From 36339f66a512c11c5d461d60f8600278e1c04814 Mon Sep 17 00:00:00 2001 From: Mischa Peters Date: Sat, 24 Mar 2007 07:27:00 +0000 Subject: [PATCH] Initial Import in SourceForge git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/tags/postfixadmin-1.4.0@1 a1433add-5e2c-0410-b055-b7f2511e0802 --- CHANGELOG.TXT | 35 ++++++ INSTALL.TXT | 111 ++++++++++++++++++ LICENSE.TXT | 50 ++++++++ UPGRADE.TXT | 90 ++++++++++++++ admin/.htaccess | 8 ++ admin/.htpasswd | 1 + admin/LICENSE.TXT | 50 ++++++++ admin/adminview.php | 44 +++++++ admin/config.php | 15 +++ admin/delete.php | 47 ++++++++ admin/domainview.php | 41 +++++++ admin/index.php | 1 + admin/my_lib.php | 264 ++++++++++++++++++++++++++++++++++++++++++ admin/newadmin.php | 76 ++++++++++++ admin/newdomain.php | 72 ++++++++++++ admin/passwd.php | 48 ++++++++ admin/site_lib.php | 55 +++++++++ admin/stylesheet.css | 192 ++++++++++++++++++++++++++++++ admin/virtualview.php | 69 +++++++++++ alias.php | 77 ++++++++++++ delete.php | 50 ++++++++ index.php | 1 + login.php | 71 ++++++++++++ logout.php | 21 ++++ mailbox.php | 100 ++++++++++++++++ main.php | 73 ++++++++++++ modify.php | 91 +++++++++++++++ my_lib.php | 263 +++++++++++++++++++++++++++++++++++++++++ passwd.php | 81 +++++++++++++ pwd.php | 61 ++++++++++ site_lib.php | 61 ++++++++++ stylesheet.css | 192 ++++++++++++++++++++++++++++++ vcp.php | 85 ++++++++++++++ 33 files changed, 2496 insertions(+) create mode 100644 CHANGELOG.TXT create mode 100644 INSTALL.TXT create mode 100644 LICENSE.TXT create mode 100644 UPGRADE.TXT create mode 100644 admin/.htaccess create mode 100644 admin/.htpasswd create mode 100644 admin/LICENSE.TXT create mode 100644 admin/adminview.php create mode 100644 admin/config.php create mode 100644 admin/delete.php create mode 100644 admin/domainview.php create mode 120000 admin/index.php create mode 100644 admin/my_lib.php create mode 100644 admin/newadmin.php create mode 100644 admin/newdomain.php create mode 100644 admin/passwd.php create mode 100644 admin/site_lib.php create mode 100644 admin/stylesheet.css create mode 100644 admin/virtualview.php create mode 100644 alias.php create mode 100644 delete.php create mode 120000 index.php create mode 100644 login.php create mode 100644 logout.php create mode 100644 mailbox.php create mode 100644 main.php create mode 100644 modify.php create mode 100644 my_lib.php create mode 100644 passwd.php create mode 100644 pwd.php create mode 100644 site_lib.php create mode 100644 stylesheet.css create mode 100644 vcp.php diff --git a/CHANGELOG.TXT b/CHANGELOG.TXT new file mode 100644 index 00000000..fc3aa1ca --- /dev/null +++ b/CHANGELOG.TXT @@ -0,0 +1,35 @@ +############################# +# Postfix Admin Release 1.x # +############################# +# +# 2003 (c) High5! +# Created by: Mischa Peters +# + +Version 1.4.0 -- TBD +--------------------- + - Added: When deleting a domain, all aliases and mailboxes for that domain + are also deleted from the database. + - Added: Add standard aliases for every domain that is created. + These aliases can point to the main "local" administrator. + The aliases are configured in the config.php in the admin directory. + - Change: The layout of my_lib.php and site_lib.php have been changed. + - Change: Modifying an alias is now done with TEXTAREA for more + flexibility. + - Fix: minor bugs and cosmetic fixes. + + +Version 1.3.8a -- 2003/03/31 +---------------------------- + - Fix: After deletion of a domain it would not return to the correct page. + + +Version 1.3.8 -- 2003/03/25 +---------------------------- + - Added: Admin password change. No longer needed to delete and re-enter + the admin user for a specific domain. + + +Version 1.3.7 -- 2002/12/24 +---------------------------- + - Initial public release of Postfix Admin. diff --git a/INSTALL.TXT b/INSTALL.TXT new file mode 100644 index 00000000..41a85041 --- /dev/null +++ b/INSTALL.TXT @@ -0,0 +1,111 @@ +############################# +# Postfix Admin Release 1.x # +############################# +# +# 2003 (c) High5! +# Created by: Mischa Peters +# +# Detailed instructions on how to install / upgrade Postfix Admin can be +# found in UPGRADE.TXT +# +# Unpack Postfix Admin in the directory where you want it. For example: /usr/local/www//postfixadmin +# There is also an Admin Admin part, change directory to the "admin" directory +# and change the path to the .htpasswd file in the .htaccess file. +# +# Some other information that you might want to look at is in the site_lib.php +# file. +# +# In order to be able to read & write from the database I have created a +# seperate user in MySQL. I do this because Postfix Admin needs to have more +# rights on the Postfix database. If you are worried abour the password for +# the database. I have Postfix Admin running as the WebServer owner:group, +# that way your postfix