banananetwork
/
postfixadmin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

list-virtual.php:

Browse Source 
- remember domain and page browser offset in $_SESSION
  (fixes 50% of http://sourceforge.net/p/postfixadmin/bugs/298/ )
- various cleanups

functions.inc.php:
- add safesession() (like safeget(), but for $_SESSION)



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1593 a1433add-5e2c-0410-b055-b7f2511e0802
pull/2/head
Christian Boltz 11 years ago
parent c349420210
commit 1a35cccf5e
2 changed files with 31 additions and 42 deletions
Show Stats Download Patch File Download Diff File

14
functions.inc.php
Unescape Escape View File

@ -361,6 +361,20 @@ function safecookie ($param, $default="") {
return $retval; return $retval;
} }
/**
* safesession
* @see safeget()
* @param String $param
* @param String $default (optional)
* @return String value from $_SESSION[$param] or $default
*/
function safesession ($param, $default="") {
$retval=$default;
if (isset($_SESSION[$param])) $retval=$_SESSION[$param];
return $retval;
}
/** /**
* pacol * pacol
* @param int $allow_editing * @param int $allow_editing

59
list-virtual.php
Unescape Escape View File

@ -16,48 +16,32 @@
* *
* Template File: list-virtual.php * Template File: list-virtual.php
* *
* Template Variables:
*
* tAlias
* tMailbox
*
* Form POST \ GET Variables: * Form POST \ GET Variables:
* *
* fDomain * fDomain
* fDisplay * fDisplay
* search
*/ */
require_once('common.php'); require_once('common.php');
authentication_require_role('admin'); authentication_require_role('admin');
$fDomain = false;
$admin_username = authentication_get_username(); $admin_username = authentication_get_username();
if (authentication_has_role('global-admin')) { $list_domains = list_domains_for_admin($admin_username);
$list_domains = list_domains ();
$is_superadmin = 1;
} else {
$list_domains = list_domains_for_admin(authentication_get_username());
$is_superadmin = 0;
}
$tAlias = array();
$tMailbox = array();
$fDisplay = 0;
$page_size = $CONF['page_size']; $page_size = $CONF['page_size'];
if ($_SERVER['REQUEST_METHOD'] == "GET") { $fDomain = safepost('fDomain', safeget('domain', safesession('list-virtual:domain')));
if (isset ($_GET['domain'])) $fDomain = escape_string ($_GET['domain']); if (safesession('list-virtual:domain') != $fDomain) {
if (isset ($_GET['limit'])) $fDisplay = intval ($_GET['limit']); unset($_SESSION['list-virtual:limit']);
$search = escape_string(safeget('search'));
} else {
if (isset ($_POST['fDomain'])) $fDomain = escape_string ($_POST['fDomain']);
if (isset ($_POST['limit'])) $fDisplay = intval ($_POST['limit']);
$search = escape_string(safepost('search'));
} }
$fDisplay = (int) safepost('limit', safeget('limit', safesession('list-virtual:limit')));
$search = safepost('search', safeget('search', '')); # not remembered in the session
if (count($list_domains) == 0) { if (count($list_domains) == 0) {
if ($is_superadmin) { if (authentication_has_role('global-admin')) {
flash_error($PALANG['no_domains_exist']); flash_error($PALANG['no_domains_exist']);
} else { } else {
flash_error($PALANG['no_domains_for_this_admin']); flash_error($PALANG['no_domains_for_this_admin']);
@ -74,21 +58,22 @@ if ((is_array ($list_domains) and sizeof ($list_domains) > 0)) {
if(!in_array($fDomain, $list_domains)) { if(!in_array($fDomain, $list_domains)) {
flash_error( $PALANG['invalid_parameter'] ); flash_error( $PALANG['invalid_parameter'] );
unset($_SESSION['list-virtual:domain']);
header("Location: list-domain.php"); # invalid domain, or not owned by this admin header("Location: list-domain.php"); # invalid domain, or not owned by this admin
exit; exit;
} }
if (!check_owner(authentication_get_username(), $fDomain)) { if (!check_owner(authentication_get_username(), $fDomain)) {
flash_error( $PALANG['invalid_parameter'] . " If you see this message, please open a bugreport"); # this check is most probably obsoleted by the in_array() check above flash_error( $PALANG['invalid_parameter'] . " If you see this message, please open a bugreport"); # this check is most probably obsoleted by the in_array() check above
unset($_SESSION['list-virtual:domain']);
header("Location: list-domain.php"); # domain not owned by this admin header("Location: list-domain.php"); # domain not owned by this admin
exit(0); exit(0);
} }
// store fDomain in $_SESSION so after adding/editing aliases/mailboxes we can // store domain and page browser offset in $_SESSION so after adding/editing aliases/mailboxes we can
// take the user back to the appropriate domain listing. (see templates/menu.tpl) // take the user back to the appropriate domain listing.
if($fDomain) { $_SESSION['list-virtual:domain'] = $fDomain;
$_SESSION['list_virtual_sticky_domain'] = $fDomain; $_SESSION['list-virtual:limit'] = $fDisplay;
}
# #
# alias domain # alias domain
@ -120,28 +105,17 @@ if (Config::bool('alias_domain')) {
if ($search == "") { if ($search == "") {
$list_param = "domain='$fDomain'"; $list_param = "domain='$fDomain'";
# sql_domain / sql_where only needed for pagebrowser
$sql_domain = " $table_alias.domain='$fDomain' "; $sql_domain = " $table_alias.domain='$fDomain' ";
$sql_where = "";
} else { } else {
$list_param = "(address LIKE '%$search%' OR goto LIKE '%$search%')"; $list_param = "(address LIKE '%$search%' OR goto LIKE '%$search%')";
# sql_domain / sql_where only needed for pagebrowser
$sql_domain = db_in_clause("$table_alias.domain", $list_domains); $sql_domain = db_in_clause("$table_alias.domain", $list_domains);
$sql_where = " AND ( address LIKE '%$search%' OR goto LIKE '%$search%' ) ";
} }
$alias_pagebrowser_query = " $alias_pagebrowser_query = "
FROM $table_alias FROM $table_alias
WHERE $sql_domain AND NOT EXISTS(SELECT 1 FROM $table_mailbox WHERE username=$table_alias.address) $sql_where WHERE $sql_domain AND NOT EXISTS(SELECT 1 FROM $table_mailbox WHERE username=$table_alias.address) AND ( $list_param )
ORDER BY address ORDER BY address
"; ";
/*
$query = "
SELECT address, goto, modified, active
$alias_pagebrowser_query
LIMIT $page_size OFFSET $fDisplay
";
*/
$handler = new AliasHandler(0, $admin_username); $handler = new AliasHandler(0, $admin_username);
$handler->getList($list_param, $page_size, $fDisplay); $handler->getList($list_param, $page_size, $fDisplay);
@ -203,6 +177,7 @@ if ($result['rows'] > 0) {
$delimiter = preg_quote($CONF['recipient_delimiter'], "/"); $delimiter = preg_quote($CONF['recipient_delimiter'], "/");
$goto_single_rec_del = ""; $goto_single_rec_del = "";
$tMailbox = array();
while ($row = db_array ($result['result'])) { while ($row = db_array ($result['result'])) {
if ($display_mailbox_aliases) { if ($display_mailbox_aliases) {
$goto_split = explode(",", $row['goto']); $goto_split = explode(",", $row['goto']);

Write Preview
Loading…
Cancel
Save