Initial Import in SourceForge

git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/tags/postfixadmin-1.5.4@1 a1433add-5e2c-0410-b055-b7f2511e0802
18 years ago · 0d2045ef16
commit 0d2045ef16
33 changed files with 2129 additions and 0 deletions
--- a/CHANGELOG.TXT
+++ b/CHANGELOG.TXT
@ -0,0 +1,86 @@
+#############################
+# Postfix Admin Release 1.x #
+#############################
+#
+# 2003 (c) High5!
+# Created by: Mischa Peters <mischa at high5 dot net>
+#
+
+Version 1.5.4  -- 2003/06/16
+----------------------------
+  - Added: Option for "Back to".
+  - Added: Option for Vacation module.
+  - Added: Table declaration for the use of Quota in the INSTALL.TXT.
+    This requires an additional local delivery agent.
+    Quotas are not supported by Postfix!
+  - Changed: The word "View" to "List".
+
+
+Version 1.5.3  -- 2003/06/06
+----------------------------
+  - Fixed: Even more minor bugs in regards to declaration of variables.
+    (Thanx Aquilante and Kyle_m)
+
+
+Version 1.5.2  -- 2003/06/05
+----------------------------
+  - Fixed: Minor bugs in regards to declaration of variables.
+
+
+Version 1.5.1  -- 2003/06/04
+----------------------------
+  - Added: Optional mailbox per domain directory structure. (Thanx Jim)
+  - Added: Option to completely control the stored aliases. (Thanx Alex)
+  - Change: config.inc.php is renamed to config.inc.php.sample. (Thanx Alex)
+  - Fixed: $PHP_SELF in config.inc.php and my_lib.php. (Thanx Jim)
+  
+
+Version 1.5.0  -- 2003/05/28
+----------------------------
+  - Added: Support for "Back to Main Site"
+  - Added: config.inc.php as the main configuration file.
+  - Added: Drop down box for domain selection when adding a new admin.
+  - Added: Resend of test email to newly created mailbox.
+  - Added: Mailbox and Aliases count for domainview.
+  - Added: Change description of domain without deleting the complete
+    domain.
+  - Added: Change name of mailbox user without deleting the mailbox.
+  - Added: Expire headers for unnecessary reloads. (Thanx Alex)
+  - Removed: Completely removed the site_lib.php.
+  - Removed: my_lib.php from the admin directory.
+  - Removed: Symlink to index.php.
+  - Fix: Code clean up.
+  - Fix: Minor bugs and cosmetic fixes.
+  - Fix: Modified check_string() to check numbers and returns false if not
+    matched. (Thanx btaber)
+  - Fix: Correct session handling in login.php (Thanx Yen-Wei Liu)
+  - Fix: Correct deletion of RFC822 email addresses. (Thanx Yen-Wei Liu)
+
+
+Version 1.4.0  -- 2003/04/07
+----------------------------
+  - Added: When deleting a domain, all aliases and mailboxes for that domain
+    are also deleted from the database.
+  - Added: Add standard aliases for every domain that is created.
+    These aliases can point to the main "local" administrator.
+    The aliases are configured in the config.php in the admin directory.
+  - Change: The layout of my_lib.php and site_lib.php have been changed.
+  - Change: Modifying an alias is now done with TEXTAREA for more
+    flexibility.
+  - Fix: Minor bugs and cosmetic fixes.
+
+
+Version 1.3.8a -- 2003/03/31
+----------------------------
+  - Fix: After deletion of a domain it would not return to the correct page.
+
+
+Version 1.3.8  -- 2003/03/25
+----------------------------
+  - Added: Admin password change. No longer needed to delete and re-enter
+    the admin user for a specific domain.
+
+
+Version 1.3.7  -- 2002/12/24
+----------------------------
+  - Initial public release of Postfix Admin.
--- a/INSTALL.TXT
+++ b/INSTALL.TXT
@ -0,0 +1,107 @@
+#############################
+# Postfix Admin Release 1.x #
+#############################
+#
+# 2003 (c) High5!
+# Created by: Mischa Peters <mischa at high5 dot net>
+#
+# Detailed instructions on how to install / upgrade Postfix Admin can be
+# found in UPGRADE.TXT
+#
+# Unpack Postfix Admin in the directory where you want it. For example: /usr/local/www/<site>/postfixadmin
+# There is also an Admin Admin part, change directory to the "admin" directory
+# and change the path to the .htpasswd file in the .htaccess file.
+# 
+# Some other information that you might want to look at is in the config.php
+# file.
+# 
+# In order to be able to read & write from the database I have created a
+# seperate user in MySQL. I do this because Postfix Admin needs to have more
+# rights on the Postfix database. If you are worried abour the password for
+# the database. I have Postfix Admin running as the WebServer owner:group,
+# that way your postfix username and password are somewhat protected against
+# local users.
+#
+# You can use this file to create the tables that are needed to use postfix
+# with mysql. The bottom part is for Postfix Admin.
+#
+# You can do this from the command line with:
+#
+# mysql -u root [-p] < INSTALL.TXT
+
+#
+# Postfix / MySQL
+#
+USE mysql
+INSERT INTO user (Host, User, Password) VALUES ('localhost','postfix',password('postfix'));
+INSERT INTO db (Host, Db, User, Select_priv) VALUES ('localhost','postfix','postfix','Y');
+CREATE DATABASE postfix;
+
+#
+# Table structure for table alias
+#
+USE postfix;
+CREATE TABLE alias (
+  address varchar(255) NOT NULL default '',
+  goto text NOT NULL,
+  domain varchar(255) NOT NULL default '',
+  create_date datetime NOT NULL default '0000-00-00 00:00:00',
+  change_date datetime NOT NULL default '0000-00-00 00:00:00',
+  active tinyint(4) NOT NULL default '1',
+  PRIMARY KEY (address)
+) TYPE=MyISAM COMMENT='Virtual Aliases - mysql_virtual_alias_maps';
+
+#
+# Table structure for table domain
+#
+USE postfix;
+CREATE TABLE domain (
+  domain varchar(255) NOT NULL default '',
+  description varchar(255) NOT NULL default '',
+  create_date datetime NOT NULL default '0000-00-00 00:00:00',
+  change_date datetime NOT NULL default '0000-00-00 00:00:00',
+  active tinyint(4) NOT NULL default '1',
+  PRIMARY KEY (domain)
+) TYPE=MyISAM COMMENT='Virtual Domains - mysql_virtual_domains_maps';
+
+#
+# Table structure for table mailbox
+#
+USE postfix;
+CREATE TABLE mailbox (
+  username varchar(255) NOT NULL default '',
+  password varchar(255) NOT NULL default '',
+  name varchar(255) NOT NULL default '',
+  maildir varchar(255) NOT NULL default '',
+#  quota varchar(255) NOT NULL default '',
+  domain varchar(255) NOT NULL default '',
+  create_date datetime NOT NULL default '0000-00-00 00:00:00',
+  change_date datetime NOT NULL default '0000-00-00 00:00:00',
+  active tinyint(4) NOT NULL default '1',
+  PRIMARY KEY (username)
+) TYPE=MyISAM COMMENT='Virtual Mailboxes - mysql_virtual_mailbox_maps';
+
+#
+#
+#
+
+#
+# Postfix Admin User & Table
+# 
+USE mysql
+INSERT INTO user (Host, User, Password) VALUES ('localhost','postfixadmin',password('postfixadmin'));
+INSERT INTO db (Host, Db, User, Select_priv, Insert_priv, Update_priv, Delete_priv) VALUES ('localhost', 'postfix', 'postfixadmin', 'Y', 'Y', 'Y', 'Y');
+
+#
+# Table structure for table admin
+#
+USE postfix;
+CREATE TABLE admin (
+  username varchar(255) NOT NULL default '',
+  password varchar(255) NOT NULL default '',
+  domain varchar(255) NOT NULL default '',
+  create_date datetime NOT NULL default '0000-00-00 00:00:00',
+  change_date datetime NOT NULL default '0000-00-00 00:00:00',
+  active tinyint(4) NOT NULL default '1',
+  PRIMARY KEY (username)
+) TYPE=MyISAM COMMENT='Virtual Admins - Store Virtual Domain Admins';
--- a/LICENSE.TXT
+++ b/LICENSE.TXT
@ -0,0 +1,50 @@
+License for Postfix Admin:
+
+     The contents of this file are subject to the Mozilla Public License
+     Version 1.1 (the "License"); you may not use this file except in
+     compliance with the License. You may obtain a copy of the License at
+     http://www.mozilla.org/MPL/
+
+     Software distributed under the License is distributed on an "AS IS"
+     basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
+     License for the specific language governing rights and limitations
+     under the License.
+
+     The Original Code is Postfix Admin.
+
+     The Initial Developer of the Original Code is Mischa Peters <mischa@high5.net>.
+     Portions created by Mischa Peters are Copyright (c) 2002, 2003. 
+     All Rights Reserved.
+
+     Contributor(s): 
+
+
+This project includes work by Mischa Peters and others that is:
+
+    Copyright (c) 2002,2003 Mischa Peters
+    All rights reserved.
+    
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions are met:
+    
+        Redistributions of source code must retain the above copyright notice,
+        this list of conditions and the following disclaimer.
+    
+        Redistributions in binary form must reproduce the above copyright notice,
+        this list of conditions and the following disclaimer in the documentation
+        and/or other materials provided with the distribution.
+    
+        Neither the names of the copyright holders nor the names of the XLW
+        Group and its contributors may be used to endorse or promote products
+        derived from this software without specific prior written permission.
+    
+    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+    AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+    IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+    DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE
+    FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+    DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+    SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+    CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+    OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+    OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--- a/UPGRADE.TXT
+++ b/UPGRADE.TXT
@ -0,0 +1,97 @@
+#############################
+# Postfix Admin Release 1.x #
+#############################
+#
+# 2003 (c) High5!
+# Created by: Mischa Peters <mischa at high5 dot net>
+#
+
+REQUIRED!!
+----------
+There are 2 assumptions that I make with PostfixAdmin.
+- You are using Postfix 2.0 or higher.
+- You are using PHP 4.1 or higher.
+
+
+Upgrade from 1.4.x and older
+----------------------------
+Since some features have been added to this release which are partially
+coming from config.inc.php it's wise to do a complete upgrade and modify your
+settings in the new config.inc.php.
