `recipient_map_old`,
+ `new_dest` AS `recipient_map_new`,
+ `active` AS `active_int`,
+ CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`,
+ `created`,
+ `modified` FROM `recipient_maps`
+ WHERE `id` = :id");
+ $stmt->execute(array(':id' => $id));
+ $mapdata = $stmt->fetch(PDO::FETCH_ASSOC);
+
return $mapdata;
break;
case 'get':
$mapdata = array();
$all_items = array();
$id = intval($_data);
- try {
- $stmt = $pdo->query("SELECT `id` FROM `recipient_maps`");
- $all_items = $stmt->fetchAll(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+
+ $stmt = $pdo->query("SELECT `id` FROM `recipient_maps`");
+ $all_items = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
foreach ($all_items as $i) {
$mapdata[] = $i['id'];
}
@@ -517,7 +468,7 @@ function recipient_map($_action, $_data = null, $attr = null) {
$stmt->execute(array(':id' => $id));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data, $_attr),
'msg' => array('mysql_error', $e)
@@ -525,7 +476,7 @@ function recipient_map($_action, $_data = null, $attr = null) {
return false;
}
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'msg' => array('recipient_map_entry_deleted', htmlspecialchars($old_dest))
);
diff --git a/data/web/inc/functions.autoconfiguration.inc.php b/data/web/inc/functions.autoconfiguration.inc.php
deleted file mode 100644
index bd3dd10b..00000000
--- a/data/web/inc/functions.autoconfiguration.inc.php
+++ /dev/null
@@ -1,119 +0,0 @@
-<?php
-function autoconfiguration($_action, $_type, $_data = null) {
- global $pdo;
- global $lang;
- switch ($_action) {
- case 'edit':
- if (!isset($_SESSION['acl']['eas_autoconfig']) || $_SESSION['acl']['eas_autoconfig'] != "1" ) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data),
- 'msg' => 'access_denied'
- );
- return false;
- }
- switch ($_type) {
- case 'autodiscover':
- $objects = (array)$_data['object'];
- foreach ($objects as $object) {
- if (is_valid_domain_name($object) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
- $exclude_regex = (isset($_data['exclude_regex'])) ? $_data['exclude_regex'] : null;
- $exclude_regex = (isset($_data['exclude_regex'])) ? $_data['exclude_regex'] : null;
- try {
- $stmt = $pdo->prepare("SELECT COUNT(`domain`) AS `domain_c` FROM `autodiscover`
- WHERE `domain` = :domain");
- $stmt->execute(array(':domain' => $object));
- $num_results = $stmt->fetchColumn();
- if ($num_results > 0) {
- $stmt = $pdo->prepare("SELECT COUNT(`domain`) AS `domain_c` FROM `autodiscover`
- WHERE `domain` = :domain");
- }
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
- }
- elseif (filter_var($object, FILTER_VALIDATE_EMAIL) === true && hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
-
- }
- }
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data),
- 'msg' => array('domain_modified', htmlspecialchars(implode(', ', $objects)))
- );
- break;
- }
- break;
- case 'get':
- switch ($_type) {
- case 'autodiscover':
- $autodiscover = array();
- if (is_valid_domain_name($_data) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
- try {
- $stmt = $pdo->prepare("SELECT * FROM `autodiscover`
- WHERE `domain` = :domain");
- $stmt->execute(array(':domain' => $_data));
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while($row = array_shift($rows)) {
- $autodiscover['mailbox'] = $row['mailbox'];
- $autodiscover['domain'] = $row['domain'];
- $autodiscover['service'] = $row['service'];
- $autodiscover['exclude_regex'] = $row['exclude_regex'];
- $autodiscover['created'] = $row['created'];
- $autodiscover['modified'] = $row['modified'];
- }
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
- }
- elseif (filter_var($_data, FILTER_VALIDATE_EMAIL) === true && hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
- try {
- $stmt = $pdo->prepare("SELECT * FROM `autodiscover`
- WHERE `mailbox` = :mailbox");
- $stmt->execute(array(':mailbox' => $_data));
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while($row = array_shift($rows)) {
- $autodiscover['mailbox'] = $row['mailbox'];
- $autodiscover['domain'] = $row['domain'];
- $autodiscover['service'] = $row['service'];
- $autodiscover['exclude_regex'] = $row['exclude_regex'];
- $autodiscover['created'] = $row['created'];
- $autodiscover['modified'] = $row['modified'];
- }
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
- }
- return $autodiscover;
- break;
- }
- break;
- case 'reset':
- switch ($_type) {
- case 'autodiscover':
- if ($_SESSION['mailcow_cc_role'] != "admin" && $_SESSION['mailcow_cc_role'] != "domainadmin") {
- return false;
- }
- break;
- }
- break;
- }
-}
diff --git a/data/web/inc/functions.customize.inc.php b/data/web/inc/functions.customize.inc.php
index 8fb928fa..a737bdbc 100644
--- a/data/web/inc/functions.customize.inc.php
+++ b/data/web/inc/functions.customize.inc.php
@@ -5,7 +5,7 @@ function customize($_action, $_item, $_data = null) {
switch ($_action) {
case 'add':
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => 'access_denied'
@@ -17,7 +17,7 @@ function customize($_action, $_item, $_data = null) {
if (in_array($_data['main_logo']['type'], array('image/gif', 'image/jpeg', 'image/pjpeg', 'image/x-png', 'image/png', 'image/svg+xml'))) {
try {
if (file_exists($_data['main_logo']['tmp_name']) !== true) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => 'img_tmp_missing'
@@ -26,7 +26,7 @@ function customize($_action, $_item, $_data = null) {
}
$image = new Imagick($_data['main_logo']['tmp_name']);
if ($image->valid() !== true) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => 'img_invalid'
@@ -36,7 +36,7 @@ function customize($_action, $_item, $_data = null) {
$image->destroy();
}
catch (ImagickException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => 'img_invalid'
@@ -45,7 +45,7 @@ function customize($_action, $_item, $_data = null) {
}
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => 'invalid_mime_type'
@@ -56,14 +56,14 @@ function customize($_action, $_item, $_data = null) {
$redis->Set('MAIN_LOGO', 'data:' . $_data['main_logo']['type'] . ';base64,' . base64_encode(file_get_contents($_data['main_logo']['tmp_name'])));
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => array('redis_error', $e)
);
return false;
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => 'upload_success'
@@ -73,7 +73,7 @@ function customize($_action, $_item, $_data = null) {
break;
case 'edit':
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => 'access_denied'
@@ -93,7 +93,7 @@ function customize($_action, $_item, $_data = null) {
$redis->set('APP_LINKS', json_encode($out));
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => array('redis_error', $e)
@@ -101,7 +101,7 @@ function customize($_action, $_item, $_data = null) {
return false;
}
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => 'app_links'
@@ -119,14 +119,14 @@ function customize($_action, $_item, $_data = null) {
$redis->set('HELP_TEXT', $help_text);
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => array('redis_error', $e)
);
return false;
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => 'ui_texts'
@@ -136,7 +136,7 @@ function customize($_action, $_item, $_data = null) {
break;
case 'delete':
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => 'access_denied'
@@ -147,7 +147,7 @@ function customize($_action, $_item, $_data = null) {
case 'main_logo':
try {
if ($redis->del('MAIN_LOGO')) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => 'reset_main_logo'
@@ -156,7 +156,7 @@ function customize($_action, $_item, $_data = null) {
}
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => array('redis_error', $e)
@@ -173,7 +173,7 @@ function customize($_action, $_item, $_data = null) {
$app_links = json_decode($redis->get('APP_LINKS'), true);
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => array('redis_error', $e)
@@ -187,7 +187,7 @@ function customize($_action, $_item, $_data = null) {
return $redis->get('MAIN_LOGO');
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => array('redis_error', $e)
@@ -204,7 +204,7 @@ function customize($_action, $_item, $_data = null) {
return $data;
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => array('redis_error', $e)
@@ -222,7 +222,7 @@ function customize($_action, $_item, $_data = null) {
return $image->identifyImage();
}
catch (ImagickException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_item, $_data),
'msg' => 'imagick_exception'
diff --git a/data/web/inc/functions.dkim.inc.php b/data/web/inc/functions.dkim.inc.php
index 8099d2f8..17bac738 100644
--- a/data/web/inc/functions.dkim.inc.php
+++ b/data/web/inc/functions.dkim.inc.php
@@ -6,7 +6,7 @@ function dkim($_action, $_data = null) {
switch ($_action) {
case 'add':
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => 'access_denied'
@@ -17,7 +17,7 @@ function dkim($_action, $_data = null) {
$dkim_selector = (isset($_data['dkim_selector'])) ? $_data['dkim_selector'] : 'dkim';
$domain = $_data['domain'];
if (!is_valid_domain_name($domain) || !is_numeric($key_length)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => 'dkim_domain_or_sel_invalid'
@@ -25,7 +25,7 @@ function dkim($_action, $_data = null) {
return false;
}
if ($redis->hGet('DKIM_PUB_KEYS', $domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => 'dkim_domain_or_sel_invalid'
@@ -33,7 +33,7 @@ function dkim($_action, $_data = null) {
return false;
}
if (!ctype_alnum($dkim_selector)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => 'dkim_domain_or_sel_invalid'
@@ -58,7 +58,7 @@ function dkim($_action, $_data = null) {
$redis->hSet('DKIM_SELECTORS', $domain, $dkim_selector);
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => array('redis_error', $e)
@@ -72,7 +72,7 @@ function dkim($_action, $_data = null) {
$redis->hSet('DKIM_PRIV_KEYS', $dkim_selector . '.' . $domain, trim($privKey));
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => array('redis_error', $e)
@@ -80,7 +80,7 @@ function dkim($_action, $_data = null) {
return false;
}
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => 'dkim_added'
@@ -88,7 +88,7 @@ function dkim($_action, $_data = null) {
return true;
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => 'dkim_domain_or_sel_invalid'
@@ -98,7 +98,7 @@ function dkim($_action, $_data = null) {
break;
case 'import':
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => 'access_denied'
@@ -109,7 +109,7 @@ function dkim($_action, $_data = null) {
$private_key_normalized = preg_replace('~\r\n?~', "\n", $private_key_input);
$private_key = openssl_pkey_get_private($private_key_normalized);
if ($ssl_error = openssl_error_string()) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => array('private_key_error', $ssl_error)
@@ -126,7 +126,7 @@ function dkim($_action, $_data = null) {
$dkim_selector = (isset($_data['dkim_selector'])) ? $_data['dkim_selector'] : 'dkim';
$domain = $_data['domain'];
if (!is_valid_domain_name($domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => 'dkim_domain_or_sel_invalid'
@@ -134,7 +134,7 @@ function dkim($_action, $_data = null) {
return false;
}
if ($redis->hGet('DKIM_PUB_KEYS', $domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => 'dkim_domain_or_sel_invalid'
@@ -142,7 +142,7 @@ function dkim($_action, $_data = null) {
return false;
}
if (!ctype_alnum($dkim_selector)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => 'dkim_domain_or_sel_invalid'
@@ -155,7 +155,7 @@ function dkim($_action, $_data = null) {
$redis->hSet('DKIM_PRIV_KEYS', $dkim_selector . '.' . $domain, $private_key_normalized);
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => array('redis_error', $e)
@@ -168,14 +168,14 @@ function dkim($_action, $_data = null) {
try {
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => array('redis_error', $e)
);
return false;
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => 'dkim_added'
@@ -215,7 +215,7 @@ function dkim($_action, $_data = null) {
break;
case 'blind':
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => 'access_denied'
@@ -231,7 +231,7 @@ function dkim($_action, $_data = null) {
case 'delete':
$domains = (array)$_data['domains'];
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => 'access_denied'
@@ -240,12 +240,12 @@ function dkim($_action, $_data = null) {
}
foreach ($domains as $domain) {
if (!is_valid_domain_name($domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
- 'msg' => 'dkim_domain_or_sel_invalid'
+ 'msg' => array('dkim_domain_or_sel_invalid', $domain)
);
- return false;
+ continue;
}
try {
$selector = $redis->hGet('DKIM_SELECTORS', $domain);
@@ -254,19 +254,19 @@ function dkim($_action, $_data = null) {
$redis->hDel('DKIM_SELECTORS', $domain);
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data),
'msg' => array('redis_error', $e)
);
- return false;
+ continue;
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_data),
+ 'msg' => array('dkim_removed', htmlspecialchars($domain))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_data),
- 'msg' => array('dkim_removed', htmlspecialchars(implode(', ', $domains)))
- );
break;
}
}
\ No newline at end of file
diff --git a/data/web/inc/functions.docker.inc.php b/data/web/inc/functions.docker.inc.php
index cac2db78..dbd26375 100644
--- a/data/web/inc/functions.docker.inc.php
+++ b/data/web/inc/functions.docker.inc.php
@@ -158,19 +158,19 @@ function docker($action, $service_name = null, $attr1 = null, $attr2 = null, $ex
if ($response === false) {
$err = curl_error($curl);
curl_close($curl);
- logger(array('return' => array(
+ logger(array('return' => array(array(
'type' => 'danger',
'log' => array(__FUNCTION__, $action, $service_name, $attr1, $attr2, $extra_headers),
'msg' => $err,
- )));
+ ))));
return $err;
}
else {
curl_close($curl);
- logger(array('return' => array(
+ logger(array('return' => array(array(
'type' => 'success',
'log' => array(__FUNCTION__, $action, $service_name, $attr1, $attr2, $extra_headers),
- )));
+ ))));
if (empty($response)) {
return true;
}
diff --git a/data/web/inc/functions.domain_admin.inc.php b/data/web/inc/functions.domain_admin.inc.php
index 3c631d08..86cec621 100644
--- a/data/web/inc/functions.domain_admin.inc.php
+++ b/data/web/inc/functions.domain_admin.inc.php
@@ -14,7 +14,7 @@ function domain_admin($_action, $_data = null) {
$domains = (array)$_data['domains'];
$active = intval($_data['active']);
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
@@ -22,7 +22,7 @@ function domain_admin($_action, $_data = null) {
return false;
}
if (empty($domains)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'domain_invalid'
@@ -30,40 +30,32 @@ function domain_admin($_action, $_data = null) {
return false;
}
if (!ctype_alnum(str_replace(array('_', '.', '-'), '', $username)) || empty ($username)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'username_invalid'
);
return false;
}
- try {
- $stmt = $pdo->prepare("SELECT `username` FROM `mailbox`
- WHERE `username` = :username");
- $stmt->execute(array(':username' => $username));
- $num_results[] = count($stmt->fetchAll(PDO::FETCH_ASSOC));
-
- $stmt = $pdo->prepare("SELECT `username` FROM `admin`
- WHERE `username` = :username");
- $stmt->execute(array(':username' => $username));
- $num_results[] = count($stmt->fetchAll(PDO::FETCH_ASSOC));
-
- $stmt = $pdo->prepare("SELECT `username` FROM `domain_admins`
- WHERE `username` = :username");
- $stmt->execute(array(':username' => $username));
- $num_results[] = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+
+ $stmt = $pdo->prepare("SELECT `username` FROM `mailbox`
+ WHERE `username` = :username");
+ $stmt->execute(array(':username' => $username));
+ $num_results[] = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+
+ $stmt = $pdo->prepare("SELECT `username` FROM `admin`
+ WHERE `username` = :username");
+ $stmt->execute(array(':username' => $username));
+ $num_results[] = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+
+ $stmt = $pdo->prepare("SELECT `username` FROM `domain_admins`
+ WHERE `username` = :username");
+ $stmt->execute(array(':username' => $username));
+ $num_results[] = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+
foreach ($num_results as $num_results_each) {
if ($num_results_each != 0) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('object_exists', htmlspecialchars($username))
@@ -73,7 +65,7 @@ function domain_admin($_action, $_data = null) {
}
if (!empty($password) && !empty($password2)) {
if (!preg_match('/' . $GLOBALS['PASSWD_REGEP'] . '/', $password)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'password_complexity'
@@ -81,7 +73,7 @@ function domain_admin($_action, $_data = null) {
return false;
}
if ($password != $password2) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'password_mismatch'
@@ -91,7 +83,7 @@ function domain_admin($_action, $_data = null) {
$password_hashed = hash_password($password);
foreach ($domains as $domain) {
if (!is_valid_domain_name($domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'domain_invalid'
@@ -110,7 +102,7 @@ function domain_admin($_action, $_data = null) {
}
catch (PDOException $e) {
domain_admin('delete', $username);
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('mysql_error', $e)
@@ -128,7 +120,7 @@ function domain_admin($_action, $_data = null) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('mysql_error', $e)
@@ -137,14 +129,14 @@ function domain_admin($_action, $_data = null) {
}
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'password_empty'
);
return false;
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('domain_admin_added', htmlspecialchars($username))
@@ -152,7 +144,7 @@ function domain_admin($_action, $_data = null) {
break;
case 'edit':
if ($_SESSION['mailcow_cc_role'] != "admin" && $_SESSION['mailcow_cc_role'] != "domainadmin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
@@ -177,44 +169,44 @@ function domain_admin($_action, $_data = null) {
$username_new = (!empty($_data['username_new'])) ? $_data['username_new'] : $is_now['username'];
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
$password = $_data['password'];
$password2 = $_data['password2'];
-
if (!empty($domains)) {
- foreach ($domains as $domain) {
+ foreach ($domains as $i => &$domain) {
if (!is_valid_domain_name($domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => 'domain_invalid'
+ 'msg' => array('domain_invalid', htmlspecialchars($domain))
);
- return false;
+ unset($domains[$i]);
+ continue;
}
}
}
if (!ctype_alnum(str_replace(array('_', '.', '-'), '', $username_new))) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => 'username_invalid'
+ 'msg' => array('username_invalid', $username_new)
);
- return false;
+ continue;
}
if ($username_new != $username) {
if (!empty(domain_admin('details', $username_new)['username'])) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => 'username_invalid'
+ 'msg' => array('username_invalid', $username_new)
);
- return false;
+ continue;
}
}
try {
@@ -224,12 +216,12 @@ function domain_admin($_action, $_data = null) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('mysql_error', $e)
);
- return false;
+ continue;
}
if (!empty($domains)) {
@@ -245,32 +237,32 @@ function domain_admin($_action, $_data = null) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('mysql_error', $e)
);
- return false;
+ continue;
}
}
}
if (!empty($password) && !empty($password2)) {
if (!preg_match('/' . $GLOBALS['PASSWD_REGEP'] . '/', $password)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'password_complexity'
);
- return false;
+ continue;
}
if ($password != $password2) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'password_mismatch'
);
- return false;
+ continue;
}
$password_hashed = hash_password($password);
try {
@@ -291,12 +283,12 @@ function domain_admin($_action, $_data = null) {
}
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('mysql_error', $e)
);
- return false;
+ continue;
}
}
else {
@@ -317,20 +309,21 @@ function domain_admin($_action, $_data = null) {
}
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('mysql_error', $e)
);
- return false;
+ continue;
}
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_data_log),
+ 'msg' => array('domain_admin_modified', htmlspecialchars($username))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('domain_admin_modified', htmlspecialchars(implode(', ', $usernames)))
- );
+ return true;
}
// Domain administrator
// Can only edit itself
@@ -344,8 +337,9 @@ function domain_admin($_action, $_data = null) {
WHERE `username` = :user");
$stmt->execute(array(':user' => $username));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
+
if (!verify_hash($row['password'], $password_old)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
@@ -355,7 +349,7 @@ function domain_admin($_action, $_data = null) {
if (!empty($password_new2) && !empty($password_new)) {
if ($password_new2 != $password_new) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'password_mismatch'
@@ -363,7 +357,7 @@ function domain_admin($_action, $_data = null) {
return false;
}
if (!preg_match('/' . $GLOBALS['PASSWD_REGEP'] . '/', $password_new)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'password_complexity'
@@ -379,7 +373,7 @@ function domain_admin($_action, $_data = null) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('mysql_error', $e)
@@ -387,8 +381,7 @@ function domain_admin($_action, $_data = null) {
return false;
}
}
-
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('domain_admin_modified', htmlspecialchars($username))
@@ -397,7 +390,7 @@ function domain_admin($_action, $_data = null) {
break;
case 'delete':
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
@@ -407,12 +400,12 @@ function domain_admin($_action, $_data = null) {
$usernames = (array)$_data['username'];
foreach ($usernames as $username) {
if (!ctype_alnum(str_replace(array('_', '.', '-'), '', $username))) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => 'username_invalid'
+ 'msg' => array('username_invalid', $username)
);
- return false;
+ continue;
}
try {
$stmt = $pdo->prepare("DELETE FROM `domain_admins` WHERE `username` = :username");
@@ -425,50 +418,43 @@ function domain_admin($_action, $_data = null) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('mysql_error', $e)
);
- return false;
+ continue;
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_data_log),
+ 'msg' => array('domain_admin_removed', htmlspecialchars($username))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('domain_admin_removed', htmlspecialchars(implode(', ', $usernames)))
- );
break;
case 'get':
$domainadmins = array();
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
);
return false;
}
- try {
- $stmt = $pdo->query("SELECT DISTINCT
- `username`
- FROM `domain_admins`
- WHERE `username` IN (
- SELECT `username` FROM `admin`
- WHERE `superadmin`!='1'
- )");
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while ($row = array_shift($rows)) {
- $domainadmins[] = $row['username'];
- }
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('mysql_error', $e)
- );
+
+ $stmt = $pdo->query("SELECT DISTINCT
+ `username`
+ FROM `domain_admins`
+ WHERE `username` IN (
+ SELECT `username` FROM `admin`
+ WHERE `superadmin`!='1'
+ )");
+ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while ($row = array_shift($rows)) {
+ $domainadmins[] = $row['username'];
}
+
return $domainadmins;
break;
case 'details':
@@ -484,61 +470,54 @@ function domain_admin($_action, $_data = null) {
if (!ctype_alnum(str_replace(array('_', '.', '-'), '', $_data))) {
return false;
}
- try {
- $stmt = $pdo->prepare("SELECT
- `tfa`.`active` AS `tfa_active_int`,
- CASE `tfa`.`active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `tfa_active`,
- `domain_admins`.`username`,
- `domain_admins`.`created`,
- `domain_admins`.`active` AS `active_int`,
- CASE `domain_admins`.`active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`
- FROM `domain_admins`
- LEFT OUTER JOIN `tfa` ON `tfa`.`username`=`domain_admins`.`username`
- WHERE `domain_admins`.`username`= :domain_admin");
- $stmt->execute(array(
- ':domain_admin' => $_data
- ));
- $row = $stmt->fetch(PDO::FETCH_ASSOC);
- if (empty($row)) {
- return false;
- }
- $domainadmindata['username'] = $row['username'];
- $domainadmindata['tfa_active'] = $row['tfa_active'];
- $domainadmindata['active'] = $row['active'];
- $domainadmindata['tfa_active_int'] = $row['tfa_active_int'];
- $domainadmindata['active_int'] = $row['active_int'];
- $domainadmindata['modified'] = $row['created'];
- // GET SELECTED
- $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
- WHERE `domain` IN (
- SELECT `domain` FROM `domain_admins`
- WHERE `username`= :domain_admin)");
- $stmt->execute(array(':domain_admin' => $_data));
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while($row = array_shift($rows)) {
- $domainadmindata['selected_domains'][] = $row['domain'];
- }
- // GET UNSELECTED
- $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
- WHERE `domain` NOT IN (
- SELECT `domain` FROM `domain_admins`
- WHERE `username`= :domain_admin)");
- $stmt->execute(array(':domain_admin' => $_data));
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while($row = array_shift($rows)) {
- $domainadmindata['unselected_domains'][] = $row['domain'];
- }
- if (!isset($domainadmindata['unselected_domains'])) {
- $domainadmindata['unselected_domains'] = "";
- }
+
+ $stmt = $pdo->prepare("SELECT
+ `tfa`.`active` AS `tfa_active_int`,
+ CASE `tfa`.`active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `tfa_active`,
+ `domain_admins`.`username`,
+ `domain_admins`.`created`,
+ `domain_admins`.`active` AS `active_int`,
+ CASE `domain_admins`.`active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`
+ FROM `domain_admins`
+ LEFT OUTER JOIN `tfa` ON `tfa`.`username`=`domain_admins`.`username`
+ WHERE `domain_admins`.`username`= :domain_admin");
+ $stmt->execute(array(
+ ':domain_admin' => $_data
+ ));
+ $row = $stmt->fetch(PDO::FETCH_ASSOC);
+ if (empty($row)) {
+ return false;
}
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('mysql_error', $e)
- );
+ $domainadmindata['username'] = $row['username'];
+ $domainadmindata['tfa_active'] = $row['tfa_active'];
+ $domainadmindata['active'] = $row['active'];
+ $domainadmindata['tfa_active_int'] = $row['tfa_active_int'];
+ $domainadmindata['active_int'] = $row['active_int'];
+ $domainadmindata['modified'] = $row['created'];
+ // GET SELECTED
+ $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
+ WHERE `domain` IN (
+ SELECT `domain` FROM `domain_admins`
+ WHERE `username`= :domain_admin)");
+ $stmt->execute(array(':domain_admin' => $_data));
+ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while($row = array_shift($rows)) {
+ $domainadmindata['selected_domains'][] = $row['domain'];
}
+ // GET UNSELECTED
+ $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
+ WHERE `domain` NOT IN (
+ SELECT `domain` FROM `domain_admins`
+ WHERE `username`= :domain_admin)");
+ $stmt->execute(array(':domain_admin' => $_data));
+ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while($row = array_shift($rows)) {
+ $domainadmindata['unselected_domains'][] = $row['domain'];
+ }
+ if (!isset($domainadmindata['unselected_domains'])) {
+ $domainadmindata['unselected_domains'] = "";
+ }
+
return $domainadmindata;
break;
}
diff --git a/data/web/inc/functions.fail2ban.inc.php b/data/web/inc/functions.fail2ban.inc.php
index 668e41cb..166606ef 100644
--- a/data/web/inc/functions.fail2ban.inc.php
+++ b/data/web/inc/functions.fail2ban.inc.php
@@ -80,7 +80,7 @@ function fail2ban($_action, $_data = null) {
}
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('redis_error', $e)
@@ -91,7 +91,7 @@ function fail2ban($_action, $_data = null) {
break;
case 'edit':
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
@@ -101,29 +101,39 @@ function fail2ban($_action, $_data = null) {
if (isset($_data['action']) && !empty($_data['network'])) {
$networks = (array) $_data['network'];
foreach ($networks as $network) {
- if ($_data['action'] == "unban") {
- if (valid_network($network)) {
- $redis->hSet('F2B_QUEUE_UNBAN', $network, 1);
+ try {
+ if ($_data['action'] == "unban") {
+ if (valid_network($network)) {
+ $redis->hSet('F2B_QUEUE_UNBAN', $network, 1);
+ }
+ }
+ elseif ($_data['action'] == "whitelist") {
+ if (valid_network($network)) {
+ $redis->hSet('F2B_WHITELIST', $network, 1);
+ $redis->hDel('F2B_BLACKLIST', $network, 1);
+ $redis->hSet('F2B_QUEUE_UNBAN', $network, 1);
+ }
+ }
+ elseif ($_data['action'] == "blacklist") {
+ if (valid_network($network)) {
+ $redis->hSet('F2B_BLACKLIST', $network, 1);
+ }
}
}
- elseif ($_data['action'] == "whitelist") {
- if (valid_network($network)) {
- $redis->hSet('F2B_WHITELIST', $network, 1);
- $redis->hDel('F2B_BLACKLIST', $network, 1);
- $redis->hSet('F2B_QUEUE_UNBAN', $network, 1);
- }
- }
- elseif ($_data['action'] == "blacklist") {
- if (valid_network($network)) {
- $redis->hSet('F2B_BLACKLIST', $network, 1);
- }
+ catch (RedisException $e) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_data_log),
+ 'msg' => array('redis_error', $e)
+ );
+ continue;
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_data_log),
+ 'msg' => array('object_modified', htmlspecialchars($network))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('object_modified', htmlspecialchars(implode(', ', $networks)))
- );
return true;
}
$is_now = fail2ban('get');
@@ -137,7 +147,7 @@ function fail2ban($_action, $_data = null) {
$bl = (isset($_data['blacklist'])) ? $_data['blacklist'] : $is_now['blacklist'];
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
@@ -178,14 +188,14 @@ function fail2ban($_action, $_data = null) {
}
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('redis_error', $e)
);
return false;
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'f2b_modified'
diff --git a/data/web/inc/functions.fwdhost.inc.php b/data/web/inc/functions.fwdhost.inc.php
index f16834ea..5c511f4f 100644
--- a/data/web/inc/functions.fwdhost.inc.php
+++ b/data/web/inc/functions.fwdhost.inc.php
@@ -8,7 +8,7 @@ function fwdhost($_action, $_data = null) {
case 'add':
global $lang;
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
@@ -28,7 +28,7 @@ function fwdhost($_action, $_data = null) {
$hosts = get_outgoing_hosts_best_guess($host);
}
if (empty($hosts)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('invalid_host', htmlspecialchars($host))
@@ -46,7 +46,7 @@ function fwdhost($_action, $_data = null) {
}
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('redis_error', $e)
@@ -54,7 +54,7 @@ function fwdhost($_action, $_data = null) {
return false;
}
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('forwarding_host_added', htmlspecialchars(implode(', ', $hosts)))
@@ -63,7 +63,7 @@ function fwdhost($_action, $_data = null) {
case 'edit':
global $lang;
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
@@ -77,12 +77,12 @@ function fwdhost($_action, $_data = null) {
$keep_spam = (isset($_data['keep_spam'])) ? $_data['keep_spam'] : $is_now['keep_spam'];
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
try {
if ($keep_spam == 1) {
@@ -93,19 +93,19 @@ function fwdhost($_action, $_data = null) {
}
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('redis_error', $e)
);
- return false;
+ continue;
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_data_log),
+ 'msg' => array('object_modified', htmlspecialchars($fwdhost))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('object_modified', htmlspecialchars(implode(', ', $fwdhosts)))
- );
break;
case 'delete':
$hosts = (array)$_data['forwardinghost'];
@@ -115,19 +115,19 @@ function fwdhost($_action, $_data = null) {
$redis->hDel('KEEP_SPAM', $host);
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('redis_error', $e)
);
- return false;
+ continue;
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_data_log),
+ 'msg' => array('forwarding_host_removed', htmlspecialchars($host))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('forwarding_host_removed', htmlspecialchars(implode(', ', $hosts)))
- );
break;
case 'get':
if ($_SESSION['mailcow_cc_role'] != "admin") {
@@ -148,7 +148,7 @@ function fwdhost($_action, $_data = null) {
}
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('redis_error', $e)
@@ -170,7 +170,7 @@ function fwdhost($_action, $_data = null) {
}
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('redis_error', $e)
diff --git a/data/web/inc/functions.inc.php b/data/web/inc/functions.inc.php
index d99661cb..a44cf7eb 100644
--- a/data/web/inc/functions.inc.php
+++ b/data/web/inc/functions.inc.php
@@ -5,64 +5,81 @@ function hash_password($password) {
}
function last_login($user) {
global $pdo;
- try {
- $stmt = $pdo->prepare('SELECT `remote`, `time` FROM `logs`
- WHERE JSON_EXTRACT(`call`, "$[0]") = "check_login"
- AND JSON_EXTRACT(`call`, "$[1]") = :user
- AND `type` = "success" ORDER BY `time` DESC LIMIT 1');
- $stmt->execute(array(':user' => $user));
- $row = $stmt->fetch(PDO::FETCH_ASSOC);
- if (!empty($row)) {
- return $row;
- }
- else {
- return false;
- }
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $username, $role, $domain),
- 'msg' => array('mysql_error', $e)
- );
+ $stmt = $pdo->prepare('SELECT `remote`, `time` FROM `logs`
+ WHERE JSON_EXTRACT(`call`, "$[0]") = "check_login"
+ AND JSON_EXTRACT(`call`, "$[1]") = :user
+ AND `type` = "success" ORDER BY `time` DESC LIMIT 1');
+ $stmt->execute(array(':user' => $user));
+ $row = $stmt->fetch(PDO::FETCH_ASSOC);
+ if (!empty($row)) {
+ return $row;
+ }
+ else {
return false;
}
}
function logger($_data = false) {
+ /*
+ logger() will be called as last function
+ To manually log a message, logger needs to be called like below.
+
+ logger(array(
+ 'return' => array(
+ array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__),
+ 'msg' => $err
+ )
+ )
+ ));
+
+ These messages will not be printed as alert box.
