edit-alias.php

- get domain name by splitting address parameter instead of relying on the domain GET/POST parameter. This makes linking to edit-alias easier. - simplify reading $_GET/$_POST['address'] git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@749 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago · 2c4cdca5fd
parent 7f4f8fd996
commit 2c4cdca5fd
1 changed files with 5 additions and 11 deletions
--- a/edit-alias.php
+++ b/edit-alias.php
@ -39,16 +39,10 @@ if($CONF['alias_control_admin'] == 'NO' && !authentication_has_role('global-admi
 }
 /* retrieve existing alias record for the user first... may be via GET or POST */
-
+$fAddress = safepost('address', safeget('address')); # escaped below
-if(isset($_GET['address']) && isset($_GET['domain'])) {
+$fDomain = escape_string(preg_replace("/.*@/", "", $fAddress));
-    $fAddress = escape_string($_GET['address']);
+$fAddress = escape_string($fAddress); # escaped now
-    $fDomain = escape_string($_GET['domain']);
+if ($fAddress == "") {
 }
 elseif(isset($_POST['address']) && isset($_POST['domain'])) {
    $fAddress = escape_string($_POST['address']);
    $fDomain = escape_string($_POST['domain']);
 }
 else {
    die("Required parameters not present");
 }
@ -88,7 +82,7 @@ if ($result['rows'] == 1)
    }
 }
 else {
-    die("Invalid alias / domain combination");
+    die("Invalid alias");
 }
 if ($_SERVER['REQUEST_METHOD'] == "POST")