+
+
+1. Backup old installation
+---------------------------
+Make a backup of your current Postfix Admin  directory. If you use "cp", be
+sure to use the "-Rp" options. -R means recursive, and -p will save the
+permissions in the directory.
+
+In this example, we assume that your httpd document directory is 
+/usr/local/www, that your Postfix Admin install is located at
+/usr/local/www/postfixadmin, and that your new Postfix Admin version is 1.5.0.
+Substitute version numbers and names as required.
+
+  $ cd /usr/local/www
+  $ cp -Rp postfixadmin postfixadmin.old
+
+
+2. Unarchive new Postfix Admin
+------------------------------
+Make sure that you are in your /usr/local/postfixadmin/ directory and then unarchive the
+Postfix Admin archive (whatever the filename is):
+
+  $ tar -zxvf postfixadmin-1.5.0.tgz
+
+
+3. Change permissions
+----------------------
+Since the database  password is stored in the config.inc.php it's a good idea
+to have Postfix Admin set to the permission of the webserver. In this
+example, we assume that user "www" and group "www" are the web server as is
+often the case with Apache.
+
+  $ cd /usr/local/www
+  $ chown -R www:www postfixadmin-1.5.0
+
+This is also a good idea for the file permissions.
+
+  $ cd /usr/local/www/postfixadmin-1.5.0
+  $ chmod 640 *.php *.css
+  $ cd /usr/local/www/postfixadmin-1.5.0/admin
+  $ chmod 640 *.php *.css
+  
+Additionally, if "chown user:group" doesn't work, you can use "chown user"
+and "chgrp group" instead. See the man pages for these commands for more
+information.
+
+
+4. Create the MySQL Tables
+--------------------------
+In INSTALL.TXT you can find the table structure that you need in order to
+configure Postfix Admin and Postfix in general to work with Virtual Domains
+and Users
+
+
+5. Configure
+------------
+Look at the file config.inc.php in the root of Postfix Admin, here you can
+specify the username and possword of the Postfix Admin user as well as the
+database name.
+
+In this file you can also find the text that is displayed as the title,
+header and footer. You can change this as you see fit.
+To change the background and text color please check the stylesheet.css
+
+In config.inc.php in the admin directory you can find an array of default
+aliases that are created when a new domain is created. You can change these
+aliases so that they reflect your setup.
+
+The default password for the admin part of Postfix Admin is admin/admin.
+This is specified in the .htpasswd file in the admin directory.
+Make sure that the location of the .htpasswd file matches your path.
+
+
+6. Done
+-------
+This is all that is needed. Fire up your browser and go to the site that you
+specified to host Postfix Admin.
--- a/admin/.htaccess
+++ b/admin/.htaccess
@ -0,0 +1,8 @@
+AuthUserFile /usr/local/postfixadmin/admin/.htpasswd
+AuthGroupFile /dev/null
+AuthName "Postfix Admin"
+AuthType Basic
+
+<limit GET POST>
+require valid-user
+</limit>
--- a/admin/.htpasswd
+++ b/admin/.htpasswd
@ -0,0 +1 @@
+admin:$apr1$5awhn...$NvPhYnYme5lGzdXBd3/P//
--- a/admin/adminview.php
+++ b/admin/adminview.php
@ -0,0 +1,36 @@
+<?php
+require "../config.inc.php";
+require "../my_lib.php";
+
+print_header("admin");
+
+$result = db_query("SELECT * FROM admin ORDER BY domain,username");
+	
+if ($result['rows'] > 0) {
+	print "<table border=\"1\" cellpadding=\"2\" cellspacing=\"2\" width=\"75%\">\n";
+	print "<tr class=\"header\">";
+	print "<td>Domain Name</td>";
+	print "<td>Admin Alias</td>";
+	print "<td>Last Modified</td>";
+	print "<td>Active</td>";
+	print "<td colspan=\"2\">&nbsp;</td>";
+	print "</tr>";
+	while ($row = mysql_fetch_array ($result['result'])) {
+		print "<tr onMouseOver=\"this.bgColor = '#dfdfdf'\" onMouseOut =\"this.bgColor = '#ffffff'\" bgcolor=\"#ffffff\">";
+		print "<td><a href=\"virtualview.php?where=" . $row['domain'] . "\">" . $row['domain'] . "</a></td>";
+		print "<td>" . $row['username'] . "</td>";
+		print "<td>" . $row['change_date'] . "</td>";
+		print "<td>" . $row['active'] . "</td>";
+		print "<td><a href=\"passwd.php?username=" . $row['username'] . "\">edit</a></td>";
+		print "<td><a href=\"delete.php?table=admin&where=username&delete=" . $row['username'] . "\" onclick=\"return confirm ('Are you sure you want to delete this?')\">del</a></td>";
+		print "</tr>\n";
+	}
+	print "</table>\n";
+	print "<p />\n";
+	print "Found: " . $result['rows'] . "<br />\n";
+} else {
+	print "<p />\n";
+	print "Nothing Found in the Admin Table!\n";
+}
+print_footer();
+?>
--- a/admin/delete.php
+++ b/admin/delete.php
@ -0,0 +1,49 @@
+<?php
+require "../config.inc.php";
+require "../my_lib.php";
+
+$table = $_GET['table'];
+$where = $_GET['where'];
+$delete = $_GET['delete'];
+$url = "$table" . "view.php";
+
+if ($table == "domain") {
+	$r_domain = db_delete("domain",$where,$delete);
+	$r_admin = db_delete("admin",$where,$delete);
+	$r_alias = db_delete("alias",$where,$delete);
+	$r_mailbox = db_delete("mailbox",$where,$delete);
+	if (($r_domain == 1) and ($r_admin >= 0) and ($r_alias >= 0) and ($r_mailbox >= 0)) {
+		header("Location: $url");
+	} else {
+		print_header();
+		print "<hr />\n";
+		print "<b>Unable</b> to delete all entries for complete domain deletion!<p>\n";
+		print "Domain delete: $r_domain<br>\n";
+		print "Admin delete: $r_admin<br>\n";
+		print "Alias delete: $r_alias<br>\n";
+		print "Mailbox delete: $r_mailbox<br>\n";
+		print "<p />\n";
+		print_footer();
+	}
+} else {
+	$result = db_delete ($table,$where,$delete);
+	if ($result == 1) {
+		header("Location: $url");
+	} else {
+		print_header();
+		print "<hr />\n";
+		print "<b>Unable</b> to delete entry $delete from the $table table!\n";
+		print "<p />\n";
+		print_footer();
+	}
+}
+
+function db_delete ($table,$where,$delete) {
+	$result = db_query("DELETE FROM $table WHERE $where='$delete'");
+	if ($result['rows'] >= 1) {
+		return $result['rows'];
+	} else {
+		return true;
+	}
+}
+?>
--- a/admin/domainview.php
+++ b/admin/domainview.php
@ -0,0 +1,42 @@
+<?php
+require "../config.inc.php";
+require "../my_lib.php";
+
+print_header("admin");
+
+$result = db_query("SELECT * FROM domain ORDER BY domain");
+	
+if ($result['rows'] > 0) {
+	print "<table border=\"1\" cellpadding=\"2\" cellspacing=\"2\" width=\"75%\">\n";
+	print "<tr class=\"header\">";
+	print "<td>Domain</td>";
+	print "<td>Description</td>";
+	print "<td>Aliases</td>";
+	print "<td>Mailboxes</td>";
+	print "<td>Last Modified</td>";
+	print "<td>&nbsp;</td>";
+	print "<td>&nbsp;</td>";
+	print "</tr>";
+	while ($row = mysql_fetch_array ($result['result'])) {
+		$row_domain = $row['domain'];
+		print "<tr onMouseOver=\"this.bgColor = '#dfdfdf'\" onMouseOut =\"this.bgColor = '#ffffff'\" bgcolor=\"#ffffff\">";
+		print "<td><a href=\"virtualview.php?where=" . $row['domain'] . "\">" . $row['domain'] . "</a></td>";
+		print "<td>" . $row['description'] . "</td>";
+		$aliases = db_query("SELECT * FROM alias WHERE domain='$row_domain'");
+		print "<td>" . $aliases['rows'] . "</td>";
+		$mailbox = db_query("SELECT * FROM mailbox WHERE domain='$row_domain'");
+		print "<td>" . $mailbox['rows'] . "</td>";
+		print "<td>" . $row['change_date'] . "</td>";
+		print "<td><a href=\"modify.php?modify=" . $row['domain'] . "\">edit</a></td>";
+		print "<td><a href=\"delete.php?table=domain&where=domain&delete=" . $row['domain'] . "\" onclick=\"return confirm ('Do you really want to delete all records for this domain? This can not be undone!')\">del</a></td>";
+		print "</tr>\n";
+	}
+	print "</table>\n";
+	print "<p />\n";
+	print "Found: " . $result['rows'] . "<br />\n";
+} else {
+	print "<p />\n";
+	print "Nothing Found in the Domain Table!\n";
+}
+print_footer();
+?>
--- a/admin/index.php
+++ b/admin/index.php
@ -0,0 +1,3 @@
+<?php
+header ("Location: adminview.php");
+?>
--- a/admin/modify.php
+++ b/admin/modify.php
@ -0,0 +1,36 @@
+<?php
+require "../config.inc.php";
+require "../my_lib.php";
+
+$modify = $_GET['modify'];
+
+if (!empty($_POST['submit'])) {
+	$domain = $_POST['domain'];
+	$description = $_POST['description'];
+	$aliases = $_POST['aliases'];
+
+	if (empty($domain) or empty($description)) print_error("You will need to fill all fields.", "YES", "ADMIN");
+
+	if (check_email($domain)) print_error("The domain that you have supplied is not a valid domain, please go back.", "YES", "ADMIN");
+
+	$result = db_query ("UPDATE domain SET description='$description', change_date=NOW() WHERE domain='$domain'");
+	if ($result['rows'] == 1) {
+		header("Location: domainview.php");
+	} else {
+		print_error("Unable to modify: <i>$domain</i> to the domain table!", "YES", "ADMIN");
+	}
+}
+print_header("admin");
+?>
+Create a new domain.