+ To do so, push them to $_SESSION['return'] and do not call logger as they will be included automatically:
+
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $user, '*'),
+ 'msg' => $err
+ );
+ */
global $pdo;
if (!$_data) {
$_data = $_SESSION;
}
if (!empty($_data['return'])) {
- $type = $_data['return']['type'];
- $msg = json_encode($_data['return']['msg'], JSON_UNESCAPED_UNICODE);
- $call = json_encode($_data['return']['log'], JSON_UNESCAPED_UNICODE);
- if (!empty($_SESSION["dual-login"]["username"])) {
- $user = $_SESSION["dual-login"]["username"] . ' => ' . $_SESSION['mailcow_cc_username'];
- $role = $_SESSION["dual-login"]["role"] . ' => ' . $_SESSION['mailcow_cc_role'];
- }
- elseif (!empty($_SESSION['mailcow_cc_username'])) {
- $user = $_SESSION['mailcow_cc_username'];
- $role = $_SESSION['mailcow_cc_role'];
- }
- else {
- $user = 'unauthenticated';
- $role = 'unauthenticated';
+ $task = substr(strtoupper(md5(uniqid(rand(), true))), 0, 6);
+ foreach ($_data['return'] as $return) {
+ $type = $return['type'];
+ $msg = json_encode($return['msg'], JSON_UNESCAPED_UNICODE);
+ $call = json_encode($return['log'], JSON_UNESCAPED_UNICODE);
+ if (!empty($_SESSION["dual-login"]["username"])) {
+ $user = $_SESSION["dual-login"]["username"] . ' => ' . $_SESSION['mailcow_cc_username'];
+ $role = $_SESSION["dual-login"]["role"] . ' => ' . $_SESSION['mailcow_cc_role'];
+ }
+ elseif (!empty($_SESSION['mailcow_cc_username'])) {
+ $user = $_SESSION['mailcow_cc_username'];
+ $role = $_SESSION['mailcow_cc_role'];
+ }
+ else {
+ $user = 'unauthenticated';
+ $role = 'unauthenticated';
+ }
+ $stmt = $pdo->prepare("INSERT INTO `logs` (`type`, `task`, `msg`, `call`, `user`, `role`, `remote`, `time`) VALUES
+ (:type, :task, :msg, :call, :user, :role, :remote, UNIX_TIMESTAMP())");
+ $stmt->execute(array(
+ ':type' => $type,
+ ':task' => $task,
+ ':call' => $call,
+ ':msg' => $msg,
+ ':user' => $user,
+ ':role' => $role,
+ ':remote' => get_remote_ip()
+ ));
}
}
else {
return true;
}
- $stmt = $pdo->prepare("INSERT INTO `logs` (`type`, `msg`, `call`, `user`, `role`, `remote`, `time`) VALUES
- (:type, :msg, :call, :user, :role, :remote, UNIX_TIMESTAMP())");
- $stmt->execute(array(
- ':type' => $type,
- ':call' => $call,
- ':msg' => $msg,
- ':user' => $user,
- ':role' => $role,
- ':remote' => get_remote_ip()
- ));
}
function hasDomainAccess($username, $role, $domain) {
global $pdo;
@@ -75,25 +92,15 @@ function hasDomainAccess($username, $role, $domain) {
if ($role != 'admin' && $role != 'domainadmin' && $role != 'user') {
return false;
}
- try {
- $stmt = $pdo->prepare("SELECT `domain` FROM `domain_admins`
- WHERE (
- `active`='1'
- AND `username` = :username
- AND (`domain` = :domain1 OR `domain` = (SELECT `target_domain` FROM `alias_domain` WHERE `alias_domain` = :domain2))
- )
- OR 'admin' = :role");
- $stmt->execute(array(':username' => $username, ':domain1' => $domain, ':domain2' => $domain, ':role' => $role));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $username, $role, $domain),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("SELECT `domain` FROM `domain_admins`
+ WHERE (
+ `active`='1'
+ AND `username` = :username
+ AND (`domain` = :domain1 OR `domain` = (SELECT `target_domain` FROM `alias_domain` WHERE `alias_domain` = :domain2))
+ )
+ OR 'admin' = :role");
+ $stmt->execute(array(':username' => $username, ':domain1' => $domain, ':domain2' => $domain, ':role' => $role));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
if (!empty($num_results)) {
return true;
}
@@ -110,18 +117,12 @@ function hasMailboxObjectAccess($username, $role, $object) {
if ($username == $object) {
return true;
}
- try {
- $stmt = $pdo->prepare("SELECT `domain` FROM `mailbox` WHERE `username` = :object");
- $stmt->execute(array(':object' => $object));
- $row = $stmt->fetch(PDO::FETCH_ASSOC);
- if (isset($row['domain']) && hasDomainAccess($username, $role, $row['domain'])) {
- return true;
- }
- }
- catch(PDOException $e) {
- error_log($e);
- return false;
- }
+ $stmt = $pdo->prepare("SELECT `domain` FROM `mailbox` WHERE `username` = :object");
+ $stmt->execute(array(':object' => $object));
+ $row = $stmt->fetch(PDO::FETCH_ASSOC);
+ if (isset($row['domain']) && hasDomainAccess($username, $role, $row['domain'])) {
+ return true;
+ }
return false;
}
function pem_to_der($pem_key) {
@@ -193,25 +194,30 @@ function generate_tlsa_digest($hostname, $port, $starttls = null) {
function alertbox_log_parser($_data){
global $lang;
if (isset($_data['return'])) {
- // Get type
- $type = $_data['return']['type'];
- // If a lang[type][msg] string exists, use it as message
- if (is_string($lang[$_data['return']['type']][$_data['return']['msg']])) {
- $msg = $lang[$_data['return']['type']][$_data['return']['msg']];
+ foreach ($_data['return'] as $return) {
+ // Get type
+ $type = $return['type'];
+ // If a lang[type][msg] string exists, use it as message
+ if (is_string($lang[$return['type']][$return['msg']])) {
+ $msg = $lang[$return['type']][$return['msg']];
+ }
+ // If msg is an array, use first element as language string and run printf on it with remaining array elements
+ elseif (is_array($return['msg'])) {
+ $msg = array_shift($return['msg']);
+ $msg = vsprintf(
+ $lang[$return['type']][$msg],
+ $return['msg']
+ );
+ }
+ // If none applies, use msg as returned message
+ else {
+ $msg = $return['msg'];
+ }
+ $log_array[] = array('msg' => json_encode($msg), 'type' => json_encode($type));
}
- // If msg is an array, use first element as language string and run printf on it with remaining array elements
- elseif (is_array($_data['return']['msg'])) {
- $msg = array_shift($_data['return']['msg']);
- $msg = vsprintf(
- $lang[$_data['return']['type']][$msg],
- $_data['return']['msg']
- );
+ if (!empty($log_array)) {
+ return $log_array;
}
- // If none applies, use msg as returned message
- else {
- $msg = $_data['return']['msg'];
- }
- return array('msg' => json_encode($msg), 'type' => json_encode($type));
}
return false;
}
@@ -260,7 +266,7 @@ function check_login($user, $pass) {
global $pdo;
global $redis;
if (!filter_var($user, FILTER_VALIDATE_EMAIL) && !ctype_alnum(str_replace(array('_', '.', '-'), '', $user))) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $user, '*'),
'msg' => 'malformed_username'
@@ -280,7 +286,7 @@ function check_login($user, $pass) {
$_SESSION['pending_mailcow_cc_role'] = "admin";
$_SESSION['pending_tfa_method'] = get_tfa($user)['name'];
unset($_SESSION['ldelay']);
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'info',
'log' => array(__FUNCTION__, $user, '*'),
'msg' => 'awaiting_tfa_confirmation'
@@ -289,7 +295,7 @@ function check_login($user, $pass) {
}
else {
unset($_SESSION['ldelay']);
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $user, '*'),
'msg' => array('logged_in_as', $user)
@@ -311,7 +317,7 @@ function check_login($user, $pass) {
$_SESSION['pending_mailcow_cc_role'] = "domainadmin";
$_SESSION['pending_tfa_method'] = get_tfa($user)['name'];
unset($_SESSION['ldelay']);
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'info',
'log' => array(__FUNCTION__, $user, '*'),
'msg' => 'awaiting_tfa_confirmation'
@@ -323,7 +329,7 @@ function check_login($user, $pass) {
// Reactivate TFA if it was set to "deactivate TFA for next login"
$stmt = $pdo->prepare("UPDATE `tfa` SET `active`='1' WHERE `username` = :user");
$stmt->execute(array(':user' => $user));
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $user, '*'),
'msg' => array('logged_in_as', $user)
@@ -341,7 +347,7 @@ function check_login($user, $pass) {
foreach ($rows as $row) {
if (verify_hash($row['password'], $pass) !== false) {
unset($_SESSION['ldelay']);
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $user, '*'),
'msg' => array('logged_in_as', $user)
@@ -359,7 +365,7 @@ function check_login($user, $pass) {
$redis->publish("F2B_CHANNEL", "mailcow UI: Invalid password for " . $user . " by " . $_SERVER['REMOTE_ADDR']);
error_log("mailcow UI: Invalid password for " . $user . " by " . $_SERVER['REMOTE_ADDR']);
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $user, '*'),
'msg' => 'login_failed'
@@ -390,7 +396,7 @@ function set_acl() {
$_SESSION = array_merge($_SESSION, $acl);
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'info',
'log' => array(__FUNCTION__),
'msg' => 'set_acl_failed'
@@ -433,7 +439,7 @@ function edit_admin_account($_data) {
!isset($_data_log['admin_pass']) ?: $_data_log['admin_pass'] = '*';
!isset($_data_log['admin_pass2']) ?: $_data_log['admin_pass2'] = '*';
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => 'access_denied'
@@ -445,7 +451,7 @@ function edit_admin_account($_data) {
$password = $_data['admin_pass'];
$password2 = $_data['admin_pass2'];
if (!ctype_alnum(str_replace(array('_', '.', '-'), '', $username)) || empty ($username)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => 'username_invalid'
@@ -454,7 +460,7 @@ function edit_admin_account($_data) {
}
if (!empty($password) && !empty($password2)) {
if (!preg_match('/' . $GLOBALS['PASSWD_REGEP'] . '/', $password)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => 'password_complexity'
@@ -462,7 +468,7 @@ function edit_admin_account($_data) {
return false;
}
if ($password != $password2) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => 'password_mismatch'
@@ -482,7 +488,7 @@ function edit_admin_account($_data) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => array('mysql_error', $e)
@@ -501,7 +507,7 @@ function edit_admin_account($_data) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => array('mysql_error', $e)
@@ -516,7 +522,7 @@ function edit_admin_account($_data) {
$stmt->execute(array(':username1' => $username, ':username2' => $username_now));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => array('mysql_error', $e)
@@ -524,7 +530,7 @@ function edit_admin_account($_data) {
return false;
}
$_SESSION['mailcow_cc_username'] = $username;
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_data_log),
'msg' => 'admin_modified'
@@ -552,7 +558,7 @@ function edit_user_account($_data) {
$role = $_SESSION['mailcow_cc_role'];
$password_old = $_data['user_old_pass'];
if (filter_var($username, FILTER_VALIDATE_EMAIL === false) || $role != 'user') {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => 'access_denied'
@@ -569,7 +575,7 @@ function edit_user_account($_data) {
$stmt->execute(array(':user' => $username));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if (!verify_hash($row['password'], $password_old)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => 'access_denied'
@@ -579,7 +585,7 @@ function edit_user_account($_data) {
if (isset($password_new) && isset($password_new2)) {
if (!empty($password_new2) && !empty($password_new)) {
if ($password_new2 != $password_new) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => 'password_mismatch'
@@ -587,7 +593,7 @@ function edit_user_account($_data) {
return false;
}
if (!preg_match('/' . $GLOBALS['PASSWD_REGEP'] . '/', $password_new)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => 'password_complexity'
@@ -603,7 +609,7 @@ function edit_user_account($_data) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => array('mysql_error', $e)
@@ -613,7 +619,7 @@ function edit_user_account($_data) {
}
}
update_sogo_static_view();
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_data_log),
'msg' => array('mailbox_modified', htmlspecialchars($username))
@@ -628,73 +634,63 @@ function user_get_alias_details($username) {
if (!filter_var($username, FILTER_VALIDATE_EMAIL)) {
return false;
}
- try {
- $data['address'] = $username;
- $stmt = $pdo->prepare("SELECT IFNULL(GROUP_CONCAT(`address` SEPARATOR ', '), '✘') AS `shared_aliases` FROM `alias`
- WHERE `goto` REGEXP :username_goto
- AND `address` NOT LIKE '@%'
- AND `goto` != :username_goto2
- AND `address` != :username_address");
- $stmt->execute(array(
- ':username_goto' => '(^|,)'.$username.'($|,)',
- ':username_goto2' => $username,
- ':username_address' => $username
- ));
- $run = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while ($row = array_shift($run)) {
- $data['shared_aliases'] = $row['shared_aliases'];
- }
- $stmt = $pdo->prepare("SELECT GROUP_CONCAT(`address` SEPARATOR ', ') AS `direct_aliases` FROM `alias`
- WHERE `goto` = :username_goto
- AND `address` NOT LIKE '@%'
- AND `address` != :username_address");
- $stmt->execute(
- array(
- ':username_goto' => $username,
- ':username_address' => $username
- ));
- $run = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while ($row = array_shift($run)) {
- $data['direct_aliases'][] = $row['direct_aliases'];
- }
- $stmt = $pdo->prepare("SELECT GROUP_CONCAT(local_part, '@', alias_domain SEPARATOR ', ') AS `ad_alias` FROM `mailbox`
- LEFT OUTER JOIN `alias_domain` on `target_domain` = `domain`
- WHERE `username` = :username ;");
- $stmt->execute(array(':username' => $username));
- $run = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while ($row = array_shift($run)) {
- $data['direct_aliases'][] = $row['ad_alias'];
- }
- $data['direct_aliases'] = implode(', ', array_filter($data['direct_aliases']));
- $data['direct_aliases'] = empty($data['direct_aliases']) ? '✘' : $data['direct_aliases'];
- $stmt = $pdo->prepare("SELECT IFNULL(GROUP_CONCAT(`send_as` SEPARATOR ', '), '✘') AS `send_as` FROM `sender_acl` WHERE `logged_in_as` = :username AND `send_as` NOT LIKE '@%';");
- $stmt->execute(array(':username' => $username));
- $run = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while ($row = array_shift($run)) {
- $data['aliases_also_send_as'] = $row['send_as'];
- }
- $stmt = $pdo->prepare("SELECT IFNULL(CONCAT(GROUP_CONCAT(DISTINCT `send_as` SEPARATOR ', '), ', ', GROUP_CONCAT(DISTINCT CONCAT('@',`alias_domain`) SEPARATOR ', ')), '✘') AS `send_as` FROM `sender_acl` LEFT JOIN `alias_domain` ON `alias_domain`.`target_domain` = TRIM(LEADING '@' FROM `send_as`) WHERE `logged_in_as` = :username AND `send_as` LIKE '@%';");
- $stmt->execute(array(':username' => $username));
- $run = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while ($row = array_shift($run)) {
- $data['aliases_send_as_all'] = $row['send_as'];
- }
- $stmt = $pdo->prepare("SELECT IFNULL(GROUP_CONCAT(`address` SEPARATOR ', '), '✘') as `address` FROM `alias` WHERE `goto` REGEXP :username AND `address` LIKE '@%';");
- $stmt->execute(array(':username' => '(^|,)'.$username.'($|,)'));
- $run = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while ($row = array_shift($run)) {
- $data['is_catch_all'] = $row['address'];
- }
- return $data;
+ $data['address'] = $username;
+ $stmt = $pdo->prepare("SELECT IFNULL(GROUP_CONCAT(`address` SEPARATOR ', '), '✘') AS `shared_aliases` FROM `alias`
+ WHERE `goto` REGEXP :username_goto
+ AND `address` NOT LIKE '@%'
+ AND `goto` != :username_goto2
+ AND `address` != :username_address");
+ $stmt->execute(array(
+ ':username_goto' => '(^|,)'.$username.'($|,)',
+ ':username_goto2' => $username,
+ ':username_address' => $username
+ ));
+ $run = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while ($row = array_shift($run)) {
+ $data['shared_aliases'] = $row['shared_aliases'];
}
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $username),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ $stmt = $pdo->prepare("SELECT GROUP_CONCAT(`address` SEPARATOR ', ') AS `direct_aliases` FROM `alias`
+ WHERE `goto` = :username_goto
+ AND `address` NOT LIKE '@%'
+ AND `address` != :username_address");
+ $stmt->execute(
+ array(
+ ':username_goto' => $username,
+ ':username_address' => $username
+ ));
+ $run = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while ($row = array_shift($run)) {
+ $data['direct_aliases'][] = $row['direct_aliases'];
}
+ $stmt = $pdo->prepare("SELECT GROUP_CONCAT(local_part, '@', alias_domain SEPARATOR ', ') AS `ad_alias` FROM `mailbox`
+ LEFT OUTER JOIN `alias_domain` on `target_domain` = `domain`
+ WHERE `username` = :username ;");
+ $stmt->execute(array(':username' => $username));
+ $run = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while ($row = array_shift($run)) {
+ $data['direct_aliases'][] = $row['ad_alias'];
+ }
+ $data['direct_aliases'] = implode(', ', array_filter($data['direct_aliases']));
+ $data['direct_aliases'] = empty($data['direct_aliases']) ? '✘' : $data['direct_aliases'];
+ $stmt = $pdo->prepare("SELECT IFNULL(GROUP_CONCAT(`send_as` SEPARATOR ', '), '✘') AS `send_as` FROM `sender_acl` WHERE `logged_in_as` = :username AND `send_as` NOT LIKE '@%';");
+ $stmt->execute(array(':username' => $username));
+ $run = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while ($row = array_shift($run)) {
+ $data['aliases_also_send_as'] = $row['send_as'];
+ }
+ $stmt = $pdo->prepare("SELECT IFNULL(CONCAT(GROUP_CONCAT(DISTINCT `send_as` SEPARATOR ', '), ', ', GROUP_CONCAT(DISTINCT CONCAT('@',`alias_domain`) SEPARATOR ', ')), '✘') AS `send_as` FROM `sender_acl` LEFT JOIN `alias_domain` ON `alias_domain`.`target_domain` = TRIM(LEADING '@' FROM `send_as`) WHERE `logged_in_as` = :username AND `send_as` LIKE '@%';");
+ $stmt->execute(array(':username' => $username));
+ $run = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while ($row = array_shift($run)) {
+ $data['aliases_send_as_all'] = $row['send_as'];
+ }
+ $stmt = $pdo->prepare("SELECT IFNULL(GROUP_CONCAT(`address` SEPARATOR ', '), '✘') as `address` FROM `alias` WHERE `goto` REGEXP :username AND `address` LIKE '@%';");
+ $stmt->execute(array(':username' => '(^|,)'.$username.'($|,)'));
+ $run = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while ($row = array_shift($run)) {
+ $data['is_catch_all'] = $row['address'];
+ }
+ return $data;
}
function is_valid_domain_name($domain_name) {
if (empty($domain_name)) {
@@ -716,7 +712,7 @@ function set_tfa($_data) {
$username = $_SESSION['mailcow_cc_username'];
if ($_SESSION['mailcow_cc_role'] != "domainadmin" &&
$_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => 'access_denied'
@@ -728,7 +724,7 @@ function set_tfa($_data) {
$stmt->execute(array(':user' => $username));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if (!verify_hash($row['password'], $_data["confirm_password"])) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => 'access_denied'
@@ -743,7 +739,7 @@ function set_tfa($_data) {
$yubico_key = $_data['yubico_key'];
$yubi = new Auth_Yubico($yubico_id, $yubico_key);
if (!$yubi) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => 'access_denied'
@@ -751,7 +747,7 @@ function set_tfa($_data) {
return false;
}
if (!ctype_alnum($_data["otp_token"]) || strlen($_data["otp_token"]) != 44) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => 'tfa_token_invalid'
@@ -760,7 +756,7 @@ function set_tfa($_data) {
}
$yauth = $yubi->verify($_data["otp_token"]);
if (PEAR::isError($yauth)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => array('yotp_verification_failed', $yauth->getMessage())
@@ -780,14 +776,14 @@ function set_tfa($_data) {
$stmt->execute(array(':key_id' => $key_id, ':username' => $username, ':secret' => $yubico_id . ':' . $yubico_key . ':' . $yubico_modhex_id));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => array('mysql_error', $e)
);
return false;
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_data_log),
'msg' => array('object_modified', htmlspecialchars($username))
@@ -801,7 +797,7 @@ function set_tfa($_data) {
$stmt->execute(array(':username' => $username));
$stmt = $pdo->prepare("INSERT INTO `tfa` (`username`, `key_id`, `authmech`, `keyHandle`, `publicKey`, `certificate`, `counter`, `active`) VALUES (?, ?, 'u2f', ?, ?, ?, ?, '1')");
$stmt->execute(array($username, $key_id, $reg->keyHandle, $reg->publicKey, $reg->certificate, $reg->counter));
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_data_log),
'msg' => array('object_modified', $username)
@@ -809,7 +805,7 @@ function set_tfa($_data) {
$_SESSION['regReq'] = null;
}
catch (Exception $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => array('u2f_verification_failed', $e->getMessage())
@@ -828,21 +824,21 @@ function set_tfa($_data) {
$stmt->execute(array($username, $key_id, $_POST['totp_secret']));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => array('mysql_error', $e)
);
return false;
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_data_log),
'msg' => array('object_modified', $username)
);
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => 'totp_verification_failed'
@@ -855,14 +851,14 @@ function set_tfa($_data) {
$stmt->execute(array(':username' => $username));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => array('mysql_error', $e)
);
return false;
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_data_log),
'msg' => array('object_modified', htmlspecialchars($username))
@@ -880,7 +876,7 @@ function unset_tfa_key($_data) {
$username = $_SESSION['mailcow_cc_username'];
if ($_SESSION['mailcow_cc_role'] != "domainadmin" &&
$_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => 'access_denied'
@@ -889,7 +885,7 @@ function unset_tfa_key($_data) {
}
try {
if (!is_numeric($id)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => 'access_denied'
@@ -901,7 +897,7 @@ function unset_tfa_key($_data) {
$stmt->execute(array(':username' => $username));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ($row['keys'] == "1") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => 'last_key'
@@ -910,14 +906,14 @@ function unset_tfa_key($_data) {
}
$stmt = $pdo->prepare("DELETE FROM `tfa` WHERE `username` = :username AND `id` = :id");
$stmt->execute(array(':username' => $username, ':id' => $id));
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_data_log),
'msg' => array('object_modified', $username)
);
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_data_log),
'msg' => array('mysql_error', $e)
@@ -1004,7 +1000,7 @@ function verify_tfa_login($username, $token) {
switch ($row["authmech"]) {
case "yubi_otp":
if (!ctype_alnum($token) || strlen($token) != 44) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $username, '*'),
'msg' => array('yotp_verification_failed', 'token length error')
@@ -1023,7 +1019,7 @@ function verify_tfa_login($username, $token) {
$yubi = new Auth_Yubico($yubico_auth[0], $yubico_auth[1]);
$yauth = $yubi->verify($token);
if (PEAR::isError($yauth)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $username, '*'),
'msg' => array('yotp_verification_failed', $yauth->getMessage())
@@ -1032,14 +1028,14 @@ function verify_tfa_login($username, $token) {
}
else {
$_SESSION['tfa_id'] = $row['id'];
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $username, '*'),
'msg' => 'verified_yotp_login'
);
return true;
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $username, '*'),
'msg' => array('yotp_verification_failed', 'unknown')
@@ -1053,7 +1049,7 @@ function verify_tfa_login($username, $token) {
$stmt->execute(array($reg->counter, $reg->id));
$_SESSION['tfa_id'] = $reg->id;
$_SESSION['authReq'] = null;
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $username, '*'),
'msg' => 'verified_u2f_login'
@@ -1061,7 +1057,7 @@ function verify_tfa_login($username, $token) {
return true;
}
catch (Exception $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $username, '*'),
'msg' => array('u2f_verification_failed', $e->getMessage())
@@ -1069,7 +1065,7 @@ function verify_tfa_login($username, $token) {
$_SESSION['regReq'] = null;
return false;
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $username, '*'),
'msg' => array('u2f_verification_failed', 'unknown')
@@ -1089,14 +1085,14 @@ function verify_tfa_login($username, $token) {
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if ($tfa->verifyCode($row['secret'], $_POST['token']) === true) {
$_SESSION['tfa_id'] = $row['id'];
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $username, '*'),
'msg' => 'verified_totp_login'
);
return true;
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $username, '*'),
'msg' => 'totp_verification_failed'
@@ -1104,7 +1100,7 @@ function verify_tfa_login($username, $token) {
return false;
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $username, '*'),
'msg' => array('mysql_error', $e)
@@ -1113,7 +1109,7 @@ function verify_tfa_login($username, $token) {
}
break;
default:
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $username, '*'),
'msg' => 'unknown_tfa_method'
@@ -1127,7 +1123,7 @@ function admin_api($action, $data = null) {
global $pdo;
global $lang;
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__),
'msg' => 'access_denied'
@@ -1147,7 +1143,7 @@ function admin_api($action, $data = null) {
}
$allow_from = implode(',', array_unique(array_filter($allow_from)));
if (empty($allow_from)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $data),
'msg' => 'ip_list_empty'
@@ -1187,7 +1183,7 @@ function admin_api($action, $data = null) {
));
break;
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $data),
'msg' => 'admin_modified'
@@ -1196,7 +1192,7 @@ function admin_api($action, $data = null) {
function rspamd_ui($action, $data = null) {
global $lang;
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__),
'msg' => 'access_denied'
@@ -1208,7 +1204,7 @@ function rspamd_ui($action, $data = null) {
$rspamd_ui_pass = $data['rspamd_ui_pass'];
$rspamd_ui_pass2 = $data['rspamd_ui_pass2'];
if (empty($rspamd_ui_pass) || empty($rspamd_ui_pass2)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, '*', '*'),
'msg' => 'password_empty'
@@ -1216,7 +1212,7 @@ function rspamd_ui($action, $data = null) {
return false;
}
if ($rspamd_ui_pass != $rspamd_ui_pass2) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, '*', '*'),
'msg' => 'password_mismatch'
@@ -1224,7 +1220,7 @@ function rspamd_ui($action, $data = null) {
return false;
}
if (strlen($rspamd_ui_pass) < 6) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, '*', '*'),
'msg' => 'rspamd_ui_pw_length'
@@ -1234,7 +1230,7 @@ function rspamd_ui($action, $data = null) {
$docker_return = docker('post', 'rspamd-mailcow', 'exec', array('cmd' => 'worker_password', 'raw' => $rspamd_ui_pass), array('Content-Type: application/json'));
if ($docker_return_array = json_decode($docker_return, true)) {
if ($docker_return_array['type'] == 'success') {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, '*', '*'),
'msg' => 'rspamd_ui_pw_set'
@@ -1242,7 +1238,7 @@ function rspamd_ui($action, $data = null) {
return true;
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => $docker_return_array['type'],
'log' => array(__FUNCTION__, '*', '*'),
'msg' => $docker_return_array['msg']
@@ -1251,7 +1247,7 @@ function rspamd_ui($action, $data = null) {
}
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, '*', '*'),
'msg' => 'unknown'
@@ -1269,20 +1265,11 @@ function get_admin_details() {
if ($_SESSION['mailcow_cc_role'] != 'admin') {
return false;
}
- try {
- $stmt = $pdo->query("SELECT `admin`.`username`, `api`.`active` AS `api_active`, `api`.`api_key`, `api`.`allow_from` FROM `admin`
- INNER JOIN `api` ON `admin`.`username` = `api`.`username`
- WHERE `admin`.`superadmin`='1'
- AND `admin`.`active`='1'");
- $data = $stmt->fetch(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__),
- 'msg' => array('mysql_error', $e)
- );
- }
+ $stmt = $pdo->query("SELECT `admin`.`username`, `api`.`active` AS `api_active`, `api`.`api_key`, `api`.`allow_from` FROM `admin`
+ INNER JOIN `api` ON `admin`.`username` = `api`.`username`
+ WHERE `admin`.`superadmin`='1'
+ AND `admin`.`active`='1'");
+ $data = $stmt->fetch(PDO::FETCH_ASSOC);
return $data;
}
function get_u2f_registrations($username) {
@@ -1313,37 +1300,19 @@ function get_logs($container, $lines = false) {
// SQL
if ($container == "mailcow-ui") {
if (isset($from) && isset($to)) {
- try {
- $stmt = $pdo->prepare("SELECT * FROM `logs` ORDER BY `id` DESC LIMIT :from, :to");
- $stmt->execute(array(
- ':from' => $from - 1,
- ':to' => $to
- ));
- $data = $stmt->fetchAll(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__),
- 'msg' => array('mysql_error', $e)
- );
- }
+ $stmt = $pdo->prepare("SELECT * FROM `logs` ORDER BY `id` DESC LIMIT :from, :to");
+ $stmt->execute(array(
+ ':from' => $from - 1,
+ ':to' => $to
+ ));
+ $data = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
else {
- try {
- $stmt = $pdo->prepare("SELECT * FROM `logs` ORDER BY `id` DESC LIMIT :lines");
- $stmt->execute(array(
- ':lines' => $lines + 1,
- ));
- $data = $stmt->fetchAll(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__),
- 'msg' => array('mysql_error', $e)
- );
- }
+ $stmt = $pdo->prepare("SELECT * FROM `logs` ORDER BY `id` DESC LIMIT :lines");
+ $stmt->execute(array(
+ ':lines' => $lines + 1,
+ ));
+ $data = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
if (is_array($data)) {
return $data;
diff --git a/data/web/inc/functions.mailbox.inc.php b/data/web/inc/functions.mailbox.inc.php
index d0d1cd1a..82481cc3 100644
--- a/data/web/inc/functions.mailbox.inc.php
+++ b/data/web/inc/functions.mailbox.inc.php
@@ -11,7 +11,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
switch ($_type) {
case 'time_limited_alias':
if (!isset($_SESSION['acl']['spam_alias']) || $_SESSION['acl']['spam_alias'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -20,7 +20,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
if (isset($_data['username']) && filter_var($_data['username'], FILTER_VALIDATE_EMAIL)) {
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data['username'])) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -35,47 +35,27 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$username = $_SESSION['mailcow_cc_username'];
}
if (!is_numeric($_data["validity"]) || $_data["validity"] > 672) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'validity_missing'
);
return false;
}
- try {
- $stmt = $pdo->prepare("SELECT `domain` FROM `mailbox` WHERE `username` = :username");
- $stmt->execute(array(':username' => $_SESSION['mailcow_cc_username']));
- $domain = $stmt->fetch(PDO::FETCH_ASSOC)['domain'];
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("SELECT `domain` FROM `mailbox` WHERE `username` = :username");
+ $stmt->execute(array(':username' => $_SESSION['mailcow_cc_username']));
+ $domain = $stmt->fetch(PDO::FETCH_ASSOC)['domain'];
$validity = strtotime("+".$_data["validity"]." hour");
$letters = 'abcefghijklmnopqrstuvwxyz1234567890';
$random_name = substr(str_shuffle($letters), 0, 24);
- try {
- $stmt = $pdo->prepare("INSERT INTO `spamalias` (`address`, `goto`, `validity`) VALUES
- (:address, :goto, :validity)");
- $stmt->execute(array(
- ':address' => $random_name . '@' . $domain,
- ':goto' => $username,
- ':validity' => $validity
- ));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
- $_SESSION['return'] = array(
+ $stmt = $pdo->prepare("INSERT INTO `spamalias` (`address`, `goto`, `validity`) VALUES
+ (:address, :goto, :validity)");
+ $stmt->execute(array(
+ ':address' => $random_name . '@' . $domain,
+ ':goto' => $username,
+ ':validity' => $validity
+ ));
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('mailbox_modified', htmlspecialchars($_SESSION['mailcow_cc_username']))
@@ -84,7 +64,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
case 'filter':
$sieve = new Sieve\SieveParser();
if (!isset($_SESSION['acl']['filters']) || $_SESSION['acl']['filters'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -93,7 +73,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
if (isset($_data['username']) && filter_var($_data['username'], FILTER_VALIDATE_EMAIL)) {
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data['username'])) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -108,7 +88,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$username = $_SESSION['mailcow_cc_username'];
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'no_user_defined'
@@ -120,7 +100,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$script_desc = $_data['script_desc'];
$filter_type = $_data['filter_type'];
if (empty($script_data)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'script_empty'
@@ -131,7 +111,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$sieve->parse($script_data);
}
catch (Exception $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('sieve_error', $e->getMessage())
@@ -139,7 +119,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if (empty($script_data) || empty($script_desc)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'value_missing'
@@ -147,7 +127,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if ($filter_type != 'postfilter' && $filter_type != 'prefilter') {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'filter_type'
@@ -156,46 +136,26 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
if (!empty($active)) {
$script_name = 'active';
- try {
- $stmt = $pdo->prepare("UPDATE `sieve_filters` SET `script_name` = 'inactive' WHERE `username` = :username AND `filter_type` = :filter_type");
- $stmt->execute(array(
- ':username' => $username,
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- ':filter_type' => $filter_type
- ));
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("UPDATE `sieve_filters` SET `script_name` = 'inactive' WHERE `username` = :username AND `filter_type` = :filter_type");
+ $stmt->execute(array(
+ ':username' => $username,
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ ':filter_type' => $filter_type
+ ));
}
else {
$script_name = 'inactive';
}
- try {
- $stmt = $pdo->prepare("INSERT INTO `sieve_filters` (`username`, `script_data`, `script_desc`, `script_name`, `filter_type`)
- VALUES (:username, :script_data, :script_desc, :script_name, :filter_type)");
- $stmt->execute(array(
- ':username' => $username,
- ':script_data' => $script_data,
- ':script_desc' => $script_desc,
- ':script_name' => $script_name,
- ':filter_type' => $filter_type
- ));
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
- $_SESSION['return'] = array(
+ $stmt = $pdo->prepare("INSERT INTO `sieve_filters` (`username`, `script_data`, `script_desc`, `script_name`, `filter_type`)
+ VALUES (:username, :script_data, :script_desc, :script_name, :filter_type)");
+ $stmt->execute(array(
+ ':username' => $username,
+ ':script_data' => $script_data,
