You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
postfixadmin/my_lib.php

348 lines
9.6 KiB
PHTML

<?php
//
// If my_lib.php is called directly, redirect to login.php
//
if (ereg("my_lib.php", $_SERVER[PHP_SELF])) {
header("Location: login.php");
}
$version = "Postfix Admin v1.5.3";
//
// check_session
// Action: Check if a session already exists, if not redirect to login.php
// Call: check_session()
//
function check_session() {
session_name("SessID");
session_start();
if (!session_is_registered("sessid")) {
// if session is not registered redirect to login.php
header("Location: login.php");
exit;
}
$sessid["domain"] = $_SESSION["sessid"]["domain"];
$sessid["username"] = $_SESSION["sessid"]["username"];
return $sessid;
}
//
// check_string
// Action: checks if a string is valid and returns TRUE is this is the case.
// Call: check_string(string var)
//
function check_string($var) {
if (preg_match('/^([A-Za-z0-9 ]+)+$/', $var)){
return true;
} else {
return false;
}
}
//
// check_escape
// Action: checks to see if there are chars that need to be escaped
// Call: check_escape(string var)
//
function check_escape($var) {
$search = array ("'<script[^>]*?>.*?</script>'si",
"'<[\/\!]*?[^<>]*?>'si",
"'\''i");
$replace = array ("",
"",
"");
$escaped = preg_replace ($search, $replace, $var);
return $escaped;
}
//
// check_email
// Action: Checks if email is valid and returns TRUE if this is the case.
// Call: check_email(string email)
//
function check_email($email) {
return (preg_match('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{|}~]+' . '@' . '([-0-9A-Z]+\.)+' . '([0-9A-Z]){2,4}$/i', trim($email)));
}
//
// md5crypt
// Action: Creates an MD5 passwd that is readable by FreeBSD daemons
// Call: md5crypt(string cleartextpasswd)
//
$MAGIC = "$1$";
$ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
function md5crypt($pw, $salt="", $magic="") {
global $MAGIC;
if ($magic == "") $magic = $MAGIC;
if ($salt == "") $salt = create_salt();
$slist = explode("$", $salt);
if ($slist[0] == "1") $salt = $slist[1];
$salt = substr($salt, 0, 8);
$ctx = $pw . $magic . $salt;
$final = hex2bin(md5($pw . $salt . $pw));
for ($i=strlen($pw); $i>0; $i-=16) {
if ($i > 16)
$ctx .= substr($final,0,16);
else
$ctx .= substr($final,0,$i);
}
$i = strlen($pw);
while ($i > 0) {
if ($i & 1) $ctx .= chr(0);
else $ctx .= $pw[0];
$i = $i >> 1;
}
$final = hex2bin(md5($ctx));
for ($i=0;$i<1000;$i++) {
$ctx1 = "";
if ($i & 1) $ctx1 .= $pw;
else $ctx1 .= substr($final,0,16);
if ($i % 3) $ctx1 .= $salt;
if ($i % 7) $ctx1 .= $pw;
if ($i & 1) $ctx1 .= substr($final,0,16);
else $ctx1 .= $pw;
$final = hex2bin(md5($ctx1));
}
$passwd = "";
$passwd .= to64( ( (ord($final[0]) << 16) | (ord($final[6]) << 8) | (ord($final[12])) ), 4);
$passwd .= to64( ( (ord($final[1]) << 16) | (ord($final[7]) << 8) | (ord($final[13])) ), 4);
$passwd .= to64( ( (ord($final[2]) << 16) | (ord($final[8]) << 8) | (ord($final[14])) ), 4);
$passwd .= to64( ( (ord($final[3]) << 16) | (ord($final[9]) << 8) | (ord($final[15])) ), 4);
$passwd .= to64( ( (ord($final[4]) << 16) | (ord($final[10]) << 8) | (ord($final[5])) ), 4);
$passwd .= to64( ord($final[11]), 2);
return "$magic$salt\$$passwd";
}
function create_salt() {
srand((double)microtime()*1000000);
$salt = substr(md5(rand(0,9999999)), 0, 8);
return $salt;
}
function hex2bin($str) {
$len = strlen($str);
$nstr = "";
for ($i=0;$i<$len;$i+=2) {
$num = sscanf(substr($str,$i,2), "%x");
$nstr.=chr($num[0]);
}
return $nstr;
}
function to64($v, $n) {
global $ITOA64;
$ret = "";
while (($n - 1) >= 0) {
$n--;
$ret .= $ITOA64[$v & 0x3f];
$v = $v >> 6;
}
return $ret;
}
//
// print_header
// Action: Prints out the default header for every page
// Call: print_header([string title])
//
function print_header($menu = "", $title = "", $welcome = "NO") {
if (empty($title)) global $title;
global $welcome_header;
header("Expires: Sun, 16 Mar 2003 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
print "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n";
print "<html xmlns=\"http://www.w3.org/1999/xhtml\">\n";
print "<head>\n";
print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\n";
if (file_exists(realpath("./stylesheet.css"))) print "<link rel=\"stylesheet\" href=\"stylesheet.css\">\n";
if (file_exists(realpath("../stylesheet.css"))) print "<link rel=\"stylesheet\" href=\"../stylesheet.css\">\n";