+<p />
+<form method="post">
+<table class="form">
+<tr><td>Domain:</td><td><input type="hidden" name="domain" value="<?php print "$modify"; ?>"><?php print "$modify"; ?></td></tr>
+<tr><td>Description:</td><td><input type="text" name="description"></td></tr>
+<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Modify Domain"></td></tr>
+</table>
+</form>
+<?php
+print_footer();
+?>
--- a/admin/newadmin.php
+++ b/admin/newadmin.php
@ -0,0 +1,58 @@
+<?php
+require "../config.inc.php";
+require "../my_lib.php";
+
+print_header("admin");
+
+if (!empty($_POST['submit'])) {
+	$username = $_POST['username'];
+	$password = $_POST['password'];
+	$domain = $_POST['domain'];
+
+	$passwd = md5crypt("$password");
+	
+	if (empty($username) or empty($password) or empty($domain)) print_error("You will need to fill all fields.");
+
+	if (!check_email($username)) print_error("The email address that you have supplied at <b>Email</b> is not a valid email address, please go back.");
+
+	$result = db_query ("SELECT * FROM domain WHERE domain='$domain'");
+	if ($result['rows'] != 1) print_error("The domain <b>$domain</b> is not present in the domain table!");
+
+	$result = db_query ("SELECT * FROM admin WHERE username='$username'");
+	if ($result['rows'] == 1) print_error("This email address already exists, please choose a different one.");
+
+	$result = db_query ("INSERT INTO admin (username,password,domain,create_date,change_date) VALUES('$username','$passwd','$domain',NOW(),NOW())");
+	if ($result['rows'] == 1) {
+		print "<i>$username</i> has been <b>added</b> to the admin table!\n";
+		print "<p>\n";
+	} else {
+		print_error("Unable to add <i>$username</i> to the mailbox table!");
+	}
+}
+?>
+Create a new admin for a domain.
+<p />
+<form method="post">
+<table class="form">
+<tr><td>Email:</td><td><input type="text" name="username"></td></tr>
+<tr><td>Passwd:</td><td><input type="text" name="password"></td></tr>
+<tr><td>Domain:</td><td>
+<select name="domain">
+<?php
+$result = db_query("SELECT domain FROM domain ORDER BY domain");
+while ($row = mysql_fetch_array ($result['result'])) {
+	print "<option>" . $row['domain'] . "</option>";
+}
+?>
+</select>
+</td></tr>
+<!--
+<tr><td>Add mail aliases:</td><td><input type="checkbox" name="admin_aliases"> (for domain admin)</td></tr>
+<tr><td>Add mail aliases:</td><td><input type="checkbox" name="uber_aliases"> (for uber admin)</td></tr>
+-->
+<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Add Admin"></td></tr>
+</table>
+</form>
+<?php
+print_footer();
+?>
--- a/admin/newdomain.php
+++ b/admin/newdomain.php
@ -0,0 +1,55 @@
+<?php
+require "../config.inc.php";
+require "../my_lib.php";
+
+print_header("admin");
+
+if (!empty($_POST['submit'])) {
+	$domain = $_POST['domain'];
+	$description = $_POST['description'];
+	$aliases = $_POST['aliases'];
+
+	if (empty($domain) or empty($description)) print_error ("You will need to fill all fields.");
+
+	if (check_email($domain)) print_error("The domain that you have supplied is not a valid domain, please go back.");
+
+	$result = db_query ("SELECT * FROM domain WHERE domain='$domain'");
+	if ($result['rows'] == 1) print_error ("This domain already exists, please choose a different one.");
+
+	$result = db_query ("INSERT INTO domain (domain,description,create_date,change_date) VALUES('$domain','$description',NOW(),NOW())");
+	if ($result['rows'] == 1) {
+		print "<i>$domain</i> has been <b>added</b> to the domain table!\n";
+		print "<p>\n";
+	} else {
+		print_error ("Unable to add: <i>$domain</i> to the domain table!");
+	}
+
+	if ($aliases == "on") {
+		$alias_keys = array_keys($default_aliases);
+		$alias_values = array_values($default_aliases);
+		for ($i = 0; $i < count($alias_keys); $i++) {
+			$address = $alias_keys[$i] . "@" . $domain;
+			$result = db_query ("INSERT INTO alias (address,goto,domain,create_date,change_date) VALUES('$address','$alias_values[$i]','$domain',NOW(),NOW())");
+			if ($result['rows'] == 1) {
+				print "<i>$address</i> has been <b>added</b> to the alias table!<br>\n";
+			} else {
+				print_error ("Unable to add: <i>$address</i> to the alias table!");
+			}	
+		}
+		print "<p />\n";
+	}
+}
+?>
+Create a new domain.
+<p />
+<form method="post">
+<table class="form">
+<tr><td>Domain:</td><td><input type="text" name="domain"></td></tr>
+<tr><td>Description:</td><td><input type="text" name="description"></td></tr>
+<tr><td>Add default mail aliases:</td><td><input type="checkbox" name="aliases"></td></tr>
+<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Add Domain"></td></tr>
+</table>
+</form>
+<?php
+print_footer();
+?>
--- a/admin/passwd.php
+++ b/admin/passwd.php
@ -0,0 +1,37 @@
+<?php
+require "../config.inc.php";
+require "../my_lib.php";
+
+print_header("admin");
+
+$username = $_GET['username'];
+
+if (!empty($_POST['submit'])) {
+        $form_new_passwd1 = $_POST['form_new_passwd1'];
+	if (empty($form_new_passwd1)) {
+		print_error("You will need to fill in the password field!");
+	}
+	$new_passwd = md5crypt($form_new_passwd1);
+	$result = db_query("UPDATE admin SET password='$new_passwd',change_date=NOW() WHERE username='$username'");
+	if ($result['rows'] == 1) {
+		print "The password has been updated!\n";
+		print "<p />\n";
+		print_footer();
+		exit;
+	} else {
+		print_error("Unable to update your password!");
+	}
+} 
+?>
+Change admin password.
+<p>
+<form name="passwd" method="post">
+<table class="form">
+<tr><td>Login:</td><td><?php print "$username"; ?></td></tr>
+<tr><td>New Password:</td><td><input type="text" name="form_new_passwd1"></td></tr>
+<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Enter"></td></tr>
+</table>
+</form>
+<?php
+print_footer();
+?>
--- a/admin/sendmail.php
+++ b/admin/sendmail.php
@ -0,0 +1,41 @@
+<?php
+require "../config.inc.php";
+require "../my_lib.php";
+
+print_header("admin");
+
+if (!empty($_POST['submit'])) {
+	$to = $_POST['to'];
+
+	if (empty($to)) print_error("You need to select an email address.");
+
+	$headers = "From: $admin_email";
+	$subject = "Welcome";
+	$message = "Hi,\n\nWelcome to your new email account.\n\n";
+	if (!mail($to, $subject, $message, $headers)) {
+		print_error("Unable to send message to $to!");
+	}
+	print "Successfully send email to $to\n";
+	print "<p />\n";
+}
+?>
+Send test message to a new mailbox.
+<p />
+<form name="mailbox" method="post">
+<table class="form">
+<tr><td>From:</td><td><?php print "$admin_email"; ?></td></tr>
+<tr><td>To:</td><td>
+<select name="to">
+<?php
+$result = db_query("SELECT username FROM mailbox ORDER BY domain");
+while ($row = mysql_fetch_array ($result['result'])) {
+	print "<option>" . $row['username'] . "</option>";
+}
+?>
+</select>
+<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Send Message"></td></tr>
+</table>
+</form>
+<?php
+print_footer();
+?>
--- a/admin/virtualview.php
+++ b/admin/virtualview.php
@ -0,0 +1,76 @@
+<?php
+require "../config.inc.php";
+require "../my_lib.php";
+
+print_header("admin");
+
+$where = $_GET['where'];
+
+if (!empty($where)) {
+	$query = "SELECT alias.address,alias.goto,alias.change_date,alias.active FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.domain='$where' AND mailbox.maildir IS NULL ORDER BY alias.address";
+	print "Domain: $where\n";
+	print "<p />\n";
+} else {
+	$query = "SELECT * FROM alias $where ORDER BY domain, address";
+}
+$result = db_query("$query");
+if ($result['rows'] > 0) {
+	print "<center>\n";
+	print "<table border=\"1\">\n";
+	print "<tr class=\"header\">";
+	print "<td>From</td>";
+	print "<td>To</td>";
+	print "<td>Last Modified</td>";
+	print "<td>Active</td>";
+	print "</tr>";
+	while ($row = mysql_fetch_array ($result['result'])) {
+		print "<tr onMouseOver=\"this.bgColor = '#dfdfdf'\" onMouseOut =\"this.bgColor = '#ffffff'\" bgcolor=\"#ffffff\">";
+		print "<td>" . $row['address'] . "</td>";
+		print "<td>" . ereg_replace (",", "<br>", $row['goto']) . "</td>";
+		print "<td>" . $row['change_date'] . "</td>";
+		print "<td>" . $row['active'] . "</td>";
+		print "</tr>\n";
+	}
+	print "</table>\n";
+	print "</center>\n";
+	print "Found: " . $result['rows'] . "\n";
+	print "<p>\n";
+} else {
+	print "Nothing Found in the Alias Table!\n";
+	print "<p>\n";
+}
+
+if (!empty($where)) {
+	$query = "SELECT * FROM mailbox WHERE domain='$where'";
+} else {
+	$query = "SELECT * FROM mailbox ORDER BY domain, username";
+}
+$result = db_query("$query");
+if ($result['rows'] > 0) {
+	print "<center>\n";
+	print "<table border=\"1\">\n";
+	print "<tr class=\"header\">";
+	print "<td>Email</td>";
+	print "<td>Name</td>";
+	print "<td>Mailbox</td>";
+	print "<td>Last Modified</td>";
+	print "<td>Active</td>";
+	print "</tr>";
+	while ($row = mysql_fetch_array ($result['result'])) {
+		print "<tr>";
+		print "<td>" . $row['username'] . "</td>";
+		print "<td>" . $row['name'] . "</td>";
+		print "<td>" . $row['maildir'] . "</td>";
+		print "<td>" . $row['change_date'] . "</td>";
+		print "<td>" . $row['active'] . "</td>";
+		print "</tr>\n";
+	}
+	print "</table>\n";
+	print "</center>\n";
+	print "Found: " . $result['rows'] . "<br>\n";
+} else {
+	print "<p>\n";
+	print "Nothing Found in the Mailbox Table!\n";
+}
+print_footer();
+?>
--- a/alias.php
+++ b/alias.php
@ -0,0 +1,51 @@
+<?php
+require "config.inc.php";
+require "my_lib.php";
+
+$sessid = check_session();
+$sessid_domain = $sessid['domain'];
+$sessid_username = $sessid['username'];
+
+print_header("menu");
+
+if (!empty($_POST['submit'])) {
+        $address = $_POST['address'];
+        $goto = $_POST['goto'];
+
+	$address_value = $address;
+	$address = $address . "@" . $sessid_domain;
+	
+	if (empty($address) or empty($goto)) print_error("You will need to fill both fields.");
+
+	if (!check_email($address)) print_error("The email address that you have supplied at <b>Alias</b> is not a valid email address, please go back.");
+
+	if (!check_email($goto)) print_error("The email address that you have supplied at <b>To</b> is not a valid email address, please go back.");
+
+	if ($address_value == "none") $address = "@" . $sessid_domain;
+
+	$result = db_query("SELECT * FROM alias WHERE address='$address'");
+	if ($result['rows'] == 1) print_error("This email address already exists, please choose a different one.");
+
+	$result = db_query("INSERT INTO alias (address,goto,domain,create_date,change_date) VALUES('$address','$goto','$sessid_domain',NOW(),NOW())");
+	if ($result['rows'] == 1) {
+		print "<p>\n";
+		print "<i>$address</i> -> <i>$goto</i> has been <b>added</b> to the alias table!\n";
+		print "<p>\n";
+	} else {
+		print_error("Unable to add: <i>$address</i> -> <i>$goto</i> to the alias table!");
+	}
+}
+?>
+Create a new alias for your domain.