+ ':script_desc' => $script_desc,
+ ':script_name' => $script_name,
+ ':filter_type' => $filter_type
+ ));
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('mailbox_modified', $username)
@@ -203,7 +163,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
break;
case 'syncjob':
if (!isset($_SESSION['acl']['syncjobs']) || $_SESSION['acl']['syncjobs'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -212,7 +172,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
if (isset($_data['username']) && filter_var($_data['username'], FILTER_VALIDATE_EMAIL)) {
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data['username'])) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -227,7 +187,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$username = $_SESSION['mailcow_cc_username'];
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'no_user_defined'
@@ -270,7 +230,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$maxbytespersecond = "0";
}
if (!filter_var($port1, FILTER_VALIDATE_INT, array('options' => array('min_range' => 1, 'max_range' => 65535)))) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -278,7 +238,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if (!filter_var($mins_interval, FILTER_VALIDATE_INT, array('options' => array('min_range' => 1, 'max_range' => 3600)))) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -286,7 +246,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if (!is_valid_domain_name($host1)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -294,7 +254,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if ($enc1 != "TLS" && $enc1 != "SSL" && $enc1 != "PLAIN") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -302,72 +262,52 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if (@preg_match("/" . $exclude . "/", null) === false) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
return false;
}
- try {
- $stmt = $pdo->prepare("SELECT '1' FROM `imapsync`
- WHERE `user2` = :user2 AND `user1` = :user1 AND `host1` = :host1");
- $stmt->execute(array(':user1' => $user1, ':user2' => $username, ':host1' => $host1));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("SELECT '1' FROM `imapsync`
+ WHERE `user2` = :user2 AND `user1` = :user1 AND `host1` = :host1");
+ $stmt->execute(array(':user1' => $user1, ':user2' => $username, ':host1' => $host1));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
if ($num_results != 0) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('object_exists', htmlspecialchars($host1 . ' / ' . $user1))
);
return false;
}
- try {
- $stmt = $pdo->prepare("INSERT INTO `imapsync` (`user2`, `exclude`, `delete1`, `delete2`, `timeout1`, `timeout2`, `automap`, `skipcrossduplicates`, `maxbytespersecond`, `subscribeall`, `maxage`, `subfolder2`, `host1`, `authmech1`, `user1`, `password1`, `mins_interval`, `port1`, `enc1`, `delete2duplicates`, `custom_params`, `active`)
- VALUES (:user2, :exclude, :delete1, :delete2, :timeout1, :timeout2, :automap, :skipcrossduplicates, :maxbytespersecond, :subscribeall, :maxage, :subfolder2, :host1, :authmech1, :user1, :password1, :mins_interval, :port1, :enc1, :delete2duplicates, :custom_params, :active)");
- $stmt->execute(array(
- ':user2' => $username,
- ':custom_params' => $custom_params,
- ':exclude' => $exclude,
- ':maxage' => $maxage,
- ':delete1' => $delete1,
- ':delete2' => $delete2,
- ':timeout1' => $timeout1,
- ':timeout2' => $timeout2,
- ':automap' => $automap,
- ':skipcrossduplicates' => $skipcrossduplicates,
- ':maxbytespersecond' => $maxbytespersecond,
- ':subscribeall' => $subscribeall,
- ':subfolder2' => $subfolder2,
- ':host1' => $host1,
- ':authmech1' => 'PLAIN',
- ':user1' => $user1,
- ':password1' => $password1,
- ':mins_interval' => $mins_interval,
- ':port1' => $port1,
- ':enc1' => $enc1,
- ':delete2duplicates' => $delete2duplicates,
- ':active' => $active,
- ));
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
- $_SESSION['return'] = array(
+ $stmt = $pdo->prepare("INSERT INTO `imapsync` (`user2`, `exclude`, `delete1`, `delete2`, `timeout1`, `timeout2`, `automap`, `skipcrossduplicates`, `maxbytespersecond`, `subscribeall`, `maxage`, `subfolder2`, `host1`, `authmech1`, `user1`, `password1`, `mins_interval`, `port1`, `enc1`, `delete2duplicates`, `custom_params`, `active`)
+ VALUES (:user2, :exclude, :delete1, :delete2, :timeout1, :timeout2, :automap, :skipcrossduplicates, :maxbytespersecond, :subscribeall, :maxage, :subfolder2, :host1, :authmech1, :user1, :password1, :mins_interval, :port1, :enc1, :delete2duplicates, :custom_params, :active)");
+ $stmt->execute(array(
+ ':user2' => $username,
+ ':custom_params' => $custom_params,
+ ':exclude' => $exclude,
+ ':maxage' => $maxage,
+ ':delete1' => $delete1,
+ ':delete2' => $delete2,
+ ':timeout1' => $timeout1,
+ ':timeout2' => $timeout2,
+ ':automap' => $automap,
+ ':skipcrossduplicates' => $skipcrossduplicates,
+ ':maxbytespersecond' => $maxbytespersecond,
+ ':subscribeall' => $subscribeall,
+ ':subfolder2' => $subfolder2,
+ ':host1' => $host1,
+ ':authmech1' => 'PLAIN',
+ ':user1' => $user1,
+ ':password1' => $password1,
+ ':mins_interval' => $mins_interval,
+ ':port1' => $port1,
+ ':enc1' => $enc1,
+ ':delete2duplicates' => $delete2duplicates,
+ ':active' => $active,
+ ));
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('mailbox_modified', $username)
@@ -375,7 +315,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
break;
case 'domain':
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -390,7 +330,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$restart_sogo = $_data['restart_sogo'];
$quota = $_data['quota'];
if ($maxquota > $quota) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'mailbox_quota_exceeds_domain_quota'
@@ -398,7 +338,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if ($maxquota == "0" || empty($maxquota)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'maxquota_empty'
@@ -410,7 +350,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$backupmx = intval($_data['backupmx']);
($relay_all_recipients == 1) ? $backupmx = '1' : null;
if (!is_valid_domain_name($domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'domain_invalid'
@@ -419,7 +359,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
foreach (array($quota, $maxquota, $mailboxes, $aliases) as $data) {
if (!is_numeric($data)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('object_is_not_numeric', htmlspecialchars($data))
@@ -427,26 +367,16 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
}
- try {
- $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
- WHERE `domain` = :domain");
- $stmt->execute(array(':domain' => $domain));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- $stmt = $pdo->prepare("SELECT `alias_domain` FROM `alias_domain`
- WHERE `alias_domain` = :domain");
- $stmt->execute(array(':domain' => $domain));
- $num_results = $num_results + count($stmt->fetchAll(PDO::FETCH_ASSOC));
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
+ WHERE `domain` = :domain");
+ $stmt->execute(array(':domain' => $domain));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+ $stmt = $pdo->prepare("SELECT `alias_domain` FROM `alias_domain`
+ WHERE `alias_domain` = :domain");
+ $stmt->execute(array(':domain' => $domain));
+ $num_results = $num_results + count($stmt->fetchAll(PDO::FETCH_ASSOC));
if ($num_results != 0) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('domain_exists', htmlspecialchars($domain))
@@ -454,65 +384,62 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if ($domain == getenv('MAILCOW_HOSTNAME')) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'domain_cannot_match_hostname'
);
return false;
}
+ $stmt = $pdo->prepare("INSERT INTO `domain` (`domain`, `description`, `aliases`, `mailboxes`, `maxquota`, `quota`, `backupmx`, `active`, `relay_all_recipients`)
+ VALUES (:domain, :description, :aliases, :mailboxes, :maxquota, :quota, :backupmx, :active, :relay_all_recipients)");
+ $stmt->execute(array(
+ ':domain' => $domain,
+ ':description' => $description,
+ ':aliases' => $aliases,
+ ':mailboxes' => $mailboxes,
+ ':maxquota' => $maxquota,
+ ':quota' => $quota,
+ ':backupmx' => $backupmx,
+ ':active' => $active,
+ ':relay_all_recipients' => $relay_all_recipients
+ ));
try {
- $stmt = $pdo->prepare("INSERT INTO `domain` (`domain`, `description`, `aliases`, `mailboxes`, `maxquota`, `quota`, `backupmx`, `active`, `relay_all_recipients`)
- VALUES (:domain, :description, :aliases, :mailboxes, :maxquota, :quota, :backupmx, :active, :relay_all_recipients)");
- $stmt->execute(array(
- ':domain' => $domain,
- ':description' => $description,
- ':aliases' => $aliases,
- ':mailboxes' => $mailboxes,
- ':maxquota' => $maxquota,
- ':quota' => $quota,
- ':backupmx' => $backupmx,
- ':active' => $active,
- ':relay_all_recipients' => $relay_all_recipients
- ));
- try {
- $redis->hSet('DOMAIN_MAP', $domain, 1);
- }
- catch (RedisException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('redis_error', $e)
- );
- return false;
- }
- if (!empty($restart_sogo)) {
- $restart_reponse = json_decode(docker('post', 'sogo-mailcow', 'restart'), true);
- if ($restart_reponse['type'] == "success") {
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('domain_added', htmlspecialchars($domain))
- );
- }
- else {
- $_SESSION['return'] = array(
- 'type' => 'warning',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'domain_added_sogo_failed'
- );
- }
- }
+ $redis->hSet('DOMAIN_MAP', $domain, 1);
}
- catch (PDOException $e) {
- mailbox('delete', 'domain', array('domain' => $domain));
- $_SESSION['return'] = array(
+ catch (RedisException $e) {
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
+ 'msg' => array('redis_error', $e)
);
return false;
}
+ if (!empty($restart_sogo)) {
+ $restart_reponse = json_decode(docker('post', 'sogo-mailcow', 'restart'), true);
+ if ($restart_reponse['type'] == "success") {
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('domain_added', htmlspecialchars($domain))
+ );
+ return true;
+ }
+ else {
+ $_SESSION['return'][] = array(
+ 'type' => 'warning',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => 'domain_added_sogo_failed'
+ );
+ return false;
+ }
+ }
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('domain_added', htmlspecialchars($domain))
+ );
+ return true;
break;
case 'alias':
$addresses = array_map('trim', preg_split( "/( |,|;|\n)/", $_data['address']));
@@ -522,7 +449,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$goto_spam = intval($_data['goto_spam']);
$goto_ham = intval($_data['goto_ham']);
if (empty($addresses[0])) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'alias_empty'
@@ -530,7 +457,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if (empty($gotos[0]) && ($goto_null + $goto_spam + $goto_ham == 0)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'goto_empty'
@@ -547,7 +474,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$goto = "ham@localhost";
}
else {
- foreach ($gotos as &$goto) {
+ foreach ($gotos as $i => &$goto) {
if (empty($goto)) {
continue;
}
@@ -560,23 +487,26 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$stmt->execute(array(':goto' => $goto));
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
if ($num_results != 0) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'goto_invalid'
+ 'msg' => array('goto_invalid', htmlspecialchars($goto))
);
- return false;
+ unset($gotos[$i]);
+ continue;
}
if (!filter_var($goto, FILTER_VALIDATE_EMAIL) === true) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'goto_invalid'
+ 'msg' => array('goto_invalid', htmlspecialchars($goto))
);
- return false;
+ unset($gotos[$i]);
+ continue;
}
}
$gotos = array_filter($gotos);
+ if (empty($gotos)) { return false; }
$goto = implode(",", $gotos);
}
foreach ($addresses as $address) {
@@ -589,6 +519,15 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$domain = idn_to_ascii(substr(strstr($address, '@'), 1));
$local_part = strstr($address, '@', true);
$address = $local_part.'@'.$domain;
+ $domaindata = mailbox('get', 'domain_details', $domain);
+ if (is_array($domaindata) && $domaindata['aliases_left'] == "0") {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => 'max_alias_exceeded'
+ );
+ return false;
+ }
$stmt = $pdo->prepare("SELECT `address` FROM `alias`
WHERE `address`= :address OR `address` IN (
SELECT `username` FROM `mailbox`, `alias_domain`
@@ -602,70 +541,39 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
));
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
if ($num_results != 0) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('is_alias_or_mailbox', htmlspecialchars($address))
);
return false;
}
- $domaindata = mailbox('get', 'domain_details', $domain);
- if (is_array($domaindata) && $domaindata['aliases_left'] == "0") {
- $_SESSION['return'] = array(
+ $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
+ WHERE `domain`= :domain1 OR `domain` = (SELECT `target_domain` FROM `alias_domain` WHERE `alias_domain` = :domain2)");
+ $stmt->execute(array(':domain1' => $domain, ':domain2' => $domain));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+ if ($num_results == 0) {
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'max_alias_exceeded'
+ 'msg' => array('domain_not_found', htmlspecialchars($domain))
);
return false;
}
- try {
- $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
- WHERE `domain`= :domain1 OR `domain` = (SELECT `target_domain` FROM `alias_domain` WHERE `alias_domain` = :domain2)");
- $stmt->execute(array(':domain1' => $domain, ':domain2' => $domain));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- if ($num_results == 0) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('domain_not_found', htmlspecialchars($domain))
- );
- return false;
- }
- $stmt = $pdo->prepare("SELECT `address` FROM `alias`
- WHERE `address`= :address");
- $stmt->execute(array(':address' => $address));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- if ($num_results != 0) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('is_alias_or_mailbox', htmlspecialchars($address))
- );
- return false;
- }
- $stmt = $pdo->prepare("SELECT `address` FROM `spamalias`
- WHERE `address`= :address");
- $stmt->execute(array(':address' => $address));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- if ($num_results != 0) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('is_spam_alias', htmlspecialchars($address))
- );
- return false;
- }
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
+ $stmt = $pdo->prepare("SELECT `address` FROM `spamalias`
+ WHERE `address`= :address");
+ $stmt->execute(array(':address' => $address));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+ if ($num_results != 0) {
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
+ 'msg' => array('is_spam_alias', htmlspecialchars($address))
);
return false;
}
if ((!filter_var($address, FILTER_VALIDATE_EMAIL) === true) && !empty($local_part)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'alias_invalid'
@@ -673,60 +581,45 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
return false;
}
- try {
- $stmt = $pdo->prepare("INSERT INTO `alias` (`address`, `goto`, `domain`, `active`)
- VALUES (:address, :goto, :domain, :active)");
- if (!filter_var($address, FILTER_VALIDATE_EMAIL) === true) {
- $stmt->execute(array(
- ':address' => '@'.$domain,
- ':goto' => $goto,
- ':domain' => $domain,
- ':active' => $active
- ));
- }
- else {
- $stmt->execute(array(
- ':address' => $address,
- ':goto' => $goto,
- ':domain' => $domain,
- ':active' => $active
- ));
- }
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'alias_added'
- );
+ $stmt = $pdo->prepare("INSERT INTO `alias` (`address`, `goto`, `domain`, `active`)
+ VALUES (:address, :goto, :domain, :active)");
+ if (!filter_var($address, FILTER_VALIDATE_EMAIL) === true) {
+ $stmt->execute(array(
+ ':address' => '@'.$domain,
+ ':goto' => $goto,
+ ':domain' => $domain,
+ ':active' => $active
+ ));
}
- catch (PDOException $e) {
- mailbox('delete', 'alias', array('address' => $address));
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ else {
+ $stmt->execute(array(
+ ':address' => $address,
+ ':goto' => $goto,
+ ':domain' => $domain,
+ ':active' => $active
+ ));
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('alias_added', $address)
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'alias_added'
- );
break;
case 'alias_domain':
$active = intval($_data['active']);
$alias_domains = array_map('trim', preg_split( "/( |,|;|\n)/", $_data['alias_domain']));
+ $alias_domains = array_filter($alias_domains);
$target_domain = idn_to_ascii(strtolower(trim($_data['target_domain'])));
if (!is_valid_domain_name($target_domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'target_domain_invalid'
@@ -734,100 +627,79 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $target_domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
return false;
}
- foreach ($alias_domains as $alias_domain) {
+ foreach ($alias_domains as $i => &$alias_domain) {
$alias_domain = idn_to_ascii(strtolower(trim($alias_domain)));
if (!is_valid_domain_name($alias_domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'alias_domain_invalid'
+ 'msg' => array('alias_domain_invalid', htmlspecialchars(alias_domain))
);
- return false;
+ continue;
}
if ($alias_domain == $target_domain) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'aliasd_targetd_identical'
+ 'msg' => array('aliasd_targetd_identical', htmlspecialchars($target_domain))
);
- return false;
+ continue;
}
- try {
- $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
- WHERE `domain`= :target_domain");
- $stmt->execute(array(':target_domain' => $target_domain));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- if ($num_results == 0) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'targetd_not_found'
- );
- return false;
- }
- $stmt = $pdo->prepare("SELECT `alias_domain` FROM `alias_domain` WHERE `alias_domain`= :alias_domain
- UNION
- SELECT `domain` FROM `domain` WHERE `domain`= :alias_domain_in_domain");
- $stmt->execute(array(':alias_domain' => $alias_domain, ':alias_domain_in_domain' => $alias_domain));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- if ($num_results != 0) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'alias_domain_invalid'
- );
- return false;
- }
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
+ $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
+ WHERE `domain`= :target_domain");
+ $stmt->execute(array(':target_domain' => $target_domain));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+ if ($num_results == 0) {
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
+ 'msg' => array('targetd_not_found', htmlspecialchars($target_domain))
);
- return false;
+ continue;
}
- try {
- $stmt = $pdo->prepare("INSERT INTO `alias_domain` (`alias_domain`, `target_domain`, `active`)
- VALUES (:alias_domain, :target_domain, :active)");
- $stmt->execute(array(
- ':alias_domain' => $alias_domain,
- ':target_domain' => $target_domain,
- ':active' => $active
- ));
- }
- catch (PDOException $e) {
- mailbox('delete', 'alias_domain', array('alias_domain' => $alias_domain));
- $_SESSION['return'] = array(
+ $stmt = $pdo->prepare("SELECT `alias_domain` FROM `alias_domain` WHERE `alias_domain`= :alias_domain
+ UNION
+ SELECT `domain` FROM `domain` WHERE `domain`= :alias_domain_in_domain");
+ $stmt->execute(array(':alias_domain' => $alias_domain, ':alias_domain_in_domain' => $alias_domain));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+ if ($num_results != 0) {
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
+ 'msg' => array('alias_domain_invalid', $alias_domain)
);
- return false;
- }
- try {
- $redis->hSet('DOMAIN_MAP', $alias_domain, 1);
- }
- catch (RedisException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('redis_error', $e)
- );
- return false;
+ continue;
}
}
- $_SESSION['return'] = array(
+ $stmt = $pdo->prepare("INSERT INTO `alias_domain` (`alias_domain`, `target_domain`, `active`)
+ VALUES (:alias_domain, :target_domain, :active)");
+ $stmt->execute(array(
+ ':alias_domain' => $alias_domain,
+ ':target_domain' => $target_domain,
+ ':active' => $active
+ ));
+ try {
+ $redis->hSet('DOMAIN_MAP', $alias_domain, 1);
+ }
+ catch (RedisException $e) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('redis_error', $e)
+ );
+ return false;
+ }
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('aliasd_added', htmlspecialchars(implode(', ', $alias_domains)))
+ 'msg' => array('aliasd_added', htmlspecialchars($alias_domain))
);
break;
case 'mailbox':
@@ -835,7 +707,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$domain = idn_to_ascii(strtolower(trim($_data['domain'])));
$username = $local_part . '@' . $domain;
if (!filter_var($username, FILTER_VALIDATE_EMAIL)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'mailbox_invalid'
@@ -843,7 +715,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if (empty($_data['local_part'])) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'mailbox_invalid'
@@ -861,7 +733,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$quota_b = ($quota_m * 1048576);
$maildir = $domain . "/" . $local_part . "/";
if (!is_valid_domain_name($domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'domain_invalid'
@@ -869,81 +741,71 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
return false;
}
- try {
- $stmt = $pdo->prepare("SELECT `mailboxes`, `maxquota`, `quota` FROM `domain`
- WHERE `domain` = :domain");
- $stmt->execute(array(':domain' => $domain));
- $DomainData = $stmt->fetch(PDO::FETCH_ASSOC);
- $stmt = $pdo->prepare("SELECT
- COUNT(*) as count,
- COALESCE(ROUND(SUM(`quota`)/1048576), 0) as `quota`
- FROM `mailbox`
- WHERE `kind` NOT REGEXP 'location|thing|group'
- AND `domain` = :domain");
- $stmt->execute(array(':domain' => $domain));
- $MailboxData = $stmt->fetch(PDO::FETCH_ASSOC);
- $stmt = $pdo->prepare("SELECT `local_part` FROM `mailbox` WHERE `local_part` = :local_part and `domain`= :domain");
- $stmt->execute(array(':local_part' => $local_part, ':domain' => $domain));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- if ($num_results != 0) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('object_exists', htmlspecialchars($username))
- );
- return false;
- }
- $stmt = $pdo->prepare("SELECT `address` FROM `alias` WHERE address= :username");
- $stmt->execute(array(':username' => $username));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- if ($num_results != 0) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('is_alias', htmlspecialchars($username))
- );
- return false;
- }
- $stmt = $pdo->prepare("SELECT `address` FROM `spamalias` WHERE `address`= :username");
- $stmt->execute(array(':username' => $username));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- if ($num_results != 0) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('is_spam_alias', htmlspecialchars($username))
- );
- return false;
- }
- $stmt = $pdo->prepare("SELECT `domain` FROM `domain` WHERE `domain`= :domain");
- $stmt->execute(array(':domain' => $domain));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- if ($num_results == 0) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('domain_not_found', htmlspecialchars($domain))
- );
- return false;
- }
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
+ $stmt = $pdo->prepare("SELECT `mailboxes`, `maxquota`, `quota` FROM `domain`
+ WHERE `domain` = :domain");
+ $stmt->execute(array(':domain' => $domain));
+ $DomainData = $stmt->fetch(PDO::FETCH_ASSOC);
+ $stmt = $pdo->prepare("SELECT
+ COUNT(*) as count,
+ COALESCE(ROUND(SUM(`quota`)/1048576), 0) as `quota`
+ FROM `mailbox`
+ WHERE `kind` NOT REGEXP 'location|thing|group'
+ AND `domain` = :domain");
+ $stmt->execute(array(':domain' => $domain));
+ $MailboxData = $stmt->fetch(PDO::FETCH_ASSOC);
+ $stmt = $pdo->prepare("SELECT `local_part` FROM `mailbox` WHERE `local_part` = :local_part and `domain`= :domain");
+ $stmt->execute(array(':local_part' => $local_part, ':domain' => $domain));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+ if ($num_results != 0) {
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
+ 'msg' => array('object_exists', htmlspecialchars($username))
+ );
+ return false;
+ }
+ $stmt = $pdo->prepare("SELECT `address` FROM `alias` WHERE address= :username");
+ $stmt->execute(array(':username' => $username));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+ if ($num_results != 0) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('is_alias', htmlspecialchars($username))
+ );
+ return false;
+ }
+ $stmt = $pdo->prepare("SELECT `address` FROM `spamalias` WHERE `address`= :username");
+ $stmt->execute(array(':username' => $username));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+ if ($num_results != 0) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('is_spam_alias', htmlspecialchars($username))
+ );
+ return false;
+ }
+ $stmt = $pdo->prepare("SELECT `domain` FROM `domain` WHERE `domain`= :domain");
+ $stmt->execute(array(':domain' => $domain));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+ if ($num_results == 0) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('domain_not_found', htmlspecialchars($domain))
);
return false;
}
if (!is_numeric($quota_m) || $quota_m == "0") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'quota_not_0_not_numeric'
@@ -952,7 +814,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
if (!empty($password) && !empty($password2)) {
if (!preg_match('/' . $GLOBALS['PASSWD_REGEP'] . '/', $password)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'password_complexity'
@@ -960,7 +822,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if ($password != $password2) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'password_mismatch'
@@ -970,7 +832,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$password_hashed = hash_password($password);
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'password_empty'
@@ -978,7 +840,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if ($MailboxData['count'] >= $DomainData['mailboxes']) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('max_mailbox_exceeded', $MailboxData['count'], $DomainData['mailboxes'])
@@ -986,7 +848,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if ($quota_m > $DomainData['maxquota']) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('mailbox_quota_exceeded', $DomainData['maxquota'])
@@ -995,56 +857,45 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
if (($MailboxData['quota'] + $quota_m) > $DomainData['quota']) {
$quota_left_m = ($DomainData['quota'] - $MailboxData['quota']);
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('mailbox_quota_left_exceeded', $quota_left_m)
);
return false;
}
- try {
- $stmt = $pdo->prepare("INSERT INTO `mailbox` (`username`, `password`, `name`, `maildir`, `quota`, `local_part`, `domain`, `attributes`, `active`)
- VALUES (:username, :password_hashed, :name, :maildir, :quota_b, :local_part, :domain, '{\"force_pw_update\": \"0\", \"tls_enforce_in\": \"0\", \"tls_enforce_out\": \"0\"}', :active)");
- $stmt->execute(array(
- ':username' => $username,
- ':password_hashed' => $password_hashed,
- ':name' => $name,
- ':maildir' => $maildir,
- ':quota_b' => $quota_b,
- ':local_part' => $local_part,
- ':domain' => $domain,
- ':active' => $active
- ));
- $stmt = $pdo->prepare("INSERT INTO `quota2` (`username`, `bytes`, `messages`)
- VALUES (:username, '0', '0') ON DUPLICATE KEY UPDATE `bytes` = '0', `messages` = '0';");
- $stmt->execute(array(':username' => $username));
- $stmt = $pdo->prepare("INSERT INTO `alias` (`address`, `goto`, `domain`, `active`)
- VALUES (:username1, :username2, :domain, :active)");
- $stmt->execute(array(
- ':username1' => $username,
- ':username2' => $username,
- ':domain' => $domain,
- ':active' => $active
- ));
- $stmt = $pdo->prepare("INSERT INTO `user_acl` (`username`) VALUES (:username)");
- $stmt->execute(array(
- ':username' => $username
- ));
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mailbox_added', htmlspecialchars($username))
- );
- }
- catch (PDOException $e) {
- mailbox('delete', 'mailbox', array('username' => $username));
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("INSERT INTO `mailbox` (`username`, `password`, `name`, `maildir`, `quota`, `local_part`, `domain`, `attributes`, `active`)
+ VALUES (:username, :password_hashed, :name, :maildir, :quota_b, :local_part, :domain, '{\"force_pw_update\": \"0\", \"tls_enforce_in\": \"0\", \"tls_enforce_out\": \"0\"}', :active)");
+ $stmt->execute(array(
+ ':username' => $username,
+ ':password_hashed' => $password_hashed,
+ ':name' => $name,
+ ':maildir' => $maildir,
+ ':quota_b' => $quota_b,
+ ':local_part' => $local_part,
+ ':domain' => $domain,
+ ':active' => $active
+ ));
+ $stmt = $pdo->prepare("INSERT INTO `quota2` (`username`, `bytes`, `messages`)
+ VALUES (:username, '0', '0') ON DUPLICATE KEY UPDATE `bytes` = '0', `messages` = '0';");
+ $stmt->execute(array(':username' => $username));
+ $stmt = $pdo->prepare("INSERT INTO `alias` (`address`, `goto`, `domain`, `active`)
+ VALUES (:username1, :username2, :domain, :active)");
+ $stmt->execute(array(
+ ':username1' => $username,
+ ':username2' => $username,
+ ':domain' => $domain,
+ ':active' => $active
+ ));
+ $stmt = $pdo->prepare("INSERT INTO `user_acl` (`username`) VALUES (:username)");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('mailbox_added', htmlspecialchars($username))
+ );
break;
case 'resource':
$domain = idn_to_ascii(strtolower(trim($_data['domain'])));
@@ -1055,7 +906,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$multiple_bookings = intval($_data['multiple_bookings']);
$active = intval($_data['active']);
if (!filter_var($name, FILTER_VALIDATE_EMAIL)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'resource_invalid'
@@ -1063,7 +914,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if (empty($description)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'description_invalid'
@@ -1074,7 +925,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$multiple_bookings = -1;
}
if ($kind != 'location' && $kind != 'group' && $kind != 'thing') {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'resource_invalid'
@@ -1082,7 +933,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if (!is_valid_domain_name($domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'domain_invalid'
@@ -1090,94 +941,73 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
return false;
}
- try {
- $stmt = $pdo->prepare("SELECT `username` FROM `mailbox` WHERE `username` = :name");
- $stmt->execute(array(':name' => $name));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- if ($num_results != 0) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('object_exists', htmlspecialchars($name))
- );
- return false;
- }
- $stmt = $pdo->prepare("SELECT `address` FROM `alias` WHERE address= :name");
- $stmt->execute(array(':name' => $name));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- if ($num_results != 0) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('is_alias', htmlspecialchars($name))
- );
- return false;
- }
- $stmt = $pdo->prepare("SELECT `address` FROM `spamalias` WHERE `address`= :name");
- $stmt->execute(array(':name' => $name));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- if ($num_results != 0) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('is_spam_alias', htmlspecialchars($name))
- );
- return false;
- }
- $stmt = $pdo->prepare("SELECT `domain` FROM `domain` WHERE `domain`= :domain");
- $stmt->execute(array(':domain' => $domain));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- if ($num_results == 0) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('domain_not_found', htmlspecialchars($domain))
- );
- return false;
- }
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
+ $stmt = $pdo->prepare("SELECT `username` FROM `mailbox` WHERE `username` = :name");
+ $stmt->execute(array(':name' => $name));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+ if ($num_results != 0) {
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
+ 'msg' => array('object_exists', htmlspecialchars($name))
);
return false;
}
- try {
- $stmt = $pdo->prepare("INSERT INTO `mailbox` (`username`, `password`, `name`, `maildir`, `quota`, `local_part`, `domain`, `active`, `multiple_bookings`, `kind`)
- VALUES (:name, 'RESOURCE', :description, 'RESOURCE', 0, :local_part, :domain, :active, :multiple_bookings, :kind)");
- $stmt->execute(array(
- ':name' => $name,
- ':description' => $description,
- ':local_part' => $local_part,
- ':domain' => $domain,
- ':active' => $active,
- ':kind' => $kind,
- ':multiple_bookings' => $multiple_bookings
- ));
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('resource_added', htmlspecialchars($name))
- );
- }
- catch (PDOException $e) {
- mailbox('delete', 'resource', array('name' => $name));
- $_SESSION['return'] = array(
+ $stmt = $pdo->prepare("SELECT `address` FROM `alias` WHERE address= :name");
+ $stmt->execute(array(':name' => $name));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+ if ($num_results != 0) {
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
+ 'msg' => array('is_alias', htmlspecialchars($name))
);
return false;
}
+ $stmt = $pdo->prepare("SELECT `address` FROM `spamalias` WHERE `address`= :name");
+ $stmt->execute(array(':name' => $name));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+ if ($num_results != 0) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('is_spam_alias', htmlspecialchars($name))
+ );
+ return false;
+ }
+ $stmt = $pdo->prepare("SELECT `domain` FROM `domain` WHERE `domain`= :domain");
+ $stmt->execute(array(':domain' => $domain));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+ if ($num_results == 0) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('domain_not_found', htmlspecialchars($domain))
+ );
+ return false;
+ }
+ $stmt = $pdo->prepare("INSERT INTO `mailbox` (`username`, `password`, `name`, `maildir`, `quota`, `local_part`, `domain`, `active`, `multiple_bookings`, `kind`)