print "<title>$title</title>\n";
print "</head>\n";
print "<body>\n";
print "<center>\n";
if ($welcome == "YES") {
print "<h1>$welcome_header</h1>\n";
print "<p />\n";
}
if ($menu == "admin") print_admin_menu();
if ($menu == "menu") print_menu();
}
//
// print_footer
// Action: Prints out the default footer for every page
// Call: print_footer()
//
function print_footer($hr = "YES") {
global $version;
global $organization_link;
global $organization_name;
global $show_postfix_admin_info;
if ($hr == "YES") print "<hr class=\"footer\" />\n";
print "<p class=\"footer\">\n";
if ($show_postfix_admin_info == "YES") print "<a target=\"blank\" href=\"http://high5.net/\"><font color=black>$version</font></a><br />\n";
if (!empty($organization_link)) print "<p><a href=\"$organization_link\">Back to $organization_name</a><p />\n";
print "</p>\n";
print "</center>\n";
print "</body>\n";
print "</html>\n";
}
//
// print_menu
// Action: Prints out the requirement menu bar
// Call: print_menu()
//
function print_menu() {
print "<table>\n";
print "<tr>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=\"_top\" href=\"main.php?" . session_name() . "=" . session_id() . "\">Overview</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=\"_top\" href=\"alias.php?" . session_name() . "=" . session_id() . "\">Add Alias</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"mailbox.php?" . session_name() . "=" . session_id() . "\">Add Mailbox</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"sendmail.php?" . session_name() . "=" . session_id() . "\">Send Email</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"passwd.php?" . session_name() . "=" . session_id() . "\">Passwd</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"logout.php?" . session_name() . "=" . session_id() . "\">Logout</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "</tr>\n";
print "</table>\n";
print "<hr />\n";
}
//
// print_admin_menu
// Action: Prints out the requirement admin menu bar
// Call: print_admin_menu()
//
function print_admin_menu() {
print "<table>\n";
print "<tr>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"adminview.php\">Admin View</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"domainview.php\">Domain View</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"virtualview.php\">Virtual View</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"sendmail.php\">Send Email</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"newadmin.php\">New Admin</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "<td class=\"menu\">\n";
print "<a target=_top href=\"newdomain.php\">New Domain</a>";
print "</td>\n";
print "<td width=\"8\">&nbsp;</td>\n";
print "</tr>\n";
print "</table>\n";
print "<hr />\n";
}
//
// print_error
// Action: Prints an error message and exits/dies
// Call: print_error(string error message);
//
function print_error($msg, $header = "NO", $menu = "", $hr = "NO") {
if ($header == "YES") print_header();
if ($menu == "ADMIN") print_admin_menu();
if ($menu == "MENU") print_menu();
if ($hr == "YES") print "<hr />\n";
print "<p class=\"error\">\n";
print "$msg\n";
print "</p>\n";
print_footer();
exit;
}
//
// db_connect
// Action: Makes a connection to the database if it doesn't exist
// Call: db_connect()
//
function db_connect() {
global $db_host;
global $db_name;
global $db_user;
global $db_pass;
$link = mysql_connect($db_host, $db_user, $db_pass) or print_error("Could not connect to database server: <b>$db_host</b>.");
$succes = mysql_select_db($db_name, $link) or print_error("Could not select database: <b>$db_name</b>.");
return $link;
}
//
// db_query
// Action: Sends a query to the database and returns query result and number of rows
// Call: db_query(string query)
//
function db_query($query) {
$link = db_connect();
$result = mysql_query($query, $link) or print_error("Could not query the table.<br>", "NO");
// if $query was a select statement check the number of rows with mysql_num_rows().
if (eregi("^select", $query)) {
$number_rows = mysql_num_rows($result);
// if $query was something else, UPDATE, DELETE or INSERT check the number of rows with
// mysql_affected_rows().
} else {
$number_rows = mysql_affected_rows($link);
}
$return = array (
"result" => $result,
"rows" => $number_rows
);
return $return;
}
?>