username and password are somewhat protected against +# local users. +# +# You can use this file to create the tables that are needed to use postfix +# with mysql. The bottom part is for Postfix Admin. +# +# You can do this from the command line with: +# +# mysql -u root [-p] < INSTALL.TXT + +# +# Postfix / MySQL +# +USE mysql +INSERT INTO user (Host, User, Password) VALUES ('localhost','postfix',password('postfix')); +INSERT INTO db (Host, Db, User, Select_priv) VALUES ('localhost','postfix','postfix','Y'); +CREATE DATABASE postfix; + +# +# Table structure for table alias +# +USE postfix; +CREATE TABLE alias ( + address varchar(255) NOT NULL default '', + goto text NOT NULL, + domain varchar(255) NOT NULL default '', + create_date datetime NOT NULL default '0000-00-00 00:00:00', + change_date datetime NOT NULL default '0000-00-00 00:00:00', + active tinyint(4) NOT NULL default '1', + PRIMARY KEY (address), + UNIQUE KEY address (address), + KEY address_2 (address) +) TYPE=MyISAM COMMENT='Virtual Aliases - mysql_virtual_alias_maps'; + +# +# Table structure for table domain +# +USE postfix; +CREATE TABLE domain ( + domain varchar(255) NOT NULL default '', + description varchar(255) NOT NULL default '', + create_date datetime NOT NULL default '0000-00-00 00:00:00', + change_date datetime NOT NULL default '0000-00-00 00:00:00', + active tinyint(4) NOT NULL default '1', + PRIMARY KEY (domain), + UNIQUE KEY domain (domain) +) TYPE=MyISAM COMMENT='Virtual Domains - mysql_virtual_domains_maps'; + +# +# Table structure for table mailbox +# +USE postfix; +CREATE TABLE mailbox ( + username varchar(255) NOT NULL default '', + password varchar(255) NOT NULL default '', + name varchar(255) NOT NULL default '', + maildir varchar(255) NOT NULL default '', + domain varchar(255) NOT NULL default '', + create_date datetime NOT NULL default '0000-00-00 00:00:00', + change_date datetime NOT NULL default '0000-00-00 00:00:00', + active tinyint(4) NOT NULL default '1', + PRIMARY KEY (username), + UNIQUE KEY id (username) +) TYPE=MyISAM COMMENT='Virtual Mailboxes - mysql_virtual_mailbox_maps'; + +# +# +# + +# +# Postfix Admin User & Table +# +USE mysql +INSERT INTO user (Host, User, Password) VALUES ('localhost','postfixadmin',password('postfixadmin')); +INSERT INTO db (Host, Db, User, Select_priv, Insert_priv, Update_priv, Delete_priv) VALUES ('localhost', 'postfix', 'postfixadmin', 'Y', 'Y', 'Y', 'Y'); + +# +# Table structure for table admin +# +USE postfix; +CREATE TABLE admin ( + username varchar(255) NOT NULL default '', + password varchar(255) NOT NULL default '', + domain varchar(255) NOT NULL default '', + create_date datetime NOT NULL default '0000-00-00 00:00:00', + change_date datetime NOT NULL default '0000-00-00 00:00:00', + active tinyint(4) NOT NULL default '1', + UNIQUE KEY username (username), + KEY username_2 (username) +) TYPE=MyISAM COMMENT='Virtual Admins - Store Virtual Domain Admins'; diff --git a/LICENSE.TXT b/LICENSE.TXT new file mode 100644 index 00000000..71e00ff7 --- /dev/null +++ b/LICENSE.TXT @@ -0,0 +1,50 @@ +License for Postfix Admin: + + The contents of this file are subject to the Mozilla Public License + Version 1.1 (the "License"); you may not use this file except in + compliance with the License. You may obtain a copy of the License at + http://www.mozilla.org/MPL/ + + Software distributed under the License is distributed on an "AS IS" + basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the + License for the specific language governing rights and limitations + under the License. + + The Original Code is Postfix Admin. + + The Initial Developer of the Original Code is Mischa Peters . + Portions created by Mischa Peters are Copyright (c) 2002, 2003. + All Rights Reserved. + + Contributor(s): + + +This project includes work by Mischa Peters and others that is: + + Copyright (c) 2002,2003 Mischa Peters + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + + Neither the names of the copyright holders nor the names of the XLW + Group and its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/UPGRADE.TXT b/UPGRADE.TXT new file mode 100644 index 00000000..99008f53 --- /dev/null +++ b/UPGRADE.TXT @@ -0,0 +1,90 @@ +############################# +# Postfix Admin Release 1.x # +############################# +# +# 2003 (c) High5! +# Created by: Mischa Peters +# + +Upgrade from 1.3.x +------------------ +Since some features have been added to this release which are partially +coming from site_lib.php it's wise to do a complete upgrade and modify your +settings in the new site_lib.php. + + +1. Backup old installation +--------------------------- +Make a backup of your current Postfix Admin directory. If you use "cp", be +sure to use the "-Rp" options. -R means recursive, and -p will save the +permissions in the directory. + +In this example, we