commit 36339f66a512c11c5d461d60f8600278e1c04814
Author: Mischa Peters <mischa@high5.net>
Date:   Sat Mar 24 07:27:00 2007 +0000

    Initial Import in SourceForge
    
    git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/tags/postfixadmin-1.4.0@1 a1433add-5e2c-0410-b055-b7f2511e0802

diff --git a/CHANGELOG.TXT b/CHANGELOG.TXT
new file mode 100644
index 00000000..fc3aa1ca
--- /dev/null
+++ b/CHANGELOG.TXT
@@ -0,0 +1,35 @@
+#############################
+# Postfix Admin Release 1.x #
+#############################
+#
+# 2003 (c) High5!
+# Created by: Mischa Peters <mischa@high5.net>
+#
+
+Version 1.4.0  -- TBD
+---------------------
+  - Added: When deleting a domain, all aliases and mailboxes for that domain
+    are also deleted from the database.
+  - Added: Add standard aliases for every domain that is created.
+    These aliases can point to the main "local" administrator.
+    The aliases are configured in the config.php in the admin directory.
+  - Change: The layout of my_lib.php and site_lib.php have been changed.
+  - Change: Modifying an alias is now done with TEXTAREA for more
+    flexibility.
+  - Fix: minor bugs and cosmetic fixes.
+
+
+Version 1.3.8a -- 2003/03/31
+----------------------------
+  - Fix: After deletion of a domain it would not return to the correct page.
+
+
+Version 1.3.8  -- 2003/03/25
+----------------------------
+  - Added: Admin password change. No longer needed to delete and re-enter
+    the admin user for a specific domain.
+
+
+Version 1.3.7  -- 2002/12/24
+----------------------------
+  - Initial public release of Postfix Admin.
diff --git a/INSTALL.TXT b/INSTALL.TXT
new file mode 100644
index 00000000..41a85041
--- /dev/null
+++ b/INSTALL.TXT
@@ -0,0 +1,111 @@
+#############################
+# Postfix Admin Release 1.x #
+#############################
+#
+# 2003 (c) High5!
+# Created by: Mischa Peters <mischa@high5.net>
+#
+# Detailed instructions on how to install / upgrade Postfix Admin can be
+# found in UPGRADE.TXT
+#
+# Unpack Postfix Admin in the directory where you want it. For example: /usr/local/www/<site>/postfixadmin
+# There is also an Admin Admin part, change directory to the "admin" directory
+# and change the path to the .htpasswd file in the .htaccess file.
+# 
+# Some other information that you might want to look at is in the site_lib.php
+# file.
+# 
+# In order to be able to read & write from the database I have created a
+# seperate user in MySQL. I do this because Postfix Admin needs to have more
+# rights on the Postfix database. If you are worried abour the password for
+# the database. I have Postfix Admin running as the WebServer owner:group,
+# that way your postfix username and password are somewhat protected against
+# local users.
+#
+# You can use this file to create the tables that are needed to use postfix
+# with mysql. The bottom part is for Postfix Admin.
+#
+# You can do this from the command line with:
+#
+# mysql -u root [-p] < INSTALL.TXT
+
+#
+# Postfix / MySQL
+#
+USE mysql
+INSERT INTO user (Host, User, Password) VALUES ('localhost','postfix',password('postfix'));
+INSERT INTO db (Host, Db, User, Select_priv) VALUES ('localhost','postfix','postfix','Y');
+CREATE DATABASE postfix;
+
+#
+# Table structure for table alias
+#
+USE postfix;
+CREATE TABLE alias (
+  address varchar(255) NOT NULL default '',
+  goto text NOT NULL,
+  domain varchar(255) NOT NULL default '',
+  create_date datetime NOT NULL default '0000-00-00 00:00:00',
+  change_date datetime NOT NULL default '0000-00-00 00:00:00',
+  active tinyint(4) NOT NULL default '1',
+  PRIMARY KEY  (address),
+  UNIQUE KEY address (address),
+  KEY address_2 (address)
+) TYPE=MyISAM COMMENT='Virtual Aliases - mysql_virtual_alias_maps';
+
+#
+# Table structure for table domain
+#
+USE postfix;
+CREATE TABLE domain (
+  domain varchar(255) NOT NULL default '',
+  description varchar(255) NOT NULL default '',
+  create_date datetime NOT NULL default '0000-00-00 00:00:00',
+  change_date datetime NOT NULL default '0000-00-00 00:00:00',
+  active tinyint(4) NOT NULL default '1',
+  PRIMARY KEY  (domain),
+  UNIQUE KEY domain (domain)
+) TYPE=MyISAM COMMENT='Virtual Domains - mysql_virtual_domains_maps';
+
+#
+# Table structure for table mailbox
+#
+USE postfix;
+CREATE TABLE mailbox (
+  username varchar(255) NOT NULL default '',
+  password varchar(255) NOT NULL default '',
+  name varchar(255) NOT NULL default '',
+  maildir varchar(255) NOT NULL default '',
+  domain varchar(255) NOT NULL default '',
+  create_date datetime NOT NULL default '0000-00-00 00:00:00',
+  change_date datetime NOT NULL default '0000-00-00 00:00:00',
+  active tinyint(4) NOT NULL default '1',
+  PRIMARY KEY  (username),
+  UNIQUE KEY id (username)
+) TYPE=MyISAM COMMENT='Virtual Mailboxes - mysql_virtual_mailbox_maps';
+
+#
+#
+#
+
+#
+# Postfix Admin User & Table
+# 
+USE mysql
+INSERT INTO user (Host, User, Password) VALUES ('localhost','postfixadmin',password('postfixadmin'));
+INSERT INTO db (Host, Db, User, Select_priv, Insert_priv, Update_priv, Delete_priv) VALUES ('localhost', 'postfix', 'postfixadmin', 'Y', 'Y', 'Y', 'Y');
+
+#
+# Table structure for table admin
+#
+USE postfix;
+CREATE TABLE admin (
+  username varchar(255) NOT NULL default '',
+  password varchar(255) NOT NULL default '',
+  domain varchar(255) NOT NULL default '',
+  create_date datetime NOT NULL default '0000-00-00 00:00:00',
+  change_date datetime NOT NULL default '0000-00-00 00:00:00',
+  active tinyint(4) NOT NULL default '1',
+  UNIQUE KEY username (username),
+  KEY username_2 (username)
+) TYPE=MyISAM COMMENT='Virtual Admins - Store Virtual Domain Admins';
diff --git a/LICENSE.TXT b/LICENSE.TXT
new file mode 100644
index 00000000..71e00ff7
--- /dev/null
+++ b/LICENSE.TXT
@@ -0,0 +1,50 @@
+License for Postfix Admin:
+
+     The contents of this file are subject to the Mozilla Public License
+     Version 1.1 (the "License"); you may not use this file except in
+     compliance with the License. You may obtain a copy of the License at
+     http://www.mozilla.org/MPL/
+
+     Software distributed under the License is distributed on an "AS IS"
+     basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
+     License for the specific language governing rights and limitations
+     under the License.
+
+     The Original Code is Postfix Admin.
+
+     The Initial Developer of the Original Code is Mischa Peters <mischa@high5.net>.
+     Portions created by Mischa Peters are Copyright (c) 2002, 2003. 
+     All Rights Reserved.
+
+     Contributor(s): 
+
+
+This project includes work by Mischa Peters and others that is:
+
+    Copyright (c) 2002,2003 Mischa Peters
+    All rights reserved.
+    
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions are met:
+    
+        Redistributions of source code must retain the above copyright notice,
+        this list of conditions and the following disclaimer.
+    
+        Redistributions in binary form must reproduce the above copyright notice,
+        this list of conditions and the following disclaimer in the documentation
+        and/or other materials provided with the distribution.
+    
+        Neither the names of the copyright holders nor the names of the XLW
+        Group and its contributors may be used to endorse or promote products
+        derived from this software without specific prior written permission.
+    
+    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+    AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+    IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+    DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE
+    FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+    DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+    SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+    CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+    OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+    OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/UPGRADE.TXT b/UPGRADE.TXT
new file mode 100644
index 00000000..99008f53
--- /dev/null
+++ b/UPGRADE.TXT
@@ -0,0 +1,90 @@
+#############################
+# Postfix Admin Release 1.x #
+#############################
+#
+# 2003 (c) High5!
+# Created by: Mischa Peters <mischa@high5.net>
+#
+
+Upgrade from 1.3.x
+------------------
+Since some features have been added to this release which are partially
+coming from site_lib.php it's wise to do a complete upgrade and modify your
+settings in the new site_lib.php.
+
+
+1. Backup old installation
+---------------------------
+Make a backup of your current Postfix Admin  directory. If you use "cp", be
+sure to use the "-Rp" options. -R means recursive, and -p will save the
+permissions in the directory.
+
+In this example, we assume that your httpd document directory is 
+/usr/local/postfixadmin, that your Postfix Admin install is located at
+/usr/local/postfixadmin/postfixadmin, and that your new Postfix Admin version is 1.4.0.
+Substitute version numbers and names as required.
+
+  $ cd /usr/local/postfixadmin
+  $ cp -Rp postfixadmin postfixadmin.old
+
+
+2. Unarchive new Postfix Admin
+------------------------------
+Make sure that you are in your /usr/local/postfixadmin/ directory and then unarchive the
+Postfix Admin archive (whatever the filename is):
+
+  $ tar -zxvf postfixadmin-1.4.0.tgz
+
+
+3. Change permissions
+----------------------
+Since the database  password is stored in the site_lib.php it's a good idea
+to have Postfix Admin set to the permission of the webserver. In this
+example, we assume that user "www" and group "www" are the web server as is
+often the case with Apache.
+
+  $ cd /usr/local/postfixadmin/
+  $ chown -R www:www postfixadmin
+
+This is also a good idea for the file permissions.
+
+  $ cd /usr/local/postfixadmin/postfixadmin
+  $ chmod 640 *.php *.css
+  $ cd /usr/local/postfixadmin/postfixadmin/admin
+  $ chmod 640 *.php *.css
+  
+Additionally, if "chown user:group" doesn't work, you can use "chown user"
+and "chgrp group" instead. See the man pages for these commands for more
+information.
