You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
postfixadmin/delete.php

180 lines
5.9 KiB
PHTML

<?php
/**
* Postfix Admin
*
* LICENSE
* This source file is subject to the GPL license that is bundled with
* this package in the file LICENSE.TXT.
*
* Further details on the project are available at :
* http://www.postfixadmin.com or http://postfixadmin.sf.net
*
* @version $Id$
* @license GNU GPL v2 or later.
*
* File: delete.php
* Used to delete admins, domains, mailboxes and aliases.
* Note: if a domain is deleted, all mailboxes and aliases belonging
* to the domain are also removed.
*
* Template File: message.tpl
*
* Template Variables:
*
* tMessage
*
* Form POST \ GET Variables:
*
* fTable
* fDelete
* fDomain
*/
require_once('common.php');
authentication_require_role('admin');
$SESSID_USERNAME = authentication_get_username();
$error = 0;
reverting most changes from SVN r572 aka https://sourceforge.net/tracker/index.php?func=detail&aid=2567466&group_id=191583&atid=937966 because - it undermines the $CONF[*alias_control*] settings more or less - mailbox aliases with non-default targets are always shown in the "Aliases" section - see comment from 2009-05-04 on https://sourceforge.net/tracker/?func=detail&aid=1902476&group_id=191583&atid=937964 - it introduced some "funny" bugs - a nice example is http://sourceforge.net/tracker/?func=detail&aid=2786284&group_id=191583&atid=937964 Files / sections affected by the revert: - list-virtual.php: all numbers (alias count etc.) correct? (the changes in this file are the largest ones) - functions.inc.php: SQL queries in get_domain_properties() - delete.php: the only change since r572 affected code that was inserted in r572 (and is now deleted again) - nothing should break here - create-alias.php: had no changes since r572 - therefore nothing should break here Exceptions (not reverted): - edit-alias: this change looks useful (hide mailbox alias target from admins if they don't have permissions to change it). The actual code has changed in the meantime, but the functionality stays. Additionally, reverting this would be very hard or throw useful later changes away. BUT: shouldn't the page completely forbid to edit a mailbox alias if the admin doesn't have permissions for it? - functions.inc.php: comment for pacrypt() ;-) - linebreaks in long SQL queries Please check if everything is still working as expected (especially the domain list and the virtual list) - I did only some quick tests. git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@652 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
$fTable = escape_string (safeget('table') ); # see the if blocks below for valid values
$fDelete = escape_string (safeget('delete'));
$fDomain = escape_string (safeget('domain'));
$error=0;
if ($fTable == "admin")
{
authentication_require_role('global-admin');
$fWhere = 'username';
$result_admin = db_delete ('admin',$fWhere,$fDelete);
$result_domain_admins = db_delete ('domain_admins',$fWhere,$fDelete);
if ($result_admin != 1) {
flash_error($PALANG['pAdminDelete_admin_error']);
}
header ("Location: list-admin.php");
exit;
} # ($fTable == "admin")
elseif ($fTable == "domain")
{
authentication_require_role('global-admin');
$fWhere = 'domain';
$result_domain_admins = db_delete ('domain_admins',$fWhere,$fDelete);
$result_alias = db_delete ('alias',$fWhere,$fDelete);
$result_mailbox = db_delete ('mailbox',$fWhere,$fDelete);
$result_alias_domain = db_delete('alias_domain','alias_domain',$fDelete);
$result_log = db_delete ('log',$fWhere,$fDelete);
if ($CONF['vacation'] == "YES")
{
$result_vacation = db_delete ('vacation',$fWhere,$fDelete);
}
$result_domain = db_delete ('domain',$fWhere,$fDelete);
if (!$result_domain || !domain_postdeletion($fDelete))
{
flash_error($PALANG['pAdminDelete_domain_error']);
}
header ("Location: list-domain.php");
exit;
} # ($fTable == "domain")
elseif ($fTable == "alias_domain")
{
authentication_require_role('global-admin');
$table_domain_alias = table_by_key('alias_domain');
$fWhere = 'alias_domain';
$fDelete = $fDomain;
if(db_delete('alias_domain',$fWhere,$fDelete) != 1) {
flash_error($PALANG['pAdminDelete_alias_domain_error']);
}
header ("Location: list-domain.php");
exit;
} # ($fTable == "alias_domain")
