You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
postfixadmin/create-alias.php

207 lines
6.2 KiB
PHTML

<?php
/**
* Postfix Admin
*
* LICENSE
*
* This source file is subject to the GPL license that is bundled with
* this package in the file LICENSE.TXT.
*
* Further details on the project are available at :
* http://www.postfixadmin.com or http://postfixadmin.sf.net
*
* File: create-alias.php
* Template File: create-alias.tpl
* Responsible for allowing for the creation of mail aliases.
*
* @version $Id$
* @license GNU GPL v2 or later.
*
* Template Variables:
*
* tMessage
* tAddress
* tGoto
* tDomain
*
* Form POST \ GET Variables:
*
* fAddress
* fGoto
* fDomain
*
*/
require_once('common.php');
authentication_require_role('admin');
$username = authentication_get_username();
$SESSID_USERNAME = $username;
if(authentication_has_role('global-admin')) {
$list_domains = list_domains ();
}
else {
$list_domains = list_domains_for_admin ($username);
}
$pCreate_alias_goto_text = $PALANG['pCreate_alias_goto_text'];
if ($_SERVER['REQUEST_METHOD'] == "GET")
{
if (isset ($_GET['domain'])) {
$tDomain = escape_string ($_GET['domain']);
}
}
if ($_SERVER['REQUEST_METHOD'] == "POST")
{
if (isset ($_POST['fAddress']) && isset ($_POST['fDomain'])) {
$fAddress = escape_string($_POST['fAddress']) . "@" . escape_string ($_POST['fDomain']);
$fAddress = strtolower ($fAddress);
}
if (isset ($_POST['fGoto'])) {
$fGoto = escape_string ($_POST['fGoto']);
$fGoto = strtolower ($fGoto);
}
if(isset($_POST['fActive'])) {
$fActive = escape_string ($_POST['fActive']);
}
else {
$fActive = "1";
}
if(isset($_POST['fDomain'])) {
$fDomain = escape_string ($_POST['fDomain']);
}
# TODO: Doesn't work with multiple aliases - fix or discard...
# if(!preg_match ('/@/',$fGoto)) {
# $fGoto = $fGoto . "@" . escape_string ($_POST['fDomain']);
# }
if(!(authentication_has_role('global-admin') ||
check_owner ($SESSID_USERNAME, $fDomain) ))
{
$error = 1;
$tAddress = escape_string ($_POST['fAddress']);
$tGoto = $fGoto;
$tDomain = $fDomain;
$pCreate_alias_address_text = $PALANG['pCreate_alias_address_text_error1'];
}
if(!check_alias($fDomain)) {
$error = 1;
$tAddress = escape_string ($_POST['fAddress']);
$tGoto = $fGoto;
$tDomain = $fDomain;
$pCreate_alias_address_text = $PALANG['pCreate_alias_address_text_error3'];
}
if(empty ($fAddress) || !check_email ($fAddress)) {
$error = 1;
$tAddress = escape_string ($_POST['fAddress']);
$tGoto = $fGoto;
$tDomain = $fDomain;
$pCreate_alias_address_text = $PALANG['pCreate_alias_address_text_error1'];
}
// Begin check alias email
$goto = preg_replace ('/\\\r\\\n/', ',', $fGoto);
$goto = preg_replace ('/\r\n/', ',', $goto);
$goto = preg_replace ('/,[\s]+/i', ',', $goto);
$goto = preg_replace ('/[\s]+,/i', ',', $goto);
$goto = preg_replace ('/,*$|^,*/', '', $goto);
$goto = preg_replace ('/,,*/', ',', $goto);
if (empty ($goto) && !authentication_has_role('global-admin')) {
$error = 1;
$tGoto = $_POST['fGoto'];
$tMessage = $PALANG['pEdit_alias_goto_text_error1'];
}
$new_aliases = array();
if ($error != 1) {
$new_aliases = explode(',', $goto);
}
$new_aliases = array_unique($new_aliases);
foreach($new_aliases as $address) {
if (in_array($address, $CONF['default_aliases'])) continue;
if (empty($address)) continue; # TODO: should never happen - remove after 2.2 release
if (!check_email($address)) {
$error = 1;
$tGoto = $goto;
if (!empty($tMessage)) $tMessage .= "<br />";
$tMessage .= $PALANG['pEdit_alias_goto_text_error2'] . "$address</span>";
}
}
$goto = implode(',', $new_aliases);
$fGoto = escape_string($goto);
// End check alias mail
if (empty($fGoto)) {
$error = 1;
$tAddress = escape_string ($_POST['fAddress']);
$tGoto = $fGoto;
$tDomain = $fDomain;
$pCreate_alias_goto_text = $PALANG['pCreate_alias_goto_text_error'];
}
if (escape_string($_POST['fAddress']) == "*") {
$fAddress = "@" . escape_string ($_POST['fDomain']);
}
$result = db_query ("SELECT * FROM $table_alias WHERE address='$fAddress'");
if ($result['rows'] == 1)
{
reverting most changes from SVN r572 aka https://sourceforge.net/tracker/index.php?func=detail&aid=2567466&group_id=191583&atid=937966 because - it undermines the $CONF[*alias_control*] settings more or less - mailbox aliases with non-default targets are always shown in the "Aliases" section - see comment from 2009-05-04 on https://sourceforge.net/tracker/?func=detail&aid=1902476&group_id=191583&atid=937964 - it introduced some "funny" bugs - a nice example is http://sourceforge.net/tracker/?func=detail&aid=2786284&group_id=191583&atid=937964 Files / sections affected by the revert: - list-virtual.php: all numbers (alias count etc.) correct? (the changes in this file are the largest ones) - functions.inc.php: SQL queries in get_domain_properties() - delete.php: the only change since r572 affected code that was inserted in r572 (and is now deleted again) - nothing should break here - create-alias.php: had no changes since r572 - therefore nothing should break here Exceptions (not reverted): - edit-alias: this change looks useful (hide mailbox alias target from admins if they don't have permissions to change it). The actual code has changed in the meantime, but the functionality stays. Additionally, reverting this would be very hard or throw useful later changes away. BUT: shouldn't the page completely forbid to edit a mailbox alias if the admin doesn't have permissions for it? - functions.inc.php: comment for pacrypt() ;-) - linebreaks in long SQL queries Please check if everything is still working as expected (especially the domain list and the virtual list) - I did only some quick tests. git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@652 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