+
+
+4. Create the MySQL Tables
+--------------------------
+In INSTALL.TXT you can find the table structure that you need in order to
+configure Postfix Admin and Postfix in general to work with Virtual Domains
+and Users
+
+
+5. Configure
+------------
+Look at the file site_lib.php in the root of Postfix Admin and the
+site_lib.php in the admin directory. Here you can specify the username and
+possword of the Postfix Admin user as well as the database name.
+
+In this file you can also find the text that is displayed as the title,
+header and footer. You can change this as you see fit.
+To change the background and text color please check the stylesheet.css
+
+In config.php in the admin directory you can find an array of default
+aliases that are created when a new domain is created. You can change these
+aliases so that they reflect your setup.
+
+The default password for the admin part of Postfix Admin is admin/admin.
+This is specified in the .htpasswd file in the admin directory.
+Make sure that the location of the .htpasswd file matches your path.
+
+
+6. Done
+-------
+This is all that is needed. Fire up your browser and go to the site that you
+specified to host Postfix Admin.
diff --git a/admin/.htaccess b/admin/.htaccess
new file mode 100644
index 00000000..df745a3a
--- /dev/null
+++ b/admin/.htaccess
@@ -0,0 +1,8 @@
+AuthUserFile /usr/local/postfixadmin/admin/.htpasswd
+AuthGroupFile /dev/null
+AuthName "Postfix Admin"
+AuthType Basic
+
+<limit GET POST>
+require valid-user
+</limit>
diff --git a/admin/.htpasswd b/admin/.htpasswd
new file mode 100644
index 00000000..3b7d51c7
--- /dev/null
+++ b/admin/.htpasswd
@@ -0,0 +1 @@
+admin:$apr1$5awhn...$NvPhYnYme5lGzdXBd3/P//
diff --git a/admin/LICENSE.TXT b/admin/LICENSE.TXT
new file mode 100644
index 00000000..71e00ff7
--- /dev/null
+++ b/admin/LICENSE.TXT
@@ -0,0 +1,50 @@
+License for Postfix Admin:
+
+     The contents of this file are subject to the Mozilla Public License
+     Version 1.1 (the "License"); you may not use this file except in
+     compliance with the License. You may obtain a copy of the License at
+     http://www.mozilla.org/MPL/
+
+     Software distributed under the License is distributed on an "AS IS"
+     basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
+     License for the specific language governing rights and limitations
+     under the License.
+
+     The Original Code is Postfix Admin.
+
+     The Initial Developer of the Original Code is Mischa Peters <mischa@high5.net>.
+     Portions created by Mischa Peters are Copyright (c) 2002, 2003. 
+     All Rights Reserved.
+
+     Contributor(s): 
+
+
+This project includes work by Mischa Peters and others that is:
+
+    Copyright (c) 2002,2003 Mischa Peters
+    All rights reserved.
+    
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions are met:
+    
+        Redistributions of source code must retain the above copyright notice,
+        this list of conditions and the following disclaimer.
+    
+        Redistributions in binary form must reproduce the above copyright notice,
+        this list of conditions and the following disclaimer in the documentation
+        and/or other materials provided with the distribution.
+    
+        Neither the names of the copyright holders nor the names of the XLW
+        Group and its contributors may be used to endorse or promote products
+        derived from this software without specific prior written permission.
+    
+    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+    AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+    IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+    DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE
+    FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+    DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+    SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+    CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+    OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+    OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/admin/adminview.php b/admin/adminview.php
new file mode 100644
index 00000000..46339f38
--- /dev/null
+++ b/admin/adminview.php
@@ -0,0 +1,44 @@
+<?php
+include "my_lib.php";
+
+print_header();
+
+print_menu();
+print "<hr>\n";
+
+$query = "SELECT * FROM admin ORDER BY domain,username";
+
+$result = db_query ("$query");
+	
+if ($result[rows] > 0) {
+	print "<table border=1 cellpadding=2 cellspacing=2 width=75%>\n";
+	print "<tr class=\"header\">";
+	print "<td>Domain Name</td>";
+	print "<td>Admin Alias</td>";
+	print "<td>Last Modified</td>";
+	print "<td>Active</td>";
+	print "<td colspan=\"2\">&nbsp;</td>";
+	print "</tr>";
+	while ($row = mysql_fetch_array ($result[result])) {
+		print "<tr onMouseOver=\"this.bgColor = '#dfdfdf'\" onMouseOut =\"this.bgColor = '#ffffff'\" bgcolor=\"#ffffff\">";
+		print "<td><a href=virtualview.php?where=$row[domain]>$row[domain]</a></td>";
+		print "<td>$row[username]</td>";
+		print "<td>$row[change_date]</td>";
+		print "<td>$row[active]</td>";
+		print "<td><a href=passwd.php?username=$row[username]>edit</a></td>";
+		print "<td><a href=delete.php?table=admin&where=username&delete=$row[username] onclick=\"return confirm ('Are you sure you want to delete this?')\">del</a></td>";
+		print "</tr>\n";
+	}
+
+	print "</table>\n";
+	print "<p>\n";
+	print "Found: $result[rows]<br>\n";
+
+} else {
+	print "<p>\n";
+	print "Nothing Found!\n";
+}
+
+print "<p>\n";
+print_footer();
+?>
diff --git a/admin/config.php b/admin/config.php
new file mode 100644
index 00000000..66135c37
--- /dev/null
+++ b/admin/config.php
@@ -0,0 +1,15 @@
+<?php
+//
+// If config.php is called directly, redirect to login.php
+//
+if (ereg("config.php", $PHP_SELF)) {
+	header("Location: ../login.php");
+}
+
+// default aliases that need to be created for all domains
+$default_aliases = array (
+	"abuse" => "abuse@example.com",
+	"postmaster" => "postmaster@localhost",
+	"webmaster" => "webmaster@example.com",
+);
+?>
diff --git a/admin/delete.php b/admin/delete.php
new file mode 100644
index 00000000..164ef807
--- /dev/null
+++ b/admin/delete.php
@@ -0,0 +1,47 @@
+<?php
+include "my_lib.php";
+
+$table = $_GET[table];
+$where = $_GET[where];
+$delete = $_GET[delete];
+$url = "$table" . "view.php";
+
+if ($table == "domain") {
+	$r_domain = db_delete ("domain",$where,$delete);
+	$r_admin = db_delete ("admin",$where,$delete);
+	$r_alias = db_delete ("alias",$where,$delete);
+	$r_mailbox = db_delete ("mailbox",$where,$delete);
+	if (($r_domain == 1) and ($r_admin >= 0) and ($r_alias >= 0) and ($r_mailbox >= 0)) {
+		header("Location: $url");
+	} else {
+		print_header();
+		print "<hr>\n";
+		print "<b>Unable</b> to delete all entries for complete domain deletion!<p>\n";
+		print "Domain delete: $r_domain<br>\n";
+		print "Admin delete: $r_admin<br>\n";
+		print "Alias delete: $r_alias<br>\n";
+		print "Mailbox delete: $r_mailbox<br>\n";
+		print "<p>\n";
+		print_footer();
+	}
+} else {
+	$result = db_delete ($table,$where,$delete);
+	if ($result == 1) {
+		header("Location: $url");
+	} else {
+		print_header();
+		print "<hr>\n";
+		print "<b>Unable</b> to delete entry $delete from the $table table!\n";
+		print "<p>\n";
+		print_footer();
+	}
+}
+function db_delete ($table,$where,$delete) {
+	$result = db_query ("DELETE FROM $table WHERE $where='$delete'");
+	if ($result[rows] >= 1) {
+		return $result[rows];
+	} else {
+		return 0;
+	}
+}
+?>
diff --git a/admin/domainview.php b/admin/domainview.php
new file mode 100644
index 00000000..42559df8
--- /dev/null
+++ b/admin/domainview.php
@@ -0,0 +1,41 @@
+<?php
+include "my_lib.php";
+
+print_header();
+
+print_menu();
+print "<hr>\n";
+
+$query = "SELECT * FROM domain ORDER BY domain";
+
+$result = db_query ("$query");
+	
+if ($result[rows] > 0) {
+	print "<table border=1 cellpadding=2 cellspacing=2 width=75%>\n";
+	print "<tr class=\"header\">";
+	print "<td>Domain</td>";
+	print "<td>Description</td>";
+	print "<td>Last Modified</td>";
+	print "<td>&nbsp;</td>";
+	print "</tr>";
+	while ($row = mysql_fetch_array ($result[result])) {
+		print "<tr onMouseOver=\"this.bgColor = '#dfdfdf'\" onMouseOut =\"this.bgColor = '#ffffff'\" bgcolor=\"#ffffff\">";
+		print "<td><a href=virtualview.php?where=$row[domain]>$row[domain]</a></td>";
+		print "<td>$row[description]</td>";
+		print "<td>$row[change_date]</td>";
+		print "<td><a href=delete.php?table=domain&where=domain&delete=$row[domain] onclick=\"return confirm ('Do you really want to delete all records for this domain? This can not be undone!')\">del</a></td>";
+		print "</tr>\n";
+	}
+
+	print "</table>\n";
+	print "<p>\n";
+	print "Found: $result[rows]<br>\n";
+
+} else {
+	print "<p>\n";
+	print "Nothing Found!\n";
+}
+
+print "<p>\n";
+print_footer();
+?>
diff --git a/admin/index.php b/admin/index.php
new file mode 120000
index 00000000..004506eb
--- /dev/null
+++ b/admin/index.php
@@ -0,0 +1 @@
+adminview.php
\ No newline at end of file
diff --git a/admin/my_lib.php b/admin/my_lib.php
new file mode 100644
index 00000000..e1f2ed61
--- /dev/null
+++ b/admin/my_lib.php
@@ -0,0 +1,264 @@
+<?php
+//
+// If my_lib.php is called directly, redirect to login.php
+//
+if (ereg("my_lib.php", $PHP_SELF)) {
+	header("Location: ../login.php");
+}
+
+include "site_lib.php";
+include "config.php";
+
+
+
+
+//
+// check_session
+// Action: Check if a session already exists, if not redirect to login.php
+// Call: check_session()
+//
+function check_session() {
+	session_name("SessID");
+	session_start();
+	if (!session_is_registered("sessid")) {
+		// if session is not registered redirect to login.php
+		header("Location: login.php");
+		exit;
+	}
+	$sessid[domain] = $_SESSION[sessid][domain];
+	$sessid[username] = $_SESSION[sessid][username];
+	return $sessid;
+}
+
+
+
+//
+// check_admin
+// Action: Check if user is admin and allowed to view the page
+// Call: check_admin(string admin);
+//
+function check_admin($admin) {
+	if ($admin == "N") {
+		print_header();
+		print "You are not allowed to view this page.\n";
+		print_footer();
+		exit;
+	}
+}
+
+
+
+//
+// check_string
+// Action: checks if a string is valid and returns TRUE is this is the case.