+<p>
+<form name="alias" method="post">
+<table class="form">
+<tr><td>Alias:</td><td><input type="text" name="address"></td><td>@<?php print "$sessid_domain" ?></td></tr>
+<tr><td>To:</td><td><input type="text" name="goto"></td><td>Where the mail needs to be send to.<br>Use "edit" in the overview to add more<br>then one email address.</td></tr>
+<tr><td colspan="3" align="center"><input type="submit" name="submit" value="Add Alias"></td></tr>
+</table>
+</form>
+If you want to add a catchall enter "none" in the alias field.
+<?php
+print_footer();
+?>
--- a/changename.php
+++ b/changename.php
@ -0,0 +1,39 @@
+<?php
+require "config.inc.php";
+require "my_lib.php";
+
+$sessid = check_session();
+$sessid_domain = $sessid['domain'];
+$sessid_username = $sessid['username'];
+
+$url = "main.php?" . session_name() . "=" . session_id();
+$username = $_GET['username'];
+$name = $_GET['name'];
+
+if (!empty($_POST['submit'])) {
+	$form_new_name = $_POST['form_new_name'];
+
+	if (empty($form_new_name))  print_error("You will need to enter a name!", "YES", "MENU");
+
+	$result = db_query("UPDATE mailbox SET name='$form_new_name',change_date=NOW() WHERE username='$username' AND domain='$sessid_domain'");
+	if ($result['rows'] == 1) {
+		header("Location: $url");
+	} else {
+		print_error("Unable to update your name!", "YES", "MENU");
+	}
+} 
+
+print_header("menu");
+?>
+Change password.
+<p>
+<form name="changename" method="post">
+<table class="form">
+<tr><td>Login:</td><td><?php print "$username"; ?></td></tr>
+<tr><td>Name:</td><td><input type="text" name="form_new_name" value="<?php print "$name"; ?>"></td></tr>
+<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Enter"></td></tr>
+</table>
+</form>
+<?php
+print_footer();
+?>
--- a/config.inc.php.sample
+++ b/config.inc.php.sample
@ -0,0 +1,66 @@
+<?php
+//
+// If config.inc.php is called directly, redirect to login.php
+//
+if (ereg("config.inc.php", $_SERVER[PHP_SELF])) {
+	header("Location: login.php");
+}
+
+// Login information for the database
+$db_host = "localhost";
+$db_name = "postfix";
+$db_user = "postfixadmin";
+$db_pass = "postfixadmin";
+
+// Default aliases that need to be created for all domains
+$default_aliases = array (
+	"abuse" => "abuse@example.com",
+	"hostmaster" => "hostmaster@example.com",
+	"postmaster" => "postmaster@example.com",
+	"webmaster" => "webmaster@example.com"
+);
+
+// Back to main website information
+// If you don't want to use this option set this to "NO".
+$show_organization_info = "YES";
+$organization_name = "domain.com";
+$organization_link = "http://domain.com";
+
+// Admin email address
+$admin_email = "admin@domain.com";
+
+// If you wish to keep each domain in its own subdirectory beneath the
+// $virtual_mailbox_base directory, set this to "YES".
+$use_subdir = "";
+
+// When you want to offer the "vacation" daemon to your users,
+// set this to "YES".
+// You need to install the vacation module first!
+$use_vacation = "";
+$vacation_text = "Users click here when you are going to be out of the office.";
+$vacation_file = "vacation.php";
+$vacation_email = "vacation@domain.tld";
+
+// If you want to view the aliases that are created for the mailboxes set
+// this to "YES".
+$alias_control = "";
+
+// Specify the table where you have your quotas, leave empty if you don't
+// enforce quotas. For example a 2MB mailbox quota:
+// $quota_table = "quota";
+// $default_quota = "2000000";
+$quota_table = "";
+$default_quota = "";
+
+// Show Postfix Admin information
+$show_postfix_admin_info = "YES";
+
+// Title used for all pages except login.php
+$title = "Mail Admin";
+
+// Header used for login.php
+$welcome_header = ":: Welcome to Mail Admin ::";
+
+// Title used for login.php
+$welcome_title = ":: Welcome to Mail Admin ::";
+?>
--- a/delete.php
+++ b/delete.php
@ -0,0 +1,51 @@
+<?php
+require "config.inc.php";
+require "my_lib.php";
+
+$sessid = check_session();
+$sessid_domain = $sessid['domain'];
+$sessid_username = $sessid['username'];
+
+$table = $_GET['table'];
+$where = $_GET['where'];
+$delete = $_GET['delete'];
+$url = "main.php?" . session_name() . "=" . session_id();
+
+if ($table == "alias") {
+	$query = "DELETE FROM alias WHERE address='$delete' AND domain='$sessid_domain'";
+	$result = db_query ("$query");
+	if ($result['rows'] != 1) {
+		print_error ("Unable to delete entry <b>$delete</b> from the $table table!", "YES", "MENU");
+	}
+
+	$query = "SELECT * FROM mailbox WHERE username='$delete' AND domain='$sessid_domain'";
+	$result = db_query ("$query");
+	if ($result['rows'] == 1) {
+
+		$query = "DELETE FROM mailbox WHERE username='$delete' AND domain='$sessid_domain'";
+		$result = db_query ("$query");
+		if ($result['rows'] == 1) {
+			header("Location: $url");
+		} else {
+			print_error ("Unable to delete entry <b>$delete</b> from the $table table!", "YES", "MENU");
+		}
+	}
+	header("Location: $url");
+}
+
+if ($table == "mailbox") {
+	$query = "DELETE FROM mailbox WHERE username='$delete' AND domain='$sessid_domain'";
+	$result = db_query ("$query");
+	if ($result['rows'] != 1) {
+		print_error ("Unable to delete entry <b>$delete</b> from the $table table!", "YES", "MENU");
+	}
+
+	$query = "DELETE FROM alias WHERE address='$delete' AND domain='$sessid_domain'";
+	$result = db_query ("$query");
+	if ($result['rows'] == 1) {
+		header("Location: $url");
+	} else {
+		print_error ("Unable to delete entry <b>$delete</b> from the $table table!", "YES", "MENU");
+	}
+}
+?>
--- a/index.php
+++ b/index.php
@ -0,0 +1,3 @@
+<?php
+header ("Location: login.php");
+?>
--- a/login.php
+++ b/login.php
@ -0,0 +1,88 @@
+<?php
+//
+// login.php
+//
+require "config.inc.php";
+require "my_lib.php";
+
+if (!empty($_POST['submit'])) {
+	$form_login = $_POST['form_login'];
+	$form_passwd = $_POST['form_passwd'];
+
+	$result = db_query("SELECT password FROM admin WHERE username='$form_login'");
+	if ($result['rows'] == 1) {
+		$row = mysql_fetch_array($result['result']);
+		$db_passwd = $row[password];
+		$salt = preg_split('/\$/', $row[password]);
+		$checked_passwd = md5crypt($form_passwd, $salt[2]);
+
+		$result = db_query ("SELECT * FROM admin WHERE username='$form_login' AND password='$checked_passwd' AND active='1'");
+		if ($result['rows'] == 1) {
+			session_name("SessID");
+			session_start();
+			session_register("sessid");
+
+			$row = mysql_fetch_array($result['result']);
+
+			$_SESSION['sessid'] = array (
+				"domain" => $row[domain],
+				"username" => $row[username]
+			);
+		} else {
+			print_header();
+			print "<h1>Mail Admin</h1>\n";
+			print "<hr>\n";
+			print_error ("Either the password that you supplied is incorrect, or you are not authorized to view this page.<br />Go back and try again.\n");
+		}
+	} else {
+		print_header();
+		print "<h1>Mail Admin</h1>\n";
+		print "<hr>\n";
+		print_error ("The login that you supplied is not correct, please press BACK and try again.");
+	}
+	header("Location: main.php?" .  session_name() . "=" . session_id());
+} 
+print_header("", $welcome_title, "YES");
+?>
+<center>
+<table width="10%" border="0" cellspacing="0" cellpadding="0" height="100">
+<tr bgcolor="#999999"><td colspan="3" height="1">
+</tr>
+<tr>
+<td bgcolor="#999999" width="1">
+</td>
+<td bgcolor="#EEEEEE" valign="top">
+<table border="0" cellspacing="0" cellpadding="6">
+</td>
+<form name="login" method="post">
+<td colspan="2" align="center">  
+<br />
+<b>Mail admins login here to administrate your domain.</b>
+<br />
+<br />      
+<input type="text" name="form_login" style="width:149px" value="mailadmin@domain.com" size="12" onFocus="if (this.value=='mailadmin@domain.com') this.value='';" onBlur= "if (this.value=='') his.value='mailadmin@domain.com';" />
+<br />
+<input type="password" name="form_passwd" style="width:149px" value="password" size="12" onFocus="if (this.value=='password') this.value='';" onBlur="if (this.value=='') his.value='password';" />
+<br />
+<input type="submit" name="submit" value="Login" />
+<br />
+</td>
+</form>
+</tr>
+</table>
+<p />
+<a href="vcp.php">Users click here to change your email password.</a>
+<p />
+<?php
+if (($use_vacation == "YES") AND file_exists("$vacation_file")) print "<a href=\"vacation.php\">$vacation_text</a>\n";
+?>
+</td>
+<td bgcolor="#999999" width="1">
+</td>
+</tr>
+<tr bgcolor="#999999"><td colspan="3" height="1">
+</tr>
+</table>
+<?php
+print_footer("NO");
+?>
--- a/logout.php
+++ b/logout.php
@ -0,0 +1,18 @@
+<?php
+//
+// logout.php
+//
+require "config.inc.php";
+require "my_lib.php";