$error = 1;
$tAddress = escape_string ($_POST['fAddress']);
$tGoto = $fGoto;
$tDomain = $fDomain;
$pCreate_alias_address_text = $PALANG['pCreate_alias_address_text_error2'];
}
if ($fActive == "on") {
$sqlActive = db_get_boolean(True);
}
else {
$sqlActive = db_get_boolean(False);
}
reverting most changes from SVN r572 aka https://sourceforge.net/tracker/index.php?func=detail&aid=2567466&group_id=191583&atid=937966 because - it undermines the $CONF[*alias_control*] settings more or less - mailbox aliases with non-default targets are always shown in the "Aliases" section - see comment from 2009-05-04 on https://sourceforge.net/tracker/?func=detail&aid=1902476&group_id=191583&atid=937964 - it introduced some "funny" bugs - a nice example is http://sourceforge.net/tracker/?func=detail&aid=2786284&group_id=191583&atid=937964 Files / sections affected by the revert: - list-virtual.php: all numbers (alias count etc.) correct? (the changes in this file are the largest ones) - functions.inc.php: SQL queries in get_domain_properties() - delete.php: the only change since r572 affected code that was inserted in r572 (and is now deleted again) - nothing should break here - create-alias.php: had no changes since r572 - therefore nothing should break here Exceptions (not reverted): - edit-alias: this change looks useful (hide mailbox alias target from admins if they don't have permissions to change it). The actual code has changed in the meantime, but the functionality stays. Additionally, reverting this would be very hard or throw useful later changes away. BUT: shouldn't the page completely forbid to edit a mailbox alias if the admin doesn't have permissions for it? - functions.inc.php: comment for pacrypt() ;-) - linebreaks in long SQL queries Please check if everything is still working as expected (especially the domain list and the virtual list) - I did only some quick tests. git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@652 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
if ($error != 1) {
if (preg_match('/^\*@(.*)$/', $fGoto, $match)) {
$fGoto = "@" . $match[1];
}
$result = db_query ("INSERT INTO $table_alias (address,goto,domain,created,modified,active) VALUES ('$fAddress','$fGoto','$fDomain',NOW(),NOW(),'$sqlActive')");
reverting most changes from SVN r572 aka https://sourceforge.net/tracker/index.php?func=detail&aid=2567466&group_id=191583&atid=937966 because - it undermines the $CONF[*alias_control*] settings more or less - mailbox aliases with non-default targets are always shown in the "Aliases" section - see comment from 2009-05-04 on https://sourceforge.net/tracker/?func=detail&aid=1902476&group_id=191583&atid=937964 - it introduced some "funny" bugs - a nice example is http://sourceforge.net/tracker/?func=detail&aid=2786284&group_id=191583&atid=937964 Files / sections affected by the revert: - list-virtual.php: all numbers (alias count etc.) correct? (the changes in this file are the largest ones) - functions.inc.php: SQL queries in get_domain_properties() - delete.php: the only change since r572 affected code that was inserted in r572 (and is now deleted again) - nothing should break here - create-alias.php: had no changes since r572 - therefore nothing should break here Exceptions (not reverted): - edit-alias: this change looks useful (hide mailbox alias target from admins if they don't have permissions to change it). The actual code has changed in the meantime, but the functionality stays. Additionally, reverting this would be very hard or throw useful later changes away. BUT: shouldn't the page completely forbid to edit a mailbox alias if the admin doesn't have permissions for it? - functions.inc.php: comment for pacrypt() ;-) - linebreaks in long SQL queries Please check if everything is still working as expected (especially the domain list and the virtual list) - I did only some quick tests. git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@652 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
if ($result['rows'] != 1) {
$tDomain = $fDomain;
$tMessage = $PALANG['pCreate_alias_result_error'] . "<br />($fAddress -> $fGoto)<br />\n";
}
else {
db_log ($SESSID_USERNAME, $fDomain, 'create_alias', "$fAddress -> $fGoto");
$tDomain = $fDomain;
$tMessage = $PALANG['pCreate_alias_result_success'] . "<br />($fAddress -> $fGoto)<br />\n";
}
} else { # on error
$tAddress = htmlentities($_POST['fAddress']);
$tGoto = htmlentities($_POST['fGoto']);
$tDomain = htmlentities($_POST['fDomain']);
}
}
$smarty->assign ('tAddress', $tAddress);
$smarty->assign ('select_options', select_options ($list_domains, array ($tDomain)), false);
$smarty->assign ('pCreate_alias_address_text', $pCreate_alias_address_text, false);
$smarty->assign ('tGoto', $tGoto, false);
$smarty->assign ('pCreate_alias_goto_text', $pCreate_alias_goto_text);
$smarty->assign ('tMessage', $tMessage, false);
$smarty->assign ('smarty_template', 'create-alias');
$smarty->display ('index.tpl');
/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */
?>