+// Call: check_string(string var)
+//
+function check_string($var) {
+	return (preg_match('/^([A-Za-z ]+)+$/', $var));
+}
+
+
+
+//
+// check_escape
+// Action: checks to see if there are chars that need to be escaped
+// Call: check_escape(string var)
+//
+function check_escape($var) {
+	$search = array ("'<script[^>]*?>.*?</script>'si",
+		"'<[\/\!]*?[^<>]*?>'si",
+		"'\''i");
+
+	$replace = array ("",
+		"",
+		"");
+
+	$escaped = preg_replace ($search, $replace, $var);
+	return $escaped;
+}
+
+
+
+//
+// check_email
+// Action: Checks if email is valid and returns TRUE if this is the case.
+// Call: check_email(string email)
+//
+function check_email($email) { 
+	return (preg_match('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{|}~]+' . '@' . '([-0-9A-Z]+\.)+' . '([0-9A-Z]){2,4}$/i', trim($email)));
+}
+
+
+
+//
+// md5crypt
+// Action: Creates an MD5 passwd that is readable by FreeBSD daemons
+// Call: md5crypt(string cleartextpasswd)
+//
+
+$MAGIC = "$1$";
+$ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+
+function md5crypt($pw, $salt="", $magic="") {
+	global $MAGIC;
+	if ($magic == "") $magic = $MAGIC;
+	if ($salt == "") $salt = create_salt(); 
+	$slist = explode("$", $salt);
+	if ($slist[0] == "1") $salt = $slist[1];
+	$salt = substr($salt, 0, 8);
+	$ctx = $pw . $magic . $salt;
+	$final = hex2bin(md5($pw . $salt . $pw));
+	for ($i=strlen($pw); $i>0; $i-=16) {
+		if ($i > 16) 
+			$ctx .= substr($final,0,16);
+		else
+			$ctx .= substr($final,0,$i);
+	}
+	$i = strlen($pw);
+	while ($i > 0) {
+		if ($i & 1) $ctx .= chr(0);
+		else $ctx .= $pw[0];
+		$i = $i >> 1;
+	}
+	$final = hex2bin(md5($ctx));
+	for ($i=0;$i<1000;$i++) {
+		$ctx1 = "";
+    	if ($i & 1) $ctx1 .= $pw;
+		else $ctx1 .= substr($final,0,16);
+		if ($i % 3) $ctx1 .= $salt;
+	  	if ($i % 7) $ctx1 .= $pw;
+		if ($i & 1) $ctx1 .= substr($final,0,16);
+		else $ctx1 .= $pw;
+		$final = hex2bin(md5($ctx1));
+	}
+	$passwd = "";
+	$passwd .= to64( ( (ord($final[0]) << 16) | (ord($final[6]) << 8) | (ord($final[12])) ), 4);
+	$passwd .= to64( ( (ord($final[1]) << 16) | (ord($final[7]) << 8) | (ord($final[13])) ), 4);
+	$passwd .= to64( ( (ord($final[2]) << 16) | (ord($final[8]) << 8) | (ord($final[14])) ), 4);
+	$passwd .= to64( ( (ord($final[3]) << 16) | (ord($final[9]) << 8) | (ord($final[15])) ), 4);
+	$passwd .= to64( ( (ord($final[4]) << 16) | (ord($final[10]) << 8) | (ord($final[5])) ), 4);
+	$passwd .= to64( ord($final[11]), 2);
+	return "$magic$salt\$$passwd";
+}
+function create_salt() {
+	srand((double)microtime()*1000000);
+	$salt = substr(md5(rand(0,9999999)), 0, 8);
+	return $salt;
+}
+function hex2bin($str) {
+	$len = strlen($str);
+	$nstr = "";
+	for ($i=0;$i<$len;$i+=2) {
+		$num = sscanf(substr($str,$i,2), "%x");
+		$nstr.=chr($num[0]);
+	}
+	return $nstr;
+}
+function to64($v, $n) {
+	global $ITOA64;
+	$ret = "";
+	while (($n - 1) >= 0) {
+		$n--;
+		$ret .= $ITOA64[$v & 0x3f];
+		$v = $v >> 6;
+	}
+	return $ret;
+}
+
+
+
+//
+// print_header
+// Action: Prints out the default header for every page
+// Call: print_header([string title])
+//
+function print_header($title = "") {
+	if (empty($title)) {
+		global $title;
+	}
+	print "<html>\n";
+	print "<head>\n";
+	if (file_exists(realpath("./stylesheet.css"))) {
+		print "<link rel=stylesheet href=stylesheet.css>\n";
+	}
+	print "<title>$title</title>\n";
+	print "</head>\n";
+	print "<body>\n";
+	print "<center>\n";
+}
+
+
+
+//
+// print_footer
+// Action: Prints out the default footer for every page
+// Call: print_footer()
+//
+function print_footer() {
+	global $version;
+	print "<hr class=footer>\n";
+	print "<p class=footer>\n";
+	print "$version\n";
+	print "</center>\n";
+	print "</body>\n";
+	print "</html>\n";
+}
+
+
+
+//
+// print_error
+// Action: Prints an error message and exits/dies
+// Call: print_error(string error message);
+//
+function print_error($msg, $header = "YES") {
+	if ($header == "YES") {
+		print_header();
+	}
+	print "$msg";
+	print_footer();
+	exit;
+}
+
+
+
+//
+// db_connect
+// Action: Makes a connection to the database if it doesn't exist
+// Call: db_connect()
+//
+function db_connect() {
+	global $db_host;
+	global $db_name;
+	global $db_user;
+	global $db_pass;
+	$link = mysql_connect("$db_host", "$db_user", "$db_pass") or print_error("Could not connect to database server: <b>$db_host</b>.");
+	$succes = mysql_select_db("$db_name", $link) or print_error("Could not select database: <b>$db_name</b>.");
+	return ($link);
+}
+
+
+
+//
+// db_query
+// Action: Sends a query to the database and returns query result and number of rows
+// Call: db_query(string query)
+//
+function db_query($query) {
+	$link = db_connect();
+	$result = mysql_query("$query", $link) or print_error("Could not query the table.<br>", "NO");
+	// if $query was a select statement check the number of rows with mysql_num_rows().
+	if (eregi("^select", $query)) {
+		$number_rows = mysql_num_rows($result);
+	// if $query was something else, UPDATE, DELETE or INSERT check the number of rows with
+	// mysql_affected_rows().
+	} else {
+		$number_rows = mysql_affected_rows($link);
+	}
+	$return = array (
+		"result" => $result,
+		"rows" => $number_rows
+	);
+	return ($return);
+}
+?>
diff --git a/admin/newadmin.php b/admin/newadmin.php
new file mode 100644
index 00000000..af7cb6c2
--- /dev/null
+++ b/admin/newadmin.php
@@ -0,0 +1,76 @@
+<?php
+include "my_lib.php";
+
+print_header();
+
+print_menu();
+print "<hr>\n";
+
+if (!empty($_POST[submit])) {
+	$username = $_POST[username];
+	$password = $_POST[password];
+	$domain = $_POST[domain];
+
+	$passwd = md5crypt ("$password");
+	
+	if (empty($username) or empty($password) or empty($domain)) {
+		print "<p>\n";
+		print "You will need to fill all fields.\n";
+		print "<p>\n";
+		print_footer();
+		exit;
+	}
+
+	if (!check_email($username)) {
+		print "<p>\n";
+		print "The email address that you have supplied at <b>Email</b> is not a valid email address, please go back.\n";
+		print "<p>\n";		
+		print_footer();
+		exit;
+	}
+
+	$result = db_query ("SELECT * FROM domain WHERE domain='$domain'");
+	if ($result[rows] != 1) {
+		print "<p>\n";
+		print "The domain <b>$domain</b> is not present in the domain table!\n";
+		print "<p>\n";
+		print_footer();
+		exit;
+	}
+
+	$result = db_query ("SELECT * FROM admin WHERE username='$username'");
+	if ($result[rows] == 1) {
+		print "<p>\n";
+		print "This email address already exists, please choose a different one.\n";
+		print "<p>\n";
+		print_footer();
+		exit;
+	}
+
+	$result = db_query ("INSERT INTO admin (username,password,domain,create_date,change_date) VALUES('$username','$passwd','$domain',NOW(),NOW())");
+	if ($result[rows] == 1) {
+		print "<i>$username</i> has been <b>added</b> to the admin table!\n";
+		print "<p>\n";
+	} else {
+		print "<b>Unable</b> to add: <i>$username</i> to the mailbox table!\n";
+		print "<p>\n";
+		print_footer();
+		exit;
+	}
+}
+?>
+
+Create a new admin for a domain.