+$sessid = check_session();
+session_unset();
+session_destroy();
+print_header();
+print "<h1>Mail Admin</h1>\n";
+print "<hr />\n";
+print "You are logged out\n";
+print "<p>\n";
+print "<a href=\"login.php\">Login again</a>\n";
+print "</p>\n";
+print_footer();
+?>
--- a/mailbox.php
+++ b/mailbox.php
@ -0,0 +1,75 @@
+<?php
+require "config.inc.php";
+require "my_lib.php";
+
+$sessid = check_session();
+$sessid_domain = $sessid['domain'];
+$sessid_username = $sessid['username'];
+
+print_header("menu");
+
+if (!empty($_POST['submit'])) {
+	$username = $_POST['username'];
+	$password = $_POST['password'];
+	$password2 = $_POST['password2'];
+	$name = $_POST['name'];
+	$quota = $_POST['quota'];
+
+	$username = $username . "@" . $sessid_domain;
+	$passwd = md5crypt("$password");
+	$maildir = $username . "/";
+	
+	if (empty($username) or empty($password)) print_error("You need to fill all fields.");
+
+	if (!check_email($username)) print_error("The email address that you have supplied at <b>Email</b> is not a valid email address, please go back.");
+
+	if ($password != $password2) print_error("The passwords that you supplied don't match!");
+	
+	if (!check_string($name)) print_error("The name that you have supplied at <b>Name</b> is not valid, please go back.");
+		
+	$result = db_query("SELECT * FROM alias WHERE address='$username'");
+	if ($result['rows'] == 1) print_error("This email address already exists, please choose a different one.");
+	
+	$result = db_query("INSERT INTO alias (address,goto,domain,create_date,change_date) VALUES('$username','$username','$sessid_domain',NOW(),NOW())");
+	if ($result['rows'] != 1) print_error("Unable to add: <i>$username</i> to the alias table!");
+
+	if ($use_subdir == "YES") $maildir = $sessid_domain . "/" . $maildir;
+
+	if (!empty($quota_table)) {
+		$result = db_query("INSERT INTO mailbox (username,password,name,maildir,domain,create_date,change_date,$quota_table) VALUES('$username','$passwd','$name','$maildir','$sessid_domain',NOW(),NOW(),'$quota') ");
+	} else {
+		$result = db_query("INSERT INTO mailbox (username,password,name,maildir,domain,create_date,change_date) VALUES('$username','$passwd','$name','$maildir','$sessid_domain',NOW(),NOW())");
+	}
+
+	if ($result['rows'] == 1) {
+		$headers = "From: $sessid_username";
+		$subject = "Welcome";
+		$message = "Hi $name,\n\nWelcome to your new email account.\n\n";
+		print "<i>$username</i> has been <b>added</b> to the mailbox table!\n";
+		print "<p>\n";
+		print "<b>NOTE:</b>\n";
+		if (!mail($username, $subject, $message, $headers)) {
+			print "The user needs to first receive an email in order to use the account.<br>\n";
+		}
+		print "User needs to login with the full email address, in this case: $username\n";
+		print "<p>\n";
+	} else {
+		print_error("Unable to add: <i>$username</i> to the mailbox table!");
+	}
+}
+?>
+Create a new local mailbox for your domain.
+<p>
+<form name="mailbox" method="post">
+<table class="form">
+<tr><td>Email:</td><td><input type="text" name="username"></td><td>@<?php print "$sessid_domain"; ?></td></tr>
+<tr><td>Password:</td><td><input type="password" name="password"></td><td>Password for POP/IMAP</td></tr>
+<tr><td>Password (again):</td><td><input type="password" name="password2"></td><td>&nbsp;</td></tr>
+<tr><td>Name:</td><td><input type="text" name="name"></td><td>Full name</td></tr>
+<?php  if (!empty($quota_table)) print "<tr><td>Quota:</td><td><input type=\"text\" name=\"quota\" value=\"$default_quota\"></td><td>&nbsp;</td></tr>\n"; ?>
+<tr><td colspan="3" align="center"><input type="submit" name="submit" value="Add Mailbox"></td></tr>
+</table>
+</form>
+<?php
+print_footer();
+?>
--- a/main.php
+++ b/main.php
@ -0,0 +1,80 @@
+<?php
+require "config.inc.php";
+require "my_lib.php";
+
+$sessid = check_session();
+$sessid_domain = $sessid['domain'];
+$sessid_username = $sessid['username'];
+
+print_header("menu");
+
+print "Domain: $sessid_domain\n";
+print "<p />\n";
+
+if ($alias_control == "YES") {
+	$query = "SELECT alias.address,alias.goto,alias.change_date FROM alias WHERE alias.domain='$sessid_domain' ORDER BY alias.address";
+} else {
+	$query = "SELECT alias.address,alias.goto,alias.change_date FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.domain='$sessid_domain' AND mailbox.maildir IS NULL ORDER BY alias.address";
+}
+
+$result = db_query ("$query");
+	
+if ($result['rows'] > 0) {
+	print "<center>\n";
+	print "<table border=\"1\">\n";
+	print "<tr class=\"header\">";
+	print "<td>From</td>";
+	print "<td>To</td>";
+	print "<td>Last Modified</td>";
+	print "<td colspan=\"2\">&nbsp;</td>";
+	print "</tr>";
+	while ($row = mysql_fetch_array ($result['result'])) {
+		print "<tr onMouseOver=\"this.bgColor = '#dfdfdf'\" onMouseOut =\"this.bgColor = '#ffffff'\" bgcolor=\"#ffffff\">";
+		print "<td>" . $row['address'] . "</td>";
+		print "<td>" . ereg_replace (",", "<br>", $row['goto']) . "</td>";
+		print "<td>" . $row['change_date'] . "</td>";
+		print "<td><a href=\"modify.php?" . session_name() . "=" . session_id() . "&modify=" . $row['address'] . "\">edit</a></td>";
+		print "<td><a href=\"delete.php?" . session_name() . "=" . session_id() . "&table=alias" . "&delete=" . urlencode($row['address']) . "\"onclick=\"return confirm ('Are you sure you want to delete this?')\">del</a></td>";
+		print "</tr>\n";
+	}
+	print "</table>\n";
+	print "</center>\n";
+	print "<p />\n";
+} else {
+	print "Nothing Found in the Alias Table!\n";
+	print "<p />\n";
+}
+
+$query = "SELECT * FROM mailbox WHERE domain='$sessid_domain' ORDER BY username";
+
+$result = db_query ("$query");
+	
+if ($result['rows'] > 0) {
+	print "<center>\n";
+	print "<table border=\"1\">\n";
+	print "<tr class=\"header\">";
+	print "<td>Email</td>";
+	print "<td>Name</td>";
+	if (!empty($quota_table)) print "<td>Quota</td>";
+	print "<td>Last Modified</td>";
+	print "<td colspan=\"2\">&nbsp;</td>";
+	print "</tr>";
+	while ($row = mysql_fetch_array ($result['result'])) {
+		print "<tr onMouseOver=\"this.bgColor = '#dfdfdf'\" onMouseOut =\"this.bgColor = '#ffffff'\" bgcolor=\"#ffffff\">";
+		print "<td>" . $row['username'] . "</td>";
+		print "<td><a href=\"changename.php?" . session_name() . "=" . session_id() . "&username=" . $row['username'] . "&name=" . $row['name'] . "\">" . $row['name'] . "</a></td>";
+		if (!empty($quota_table)) print "<td>" . $row[$quota_table] . "</td>";
+		print "<td>" . $row['change_date'] . "</td>";
+		print "<td><a href=\"pwd.php?" . session_name() . "=" . session_id() . "&username=" . $row['username'] . "\">edit</a></td>";
+		print "<td><a href=\"delete.php?" . session_name() . "=" . session_id() . "&table=mailbox" . "&delete=" . urlencode($row['username']) . "\"onclick=\"return confirm ('Are you sure you want to delete this?')\">del</a></td>";
+		print "</tr>\n";
+	}
+	print "</table>\n";
+	print "</center>\n";
+	print "<p />\n";
+} else {
+	print "Nothing Found in the Mailbox Table!\n";
+	print "<p />\n";
+}
+print_footer();
+?>
--- a/modify.php
+++ b/modify.php
@ -0,0 +1,63 @@
+<?php
+require "config.inc.php";
+require "my_lib.php";
+
+$sessid = check_session();
+$sessid_domain = $sessid['domain'];
+$sessid_username = $sessid['username'];
+
+$url = "main.php?" . session_name() . "=" . session_id();
+$modify = $_GET['modify'];
+
+if (!empty($_POST['submit'])) {
+        $goto = $_POST['goto'];
+
+	if (empty($goto)) print_error("You didn't enter anything at <b>To:</b>.", "YES", "MENU");
+
+	$goto = preg_replace('/\r\n/', ',', $goto);
+	$goto = preg_replace('/\,*$/', '', $goto);
+	$array = preg_split('/,/', $goto);
+	for ($i = 0; $i < sizeof($array); $i++) {
+		if (in_array("$array[$i]", $default_aliases)) continue;
+		if (empty($array[$i])) continue;
+		if (!check_email($array[$i])) print_error("The email address <b>$array[$i]</b> is not a valid email address, please go back.", "YES", "MENU");
+	}
+	$result = db_query("UPDATE alias SET goto='$goto', change_date=NOW() WHERE address='$modify' AND domain='$sessid_domain'");
+	if ($result['rows'] == 1) {
+		header("Location: $url");
+	} else {
+		print_error("Unable to update: <i>$address</i> -> <i>$goto</i> in the alias table!", "YES", "MENU");
+	}
+}
+
+$query = "SELECT * FROM alias WHERE address='$modify' AND domain='$sessid_domain'";
+$result = db_query("$query");
+if ($result['rows'] == 1) {
+	$row = mysql_fetch_array ($result['result']);
+} else {
+	print_error("Unable to find the alias!","YES", "MENU");
+}
+print_header("menu");
+?>
+Change an alias for your domain.