+ VALUES (:name, 'RESOURCE', :description, 'RESOURCE', 0, :local_part, :domain, :active, :multiple_bookings, :kind)");
+ $stmt->execute(array(
+ ':name' => $name,
+ ':description' => $description,
+ ':local_part' => $local_part,
+ ':domain' => $domain,
+ ':active' => $active,
+ ':kind' => $kind,
+ ':multiple_bookings' => $multiple_bookings
+ ));
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('resource_added', htmlspecialchars($name))
+ );
break;
}
break;
@@ -1193,62 +1023,52 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$target_domain = (!empty($_data['target_domain'])) ? idn_to_ascii(strtolower(trim($_data['target_domain']))) : $is_now['target_domain'];
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'alias_domain_invalid'
+ 'msg' => array('alias_domain_invalid', htmlspecialchars($alias_domain))
);
- return false;
+ continue;
}
if (!is_valid_domain_name($target_domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'target_domain_invalid'
+ 'msg' => array('target_domain_invalid', htmlspecialchars($target_domain))
);
- return false;
+ continue;
}
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $target_domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
if (empty(mailbox('get', 'domain_details', $target_domain)) || !empty(mailbox('get', 'alias_domain_details', $target_domain))) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'target_domain_invalid'
+ 'msg' => array('target_domain_invalid', htmlspecialchars($target_domain))
);
- return false;
- }
- try {
- $stmt = $pdo->prepare("UPDATE `alias_domain` SET
- `target_domain` = :target_domain,
- `active` = :active
- WHERE `alias_domain` = :alias_domain");
- $stmt->execute(array(
- ':alias_domain' => $alias_domain,
- ':target_domain' => $target_domain,
- ':active' => $active
- ));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ continue;
}
+ $stmt = $pdo->prepare("UPDATE `alias_domain` SET
+ `target_domain` = :target_domain,
+ `active` = :active
+ WHERE `alias_domain` = :alias_domain");
+ $stmt->execute(array(
+ ':alias_domain' => $alias_domain,
+ ':target_domain' => $target_domain,
+ ':active' => $active
+ ));
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('aliasd_modified', htmlspecialchars($alias_domain))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('aliasd_modified', htmlspecialchars(implode(', ', $alias_domains)))
- );
break;
case 'tls_policy':
if (!is_array($_data['username'])) {
@@ -1259,7 +1079,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$usernames = $_data['username'];
}
if (!isset($_SESSION['acl']['tls_policy']) || $_SESSION['acl']['tls_policy'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -1268,12 +1088,12 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
foreach ($usernames as $username) {
if (!filter_var($username, FILTER_VALIDATE_EMAIL) || !hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
$is_now = mailbox('get', 'tls_policy', $username);
if (!empty($is_now)) {
@@ -1281,35 +1101,28 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$tls_enforce_out = (isset($_data['tls_enforce_out'])) ? intval($_data['tls_enforce_out']) : $is_now['tls_enforce_out'];
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
- }
- try {
- $stmt = $pdo->prepare("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.tls_enforce_out', :tls_out), `attributes` = JSON_SET(`attributes`, '$.tls_enforce_in', :tls_in) WHERE `username` = :username");
- $stmt->execute(array(
- ':tls_out' => intval($tls_enforce_out),
- ':tls_in' => intval($tls_enforce_in),
- ':username' => $username
- ));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ continue;
}
+ $stmt = $pdo->prepare("UPDATE `mailbox`
+ SET `attributes` = JSON_SET(`attributes`, '$.tls_enforce_out', :tls_out),
+ `attributes` = JSON_SET(`attributes`, '$.tls_enforce_in', :tls_in)
+ WHERE `username` = :username");
+ $stmt->execute(array(
+ ':tls_out' => intval($tls_enforce_out),
+ ':tls_in' => intval($tls_enforce_in),
+ ':username' => $username
+ ));
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('mailbox_modified', $username)
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mailbox_modified', implode(', ', $usernames))
- );
break;
case 'spam_score':
if (!is_array($_data['username'])) {
@@ -1320,7 +1133,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$usernames = $_data['username'];
}
if (!isset($_SESSION['acl']['spam_score']) || $_SESSION['acl']['spam_score'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -1331,55 +1144,40 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$lowspamlevel = explode(',', $_data['spam_score'])[0];
$highspamlevel = explode(',', $_data['spam_score'])[1];
if (!is_numeric($lowspamlevel) || !is_numeric($highspamlevel)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
- }
- try {
- $stmt = $pdo->prepare("DELETE FROM `filterconf` WHERE `object` = :username
- AND (`option` = 'lowspamlevel' OR `option` = 'highspamlevel')");
- $stmt->execute(array(
- ':username' => $username
- ));
- $stmt = $pdo->prepare("INSERT INTO `filterconf` (`object`, `option`, `value`)
- VALUES (:username, 'highspamlevel', :highspamlevel)");
- $stmt->execute(array(
- ':username' => $username,
- ':highspamlevel' => $highspamlevel
- ));
- $stmt = $pdo->prepare("INSERT INTO `filterconf` (`object`, `option`, `value`)
- VALUES (:username, 'lowspamlevel', :lowspamlevel)");
- $stmt->execute(array(
- ':username' => $username,
- ':lowspamlevel' => $lowspamlevel
- ));
- }
- catch (PDOException $e) {
- $stmt = $pdo->prepare("DELETE FROM `filterconf` WHERE `object` = :username
- AND (`option` = 'lowspamlevel' OR `option` = 'highspamlevel')");
- $stmt->execute(array(
- ':username' => $username
- ));
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ continue;
}
+ $stmt = $pdo->prepare("DELETE FROM `filterconf` WHERE `object` = :username
+ AND (`option` = 'lowspamlevel' OR `option` = 'highspamlevel')");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
+ $stmt = $pdo->prepare("INSERT INTO `filterconf` (`object`, `option`, `value`)
+ VALUES (:username, 'highspamlevel', :highspamlevel)");
+ $stmt->execute(array(
+ ':username' => $username,
+ ':highspamlevel' => $highspamlevel
+ ));
+ $stmt = $pdo->prepare("INSERT INTO `filterconf` (`object`, `option`, `value`)
+ VALUES (:username, 'lowspamlevel', :lowspamlevel)");
+ $stmt->execute(array(
+ ':username' => $username,
+ ':lowspamlevel' => $lowspamlevel
+ ));
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('mailbox_modified', $username)
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mailbox_modified', implode(', ', $usernames))
- );
break;
case 'time_limited_alias':
if (!isset($_SESSION['acl']['spam_alias']) || $_SESSION['acl']['spam_alias'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -1394,50 +1192,30 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$addresses = $_data['address'];
}
foreach ($addresses as $address) {
- try {
- $stmt = $pdo->prepare("SELECT `goto` FROM `spamalias` WHERE `address` = :address");
- $stmt->execute(array(':address' => $address));
- $goto = $stmt->fetch(PDO::FETCH_ASSOC)['goto'];
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("SELECT `goto` FROM `spamalias` WHERE `address` = :address");
+ $stmt->execute(array(':address' => $address));
+ $goto = $stmt->fetch(PDO::FETCH_ASSOC)['goto'];
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $goto)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
- }
- try {
- $stmt = $pdo->prepare("UPDATE `spamalias` SET `validity` = (`validity` + 3600) WHERE
- `address` = :address AND
- `validity` >= :validity");
- $stmt->execute(array(
- ':address' => $address,
- ':validity' => time()
- ));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ continue;
}
+ $stmt = $pdo->prepare("UPDATE `spamalias` SET `validity` = (`validity` + 3600) WHERE
+ `address` = :address AND
+ `validity` >= :validity");
+ $stmt->execute(array(
+ ':address' => $address,
+ ':validity' => time()
+ ));
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('mailbox_modified', htmlspecialchars(implode(', ', $usernames)))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mailbox_modified', htmlspecialchars(implode(', ', $usernames)))
- );
break;
case 'delimiter_action':
if (!is_array($_data['username'])) {
@@ -1448,7 +1226,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$usernames = $_data['username'];
}
if (!isset($_SESSION['acl']['delimiter_action']) || $_SESSION['acl']['delimiter_action'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -1457,12 +1235,12 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
foreach ($usernames as $username) {
if (!filter_var($username, FILTER_VALIDATE_EMAIL) || !hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
if (isset($_data['tagged_mail_handler']) && $_data['tagged_mail_handler'] == "subject") {
try {
@@ -1470,12 +1248,12 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$redis->hDel('RCPT_WANTS_SUBFOLDER_TAG', $username);
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('redis_error', $e)
);
- return false;
+ continue;
}
}
else if (isset($_data['tagged_mail_handler']) && $_data['tagged_mail_handler'] == "subfolder") {
@@ -1484,12 +1262,12 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$redis->hDel('RCPT_WANTS_SUBJECT_TAG', $username);
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('redis_error', $e)
);
- return false;
+ continue;
}
}
else {
@@ -1498,32 +1276,22 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$redis->hDel('RCPT_WANTS_SUBFOLDER_TAG', $username);
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('redis_error', $e)
);
- return false;
+ continue;
}
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('mailbox_modified', $username)
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mailbox_modified', implode(', ', $usernames))
- );
break;
case 'ratelimit':
- $rl_value = intval($_data['rl_value']);
- $rl_frame = $_data['rl_frame'];
- if (!in_array($rl_frame, array('s', 'm', 'h'))) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'rl_timeframe'
- );
- return false;
- }
if (!is_array($_data['object'])) {
$objects = array();
$objects[] = $_data['object'];
@@ -1532,40 +1300,55 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$objects = $_data['object'];
}
foreach ($objects as $object) {
+ $rl_value = intval($_data['rl_value']);
+ $rl_frame = $_data['rl_frame'];
+ if (!in_array($rl_frame, array('s', 'm', 'h'))) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => 'rl_timeframe'
+ );
+ continue;
+ }
if (is_valid_domain_name($object)) {
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
}
elseif (filter_var($object, FILTER_VALIDATE_EMAIL)) {
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
}
else {
- return false;
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => 'access_denied'
+ );
+ continue;
}
if (empty($rl_value)) {
try {
$redis->hDel('RL_VALUE', $object);
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('redis_error', $e)
);
- return false;
+ continue;
}
}
else {
@@ -1573,20 +1356,20 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$redis->hSet('RL_VALUE', $object, $rl_value . ' / 1' . $rl_frame);
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('redis_error', $e)
);
- return false;
+ continue;
}
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('object_modified', $object)
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('domain_modified', implode(', ', $objects))
- );
break;
case 'syncjob':
if (!is_array($_data['id'])) {
@@ -1597,7 +1380,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$ids = $_data['id'];
}
if (!isset($_SESSION['acl']['syncjobs']) || $_SESSION['acl']['syncjobs'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -1631,12 +1414,12 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$timeout2 = (isset($_data['timeout2']) && $_data['timeout2'] != "") ? intval($_data['timeout2']) : $is_now['timeout2'];
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
if (empty($subfolder2)) {
$subfolder2 = "";
@@ -1654,107 +1437,97 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$maxbytespersecond = "0";
}
if (!filter_var($port1, FILTER_VALIDATE_INT, array('options' => array('min_range' => 1, 'max_range' => 65535)))) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
if (!filter_var($mins_interval, FILTER_VALIDATE_INT, array('options' => array('min_range' => 1, 'max_range' => 3600)))) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
if (!is_valid_domain_name($host1)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
if ($enc1 != "TLS" && $enc1 != "SSL" && $enc1 != "PLAIN") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
if (@preg_match("/" . $exclude . "/", null) === false) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
- }
- try {
- $stmt = $pdo->prepare("UPDATE `imapsync` SET `delete1` = :delete1,
- `delete2` = :delete2,
- `automap` = :automap,
- `skipcrossduplicates` = :skipcrossduplicates,
- `maxage` = :maxage,
- `maxbytespersecond` = :maxbytespersecond,
- `subfolder2` = :subfolder2,
- `exclude` = :exclude,
- `host1` = :host1,
- `last_run` = :last_run,
- `user1` = :user1,
- `password1` = :password1,
- `mins_interval` = :mins_interval,
- `port1` = :port1,
- `enc1` = :enc1,
- `delete2duplicates` = :delete2duplicates,
- `custom_params` = :custom_params,
- `timeout1` = :timeout1,
- `timeout2` = :timeout2,
- `subscribeall` = :subscribeall,
- `active` = :active
- WHERE `id` = :id");
- $stmt->execute(array(
- ':delete1' => $delete1,
- ':delete2' => $delete2,
- ':automap' => $automap,
- ':skipcrossduplicates' => $skipcrossduplicates,
- ':id' => $id,
- ':exclude' => $exclude,
- ':maxage' => $maxage,
- ':maxbytespersecond' => $maxbytespersecond,
- ':subfolder2' => $subfolder2,
- ':host1' => $host1,
- ':user1' => $user1,
- ':password1' => $password1,
- ':last_run' => $last_run,
- ':mins_interval' => $mins_interval,
- ':port1' => $port1,
- ':enc1' => $enc1,
- ':delete2duplicates' => $delete2duplicates,
- ':custom_params' => $custom_params,
- ':timeout1' => $timeout1,
- ':timeout2' => $timeout2,
- ':subscribeall' => $subscribeall,
- ':active' => $active,
- ));
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ continue;
}
+ $stmt = $pdo->prepare("UPDATE `imapsync` SET `delete1` = :delete1,
+ `delete2` = :delete2,
+ `automap` = :automap,
+ `skipcrossduplicates` = :skipcrossduplicates,
+ `maxage` = :maxage,
+ `maxbytespersecond` = :maxbytespersecond,
+ `subfolder2` = :subfolder2,
+ `exclude` = :exclude,
+ `host1` = :host1,
+ `last_run` = :last_run,
+ `user1` = :user1,
+ `password1` = :password1,
+ `mins_interval` = :mins_interval,
+ `port1` = :port1,
+ `enc1` = :enc1,
+ `delete2duplicates` = :delete2duplicates,
+ `custom_params` = :custom_params,
+ `timeout1` = :timeout1,
+ `timeout2` = :timeout2,
+ `subscribeall` = :subscribeall,
+ `active` = :active
+ WHERE `id` = :id");
+ $stmt->execute(array(
+ ':delete1' => $delete1,
+ ':delete2' => $delete2,
+ ':automap' => $automap,
+ ':skipcrossduplicates' => $skipcrossduplicates,
+ ':id' => $id,
+ ':exclude' => $exclude,
+ ':maxage' => $maxage,
+ ':maxbytespersecond' => $maxbytespersecond,
+ ':subfolder2' => $subfolder2,
+ ':host1' => $host1,
+ ':user1' => $user1,
+ ':password1' => $password1,
+ ':last_run' => $last_run,
+ ':mins_interval' => $mins_interval,
+ ':port1' => $port1,
+ ':enc1' => $enc1,
+ ':delete2duplicates' => $delete2duplicates,
+ ':custom_params' => $custom_params,
+ ':timeout1' => $timeout1,
+ ':timeout2' => $timeout2,
+ ':subscribeall' => $subscribeall,
+ ':active' => $active,
+ ));
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('mailbox_modified', $username)
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mailbox_modified', $username)
- );
break;
case 'filter':
$sieve = new Sieve\SieveParser();
@@ -1766,7 +1539,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$ids = $_data['id'];
}
if (!isset($_SESSION['acl']['filters']) || $_SESSION['acl']['filters'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -1783,103 +1556,152 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$filter_type = (!empty($_data['filter_type'])) ? $_data['filter_type'] : $is_now['filter_type'];
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
try {
$sieve->parse($script_data);
}
catch (Exception $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('sieve_error', $e->getMessage())
);
- return false;
+ continue;
}
if ($filter_type != 'postfilter' && $filter_type != 'prefilter') {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'filter_type'
);
- return false;
+ continue;
}
if ($active == '1') {
$script_name = 'active';
- try {
- $stmt = $pdo->prepare("UPDATE `sieve_filters` SET `script_name` = 'inactive' WHERE `username` = :username AND `filter_type` = :filter_type");
- $stmt->execute(array(
- ':username' => $username,
- ':filter_type' => $filter_type
- ));
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("UPDATE `sieve_filters`
+ SET `script_name` = 'inactive'
+ WHERE `username` = :username
+ AND `filter_type` = :filter_type");
+ $stmt->execute(array(
+ ':username' => $username,
+ ':filter_type' => $filter_type
+ ));
}
else {
$script_name = 'inactive';
}
- try {
- $stmt = $pdo->prepare("UPDATE `sieve_filters` SET `script_desc` = :script_desc, `script_data` = :script_data, `script_name` = :script_name, `filter_type` = :filter_type
- WHERE `id` = :id");
- $stmt->execute(array(
- ':script_desc' => $script_desc,
- ':script_data' => $script_data,
- ':script_name' => $script_name,
- ':filter_type' => $filter_type,
- ':id' => $id
- ));
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("UPDATE `sieve_filters` SET `script_desc` = :script_desc, `script_data` = :script_data, `script_name` = :script_name, `filter_type` = :filter_type
+ WHERE `id` = :id");
+ $stmt->execute(array(
+ ':script_desc' => $script_desc,
+ ':script_data' => $script_data,
+ ':script_name' => $script_name,
+ ':filter_type' => $filter_type,
+ ':id' => $id
+ ));
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('mailbox_modified', $username)
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mailbox_modified', $username)
- );
break;
case 'alias':
- if (!is_array($_data['address'])) {
- $addresses = array();
- $addresses[] = $_data['address'];
+ if (!is_array($_data['id'])) {
+ $ids = array();
+ $ids[] = $_data['id'];
}
else {
- $addresses = $_data['address'];
+ $ids = $_data['id'];
}
- foreach ($addresses as $address) {
- $is_now = mailbox('get', 'alias_details', $address);
+ foreach ($ids as $id) {
+ $is_now = mailbox('get', 'alias_details', $id);
if (!empty($is_now)) {
$active = (isset($_data['active'])) ? intval($_data['active']) : $is_now['active_int'];
- $goto_null = (isset($_data['goto_null'])) ? intval($_data['goto_null']) : $is_now['goto_null'];
- $goto_spam = (isset($_data['goto_spam'])) ? intval($_data['goto_spam']) : $is_now['goto_spam'];
- $goto_ham = (isset($_data['goto_ham'])) ? intval($_data['goto_ham']) : $is_now['goto_ham'];
- $goto = (!empty($_data['goto'])) ? $_data['goto'] : $is_now['goto'];
+ $goto_null = (isset($_data['goto_null'])) ? intval($_data['goto_null']) : 0;
+ $goto_spam = (isset($_data['goto_spam'])) ? intval($_data['goto_spam']) : 0;
+ $goto_ham = (isset($_data['goto_ham'])) ? intval($_data['goto_ham']) : 0;
+ $goto = (!empty($_data['goto'])) ? $_data['goto'] : $is_now['goto'];
+ $address = (!empty($_data['address'])) ? $_data['address'] : $is_now['address'];
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'alias_invalid'
);
- return false;
+ continue;
+ }
+ if ($is_now['address'] != $address) {
+ $domain = idn_to_ascii(substr(strstr($address, '@'), 1));
+ $local_part = strstr($address, '@', true);
+ $address = $local_part.'@'.$domain;
+ if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => 'access_denied'
+ );
+ continue;
+ }
+ if ((!filter_var($address, FILTER_VALIDATE_EMAIL) === true) && !empty($local_part)) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => 'alias_invalid'
+ );
+ continue;
+ }
+ $stmt = $pdo->prepare("SELECT `address` FROM `alias`
+ WHERE `address`= :address OR `address` IN (
+ SELECT `username` FROM `mailbox`, `alias_domain`
+ WHERE (
+ `alias_domain`.`alias_domain` = :address_d
+ AND `mailbox`.`username` = CONCAT(:address_l, '@', alias_domain.target_domain)))");
+ $stmt->execute(array(
+ ':address' => $address,
+ ':address_l' => $local_part,
+ ':address_d' => $domain
+ ));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+ if ($num_results != 0) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('is_alias_or_mailbox', htmlspecialchars($address))
+ );
+ continue;
+ }
+ $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
+ WHERE `domain`= :domain1 OR `domain` = (SELECT `target_domain` FROM `alias_domain` WHERE `alias_domain` = :domain2)");
+ $stmt->execute(array(':domain1' => $domain, ':domain2' => $domain));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+ if ($num_results == 0) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('domain_not_found', htmlspecialchars($domain))
+ );
+ continue;
+ }
+ $stmt = $pdo->prepare("SELECT `address` FROM `spamalias`
+ WHERE `address`= :address");
+ $stmt->execute(array(':address' => $address));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+ if ($num_results != 0) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('is_spam_alias', htmlspecialchars($address))
+ );
+ continue;
+ }
}
if ($goto_null == "1") {
$goto = "null@localhost";
@@ -1891,85 +1713,52 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$goto = "ham@localhost";
}
else {
- $gotos = array_map('trim', preg_split( "/( |,|;|\n)/", $_data['goto']));
- foreach ($gotos as &$goto) {
+ $gotos = array_map('trim', preg_split( "/( |,|;|\n)/", $goto));
+ foreach ($gotos as $i => &$goto) {
if (empty($goto)) {
continue;
}
if (!filter_var($goto, FILTER_VALIDATE_EMAIL)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' =>'goto_invalid'
+ 'msg' => array('goto_invalid', $goto)
);
- return false;
+ unset($gotos[$i]);
+ continue;
}
if ($goto == $address) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'alias_goto_identical'
);
- return false;
+ unset($gotos[$i]);
+ continue;
}
}
$gotos = array_filter($gotos);
$goto = implode(",", $gotos);
}
- $domain = idn_to_ascii(substr(strstr($address, '@'), 1));
- $local_part = strstr($address, '@', true);
- if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'access_denied'
- );
- return false;
- }
- if ((!filter_var($address, FILTER_VALIDATE_EMAIL) === true) && !empty($local_part)) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'alias_invalid'
- );
- return false;
- }
- try {
- if (!empty($goto)) {
- $stmt = $pdo->prepare("UPDATE `alias` SET
- `goto` = :goto,
- `active`= :active
- WHERE `address` = :address");
- $stmt->execute(array(
- ':goto' => $goto,
- ':active' => $active,
- ':address' => $address
- ));
- }
- else {
- $stmt = $pdo->prepare("UPDATE `alias` SET
- `active`= :active
- WHERE `address` = :address");
- $stmt->execute(array(
- ':active' => $active,
- ':address' => $address
- ));
- }
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ if (!empty($goto)) {
+ $stmt = $pdo->prepare("UPDATE `alias` SET
+ `address` = :address,
+ `goto` = :goto,
+ `active`= :active
+ WHERE `id` = :id");
+ $stmt->execute(array(
+ ':address' => $address,
+ ':goto' => $goto,
+ ':active' => $active,
+ ':id' => $id
+ ));
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('alias_modified', htmlspecialchars($address))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('alias_modified', htmlspecialchars(implode(', ', $addresses)))
- );
break;
case 'domain':
if (!is_array($_data['domain'])) {
@@ -1982,39 +1771,29 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
foreach ($domains as $domain) {
$domain = idn_to_ascii($domain);
if (!is_valid_domain_name($domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'domain_invalid'
);
- return false;
+ continue;
}
if ($_SESSION['mailcow_cc_role'] == "domainadmin" &&
hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
$description = $_data['description'];
$active = intval($_data['active']);
- try {
- $stmt = $pdo->prepare("UPDATE `domain` SET
- `description` = :description
- WHERE `domain` = :domain");
- $stmt->execute(array(
- ':description' => $description,
- ':domain' => $domain
- ));
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('domain_modified', htmlspecialchars($domain))
- );
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("UPDATE `domain` SET
+ `description` = :description
+ WHERE `domain` = :domain");
+ $stmt->execute(array(
+ ':description' => $description,
+ ':domain' => $domain
+ ));
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('domain_modified', htmlspecialchars($domain))
+ );
}
elseif ($_SESSION['mailcow_cc_role'] == "admin") {
$is_now = mailbox('get', 'domain_details', $domain);
@@ -2031,129 +1810,109 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
($relay_all_recipients == '1') ? $backupmx = '1' : null;
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'domain_invalid'
);
- return false;
- }
- try {
- // todo: should be using api here
- $stmt = $pdo->prepare("SELECT
- COUNT(*) AS count,
- MAX(COALESCE(ROUND(`quota`/1048576), 0)) AS `biggest_mailbox`,
- COALESCE(ROUND(SUM(`quota`)/1048576), 0) AS `quota_all`
- FROM `mailbox`
- WHERE `kind` NOT REGEXP 'location|thing|group'
- AND domain = :domain");
- $stmt->execute(array(':domain' => $domain));
- $MailboxData = $stmt->fetch(PDO::FETCH_ASSOC);
- // todo: should be using api here
- $stmt = $pdo->prepare("SELECT COUNT(*) AS `count` FROM `alias`
- WHERE domain = :domain
- AND address NOT IN (
- SELECT `username` FROM `mailbox`
- )");
- $stmt->execute(array(':domain' => $domain));
- $AliasData = $stmt->fetch(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ continue;
}
+ // todo: should be using api here
+ $stmt = $pdo->prepare("SELECT
+ COUNT(*) AS count,
+ MAX(COALESCE(ROUND(`quota`/1048576), 0)) AS `biggest_mailbox`,
+ COALESCE(ROUND(SUM(`quota`)/1048576), 0) AS `quota_all`
+ FROM `mailbox`
+ WHERE `kind` NOT REGEXP 'location|thing|group'
+ AND domain = :domain");
+ $stmt->execute(array(':domain' => $domain));
+ $MailboxData = $stmt->fetch(PDO::FETCH_ASSOC);
+ // todo: should be using api here
+ $stmt = $pdo->prepare("SELECT COUNT(*) AS `count` FROM `alias`
+ WHERE domain = :domain
+ AND address NOT IN (
+ SELECT `username` FROM `mailbox`
+ )");
+ $stmt->execute(array(':domain' => $domain));
+ $AliasData = $stmt->fetch(PDO::FETCH_ASSOC);
if ($maxquota > $quota) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'mailbox_quota_exceeds_domain_quota'
);
- return false;
+ continue;
}
if ($maxquota == "0" || empty($maxquota)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'maxquota_empty'
);
- return false;
+ continue;
}
if ($MailboxData['biggest_mailbox'] > $maxquota) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('max_quota_in_use', $MailboxData['biggest_mailbox'])
);
- return false;
+ continue;
}
if ($MailboxData['quota_all'] > $quota) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('domain_quota_m_in_use', $MailboxData['quota_all'])
);
- return false;
+ continue;
}
if ($MailboxData['count'] > $mailboxes) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('mailboxes_in_use', $MailboxData['count'])
);
- return false;
+ continue;
}
if ($AliasData['count'] > $aliases) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('aliases_in_use', $AliasData['count'])
);
- return false;
- }
- try {
- $stmt = $pdo->prepare("UPDATE `domain` SET
- `relay_all_recipients` = :relay_all_recipients,
- `backupmx` = :backupmx,
- `active` = :active,
- `quota` = :quota,
- `maxquota` = :maxquota,
- `relayhost` = :relayhost,
- `mailboxes` = :mailboxes,
- `aliases` = :aliases,
- `description` = :description
- WHERE `domain` = :domain");
- $stmt->execute(array(
- ':relay_all_recipients' => $relay_all_recipients,
- ':backupmx' => $backupmx,
- ':active' => $active,
- ':quota' => $quota,
- ':maxquota' => $maxquota,
- ':relayhost' => $relayhost,
- ':mailboxes' => $mailboxes,
- ':aliases' => $aliases,
- ':description' => $description,
- ':domain' => $domain
- ));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ continue;
}
+ $stmt = $pdo->prepare("UPDATE `domain` SET
+ `relay_all_recipients` = :relay_all_recipients,
+ `backupmx` = :backupmx,
+ `active` = :active,
+ `quota` = :quota,
+ `maxquota` = :maxquota,
+ `relayhost` = :relayhost,
+ `mailboxes` = :mailboxes,
+ `aliases` = :aliases,
+ `description` = :description
+ WHERE `domain` = :domain");
+ $stmt->execute(array(
+ ':relay_all_recipients' => $relay_all_recipients,
+ ':backupmx' => $backupmx,
+ ':active' => $active,
+ ':quota' => $quota,
+ ':maxquota' => $maxquota,
+ ':relayhost' => $relayhost,
+ ':mailboxes' => $mailboxes,
+ ':aliases' => $aliases,
+ ':description' => $description,
+ ':domain' => $domain
+ ));
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('domain_modified', htmlspecialchars($domain))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('domain_modified', htmlspecialchars(implode(', ', $domains)))
- );
break;
case 'mailbox':
if (!is_array($_data['username'])) {
@@ -2165,12 +1924,12 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
foreach ($usernames as $username) {
if (!filter_var($username, FILTER_VALIDATE_EMAIL)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'username_invalid'
+ 'msg' => array('username_invalid', $username)
);
- return false;
+ continue;
}
$is_now = mailbox('get', 'mailbox_details', $username);
if (!empty($is_now)) {
@@ -2184,59 +1943,49 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$password2 = (!empty($_data['password2'])) ? $_data['password2'] : null;
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
- }
- try {
- $stmt = $pdo->prepare("SELECT `quota`, `maxquota`
- FROM `domain`
- WHERE `domain` = :domain");
- $stmt->execute(array(':domain' => $domain));
- $DomainData = $stmt->fetch(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ continue;
}
+ $stmt = $pdo->prepare("SELECT `quota`, `maxquota`
+ FROM `domain`
+ WHERE `domain` = :domain");
+ $stmt->execute(array(':domain' => $domain));
+ $DomainData = $stmt->fetch(PDO::FETCH_ASSOC);
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
if (!is_numeric($quota_m) || $quota_m == "0") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('quota_not_0_not_numeric', htmlspecialchars($quota_m))
);
- return false;
+ continue;
}
if ($quota_m > $DomainData['maxquota']) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('mailbox_quota_exceeded', $DomainData['maxquota'])
);
- return false;
+ continue;
}
if (((($is_now['quota_used'] / 1048576) - $quota_m) + $quota_m) > $DomainData['quota']) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('mailbox_quota_left_exceeded', ($is_now['max_new_quota'] / 1048576))
);
- return false;
+ continue;
}
if (isset($_data['sender_acl'])) {
// Get sender_acl items set by admin
@@ -2256,7 +2005,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
else {
if (array_search('default', $_data['sender_acl']) !== false){
- unset($_data['sender_acl'][array_search('defaaault', $_data['sender_acl'])]);
+ unset($_data['sender_acl'][array_search('default', $_data['sender_acl'])]);
}
$sender_acl_domain_admin = $_data['sender_acl'];
}
@@ -2265,47 +2014,60 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
foreach ($sender_acl_domain_admin as $key => $val) {
// Check for invalid domain or email format or not *
if (!filter_var($val, FILTER_VALIDATE_EMAIL) && !is_valid_domain_name(ltrim($val, '@')) && $val != '*') {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('sender_acl_invalid', $sender_acl_domain_admin[$key])
+ );
unset($sender_acl_domain_admin[$key]);
continue;
}
// Check if user has domain access (if object is domain)
- $domain = ltrim($sender_acl, '@');
+ $domain = ltrim($sender_acl_domain_admin[$key], '@');
if (is_valid_domain_name($domain)) {
// Check for- and skip non-mailcow domains
$domains = array_merge(mailbox('get', 'domains'), mailbox('get', 'alias_domains'));
if (!empty($domains)) {
if (!in_array($domain, $domains)) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('sender_acl_invalid', $sender_acl_domain_admin[$key])
+ );
unset($sender_acl_domain_admin[$key]);
continue;
}
}
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'sender_acl_invalid'
+ 'msg' => array('sender_acl_invalid', $sender_acl_domain_admin[$key])
);
- return false;
+ unset($sender_acl_domain_admin[$key]);
+ continue;
}
}
// Wildcard can only be used if role == admin
if ($val == '*' && $_SESSION['mailcow_cc_role'] != 'admin') {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'sender_acl_invalid'
+ 'msg' => array('sender_acl_invalid', $sender_acl_domain_admin[$key])
);
- return false;
+ unset($sender_acl_domain_admin[$key]);
+ continue;
}
// Check if user has mailbox access (if object is email)
if (filter_var($val, FILTER_VALIDATE_EMAIL)) {
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $val)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'sender_acl_invalid'
+ 'msg' => array('sender_acl_invalid', $sender_acl_domain_admin[$key])
);
- return false;
+ unset($sender_acl_domain_admin[$key]);
+ continue;
}
}
}
@@ -2313,132 +2075,82 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$sender_acl_merged = array_merge($sender_acl_domain_admin, $sender_acl_admin);
// If merged array still contains "*", set it as only value
!in_array('*', $sender_acl_merged) ?: $sender_acl_merged = array('*');
- try {
- $stmt = $pdo->prepare("DELETE FROM `sender_acl` WHERE `logged_in_as` = :username");
- $stmt->execute(array(
- ':username' => $username
- ));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("DELETE FROM `sender_acl` WHERE `logged_in_as` = :username");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
foreach ($sender_acl_merged as $sender_acl) {
$domain = ltrim($sender_acl, '@');
if (is_valid_domain_name($domain)) {
$sender_acl = '@' . $domain;
}
- try {
- $stmt = $pdo->prepare("INSERT INTO `sender_acl` (`send_as`, `logged_in_as`)
- VALUES (:sender_acl, :username)");
- $stmt->execute(array(
- ':sender_acl' => $sender_acl,
- ':username' => $username
- ));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