+<p>
+<form method=post>
+<table class=form>
+<tr><td>Email:</td><td><input type=text name=username></td></tr>
+<tr><td>Passwd:</td><td><input type=text name=password></td></tr>
+<tr><td>Domain:</td><td><input type=text name=domain></td><td></tr>
+<tr><td colspan=3 align=center><input type=submit name=submit value='Add Entry'></td></tr>
+</table>
+</form>
+<?php
+print "<p>\n";
+print_footer();
+?>
diff --git a/admin/newdomain.php b/admin/newdomain.php
new file mode 100644
index 00000000..22139048
--- /dev/null
+++ b/admin/newdomain.php
@@ -0,0 +1,72 @@
+<?php
+include "my_lib.php";
+
+print_header();
+
+print_menu();
+print "<hr>\n";
+
+if (!empty($_POST[submit])) {
+	$domain = $_POST[domain];
+	$description = $_POST[description];
+	$aliases = $_POST[aliases];
+
+	if (empty($domain) or empty($description)) {
+		print "<p>\n";
+		print "You will need to fill all fields.\n";
+		print "<p>\n";
+		print_footer();
+		exit;
+	}
+
+	$result = db_query ("SELECT * FROM domain WHERE domain='$domain'");
+	if ($result[rows] == 1) {
+		print "<p>\n";
+		print "This domain already exists, please choose a different one.\n";
+		print "<p>\n";
+		print_footer();
+		exit;
+	}
+
+	$result = db_query ("INSERT INTO domain (domain,description,create_date,change_date) VALUES('$domain','$description',NOW(),NOW())");
+	if ($result[rows] == 1) {
+		print "<i>$domain</i> has been <b>added</b> to the domain table!\n";
+		print "<p>\n";
+	} else {
+		print "<b>Unable</b> to add: <i>$domain</i> to the domain table!\n";
+		print "<p>\n";
+		print_footer();
+		exit;
+	}
+
+	if ($aliases == "on") {
+		$alias_keys = array_keys($default_aliases);
+		$alias_values = array_values($default_aliases);
+		for ($i = 0; $i < count($alias_keys); $i++) {
+			$address = $alias_keys[$i] . "@" . $domain;
+			$result = db_query ("INSERT INTO alias (address,goto,domain,create_date,change_date) VALUES('$address','$alias_values[$i]','$domain',NOW(),NOW())");
+			if ($result[rows] == 1) {
+				print "<i>$address</i> has been <b>added</b> to the alias table!<br>\n";
+			} else {
+				print "<b>Unable</b> to add: <i>$address</i> to the alias table!<br>\n";
+			}	
+		}
+		print "<p>\n";
+	}
+}
+?>
+
+Create a new domain.
+<p>
+<form method=post>
+<table class=form>
+<tr><td>Domain:</td><td><input type=text name=domain></td></tr>
+<tr><td>Description:</td><td><input type=text name=description></td></tr>
+<tr><td>Add default mail aliases:</td><td><input type=checkbox name=aliases></td></tr>
+<tr><td colspan=2 align=center><input type=submit name=submit value='Add Entry'></td></tr>
+</table>
+</form>
+<?php
+print "<p>\n";
+print_footer();
+?>
diff --git a/admin/passwd.php b/admin/passwd.php
new file mode 100644
index 00000000..c4763e95
--- /dev/null
+++ b/admin/passwd.php
@@ -0,0 +1,48 @@
+<?php
+include "my_lib.php";
+
+print_header();
+
+print_menu();
+print "<hr>\n";
+
+$username = $_GET[username];
+
+if (!empty($_POST[submit])) {
+        $form_new_passwd1 = $_POST[form_new_passwd1];
+
+	if (empty($form_new_passwd1)) {
+		print "<p class=error>\n";
+		print "You will need to fill in the password field!\n";
+		print_footer();
+		exit;
+	}
+
+	$new_passwd = md5crypt($form_new_passwd1);
+	$result = db_query ("UPDATE admin SET password='$new_passwd',change_date=NOW() WHERE username='$username'");
+	if ($result[rows] == 1) {
+		print "The password has been updated!\n";
+		print "<p>\n";
+		print_footer();
+		exit;
+	} else {
+		print "<p class=error>\n";
+		print "<b>Unable</b> to update your password!\n";
+		print_footer();
+		exit;
+	}
+} 
+
+?>
+Change admin password.
+<p>
+<form name=passwd method=post>
+<table class=form>
+<tr><td>Login:</td><td><?php print "$username"; ?></td></tr>
+<tr><td>New Password:</td><td><input type=text name=form_new_passwd1></td></tr>
+<tr><td colspan=2 align=center><input type=submit name=submit value='Enter'></td></tr>
+</table>
+</form>
+<?php
+print_footer();
+?>
diff --git a/admin/site_lib.php b/admin/site_lib.php
new file mode 100644
index 00000000..9516445a
--- /dev/null
+++ b/admin/site_lib.php
@@ -0,0 +1,55 @@
+<?php
+//
+// If site_lib.php is called directly, redirect to login.php
+//
+if (ereg("site_lib.php", $PHP_SELF)) {
+	header("Location: ../login.php");
+}
+
+// login information for the database
+$db_host = "localhost";
+$db_name = "postfix";
+$db_user = "postfixadmin";
+$db_pass = "postfixadmin";
+
+// title used for all pages
+$title = "Mail Admin Admin";
+
+// footer used for all pages
+$version = "Built on Postfix Admin v1.4.0<br>\n2003 &copy; High5!\n";
+
+
+	
+//
+// print_menu
+// Action: Prints out the requirement menu bar
+// Call: print_menu()
+//
+function print_menu() {
+	print "<table>\n";
+	print "<tr>\n";
+	print "<td width=8>&nbsp;</td>\n";
+	print "<td class=menu>\n";
+	print "<a target=_top href=adminview.php>Admin View</a>";
+	print "</td>\n";
+	print "<td width=8>&nbsp;</td>\n";
+	print "<td class=menu>\n";
+	print "<a target=_top href=domainview.php>Domain View</a>";
+	print "</td>\n";
+	print "<td width=8>&nbsp;</td>\n";
+	print "<td class=menu>\n";
+	print "<a target=_top href=virtualview.php>Virtual View</a>";
+	print "</td>\n";
+	print "<td width=8>&nbsp;</td>\n";
+	print "<td class=menu>\n";
+	print "<a target=_top href=newadmin.php>New Admin</a>";
+	print "</td>\n";
+	print "<td width=8>&nbsp;</td>\n";
+	print "<td class=menu>\n";
+	print "<a target=_top href=newdomain.php>New Domain</a>";
+	print "</td>\n";
+	print "<td width=8>&nbsp;</td>\n";
+	print "</tr>\n";
+	print "</table>\n";
+}
+?>
\ No newline at end of file
diff --git a/admin/stylesheet.css b/admin/stylesheet.css
new file mode 100644
index 00000000..9e259e5a
--- /dev/null
+++ b/admin/stylesheet.css
@@ -0,0 +1,192 @@
+body {
+	background:	white;
+	color:		black;
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	13px;
+	margin:		8px;
+	padding:	0px;
+	text-align:	center;
+}
+
+h1 {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	18px;
+	font-weight:	bold;
+	margin-bottom:	0px;
+	margin-top:	20px;
+}
+
+a {
+	color:		blue;
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	11px;
+	text-decoration: none;
+}
+
+a:visited {
+	color:		blue;
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	11px;
+	text-decoration: none;
+}
+
+a:hover {
+	color:		red;
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	11px;
+	text-decoration: underline;
+}
+
+hr {	
+	line-heigt:	1px;
+	margin-top:	10px;
+	margin-bottom:	10px;
+	width:		640px;
+	text-align:	center;
+}
+
+hr.footer {
+	margin-top:	10px;
+	margin-bottom:	0px;
+	width:		640px;
+}
+
+p {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	13px;
+	margin-top:	13px;
+	text-align:	center;
+}
+
+p.footer {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	11px;
+	margin-top:	0px;
+	text-align:	center;
+}
+
+p.error {
+	color:		red;
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	14px;
+	text-align:	center;
+}
+
+table {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	11px;	
+	width:		640px;
+	text-align:	left;
+	margin-top:	0px;
+	margin-bottom:	0px;
+	padding-top:	0px;
+}
+
+table.auto {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	11px;	
+	width:		auto;
+	text-align:	left;
+	margin-top:	0px;
+	margin-bottom:	0px;
+	padding-top:	0px;
+}
+
+
+table.form {
+	font-size:	11px;
+	padding-left:	0px;
+	padding-right:	0px;
+	text-align:	left;
+	width:		auto;
+}
+
+
+td {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	11px;
+	padding-left:	5px;
+	padding-right:	5px;
+}
+
+tr.header {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-weight:	bold;
+	padding-left:	11px;
+	padding-right:	11px;
+}
+
+td.center {
+	text-align:	center;
+}
+
+td.header {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-weight:	bold;
+	padding-left:	11px;
+	padding-right:	11px;
+	text-align:	center;
+}
+
+td.highlight {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	background:	rgb(169,194,162);
+	padding-left:	5px;
+	padding-right:	5px;
+}
+
+td.menu {
+	text-align:	center;
+	background:	#dfdfdf;
+	border-top:	1px solid #999;
+	border-right:	1px solid #999;
+	border-left:	1px solid #999;
+	border-bottom:	1px solid #999;
+	border-radius:	2px;
+	-moz-border-radius:	2px;
+	padding-bottom:	5px;
+	padding-top:	5px;
+
+}
+
+td.right {
+	text-align:	center;
+	padding-left:	0px;
+	padding-right:	0px;
+	margin-left:	0px;
+	margin-right:	0px;
+}
+
+input {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	11px;
+	float:		none;
+	clear:		none;
+}
+
+input.button {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	background:	rgb(232,236,176)
+}
+
+textarea {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	11px;
+}
diff --git a/admin/virtualview.php b/admin/virtualview.php
new file mode 100644
index 00000000..141b70af
--- /dev/null
+++ b/admin/virtualview.php
@@ -0,0 +1,69 @@
+<?php
+include "my_lib.php";
+
+print_header();
+
+print_menu();
+print "<hr>\n";
+
+$order = $_GET[order];
+$where = $_GET[where];
+
+if (empty($order)) $order = "domain,address";
+if (!empty($where)) $where = "WHERE " . "domain='$where'";
+
+$query = "SELECT * FROM alias $where ORDER BY $order";
+
+print "$query\n";
+print "<p>\n";
+
+$result = db_query ("$query");
+	
+if ($result[rows] > 0) {
+	print "<center>\n";
+	print "<table border=1>\n";
+	while ($row = mysql_fetch_array ($result[result])) {
+		print "<tr onMouseOver=\"this.bgColor = '#dfdfdf'\" onMouseOut =\"this.bgColor = '#ffffff'\" bgcolor=\"#ffffff\">";
+		print "<td>$row[address]</td>";
+		print "<td>" . ereg_replace (",", "<br>", $row[goto]) . "</td>";
+		print "<td>$row[change_date]</td>";
+		print "<td>$row[active]</td>";
+		print "</tr>\n";
+	}
+
+	print "</table>\n";
+	print "</center>\n";
+	print "Found: $result[rows]\n";
+	print "<p>\n";
+
+} else {
+	print "Nothing Found!\n";
+	print "<p>\n";
+}
+