reverting most changes from SVN r572 aka https://sourceforge.net/tracker/index.php?func=detail&aid=2567466&group_id=191583&atid=937966 because - it undermines the $CONF[*alias_control*] settings more or less - mailbox aliases with non-default targets are always shown in the "Aliases" section - see comment from 2009-05-04 on https://sourceforge.net/tracker/?func=detail&aid=1902476&group_id=191583&atid=937964 - it introduced some "funny" bugs - a nice example is http://sourceforge.net/tracker/?func=detail&aid=2786284&group_id=191583&atid=937964 Files / sections affected by the revert: - list-virtual.php: all numbers (alias count etc.) correct? (the changes in this file are the largest ones) - functions.inc.php: SQL queries in get_domain_properties() - delete.php: the only change since r572 affected code that was inserted in r572 (and is now deleted again) - nothing should break here - create-alias.php: had no changes since r572 - therefore nothing should break here Exceptions (not reverted): - edit-alias: this change looks useful (hide mailbox alias target from admins if they don't have permissions to change it). The actual code has changed in the meantime, but the functionality stays. Additionally, reverting this would be very hard or throw useful later changes away. BUT: shouldn't the page completely forbid to edit a mailbox alias if the admin doesn't have permissions for it? - functions.inc.php: comment for pacrypt() ;-) - linebreaks in long SQL queries Please check if everything is still working as expected (especially the domain list and the virtual list) - I did only some quick tests. git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@652 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
elseif ($fTable == "alias" or $fTable == "mailbox")
{
if (!check_owner ($SESSID_USERNAME, $fDomain))
{
$error = 1;
flash_error($PALANG['pDelete_domain_error'] . "($fDomain)!");
}
elseif (!check_alias_owner ($SESSID_USERNAME, $fDelete))
{
$error = 1;
flash_error($PALANG['pDelete_alias_error'] . "($fDelete)!");
}
else
{
db_begin();
/* there may be no aliases to delete */
$result = db_query("SELECT * FROM $table_alias WHERE address = '$fDelete' AND domain = '$fDomain'");
if($result['rows'] == 1) {
$result = db_query ("DELETE FROM $table_alias WHERE address='$fDelete' AND domain='$fDomain'");
db_log ($fDomain, 'delete_alias', $fDelete);
}
/* is there a mailbox? if do delete it from orbit; it's the only way to be sure */
$result = db_query ("SELECT * FROM $table_mailbox WHERE username='$fDelete' AND domain='$fDomain'");
if ($result['rows'] == 1)
{
$result = db_query ("DELETE FROM $table_mailbox WHERE username='$fDelete' AND domain='$fDomain'");
$postdel_res=mailbox_postdeletion($fDelete,$fDomain);
if ($result['rows'] != 1 || !$postdel_res)
{
$error = 1;
$tMessage = $PALANG['pDelete_delete_error'] . "$fDelete (";
if ($result['rows']!=1)
{
$tMessage.='mailbox';
if (!$postdel_res) $tMessage.=', ';
}
if (!$postdel_res)
{
$tMessage.='post-deletion';
}
$tMessage.=')';
flash_error($tMessage);
}
db_log ($fDomain, 'delete_mailbox', $fDelete);
}
$result = db_query("SELECT * FROM $table_vacation WHERE email = '$fDelete' AND domain = '$fDomain'");
if($result['rows'] == 1) {
db_query ("DELETE FROM $table_vacation WHERE email='$fDelete' AND domain='$fDomain'");
db_query ("DELETE FROM $table_vacation_notification WHERE on_vacation ='$fDelete' "); /* should be caught by cascade, if PgSQL */
}
$result = db_query("SELECT * FROM $table_quota WHERE username='$fDelete'");
if($result['rows'] >= 1) {
db_query ("DELETE FROM $table_quota WHERE username='$fDelete'");
}
$result = db_query("SELECT * FROM $table_quota2 WHERE username='$fDelete'");
if($result['rows'] == 1) {
db_query ("DELETE FROM $table_quota2 WHERE username='$fDelete'");
}
}
if ($error != 1)
{
db_commit();
} else {
flash_error($PALANG['pDelete_delete_error'] . "$fDelete (physical mail)!");
db_rollback();
}
header ("Location: list-virtual.php?domain=$fDomain");
exit;
}
else
{
flash_error($PALANG['invalid_parameter']);
header("Location: main.php");
exit;
}
# we should most probably never reach this point
$smarty->assign ('smarty_template', 'message');
$smarty->assign ('tMessage', $tMessage . " If you see this, please open a bugreport and include the exact delete.php parameters.");
$smarty->display ('index.tpl');
/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */
?>