- }
- }
- else {
- try {
- $stmt = $pdo->prepare("DELETE FROM `sender_acl` WHERE `logged_in_as` = :username");
+ $stmt = $pdo->prepare("INSERT INTO `sender_acl` (`send_as`, `logged_in_as`)
+ VALUES (:sender_acl, :username)");
$stmt->execute(array(
+ ':sender_acl' => $sender_acl,
':username' => $username
));
}
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ }
+ else {
+ $stmt = $pdo->prepare("DELETE FROM `sender_acl` WHERE `logged_in_as` = :username");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
}
}
if (!empty($password) && !empty($password2)) {
if (!preg_match('/' . $GLOBALS['PASSWD_REGEP'] . '/', $password)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'password_complexity'
);
- return false;
+ continue;
}
if ($password != $password2) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'password_mismatch'
);
- return false;
+ continue;
}
$password_hashed = hash_password($password);
- try {
- $stmt = $pdo->prepare("UPDATE `mailbox` SET
- `password` = :password_hashed
- WHERE `username` = :username");
- $stmt->execute(array(
- ':password_hashed' => $password_hashed,
- ':username' => $username
- ));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
- }
- try {
- $stmt = $pdo->prepare("UPDATE `alias` SET
- `active` = :active
- WHERE `address` = :address");
- $stmt->execute(array(
- ':address' => $username,
- ':active' => $active
- ));
$stmt = $pdo->prepare("UPDATE `mailbox` SET
- `active` = :active,
- `name`= :name,
- `quota` = :quota_b,
- `attributes` = JSON_SET(`attributes`, '$.force_pw_update', :force_pw_update)
+ `password` = :password_hashed
WHERE `username` = :username");
$stmt->execute(array(
- ':active' => $active,
- ':name' => $name,
- ':quota_b' => $quota_b,
- ':force_pw_update' => $force_pw_update,
+ ':password_hashed' => $password_hashed,
':username' => $username
));
}
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("UPDATE `alias` SET
+ `active` = :active
+ WHERE `address` = :address");
+ $stmt->execute(array(
+ ':address' => $username,
+ ':active' => $active
+ ));
+ $stmt = $pdo->prepare("UPDATE `mailbox` SET
+ `active` = :active,
+ `name`= :name,
+ `quota` = :quota_b,
+ `attributes` = JSON_SET(`attributes`, '$.force_pw_update', :force_pw_update)
+ WHERE `username` = :username");
+ $stmt->execute(array(
+ ':active' => $active,
+ ':name' => $name,
+ ':quota_b' => $quota_b,
+ ':force_pw_update' => $force_pw_update,
+ ':username' => $username
+ ));
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('mailbox_modified', $username)
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mailbox_modified', implode(', ', $usernames))
- );
break;
case 'resource':
if (!is_array($_data['name'])) {
@@ -2457,77 +2169,67 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$kind = (!empty($_data['kind'])) ? $_data['kind'] : $is_now['kind'];
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'resource_invalid'
+ 'msg' => array('resource_invalid', htmlspecialchars($name))
);
- return false;
+ continue;
}
if (!filter_var($name, FILTER_VALIDATE_EMAIL)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'resource_invalid'
+ 'msg' => array('resource_invalid', htmlspecialchars($name))
);
- return false;
+ continue;
}
if (!isset($multiple_bookings) || $multiple_bookings < -1) {
$multiple_bookings = -1;
}
if (empty($description)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'description_invalid'
+ 'msg' => array('description_invalid', htmlspecialchars($name))
);
- return false;
+ continue;
}
if ($kind != 'location' && $kind != 'group' && $kind != 'thing') {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'resource_invalid'
+ 'msg' => array('resource_invalid', htmlspecialchars($name))
);
- return false;
+ continue;
}
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $name)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
- }
- try {
- $stmt = $pdo->prepare("UPDATE `mailbox` SET
- `active` = :active,
- `name`= :description,
- `kind`= :kind,
- `multiple_bookings`= :multiple_bookings
- WHERE `username` = :name");
- $stmt->execute(array(
- ':active' => $active,
- ':description' => $description,
- ':multiple_bookings' => $multiple_bookings,
- ':kind' => $kind,
- ':name' => $name
- ));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ continue;
}
+ $stmt = $pdo->prepare("UPDATE `mailbox` SET
+ `active` = :active,
+ `name`= :description,
+ `kind`= :kind,
+ `multiple_bookings`= :multiple_bookings
+ WHERE `username` = :name");
+ $stmt->execute(array(
+ ':active' => $active,
+ ':description' => $description,
+ ':multiple_bookings' => $multiple_bookings,
+ ':kind' => $kind,
+ ':name' => $name
+ ));
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('resource_modified', htmlspecialchars($name))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('resource_modified', implode(', ', $names))
- );
break;
}
break;
@@ -2544,108 +2246,98 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$data['sender_acl_addresses']['rw'] = array();
$data['sender_acl_addresses']['selectable'] = array();
$data['fixed_sender_aliases'] = array();
- try {
- // Fixed addresses
- $stmt = $pdo->prepare("SELECT `address` FROM `alias` WHERE `goto` REGEXP :goto AND `address` NOT LIKE '@%'");
- $stmt->execute(array(':goto' => '(^|,)'.$_data.'($|,)'));
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while ($row = array_shift($rows)) {
- $data['fixed_sender_aliases'][] = $row['address'];
- }
- $stmt = $pdo->prepare("SELECT CONCAT(`local_part`, '@', `alias_domain`.`alias_domain`) AS `alias_domain_alias` FROM `mailbox`, `alias_domain`
- WHERE `alias_domain`.`target_domain` = `mailbox`.`domain`
- AND `mailbox`.`username` = :username");
- $stmt->execute(array(':username' => $_data));
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while ($row = array_shift($rows)) {
- if (!empty($row['alias_domain_alias'])) {
- $data['fixed_sender_aliases'][] = $row['alias_domain_alias'];
- }
- }
- // Return array $data['sender_acl_domains/addresses']['ro'] with read-only objects
- // Return array $data['sender_acl_domains/addresses']['rw'] with read-write objects (can be deleted)
- $stmt = $pdo->prepare("SELECT REPLACE(`send_as`, '@', '') AS `send_as` FROM `sender_acl` WHERE `logged_in_as` = :logged_in_as AND (`send_as` LIKE '@%' OR `send_as` = '*')");
- $stmt->execute(array(':logged_in_as' => $_data));
- $domain_rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while ($domain_row = array_shift($domain_rows)) {
- if (is_valid_domain_name($domain_row['send_as']) && !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain_row['send_as'])) {
- $data['sender_acl_domains']['ro'][] = $domain_row['send_as'];
- continue;
- }
- if (is_valid_domain_name($domain_row['send_as']) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain_row['send_as'])) {
- $data['sender_acl_domains']['rw'][] = $domain_row['send_as'];
- continue;
- }
- if ($domain_row['send_as'] == '*' && $_SESSION['mailcow_cc_role'] != 'admin') {
- $data['sender_acl_domains']['ro'][] = $domain_row['send_as'];
- }
- if ($domain_row['send_as'] == '*' && $_SESSION['mailcow_cc_role'] == 'admin') {
- $data['sender_acl_domains']['rw'][] = $domain_row['send_as'];
- }
- }
- $stmt = $pdo->prepare("SELECT `send_as` FROM `sender_acl` WHERE `logged_in_as` = :logged_in_as AND (`send_as` NOT LIKE '@%' AND `send_as` != '*')");
- $stmt->execute(array(':logged_in_as' => $_data));
- $address_rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while ($address_row = array_shift($address_rows)) {
- if (filter_var($address_row['send_as'], FILTER_VALIDATE_EMAIL) && !hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $address_row['send_as'])) {
- $data['sender_acl_addresses']['ro'][] = $address_row['send_as'];
- continue;
- }
- if (filter_var($address_row['send_as'], FILTER_VALIDATE_EMAIL) && hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $address_row['send_as'])) {
- $data['sender_acl_addresses']['rw'][] = $address_row['send_as'];
- continue;
- }
- }
- $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
- WHERE `domain` NOT IN (
- SELECT REPLACE(`send_as`, '@', '') FROM `sender_acl`
- WHERE `logged_in_as` = :logged_in_as1
- AND `send_as` LIKE '@%')
- UNION
- SELECT '*' FROM `domain`
- WHERE '*' NOT IN (
- SELECT `send_as` FROM `sender_acl`
- WHERE `logged_in_as` = :logged_in_as2
- )");
- $stmt->execute(array(
- ':logged_in_as1' => $_data,
- ':logged_in_as2' => $_data
- ));
- $rows_domain = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while ($row_domain = array_shift($rows_domain)) {
- if (is_valid_domain_name($row_domain['domain']) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $row_domain['domain'])) {
- $data['sender_acl_domains']['selectable'][] = $row_domain['domain'];
- continue;
- }
- if ($row_domain['domain'] == '*' && $_SESSION['mailcow_cc_role'] == 'admin') {
- $data['sender_acl_domains']['selectable'][] = $row_domain['domain'];
- continue;
- }
- }
- $stmt = $pdo->prepare("SELECT `address` FROM `alias`
- WHERE `goto` != :goto
- AND `address` NOT IN (
- SELECT `send_as` FROM `sender_acl`
- WHERE `logged_in_as` = :logged_in_as
- AND `send_as` NOT LIKE '@%')");
- $stmt->execute(array(
- ':logged_in_as' => $_data,
- ':goto' => $_data
- ));
- $rows_mbox = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while ($row = array_shift($rows_mbox)) {
- if (filter_var($row['address'], FILTER_VALIDATE_EMAIL) && hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $row['address'])) {
- $data['sender_acl_addresses']['selectable'][] = $row['address'];
- }
+ // Fixed addresses
+ $stmt = $pdo->prepare("SELECT `address` FROM `alias` WHERE `goto` REGEXP :goto AND `address` NOT LIKE '@%'");
+ $stmt->execute(array(':goto' => '(^|,)'.$_data.'($|,)'));
+ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while ($row = array_shift($rows)) {
+ $data['fixed_sender_aliases'][] = $row['address'];
+ }
+ $stmt = $pdo->prepare("SELECT CONCAT(`local_part`, '@', `alias_domain`.`alias_domain`) AS `alias_domain_alias` FROM `mailbox`, `alias_domain`
+ WHERE `alias_domain`.`target_domain` = `mailbox`.`domain`
+ AND `mailbox`.`username` = :username");
+ $stmt->execute(array(':username' => $_data));
+ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while ($row = array_shift($rows)) {
+ if (!empty($row['alias_domain_alias'])) {
+ $data['fixed_sender_aliases'][] = $row['alias_domain_alias'];
}
}
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ // Return array $data['sender_acl_domains/addresses']['ro'] with read-only objects
+ // Return array $data['sender_acl_domains/addresses']['rw'] with read-write objects (can be deleted)
+ $stmt = $pdo->prepare("SELECT REPLACE(`send_as`, '@', '') AS `send_as` FROM `sender_acl` WHERE `logged_in_as` = :logged_in_as AND (`send_as` LIKE '@%' OR `send_as` = '*')");
+ $stmt->execute(array(':logged_in_as' => $_data));
+ $domain_rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while ($domain_row = array_shift($domain_rows)) {
+ if (is_valid_domain_name($domain_row['send_as']) && !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain_row['send_as'])) {
+ $data['sender_acl_domains']['ro'][] = $domain_row['send_as'];
+ continue;
+ }
+ if (is_valid_domain_name($domain_row['send_as']) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain_row['send_as'])) {
+ $data['sender_acl_domains']['rw'][] = $domain_row['send_as'];
+ continue;
+ }
+ if ($domain_row['send_as'] == '*' && $_SESSION['mailcow_cc_role'] != 'admin') {
+ $data['sender_acl_domains']['ro'][] = $domain_row['send_as'];
+ }
+ if ($domain_row['send_as'] == '*' && $_SESSION['mailcow_cc_role'] == 'admin') {
+ $data['sender_acl_domains']['rw'][] = $domain_row['send_as'];
+ }
+ }
+ $stmt = $pdo->prepare("SELECT `send_as` FROM `sender_acl` WHERE `logged_in_as` = :logged_in_as AND (`send_as` NOT LIKE '@%' AND `send_as` != '*')");
+ $stmt->execute(array(':logged_in_as' => $_data));
+ $address_rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while ($address_row = array_shift($address_rows)) {
+ if (filter_var($address_row['send_as'], FILTER_VALIDATE_EMAIL) && !hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $address_row['send_as'])) {
+ $data['sender_acl_addresses']['ro'][] = $address_row['send_as'];
+ continue;
+ }
+ if (filter_var($address_row['send_as'], FILTER_VALIDATE_EMAIL) && hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $address_row['send_as'])) {
+ $data['sender_acl_addresses']['rw'][] = $address_row['send_as'];
+ continue;
+ }
+ }
+ $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
+ WHERE `domain` NOT IN (
+ SELECT REPLACE(`send_as`, '@', '') FROM `sender_acl`
+ WHERE `logged_in_as` = :logged_in_as1
+ AND `send_as` LIKE '@%')
+ UNION
+ SELECT '*' FROM `domain`
+ WHERE '*' NOT IN (
+ SELECT `send_as` FROM `sender_acl`
+ WHERE `logged_in_as` = :logged_in_as2
+ )");
+ $stmt->execute(array(
+ ':logged_in_as1' => $_data,
+ ':logged_in_as2' => $_data
+ ));
+ $rows_domain = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while ($row_domain = array_shift($rows_domain)) {
+ if (is_valid_domain_name($row_domain['domain']) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $row_domain['domain'])) {
+ $data['sender_acl_domains']['selectable'][] = $row_domain['domain'];
+ continue;
+ }
+ if ($row_domain['domain'] == '*' && $_SESSION['mailcow_cc_role'] == 'admin') {
+ $data['sender_acl_domains']['selectable'][] = $row_domain['domain'];
+ continue;
+ }
+ }
+ $stmt = $pdo->prepare("SELECT `address` FROM `alias`
+ WHERE `goto` != :goto
+ AND `address` NOT IN (
+ SELECT `send_as` FROM `sender_acl`
+ WHERE `logged_in_as` = :logged_in_as
+ AND `send_as` NOT LIKE '@%')");
+ $stmt->execute(array(
+ ':logged_in_as' => $_data,
+ ':goto' => $_data
+ ));
+ $rows_mbox = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while ($row = array_shift($rows_mbox)) {
+ if (filter_var($row['address'], FILTER_VALIDATE_EMAIL) && hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $row['address'])) {
+ $data['sender_acl_addresses']['selectable'][] = $row['address'];
+ }
}
return $data;
break;
@@ -2655,44 +2347,24 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
elseif (isset($_data) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
- try {
- $stmt = $pdo->prepare("SELECT `username` FROM `mailbox` WHERE `kind` NOT REGEXP 'location|thing|group' AND `domain` != 'ALL' AND `domain` = :domain");
- $stmt->execute(array(
- ':domain' => $_data,
- ));
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while($row = array_shift($rows)) {
- $mailboxes[] = $row['username'];
- }
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ $stmt = $pdo->prepare("SELECT `username` FROM `mailbox` WHERE `kind` NOT REGEXP 'location|thing|group' AND `domain` != 'ALL' AND `domain` = :domain");
+ $stmt->execute(array(
+ ':domain' => $_data,
+ ));
+ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while($row = array_shift($rows)) {
+ $mailboxes[] = $row['username'];
}
}
else {
- try {
- $stmt = $pdo->prepare("SELECT `username` FROM `mailbox` WHERE `kind` NOT REGEXP 'location|thing|group' AND (`domain` IN (SELECT `domain` FROM `domain_admins` WHERE `active` = '1' AND `username` = :username) OR 'admin' = :role)");
- $stmt->execute(array(
- ':username' => $_SESSION['mailcow_cc_username'],
- ':role' => $_SESSION['mailcow_cc_role'],
- ));
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while($row = array_shift($rows)) {
- $mailboxes[] = $row['username'];
- }
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ $stmt = $pdo->prepare("SELECT `username` FROM `mailbox` WHERE `kind` NOT REGEXP 'location|thing|group' AND (`domain` IN (SELECT `domain` FROM `domain_admins` WHERE `active` = '1' AND `username` = :username) OR 'admin' = :role)");
+ $stmt->execute(array(
+ ':username' => $_SESSION['mailcow_cc_username'],
+ ':role' => $_SESSION['mailcow_cc_role'],
+ ));
+ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while($row = array_shift($rows)) {
+ $mailboxes[] = $row['username'];
}
}
return $mailboxes;
@@ -2707,19 +2379,9 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
else {
$_data = $_SESSION['mailcow_cc_username'];
}
- try {
- $stmt = $pdo->prepare("SELECT `attributes` FROM `mailbox` WHERE `username` = :username");
- $stmt->execute(array(':username' => $_data));
- $attrs = $stmt->fetch(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("SELECT `attributes` FROM `mailbox` WHERE `username` = :username");
+ $stmt->execute(array(':username' => $_data));
+ $attrs = $stmt->fetch(PDO::FETCH_ASSOC);
$attrs = json_decode($attrs['attributes'], true);
return array(
'tls_enforce_in' => $attrs['tls_enforce_in'],
@@ -2736,20 +2398,11 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
else {
$_data = $_SESSION['mailcow_cc_username'];
}
- try {
- $stmt = $pdo->prepare("SELECT `id` FROM `sieve_filters` WHERE `username` = :username");
- $stmt->execute(array(':username' => $_data));
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while($row = array_shift($rows)) {
- $filters[] = $row['id'];
- }
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
+ $stmt = $pdo->prepare("SELECT `id` FROM `sieve_filters` WHERE `username` = :username");
+ $stmt->execute(array(':username' => $_data));
+ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while($row = array_shift($rows)) {
+ $filters[] = $row['id'];
}
return $filters;
break;
@@ -2758,27 +2411,17 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
if (!is_numeric($_data)) {
return false;
}
- try {
- $stmt = $pdo->prepare("SELECT CASE `script_name` WHEN 'active' THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`,
- CASE `script_name` WHEN 'active' THEN 1 ELSE 0 END AS `active_int`,
- id,
- username,
- filter_type,
- script_data,
- script_desc
- FROM `sieve_filters`
- WHERE `id` = :id");
- $stmt->execute(array(':id' => $_data));
- $filter_details = $stmt->fetch(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("SELECT CASE `script_name` WHEN 'active' THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`,
+ CASE `script_name` WHEN 'active' THEN 1 ELSE 0 END AS `active_int`,
+ id,
+ username,
+ filter_type,
+ script_data,
+ script_desc
+ FROM `sieve_filters`
+ WHERE `id` = :id");
+ $stmt->execute(array(':id' => $_data));
+ $filter_details = $stmt->fetch(PDO::FETCH_ASSOC);
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $filter_details['username'])) {
return false;
}
@@ -2818,52 +2461,43 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
if (!is_numeric($_data)) {
return false;
}
- try {
- if (isset($_extra) && in_array('no_log', $_extra)) {
- $field_query = $pdo->query('SHOW FIELDS FROM `imapsync` WHERE FIELD NOT IN ("returned_text", "password1")');
- $fields = $field_query->fetchAll(PDO::FETCH_ASSOC);
- while($field = array_shift($fields)) {
- $shown_fields[] = $field['Field'];
- }
- $stmt = $pdo->prepare("SELECT " . implode(',', $shown_fields) . ",
- `active` AS `active_int`,
- CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`
- FROM `imapsync` WHERE id = :id");
+ if (isset($_extra) && in_array('no_log', $_extra)) {
+ $field_query = $pdo->query('SHOW FIELDS FROM `imapsync` WHERE FIELD NOT IN ("returned_text", "password1")');
+ $fields = $field_query->fetchAll(PDO::FETCH_ASSOC);
+ while($field = array_shift($fields)) {
+ $shown_fields[] = $field['Field'];
}
- elseif (isset($_extra) && in_array('with_password', $_extra)) {
- $stmt = $pdo->prepare("SELECT *,
- `active` AS `active_int`,
- CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`
- FROM `imapsync` WHERE id = :id");
- }
- else {
- $field_query = $pdo->query('SHOW FIELDS FROM `imapsync` WHERE FIELD NOT IN ("password1")');
- $fields = $field_query->fetchAll(PDO::FETCH_ASSOC);
- while($field = array_shift($fields)) {
- $shown_fields[] = $field['Field'];
- }
- $stmt = $pdo->prepare("SELECT " . implode(',', $shown_fields) . ",
- `active` AS `active_int`,
- CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`
- FROM `imapsync` WHERE id = :id");
- }
- $stmt->execute(array(':id' => $_data));
- $syncjobdetails = $stmt->fetch(PDO::FETCH_ASSOC);
- if (!empty($syncjobdetails['returned_text'])) {
- $syncjobdetails['log'] = $syncjobdetails['returned_text'];
- }
- else {
- $syncjobdetails['log'] = '';
- }
- unset($syncjobdetails['returned_text']);
+ $stmt = $pdo->prepare("SELECT " . implode(',', $shown_fields) . ",
+ `active` AS `active_int`,
+ CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`
+ FROM `imapsync` WHERE id = :id");
}
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
+ elseif (isset($_extra) && in_array('with_password', $_extra)) {
+ $stmt = $pdo->prepare("SELECT *,
+ `active` AS `active_int`,
+ CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`
+ FROM `imapsync` WHERE id = :id");
}
+ else {
+ $field_query = $pdo->query('SHOW FIELDS FROM `imapsync` WHERE FIELD NOT IN ("password1")');
+ $fields = $field_query->fetchAll(PDO::FETCH_ASSOC);
+ while($field = array_shift($fields)) {
+ $shown_fields[] = $field['Field'];
+ }
+ $stmt = $pdo->prepare("SELECT " . implode(',', $shown_fields) . ",
+ `active` AS `active_int`,
+ CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`
+ FROM `imapsync` WHERE id = :id");
+ }
+ $stmt->execute(array(':id' => $_data));
+ $syncjobdetails = $stmt->fetch(PDO::FETCH_ASSOC);
+ if (!empty($syncjobdetails['returned_text'])) {
+ $syncjobdetails['log'] = $syncjobdetails['returned_text'];
+ }
+ else {
+ $syncjobdetails['log'] = '';
+ }
+ unset($syncjobdetails['returned_text']);
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $syncjobdetails['user2'])) {
return false;
}
@@ -2879,20 +2513,11 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
else {
$_data = $_SESSION['mailcow_cc_username'];
}
- try {
- $stmt = $pdo->prepare("SELECT `id` FROM `imapsync` WHERE `user2` = :username");
- $stmt->execute(array(':username' => $_data));
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while($row = array_shift($rows)) {
- $syncjobdata[] = $row['id'];
- }
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
+ $stmt = $pdo->prepare("SELECT `id` FROM `imapsync` WHERE `user2` = :username");
+ $stmt->execute(array(':username' => $_data));
+ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while($row = array_shift($rows)) {
+ $syncjobdata[] = $row['id'];
}
return $syncjobdata;
break;
@@ -2907,43 +2532,21 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
else {
$_data = $_SESSION['mailcow_cc_username'];
}
- try {
- $stmt = $pdo->prepare("SELECT `value` FROM `filterconf` WHERE `object` = :username AND
- (`option` = 'lowspamlevel' OR `option` = 'highspamlevel')");
- $stmt->execute(array(':username' => $_data));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("SELECT `value` FROM `filterconf` WHERE `object` = :username AND
+ (`option` = 'lowspamlevel' OR `option` = 'highspamlevel')");
+ $stmt->execute(array(':username' => $_data));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
if (empty($num_results)) {
return $default;
}
else {
- try {
- $stmt = $pdo->prepare("SELECT `value` FROM `filterconf` WHERE `option` = 'highspamlevel' AND `object` = :username");
- $stmt->execute(array(':username' => $_data));
- $highspamlevel = $stmt->fetch(PDO::FETCH_ASSOC);
-
- $stmt = $pdo->prepare("SELECT `value` FROM `filterconf` WHERE `option` = 'lowspamlevel' AND `object` = :username");
- $stmt->execute(array(':username' => $_data));
- $lowspamlevel = $stmt->fetch(PDO::FETCH_ASSOC);
-
- return $lowspamlevel['value'].', '.$highspamlevel['value'];
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("SELECT `value` FROM `filterconf` WHERE `option` = 'highspamlevel' AND `object` = :username");
+ $stmt->execute(array(':username' => $_data));
+ $highspamlevel = $stmt->fetch(PDO::FETCH_ASSOC);
+ $stmt = $pdo->prepare("SELECT `value` FROM `filterconf` WHERE `option` = 'lowspamlevel' AND `object` = :username");
+ $stmt->execute(array(':username' => $_data));
+ $lowspamlevel = $stmt->fetch(PDO::FETCH_ASSOC);
+ return $lowspamlevel['value'].', '.$highspamlevel['value'];
}
break;
case 'time_limited_aliases':
@@ -2956,23 +2559,14 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
else {
$_data = $_SESSION['mailcow_cc_username'];
}
- try {
- $stmt = $pdo->prepare("SELECT `address`,
- `goto`,
- `validity`
- FROM `spamalias`
- WHERE `goto` = :username
- AND `validity` >= :unixnow");
- $stmt->execute(array(':username' => $_data, ':unixnow' => time()));
- $tladata = $stmt->fetchAll(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- }
+ $stmt = $pdo->prepare("SELECT `address`,
+ `goto`,
+ `validity`
+ FROM `spamalias`
+ WHERE `goto` = :username
+ AND `validity` >= :unixnow");
+ $stmt->execute(array(':username' => $_data, ':unixnow' => time()));
+ $tladata = $stmt->fetchAll(PDO::FETCH_ASSOC);
return $tladata;
break;
case 'delimiter_action':
@@ -2997,7 +2591,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('redis_error', $e)
@@ -3011,44 +2605,24 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
elseif (isset($_data) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
- try {
- $stmt = $pdo->prepare("SELECT `username` FROM `mailbox` WHERE `kind` REGEXP 'location|thing|group' AND `domain` != 'ALL' AND `domain` = :domain");
- $stmt->execute(array(
- ':domain' => $_data,
- ));
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while($row = array_shift($rows)) {
- $resources[] = $row['username'];
- }
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ $stmt = $pdo->prepare("SELECT `username` FROM `mailbox` WHERE `kind` REGEXP 'location|thing|group' AND `domain` != 'ALL' AND `domain` = :domain");
+ $stmt->execute(array(
+ ':domain' => $_data,
+ ));
+ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while($row = array_shift($rows)) {
+ $resources[] = $row['username'];
}
}
else {
- try {
- $stmt = $pdo->prepare("SELECT `username` FROM `mailbox` WHERE `kind` REGEXP 'location|thing|group' AND `domain` IN (SELECT `domain` FROM `domain_admins` WHERE `active` = '1' AND `username` = :username) OR 'admin' = :role");
- $stmt->execute(array(
- ':username' => $_SESSION['mailcow_cc_username'],
- ':role' => $_SESSION['mailcow_cc_role'],
- ));
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while($row = array_shift($rows)) {
- $resources[] = $row['username'];
- }
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ $stmt = $pdo->prepare("SELECT `username` FROM `mailbox` WHERE `kind` REGEXP 'location|thing|group' AND `domain` IN (SELECT `domain` FROM `domain_admins` WHERE `active` = '1' AND `username` = :username) OR 'admin' = :role");
+ $stmt->execute(array(
+ ':username' => $_SESSION['mailcow_cc_username'],
+ ':role' => $_SESSION['mailcow_cc_role'],
+ ));
+ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while($row = array_shift($rows)) {
+ $resources[] = $row['username'];
}
}
return $resources;
@@ -3059,44 +2633,24 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
elseif (isset($_data) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
- try {
- $stmt = $pdo->prepare("SELECT `alias_domain` FROM `alias_domain` WHERE `target_domain` = :domain");
- $stmt->execute(array(
- ':domain' => $_data,
- ));
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while($row = array_shift($rows)) {
- $aliasdomains[] = $row['alias_domain'];
- }
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ $stmt = $pdo->prepare("SELECT `alias_domain` FROM `alias_domain` WHERE `target_domain` = :domain");
+ $stmt->execute(array(
+ ':domain' => $_data,
+ ));
+ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while($row = array_shift($rows)) {
+ $aliasdomains[] = $row['alias_domain'];
}
}
else {
- try {
- $stmt = $pdo->prepare("SELECT `alias_domain` FROM `alias_domain` WHERE `target_domain` IN (SELECT `domain` FROM `domain_admins` WHERE `active` = '1' AND `username` = :username) OR 'admin' = :role");
- $stmt->execute(array(
- ':username' => $_SESSION['mailcow_cc_username'],
- ':role' => $_SESSION['mailcow_cc_role'],
- ));
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while($row = array_shift($rows)) {
- $aliasdomains[] = $row['alias_domain'];
- }
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ $stmt = $pdo->prepare("SELECT `alias_domain` FROM `alias_domain` WHERE `target_domain` IN (SELECT `domain` FROM `domain_admins` WHERE `active` = '1' AND `username` = :username) OR 'admin' = :role");
+ $stmt->execute(array(
+ ':username' => $_SESSION['mailcow_cc_username'],
+ ':role' => $_SESSION['mailcow_cc_role'],
+ ));
+ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while($row = array_shift($rows)) {
+ $aliasdomains[] = $row['alias_domain'];
}
}
return $aliasdomains;
@@ -3106,30 +2660,20 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
return false;
}
- try {
- $stmt = $pdo->prepare("SELECT `address` FROM `alias` WHERE `address` != `goto` AND `domain` = :domain");
- $stmt->execute(array(
- ':domain' => $_data,
- ));
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while($row = array_shift($rows)) {
- $aliases[] = $row['address'];
- }
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ $stmt = $pdo->prepare("SELECT `id` FROM `alias` WHERE `address` != `goto` AND `domain` = :domain");
+ $stmt->execute(array(
+ ':domain' => $_data,
+ ));
+ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while($row = array_shift($rows)) {
+ $aliases[] = $row['id'];
}
return $aliases;
break;
case 'ratelimit':
if (is_valid_domain_name($_data)) {
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -3139,7 +2683,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
elseif (filter_var($_data, FILTER_VALIDATE_EMAIL)) {
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -3162,7 +2706,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('redis_error', $e)
@@ -3173,85 +2717,67 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
break;
case 'alias_details':
$aliasdata = array();
- try {
- $stmt = $pdo->prepare("SELECT
- `domain`,
- `goto`,
- `address`,
- `active` as `active_int`,
- CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`,
- `created`,
- `modified`
- FROM `alias`
- WHERE `address` = :address AND `address` != `goto`");
- $stmt->execute(array(
- ':address' => $_data,
- ));
- $row = $stmt->fetch(PDO::FETCH_ASSOC);
- $stmt = $pdo->prepare("SELECT `target_domain` FROM `alias_domain` WHERE `alias_domain` = :domain");
- $stmt->execute(array(
- ':domain' => $row['domain'],
- ));
- $row_alias_domain = $stmt->fetch(PDO::FETCH_ASSOC);
- if (isset($row_alias_domain['target_domain']) && !empty($row_alias_domain['target_domain'])) {
- $aliasdata['in_primary_domain'] = $row_alias_domain['target_domain'];
- }
- else {
- $aliasdata['in_primary_domain'] = "";
- }
- $aliasdata['domain'] = $row['domain'];
- $aliasdata['goto'] = $row['goto'];
- $aliasdata['address'] = $row['address'];
- (!filter_var($aliasdata['address'], FILTER_VALIDATE_EMAIL)) ? $aliasdata['is_catch_all'] = 1 : $aliasdata['is_catch_all'] = 0;
- $aliasdata['active'] = $row['active'];
- $aliasdata['active_int'] = $row['active_int'];
- $aliasdata['created'] = $row['created'];
- $aliasdata['modified'] = $row['modified'];
- if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $aliasdata['domain'])) {
- return false;
- }
+ $stmt = $pdo->prepare("SELECT
+ `id`,
+ `domain`,
+ `goto`,
+ `address`,
+ `active` as `active_int`,
+ CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`,
+ `created`,
+ `modified`
+ FROM `alias`
+ WHERE `id` = :id AND `address` != `goto`");
+ $stmt->execute(array(
+ ':id' => intval($_data),
+ ));
+ $row = $stmt->fetch(PDO::FETCH_ASSOC);
+ $stmt = $pdo->prepare("SELECT `target_domain` FROM `alias_domain` WHERE `alias_domain` = :domain");
+ $stmt->execute(array(
+ ':domain' => $row['domain'],
+ ));
+ $row_alias_domain = $stmt->fetch(PDO::FETCH_ASSOC);
+ if (isset($row_alias_domain['target_domain']) && !empty($row_alias_domain['target_domain'])) {
+ $aliasdata['in_primary_domain'] = $row_alias_domain['target_domain'];
}
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
+ else {
+ $aliasdata['in_primary_domain'] = "";
+ }
+ $aliasdata['id'] = $row['id'];
+ $aliasdata['domain'] = $row['domain'];
+ $aliasdata['goto'] = $row['goto'];
+ $aliasdata['address'] = $row['address'];
+ (!filter_var($aliasdata['address'], FILTER_VALIDATE_EMAIL)) ? $aliasdata['is_catch_all'] = 1 : $aliasdata['is_catch_all'] = 0;
+ $aliasdata['active'] = $row['active'];
+ $aliasdata['active_int'] = $row['active_int'];
+ $aliasdata['created'] = $row['created'];
+ $aliasdata['modified'] = $row['modified'];
+ if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $aliasdata['domain'])) {
return false;
}
return $aliasdata;
break;
case 'alias_domain_details':
$aliasdomaindata = array();
- try {
- $stmt = $pdo->prepare("SELECT
- `alias_domain`,
- `target_domain`,
- `active` AS `active_int`,
- CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`,
- `created`,
- `modified`
- FROM `alias_domain`
- WHERE `alias_domain` = :aliasdomain");
- $stmt->execute(array(
- ':aliasdomain' => $_data,
- ));
- $row = $stmt->fetch(PDO::FETCH_ASSOC);
- $aliasdomaindata['alias_domain'] = $row['alias_domain'];
- $aliasdomaindata['target_domain'] = $row['target_domain'];
- $aliasdomaindata['active'] = $row['active'];
- $aliasdomaindata['active_int'] = $row['active_int'];
- $aliasdomaindata['created'] = $row['created'];
- $aliasdomaindata['modified'] = $row['modified'];
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("SELECT
+ `alias_domain`,
+ `target_domain`,
+ `active` AS `active_int`,
+ CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`,
+ `created`,
+ `modified`
+ FROM `alias_domain`
+ WHERE `alias_domain` = :aliasdomain");
+ $stmt->execute(array(
+ ':aliasdomain' => $_data,
+ ));
+ $row = $stmt->fetch(PDO::FETCH_ASSOC);
+ $aliasdomaindata['alias_domain'] = $row['alias_domain'];
+ $aliasdomaindata['target_domain'] = $row['target_domain'];
+ $aliasdomaindata['active'] = $row['active'];
+ $aliasdomaindata['active_int'] = $row['active_int'];
+ $aliasdomaindata['created'] = $row['created'];
+ $aliasdomaindata['modified'] = $row['modified'];
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $aliasdomaindata['target_domain'])) {
return false;
}
@@ -3262,30 +2788,20 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