+<p>
+<form name="modify" method="post">
+<table class="form">
+<tr><td>Alias:</td><td><?php print "$modify"; ?></td></tr>
+<tr><td colspan="2">&nbsp;</td></tr>
+<tr><td colspan="2" align="center"><b>Enter your email aliases below. One per line!</b></td></tr>
+<tr><td valign="top">To:</td><td><textarea rows="24" cols="80" name="goto">
+<?php
+$array = preg_split('/,/', $row[goto]);
+for ($i = 0 ; $i < sizeof($array) ; $i++) {
+  if (empty($array[$i])) continue;
+  print "$array[$i]\n";
+}
+?>
+</textarea></td></tr>
+<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Modify Alias"></td></tr>
+</table>
+</form>
+<?php
+print_footer();
+?>
--- a/my_lib.php
+++ b/my_lib.php
@ -0,0 +1,348 @@
+<?php
+//
+// If my_lib.php is called directly, redirect to login.php
+//
+if (ereg("my_lib.php", $_SERVER[PHP_SELF])) {
+	header("Location: login.php");
+}
+
+$version = "Postfix Admin v1.5.4";
+
+//
+// check_session
+// Action: Check if a session already exists, if not redirect to login.php
+// Call: check_session()
+//
+function check_session() {
+	session_name("SessID");
+	session_start();
+	if (!session_is_registered("sessid")) {
+		// if session is not registered redirect to login.php
+		header("Location: login.php");
+		exit;
+	}
+	$sessid["domain"] = $_SESSION["sessid"]["domain"];
+	$sessid["username"] = $_SESSION["sessid"]["username"];
+	return $sessid;
+}
+
+
+
+//
+// check_string
+// Action: checks if a string is valid and returns TRUE is this is the case.
+// Call: check_string(string var)
+//
+function check_string($var) {
+	if (preg_match('/^([A-Za-z0-9 ]+)+$/', $var)){
+		return true;
+	} else {
+		return false;
+	}
+} 
+
+
+
+//
+// check_escape
+// Action: checks to see if there are chars that need to be escaped
+// Call: check_escape(string var)
+//
+function check_escape($var) {
+	$search = array ("'<script[^>]*?>.*?</script>'si",
+		"'<[\/\!]*?[^<>]*?>'si",
+		"'\''i");
+
+	$replace = array ("",
+		"",
+		"");
+
+	$escaped = preg_replace ($search, $replace, $var);
+	return $escaped;
+}
+
+
+
+//
+// check_email
+// Action: Checks if email is valid and returns TRUE if this is the case.
+// Call: check_email(string email)
+//
+function check_email($email) { 
+	return (preg_match('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{|}~]+' . '@' . '([-0-9A-Z]+\.)+' . '([0-9A-Z]){2,4}$/i', trim($email)));
+}
+
+
+
+//
+// md5crypt
+// Action: Creates an MD5 passwd that is readable by FreeBSD daemons
+// Call: md5crypt(string cleartextpasswd)
+//
+
+$MAGIC = "$1$";
+$ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+
+function md5crypt($pw, $salt="", $magic="") {
+	global $MAGIC;
+	if ($magic == "") $magic = $MAGIC;
+	if ($salt == "") $salt = create_salt(); 
+	$slist = explode("$", $salt);
+	if ($slist[0] == "1") $salt = $slist[1];
+	$salt = substr($salt, 0, 8);
+	$ctx = $pw . $magic . $salt;
+	$final = hex2bin(md5($pw . $salt . $pw));
+	for ($i=strlen($pw); $i>0; $i-=16) {
+		if ($i > 16) 
+			$ctx .= substr($final,0,16);
+		else
+			$ctx .= substr($final,0,$i);
+	}
+	$i = strlen($pw);
+	while ($i > 0) {
+		if ($i & 1) $ctx .= chr(0);
+		else $ctx .= $pw[0];
+		$i = $i >> 1;
+	}
+	$final = hex2bin(md5($ctx));
+	for ($i=0;$i<1000;$i++) {
+		$ctx1 = "";
+    	if ($i & 1) $ctx1 .= $pw;
+		else $ctx1 .= substr($final,0,16);
+		if ($i % 3) $ctx1 .= $salt;
+	  	if ($i % 7) $ctx1 .= $pw;
+		if ($i & 1) $ctx1 .= substr($final,0,16);
+		else $ctx1 .= $pw;
+		$final = hex2bin(md5($ctx1));
+	}
+	$passwd = "";
+	$passwd .= to64( ( (ord($final[0]) << 16) | (ord($final[6]) << 8) | (ord($final[12])) ), 4);
+	$passwd .= to64( ( (ord($final[1]) << 16) | (ord($final[7]) << 8) | (ord($final[13])) ), 4);
+	$passwd .= to64( ( (ord($final[2]) << 16) | (ord($final[8]) << 8) | (ord($final[14])) ), 4);
+	$passwd .= to64( ( (ord($final[3]) << 16) | (ord($final[9]) << 8) | (ord($final[15])) ), 4);
+	$passwd .= to64( ( (ord($final[4]) << 16) | (ord($final[10]) << 8) | (ord($final[5])) ), 4);
+	$passwd .= to64( ord($final[11]), 2);
+	return "$magic$salt\$$passwd";
+}
+function create_salt() {
+	srand((double)microtime()*1000000);
+	$salt = substr(md5(rand(0,9999999)), 0, 8);
+	return $salt;
+}
+function hex2bin($str) {
+	$len = strlen($str);
+	$nstr = "";
+	for ($i=0;$i<$len;$i+=2) {
+		$num = sscanf(substr($str,$i,2), "%x");
+		$nstr.=chr($num[0]);
+	}
+	return $nstr;
+}
+function to64($v, $n) {
+	global $ITOA64;
+	$ret = "";
+	while (($n - 1) >= 0) {
+		$n--;
+		$ret .= $ITOA64[$v & 0x3f];
+		$v = $v >> 6;
+	}
+	return $ret;
+}
+
+
+
+//
+// print_header
+// Action: Prints out the default header for every page
+// Call: print_header([string title])
+//
+function print_header($menu = "", $title = "", $welcome = "NO") {
+	if (empty($title)) global $title;
+	global $welcome_header;
+	header("Expires: Sun, 16 Mar 2003 05:00:00 GMT");
+	header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
+	header("Cache-Control: no-store, no-cache, must-revalidate");
+	header("Cache-Control: post-check=0, pre-check=0", false);
+	header("Pragma: no-cache");
+	print "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n";
+	print "<html xmlns=\"http://www.w3.org/1999/xhtml\">\n";
+	print "<head>\n";
+	print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\" />\n";
+	if (file_exists(realpath("./stylesheet.css"))) print "<link rel=\"stylesheet\" href=\"stylesheet.css\">\n";
+	if (file_exists(realpath("../stylesheet.css"))) print "<link rel=\"stylesheet\" href=\"../stylesheet.css\">\n";
+	print "<title>$title</title>\n";
+	print "</head>\n";
+	print "<body>\n";
+	print "<center>\n";
+	if ($welcome == "YES") {
+		print "<h1>$welcome_header</h1>\n";
+		print "<p />\n";
+	}
+	if ($menu == "admin") print_admin_menu();
+	if ($menu == "menu") print_menu();
+}
+
+
+
+//
+// print_footer
+// Action: Prints out the default footer for every page
+// Call: print_footer()
+//
+function print_footer($hr = "YES") {
+	global $version;
+	global $show_organization_info;
+	global $organization_link;
+	global $organization_name;
+	global $show_postfix_admin_info;
+	if ($hr == "YES") print "<hr class=\"footer\" />\n";
+	print "<p class=\"footer\">\n";
+	if ($show_postfix_admin_info == "YES") print "<a target=\"blank\" href=\"http://high5.net/\"><font color=black>$version</font></a><br />\n";
+	if (($show_organization_info == "YES") AND !empty($organization_link)) print "<p><a href=\"$organization_link\">Back to $organization_name</a><p />\n";
+	print "</p>\n";
+	print "</center>\n";
+	print "</body>\n";
+	print "</html>\n";
+}
+
+
+
+//
+// print_menu
+// Action: Prints out the requirement menu bar
+// Call: print_menu()
+//
+function print_menu() {
+	print "<table>\n";
+	print "<tr>\n";
+	print "<td width=\"8\">&nbsp;</td>\n";
+	print "<td class=\"menu\">\n";
+	print "<a target=\"_top\" href=\"main.php?" . session_name() . "=" . session_id() . "\">Overview</a>";
+	print "</td>\n";
+	print "<td width=\"8\">&nbsp;</td>\n";
+	print "<td class=\"menu\">\n";
+	print "<a target=\"_top\" href=\"alias.php?" . session_name() . "=" . session_id() . "\">Add Alias</a>";
+	print "</td>\n";
+	print "<td width=\"8\">&nbsp;</td>\n";
+	print "<td class=\"menu\">\n";
+	print "<a target=_top href=\"mailbox.php?" . session_name() . "=" . session_id() . "\">Add Mailbox</a>";
+	print "</td>\n";
+	print "<td width=\"8\">&nbsp;</td>\n";
+	print "<td class=\"menu\">\n";
+	print "<a target=_top href=\"sendmail.php?" . session_name() . "=" . session_id() . "\">Send Email</a>";
+	print "</td>\n";
+	print "<td width=\"8\">&nbsp;</td>\n";
+	print "<td class=\"menu\">\n";
+	print "<a target=_top href=\"passwd.php?" . session_name() . "=" . session_id() . "\">Passwd</a>";