+$query = "SELECT * FROM mailbox $where";
+
+print "$query\n";
+
+$result = db_query ("$query");
+if ($result[rows] > 0) {
+	print "<center>\n";
+	print "<table border=1>\n";
+	while ($row = mysql_fetch_array ($result[result])) {
+		print "<tr>";
+		print "<td>$row[username]</td>";
+		print "<td>$row[name]</td>";
+		print "<td>$row[maildir]</td>";
+		print "<td>$row[change_date]</td>";
+		print "<td>$row[active]</td>";
+		print "</tr>\n";
+	}
+	print "</table>\n";
+	print "</center>\n";
+	print "Found: $result[rows]<br>\n";
+} else {
+	print "<p>\n";
+	print "Nothing Found!\n";
+}
+print_footer();
+?>
diff --git a/alias.php b/alias.php
new file mode 100644
index 00000000..a5d35d69
--- /dev/null
+++ b/alias.php
@@ -0,0 +1,77 @@
+<?php
+include "my_lib.php";
+
+$sessid = check_session();
+
+print_header();
+
+print_menu();
+
+print "<hr>\n";
+
+if (!empty($_POST[submit])) {
+        $address = $_POST[address];
+        $goto = $_POST[goto];
+
+	$address_value = $address;
+	$address = $address . "@" . $sessid[domain];
+	
+	if (empty($address) or empty($goto)) {
+		print "<p class=error>\n";
+		print "You will need to fill both fields.\n";
+		print_footer();
+		exit;
+	}
+
+	if (!check_email($address)) {
+		print "<p class=error>\n";
+		print "The email address that you have supplied at <b>Alias</b> is not a valid email address, please go back.\n";
+		print_footer();
+		exit;
+	}
+
+	if (!check_email($goto)) {
+		print "<p class=error>\n";
+		print "The email address that you have supplied at <b>To</b> is not a valid email address, please go back.\n";
+		print_footer();
+		exit;
+	}
+	
+	if ($address_value == "none") {
+		$address = "@" . $sessid[domain];
+	}
+
+	$result = db_query ("SELECT * FROM alias WHERE address='$address'");
+	if ($result[rows] == 1) {
+		print "<p class=error>\n";
+		print "This email address already exists, please choose a different one.\n";
+		print_footer();
+		exit;
+	}
+
+	$result = db_query ("INSERT INTO alias (address,goto,domain,create_date,change_date) VALUES('$address','$goto','$sessid[domain]',NOW(),NOW())");
+	if ($result[rows] == 1) {
+		print "<p>\n";
+		print "<i>$address</i> -> <i>$goto</i> has been <b>added</b> to the alias table!\n";
+		print "<p>\n";
+	} else {
+		print "<p class=error>\n";
+		print "<b>Unable</b> to add: <i>$address</i> -> <i>$goto</i> to the alias table!\n";
+		print_footer();
+		exit;
+	}
+}
+?>
+Create a new alias for your domain.
+<p>
+<form name=alias method=post>
+<table class=form>
+<tr><td>Alias:</td><td><input type=text name=address></td><td>@<?php print "$sessid[domain]" ?></td></tr>
+<tr><td>To:</td><td><input type=text name=goto></td><td>Where the mail needs to be send to.<br>Use "edit" in the overview to add more<br>then one email address.</td></tr>
+<tr><td colspan=3 align=center><input type=submit name=submit value='Enter'></td></tr>
+</table>
+</form>
+If you want to add a catchall enter "none" in the alias field.
+<?php
+print_footer();
+?>
diff --git a/delete.php b/delete.php
new file mode 100644
index 00000000..d7d57814
--- /dev/null
+++ b/delete.php
@@ -0,0 +1,50 @@
+<?php
+include "my_lib.php";
+
+$sessid = check_session();
+
+$check_id = "domain";
+$table = $_GET[table];
+$where = $_GET[where];
+$delete = $_GET[delete];
+$url = "main.php?" . session_name() . "=" . session_id();
+
+if ($table == "alias") {
+	$query = "DELETE FROM alias WHERE address='$delete' AND domain='$sessid[$check_id]'";
+	$result = db_query ("$query");
+	if ($result[rows] == 1) {
+		header("Location: $url");
+	} else {
+		print_header();
+		print "<hr>\n";
+		print "<p class=error>\n";
+		print "<b>Unable</b> to delete entry $delete from the $table table!\n";
+		print_footer();
+	}
+}
+
+if ($table == "mailbox") {
+	$query = "DELETE FROM mailbox WHERE username='$delete' AND domain='$sessid[$check_id]'";
+	$result = db_query ("$query");
+	if ($result[rows] != 1) {
+		print_header();
+		print "<hr>\n";
+		print "<p class=error>\n";
+		print "<b>Unable</b> to delete entry $delete from the $table table!\n";
+		print_footer();
+	}
+
+	$query = "DELETE FROM alias WHERE address='$delete' AND domain='$sessid[$check_id]'";
+	$result = db_query ("$query");
+	if ($result[rows] == 1) {
+		header("Location: $url");
+	} else {
+		print_header();
+		print "<hr>\n";
+		print "<p class=error>\n";
+		print "<b>Unable</b> to delete entry $delete from the $table table!\n";
+		print_footer();
+	}
+
+}
+?>
diff --git a/index.php b/index.php
new file mode 120000
index 00000000..ce0cbc58
--- /dev/null
+++ b/index.php
@@ -0,0 +1 @@
+login.php
\ No newline at end of file
diff --git a/login.php b/login.php
new file mode 100644
index 00000000..4bc84afe
--- /dev/null
+++ b/login.php
@@ -0,0 +1,71 @@
+<?php
+//
+// login.php
+//
+include "my_lib.php";
+
+if (!empty($_POST[submit])) {
+	$form_login = $_POST[form_login];
+	$form_passwd = $_POST[form_passwd];
+
+	$result = db_query ("SELECT password FROM admin WHERE username='$form_login'");
+	
+	if ($result[rows] == 1) {
+		$row = mysql_fetch_array($result[result]);
+		$db_passwd = $row[password];
+		$salt = preg_split('/\$/', $row[password]);
+		$checked_passwd = md5crypt($form_passwd, $salt[2]);
+
+		$result = db_query ("SELECT * FROM admin WHERE username='$form_login' AND password='$checked_passwd' AND active='1'");
+
+		if ($result[rows] == 1) {
+			session_name("SessID");
+			session_start();
+			session_register("sessid");
+
+			$row = mysql_fetch_array($result[result]);
+
+			$sessid = array (
+				"domain" => $row[domain],
+				"username" => $row[username]
+			);
+
+		} else {
+			print_header();
+			print "<h1>Mail Admin</h1>\n";
+			print "<hr>\n";
+			print "<p class=error>\n";
+			print "Either the password that you supplied is incorrect, go back and try again.<p>\n";
+			print "Or you are not authorized to view this page.\n";
+			print_footer();
+			exit;
+		}
+
+	} else {
+		print_header();
+		print "<h1>Mail Admin</h1>\n";
+		print "<hr>\n";
+		print "<p class=error>\n";
+		print "The login that you supplied is not correct, please press BACK and try again.\n";
+		print_footer();
+		exit;
+	}
+
+	header("Location: main.php?" .  session_name() . "=" . session_id());
+} 
+print_header($welcome_title);
+print "<h1>$welcome_header</h1>\n";
+?>
+<hr>
+<form name=login method=post>
+<table class=form>
+<tr><td>Login:</td><td><input type=text name=form_login></td><td>(email address)</td></tr>
+<tr><td>Password:</td><td><input type=password name=form_passwd></td></tr>
+<tr><td colspan=3 align=center><input type=submit name=submit value=Enter></td></tr>
+</table>
+</form>
+<p>
+<a href=vcp.php>Mailbox Password Change</a>
+<?php
+print_footer();
+?>
diff --git a/logout.php b/logout.php
new file mode 100644
index 00000000..e72ee394
--- /dev/null
+++ b/logout.php
@@ -0,0 +1,21 @@
+<?php
+//
+// logout.php
+//
+include "my_lib.php";
+
+$sessid = check_session();
+
+session_unset();
+
+session_destroy();
+
+print_header();
+
+print "<h1>Mail Admin</h1>\n";
+print "<hr>\n";
+print "You are logged out\n";
+print "<p>\n";
+print "<a href=login.php>Login again</a>\n";
+print_footer();
+?>
diff --git a/mailbox.php b/mailbox.php
new file mode 100644
index 00000000..bad1d053
--- /dev/null
+++ b/mailbox.php
@@ -0,0 +1,100 @@
+<?php
+include "my_lib.php";
+
+$sessid = check_session();
+
+print_header();
+
+print_menu();
+
+print "<hr>\n";
+
+if (!empty($_POST[submit])) {
+	$username = $_POST[username];
+	$password = $_POST[password];
+	$password2 = $_POST[password2];
+	$name = $_POST[name];
+
+	$username = $username . "@" . $sessid[domain];
+	$passwd = md5crypt ("$password");
+	$maildir = $username . "/";
+	
+	if (empty($username) or empty($password)) {
+		print "<p class=error>\n";
+		print "You need to fill all fields.\n";
+		print_footer();
+		exit;
+	}
+
+	if (!check_email($username)) {
+		print "<p class=error>\n";
+		print "The email address that you have supplied at <b>Email</b> is not a valid email address, please go back.\n";
+		print_footer();
+		exit;
+	}
+
+	if ($password != $password2) {
+		print "<p class=error>\n";
+		print "The passwords that you supplied don't match!\n";
+		print_footer();
+		exit;
+	}
+	
+	if (!check_string($name)) {
+		print "<p class=error>\n";
+		print "The name that you have supplied at <b>Name</b> is not valid, please go back.\n";
+		print_footer();
+		exit;
+	}
+		
+	$result = db_query ("SELECT * FROM alias WHERE address='$username'");
+	if ($result[rows] == 1) {
+		print "<p class=error>\n";
+		print "This email address already exists, please choose a different one.\n";
+		print_footer();
+		exit;
+	}
+
+	$result = db_query ("INSERT INTO alias (address,goto,domain,create_date,change_date) VALUES('$username','$username','$sessid[domain]',NOW(),NOW())");
+	if ($result[rows] != 1) {
+		print "<p class=error>\n";
+		print "<b>Unable</b> to add: <i>$username</i> to the alias table!\n";
+		print_footer();
+		exit;
+	}
+
+	$result = db_query ("INSERT INTO mailbox (username,password,name,maildir,domain,create_date,change_date) VALUES('$username','$passwd','$name','$maildir','$sessid[domain]',NOW(),NOW())");
+	if ($result[rows] == 1) {
+		$headers = "From: $sessid[username]";
+		$subject = "Welcome";
+		$message = "Hi $name,\n\nWelcome to your new email account.\n\n";
+		print "<i>$username</i> has been <b>added</b> to the mailbox table!\n";
+		print "<p>\n";
+		print "<b>NOTE:</b>\n";
+		if (!mail($username, $subject, $message, $headers)) {
+			print "The user needs to first receive an email in order to use the account.<br>\n";
+		}
+		print "User needs to login with the full email address, in this case: $username\n";
+		print "<p>\n";
+	} else {
+		print "<p class=error>\n";
+		print "<b>Unable</b> to add: <i>$username</i> to the mailbox table!\n";
+		print_footer();
+		exit;
+	}
+}
+?>
+Create a new local mailbox for your domain.