assume that your httpd document directory is +/usr/local/postfixadmin, that your Postfix Admin install is located at +/usr/local/postfixadmin/postfixadmin, and that your new Postfix Admin version is 1.4.0. +Substitute version numbers and names as required. + + $ cd /usr/local/postfixadmin + $ cp -Rp postfixadmin postfixadmin.old + + +2. Unarchive new Postfix Admin +------------------------------ +Make sure that you are in your /usr/local/postfixadmin/ directory and then unarchive the +Postfix Admin archive (whatever the filename is): + + $ tar -zxvf postfixadmin-1.4.0.tgz + + +3. Change permissions +---------------------- +Since the database password is stored in the site_lib.php it's a good idea +to have Postfix Admin set to the permission of the webserver. In this +example, we assume that user "www" and group "www" are the web server as is +often the case with Apache. + + $ cd /usr/local/postfixadmin/ + $ chown -R www:www postfixadmin + +This is also a good idea for the file permissions. + + $ cd /usr/local/postfixadmin/postfixadmin + $ chmod 640 *.php *.css + $ cd /usr/local/postfixadmin/postfixadmin/admin + $ chmod 640 *.php *.css + +Additionally, if "chown user:group" doesn't work, you can use "chown user" +and "chgrp group" instead. See the man pages for these commands for more +information. + + +4. Create the MySQL Tables +-------------------------- +In INSTALL.TXT you can find the table structure that you need in order to +configure Postfix Admin and Postfix in general to work with Virtual Domains +and Users + + +5. Configure +------------ +Look at the file site_lib.php in the root of Postfix Admin and the +site_lib.php in the admin directory. Here you can specify the username and +possword of the Postfix Admin user as well as the database name. + +In this file you can also find the text that is displayed as the title, +header and footer. You can change this as you see fit. +To change the background and text color please check the stylesheet.css + +In config.php in the admin directory you can find an array of default +aliases that are created when a new domain is created. You can change these +aliases so that they reflect your setup. + +The default password for the admin part of Postfix Admin is admin/admin. +This is specified in the .htpasswd file in the admin directory. +Make sure that the location of the .htpasswd file matches your path. + + +6. Done +------- +This is all that is needed. Fire up your browser and go to the site that you +specified to host Postfix Admin. diff --git a/admin/.htaccess b/admin/.htaccess new file mode 100644 index 00000000..df745a3a --- /dev/null +++ b/admin/.htaccess @@ -0,0 +1,8 @@ +AuthUserFile /usr/local/postfixadmin/admin/.htpasswd +AuthGroupFile /dev/null +AuthName "Postfix Admin" +AuthType Basic + + +require valid-user + diff --git a/admin/.htpasswd b/admin/.htpasswd new file mode 100644 index 00000000..3b7d51c7 --- /dev/null +++ b/admin/.htpasswd @@ -0,0 +1 @@ +admin:$apr1$5awhn...$NvPhYnYme5lGzdXBd3/P// diff --git a/admin/LICENSE.TXT b/admin/LICENSE.TXT new file mode 100644 index 00000000..71e00ff7 --- /dev/null +++ b/admin/LICENSE.TXT @@ -0,0 +1,50 @@ +License for Postfix Admin: + + The contents of this file are subject to the Mozilla Public License + Version 1.1 (the "License"); you may not use this file except in + compliance with the License. You may obtain a copy of the License at + http://www.mozilla.org/MPL/ + + Software distributed under the License is distributed on an "AS IS" + basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the + License for the specific language governing rights and limitations + under the License. + + The Original Code is Postfix Admin. + + The Initial Developer of the Original Code is Mischa Peters . + Portions created by Mischa Peters are Copyright (c) 2002, 2003. + All Rights Reserved. + + Contributor(s): + + +This project includes work by Mischa Peters and others that is: + + Copyright (c) 2002,2003 Mischa Peters + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + + Neither the names of the copyright holders nor the names of the XLW + Group and its contributors may be used to endorse or promote products + derived from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/admin/adminview.php b/admin/adminview.php new file mode 100644 index 00000000..46339f38 --- /dev/null +++ b/admin/adminview.php @@ -0,0 +1,44 @@ +\n"; + +$query = "SELECT * FROM admin ORDER BY domain,username"; + +$result = db_query ("$query"); + +if ($result[rows] > 0) { + print "\n"; + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + while ($row = mysql_fetch_array ($result[result])) { + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + print "\n"; + } + + print "
Domain NameAdmin AliasLast ModifiedActive 
$row[domain]$row[username]$row[change_date]$row[active]editdel
\n"; + print "