if ($_SESSION['mailcow_cc_role'] != "admin" && $_SESSION['mailcow_cc_role'] != "domainadmin") {
return false;
}
- try {
- $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
- WHERE (`domain` IN (
- SELECT `domain` from `domain_admins`
- WHERE (`active`='1' AND `username` = :username))
- )
- OR ('admin'= :role)
- AND `domain` != 'ALL'");
- $stmt->execute(array(
- ':username' => $_SESSION['mailcow_cc_username'],
- ':role' => $_SESSION['mailcow_cc_role'],
- ));
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while($row = array_shift($rows)) {
- $domains[] = $row['domain'];
- }
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
+ WHERE (`domain` IN (
+ SELECT `domain` from `domain_admins`
+ WHERE (`active`='1' AND `username` = :username))
+ )
+ OR ('admin'= :role)
+ AND `domain` != 'ALL'");
+ $stmt->execute(array(
+ ':username' => $_SESSION['mailcow_cc_username'],
+ ':role' => $_SESSION['mailcow_cc_role'],
+ ));
+ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while($row = array_shift($rows)) {
+ $domains[] = $row['domain'];
}
return $domains;
break;
@@ -3295,85 +2811,75 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
return false;
}
- try {
- $stmt = $pdo->prepare("SELECT `target_domain` FROM `alias_domain` WHERE `alias_domain` = :domain");
- $stmt->execute(array(
- ':domain' => $_data
- ));
- $row = $stmt->fetch(PDO::FETCH_ASSOC);
- if (!empty($row)) {
- $_data = $row['target_domain'];
- }
- $stmt = $pdo->prepare("SELECT
- `domain`,
- `description`,
- `aliases`,
- `mailboxes`,
- `maxquota`,
- `quota`,
- `relayhost`,
- `relay_all_recipients` as `relay_all_recipients_int`,
- `backupmx` as `backupmx_int`,
- `active` as `active_int`,
- CASE `relay_all_recipients` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `relay_all_recipients`,
- CASE `backupmx` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `backupmx`,
- CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`
- FROM `domain` WHERE `domain`= :domain");
- $stmt->execute(array(
- ':domain' => $_data
- ));
- $row = $stmt->fetch(PDO::FETCH_ASSOC);
- if (empty($row)) {
- return false;
- }
- $stmt = $pdo->prepare("SELECT COUNT(*) AS `count`,
- COALESCE(SUM(`quota`), 0) AS `in_use`
- FROM `mailbox`
- WHERE `kind` NOT REGEXP 'location|thing|group'
- AND `domain` = :domain");
- $stmt->execute(array(':domain' => $row['domain']));
- $MailboxDataDomain = $stmt->fetch(PDO::FETCH_ASSOC);
- $domaindata['max_new_mailbox_quota'] = ($row['quota'] * 1048576) - $MailboxDataDomain['in_use'];
- if ($domaindata['max_new_mailbox_quota'] > ($row['maxquota'] * 1048576)) {
- $domaindata['max_new_mailbox_quota'] = ($row['maxquota'] * 1048576);
- }
- $domaindata['quota_used_in_domain'] = $MailboxDataDomain['in_use'];
- $domaindata['mboxes_in_domain'] = $MailboxDataDomain['count'];
- $domaindata['mboxes_left'] = $row['mailboxes'] - $MailboxDataDomain['count'];
- $domaindata['domain_name'] = $row['domain'];
- $domaindata['description'] = $row['description'];
- $domaindata['max_num_aliases_for_domain'] = $row['aliases'];
- $domaindata['max_num_mboxes_for_domain'] = $row['mailboxes'];
- $domaindata['max_quota_for_mbox'] = $row['maxquota'] * 1048576;
- $domaindata['max_quota_for_domain'] = $row['quota'] * 1048576;
- $domaindata['relayhost'] = $row['relayhost'];
- $domaindata['backupmx'] = $row['backupmx'];
- $domaindata['backupmx_int'] = $row['backupmx_int'];
- $domaindata['active'] = $row['active'];
- $domaindata['active_int'] = $row['active_int'];
- $domaindata['relay_all_recipients'] = $row['relay_all_recipients'];
- $domaindata['relay_all_recipients_int'] = $row['relay_all_recipients_int'];
- $stmt = $pdo->prepare("SELECT COUNT(*) AS `alias_count` FROM `alias`
- WHERE (`domain`= :domain OR `domain` IN (SELECT `alias_domain` FROM `alias_domain` WHERE `target_domain` = :domain2))
- AND `address` NOT IN (
- SELECT `username` FROM `mailbox`
- )");
- $stmt->execute(array(
- ':domain' => $_data,
- ':domain2' => $_data
- ));
- $AliasDataDomain = $stmt->fetch(PDO::FETCH_ASSOC);
- (isset($AliasDataDomain['alias_count'])) ? $domaindata['aliases_in_domain'] = $AliasDataDomain['alias_count'] : $domaindata['aliases_in_domain'] = "0";
- $domaindata['aliases_left'] = $row['aliases'] - $AliasDataDomain['alias_count'];
+ $stmt = $pdo->prepare("SELECT `target_domain` FROM `alias_domain` WHERE `alias_domain` = :domain");
+ $stmt->execute(array(
+ ':domain' => $_data
+ ));
+ $row = $stmt->fetch(PDO::FETCH_ASSOC);
+ if (!empty($row)) {
+ $_data = $row['target_domain'];
}
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
+ $stmt = $pdo->prepare("SELECT
+ `domain`,
+ `description`,
+ `aliases`,
+ `mailboxes`,
+ `maxquota`,
+ `quota`,
+ `relayhost`,
+ `relay_all_recipients` as `relay_all_recipients_int`,
+ `backupmx` as `backupmx_int`,
+ `active` as `active_int`,
+ CASE `relay_all_recipients` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `relay_all_recipients`,
+ CASE `backupmx` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `backupmx`,
+ CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`
+ FROM `domain` WHERE `domain`= :domain");
+ $stmt->execute(array(
+ ':domain' => $_data
+ ));
+ $row = $stmt->fetch(PDO::FETCH_ASSOC);
+ if (empty($row)) {
return false;
}
+ $stmt = $pdo->prepare("SELECT COUNT(*) AS `count`,
+ COALESCE(SUM(`quota`), 0) AS `in_use`
+ FROM `mailbox`
+ WHERE `kind` NOT REGEXP 'location|thing|group'
+ AND `domain` = :domain");
+ $stmt->execute(array(':domain' => $row['domain']));
+ $MailboxDataDomain = $stmt->fetch(PDO::FETCH_ASSOC);
+ $domaindata['max_new_mailbox_quota'] = ($row['quota'] * 1048576) - $MailboxDataDomain['in_use'];
+ if ($domaindata['max_new_mailbox_quota'] > ($row['maxquota'] * 1048576)) {
+ $domaindata['max_new_mailbox_quota'] = ($row['maxquota'] * 1048576);
+ }
+ $domaindata['quota_used_in_domain'] = $MailboxDataDomain['in_use'];
+ $domaindata['mboxes_in_domain'] = $MailboxDataDomain['count'];
+ $domaindata['mboxes_left'] = $row['mailboxes'] - $MailboxDataDomain['count'];
+ $domaindata['domain_name'] = $row['domain'];
+ $domaindata['description'] = $row['description'];
+ $domaindata['max_num_aliases_for_domain'] = $row['aliases'];
+ $domaindata['max_num_mboxes_for_domain'] = $row['mailboxes'];
+ $domaindata['max_quota_for_mbox'] = $row['maxquota'] * 1048576;
+ $domaindata['max_quota_for_domain'] = $row['quota'] * 1048576;
+ $domaindata['relayhost'] = $row['relayhost'];
+ $domaindata['backupmx'] = $row['backupmx'];
+ $domaindata['backupmx_int'] = $row['backupmx_int'];
+ $domaindata['active'] = $row['active'];
+ $domaindata['active_int'] = $row['active_int'];
+ $domaindata['relay_all_recipients'] = $row['relay_all_recipients'];
+ $domaindata['relay_all_recipients_int'] = $row['relay_all_recipients_int'];
+ $stmt = $pdo->prepare("SELECT COUNT(*) AS `alias_count` FROM `alias`
+ WHERE (`domain`= :domain OR `domain` IN (SELECT `alias_domain` FROM `alias_domain` WHERE `target_domain` = :domain2))
+ AND `address` NOT IN (
+ SELECT `username` FROM `mailbox`
+ )");
+ $stmt->execute(array(
+ ':domain' => $_data,
+ ':domain2' => $_data
+ ));
+ $AliasDataDomain = $stmt->fetch(PDO::FETCH_ASSOC);
+ (isset($AliasDataDomain['alias_count'])) ? $domaindata['aliases_in_domain'] = $AliasDataDomain['alias_count'] : $domaindata['aliases_in_domain'] = "0";
+ $domaindata['aliases_left'] = $row['aliases'] - $AliasDataDomain['alias_count'];
return $domaindata;
break;
case 'mailbox_details':
@@ -3381,66 +2887,56 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
$mailboxdata = array();
- try {
- $stmt = $pdo->prepare("SELECT
- `domain`.`backupmx`,
- `mailbox`.`username`,
- `mailbox`.`name`,
- `mailbox`.`active` AS `active_int`,
- CASE `mailbox`.`active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`,
- `mailbox`.`domain`,
- `mailbox`.`quota`,
- `quota2`.`bytes`,
- `attributes`,
- `quota2`.`messages`
- FROM `mailbox`, `quota2`, `domain`
- WHERE `mailbox`.`kind` NOT REGEXP 'location|thing|group' AND `mailbox`.`username` = `quota2`.`username` AND `domain`.`domain` = `mailbox`.`domain` AND `mailbox`.`username` = :mailbox");
- $stmt->execute(array(
- ':mailbox' => $_data,
- ));
- $row = $stmt->fetch(PDO::FETCH_ASSOC);
- $stmt = $pdo->prepare("SELECT `maxquota`, `quota` FROM `domain` WHERE `domain` = :domain");
- $stmt->execute(array(':domain' => $row['domain']));
- $DomainQuota = $stmt->fetch(PDO::FETCH_ASSOC);
- $stmt = $pdo->prepare("SELECT COALESCE(SUM(`quota`), 0) as `in_use` FROM `mailbox` WHERE `kind` NOT REGEXP 'location|thing|group' AND `domain` = :domain AND `username` != :username");
- $stmt->execute(array(':domain' => $row['domain'], ':username' => $_data));
- $MailboxUsage = $stmt->fetch(PDO::FETCH_ASSOC);
- $stmt = $pdo->prepare("SELECT IFNULL(COUNT(`address`), 0) AS `sa_count` FROM `spamalias` WHERE `goto` = :address AND `validity` >= :unixnow");
- $stmt->execute(array(':address' => $_data, ':unixnow' => time()));
- $SpamaliasUsage = $stmt->fetch(PDO::FETCH_ASSOC);
- $mailboxdata['max_new_quota'] = ($DomainQuota['quota'] * 1048576) - $MailboxUsage['in_use'];
- if ($mailboxdata['max_new_quota'] > ($DomainQuota['maxquota'] * 1048576)) {
- $mailboxdata['max_new_quota'] = ($DomainQuota['maxquota'] * 1048576);
- }
- $mailboxdata['username'] = $row['username'];
- $mailboxdata['is_relayed'] = $row['backupmx'];
- $mailboxdata['name'] = $row['name'];
- $mailboxdata['active'] = $row['active'];
- $mailboxdata['active_int'] = $row['active_int'];
- $mailboxdata['domain'] = $row['domain'];
- $mailboxdata['quota'] = $row['quota'];
- $mailboxdata['attributes'] = json_decode($row['attributes'], true);
- $mailboxdata['quota_used'] = intval($row['bytes']);
- $mailboxdata['percent_in_use'] = round((intval($row['bytes']) / intval($row['quota'])) * 100);
- $mailboxdata['messages'] = $row['messages'];
- $mailboxdata['spam_aliases'] = $SpamaliasUsage['sa_count'];
- if ($mailboxdata['percent_in_use'] >= 90) {
- $mailboxdata['percent_class'] = "danger";
- }
- elseif ($mailboxdata['percent_in_use'] >= 75) {
- $mailboxdata['percent_class'] = "warning";
- }
- else {
- $mailboxdata['percent_class'] = "success";
- }
+ $stmt = $pdo->prepare("SELECT
+ `domain`.`backupmx`,
+ `mailbox`.`username`,
+ `mailbox`.`name`,
+ `mailbox`.`active` AS `active_int`,
+ CASE `mailbox`.`active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`,
+ `mailbox`.`domain`,
+ `mailbox`.`quota`,
+ `quota2`.`bytes`,
+ `attributes`,
+ `quota2`.`messages`
+ FROM `mailbox`, `quota2`, `domain`
+ WHERE `mailbox`.`kind` NOT REGEXP 'location|thing|group' AND `mailbox`.`username` = `quota2`.`username` AND `domain`.`domain` = `mailbox`.`domain` AND `mailbox`.`username` = :mailbox");
+ $stmt->execute(array(
+ ':mailbox' => $_data,
+ ));
+ $row = $stmt->fetch(PDO::FETCH_ASSOC);
+ $stmt = $pdo->prepare("SELECT `maxquota`, `quota` FROM `domain` WHERE `domain` = :domain");
+ $stmt->execute(array(':domain' => $row['domain']));
+ $DomainQuota = $stmt->fetch(PDO::FETCH_ASSOC);
+ $stmt = $pdo->prepare("SELECT COALESCE(SUM(`quota`), 0) as `in_use` FROM `mailbox` WHERE `kind` NOT REGEXP 'location|thing|group' AND `domain` = :domain AND `username` != :username");
+ $stmt->execute(array(':domain' => $row['domain'], ':username' => $_data));
+ $MailboxUsage = $stmt->fetch(PDO::FETCH_ASSOC);
+ $stmt = $pdo->prepare("SELECT IFNULL(COUNT(`address`), 0) AS `sa_count` FROM `spamalias` WHERE `goto` = :address AND `validity` >= :unixnow");
+ $stmt->execute(array(':address' => $_data, ':unixnow' => time()));
+ $SpamaliasUsage = $stmt->fetch(PDO::FETCH_ASSOC);
+ $mailboxdata['max_new_quota'] = ($DomainQuota['quota'] * 1048576) - $MailboxUsage['in_use'];
+ if ($mailboxdata['max_new_quota'] > ($DomainQuota['maxquota'] * 1048576)) {
+ $mailboxdata['max_new_quota'] = ($DomainQuota['maxquota'] * 1048576);
}
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ $mailboxdata['username'] = $row['username'];
+ $mailboxdata['is_relayed'] = $row['backupmx'];
+ $mailboxdata['name'] = $row['name'];
+ $mailboxdata['active'] = $row['active'];
+ $mailboxdata['active_int'] = $row['active_int'];
+ $mailboxdata['domain'] = $row['domain'];
+ $mailboxdata['quota'] = $row['quota'];
+ $mailboxdata['attributes'] = json_decode($row['attributes'], true);
+ $mailboxdata['quota_used'] = intval($row['bytes']);
+ $mailboxdata['percent_in_use'] = round((intval($row['bytes']) / intval($row['quota'])) * 100);
+ $mailboxdata['messages'] = $row['messages'];
+ $mailboxdata['spam_aliases'] = $SpamaliasUsage['sa_count'];
+ if ($mailboxdata['percent_in_use'] >= 90) {
+ $mailboxdata['percent_class'] = "danger";
+ }
+ elseif ($mailboxdata['percent_in_use'] >= 75) {
+ $mailboxdata['percent_class'] = "warning";
+ }
+ else {
+ $mailboxdata['percent_class'] = "success";
}
return $mailboxdata;
break;
@@ -3449,38 +2945,28 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
return false;
}
- try {
- $stmt = $pdo->prepare("SELECT
- `username`,
- `name`,
- `kind`,
- `multiple_bookings`,
- `local_part`,
- `active` AS `active_int`,
- CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`,
- `domain`
- FROM `mailbox` WHERE `kind` REGEXP 'location|thing|group' AND `username` = :resource");
- $stmt->execute(array(
- ':resource' => $_data,
- ));
- $row = $stmt->fetch(PDO::FETCH_ASSOC);
- $resourcedata['name'] = $row['username'];
- $resourcedata['kind'] = $row['kind'];
- $resourcedata['multiple_bookings'] = $row['multiple_bookings'];
- $resourcedata['description'] = $row['name'];
- $resourcedata['active'] = $row['active'];
- $resourcedata['active_int'] = $row['active_int'];
- $resourcedata['domain'] = $row['domain'];
- $resourcedata['local_part'] = $row['local_part'];
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("SELECT
+ `username`,
+ `name`,
+ `kind`,
+ `multiple_bookings`,
+ `local_part`,
+ `active` AS `active_int`,
+ CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`,
+ `domain`
+ FROM `mailbox` WHERE `kind` REGEXP 'location|thing|group' AND `username` = :resource");
+ $stmt->execute(array(
+ ':resource' => $_data,
+ ));
+ $row = $stmt->fetch(PDO::FETCH_ASSOC);
+ $resourcedata['name'] = $row['username'];
+ $resourcedata['kind'] = $row['kind'];
+ $resourcedata['multiple_bookings'] = $row['multiple_bookings'];
+ $resourcedata['description'] = $row['name'];
+ $resourcedata['active'] = $row['active'];
+ $resourcedata['active_int'] = $row['active_int'];
+ $resourcedata['domain'] = $row['domain'];
+ $resourcedata['local_part'] = $row['local_part'];
if (!isset($resourcedata['domain']) ||
(isset($resourcedata['domain']) && !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $resourcedata['domain']))) {
return false;
@@ -3500,7 +2986,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$ids = $_data['id'];
}
if (!isset($_SESSION['acl']['syncjobs']) || $_SESSION['acl']['syncjobs'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -3511,35 +2997,25 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
if (!is_numeric($id)) {
return false;
}
- try {
- $stmt = $pdo->prepare("SELECT `user2` FROM `imapsync` WHERE id = :id");
- $stmt->execute(array(':id' => $id));
- $user2 = $stmt->fetch(PDO::FETCH_ASSOC)['user2'];
- if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $user2)) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'access_denied'
- );
- return false;
- }
- $stmt = $pdo->prepare("DELETE FROM `imapsync` WHERE `id`= :id");
- $stmt->execute(array(':id' => $id));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $stmt = $pdo->prepare("SELECT `user2` FROM `imapsync` WHERE id = :id");
+ $stmt->execute(array(':id' => $id));
+ $user2 = $stmt->fetch(PDO::FETCH_ASSOC)['user2'];
+ if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $user2)) {
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
+ 'msg' => 'access_denied'
);
- return false;
+ continue;
}
+ $stmt = $pdo->prepare("DELETE FROM `imapsync` WHERE `id`= :id");
+ $stmt->execute(array(':id' => $id));
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('deleted_syncjob', $id)
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('deleted_syncjobs', implode(', ', $ids))
- );
break;
case 'filter':
if (!is_array($_data['id'])) {
@@ -3550,7 +3026,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$ids = $_data['id'];
}
if (!isset($_SESSION['acl']['filters']) || $_SESSION['acl']['filters'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -3559,37 +3035,27 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
foreach ($ids as $id) {
if (!is_numeric($id)) {
- return false;
+ continue;
}
- try {
- $stmt = $pdo->prepare("SELECT `username` FROM `sieve_filters` WHERE id = :id");
- $stmt->execute(array(':id' => $id));
- $usr = $stmt->fetch(PDO::FETCH_ASSOC)['username'];
- if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $usr)) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => 'access_denied'
- );
- return false;
- }
- $stmt = $pdo->prepare("DELETE FROM `sieve_filters` WHERE `id`= :id");
- $stmt->execute(array(':id' => $id));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $stmt = $pdo->prepare("SELECT `username` FROM `sieve_filters` WHERE id = :id");
+ $stmt->execute(array(':id' => $id));
+ $usr = $stmt->fetch(PDO::FETCH_ASSOC)['username'];
+ if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $usr)) {
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
+ 'msg' => 'access_denied'
);
- return false;
+ continue;
}
+ $stmt = $pdo->prepare("DELETE FROM `sieve_filters` WHERE `id`= :id");
+ $stmt->execute(array(':id' => $id));
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('delete_filter', $id)
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('delete_filters', implode(', ', $ids))
- );
break;
case 'time_limited_alias':
if (!is_array($_data['address'])) {
@@ -3600,7 +3066,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$addresses = $_data['address'];
}
if (!isset($_SESSION['acl']['spam_alias']) || $_SESSION['acl']['spam_alias'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -3608,48 +3074,28 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false;
}
foreach ($addresses as $address) {
- try {
- $stmt = $pdo->prepare("SELECT `goto` FROM `spamalias` WHERE `address` = :address");
- $stmt->execute(array(':address' => $address));
- $goto = $stmt->fetch(PDO::FETCH_ASSOC)['goto'];
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("SELECT `goto` FROM `spamalias` WHERE `address` = :address");
+ $stmt->execute(array(':address' => $address));
+ $goto = $stmt->fetch(PDO::FETCH_ASSOC)['goto'];
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $goto)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
- try {
- $stmt = $pdo->prepare("DELETE FROM `spamalias` WHERE `goto` = :username AND `address` = :item");
- $stmt->execute(array(
- ':username' => $goto,
- ':item' => $address
- ));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("DELETE FROM `spamalias` WHERE `goto` = :username AND `address` = :item");
+ $stmt->execute(array(
+ ':username' => $goto,
+ ':item' => $address
+ ));
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('mailbox_modified', htmlspecialchars($goto))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mailbox_modified', htmlspecialchars($usernames))
- );
break;
case 'eas_cache':
if (!is_array($_data['username'])) {
@@ -3660,7 +3106,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$usernames = $_data['username'];
}
if (!isset($_SESSION['acl']['eas_reset']) || $_SESSION['acl']['eas_reset'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -3669,33 +3115,23 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
foreach ($usernames as $username) {
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
- }
- try {
- $stmt = $pdo->prepare("DELETE FROM `sogo_cache_folder` WHERE `c_uid` = :username");
- $stmt->execute(array(
- ':username' => $username
- ));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ continue;
}
+ $stmt = $pdo->prepare("DELETE FROM `sogo_cache_folder` WHERE `c_uid` = :username");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('eas_reset', htmlspecialchars($username))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('eas_reset', htmlspecialchars(implode(', ', $usernames)))
- );
break;
case 'domain':
if (!is_array($_data['domain'])) {
@@ -3706,7 +3142,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$domains = $_data['domain'];
}
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
@@ -3715,157 +3151,112 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
foreach ($domains as $domain) {
if (!is_valid_domain_name($domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'domain_invalid'
);
- return false;
+ continue;
}
$domain = idn_to_ascii(strtolower(trim($domain)));
- try {
- $stmt = $pdo->prepare("SELECT `username` FROM `mailbox`
- WHERE `domain` = :domain");
- $stmt->execute(array(':domain' => $domain));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $stmt = $pdo->prepare("SELECT `username` FROM `mailbox`
+ WHERE `domain` = :domain");
+ $stmt->execute(array(':domain' => $domain));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
if ($num_results != 0 || !empty($num_results)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'domain_not_empty'
);
- return false;
- }
- try {
- $stmt = $pdo->prepare("DELETE FROM `domain` WHERE `domain` = :domain");
- $stmt->execute(array(
- ':domain' => $domain,
- ));
- $stmt = $pdo->prepare("DELETE FROM `domain_admins` WHERE `domain` = :domain");
- $stmt->execute(array(
- ':domain' => $domain,
- ));
- $stmt = $pdo->prepare("DELETE FROM `alias` WHERE `domain` = :domain");
- $stmt->execute(array(
- ':domain' => $domain,
- ));
- $stmt = $pdo->prepare("DELETE FROM `alias_domain` WHERE `target_domain` = :domain");
- $stmt->execute(array(
- ':domain' => $domain,
- ));
- $stmt = $pdo->prepare("DELETE FROM `mailbox` WHERE `domain` = :domain");
- $stmt->execute(array(
- ':domain' => $domain,
- ));
- $stmt = $pdo->prepare("DELETE FROM `sender_acl` WHERE `logged_in_as` LIKE :domain");
- $stmt->execute(array(
- ':domain' => '%@'.$domain,
- ));
- $stmt = $pdo->prepare("DELETE FROM `quota2` WHERE `username` = :domain");
- $stmt->execute(array(
- ':domain' => '%@'.$domain,
- ));
- $stmt = $pdo->prepare("DELETE FROM `spamalias` WHERE `address` = :domain");
- $stmt->execute(array(
- ':domain' => '%@'.$domain,
- ));
- $stmt = $pdo->prepare("DELETE FROM `filterconf` WHERE `object` = :domain");
- $stmt->execute(array(
- ':domain' => '%@'.$domain,
- ));
- $stmt = $pdo->prepare("DELETE FROM `bcc_maps` WHERE `local_dest` = :domain");
- $stmt->execute(array(
- ':domain' => $domain,
- ));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ continue;
}
+ $stmt = $pdo->prepare("DELETE FROM `domain` WHERE `domain` = :domain");
+ $stmt->execute(array(
+ ':domain' => $domain,
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `domain_admins` WHERE `domain` = :domain");
+ $stmt->execute(array(
+ ':domain' => $domain,
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `alias` WHERE `domain` = :domain");
+ $stmt->execute(array(
+ ':domain' => $domain,
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `alias_domain` WHERE `target_domain` = :domain");
+ $stmt->execute(array(
+ ':domain' => $domain,
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `mailbox` WHERE `domain` = :domain");
+ $stmt->execute(array(
+ ':domain' => $domain,
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `sender_acl` WHERE `logged_in_as` LIKE :domain");
+ $stmt->execute(array(
+ ':domain' => '%@'.$domain,
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `quota2` WHERE `username` = :domain");
+ $stmt->execute(array(
+ ':domain' => '%@'.$domain,
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `spamalias` WHERE `address` = :domain");
+ $stmt->execute(array(
+ ':domain' => '%@'.$domain,
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `filterconf` WHERE `object` = :domain");
+ $stmt->execute(array(
+ ':domain' => '%@'.$domain,
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `bcc_maps` WHERE `local_dest` = :domain");
+ $stmt->execute(array(
+ ':domain' => $domain,
+ ));
try {
$redis->hDel('DOMAIN_MAP', $domain);
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('redis_error', $e)
);
- return false;
+ continue;
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('domain_removed', htmlspecialchars($domain))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('domain_removed', htmlspecialchars(implode(', ', $domains)))
- );
break;
case 'alias':
- if (!is_array($_data['address'])) {
- $addresses = array();
- $addresses[] = $_data['address'];
+ if (!is_array($_data['id'])) {
+ $ids = array();
+ $ids[] = $_data['id'];
}
else {
- $addresses = $_data['address'];
+ $ids = $_data['id'];
}
- foreach ($addresses as $address) {
- $local_part = strstr($address, '@', true);
- $domain = mailbox('get', 'alias_details', $address)['domain'];
- try {
- $stmt = $pdo->prepare("SELECT `goto` FROM `alias` WHERE `address` = :address");
- $stmt->execute(array(':address' => $address));
- $gotos = $stmt->fetch(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
- $goto_array = explode(',', $gotos['goto']);
- if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
- $_SESSION['return'] = array(
+ foreach ($ids as $id) {
+ $alias_data = mailbox('get', 'alias_details', $id);
+ if (empty($alias_data)) {
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
- }
- try {
- $stmt = $pdo->prepare("DELETE FROM `alias` WHERE `address` = :address AND `address` NOT IN (SELECT `username` FROM `mailbox`)");
- $stmt->execute(array(
- ':address' => $address
- ));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ continue;
}
+ $stmt = $pdo->prepare("DELETE FROM `alias` WHERE `id` = :id");
+ $stmt->execute(array(
+ ':id' => $id
+ ));
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('alias_removed', htmlspecialchars($alias_data['address']))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('alias_removed', htmlspecialchars(implode(', ', $addresses)))
- );
break;
case 'alias_domain':
if (!is_array($_data['alias_domain'])) {
@@ -3877,74 +3268,54 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
foreach ($alias_domains as $alias_domain) {
if (!is_valid_domain_name($alias_domain)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'domain_invalid'
);
- return false;
- }
- try {
- $stmt = $pdo->prepare("SELECT `target_domain` FROM `alias_domain`
- WHERE `alias_domain`= :alias_domain");
- $stmt->execute(array(':alias_domain' => $alias_domain));
- $DomainData = $stmt->fetch(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ continue;
}
+ $stmt = $pdo->prepare("SELECT `target_domain` FROM `alias_domain`
+ WHERE `alias_domain`= :alias_domain");
+ $stmt->execute(array(':alias_domain' => $alias_domain));
+ $DomainData = $stmt->fetch(PDO::FETCH_ASSOC);
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $DomainData['target_domain'])) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
- }
- try {
- $stmt = $pdo->prepare("DELETE FROM `alias_domain` WHERE `alias_domain` = :alias_domain");
- $stmt->execute(array(
- ':alias_domain' => $alias_domain,
- ));
- $stmt = $pdo->prepare("DELETE FROM `alias` WHERE `domain` = :alias_domain");
- $stmt->execute(array(
- ':alias_domain' => $alias_domain,
- ));
- $stmt = $pdo->prepare("DELETE FROM `bcc_maps` WHERE `local_dest` = :alias_domain");
- $stmt->execute(array(
- ':alias_domain' => $alias_domain,
- ));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ continue;
}
+ $stmt = $pdo->prepare("DELETE FROM `alias_domain` WHERE `alias_domain` = :alias_domain");
+ $stmt->execute(array(
+ ':alias_domain' => $alias_domain,
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `alias` WHERE `domain` = :alias_domain");
+ $stmt->execute(array(
+ ':alias_domain' => $alias_domain,
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `bcc_maps` WHERE `local_dest` = :alias_domain");
+ $stmt->execute(array(
+ ':alias_domain' => $alias_domain,
+ ));
try {
$redis->hDel('DOMAIN_MAP', $alias_domain);
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('redis_error', $e)
);
- return false;
+ continue;
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('alias_domain_removed', htmlspecialchars($alias_domain))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('alias_domain_removed', htmlspecialchars(implode(', ', $alias_domains)))
- );
break;
case 'mailbox':
if (!is_array($_data['username'])) {
@@ -3956,115 +3327,105 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
foreach ($usernames as $username) {
if (!filter_var($username, FILTER_VALIDATE_EMAIL)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
- try {
- $stmt = $pdo->prepare("DELETE FROM `alias` WHERE `goto` = :username");
- $stmt->execute(array(
- ':username' => $username
- ));
- $stmt = $pdo->prepare("DELETE FROM `quota2` WHERE `username` = :username");
- $stmt->execute(array(
- ':username' => $username
- ));
- $stmt = $pdo->prepare("DELETE FROM `mailbox` WHERE `username` = :username");
- $stmt->execute(array(
- ':username' => $username
- ));
- $stmt = $pdo->prepare("DELETE FROM `sender_acl` WHERE `logged_in_as` = :username");
- $stmt->execute(array(
- ':username' => $username
- ));
- $stmt = $pdo->prepare("DELETE FROM `spamalias` WHERE `goto` = :username");
- $stmt->execute(array(
- ':username' => $username
- ));
- $stmt = $pdo->prepare("DELETE FROM `imapsync` WHERE `user2` = :username");
- $stmt->execute(array(
- ':username' => $username
- ));
- $stmt = $pdo->prepare("DELETE FROM `filterconf` WHERE `object` = :username");
- $stmt->execute(array(
- ':username' => $username
- ));
- $stmt = $pdo->prepare("DELETE FROM `sogo_user_profile` WHERE `c_uid` = :username");
- $stmt->execute(array(
- ':username' => $username
- ));
- $stmt = $pdo->prepare("DELETE FROM `sogo_cache_folder` WHERE `c_uid` = :username");
- $stmt->execute(array(
- ':username' => $username
- ));
- $stmt = $pdo->prepare("DELETE FROM `sogo_acl` WHERE `c_object` LIKE '%/" . $username . "/%' OR `c_uid` = :username");
- $stmt->execute(array(
- ':username' => $username
- ));
- $stmt = $pdo->prepare("DELETE FROM `sogo_store` WHERE `c_folder_id` IN (SELECT `c_folder_id` FROM `sogo_folder_info` WHERE `c_path2` = :username)");
- $stmt->execute(array(
- ':username' => $username
- ));
- $stmt = $pdo->prepare("DELETE FROM `sogo_quick_contact` WHERE `c_folder_id` IN (SELECT `c_folder_id` FROM `sogo_folder_info` WHERE `c_path2` = :username)");
- $stmt->execute(array(
- ':username' => $username
- ));
- $stmt = $pdo->prepare("DELETE FROM `sogo_quick_appointment` WHERE `c_folder_id` IN (SELECT `c_folder_id` FROM `sogo_folder_info` WHERE `c_path2` = :username)");
- $stmt->execute(array(
- ':username' => $username
- ));
- $stmt = $pdo->prepare("DELETE FROM `sogo_folder_info` WHERE `c_path2` = :username");
- $stmt->execute(array(
- ':username' => $username
- ));
- $stmt = $pdo->prepare("DELETE FROM `bcc_maps` WHERE `local_dest` = :username");
- $stmt->execute(array(
- ':username' => $username
- ));
- $stmt = $pdo->prepare("SELECT `address`, `goto` FROM `alias`
- WHERE `goto` REGEXP :username");
- $stmt->execute(array(':username' => '(^|,)'.$username.'($|,)'));
- $GotoData = $stmt->fetchAll(PDO::FETCH_ASSOC);
- foreach ($GotoData as $gotos) {
- $goto_exploded = explode(',', $gotos['goto']);
- if (($key = array_search($username, $goto_exploded)) !== false) {
- unset($goto_exploded[$key]);
- }
- $gotos_rebuild = implode(',', $goto_exploded);
- $stmt = $pdo->prepare("UPDATE `alias` SET
- `goto` = :goto
- WHERE `address` = :address");
- $stmt->execute(array(
- ':goto' => $gotos_rebuild,
- ':address' => $gotos['address']
- ));
+ $stmt = $pdo->prepare("DELETE FROM `alias` WHERE `goto` = :username");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `quota2` WHERE `username` = :username");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `mailbox` WHERE `username` = :username");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `sender_acl` WHERE `logged_in_as` = :username");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `spamalias` WHERE `goto` = :username");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `imapsync` WHERE `user2` = :username");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `filterconf` WHERE `object` = :username");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `sogo_user_profile` WHERE `c_uid` = :username");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `sogo_cache_folder` WHERE `c_uid` = :username");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `sogo_acl` WHERE `c_object` LIKE '%/" . $username . "/%' OR `c_uid` = :username");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `sogo_store` WHERE `c_folder_id` IN (SELECT `c_folder_id` FROM `sogo_folder_info` WHERE `c_path2` = :username)");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `sogo_quick_contact` WHERE `c_folder_id` IN (SELECT `c_folder_id` FROM `sogo_folder_info` WHERE `c_path2` = :username)");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `sogo_quick_appointment` WHERE `c_folder_id` IN (SELECT `c_folder_id` FROM `sogo_folder_info` WHERE `c_path2` = :username)");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `sogo_folder_info` WHERE `c_path2` = :username");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `bcc_maps` WHERE `local_dest` = :username");
+ $stmt->execute(array(
+ ':username' => $username
+ ));
+ $stmt = $pdo->prepare("SELECT `address`, `goto` FROM `alias`
+ WHERE `goto` REGEXP :username");
+ $stmt->execute(array(':username' => '(^|,)'.$username.'($|,)'));
+ $GotoData = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ foreach ($GotoData as $gotos) {
+ $goto_exploded = explode(',', $gotos['goto']);
+ if (($key = array_search($username, $goto_exploded)) !== false) {
+ unset($goto_exploded[$key]);
}
+ $gotos_rebuild = implode(',', $goto_exploded);
+ $stmt = $pdo->prepare("UPDATE `alias` SET
+ `goto` = :goto
+ WHERE `address` = :address");
+ $stmt->execute(array(
+ ':goto' => $gotos_rebuild,
+ ':address' => $gotos['address']
+ ));
}
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('mailbox_removed', htmlspecialchars($username))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mailbox_removed', htmlspecialchars(implode(', ', $usernames)))
- );
break;
case 'resource':