+	print "</td>\n";
+	print "<td width=\"8\">&nbsp;</td>\n";
+	print "<td class=\"menu\">\n";
+	print "<a target=_top href=\"logout.php?" . session_name() . "=" . session_id() . "\">Logout</a>";
+	print "</td>\n";
+	print "<td width=\"8\">&nbsp;</td>\n";
+	print "</tr>\n";
+	print "</table>\n";
+	print "<hr />\n";
+}
+
+
+
+//
+// print_admin_menu
+// Action: Prints out the requirement admin menu bar
+// Call: print_admin_menu()
+//
+function print_admin_menu() {
+	print "<table>\n";
+	print "<tr>\n";
+	print "<td width=\"8\">&nbsp;</td>\n";
+	print "<td class=\"menu\">\n";
+	print "<a target=_top href=\"adminview.php\">Admin List</a>";
+	print "</td>\n";
+	print "<td width=\"8\">&nbsp;</td>\n";
+	print "<td class=\"menu\">\n";
+	print "<a target=_top href=\"domainview.php\">Domain List</a>";
+	print "</td>\n";
+	print "<td width=\"8\">&nbsp;</td>\n";
+	print "<td class=\"menu\">\n";
+	print "<a target=_top href=\"virtualview.php\">Virtual List</a>";
+	print "</td>\n";
+	print "<td width=\"8\">&nbsp;</td>\n";
+	print "<td class=\"menu\">\n";
+	print "<a target=_top href=\"sendmail.php\">Send Email</a>";
+	print "</td>\n";
+	print "<td width=\"8\">&nbsp;</td>\n";
+	print "<td class=\"menu\">\n";
+	print "<a target=_top href=\"newadmin.php\">New Admin</a>";
+	print "</td>\n";
+	print "<td width=\"8\">&nbsp;</td>\n";
+	print "<td class=\"menu\">\n";
+	print "<a target=_top href=\"newdomain.php\">New Domain</a>";
+	print "</td>\n";
+	print "<td width=\"8\">&nbsp;</td>\n";
+	print "</tr>\n";
+	print "</table>\n";
+	print "<hr />\n";
+}
+
+
+
+//
+// print_error
+// Action: Prints an error message and exits/dies
+// Call: print_error(string error message);
+//
+function print_error($msg, $header = "NO", $menu = "", $hr = "NO") {
+	if ($header == "YES") print_header();
+	if ($menu == "ADMIN") print_admin_menu();
+	if ($menu == "MENU") print_menu();
+	if ($hr == "YES") print "<hr />\n";
+	print "<p class=\"error\">\n";
+	print "$msg\n";
+	print "</p>\n";
+	print_footer();
+	exit;
+}
+
+
+
+//
+// db_connect
+// Action: Makes a connection to the database if it doesn't exist
+// Call: db_connect()
+//
+function db_connect() {
+	global $db_host;
+	global $db_name;
+	global $db_user;
+	global $db_pass;
+	$link = mysql_connect($db_host, $db_user, $db_pass) or print_error("Could not connect to database server: <b>$db_host</b>.");
+	$succes = mysql_select_db($db_name, $link) or print_error("Could not select database: <b>$db_name</b>.");
+	return $link;
+}
+
+
+
+//
+// db_query
+// Action: Sends a query to the database and returns query result and number of rows
+// Call: db_query(string query)
+//
+function db_query($query) {
+	$link = db_connect();
+	$result = mysql_query($query, $link) or print_error("Could not query the table.<br>", "NO");
+	// if $query was a select statement check the number of rows with mysql_num_rows().
+	if (eregi("^select", $query)) {
+		$number_rows = mysql_num_rows($result);
+	// if $query was something else, UPDATE, DELETE or INSERT check the number of rows with
+	// mysql_affected_rows().
+	} else {
+		$number_rows = mysql_affected_rows($link);
+	}
+	$return = array (
+		"result" => $result,
+		"rows" => $number_rows
+	);
+	return $return;
+}
+?>
--- a/passwd.php
+++ b/passwd.php
@ -0,0 +1,58 @@
+<?php
+require "config.inc.php";
+require "my_lib.php";
+
+$sessid = check_session();
+
+print_header("menu");
+
+if (!empty($_POST['submit'])) {
+        $form_passwd = $_POST['form_passwd'];
+        $form_new_passwd1 = $_POST['form_new_passwd1'];
+        $form_new_passwd2 = $_POST['form_new_passwd2'];
+
+	if (empty($form_passwd) or empty($form_new_passwd1) or empty($form_new_passwd2)) print_error("You will need to fill all fields!");
+
+	if ($form_new_passwd1 != $form_new_passwd2) print_error("The new passwords that you supplied don't match!");
+	
+	$result = db_query("SELECT password FROM admin WHERE username='$sessid[username]'");
+	if ($result['rows'] == 1) {
+		$row = mysql_fetch_array($result['result']);
+		$db_passwd = $row[password];
+		$keys = preg_split('/\$/', $row[password]);
+		$checked_passwd = md5crypt($form_passwd, $keys[2]);
+
+		$result = db_query("SELECT * FROM admin WHERE username='$sessid[username]' AND password='$checked_passwd' AND active='1'");
+		if ($result['rows'] != 1) print_error("The password that you have entered doesn't match your current password!");
+
+	}
+	$new_passwd = md5crypt($form_new_passwd1);
+
+	$result = db_query("UPDATE admin SET password='$new_passwd',change_date=NOW() WHERE username='$sessid[username]'");
+	if ($result['rows'] == 1) {
+		print "Your password has been updated!\n";
+		session_unset();
+		session_destroy();
+		print "<p>\n";
+		print "<a href=login.php>Login</a>\n";
+		print_footer();
+		exit;
+	} else {
+		print_error("Unable to update your password!");
+	}
+} 
+?>
+Change your password.
+<p>
+<form name="passwd" method="post">
+<table class="form">
+<tr><td>Login:</td><td><?php print "$sessid[username]"; ?></td></tr>
+<tr><td>Current Password:</td><td><input type="password" name="form_passwd"></td></tr>
+<tr><td>New Password:</td><td><input type="password" name="form_new_passwd1"></td></tr>
+<tr><td>New Password (again):</td><td><input type="password" name="form_new_passwd2"></td></tr>
+<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Change Password"></td></tr>
+</table>
+</form>
+<?php
+print_footer();
+?>
--- a/pwd.php
+++ b/pwd.php
@ -0,0 +1,44 @@
+<?php
+require "config.inc.php";
+require "my_lib.php";
+
+$sessid = check_session();
+$sessid_domain = $sessid['domain'];
+$sessid_username = $sessid['username'];
+
+$url = "main.php?" . session_name() . "=" . session_id();
+$username = $_GET['username'];
+
+if (!empty($_POST['submit'])) {
+        $form_new_passwd1 = $_POST['form_new_passwd1'];
+        $form_new_passwd2 = $_POST['form_new_passwd2'];
+
+	if (empty($form_new_passwd1) or empty($form_new_passwd2)) print_error("You will need to fill both password fields!", "YES", "MENU");
+
+	if ($form_new_passwd1 != $form_new_passwd2) print_error("The new passwords that you supplied don't match!", "YES", "MENU");
+	
+	$new_passwd = md5crypt($form_new_passwd1);
+
+	$result = db_query("UPDATE mailbox SET password='$new_passwd',change_date=NOW() WHERE username='$username' AND domain='$sessid_domain'");
+	if ($result['rows'] == 1) {
+		header("Location: $url");
+	} else {
+		print_error("Unable to update your password!", "YES", "MENU");
+	}
+}
+
+print_header("menu");
+?>
+Change password.
+<p>
+<form name="passwd" method="post">
+<table class="form">
+<tr><td>Login:</td><td><?php print "$username"; ?></td></tr>
+<tr><td>New Password:</td><td><input type="password" name="form_new_passwd1"></td></tr>
+<tr><td>New Password (again):</td><td><input type="password" name="form_new_passwd2"></td></tr>
+<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Enter"></td></tr>
+</table>
+</form>
+<?php
+print_footer();
+?>
--- a/sendmail.php
+++ b/sendmail.php
@ -0,0 +1,45 @@
+<?php
+require "config.inc.php";
+require "my_lib.php";
+
+$sessid = check_session();
+$sessid_domain = $sessid['domain'];
+$sessid_username = $sessid['username'];
+
+print_header("menu");
+
+if (!empty($_POST['submit'])) {
+	$to = $_POST['to'];
+
+	if (empty($to)) print_error("You need to select an email address.");
+
+	$headers = "From: $sessid_username";
+	$subject = "Welcome";
+	$message = "Hi,\n\nWelcome to your new email account.\n\n";
+	if (!mail($to, $subject, $message, $headers)) {
+		print_error("Unable to send message to $to!");
+	}
+	print "Successfully send email to $to\n";
+	print "<p>\n";
+}
+?>
+Send test message to a new mailbox.