\n"; + print "Found: $result[rows]
\n"; + +} else { + print "

\n"; + print "Nothing Found!\n"; +} + +print "

\n"; +print_footer(); +?> diff --git a/admin/config.php b/admin/config.php new file mode 100644 index 00000000..66135c37 --- /dev/null +++ b/admin/config.php @@ -0,0 +1,15 @@ + "abuse@example.com", + "postmaster" => "postmaster@localhost", + "webmaster" => "webmaster@example.com", +); +?> diff --git a/admin/delete.php b/admin/delete.php new file mode 100644 index 00000000..164ef807 --- /dev/null +++ b/admin/delete.php @@ -0,0 +1,47 @@ += 0) and ($r_alias >= 0) and ($r_mailbox >= 0)) { + header("Location: $url"); + } else { + print_header(); + print "

\n"; + print "Unable to delete all entries for complete domain deletion!

\n"; + print "Domain delete: $r_domain
\n"; + print "Admin delete: $r_admin
\n"; + print "Alias delete: $r_alias
\n"; + print "Mailbox delete: $r_mailbox
\n"; + print "

\n"; + print_footer(); + } +} else { + $result = db_delete ($table,$where,$delete); + if ($result == 1) { + header("Location: $url"); + } else { + print_header(); + print "

\n"; + print "Unable to delete entry $delete from the $table table!\n"; + print "

\n"; + print_footer(); + } +} +function db_delete ($table,$where,$delete) { + $result = db_query ("DELETE FROM $table WHERE $where='$delete'"); + if ($result[rows] >= 1) { + return $result[rows]; + } else { + return 0; + } +} +?> diff --git a/admin/domainview.php b/admin/domainview.php new file mode 100644 index 00000000..42559df8 --- /dev/null +++ b/admin/domainview.php @@ -0,0 +1,41 @@ +\n"; + +$query = "SELECT * FROM domain ORDER BY domain"; + +$result = db_query ("$query"); + +if ($result[rows] > 0) { + print "\n"; + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + while ($row = mysql_fetch_array ($result[result])) { + print ""; + print ""; + print ""; + print ""; + print ""; + print "\n"; + } + + print "
DomainDescriptionLast Modified 
$row[domain]$row[description]$row[change_date]del
\n"; + print "

\n"; + print "Found: $result[rows]
\n"; + +} else { + print "

\n"; + print "Nothing Found!\n"; +} + +print "