if (!is_array($_data['name'])) {
@@ -4076,69 +3437,59 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
foreach ($names as $name) {
if (!filter_var($name, FILTER_VALIDATE_EMAIL)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $name)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'access_denied'
);
- return false;
- }
- try {
- $stmt = $pdo->prepare("DELETE FROM `mailbox` WHERE `username` = :username");
- $stmt->execute(array(
- ':username' => $name
- ));
- $stmt = $pdo->prepare("DELETE FROM `sogo_user_profile` WHERE `c_uid` = :username");
- $stmt->execute(array(
- ':username' => $name
- ));
- $stmt = $pdo->prepare("DELETE FROM `sogo_cache_folder` WHERE `c_uid` = :username");
- $stmt->execute(array(
- ':username' => $name
- ));
- $stmt = $pdo->prepare("DELETE FROM `sogo_acl` WHERE `c_object` LIKE '%/" . $name . "/%' OR `c_uid` = :username");
- $stmt->execute(array(
- ':username' => $name
- ));
- $stmt = $pdo->prepare("DELETE FROM `sogo_store` WHERE `c_folder_id` IN (SELECT `c_folder_id` FROM `sogo_folder_info` WHERE `c_path2` = :username)");
- $stmt->execute(array(
- ':username' => $name
- ));
- $stmt = $pdo->prepare("DELETE FROM `sogo_quick_contact` WHERE `c_folder_id` IN (SELECT `c_folder_id` FROM `sogo_folder_info` WHERE `c_path2` = :username)");
- $stmt->execute(array(
- ':username' => $name
- ));
- $stmt = $pdo->prepare("DELETE FROM `sogo_quick_appointment` WHERE `c_folder_id` IN (SELECT `c_folder_id` FROM `sogo_folder_info` WHERE `c_path2` = :username)");
- $stmt->execute(array(
- ':username' => $name
- ));
- $stmt = $pdo->prepare("DELETE FROM `sogo_folder_info` WHERE `c_path2` = :username");
- $stmt->execute(array(
- ':username' => $name
- ));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('mysql_error', $e)
- );
- return false;
+ continue;
}
+ $stmt = $pdo->prepare("DELETE FROM `mailbox` WHERE `username` = :username");
+ $stmt->execute(array(
+ ':username' => $name
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `sogo_user_profile` WHERE `c_uid` = :username");
+ $stmt->execute(array(
+ ':username' => $name
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `sogo_cache_folder` WHERE `c_uid` = :username");
+ $stmt->execute(array(
+ ':username' => $name
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `sogo_acl` WHERE `c_object` LIKE '%/" . $name . "/%' OR `c_uid` = :username");
+ $stmt->execute(array(
+ ':username' => $name
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `sogo_store` WHERE `c_folder_id` IN (SELECT `c_folder_id` FROM `sogo_folder_info` WHERE `c_path2` = :username)");
+ $stmt->execute(array(
+ ':username' => $name
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `sogo_quick_contact` WHERE `c_folder_id` IN (SELECT `c_folder_id` FROM `sogo_folder_info` WHERE `c_path2` = :username)");
+ $stmt->execute(array(
+ ':username' => $name
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `sogo_quick_appointment` WHERE `c_folder_id` IN (SELECT `c_folder_id` FROM `sogo_folder_info` WHERE `c_path2` = :username)");
+ $stmt->execute(array(
+ ':username' => $name
+ ));
+ $stmt = $pdo->prepare("DELETE FROM `sogo_folder_info` WHERE `c_path2` = :username");
+ $stmt->execute(array(
+ ':username' => $name
+ ));
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+ 'msg' => array('resource_removed', htmlspecialchars($name))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
- 'msg' => array('resource_removed', htmlspecialchars(implode(', ', $names)))
- );
break;
}
break;
@@ -4146,4 +3497,4 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
if ($_action != 'get' && in_array($_type, array('domain', 'alias', 'alias_domain', 'mailbox'))) {
update_sogo_static_view();
}
-}
+}
\ No newline at end of file
diff --git a/data/web/inc/functions.policy.inc.php b/data/web/inc/functions.policy.inc.php
index 6bc2f780..c8526169 100644
--- a/data/web/inc/functions.policy.inc.php
+++ b/data/web/inc/functions.policy.inc.php
@@ -11,7 +11,7 @@ function policy($_action, $_scope, $_data = null) {
$object = $_data['domain'];
if (is_valid_domain_name($object)) {
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
'msg' => 'access_denied'
@@ -21,7 +21,7 @@ function policy($_action, $_scope, $_data = null) {
$object = idn_to_ascii(strtolower(trim($object)));
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
'msg' => 'access_denied'
@@ -36,7 +36,7 @@ function policy($_action, $_scope, $_data = null) {
}
$object_from = preg_replace('/\.+/', '.', rtrim(preg_replace("/\.\*/", "*", trim(strtolower($_data['object_from']))), '.'));
if (!ctype_alnum(str_replace(array('@', '_', '.', '-', '*'), '', $object_from))) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
'msg' => 'policy_list_from_invalid'
@@ -44,55 +44,37 @@ function policy($_action, $_scope, $_data = null) {
return false;
}
if ($object_list != "blacklist_from" && $object_list != "whitelist_from") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
'msg' => 'access_denied'
);
return false;
}
- try {
- $stmt = $pdo->prepare("SELECT `object` FROM `filterconf`
- WHERE (`option` = 'whitelist_from' OR `option` = 'blacklist_from')
- AND `object` = :object
- AND `value` = :object_from");
- $stmt->execute(array(':object' => $object, ':object_from' => $object_from));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- if ($num_results != 0) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
- 'msg' => 'policy_list_from_exists'
- );
- return false;
- }
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
+ $stmt = $pdo->prepare("SELECT `object` FROM `filterconf`
+ WHERE (`option` = 'whitelist_from' OR `option` = 'blacklist_from')
+ AND `object` = :object
+ AND `value` = :object_from");
+ $stmt->execute(array(':object' => $object, ':object_from' => $object_from));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+ if ($num_results != 0) {
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
- 'msg' => array('mysql_error', $e)
+ 'msg' => 'policy_list_from_exists'
);
return false;
}
- try {
- $stmt = $pdo->prepare("INSERT INTO `filterconf` (`object`, `option` ,`value`)
- VALUES (:object, :object_list, :object_from)");
- $stmt->execute(array(
- ':object' => $object,
- ':object_list' => $object_list,
- ':object_from' => $object_from
- ));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
- $_SESSION['return'] = array(
+
+ $stmt = $pdo->prepare("INSERT INTO `filterconf` (`object`, `option` ,`value`)
+ VALUES (:object, :object_list, :object_from)");
+ $stmt->execute(array(
+ ':object' => $object,
+ ':object_list' => $object_list,
+ ':object_from' => $object_from
+ ));
+
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
'msg' => array('domain_modified', $object)
@@ -101,7 +83,7 @@ function policy($_action, $_scope, $_data = null) {
case 'mailbox':
$object = $_data['username'];
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
'msg' => 'access_denied'
@@ -109,7 +91,7 @@ function policy($_action, $_scope, $_data = null) {
return false;
}
if (!isset($_SESSION['acl']['spam_policy']) || $_SESSION['acl']['spam_policy'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
'msg' => 'access_denied'
@@ -124,7 +106,7 @@ function policy($_action, $_scope, $_data = null) {
}
$object_from = preg_replace('/\.+/', '.', rtrim(preg_replace("/\.\*/", "*", trim(strtolower($_data['object_from']))), '.'));
if (!ctype_alnum(str_replace(array('@', '_', '.', '-', '*'), '', $object_from))) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
'msg' => 'policy_list_from_invalid'
@@ -132,55 +114,35 @@ function policy($_action, $_scope, $_data = null) {
return false;
}
if ($object_list != "blacklist_from" && $object_list != "whitelist_from") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
'msg' => 'access_denied'
);
return false;
}
- try {
- $stmt = $pdo->prepare("SELECT `object` FROM `filterconf`
- WHERE (`option` = 'whitelist_from' OR `option` = 'blacklist_from')
- AND `object` = :object
- AND `value` = :object_from");
- $stmt->execute(array(':object' => $object, ':object_from' => $object_from));
- $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
- if ($num_results != 0) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
- 'msg' => 'policy_list_from_exists'
- );
- return false;
- }
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
+ $stmt = $pdo->prepare("SELECT `object` FROM `filterconf`
+ WHERE (`option` = 'whitelist_from' OR `option` = 'blacklist_from')
+ AND `object` = :object
+ AND `value` = :object_from");
+ $stmt->execute(array(':object' => $object, ':object_from' => $object_from));
+ $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
+ if ($num_results != 0) {
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
- 'msg' => array('mysql_error', $e)
+ 'msg' => 'policy_list_from_exists'
);
return false;
}
- try {
- $stmt = $pdo->prepare("INSERT INTO `filterconf` (`object`, `option` ,`value`)
- VALUES (:object, :object_list, :object_from)");
- $stmt->execute(array(
- ':object' => $object,
- ':object_list' => $object_list,
- ':object_from' => $object_from
- ));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
- $_SESSION['return'] = array(
+ $stmt = $pdo->prepare("INSERT INTO `filterconf` (`object`, `option` ,`value`)
+ VALUES (:object, :object_list, :object_from)");
+ $stmt->execute(array(
+ ':object' => $object,
+ ':object_list' => $object_list,
+ ':object_from' => $object_from
+ ));
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
'msg' => array('mailbox_modified', $object)
@@ -194,43 +156,34 @@ function policy($_action, $_scope, $_data = null) {
(array)$prefids = $_data['prefid'];
foreach ($prefids as $prefid) {
if (!is_numeric($prefid)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
'msg' => 'access_denied'
);
- return false;
- }
- try {
- $stmt = $pdo->prepare("SELECT `object` FROM `filterconf` WHERE `prefid` = :prefid");
- $stmt->execute(array(':prefid' => $prefid));
- $object = $stmt->fetch(PDO::FETCH_ASSOC)['object'];
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
- 'msg' => array('mysql_error', $e)
- );
+ continue;
}
+ $stmt = $pdo->prepare("SELECT `object` FROM `filterconf` WHERE `prefid` = :prefid");
+ $stmt->execute(array(':prefid' => $prefid));
+ $object = $stmt->fetch(PDO::FETCH_ASSOC)['object'];
if (is_valid_domain_name($object)) {
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
$object = idn_to_ascii(strtolower(trim($object)));
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
try {
$stmt = $pdo->prepare("DELETE FROM `filterconf` WHERE `object` = :object AND `prefid` = :prefid");
@@ -240,19 +193,19 @@ function policy($_action, $_scope, $_data = null) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
'msg' => array('mysql_error', $e)
);
- return false;
+ continue;
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
+ 'msg' => array('item_deleted',$prefid)
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
- 'msg' => array('items_deleted', implode(', ', $prefids))
- );
break;
case 'mailbox':
if (!is_array($_data['prefid'])) {
@@ -263,7 +216,7 @@ function policy($_action, $_scope, $_data = null) {
$prefids = $_data['prefid'];
}
if (!isset($_SESSION['acl']['spam_policy']) || $_SESSION['acl']['spam_policy'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
'msg' => 'access_denied'
@@ -272,32 +225,23 @@ function policy($_action, $_scope, $_data = null) {
}
foreach ($prefids as $prefid) {
if (!is_numeric($prefid)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
'msg' => 'access_denied'
);
- return false;
- }
- try {
- $stmt = $pdo->prepare("SELECT `object` FROM `filterconf` WHERE `prefid` = :prefid");
- $stmt->execute(array(':prefid' => $prefid));
- $object = $stmt->fetch(PDO::FETCH_ASSOC)['object'];
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
- 'msg' => array('mysql_error', $e)
- );
+ continue;
}
+ $stmt = $pdo->prepare("SELECT `object` FROM `filterconf` WHERE `prefid` = :prefid");
+ $stmt->execute(array(':prefid' => $prefid));
+ $object = $stmt->fetch(PDO::FETCH_ASSOC)['object'];
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
try {
$stmt = $pdo->prepare("DELETE FROM `filterconf` WHERE `object` = :object AND `prefid` = :prefid");
@@ -307,19 +251,19 @@ function policy($_action, $_scope, $_data = null) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
'msg' => array('mysql_error', $e)
);
- return false;
+ continue;
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
+ 'msg' => array('items_deleted', implode(', ', $prefids))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
- 'msg' => array('items_deleted', implode(', ', $prefids))
- );
break;
}
break;
@@ -335,23 +279,16 @@ function policy($_action, $_scope, $_data = null) {
}
$_data = idn_to_ascii(strtolower(trim($_data)));
}
- try {
- // WHITELIST
- $stmt = $pdo->prepare("SELECT `object`, `value`, `prefid` FROM `filterconf` WHERE `option`='whitelist_from' AND (`object` LIKE :object_mail OR `object` = :object_domain)");
- $stmt->execute(array(':object_mail' => '%@' . $_data, ':object_domain' => $_data));
- $rows['whitelist'] = $stmt->fetchAll(PDO::FETCH_ASSOC);
- // BLACKLIST
- $stmt = $pdo->prepare("SELECT `object`, `value`, `prefid` FROM `filterconf` WHERE `option`='blacklist_from' AND (`object` LIKE :object_mail OR `object` = :object_domain)");
- $stmt->execute(array(':object_mail' => '%@' . $_data, ':object_domain' => $_data));
- $rows['blacklist'] = $stmt->fetchAll(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
- 'msg' => array('mysql_error', $e)
- );
- }
+
+ // WHITELIST
+ $stmt = $pdo->prepare("SELECT `object`, `value`, `prefid` FROM `filterconf` WHERE `option`='whitelist_from' AND (`object` LIKE :object_mail OR `object` = :object_domain)");
+ $stmt->execute(array(':object_mail' => '%@' . $_data, ':object_domain' => $_data));
+ $rows['whitelist'] = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ // BLACKLIST
+ $stmt = $pdo->prepare("SELECT `object`, `value`, `prefid` FROM `filterconf` WHERE `option`='blacklist_from' AND (`object` LIKE :object_mail OR `object` = :object_domain)");
+ $stmt->execute(array(':object_mail' => '%@' . $_data, ':object_domain' => $_data));
+ $rows['blacklist'] = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
return $rows;
break;
case 'mailbox':
@@ -367,23 +304,14 @@ function policy($_action, $_scope, $_data = null) {
if (empty($domain)) {
return false;
}
- try {
- // WHITELIST
- $stmt = $pdo->prepare("SELECT `object`, `value`, `prefid` FROM `filterconf` WHERE `option`='whitelist_from' AND (`object` = :username OR `object` = :domain)");
- $stmt->execute(array(':username' => $_data, ':domain' => $domain));
- $rows['whitelist'] = $stmt->fetchAll(PDO::FETCH_ASSOC);
- // BLACKLIST
- $stmt = $pdo->prepare("SELECT `object`, `value`, `prefid` FROM `filterconf` WHERE `option`='blacklist_from' AND (`object` = :username OR `object` = :domain)");
- $stmt->execute(array(':username' => $_data, ':domain' => $domain));
- $rows['blacklist'] = $stmt->fetchAll(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
- 'msg' => array('mysql_error', $e)
- );
- }
+ // WHITELIST
+ $stmt = $pdo->prepare("SELECT `object`, `value`, `prefid` FROM `filterconf` WHERE `option`='whitelist_from' AND (`object` = :username OR `object` = :domain)");
+ $stmt->execute(array(':username' => $_data, ':domain' => $domain));
+ $rows['whitelist'] = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ // BLACKLIST
+ $stmt = $pdo->prepare("SELECT `object`, `value`, `prefid` FROM `filterconf` WHERE `option`='blacklist_from' AND (`object` = :username OR `object` = :domain)");
+ $stmt->execute(array(':username' => $_data, ':domain' => $domain));
+ $rows['blacklist'] = $stmt->fetchAll(PDO::FETCH_ASSOC);
return $rows;
break;
}
diff --git a/data/web/inc/functions.quarantine.inc.php b/data/web/inc/functions.quarantine.inc.php
index 865a0f08..c92a2cdd 100644
--- a/data/web/inc/functions.quarantine.inc.php
+++ b/data/web/inc/functions.quarantine.inc.php
@@ -14,7 +14,7 @@ function quarantine($_action, $_data = null) {
$ids = $_data['id'];
}
if (!isset($_SESSION['acl']['quarantine']) || $_SESSION['acl']['quarantine'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
@@ -23,59 +23,40 @@ function quarantine($_action, $_data = null) {
}
foreach ($ids as $id) {
if (!is_numeric($id)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
- try {
- $stmt = $pdo->prepare('SELECT `rcpt` FROM `quarantine` WHERE `id` = :id');
- $stmt->execute(array(':id' => $id));
- $row = $stmt->fetch(PDO::FETCH_ASSOC);
- if (hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $row['rcpt'])) {
- try {
- $stmt = $pdo->prepare("DELETE FROM `quarantine` WHERE `id` = :id");
- $stmt->execute(array(
- ':id' => $id
- ));
- }
- catch (PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('mysql_error', $e)
- );
- return false;
- }
- }
- else {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => 'access_denied'
- );
- return false;
- }
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
+ $stmt = $pdo->prepare('SELECT `rcpt` FROM `quarantine` WHERE `id` = :id');
+ $stmt->execute(array(':id' => $id));
+ $row = $stmt->fetch(PDO::FETCH_ASSOC);
+ if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $row['rcpt']) && $_SESSION['mailcow_cc_role'] != 'admin') {
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('mysql_error', $e)
+ 'msg' => 'access_denied'
);
+ continue;
}
+ else {
+ $stmt = $pdo->prepare("DELETE FROM `quarantine` WHERE `id` = :id");
+ $stmt->execute(array(
+ ':id' => $id
+ ));
+ }
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_data_log),
+ 'msg' => array('item_deleted', $id)
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('items_deleted', implode(', ', $ids))
- );
break;
case 'edit':
if (!isset($_SESSION['acl']['quarantine']) || $_SESSION['acl']['quarantine'] != "1" ) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
@@ -85,7 +66,7 @@ function quarantine($_action, $_data = null) {
// Edit settings
if ($_data['action'] == 'settings') {
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
@@ -101,14 +82,14 @@ function quarantine($_action, $_data = null) {
$redis->Set('Q_EXCLUDE_DOMAINS', json_encode($exclude_domains));
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('redis_error', $e)
);
return false;
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'saved_settings'
@@ -125,31 +106,22 @@ function quarantine($_action, $_data = null) {
}
foreach ($ids as $id) {
if (!is_numeric($id)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
);
- return false;
+ continue;
}
- try {
- $stmt = $pdo->prepare('SELECT `msg`, `qid`, `sender`, `rcpt` FROM `quarantine` WHERE `id` = :id');
- $stmt->execute(array(':id' => $id));
- $row = $stmt->fetch(PDO::FETCH_ASSOC);
- if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $row['rcpt'])) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'msg' => 'access_denied'
- );
- return false;
- }
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
+ $stmt = $pdo->prepare('SELECT `msg`, `qid`, `sender`, `rcpt` FROM `quarantine` WHERE `id` = :id');
+ $stmt->execute(array(':id' => $id));
+ $row = $stmt->fetch(PDO::FETCH_ASSOC);
+ if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $row['rcpt'])) {
+ $_SESSION['return'][] = array(
'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('mysql_error', $e)
+ 'msg' => 'access_denied'
);
+ continue;
}
$sender = (isset($row['sender'])) ? $row['sender'] : 'sender-unknown@rspamd';
try {
@@ -170,12 +142,12 @@ function quarantine($_action, $_data = null) {
$postfix = 'postfix';
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'warning',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('release_send_failed', 'Cannot determine Postfix host')
);
- return false;
+ continue;
}
$mail->Host = $postfix;
$mail->Port = 590;
@@ -193,12 +165,12 @@ function quarantine($_action, $_data = null) {
}
catch (phpmailerException $e) {
unlink($msg_tmpf);
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'warning',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('release_send_failed', $e->errorMessage())
);
- return false;
+ continue;
}
try {
$stmt = $pdo->prepare("DELETE FROM `quarantine` WHERE `id` = :id");
@@ -207,63 +179,179 @@ function quarantine($_action, $_data = null) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('mysql_error', $e)
);
- return false;
+ continue;
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_data_log),
+ 'msg' => array('item_released', $id)
+ );
+ }
+ }
+ elseif ($_data['action'] == 'learnspam') {
+ if (!is_array($_data['id'])) {
+ $ids = array();
+ $ids[] = $_data['id'];
+ }
+ else {
+ $ids = $_data['id'];
+ }
+ foreach ($ids as $id) {
+ if (!is_numeric($id)) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_data_log),
+ 'msg' => 'access_denied'
+ );
+ continue;
+ }
+ $stmt = $pdo->prepare('SELECT `msg`, `rcpt` FROM `quarantine` WHERE `id` = :id');
+ $stmt->execute(array(':id' => $id));
+ $row = $stmt->fetch(PDO::FETCH_ASSOC);
+ if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $row['rcpt']) && $_SESSION['mailcow_cc_role'] != 'admin') {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'msg' => 'access_denied'
+ );
+ continue;
+ }
+ $curl = curl_init();
+ curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/rspamd-sock/rspamd.sock');
+ curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
+ curl_setopt($curl, CURLOPT_POST, 1);
+ curl_setopt($curl, CURLOPT_TIMEOUT, 30);
+ curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: text/plain'));
+ curl_setopt($curl, CURLOPT_URL,"http://rspamd/learnspam");
+ curl_setopt($curl, CURLOPT_POSTFIELDS, $row['msg']);
+ $response = curl_exec($curl);
+ if (!curl_errno($curl)) {
+ $response = json_decode($response, true);
+ if (isset($response['error'])) {
+ if (stripos($response['error'], 'already learned') === false) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__),
+ 'msg' => array('spam_learn_error', $response['error'])
+ );
+ continue;
+ }
+ }
+ curl_close($curl);
+ $curl = curl_init();
+ curl_setopt($curl, CURLOPT_UNIX_SOCKET_PATH, '/rspamd-sock/rspamd.sock');
+ curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
+ curl_setopt($curl, CURLOPT_POST, 1);
+ curl_setopt($curl, CURLOPT_TIMEOUT, 30);
+ curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: text/plain', 'Flag: 11'));
+ curl_setopt($curl, CURLOPT_URL,"http://rspamd/fuzzyadd");
+ curl_setopt($curl, CURLOPT_POSTFIELDS, $row['msg']);
+ $response = curl_exec($curl);
+ if (!curl_errno($curl)) {
+ $response = json_decode($response, true);
+ if (isset($response['error'])) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__),
+ 'msg' => array('fuzzy_learn_error', $response['error'])
+ );
+ continue;
+ }
+ curl_close($curl);
+ try {
+ $stmt = $pdo->prepare("DELETE FROM `quarantine` WHERE `id` = :id");
+ $stmt->execute(array(
+ ':id' => $id
+ ));
+ }
+ catch (PDOException $e) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__, $_action, $_data_log),
+ 'msg' => array('mysql_error', $e)
+ );
+ continue;
+ }
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__),
+ 'msg' => 'qlearn_spam'
+ );
+ continue;
+ }
+ else {
+ curl_close($curl);
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__),
+ 'msg' => array('spam_learn_error', 'curl error ' . curl_errno($curl))
+ );
+ continue;
+ }
+ curl_close($curl);
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__),
+ 'msg' => array('learn_spam_error', 'unknown')
+ );
+ continue;
+ }
+ else {
+ curl_close($curl);
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__),
+ 'msg' => array('spam_learn_error', 'curl error ' . curl_errno($curl))
+ );
+ continue;
+ }
+ curl_close($curl);
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__),
+ 'msg' => array('learn_spam_error', 'unknown')
+ );
+ continue;
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => 'items_released'
- );
}
return true;
break;
case 'get':
- try {
- if ($_SESSION['mailcow_cc_role'] == "user") {
- $stmt = $pdo->prepare('SELECT `id`, `qid`, `rcpt`, `sender`, UNIX_TIMESTAMP(`created`) AS `created` FROM `quarantine` WHERE `rcpt` = :mbox');
- $stmt->execute(array(':mbox' => $_SESSION['mailcow_cc_username']));
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while($row = array_shift($rows)) {
- $q_meta[] = $row;
- }
- }
- elseif ($_SESSION['mailcow_cc_role'] == "admin") {
- $stmt = $pdo->query('SELECT `id`, `qid`, `rcpt`, `sender`, UNIX_TIMESTAMP(`created`) AS `created` FROM `quarantine`');
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while($row = array_shift($rows)) {
- $q_meta[] = $row;
- }
- }
- else {
- $domains = array_merge(mailbox('get', 'domains'), mailbox('get', 'alias_domains'));
- foreach ($domains as $domain) {
- $stmt = $pdo->prepare('SELECT `id`, `qid`, `rcpt`, `sender`, UNIX_TIMESTAMP(`created`) AS `created` FROM `quarantine` WHERE `rcpt` REGEXP :domain');
- $stmt->execute(array(':domain' => '@' . $domain . '$'));
- $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
- while($row = array_shift($rows)) {
- $q_meta[] = $row;
- }
- }
+ if ($_SESSION['mailcow_cc_role'] == "user") {
+ $stmt = $pdo->prepare('SELECT `id`, `qid`, `rcpt`, `sender`, UNIX_TIMESTAMP(`created`) AS `created` FROM `quarantine` WHERE `rcpt` = :mbox');
+ $stmt->execute(array(':mbox' => $_SESSION['mailcow_cc_username']));
+ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while($row = array_shift($rows)) {
+ $q_meta[] = $row;
}
}
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('mysql_error', $e)
- );
+ elseif ($_SESSION['mailcow_cc_role'] == "admin") {
+ $stmt = $pdo->query('SELECT `id`, `qid`, `rcpt`, `sender`, UNIX_TIMESTAMP(`created`) AS `created` FROM `quarantine`');
+ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while($row = array_shift($rows)) {
+ $q_meta[] = $row;
+ }
+ }
+ else {
+ $domains = array_merge(mailbox('get', 'domains'), mailbox('get', 'alias_domains'));
+ foreach ($domains as $domain) {
+ $stmt = $pdo->prepare('SELECT `id`, `qid`, `rcpt`, `sender`, UNIX_TIMESTAMP(`created`) AS `created` FROM `quarantine` WHERE `rcpt` REGEXP :domain');
+ $stmt->execute(array(':domain' => '@' . $domain . '$'));
+ $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ while($row = array_shift($rows)) {
+ $q_meta[] = $row;
+ }
+ }
}
return $q_meta;
break;
case 'settings':
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
@@ -276,7 +364,7 @@ function quarantine($_action, $_data = null) {
$settings['retention_size'] = $redis->Get('Q_RETENTION_SIZE');
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('redis_error', $e)
@@ -289,21 +377,11 @@ function quarantine($_action, $_data = null) {
if (!is_numeric($_data) || empty($_data)) {
return false;
}
- try {
- $stmt = $pdo->prepare('SELECT `rcpt`, `symbols`, `msg`, `domain` FROM `quarantine` WHERE `id`= :id');
- $stmt->execute(array(':id' => $_data));
- $row = $stmt->fetch(PDO::FETCH_ASSOC);
- if (hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $row['rcpt'])) {
- return $row;
- }
- return false;
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('mysql_error', $e)
- );
+ $stmt = $pdo->prepare('SELECT `rcpt`, `symbols`, `msg`, `domain` FROM `quarantine` WHERE `id`= :id');
+ $stmt->execute(array(':id' => $_data));
+ $row = $stmt->fetch(PDO::FETCH_ASSOC);
+ if (hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $row['rcpt'])) {
+ return $row;
}
return false;
break;
diff --git a/data/web/inc/functions.relayhost.inc.php b/data/web/inc/functions.relayhost.inc.php
index 8faad80a..a3e1ffda 100644
--- a/data/web/inc/functions.relayhost.inc.php
+++ b/data/web/inc/functions.relayhost.inc.php
@@ -6,7 +6,7 @@ function relayhost($_action, $_data = null) {
switch ($_action) {
case 'add':
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
@@ -17,7 +17,7 @@ function relayhost($_action, $_data = null) {
$username = str_replace(':', '\:', trim($_data['username']));
$password = str_replace(':', '\:', trim($_data['password']));
if (empty($hostname)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('invalid_host', htmlspecialchars($host))
@@ -35,14 +35,14 @@ function relayhost($_action, $_data = null) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('mysql_error', $e)
);
return false;
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('relayhost_added', htmlspecialchars(implode(', ', $hosts)))
@@ -50,7 +50,7 @@ function relayhost($_action, $_data = null) {
break;
case 'edit':
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
@@ -67,12 +67,12 @@ function relayhost($_action, $_data = null) {
$active = (isset($_data['active'])) ? intval($_data['active']) : $is_now['active_int'];
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => 'relayhost_invalid'
+ 'msg' => array('relayhost_invalid', $id)
);
- return false;
+ continue;
}
try {
$stmt = $pdo->prepare("UPDATE `relayhosts` SET
@@ -90,23 +90,23 @@ function relayhost($_action, $_data = null) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('mysql_error', $e)
);
- return false;
+ continue;
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_data_log),
+ 'msg' => array('object_modified', htmlspecialchars(implode(', ', $hostnames)))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('object_modified', htmlspecialchars(implode(', ', $hostnames)))
- );
break;
case 'delete':
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
@@ -122,36 +122,27 @@ function relayhost($_action, $_data = null) {
$stmt->execute(array(':id' => $id));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('mysql_error', $e)
);
- return false;
+ continue;
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_data_log),
+ 'msg' => array('relayhost_removed', htmlspecialchars($id))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('relayhost_removed', htmlspecialchars(implode(', ', $hostnames)))
- );
break;
case 'get':
if ($_SESSION['mailcow_cc_role'] != "admin") {
return false;
}
$relayhosts = array();
- try {
- $stmt = $pdo->query("SELECT `id`, `hostname`, `username` FROM `relayhosts`");
- $relayhosts = $stmt->fetchAll(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('mysql_error', $e)
- );
- }
+ $stmt = $pdo->query("SELECT `id`, `hostname`, `username` FROM `relayhosts`");
+ $relayhosts = $stmt->fetchAll(PDO::FETCH_ASSOC);
return $relayhosts;
break;
case 'details':
@@ -159,33 +150,23 @@ function relayhost($_action, $_data = null) {
return false;
}
$relayhostdata = array();
- try {
- $stmt = $pdo->prepare("SELECT `id`,
- `hostname`,
- `username`,
- `password`,
- `active` AS `active_int`,
- CONCAT(LEFT(`password`, 3), '...') AS `password_short`,
- CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`
- FROM `relayhosts`
- WHERE `id` = :id");
+ $stmt = $pdo->prepare("SELECT `id`,
+ `hostname`,
+ `username`,
+ `password`,
+ `active` AS `active_int`,
+ CONCAT(LEFT(`password`, 3), '...') AS `password_short`,
+ CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`
+ FROM `relayhosts`
+ WHERE `id` = :id");
+ $stmt->execute(array(':id' => $_data));
+ $relayhostdata = $stmt->fetch(PDO::FETCH_ASSOC);
+ if (!empty($relayhostdata)) {
+ $stmt = $pdo->prepare("SELECT GROUP_CONCAT(`domain` SEPARATOR ', ') AS `used_by_domains` FROM `domain` WHERE `relayhost` = :id");
$stmt->execute(array(':id' => $_data));
- $relayhostdata = $stmt->fetch(PDO::FETCH_ASSOC);
-
- if (!empty($relayhostdata)) {
- $stmt = $pdo->prepare("SELECT GROUP_CONCAT(`domain` SEPARATOR ', ') AS `used_by_domains` FROM `domain` WHERE `relayhost` = :id");
- $stmt->execute(array(':id' => $_data));
- $used_by_domains = $stmt->fetch(PDO::FETCH_ASSOC)['used_by_domains'];
- $used_by_domains = (empty($used_by_domains)) ? '' : $used_by_domains;
- $relayhostdata['used_by_domains'] = $used_by_domains;
- }
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('mysql_error', $e)
- );
+ $used_by_domains = $stmt->fetch(PDO::FETCH_ASSOC)['used_by_domains'];
+ $used_by_domains = (empty($used_by_domains)) ? '' : $used_by_domains;
+ $relayhostdata['used_by_domains'] = $used_by_domains;
}
return $relayhostdata;
break;
diff --git a/data/web/inc/functions.rsettings.inc.php b/data/web/inc/functions.rsettings.inc.php
index 9f13a4c3..fbf8922b 100644
--- a/data/web/inc/functions.rsettings.inc.php
+++ b/data/web/inc/functions.rsettings.inc.php
@@ -6,7 +6,7 @@ function rsettings($_action, $_data = null) {
switch ($_action) {
case 'add':
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
@@ -17,7 +17,7 @@ function rsettings($_action, $_data = null) {
$desc = $_data['desc'];
$active = intval($_data['active']);
if (empty($content)) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'map_content_empty'
@@ -34,14 +34,14 @@ function rsettings($_action, $_data = null) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('mysql_error', $e)
);
return false;
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'settings_map_added'
@@ -49,7 +49,7 @@ function rsettings($_action, $_data = null) {
break;
case 'edit':
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
@@ -65,12 +65,12 @@ function rsettings($_action, $_data = null) {
$active = (isset($_data['active'])) ? intval($_data['active']) : $is_now['active_int'];
}
else {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => 'settings_map_invalid'
+ 'msg' => array('settings_map_invalid', $id)
);
- return false;
+ continue;
}
$content = trim($content);
try {
@@ -87,23 +87,23 @@ function rsettings($_action, $_data = null) {
));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('mysql_error', $e)
);
- return false;
+ continue;
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_data_log),
+ 'msg' => array('object_modified', htmlspecialchars($ids))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('object_modified', htmlspecialchars(implode(', ', $ids)))
- );
break;
case 'delete':
if ($_SESSION['mailcow_cc_role'] != "admin") {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => 'access_denied'
@@ -117,36 +117,27 @@ function rsettings($_action, $_data = null) {
$stmt->execute(array(':id' => $id));
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_data_log),
'msg' => array('mysql_error', $e)
);
return false;
}
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array(__FUNCTION__, $_action, $_data_log),
+ 'msg' => array('settings_map_removed', htmlspecialchars($id))
+ );
}
- $_SESSION['return'] = array(