+<p>
+<form name="mailbox" method="post">
+<table class="form">
+<tr><td>From:</td><td><?php print "$sessid_username"; ?></td></tr>
+<tr><td>To:</td><td>
+<select name="to">
+<?php
+$result = db_query("SELECT username FROM mailbox WHERE domain='$sessid_domain' ORDER BY domain");
+while ($row = mysql_fetch_array ($result['result'])) {
+	print "<option>" . $row['username'] . "</option>";
+}
+?>
+</select>
+<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Send Message"></td></tr>
+</table>
+</form>
+<?php
+print_footer();
+?>
--- a/stylesheet.css
+++ b/stylesheet.css
@ -0,0 +1,184 @@
+body {
+	background: white;
+	color: black;
+	font-family: Verdana;
+	font-family: Verdana, Arial, Helvetica, sans-serif;
+	font-size: 13px;
+	margin: 8px;
+	padding: 0px;
+	text-align: center;
+}
+
+h1 {
+	font-family: Verdana;
+	font-family: Verdana, Arial, Helvetica, sans-serif;
+	font-size: 18px;
+	font-weight: bold;
+	margin-bottom: 0px;
+	margin-top: 20px;
+}
+
+a {
+	color: blue;
+	font-family: Verdana;
+	font-family: Verdana, Arial, Helvetica, sans-serif;
+	font-size: 11px;
+	text-decoration: none;
+}
+
+a:visited {
+	color: blue;
+	font-family: Verdana;
+	font-family: Verdana, Arial, Helvetica, sans-serif;
+	font-size: 11px;
+	text-decoration: none;
+}
+
+hr {	
+	line-heigt: 1px;
+	margin-top: 10px;
+	margin-bottom: 10px;
+	width: 640px;
+	text-align: center;
+}
+
+hr.footer {
+	margin-top: 10px;
+	margin-bottom: 0px;
+	width: 640px;
+}
+
+p {
+	font-family: Verdana;
+	font-family: Verdana, Arial, Helvetica, sans-serif;
+	font-size: 13px;
+	margin-top: 13px;
+	text-align: center;
+}
+
+p.footer {
+	font-family: Verdana;
+	font-family: Verdana, Arial, Helvetica, sans-serif;
+	font-size: 11px;
+	margin-bottom: 0px;
+	margin-top: 5px;
+	text-align: center;
+}
+
+p.error {
+	color: red;
+	font-family: Verdana;
+	font-family: Verdana, Arial, Helvetica, sans-serif;
+	font-size: 13px;
+	text-align: center;
+}
+
+table {
+	font-family: Verdana;
+	font-family: Verdana, Arial, Helvetica, sans-serif;
+	font-size: 11px;	
+	width: 640px;
+	text-align: left;
+	margin-top: 0px;
+	margin-bottom: 0px;
+	padding-top: 0px;
+}
+
+table.auto {
+	font-family: Verdana;
+	font-family: Verdana, Arial, Helvetica, sans-serif;
+	font-size: 11px;	
+	width: auto;
+	text-align: left;
+	margin-top: 0px;
+	margin-bottom: 0px;
+	padding-top: 0px;
+}
+
+
+table.form {
+	font-size: 11px;
+	padding-left: 0px;
+	padding-right: 0px;
+	text-align: left;
+	width: auto;
+}
+
+td {
+	font-family: Verdana;
+	font-family: Verdana, Arial, Helvetica, sans-serif;
+	font-size: 11px;
+	padding-left: 5px;
+	padding-right: 5px;
+}
+
+tr.header {
+	font-family: Verdana;
+	font-family: Verdana, Arial, Helvetica, sans-serif;
+	font-weight: bold;
+	padding-left: 11px;
+	padding-right: 11px;
+}
+
+td.center {
+	text-align: center;
+}
+
+td.header {
+	font-family: Verdana;
+	font-family: Verdana, Arial, Helvetica, sans-serif;
+	font-weight: bold;
+	padding-left: 11px;
+	padding-right: 11px;
+	text-align: center;
+}
+
+td.highlight {
+	font-family: Verdana;
+	font-family: Verdana, Arial, Helvetica, sans-serif;
+	background: rgb(169,194,162);
+	padding-left: 5px;
+	padding-right: 5px;
+}
+
+td.menu {
+	text-align: center;
+	background: #dfdfdf;
+	border-top: 1px solid #999;
+	border-right: 1px solid #999;
+	border-left: 1px solid #999;
+	border-bottom: 1px solid #999;
+	border-radius: 2px;
+	-moz-border-radius: 2px;
+	padding-bottom: 5px;
+	padding-top: 5px;
+
+}
+
+td.right {
+	text-align: center;
+	padding-left: 0px;
+	padding-right: 0px;
+	margin-left: 0px;
+	margin-right: 0px;
+}
+
+input {
+	font-family: Verdana;
+	font-family: Verdana, Arial, Helvetica, sans-serif;
+	font-size: 11px;
+	float: none;
+	clear: none;
+}
+
+input.button {
+	font-family: Verdana;
+	font-family: Verdana, Arial, Helvetica, sans-serif;
+	background: rgb(232,236,176)
+}
+
+textarea {
+	font-family: Verdana;
+	font-family: Verdana, Arial, Helvetica, sans-serif;
+	font-size: 11px;
+}
--- a/vacation.php
+++ b/vacation.php
@ -0,0 +1,78 @@
+<?php
+require "config.inc.php";
+require "my_lib.php";
+
+print_header("", "", "YES");
+
+if (!empty($_POST['submit']) or !empty($_POST['cancel'])) {
+        $form_login = $_POST['form_login'];
+        $form_passwd = $_POST['form_passwd'];
+	$form_subject = $_POST['form_subject'];
+	$form_body = $_POST['form_body'];
+	
+	$result = db_query("SELECT * FROM mailbox WHERE username='$form_login' AND active='1'");
+	if ($result['rows'] != 1) print_error("The mailbox <b>$form_login</b> does not exist!", "", "", "YES");
+
+	$result = db_query("SELECT password FROM mailbox WHERE username='$form_login'");
+	if ($result['rows'] == 1) {
+		$row = mysql_fetch_array($result['result']);
+		$db_passwd = $row['password'];
+		$keys = preg_split('/\$/', $row['password']);
+		$checked_passwd = md5crypt($form_passwd, $keys[2]);
+
+		$result = db_query("SELECT * FROM mailbox WHERE username='$form_login' AND password='$checked_passwd' AND active='1'");
+		if ($result['rows'] != 1) print_error("The password that you have entered is not correct!", "", "", "YES");
+	}
+
+	$result = db_query("SELECT email FROM vacation WHERE email='$form_login'");
+	if ($result['rows'] == 0 and !empty($_POST['cancel'])) print_error("Unable to cancel your \"Out of the Office\" message! (vacation)", "", "", "YES");
+	if ($result['rows'] == 1 and empty($_POST['cancel'])) print_error("There is already an \"Out of the Office\" message present! (vacation)", "", "", "YES");
+	
+	$result = db_query("SELECT goto FROM alias WHERE address='$form_login'");
+	if ($result['rows'] == 1) {
+		$row = mysql_fetch_array($result['result']);
+		if (!empty($_POST['cancel'])) {
+			$db_goto = preg_replace("/,$vacation_email/", "", $row['goto']);
+		} else {
+			$db_goto = $row['goto'] . ",$vacation_email";
+		}
+	} else {
+		if ($result['rows'] != 1) print_error("Unable collect your data! (alias)", "", "", "YES");
+	}
+
+	$result = db_query("UPDATE alias SET goto='$db_goto', change_date=NOW() WHERE address='$form_login'");
+	if ($result['rows'] != 1) print_error("Unable to create your \"Out of the Office\" message! (alias)", "", "", "YES");
+
+	if (!empty($_POST['cancel'])) $result = db_query("DELETE FROM vacation WHERE email='$form_login'");
+	if (!empty($_POST['submit'])) $result = db_query("INSERT INTO vacation (email,subject,body) VALUES('$form_login', '$form_subject', '$form_body')");
+	if ($result['rows'] == 1) {
+		print "<hr />\n";
+		if (!empty($_POST['cancel'])) print "Your \"Out of the Office\" message is removed!\n";
+		if (!empty($_POST['submit'])) print "Your \"Out of the Office\" message is active!\n";
+		print_footer();
+		exit;
+	} else {
+		print_error("Unable create your \"Out of the Office\" message! (vacation)", "", "", "YES");
+	}
+} 
+?>
+Out of the Office.
+<p>
+<form name="vacation" method="post">
+<table class="form">
+<tr><td>Email:</td><td><input type="text" name="form_login"></td></tr>
+<tr><td>Password:</td><td><input type="password" name="form_passwd"></td></tr>
+<tr><td>Subject:</td><td><input type="text" name="form_subject" value="Out of the Office" size="50"></td></tr>
+<tr><td valign="top">Body:</td><td><textarea rows="10" cols="80" name="form_body">
+I will be away from <date> until <date>.
+For urgent matters you can contact <contact person>.
+</textarea></td></tr>
+<tr><td colspan="2" align="center">
+<input type="submit" name="submit" value="Going Away">
+<input type="submit" name="cancel" value="Coming Back">
+</td></tr>
+</table>
+</form>
+<?php
+print_footer("NO");
+?>
--- a/vcp.php
+++ b/vcp.php
@ -0,0 +1,56 @@
+<?php
+require "config.inc.php";
+require "my_lib.php";
+
+print_header("", "", "YES");
+
+if (!empty($_POST['submit'])) {
+        $form_login = $_POST['form_login'];
+        $form_passwd = $_POST['form_passwd'];
+        $form_new_passwd1 = $_POST['form_new_passwd1'];
+        $form_new_passwd2 = $_POST['form_new_passwd2'];
+	
+	if (empty($form_login) or empty($form_passwd) or empty($form_new_passwd1) or empty($form_new_passwd2)) print_error("You didn't enter all fields!", "", "", "YES");
+
+	if ($form_new_passwd1 != $form_new_passwd2) print_error("The passwords that you supplied don't match!", "", "", "YES");
+
+	$result = db_query("SELECT * FROM mailbox WHERE username='$form_login' AND active='1'");
+	if ($result['rows'] != 1) print_error("The mailbox does not exist!", "", "", "YES");
+
+	$result = db_query("SELECT password FROM mailbox WHERE username='$form_login'");
+	if ($result['rows'] == 1) {
+		$row = mysql_fetch_array($result['result']);
+		$db_passwd = $row[password];
+		$keys = preg_split('/\$/', $row[password]);
+		$checked_passwd = md5crypt($form_passwd, $keys[2]);
+
+		$result = db_query("SELECT * FROM mailbox WHERE username='$form_login' AND password='$checked_passwd' AND active='1'");
+		if ($result['rows'] != 1) print_error("The password that you have entered doesn't match your current password!", "", "", "YES");
+	}
+	$new_passwd = md5crypt($form_new_passwd1);
+	
+	$result = db_query("UPDATE mailbox SET password='$new_passwd',change_date=NOW() WHERE username='$form_login'");
+	if ($result['rows'] == 1) {
+		print "<hr />\n";
+		print "Your password has been updated!\n";
+		print_footer();
+		exit;
+	} else {
+		print_error("Unable to update your password!", "", "", "YES");
+	}
+} 
+?>
+Change your mailbox password.
+<p>
+<form name="vcp" method="post">
+<table class="form">
+<tr><td>Email:</td><td><input type="text" name="form_login"></td></tr>
+<tr><td>Current Password:</td><td><input type="password" name="form_passwd"></td></tr>
+<tr><td>New Password:</td><td><input type="password" name="form_new_passwd1"></td></tr>
+<tr><td>New Password (again):</td><td><input type="password" name="form_new_passwd2"></td></tr>
+<tr><td colspan="2" align="center"><input type="submit" name="submit" value="Change Password"></td></tr>
+</table>
+</form>
+<?php
+print_footer("NO");
+?>