\n"; +print_footer(); +?> diff --git a/admin/index.php b/admin/index.php new file mode 120000 index 00000000..004506eb --- /dev/null +++ b/admin/index.php @@ -0,0 +1 @@ +adminview.php \ No newline at end of file diff --git a/admin/my_lib.php b/admin/my_lib.php new file mode 100644 index 00000000..e1f2ed61 --- /dev/null +++ b/admin/my_lib.php @@ -0,0 +1,264 @@ +]*?>.*?'si", + "'<[\/\!]*?[^<>]*?>'si", + "'\''i"); + + $replace = array ("", + "", + ""); + + $escaped = preg_replace ($search, $replace, $var); + return $escaped; +} + + + +// +// check_email +// Action: Checks if email is valid and returns TRUE if this is the case. +// Call: check_email(string email) +// +function check_email($email) { + return (preg_match('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{|}~]+' . '@' . '([-0-9A-Z]+\.)+' . '([0-9A-Z]){2,4}$/i', trim($email))); +} + + + +// +// md5crypt +// Action: Creates an MD5 passwd that is readable by FreeBSD daemons +// Call: md5crypt(string cleartextpasswd) +// + +$MAGIC = "$1$"; +$ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; + +function md5crypt($pw, $salt="", $magic="") { + global $MAGIC; + if ($magic == "") $magic = $MAGIC; + if ($salt == "") $salt = create_salt(); + $slist = explode("$", $salt); + if ($slist[0] == "1") $salt = $slist[1]; + $salt = substr($salt, 0, 8); + $ctx = $pw . $magic . $salt; + $final = hex2bin(md5($pw . $salt . $pw)); + for ($i=strlen($pw); $i>0; $i-=16) { + if ($i > 16) + $ctx .= substr($final,0,16); + else + $ctx .= substr($final,0,$i); + } + $i = strlen($pw); + while ($i > 0) { + if ($i & 1) $ctx .= chr(0); + else $ctx .= $pw[0]; + $i = $i >> 1; + } + $final = hex2bin(md5($ctx)); + for ($i=0;$i<1000;$i++) { + $ctx1 = ""; + if ($i & 1) $ctx1 .= $pw; + else $ctx1 .= substr($final,0,16); + if ($i % 3) $ctx1 .= $salt; + if ($i % 7) $ctx1 .= $pw; + if ($i & 1) $ctx1 .= substr($final,0,16); + else $ctx1 .= $pw; + $final = hex2bin(md5($ctx1)); + } + $passwd = ""; + $passwd .= to64( ( (ord($final[0]) << 16) | (ord($final[6]) << 8) | (ord($final[12])) ), 4); + $passwd .= to64( ( (ord($final[1]) << 16) | (ord($final[7]) << 8) | (ord($final[13])) ), 4); + $passwd .= to64( ( (ord($final[2]) << 16) | (ord($final[8]) << 8) | (ord($final[14])) ), 4); + $passwd .= to64( ( (ord($final[3]) << 16) | (ord($final[9]) << 8) | (ord($final[15])) ), 4); + $passwd .= to64( ( (ord($final[4]) << 16) | (ord($final[10]) << 8) | (ord($final[5])) ), 4); + $passwd .= to64( ord($final[11]), 2); + return "$magic$salt\$$passwd"; +} +function create_salt() { + srand((double)microtime()*1000000); + $salt = substr(md5(rand(0,9999999)), 0, 8); + return $salt; +} +function hex2bin($str) { + $len = strlen($str); + $nstr = ""; + for ($i=0;$i<$len;$i+=2) { + $num = sscanf(substr($str,$i,2), "%x"); + $nstr.=chr($num[0]); + } + return $nstr; +} +function to64($v, $n) { + global $ITOA64; + $ret = ""; + while (($n - 1) >= 0) { + $n--; + $ret .= $ITOA64[$v & 0x3f]; + $v = $v >> 6; + } + return $ret; +} + + + +// +// print_header +// Action: Prints out the default header for every page +// Call: print_header([string title]) +// +function print_header($title = "") { + if (empty($title)) { + global $title; + } + print "\n"; + print "\n"; + if (file_exists(realpath("./stylesheet.css"))) { + print "\n"; + } + print "$title\n"; + print "\n"; + print "\n"; + print "

\n"; +} + + + +// +// print_footer +// Action: Prints out the default footer for every page +// Call: print_footer() +// +function print_footer() { + global $version; + print "
\n"; + print "

\n"; + print "$version\n"; + print "