- 'type' => 'success',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('settings_map_removed', htmlspecialchars(implode(', ', $ids)))
- );
break;
case 'get':
if ($_SESSION['mailcow_cc_role'] != "admin") {
return false;
}
$settingsmaps = array();
- try {
- $stmt = $pdo->query("SELECT `id`, `desc`, `active` FROM `settingsmap`");
- $settingsmaps = $stmt->fetchAll(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('mysql_error', $e)
- );
- }
+ $stmt = $pdo->query("SELECT `id`, `desc`, `active` FROM `settingsmap`");
+ $settingsmaps = $stmt->fetchAll(PDO::FETCH_ASSOC);
return $settingsmaps;
break;
case 'details':
@@ -154,24 +145,15 @@ function rsettings($_action, $_data = null) {
return false;
}
$settingsmapdata = array();
- try {
- $stmt = $pdo->prepare("SELECT `id`,
- `desc`,
- `content`,
- `active` AS `active_int`,
- CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`
- FROM `settingsmap`
- WHERE `id` = :id");
- $stmt->execute(array(':id' => $_data));
- $settingsmapdata = $stmt->fetch(PDO::FETCH_ASSOC);
- }
- catch(PDOException $e) {
- $_SESSION['return'] = array(
- 'type' => 'danger',
- 'log' => array(__FUNCTION__, $_action, $_data_log),
- 'msg' => array('mysql_error', $e)
- );
- }
+ $stmt = $pdo->prepare("SELECT `id`,
+ `desc`,
+ `content`,
+ `active` AS `active_int`,
+ CASE `active` WHEN 1 THEN '".$lang['mailbox']['yes']."' ELSE '".$lang['mailbox']['no']."' END AS `active`
+ FROM `settingsmap`
+ WHERE `id` = :id");
+ $stmt->execute(array(':id' => $_data));
+ $settingsmapdata = $stmt->fetch(PDO::FETCH_ASSOC);
return $settingsmapdata;
break;
}
diff --git a/data/web/inc/init_db.inc.php b/data/web/inc/init_db.inc.php
index b938a56b..c99484d5 100644
--- a/data/web/inc/init_db.inc.php
+++ b/data/web/inc/init_db.inc.php
@@ -3,7 +3,7 @@ function init_db_schema() {
try {
global $pdo;
- $db_version = "05072018_2319";
+ $db_version = "10082018_2019";
$stmt = $pdo->query("SHOW TABLES LIKE 'versions'");
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
@@ -112,6 +112,7 @@ function init_db_schema() {
),
"alias" => array(
"cols" => array(
+ "id" => "INT NOT NULL AUTO_INCREMENT",
"address" => "VARCHAR(255) NOT NULL",
"goto" => "TEXT NOT NULL",
"domain" => "VARCHAR(255) NOT NULL",
@@ -121,7 +122,10 @@ function init_db_schema() {
),
"keys" => array(
"primary" => array(
- "" => array("address")
+ "" => array("id")
+ ),
+ "unique" => array(
+ "address" => array("address")
),
"key" => array(
"domain" => array("domain")
@@ -366,6 +370,7 @@ function init_db_schema() {
"logs" => array(
"cols" => array(
"id" => "INT NOT NULL AUTO_INCREMENT",
+ "task" => "CHAR(32) NOT NULL DEFAULT '000000'",
"type" => "VARCHAR(32) DEFAULT ''",
"msg" => "TEXT",
"call" => "TEXT",
@@ -754,6 +759,8 @@ function init_db_schema() {
if ($num_results == 0) {
if (strpos($type, 'AUTO_INCREMENT') !== false) {
$type = $type . ' PRIMARY KEY ';
+ // Adding an AUTO_INCREMENT key, need to drop primary keys first
+ $pdo->query("ALTER TABLE `" . $table . "` DROP PRIMARY KEY");
}
$pdo->query("ALTER TABLE `" . $table . "` ADD `" . $column . "` " . $type);
}
@@ -933,7 +940,7 @@ DELIMITER ;';
WHERE `username` = :username");
$stmt->execute(array(':tls_enforce_in' => $tls_options['tls_enforce_in'], ':tls_enforce_out' => $tls_options['tls_enforce_out'], ':username' => $tls_user));
}
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__),
'msg' => 'db_init_complete'
@@ -943,7 +950,7 @@ DELIMITER ;';
$stmt = $pdo->query("INSERT INTO `user_acl` (`username`) SELECT `username` FROM `mailbox` WHERE `kind` = '' AND NOT EXISTS (SELECT `username` FROM `user_acl`);");
}
catch (PDOException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__),
'msg' => array('mysql_error', $e)
diff --git a/data/web/inc/prerequisites.inc.php b/data/web/inc/prerequisites.inc.php
index 1370155e..0ec41fab 100644
--- a/data/web/inc/prerequisites.inc.php
+++ b/data/web/inc/prerequisites.inc.php
@@ -51,6 +51,25 @@ catch (PDOException $e) {
<?php
exit;
}
+function pdo_exception_handler($e) {
+ if ($e instanceof PDOException) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__),
+ 'msg' => array('mysql_error', $e)
+ );
+ return false;
+ }
+ else {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'log' => array(__FUNCTION__),
+ 'msg' => array('mysql_error', 'unknown error')
+ );
+ return false;
+ }
+}
+set_exception_handler('pdo_exception_handler');
// TODO: Move function
function get_remote_ip($anonymize = null) {
diff --git a/data/web/inc/sessions.inc.php b/data/web/inc/sessions.inc.php
index fe1cdfa2..a3b81407 100644
--- a/data/web/inc/sessions.inc.php
+++ b/data/web/inc/sessions.inc.php
@@ -52,7 +52,7 @@ function session_check() {
return true;
}
if (!isset($_SESSION['SESS_REMOTE_UA']) || ($_SESSION['SESS_REMOTE_UA'] != $_SERVER['HTTP_USER_AGENT'])) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'warning',
'msg' => 'session_ua'
);
@@ -60,7 +60,7 @@ function session_check() {
}
if (!empty($_POST)) {
if ($_SESSION['CSRF']['TOKEN'] != $_POST['csrf_token']) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'warning',
'msg' => 'session_token'
);
diff --git a/data/web/js/api.js b/data/web/js/api.js
index 3f9bc4b7..2e770f7b 100644
--- a/data/web/js/api.js
+++ b/data/web/js/api.js
@@ -3,6 +3,10 @@ $(document).ready(function() {
if ($(elem).data('submitted') == '1') {
return true;
} else {
+ var parent_btn_grp = $(elem).parentsUntil(".btn-group").parent();
+ if (parent_btn_grp.hasClass('btn-group')) {
+ parent_btn_grp.replaceWith('<button class="btn btn-default btn-sm" disabled>' + loading_text + '</a>');
+ }
$(elem).text(loading_text);
$(elem).attr('data-submitted', '1');
function disableF5(e) { if ((e.which || e.keyCode) == 116 || (e.which || e.keyCode) == 82) e.preventDefault(); };
@@ -217,8 +221,23 @@ $(document).ready(function() {
var response = (data.responseText);
if (typeof response !== 'undefined' && response.length !== 0) {
response_obj = JSON.parse(response);
- if (response_obj.type == 'success') {
+ unset = true;
+ $.each(response_obj, function(i, v) {
+ if (v.type == "danger") {
+ unset = false;
+ }
+ });
+ if (unset === true) {
+ unset = null;
$('form').formcache('clear');
+ $('form').formcache('destroy');
+ var i = localStorage.length;
+ while(i--) {
+ var key = localStorage.key(i);
+ if(/formcache/.test(key)) {
+ localStorage.removeItem(key);
+ }
+ }
}
else {
var add_modal = $('.modal.in').attr('id');
diff --git a/data/web/js/debug.js b/data/web/js/debug.js
index 1a208628..37f45746 100644
--- a/data/web/js/debug.js
+++ b/data/web/js/debug.js
@@ -167,6 +167,7 @@ jQuery(function($){
"columns": [
{"name":"time","formatter":function unix_time_format(tm) { var date = new Date(tm ? tm * 1000 : 0); return date.toLocaleString();},"title":lang.time,"style":{"width":"170px"}},
{"name":"type","title":"Type"},
+ {"name":"task","title":"Task"},
{"name":"user","title":"User"},
{"name":"role","title":"Role"},
{"name":"remote","title":"IP"},
@@ -506,6 +507,7 @@ jQuery(function($){
$.each(data, function (i, item) {
if (item === null) { return true; }
item.user = escapeHtml(item.user);
+ item.task = '<code>' + item.task + '</code>';
item.type = '<span class="label label-' + item.type + '">' + item.type + '</span>';
});
} else if (table == 'general_syslog') {
diff --git a/data/web/js/mailbox.js b/data/web/js/mailbox.js
index 7d25c3f1..072eea63 100644
--- a/data/web/js/mailbox.js
+++ b/data/web/js/mailbox.js
@@ -594,6 +594,7 @@ jQuery(function($){
ft_alias_table = FooTable.init('#alias_table', {
"columns": [
{"name":"chkbox","title":"","style":{"maxWidth":"60px","width":"60px"},"filterable": false,"sortable": false,"type":"html"},
+ {"name":"id","title":"ID","style":{"maxWidth":"60px","width":"60px","text-align":"center"}},
{"sorted": true,"name":"address","title":lang.alias,"style":{"width":"250px"}},
{"name":"goto","title":lang.target_address},
{"name":"domain","title":lang.domain,"breakpoints":"xs sm"},
@@ -611,10 +612,10 @@ jQuery(function($){
success: function (data) {
$.each(data, function (i, item) {
item.action = '<div class="btn-group">' +
- '<a href="/edit.php?alias=' + encodeURIComponent(item.address) + '" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-pencil"></span> ' + lang.edit + '</a>' +
- '<a href="#" id="delete_selected" data-id="single-alias" data-api-url="delete/alias" data-item="' + encodeURIComponent(item.address) + '" class="btn btn-xs btn-danger"><span class="glyphicon glyphicon-trash"></span> ' + lang.remove + '</a>' +
+ '<a href="/edit.php?alias=' + encodeURIComponent(item.id) + '" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-pencil"></span> ' + lang.edit + '</a>' +
+ '<a href="#" id="delete_selected" data-id="single-alias" data-api-url="delete/alias" data-item="' + encodeURIComponent(item.id) + '" class="btn btn-xs btn-danger"><span class="glyphicon glyphicon-trash"></span> ' + lang.remove + '</a>' +
'</div>';
- item.chkbox = '<input type="checkbox" data-id="alias" name="multi_select" value="' + encodeURIComponent(item.address) + '" />';
+ item.chkbox = '<input type="checkbox" data-id="alias" name="multi_select" value="' + encodeURIComponent(item.id) + '" />';
item.goto = escapeHtml(item.goto.replace(/,/g, " "));
if (item.is_catch_all == 1) {
item.address = '<div class="label label-default">Catch-All</div> ' + escapeHtml(item.address);
diff --git a/data/web/json_api.php b/data/web/json_api.php
index c05e2b2c..bbf452f9 100644
--- a/data/web/json_api.php
+++ b/data/web/json_api.php
@@ -45,7 +45,7 @@ function api_log($_data) {
$redis->lPush('API_LOG', json_encode($log_line));
}
catch (RedisException $e) {
- $_SESSION['return'] = array(
+ $_SESSION['return'][] = array(
'type' => 'danger',
'msg' => 'Redis: '.$e
);
@@ -831,7 +831,7 @@ if (isset($_SESSION['mailcow_cc_role']) || isset($_SESSION['pending_mailcow_cc_u
}
switch ($category) {
case "alias":
- process_delete_return(mailbox('delete', 'alias', array('address' => $items)));
+ process_delete_return(mailbox('delete', 'alias', array('id' => $items)));
break;
case "relayhost":
process_delete_return(relayhost('delete', array('id' => $items)));
@@ -927,7 +927,7 @@ if (isset($_SESSION['mailcow_cc_role']) || isset($_SESSION['pending_mailcow_cc_u
process_edit_return(recipient_map('edit', array_merge(array('id' => $items), $attr)));
break;
case "alias":
- process_edit_return(mailbox('edit', 'alias', array_merge(array('address' => $items), $attr)));
+ process_edit_return(mailbox('edit', 'alias', array_merge(array('id' => $items), $attr)));
break;
case "app_links":
process_edit_return(customize('edit', 'app_links', $attr));
diff --git a/data/web/lang/lang.de.php b/data/web/lang/lang.de.php
index fc582cb5..3125f2ae 100644
--- a/data/web/lang/lang.de.php
+++ b/data/web/lang/lang.de.php
@@ -43,68 +43,71 @@ $lang['danger']['domain_cannot_match_hostname'] = "Domain darf nicht dem Hostnam
$lang['warning']['domain_added_sogo_failed'] = "Domain wurde hinzugefügt; SOGo konnte nicht neugestartet werden";
$lang['danger']['rl_timeframe'] = "Ratelimit Zeitraum ist inkorrekt";
$lang['success']['deleted_syncjobs'] = "Syncjobs gelöscht: %s";
+$lang['success']['deleted_syncjob'] = "Syncjobs ID %s gelöscht";
$lang['success']['delete_filters'] = "Filter gelöscht: %s";
+$lang['success']['delete_filter'] = "Filter ID %s wurde gelöscht";
$lang['danger']['invalid_bcc_map_type'] = "Ungültiger BCC Map-Typ";
$lang['danger']['bcc_empty'] = "BCC Ziel darf nicht leer sein";
-$lang['danger']['bcc_must_be_email'] = "BCC Map muss eine gültige E-Mail-Adresse sein";
+$lang['danger']['bcc_must_be_email'] = "BCC Map %s ist keine gültige E-Mail-Adresse";
$lang['danger']['bcc_exists'] = "Ein BCC Map Eintrag %s existiert bereits als Typ %s";
$lang['success']['bcc_saved'] = "BCC Map Eintrag wurde gespeichert";
-$lang['success']['bcc_edited'] = "BCC Map Eintrag wurde editiert";
+$lang['success']['bcc_edited'] = "BCC Map Eintrag %s wurde editiert";
$lang['success']['bcc_deleted'] = "BCC Map Einträge gelöscht: %s";
$lang['danger']['private_key_error'] = "Schlüsselfehler: %s";
$lang['danger']['map_content_empty'] = "Inhalt darf nicht leer sein";
$lang['success']['settings_map_added'] = "Regel wurde gespeichert";
-$lang['danger']['settings_map_invalid'] = "Regel ist ungültig";
+$lang['danger']['settings_map_invalid'] = "Regel ID %s ist ungültig";
$lang['danger']['settings_map_removed'] = "Regeln wurden entfernt: %s";
$lang['danger']['invalid_host'] = "Ungültiger Host: %s";
-$lang['danger']['relayhost_invalid'] = "Relayhost ist ungültig";
+$lang['danger']['relayhost_invalid'] = "Relayhost %s ist ungültig";
$lang['success']['saved_settings'] = "Regel wurde gespeichert";
-$lang['danger']['dkim_domain_or_sel_invalid'] = 'DKIM-Domain oder -Selector nicht korrekt';
+$lang['danger']['dkim_domain_or_sel_invalid'] = 'DKIM-Domain oder Selektor nicht korrekt: %s';
$lang['success']['dkim_removed'] = 'DKIM-Key wurde entfernt';
$lang['success']['dkim_added'] = 'DKIM-Key wurde hinzugefügt';
$lang['danger']['access_denied'] = 'Zugriff verweigert oder unvollständige/ungültige Daten';
-$lang['danger']['domain_invalid'] = 'Domainname ist ungültig';
+$lang['danger']['domain_invalid'] = 'Domainname %s ist ungültig';
$lang['danger']['mailbox_quota_exceeds_domain_quota'] = 'Maximale Größe für Mailboxen überschreitet das Domain Speicherlimit';
$lang['danger']['object_is_not_numeric'] = 'Wert %s ist nicht numerisch';
$lang['success']['domain_added'] = 'Domain %s wurde angelegt';
$lang['success']['items_deleted'] = "Objekt(e) %s wurde(n) erfolgreich entfernt";
+$lang['success']['item_deleted'] = "Objekt %s wurde entfernt";
$lang['danger']['alias_empty'] = 'Alias-Adresse darf nicht leer sein';
$lang['danger']['goto_empty'] = 'Ziel-Adresse darf nicht leer sein';
$lang['danger']['policy_list_from_exists'] = 'Ein Eintrag mit diesem Wert existiert bereits';
$lang['danger']['policy_list_from_invalid'] = 'Eintrag hat ungültiges Format';
-$lang['danger']['alias_invalid'] = 'Alias-Adresse ist ungültig';
-$lang['danger']['goto_invalid'] = 'Ziel-Adresse ist ungültig';
+$lang['danger']['alias_invalid'] = 'Alias-Adresse %s ist ungültig';
+$lang['danger']['goto_invalid'] = 'Ziel-Adresse %s ist ungültig';
$lang['danger']['last_key'] = 'Letzter Key kann nicht gelöscht werden';
-$lang['danger']['alias_domain_invalid'] = 'Alias-Domain ist ungültig';
-$lang['danger']['target_domain_invalid'] = 'Ziel-Domain ist ungültig';
+$lang['danger']['alias_domain_invalid'] = 'Alias-Domain %s ist ungültig';
+$lang['danger']['target_domain_invalid'] = 'Ziel-Domain %s ist ungültig';
$lang['danger']['object_exists'] = 'Objekt %s existiert bereits';
$lang['danger']['domain_exists'] = 'Domain %s existiert bereits';
$lang['danger']['alias_goto_identical'] = 'Alias- und Ziel-Adresse dürfen nicht identisch sein';
-$lang['danger']['aliasd_targetd_identical'] = 'Alias-Domain darf nicht gleich Ziel-Domain sein';
+$lang['danger']['aliasd_targetd_identical'] = 'Alias-Domain darf nicht gleich Ziel-Domain sein: %s';
$lang['danger']['maxquota_empty'] = 'Max. Speicherplatz pro Mailbox darf nicht 0 sein.';
-$lang['success']['alias_added'] = 'Alias-Adresse(n) wurden angelegt';
+$lang['success']['alias_added'] = 'Alias-Adresse %s wurden angelegt';
$lang['success']['alias_modified'] = 'Änderungen an Alias %s wurden gespeichert';
$lang['success']['aliasd_modified'] = 'Änderungen an Alias-Domain %s wurden gespeichert';
$lang['success']['mailbox_modified'] = 'Änderungen an Mailbox %s wurden gespeichert';
$lang['success']['resource_modified'] = "Änderungen an Ressource %s wurden gespeichert";
$lang['success']['object_modified'] = "Änderungen an Objekt %s wurden gespeichert";
$lang['success']['f2b_modified'] = "Änderungen an Fail2ban Parametern wurden gespeichert";
-$lang['danger']['targetd_not_found'] = 'Ziel-Domain nicht gefunden';
+$lang['danger']['targetd_not_found'] = 'Ziel-Domain %s nicht gefunden';
$lang['success']['aliasd_added'] = 'Alias-Domain %s wurde angelegt';
$lang['success']['aliasd_modified'] = 'Änderungen an Alias-Domain %s wurden gespeichert';
$lang['success']['domain_modified'] = 'Änderungen an Domain %s wurden gespeichert';
$lang['success']['domain_admin_modified'] = 'Änderungen an Domain-Administrator %s wurden gespeichert';
$lang['success']['domain_admin_added'] = 'Domain-Administrator %s wurde angelegt';
$lang['success']['admin_modified'] = 'Änderungen am Administrator wurden gespeichert';
-$lang['danger']['username_invalid'] = 'Benutzername kann nicht verwendet werden';
+$lang['danger']['username_invalid'] = 'Benutzername %s kann nicht verwendet werden';
$lang['danger']['password_mismatch'] = 'Passwort-Wiederholung stimmt nicht überein';
$lang['danger']['password_complexity'] = 'Passwort entspricht nicht den Richtlinien';
$lang['danger']['password_empty'] = 'Passwort darf nicht leer sein';
$lang['danger']['login_failed'] = 'Anmeldung fehlgeschlagen';
$lang['danger']['mailbox_invalid'] = 'Mailboxname ist ungültig';
-$lang['danger']['resource_invalid'] = 'Ressourcenname ist ungültig';
-$lang['danger']['description_invalid'] = 'Ressourcenbeschreibung ist ungültig';
+$lang['danger']['resource_invalid'] = 'Ressourcenname %s ist ungültig';
+$lang['danger']['description_invalid'] = 'Ressourcenbeschreibung für %s ist ungültig';
$lang['danger']['is_alias'] = '%s lautet bereits eine Alias-Adresse';
$lang['danger']['is_alias_or_mailbox'] = "Eine Mailbox, ein Alias oder eine sich aus einer Alias-Domain ergebende Adresse mit dem Namen %s ist bereits vorhanden";
$lang['danger']['is_spam_alias'] = '%s lautet bereits eine Spam-Alias-Adresse';
@@ -127,7 +130,7 @@ $lang['danger']['max_quota_in_use'] = 'Mailbox Speicherplatzlimit muss größer
$lang['danger']['domain_quota_m_in_use'] = 'Domain Speicherplatzlimit muss größer oder gleich %d MiB sein';
$lang['danger']['mailboxes_in_use'] = 'Maximale Anzahl an Mailboxen muss größer oder gleich %d sein';
$lang['danger']['aliases_in_use'] = 'Maximale Anzahl an Aliassen muss größer oder gleich %d sein';
-$lang['danger']['sender_acl_invalid'] = 'Sender ACL Wert muss eine Adresse oder Domain sein';
+$lang['danger']['sender_acl_invalid'] = 'Sender ACL %s ist ungültig';
$lang['danger']['domain_not_empty'] = 'Kann nur leere Domains entfernen';
$lang['danger']['validity_missing'] = 'Bitte geben Sie eine Gültigkeitsdauer an';
$lang['user']['loading'] = "Lade...";
@@ -562,9 +565,11 @@ $lang['success']['ui_texts'] = "Änderungen an UI-Texten";
$lang['success']['reset_main_logo'] = "Standardgrafik wurde wiederhergestellt";
$lang['success']['items_released'] = "Ausgewählte Objekte wurden an Mailbox versendet";
$lang['danger']['imagick_exception'] = "Fataler Bildverarbeitungsfehler";
-
+$lang['quarantine']['learn_spam_delete'] = "Als Spam lernen und löschen";
$lang['quarantine']['quarantine'] = "Quarantäne";
-$lang['quarantine']['qinfo'] = "Das Quarantänesystem speichert abgelehnte Nachrichten in der Datenbank. Dem Sender wird <em>nicht</em> signalisiert, dass seine E-Mail zugestellt wurde.";
+$lang['quarantine']['qinfo'] = 'Das Quarantänesystem speichert abgelehnte Nachrichten in der Datenbank. Dem Sender wird <em>nicht</em> signalisiert, dass seine E-Mail zugestellt wurde.
+ <br>"' . $lang['quarantine']['learn_spam_delete'] . '" lernt Nachrichten nach bayesscher Statistik als Spam und erstellt Fuzzy Hashes ausgehend von der jeweiligen Nachricht, um ähnliche Inhalte zukünftig zu unterbinden.
+ <br>Der Prozess des Lernens kann abhängig vom System zeitintensiv sein.';
$lang['quarantine']['release'] = "Freigeben";
$lang['quarantine']['empty'] = 'Keine Einträge';
$lang['quarantine']['toggle_all'] = 'Alle auswählen';
@@ -582,6 +587,9 @@ $lang['quarantine']['subj'] = "Betreff";
$lang['quarantine']['text_plain_content'] = "Inhalt (text/plain)";
$lang['quarantine']['text_from_html_content'] = "Inhalt (html, konvertiert)";
$lang['quarantine']['atts'] = "Anhänge";
+$lang['danger']['fuzzy_learn_error'] = "Fuzzy Lernfehler: %s";
+$lang['danger']['spam_learn_error'] = "Spam Lernfehler: %s";
+$lang['success']['qlearn_spam'] = "Nachricht ID %s wurde als Spam gelernt und gelöscht";
$lang['header']['quarantine'] = "Quarantäne";
$lang['header']['debug'] = "Debugging";
@@ -600,12 +608,15 @@ $lang['quarantine']['release_body'] = "Die ursprüngliche Nachricht wurde als EM
$lang['danger']['release_send_failed'] = "Die Nachricht konnte nicht versendet werden: %s";
$lang['quarantine']['release_subject'] = "Potentiell schädliche Nachricht aus Quarantäne: %s";
+$lang['mailbox']['bcc_map'] = "BCC Map";
$lang['mailbox']['bcc_map_type'] = "BCC Typ";
$lang['mailbox']['bcc_type'] = "BCC Typ";
$lang['mailbox']['bcc_sender_map'] = "Senderabhängig";
$lang['mailbox']['bcc_rcpt_map'] = "Empfängerabhängig";
$lang['mailbox']['bcc_local_dest'] = "Lokales Ziel";
-$lang['mailbox']['bcc_destinations'] = "BCC Ziel(e)";
+$lang['mailbox']['bcc_destinations'] = "BCC Ziel";
+$lang['mailbox']['bcc_destination'] = "BCC Ziel";
+$lang['edit']['bcc_dest_format'] = 'BCC-Ziel muss eine gültige E-Mail-Adresse sein.';
$lang['mailbox']['bcc'] = "BCC";
$lang['mailbox']['bcc_maps'] = "BCC-Maps";
diff --git a/data/web/lang/lang.en.php b/data/web/lang/lang.en.php
index df4049c7..ed2fbf25 100644
--- a/data/web/lang/lang.en.php
+++ b/data/web/lang/lang.en.php
@@ -43,71 +43,74 @@ $lang['danger']['domain_cannot_match_hostname'] = "Domain cannot match hostname"
$lang['warning']['domain_added_sogo_failed'] = "Added domain but failed to restart SOGo, please check your server logs.";
$lang['danger']['rl_timeframe'] = "Ratelimit time frame is incorrect";
$lang['success']['deleted_syncjobs'] = "Deleted syncjobs: %s";
+$lang['success']['deleted_syncjob'] = "Deleted syncjob ID %s";
$lang['success']['delete_filters'] = "Deleted filters: %s";
+$lang['success']['delete_filter'] = "Deleted filters ID %s";
$lang['danger']['invalid_bcc_map_type'] = "Invalid BCC map type";
$lang['danger']['bcc_empty'] = "BCC destination cannot be empty";
-$lang['danger']['bcc_must_be_email'] = "BCC map must be a valid email address";
+$lang['danger']['bcc_must_be_email'] = "BCC map %s is not a valid email address";
$lang['danger']['bcc_exists'] = "A BCC map %s exists for type %s";
$lang['success']['bcc_saved'] = "BCC map entry saved";
-$lang['success']['bcc_edited'] = "BCC map entry edited";
+$lang['success']['bcc_edited'] = "BCC map entry %s edited";
$lang['success']['bcc_deleted'] = "BCC map entries deleted: %s";
$lang['danger']['private_key_error'] = "Private key error: %s";
$lang['danger']['map_content_empty'] = "Map content cannot be empty";
$lang['success']['settings_map_added'] = "Added settings map entry";
-$lang['danger']['settings_map_invalid'] = "Settings map invalid";
+$lang['danger']['settings_map_invalid'] = "Settings map ID %s invalid";
$lang['danger']['settings_map_removed'] = "Removed settings map deleted: %s";
$lang['danger']['invalid_host'] = "Invalid host specified: %s";
-$lang['danger']['relayhost_invalid'] = "Relayhost is invalid";
+$lang['danger']['relayhost_invalid'] = "Relayhost %s is invalid";
$lang['success']['saved_settings'] = "Saved settings";
$lang['success']['db_init_complete'] = "Database initialization completed";
$lang['warning']['session_ua'] = "Form token invalid: User-Agent validation error";
$lang['warning']['session_token'] = "Form token invalid: Token mismatch";
-$lang['danger']['dkim_domain_or_sel_invalid'] = "DKIM domain or selector invalid";
+$lang['danger']['dkim_domain_or_sel_invalid'] = "DKIM domain or selector invalid: %s";
$lang['success']['dkim_removed'] = "DKIM key %s has been removed";
$lang['success']['dkim_added'] = "DKIM key has been saved";
$lang['danger']['access_denied'] = "Access denied or invalid form data";
-$lang['danger']['domain_invalid'] = "Domain name is invalid";
+$lang['danger']['domain_invalid'] = "Domain name %s is invalid";
$lang['danger']['mailbox_quota_exceeds_domain_quota'] = "Max. quota exceeds domain quota limit";
$lang['danger']['object_is_not_numeric'] = "Value %s is not numeric";
$lang['success']['domain_added'] = "Added domain %s";
$lang['success']['items_deleted'] = "Item %s successfully deleted";
+$lang['success']['item_deleted'] = "Item %s successfully deleted";
$lang['danger']['alias_empty'] = "Alias address must not be empty";
$lang['danger']['last_key'] = 'Last key cannot be deleted';
$lang['danger']['goto_empty'] = "Goto address must not be empty";
$lang['danger']['policy_list_from_exists'] = "A record with given name exists";
$lang['danger']['policy_list_from_invalid'] = "Record has invalid format";
-$lang['danger']['alias_invalid'] = "Alias address is invalid";
-$lang['danger']['goto_invalid'] = "Goto address is invalid";
-$lang['danger']['alias_domain_invalid'] = "Alias domain is invalid";
-$lang['danger']['target_domain_invalid'] = "Goto domain is invalid";
+$lang['danger']['alias_invalid'] = "Alias address %s is invalid";
+$lang['danger']['goto_invalid'] = "Goto address %s is invalid";
+$lang['danger']['alias_domain_invalid'] = "Alias domain %s is invalid";
+$lang['danger']['target_domain_invalid'] = "Target domain %s is invalid";
$lang['danger']['object_exists'] = "Object %s already exists";
$lang['danger']['domain_exists'] = "Domain %s already exists";
$lang['danger']['alias_goto_identical'] = "Alias and goto address must not be identical";
-$lang['danger']['aliasd_targetd_identical'] = "Alias domain must not be equal to target domain";
+$lang['danger']['aliasd_targetd_identical'] = "Alias domain must not be equal to target domain: %s";
$lang['danger']['maxquota_empty'] = 'Max. quota per mailbox must not be 0.';
-$lang['success']['alias_added'] = "Alias address/es has/have been added";
-$lang['success']['alias_modified'] = "Changes to alias/es %s have been saved";
+$lang['success']['alias_added'] = "Alias address %s has been added";
+$lang['success']['alias_modified'] = "Changes to alias address %s have been saved";
$lang['success']['mailbox_modified'] = "Changes to mailbox %s have been saved";
$lang['success']['resource_modified'] = "Changes to mailbox %s have been saved";
$lang['success']['object_modified'] = "Changes to object %s have been saved";
$lang['success']['f2b_modified'] = "Changes to Fail2ban parameters have been saved";
-$lang['danger']['targetd_not_found'] = "Target domain not found";
+$lang['danger']['targetd_not_found'] = "Target domain %s not found";
$lang['success']['aliasd_added'] = "Added alias domain %s";
$lang['success']['aliasd_modified'] = "Changes to alias domain %s have been saved";
$lang['success']['domain_modified'] = "Changes to domain %s have been saved";
$lang['success']['domain_admin_modified'] = "Changes to domain administrator %s have been saved";
$lang['success']['domain_admin_added'] = "Domain administrator %s has been added";
$lang['success']['admin_modified'] = "Changes to administrator have been saved";
-$lang['danger']['username_invalid'] = "Username cannot be used";
+$lang['danger']['username_invalid'] = "Username %s cannot be used";
$lang['danger']['password_mismatch'] = "Confirmation password does not match";
$lang['danger']['password_complexity'] = "Password does not meet the policy";
$lang['danger']['password_empty'] = "Password must not be empty";
$lang['danger']['login_failed'] = "Login failed";
$lang['danger']['mailbox_invalid'] = "Mailbox name is invalid";
-$lang['danger']['description_invalid'] = 'Resource description is invalid';
-$lang['danger']['resource_invalid'] = "Resource name is invalid";
+$lang['danger']['description_invalid'] = 'Resource description for %s is invalid';
+$lang['danger']['resource_invalid'] = "Resource name %s is invalid";
$lang['danger']['is_alias'] = "%s is already known as an alias address";
$lang['danger']['is_alias_or_mailbox'] = "%s is already known as an alias, a mailbox or an alias address expanded from an alias domain.";
$lang['danger']['is_spam_alias'] = "%s is already known as a spam alias address";
@@ -130,7 +133,7 @@ $lang['danger']['max_quota_in_use'] = "Mailbox quota must be greater or equal to
$lang['danger']['domain_quota_m_in_use'] = "Domain quota must be greater or equal to %s MiB";
$lang['danger']['mailboxes_in_use'] = "Max. mailboxes must be greater or equal to %d";
$lang['danger']['aliases_in_use'] = "Max. aliases must be greater or equal to %d";
-$lang['danger']['sender_acl_invalid'] = "Sender ACL value is invalid";
+$lang['danger']['sender_acl_invalid'] = "Sender ACL value %s is invalid";
$lang['danger']['domain_not_empty'] = "Cannot remove non-empty domain";
$lang['danger']['validity_missing'] = 'Please assign a period of validity';
$lang['user']['loading'] = "Loading...";
@@ -573,10 +576,13 @@ $lang['success']['app_links'] = "Saved changes to app links";
$lang['success']['ui_texts'] = "Saved changes to UI texts";
$lang['success']['reset_main_logo'] = "Reset to default logo";
$lang['success']['items_released'] = "Selected items were released";
+$lang['success']['item_released'] = "Item %s released";
$lang['danger']['imagick_exception'] = "Error: Imagick exception while reading image";
-
$lang['quarantine']['quarantine'] = "Quarantine";
-$lang['quarantine']['qinfo'] = "The quarantine system will save rejected mail to the database, while the sender will <em>not</em> be given the impression of a delivered mail.";
+$lang['quarantine']['learn_spam_delete'] = "Learn as spam and delete";
+$lang['quarantine']['qinfo'] = 'The quarantine system will save rejected mail to the database, while the sender will <em>not</em> be given the impression of a delivered mail.
+ <br>"' . $lang['quarantine']['learn_spam_delete'] . '" will learn a message as spam via Bayesian theorem and also calculate fuzzy hashes to deny similar messages in the future.
+ <br>Please be aware that learning multiple messages can be - depending on your system - time consuming.';
$lang['quarantine']['release'] = "Release";
$lang['quarantine']['empty'] = 'No results';
$lang['quarantine']['toggle_all'] = 'Toggle all';
@@ -594,6 +600,9 @@ $lang['quarantine']['subj'] = "Subject";
$lang['quarantine']['text_plain_content'] = "Content (text/plain)";
$lang['quarantine']['text_from_html_content'] = "Content (converted html)";
$lang['quarantine']['atts'] = "Attachments";
+$lang['danger']['fuzzy_learn_error'] = "Fuzzy hash learn error: %s";
+$lang['danger']['spam_learn_error'] = "Spam learn error: %s";
+$lang['success']['qlearn_spam'] = "Message ID %s was learned as spam and deleted";
$lang['header']['quarantine'] = "Quarantine";
$lang['header']['debug'] = "Debug";
@@ -612,12 +621,15 @@ $lang['quarantine']['release_body'] = "We have attached your message as eml file
$lang['danger']['release_send_failed'] = "Message could not be released: %s";
$lang['quarantine']['release_subject'] = "Potentially damaging quarantine item %s";
+$lang['mailbox']['bcc_map'] = "BCC map";
$lang['mailbox']['bcc_map_type'] = "BCC type";
$lang['mailbox']['bcc_type'] = "BCC type";
$lang['mailbox']['bcc_sender_map'] = "Sender map";
$lang['mailbox']['bcc_rcpt_map'] = "Recipient map";
$lang['mailbox']['bcc_local_dest'] = "Local destination";
-$lang['mailbox']['bcc_destinations'] = "BCC destination/s";
+$lang['mailbox']['bcc_destinations'] = "BCC destination";
+$lang['mailbox']['bcc_destination'] = "BCC destination";
+$lang['edit']['bcc_dest_format'] = 'BCC destination must be a single valid email address.';
$lang['mailbox']['bcc'] = "BCC";
$lang['mailbox']['bcc_maps'] = "BCC maps";
diff --git a/data/web/modals/admin.php b/data/web/modals/admin.php
index 1306b436..7e8656e5 100644
--- a/data/web/modals/admin.php
+++ b/data/web/modals/admin.php
@@ -56,7 +56,7 @@ if (!isset($_SESSION['mailcow_cc_role'])) {
<h3 class="modal-title"><?=$lang['admin']['add_domain_admin'];?></h3>
</div>
<div class="modal-body">
- <form class="form-horizontal" data-cached-form="true" data-id="domain_admin" role="form" method="post">
+ <form class="form-horizontal" data-cached-form="true" data-id="add_domain_admin" role="form" method="post">
<div class="form-group">
<label class="control-label col-sm-2" for="username"><?=$lang['admin']['username'];?>:</label>
<div class="col-sm-10">
@@ -97,7 +97,7 @@ if (!isset($_SESSION['mailcow_cc_role'])) {
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
- <button class="btn btn-default" id="add_item" data-id="domain_admin" data-api-url='add/domain-admin' data-api-attr='{}' href="#"><span class="glyphicon glyphicon-plus" aria-hidden="true"></span> <?=$lang['admin']['add'];?></button>
+ <button class="btn btn-default" id="add_item" data-id="add_domain_admin" data-api-url='add/domain-admin' data-api-attr='{}' href="#"><span class="glyphicon glyphicon-plus" aria-hidden="true"></span> <?=$lang['admin']['add'];?></button>
</div>
</div>
</form>
diff --git a/data/web/modals/mailbox.php b/data/web/modals/mailbox.php
index 149f579c..94f881e4 100644
--- a/data/web/modals/mailbox.php
+++ b/data/web/modals/mailbox.php
@@ -614,9 +614,9 @@ if (!isset($_SESSION['mailcow_cc_role'])) {
</div>
</div>
<div class="form-group">
- <label class="control-label col-sm-2" for="bcc_dest"><?=$lang['mailbox']['bcc_destinations'];?>:</label>
+ <label class="control-label col-sm-2" for="bcc_dest"><?=$lang['mailbox']['bcc_destination'];?>:</label>
<div class="col-sm-10">
- <textarea autocorrect="off" spellcheck="false" autocapitalize="none" class="form-control" rows="20" id="bcc_dest" name="bcc_dest" required></textarea>
+ <input type="text" class="form-control" name="bcc_dest" id="bcc_dest">
</div>
</div>
<div class="form-group">
diff --git a/data/web/quarantine.php b/data/web/quarantine.php
index ec3ebb44..87f565a1 100644
--- a/data/web/quarantine.php
+++ b/data/web/quarantine.php
@@ -24,6 +24,8 @@ $_SESSION['return_to'] = $_SERVER['REQUEST_URI'];
<ul class="dropdown-menu">
<li><a id="edit_selected" data-id="qitems" data-api-url='edit/qitem' data-api-attr='{"action":"release"}' href="#"><?=$lang['quarantine']['release'];?></a></li>
<li role="separator" class="divider"></li>
+ <li><a id="edit_selected" data-id="qitems" data-api-url='edit/qitem' data-api-attr='{"action":"learnspam"}' href="#"><?=$lang['quarantine']['learn_spam_delete'];?></a></li>
+ <li role="separator" class="divider"></li>
<li><a id="delete_selected" data-id="qitems" data-api-url='delete/qitem' href="#"><?=$lang['quarantine']['remove'];?></a></li>
</ul>
</div>