+<p>
+<form name=mailbox method=post>
+<table class=form>
+<tr><td>Email:</td><td><input type=text name=username></td><td>@<?php print "$sessid[domain]"; ?></td></tr>
+<tr><td>Password:</td><td><input type=password name=password></td><td>Password for POP/IMAP</td></tr>
+<tr><td>Password (again):</td><td><input type=password name=password2></td></tr>
+<tr><td>Name:</td><td><input type=text name=name></td><td>Full name</td></tr>
+<tr><td colspan=3 align=center><input type=submit name=submit value='Enter'></td></tr>
+</table>
+</form>
+<?php
+print_footer();
+?>
diff --git a/main.php b/main.php
new file mode 100644
index 00000000..c2e6413b
--- /dev/null
+++ b/main.php
@@ -0,0 +1,73 @@
+<?php
+include "my_lib.php";
+
+$sessid = check_session();
+
+print_header();
+
+print_menu();
+
+print "<hr>\n";
+print "Domain: $sessid[domain]\n";
+print "<p>\n";
+
+$query = "SELECT alias.address,alias.goto,alias.change_date FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.domain='$sessid[domain]' AND mailbox.maildir IS NULL ORDER BY alias.address";
+
+$result = db_query ("$query");
+	
+if ($result[rows] > 0) {
+	print "<center>\n";
+	print "<table border=1>\n";
+	print "<tr class=\"header\">";
+	print "<td>From</td>";
+	print "<td>To</td>";
+	print "<td>Last Modified</td>";
+	print "<td colspan=\"2\">&nbsp;</td>";
+	print "</tr>";
+	while ($row = mysql_fetch_array ($result[result])) {
+		print "<tr onMouseOver=\"this.bgColor = '#dfdfdf'\" onMouseOut =\"this.bgColor = '#ffffff'\" bgcolor=\"#ffffff\">";
+		print "<td>$row[address]</td>";
+		print "<td>" . ereg_replace (",", "<br>", $row[goto]) . "</td>";
+		print "<td>$row[change_date]</td>";
+		print "<td><a href=modify.php?" . session_name() . "=" . session_id() . "&modify=$row[address]>edit</a></td>";
+		print "<td><a href=delete.php?" . session_name() . "=" . session_id() . "&table=alias" . "&delete=$row[address] onclick=\"return confirm ('Are you sure you want to delete this?')\">del</a></td>";
+		print "</tr>\n";
+	}
+	print "</table>\n";
+	print "</center>\n";
+	print "<p>\n";
+} else {
+	print "Nothing found in the alias table!\n";
+	print "<p>\n";
+}
+
+$query = "SELECT * FROM mailbox WHERE domain='$sessid[domain]' ORDER BY username";
+
+$result = db_query ("$query");
+	
+if ($result[rows] > 0) {
+	print "<center>\n";
+	print "<table border=1>\n";
+	print "<tr class=\"header\">";
+	print "<td>Email</td>";
+	print "<td>Name</td>";
+	print "<td>Last Modified</td>";
+	print "<td colspan=\"2\">&nbsp;</td>";
+	print "</tr>";
+	while ($row = mysql_fetch_array ($result[result])) {
+		print "<tr onMouseOver=\"this.bgColor = '#dfdfdf'\" onMouseOut =\"this.bgColor = '#ffffff'\" bgcolor=\"#ffffff\">";
+		print "<td>$row[username]</td>";
+		print "<td>$row[name]</td>";
+		print "<td>$row[change_date]</td>";
+		print "<td><a href=pwd.php?" . session_name() . "=" . session_id() . "&username=$row[username]>edit</a></td>";
+		print "<td><a href=delete.php?" . session_name() . "=" . session_id() . "&table=mailbox" . "&delete=$row[username] onclick=\"return confirm ('Are you sure you want to delete this?')\">del</a></td>";
+		print "</tr>\n";
+	}
+	print "</table>\n";
+	print "</center>\n";
+} else {
+	print "Nothing found in the mailbox table!\n";
+}
+
+print_footer();
+?>
diff --git a/modify.php b/modify.php
new file mode 100644
index 00000000..9e7c4afb
--- /dev/null
+++ b/modify.php
@@ -0,0 +1,91 @@
+<?php
+include "my_lib.php";
+
+$sessid = check_session();
+
+$url = "main.php?" . session_name() . "=" . session_id();
+$modify = $_GET[modify];
+
+if (!empty($_POST[submit])) {
+        $goto = $_POST[goto];
+
+	if (empty($goto)) {
+		print_header();
+		print_menu();
+		print "<hr>\n";
+		print "<p class=error>\n";
+		print "You didn't enter anything at <b>To:</b>.\n";
+		print_footer();
+		exit;
+	}
+
+	$goto = preg_replace('/\r\n/', ',', $goto);
+	$goto = preg_replace('/\,*$/', '', $goto);
+	$array = preg_split('/,/', $goto);
+	for ($i = 0; $i < sizeof($array); $i++) {
+		if (in_array("$array[$i]", $default_aliases)) continue;
+		if (empty($array[$i])) continue;
+		if (!check_email($array[$i])) {
+			print_header();
+			print_menu();
+			print "<hr>\n";
+			print "<p class=error>\n";
+			print "The email address <b>$array[$i]</b> is not a valid email address, please go back.\n";
+			print_footer();
+			exit;
+		}
+	}
+
+	$result = db_query ("UPDATE alias SET goto='$goto', change_date=NOW() WHERE address='$modify' AND domain='$sessid[domain]'");
+	if ($result[rows] == 1) {
+		header("Location: $url");
+	} else {
+		print_header();
+		print_menu();
+		print "<hr>\n";
+		print "<p class=error>\n";
+		print "<b>Unable</b> to update: <i>$address</i> -> <i>$goto</i> in the alias table!\n";
+		print_footer();
+		exit;
+	}
+}
+
+$query = "SELECT * FROM alias WHERE address='$modify' AND domain='$sessid[domain]'";
+$result = db_query ("$query");
+if ($result[rows] == 1) {
+	$row = mysql_fetch_array ($result[result]);
+} else {
+	print_header();
+	print_menu();
+	print "<hr>\n";
+	print "<p class=error>\n";
+	print "Unable to find the alias!\n";
+	print_footer();
+	exit;
+}
+print_header();
+print_menu();
+print "<hr>\n";
+?>
+Change an alias for your domain.
+<p>
+<form name=modify method=post>
+<table class=form>
+<tr><td>Alias:</td><td><?php print "$modify"; ?></td></tr>
+<tr><td colspan=2>&nbsp;</td></tr>
+<tr><td colspan=2 align=center><b>Enter your email aliases below. One per line!</b></td></tr>
+<tr><td valign=top>To:</td><td><textarea rows=24 cols=80 name=goto>
+<?php 
+$array = preg_split('/,/', $row[goto]);
+for ($i = 0 ; $i < sizeof($array) ; $i++) {
+  if (empty($array[$i])) continue;
+  print "$array[$i]\n";
+}
+?>
+</textarea></td></tr>
+<tr><td colspan=2 align=center><input type=submit name=submit value='Enter'></td></tr>
+</table>
+</form>
+<?php
+print_footer();
+?>
diff --git a/my_lib.php b/my_lib.php
new file mode 100644
index 00000000..19f2e87c
--- /dev/null
+++ b/my_lib.php
@@ -0,0 +1,263 @@
+<?php
+//
+// If my_lib.php is called directly, redirect to login.php
+//
+if (ereg("my_lib.php", $PHP_SELF)) {
+	header("Location: login.php");
+}
+
+include "site_lib.php";
+include "admin/config.php";
+
+
+
+//
+// check_session
+// Action: Check if a session already exists, if not redirect to login.php
+// Call: check_session()
+//
+function check_session() {
+	session_name("SessID");
+	session_start();
+	if (!session_is_registered("sessid")) {
+		// if session is not registered redirect to login.php
+		header("Location: login.php");
+		exit;
+	}
+	$sessid[domain] = $_SESSION[sessid][domain];
+	$sessid[username] = $_SESSION[sessid][username];
+	return $sessid;
+}
+
+
+
+//
+// check_admin
+// Action: Check if user is admin and allowed to view the page
+// Call: check_admin(string admin);
+//
+function check_admin($admin) {
+	if ($admin == "N") {
+		print_header();
+		print "You are not allowed to view this page.\n";
+		print_footer();
+		exit;
+	}
+}
+
+
+
+//
+// check_string
+// Action: checks if a string is valid and returns TRUE is this is the case.