\n"; + print "\n"; + print "\n"; +} + + + +// +// print_error +// Action: Prints an error message and exits/dies +// Call: print_error(string error message); +// +function print_error($msg, $header = "YES") { + if ($header == "YES") { + print_header(); + } + print "$msg"; + print_footer(); + exit; +} + + + +// +// db_connect +// Action: Makes a connection to the database if it doesn't exist +// Call: db_connect() +// +function db_connect() { + global $db_host; + global $db_name; + global $db_user; + global $db_pass; + $link = mysql_connect("$db_host", "$db_user", "$db_pass") or print_error("Could not connect to database server: $db_host."); + $succes = mysql_select_db("$db_name", $link) or print_error("Could not select database: $db_name."); + return ($link); +} + + + +// +// db_query +// Action: Sends a query to the database and returns query result and number of rows +// Call: db_query(string query) +// +function db_query($query) { + $link = db_connect(); + $result = mysql_query("$query", $link) or print_error("Could not query the table.
", "NO"); + // if $query was a select statement check the number of rows with mysql_num_rows(). + if (eregi("^select", $query)) { + $number_rows = mysql_num_rows($result); + // if $query was something else, UPDATE, DELETE or INSERT check the number of rows with + // mysql_affected_rows(). + } else { + $number_rows = mysql_affected_rows($link); + } + $return = array ( + "result" => $result, + "rows" => $number_rows + ); + return ($return); +} +?> diff --git a/admin/newadmin.php b/admin/newadmin.php new file mode 100644 index 00000000..af7cb6c2 --- /dev/null +++ b/admin/newadmin.php @@ -0,0 +1,76 @@ +\n"; + +if (!empty($_POST[submit])) { + $username = $_POST[username]; + $password = $_POST[password]; + $domain = $_POST[domain]; + + $passwd = md5crypt ("$password"); + + if (empty($username) or empty($password) or empty($domain)) { + print "

\n"; + print "You will need to fill all fields.\n"; + print "

\n"; + print_footer(); + exit; + } + + if (!check_email($username)) { + print "

\n"; + print "The email address that you have supplied at Email is not a valid email address, please go back.\n"; + print "

\n"; + print_footer(); + exit; + } + + $result = db_query ("SELECT * FROM domain WHERE domain='$domain'"); + if ($result[rows] != 1) { + print "

\n"; + print "The domain $domain is not present in the domain table!\n"; + print "

\n"; + print_footer(); + exit; + } + + $result = db_query ("SELECT * FROM admin WHERE username='$username'"); + if ($result[rows] == 1) { + print "

\n"; + print "This email address already exists, please choose a different one.\n"; + print "

\n"; + print_footer(); + exit; + } + + $result = db_query ("INSERT INTO admin (username,password,domain,create_date,change_date) VALUES('$username','$passwd','$domain',NOW(),NOW())"); + if ($result[rows] == 1) { + print "$username has been added to the admin table!\n"; + print "

\n"; + } else { + print "Unable to add: $username to the mailbox table!\n"; + print "

\n"; + print_footer(); + exit; + } +} +?> + +Create a new admin for a domain. +

+

+ + + + + +
Email:
Passwd:
Domain:
+
+\n"; +print_footer(); +?> diff --git a/admin/newdomain.php b/admin/newdomain.php new file mode 100644 index 00000000..22139048 --- /dev/null +++ b/admin/newdomain.php @@ -0,0 +1,72 @@ +\n"; + +if (!empty($_POST[submit])) { + $domain = $_POST[domain]; + $description = $_POST[description]; + $aliases = $_POST[aliases]; + + if (empty($domain) or empty($description)) { + print "

\n"; + print "You will need to fill all fields.\n"; + print "

\n"; + print_footer(); + exit; + } + + $result = db_query ("SELECT * FROM domain WHERE domain='$domain'"); + if ($result[rows] == 1) { + print "

\n"; + print "This domain already exists, please choose a different one.\n"; + print "

\n"; + print_footer(); + exit; + } + + $result = db_query ("INSERT INTO domain (domain,description,create_date,change_date) VALUES('$domain','$description',NOW(),NOW())"); + if ($result[rows] == 1) { + print "$domain has been added to the domain table!\n"; + print "

\n"; + } else { + print "Unable to add: $domain to the domain table!\n"; + print "

\n"; + print_footer(); + exit; + } + + if ($aliases == "on") { + $alias_keys = array_keys($default_aliases); + $alias_values = array_values($default_aliases); + for ($i = 0; $i < count($alias_keys); $i++) { + $address = $alias_keys[$i] . "@" . $domain; + $result = db_query ("INSERT INTO alias (address,goto,domain,create_date,change_date) VALUES('$address','$alias_values[$i]','$domain',NOW(),NOW())"); + if ($result[rows] == 1) { + print "$address has been added to the alias table!
\n"; + } else { + print "Unable to add: $address to the alias table!
\n"; + } + } + print "

\n"; + } +} +?> + +Create a new domain. +

+

+ + + + + +
Domain:
Description:
Add default mail aliases:
+
+\n"; +print_footer(); +?> diff --git a/admin/passwd.php b/admin/passwd.php new file mode 100644 index 00000000..c4763e95 --- /dev/null +++ b/admin/passwd.php @@ -0,0 +1,48 @@ +\n"; + +$username = $_GET[username]; + +if (!empty($_POST[submit])) { + $form_new_passwd1 = $_POST[form_new_passwd1]; + + if (empty($form_new_passwd1)) { + print "

\n"; + print "You will need to fill in the password field!\n"; + print_footer(); + exit; + } + + $new_passwd = md5crypt($form_new_passwd1); + $result = db_query ("UPDATE admin SET password='$new_passwd',change_date=NOW() WHERE username='$username'"); + if ($result[rows] == 1) { + print "The password has been updated!\n"; + print "

\n"; + print_footer(); + exit; + } else { + print "

\n"; + print "Unable to update your password!\n"; + print_footer(); + exit; + } +} + +?> +Change admin password. +

+

+ + + + +
Login:
New Password:
+
+ diff --git a/admin/site_lib.php b/admin/site_lib.php new file mode 100644 index 00000000..9516445a --- /dev/null +++ b/admin/site_lib.php @@ -0,0 +1,55 @@ +\n2003 © High5!\n"; + + + +// +// print_menu +// Action: Prints out the requirement menu bar +// Call: print_menu() +// +function print_menu() { + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "
 \n"; + print "Admin View"; + print " \n"; + print "Domain View"; + print " \n"; + print "Virtual View"; + print " \n"; + print "New Admin"; + print " \n"; + print "New Domain"; + print " 
\n"; +} +?> \ No newline at end of file diff --git a/admin/stylesheet.css b/admin/stylesheet.css new file mode 100644 index 00000000..9e259e5a --- /dev/null +++ b/admin/stylesheet.css @@ -0,0 +1,192 @@ +body { + background: white; + color: black; + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 13px; + margin: 8px; + padding: 0px; + text-align: center; +} + +h1 { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 18px; + font-weight: bold; + margin-bottom: 0px; + margin-top: 20px; +} + +a { + color: blue; + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; + text-decoration: none; +} + +a:visited { + color: blue; + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; + text-decoration: none; +} + +a:hover { + color: red; + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; + text-decoration: underline; +} + +hr { + line-heigt: 1px; + margin-top: 10px; + margin-bottom: 10px; + width: 640px; + text-align: center; +} + +hr.footer { + margin-top: 10px; + margin-bottom: 0px; + width: 640px; +} + +p { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 13px; + margin-top: 13px; + text-align: center; +} + +p.footer { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; + margin-top: 0px; + text-align: center; +} + +p.error { + color: red; + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 14px; + text-align: center; +} + +table { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; + width: 640px; + text-align: left; + margin-top: 0px; + margin-bottom: 0px; + padding-top: 0px; +} + +table.auto { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; + width: auto; + text-align: left; + margin-top: 0px; + margin-bottom: 0px; + padding-top: 0px; +} + + +table.form { + font-size: 11px; + padding-left: 0px; + padding-right: 0px; + text-align: left; + width: auto; +} + + +td { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; + padding-left: 5px; + padding-right: 5px; +} + +tr.header { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-weight: bold; + padding-left: 11px; + padding-right: 11px; +} + +td.center { + text-align: center; +} + +td.header { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-weight: bold; + padding-left: 11px; + padding-right: 11px; + text-align: center; +} + +td.highlight { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + background: rgb(169,194,162); + padding-left: 5px; + padding-right: 5px; +} + +td.menu { + text-align: center; + background: #dfdfdf; + border-top: 1px solid #999; + border-right: 1px solid #999; + border-left: 1px solid #999; + border-bottom: 1px solid #999; + border-radius: 2px; + -moz-border-radius: 2px; + padding-bottom: 5px; + padding-top: 5px; + +} + +td.right { + text-align: center; + padding-left: 0px; + padding-right: 0px; + margin-left: 0px; + margin-right: 0px; +} + +input { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; + float: none; + clear: none; +} + +input.button { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + background: rgb(232,236,176) +} + +textarea { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; +} diff --git a/admin/virtualview.php b/admin/virtualview.php new file mode 100644 index 00000000..141b70af --- /dev/null +++ b/admin/virtualview.php @@ -0,0 +1,69 @@ +\n"; + +$order = $_GET[order]; +$where = $_GET[where]; + +if (empty($order)) $order = "domain,address"; +if (!empty($where)) $where = "WHERE " . "domain='$where'"; + +$query = "SELECT * FROM alias $where ORDER BY $order"; + +print "$query\n"; +print "