+// Call: check_string(string var)
+//
+function check_string($var) {
+	return (preg_match('/^([A-Za-z ]+)+$/', $var));
+}
+
+
+
+//
+// check_escape
+// Action: checks to see if there are chars that need to be escaped
+// Call: check_escape(string var)
+//
+function check_escape($var) {
+	$search = array ("'<script[^>]*?>.*?</script>'si",
+		"'<[\/\!]*?[^<>]*?>'si",
+		"'\''i");
+
+	$replace = array ("",
+		"",
+		"");
+
+	$escaped = preg_replace ($search, $replace, $var);
+	return $escaped;
+}
+
+
+
+//
+// check_email
+// Action: Checks if email is valid and returns TRUE if this is the case.
+// Call: check_email(string email)
+//
+function check_email($email) { 
+	return (preg_match('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{|}~]+' . '@' . '([-0-9A-Z]+\.)+' . '([0-9A-Z]){2,4}$/i', trim($email)));
+}
+
+
+
+//
+// md5crypt
+// Action: Creates an MD5 passwd that is readable by FreeBSD daemons
+// Call: md5crypt(string cleartextpasswd)
+//
+
+$MAGIC = "$1$";
+$ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+
+function md5crypt($pw, $salt="", $magic="") {
+	global $MAGIC;
+	if ($magic == "") $magic = $MAGIC;
+	if ($salt == "") $salt = create_salt(); 
+	$slist = explode("$", $salt);
+	if ($slist[0] == "1") $salt = $slist[1];
+	$salt = substr($salt, 0, 8);
+	$ctx = $pw . $magic . $salt;
+	$final = hex2bin(md5($pw . $salt . $pw));
+	for ($i=strlen($pw); $i>0; $i-=16) {
+		if ($i > 16) 
+			$ctx .= substr($final,0,16);
+		else
+			$ctx .= substr($final,0,$i);
+	}
+	$i = strlen($pw);
+	while ($i > 0) {
+		if ($i & 1) $ctx .= chr(0);
+		else $ctx .= $pw[0];
+		$i = $i >> 1;
+	}
+	$final = hex2bin(md5($ctx));
+	for ($i=0;$i<1000;$i++) {
+		$ctx1 = "";
+    	if ($i & 1) $ctx1 .= $pw;
+		else $ctx1 .= substr($final,0,16);
+		if ($i % 3) $ctx1 .= $salt;
+	  	if ($i % 7) $ctx1 .= $pw;
+		if ($i & 1) $ctx1 .= substr($final,0,16);
+		else $ctx1 .= $pw;
+		$final = hex2bin(md5($ctx1));
+	}
+	$passwd = "";
+	$passwd .= to64( ( (ord($final[0]) << 16) | (ord($final[6]) << 8) | (ord($final[12])) ), 4);
+	$passwd .= to64( ( (ord($final[1]) << 16) | (ord($final[7]) << 8) | (ord($final[13])) ), 4);
+	$passwd .= to64( ( (ord($final[2]) << 16) | (ord($final[8]) << 8) | (ord($final[14])) ), 4);
+	$passwd .= to64( ( (ord($final[3]) << 16) | (ord($final[9]) << 8) | (ord($final[15])) ), 4);
+	$passwd .= to64( ( (ord($final[4]) << 16) | (ord($final[10]) << 8) | (ord($final[5])) ), 4);
+	$passwd .= to64( ord($final[11]), 2);
+	return "$magic$salt\$$passwd";
+}
+function create_salt() {
+	srand((double)microtime()*1000000);
+	$salt = substr(md5(rand(0,9999999)), 0, 8);
+	return $salt;
+}
+function hex2bin($str) {
+	$len = strlen($str);
+	$nstr = "";
+	for ($i=0;$i<$len;$i+=2) {
+		$num = sscanf(substr($str,$i,2), "%x");
+		$nstr.=chr($num[0]);
+	}
+	return $nstr;
+}
+function to64($v, $n) {
+	global $ITOA64;
+	$ret = "";
+	while (($n - 1) >= 0) {
+		$n--;
+		$ret .= $ITOA64[$v & 0x3f];
+		$v = $v >> 6;
+	}
+	return $ret;
+}
+
+
+
+//
+// print_header
+// Action: Prints out the default header for every page
+// Call: print_header([string title])
+//
+function print_header($title = "") {
+	if (empty($title)) {
+		global $title;
+	}
+	print "<html>\n";
+	print "<head>\n";
+	if (file_exists(realpath("./stylesheet.css"))) {
+		print "<link rel=stylesheet href=stylesheet.css>\n";
+	}
+	print "<title>$title</title>\n";
+	print "</head>\n";
+	print "<body>\n";
+	print "<center>\n";
+}
+
+
+
+//
+// print_footer
+// Action: Prints out the default footer for every page
+// Call: print_footer()
+//
+function print_footer() {
+	global $version;
+	print "<hr class=footer>\n";
+	print "<p class=footer>\n";
+	print "$version\n";
+	print "</center>\n";
+	print "</body>\n";
+	print "</html>\n";
+}
+
+
+
+//
+// print_error
+// Action: Prints an error message and exits/dies
+// Call: print_error(string error message);
+//
+function print_error($msg, $header = "YES") {
+	if ($header == "YES") {
+		print_header();
+	}
+	print "$msg";
+	print_footer();
+	exit;
+}
+
+
+
+//
+// db_connect
+// Action: Makes a connection to the database if it doesn't exist
+// Call: db_connect()
+//
+function db_connect() {
+	global $db_host;
+	global $db_name;
+	global $db_user;
+	global $db_pass;
+	$link = mysql_connect("$db_host", "$db_user", "$db_pass") or print_error("Could not connect to database server: <b>$db_host</b>.");
+	$succes = mysql_select_db("$db_name", $link) or print_error("Could not select database: <b>$db_name</b>.");
+	return ($link);
+}
+
+
+
+//
+// db_query
+// Action: Sends a query to the database and returns query result and number of rows
+// Call: db_query(string query)
+//
+function db_query($query) {
+	$link = db_connect();
+	$result = mysql_query("$query", $link) or print_error("Could not query the table.<br>", "NO");
+	// if $query was a select statement check the number of rows with mysql_num_rows().
+	if (eregi("^select", $query)) {
+		$number_rows = mysql_num_rows($result);
+	// if $query was something else, UPDATE, DELETE or INSERT check the number of rows with
+	// mysql_affected_rows().
+	} else {
+		$number_rows = mysql_affected_rows($link);
+	}
+	$return = array (
+		"result" => $result,
+		"rows" => $number_rows
+	);
+	return ($return);
+}
+?>
diff --git a/passwd.php b/passwd.php
new file mode 100644
index 00000000..efc58c74
--- /dev/null
+++ b/passwd.php
@@ -0,0 +1,81 @@
+<?php
+include "my_lib.php";
+
+$sessid = check_session();
+
+print_header();
+
+print_menu();
+
+print "<hr>\n";
+
+if (!empty($_POST[submit])) {
+        $form_passwd = $_POST[form_passwd];
+        $form_new_passwd1 = $_POST[form_new_passwd1];
+        $form_new_passwd2 = $_POST[form_new_passwd2];
+
+	if (empty($form_passwd) or empty($form_new_passwd1) or empty($form_new_passwd2)) {
+		print "<p class=error>\n";
+		print "You will need to fill all fields!\n";
+		print_footer();
+		exit;
+	}
+
+	if ($form_new_passwd1 != $form_new_passwd2) {
+		print "<p class=error>\n";
+		print "The new passwords that you supplied don't match!\n";
+		print_footer();
+		exit;
+	}
+
+	
+	$result = db_query ("SELECT password FROM admin WHERE username='$sessid[username]'");
+	if ($result[rows] == 1) {
+		$row = mysql_fetch_array($result[result]);
+		$db_passwd = $row[password];
+		$keys = preg_split('/\$/', $row[password]);
+		$checked_passwd = md5crypt($form_passwd, $keys[2]);
+
+		$result = db_query ("SELECT * FROM admin WHERE username='$sessid[username]' AND password='$checked_passwd' AND active='1'");
+		if ($result[rows] != 1) {
+			print "<p class=error>\n";
+			print "The password that you have entered doesn't match your current password!\n";
+			print_footer();
+			exit;
+		}
+
+	}
+
+	$new_passwd = md5crypt($form_new_passwd1);
+	$result = db_query ("UPDATE admin SET password='$new_passwd',change_date=NOW() WHERE username='$sessid[username]'");
+	if ($result[rows] == 1) {
+		print "Your password has been updated!\n";
+		session_unset();
+		session_destroy();
+		print "<p>\n";
+		print "<a href=login.php>Login</a>\n";
+		print_footer();
+		exit;
+	} else {
+		print "<p class=error>\n";
+		print "<b>Unable</b> to update your password!\n";
+		print_footer();
+		exit;
+	}
+} 
+
+?>
+Change your password.
+<p>
+<form name=passwd method=post>
+<table class=form>
+<tr><td>Login:</td><td><?php print "$sessid[username]"; ?></td></tr>
+<tr><td>Current Password:</td><td><input type=password name=form_passwd></td></tr>
+<tr><td>New Password:</td><td><input type=password name=form_new_passwd1></td></tr>
+<tr><td>New Password (again):</td><td><input type=password name=form_new_passwd2></td></tr>
+<tr><td colspan=2 align=center><input type=submit name=submit value='Enter'></td></tr>
+</table>
+</form>
+<?php
+print_footer();
+?>
diff --git a/pwd.php b/pwd.php
new file mode 100644
index 00000000..d021b77c
--- /dev/null
+++ b/pwd.php
@@ -0,0 +1,61 @@
+<?php
+include "my_lib.php";
+
+$sessid = check_session();
+
+$username = $_GET[username];
+
+print_header();
+
+print_menu();
+
+print "<hr>\n";
+
+if (!empty($_POST[submit])) {
+        $form_new_passwd1 = $_POST[form_new_passwd1];
+        $form_new_passwd2 = $_POST[form_new_passwd2];
+
+	if (empty($form_new_passwd1) or empty($form_new_passwd2)) {
+		print "<p class=error>\n";
+		print "You will need to fill all fields!\n";
+		print_footer();
+		exit;
+	}
+
+	if ($form_new_passwd1 != $form_new_passwd2) {
+		print "<p class=error>\n";
+		print "The new passwords that you supplied don't match!\n";
+		print_footer();
+		exit;
+	}
+	
+	$new_passwd = md5crypt($form_new_passwd1);
+	$result = db_query ("UPDATE mailbox SET password='$new_passwd',change_date=NOW() WHERE username='$username' AND domain='$sessid[domain]'");
+	if ($result[rows] == 1) {
+		print "The password has been updated!\n";
+		print "<p>\n";
+		print "<a href=main.php?" . session_name() . "=" . session_id() . ">Go Back</a>\n";
+		print_footer();
+		exit;
+	} else {
+		print "<p class=error>\n";
+		print "<b>Unable</b> to update your password!\n";
+		print_footer();
+		exit;
+	}
+} 
+
+?>
+Change password.
+<p>
+<form name=passwd method=post>
+<table class=form>
+<tr><td>Login:</td><td><?php print "$username"; ?></td></tr>
+<tr><td>New Password:</td><td><input type=password name=form_new_passwd1></td></tr>
+<tr><td>New Password (again):</td><td><input type=password name=form_new_passwd2></td></tr>
+<tr><td colspan=2 align=center><input type=submit name=submit value='Enter'></td></tr>
+</table>
+</form>
+<?php
+print_footer();
+?>
diff --git a/site_lib.php b/site_lib.php
new file mode 100644
index 00000000..a99f3d3f
--- /dev/null
+++ b/site_lib.php
@@ -0,0 +1,61 @@
+<?php
+//
+// If site_lib.php is called directly, redirect to login.php
+//
+if (ereg("site_lib.php", $PHP_SELF)) {
+	header("Location: login.php");
+}
+
+// login information for the database
+$db_host = "localhost";
+$db_name = "postfix";
+$db_user = "postfixadmin";
+$db_pass = "postfixadmin";
+
+// title used for all pages except login
+$title = "Mail Admin";
+
+// title used for login
+$welcome_title = ":: Welcome to Mail Admin ::";
+
+// header used for login
+$welcome_header = "Welcome to Mail Admin";
+
+// footer used for all pages
+$version = "Built on Postfix Admin v1.4.0<br>\n2003 &copy; High5!";
+
+
+
+//
+// print_menu
+// Action: Prints out the requirement menu bar
+// Call: print_menu()
+//
+function print_menu() {
+	print "<table>\n";
+	print "<tr>\n";
+	print "<td width=8>&nbsp;</td>\n";
+	print "<td class=menu>\n";
+	print "<a target=_top href=main.php?" . session_name() . "=" . session_id() . ">Overview</a>";
+	print "</td>\n";
+	print "<td width=8>&nbsp;</td>\n";
+	print "<td class=menu>\n";
+	print "<a target=_top href=alias.php?" . session_name() . "=" . session_id() . ">Add Alias</a>";
+	print "</td>\n";
+	print "<td width=8>&nbsp;</td>\n";
+	print "<td class=menu>\n";
+	print "<a target=_top href=mailbox.php?" . session_name() . "=" . session_id() . ">Add Mailbox</a>";
+	print "</td>\n";
+	print "<td width=8>&nbsp;</td>\n";
+	print "<td class=menu>\n";
+	print "<a target=_top href=passwd.php?" . session_name() . "=" . session_id() . ">Passwd</a>";
+	print "</td>\n";
+	print "<td width=8>&nbsp;</td>\n";
+	print "<td class=menu>\n";
+	print "<a target=_top href=logout.php?" . session_name() . "=" . session_id() . ">Logout</a>";
+	print "</td>\n";
+	print "<td width=8>&nbsp;</td>\n";
+	print "</tr>\n";
+	print "</table>\n";
+}
+?>
diff --git a/stylesheet.css b/stylesheet.css
new file mode 100644
index 00000000..9e259e5a
--- /dev/null
+++ b/stylesheet.css
@@ -0,0 +1,192 @@
+body {
+	background:	white;
+	color:		black;
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	13px;
+	margin:		8px;
+	padding:	0px;
+	text-align:	center;
+}
+
+h1 {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	18px;
+	font-weight:	bold;
+	margin-bottom:	0px;
+	margin-top:	20px;
+}
+
+a {
+	color:		blue;
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	11px;
+	text-decoration: none;
+}
+
+a:visited {
+	color:		blue;
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	11px;
+	text-decoration: none;
+}
+
+a:hover {
+	color:		red;
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	11px;
+	text-decoration: underline;
+}
+
+hr {	
+	line-heigt:	1px;
+	margin-top:	10px;
+	margin-bottom:	10px;
+	width:		640px;
+	text-align:	center;
+}
+
+hr.footer {
+	margin-top:	10px;
+	margin-bottom:	0px;
+	width:		640px;
+}
+
+p {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	13px;
+	margin-top:	13px;
+	text-align:	center;
+}
+
+p.footer {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	11px;
+	margin-top:	0px;
+	text-align:	center;
+}
+
+p.error {
+	color:		red;
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	14px;
+	text-align:	center;
+}
+
+table {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	11px;	
+	width:		640px;
+	text-align:	left;
+	margin-top:	0px;
+	margin-bottom:	0px;
+	padding-top:	0px;
+}
+
+table.auto {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	11px;	
+	width:		auto;
+	text-align:	left;
+	margin-top:	0px;
+	margin-bottom:	0px;
+	padding-top:	0px;
+}
+
+
+table.form {
+	font-size:	11px;
+	padding-left:	0px;
+	padding-right:	0px;
+	text-align:	left;
+	width:		auto;
+}
+
+
+td {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	11px;
+	padding-left:	5px;
+	padding-right:	5px;
+}
+
+tr.header {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-weight:	bold;
+	padding-left:	11px;
+	padding-right:	11px;
+}
+
+td.center {
+	text-align:	center;
+}
+
+td.header {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-weight:	bold;
+	padding-left:	11px;
+	padding-right:	11px;
+	text-align:	center;
+}
+
+td.highlight {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	background:	rgb(169,194,162);
+	padding-left:	5px;
+	padding-right:	5px;
+}
+
+td.menu {
+	text-align:	center;
+	background:	#dfdfdf;
+	border-top:	1px solid #999;
+	border-right:	1px solid #999;
+	border-left:	1px solid #999;
+	border-bottom:	1px solid #999;
+	border-radius:	2px;
+	-moz-border-radius:	2px;
+	padding-bottom:	5px;
+	padding-top:	5px;
+
+}
+
+td.right {
+	text-align:	center;
+	padding-left:	0px;
+	padding-right:	0px;
+	margin-left:	0px;
+	margin-right:	0px;
+}
+
+input {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	11px;
+	float:		none;
+	clear:		none;
+}
+
+input.button {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	background:	rgb(232,236,176)
+}
+
+textarea {
+	font-family:	Verdana;
+	font-family:	Verdana, Arial, Helvetica, sans-serif;
+	font-size:	11px;
+}
diff --git a/vcp.php b/vcp.php
new file mode 100644
index 00000000..76c03890
--- /dev/null
+++ b/vcp.php
@@ -0,0 +1,85 @@
+<?php
+include "my_lib.php";
+
+print_header();
+
+print "<h1>Mail Admin</h1>\n";
+print "<hr>\n";
+
+if (!empty($_POST[submit])) {
+        $form_login = $_POST[form_login];
+        $form_passwd = $_POST[form_passwd];
+        $form_new_passwd1 = $_POST[form_new_passwd1];
+        $form_new_passwd2 = $_POST[form_new_passwd2];
+	
+	if (empty($form_login) or empty($form_passwd) or empty($form_new_passwd1) or empty($form_new_passwd2)) {
+		print "<p class=error>\n";
+		print "You didn't enter all fields!\n";
+		print_footer();
+		exit;
+	}
+
+	if ($form_new_passwd1 != $form_new_passwd2) {
+		print "<p class=error>\n";
+		print "The passwords that you supplied don't match!\n";
+		print_footer();
+		exit;
+	}
+
+	$result = db_query ("SELECT * FROM mailbox WHERE username='$form_login' AND active='1'");
+
+	if ($result[rows] != 1) {
+		print "<p class=error>\n";
+		print "The mailbox does not exist!\n";
+		print_footer();
+		exit;
+	}
+
+	$result = db_query ("SELECT password FROM mailbox WHERE username='$form_login'");
+	
+	if ($result[rows] == 1) {
+		$row = mysql_fetch_array($result[result]);
+		$db_passwd = $row[password];
+		$keys = preg_split('/\$/', $row[password]);
+		$checked_passwd = md5crypt($form_passwd, $keys[2]);
+
+		$result = db_query ("SELECT * FROM mailbox WHERE username='$form_login' AND password='$checked_passwd' AND active='1'");
+
+		if ($result[rows] != 1) {
+			print "<p class=error>\n";
+			print "The password that you have entered doesn't match your current password!\n";
+			print_footer();
+			exit;
+		}
+	}
+
+	$new_passwd = md5crypt($form_new_passwd1);
+	
+	$result = db_query ("UPDATE mailbox SET password='$new_passwd',change_date=NOW() WHERE username='$form_login'");
+	
+	if ($result[rows] == 1) {
+		print "Your password has been updated!\n";
+		print_footer();
+		exit;
+	} else {
+		print "<p class=error>\n";
+		print "<b>Unable</b> to update your password!\n";
+		print_footer();
+		exit;
+	}
+} 
+?>
+Change your mailbox password.
+<p>
+<form name=vcp method=post>
+<table class=form>
+<tr><td>Email:</td><td><input type=text name=form_login></td></tr>
+<tr><td>Current Password:</td><td><input type=password name=form_passwd></td></tr>
+<tr><td>New Password:</td><td><input type=password name=form_new_passwd1></td></tr>
+<tr><td>New Password (again):</td><td><input type=password name=form_new_passwd2></td></tr>
+<tr><td colspan=2 align=center><input type=submit name=submit value='Enter'></td></tr>
+</table>
+</form>
+<?php
+print_footer();
+?>