\n"; + +$result = db_query ("$query"); + +if ($result[rows] > 0) { + print "

\n"; + print "\n"; + while ($row = mysql_fetch_array ($result[result])) { + print ""; + print ""; + print ""; + print ""; + print ""; + print "\n"; + } + + print "
$row[address]" . ereg_replace (",", "
", $row[goto]) . "		$row[change_date]$row[active]
\n"; + print "
\n"; + print "Found: $result[rows]\n"; + print "

\n"; + +} else { + print "Nothing Found!\n"; + print "

\n"; +} + +$query = "SELECT * FROM mailbox $where"; + +print "$query\n"; + +$result = db_query ("$query"); +if ($result[rows] > 0) { + print "

\n"; + print "\n"; + while ($row = mysql_fetch_array ($result[result])) { + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + print "\n"; + } + print "
$row[username]$row[name]$row[maildir]$row[change_date]$row[active]
\n"; + print "
\n"; + print "Found: $result[rows]
\n"; +} else { + print "

\n"; + print "Nothing Found!\n"; +} +print_footer(); +?> diff --git a/alias.php b/alias.php new file mode 100644 index 00000000..a5d35d69 --- /dev/null +++ b/alias.php @@ -0,0 +1,77 @@ +\n"; + +if (!empty($_POST[submit])) { + $address = $_POST[address]; + $goto = $_POST[goto]; + + $address_value = $address; + $address = $address . "@" . $sessid[domain]; + + if (empty($address) or empty($goto)) { + print "

\n"; + print "You will need to fill both fields.\n"; + print_footer(); + exit; + } + + if (!check_email($address)) { + print "

\n"; + print "The email address that you have supplied at Alias is not a valid email address, please go back.\n"; + print_footer(); + exit; + } + + if (!check_email($goto)) { + print "

\n"; + print "The email address that you have supplied at To is not a valid email address, please go back.\n"; + print_footer(); + exit; + } + + if ($address_value == "none") { + $address = "@" . $sessid[domain]; + } + + $result = db_query ("SELECT * FROM alias WHERE address='$address'"); + if ($result[rows] == 1) { + print "

\n"; + print "This email address already exists, please choose a different one.\n"; + print_footer(); + exit; + } + + $result = db_query ("INSERT INTO alias (address,goto,domain,create_date,change_date) VALUES('$address','$goto','$sessid[domain]',NOW(),NOW())"); + if ($result[rows] == 1) { + print "

\n"; + print "$address -> $goto has been added to the alias table!\n"; + print "

\n"; + } else { + print "

\n"; + print "Unable to add: $address -> $goto to the alias table!\n"; + print_footer(); + exit; + } +} +?> +Create a new alias for your domain. +

+

+ + + + +
Alias:@
To:Where the mail needs to be send to.
Use "edit" in the overview to add more
then one email address.
+
+If you want to add a catchall enter "none" in the alias field. + diff --git a/delete.php b/delete.php new file mode 100644 index 00000000..d7d57814 --- /dev/null +++ b/delete.php @@ -0,0 +1,50 @@ +\n"; + print "

\n"; + print "Unable to delete entry $delete from the $table table!\n"; + print_footer(); + } +} + +if ($table == "mailbox") { + $query = "DELETE FROM mailbox WHERE username='$delete' AND domain='$sessid[$check_id]'"; + $result = db_query ("$query"); + if ($result[rows] != 1) { + print_header(); + print "

\n"; + print "

\n"; + print "Unable to delete entry $delete from the $table table!\n"; + print_footer(); + } + + $query = "DELETE FROM alias WHERE address='$delete' AND domain='$sessid[$check_id]'"; + $result = db_query ("$query"); + if ($result[rows] == 1) { + header("Location: $url"); + } else { + print_header(); + print "

\n"; + print "

\n"; + print "Unable to delete entry $delete from the $table table!\n"; + print_footer(); + } + +} +?> diff --git a/index.php b/index.php new file mode 120000 index 00000000..ce0cbc58 --- /dev/null +++ b/index.php @@ -0,0 +1 @@ +login.php \ No newline at end of file diff --git a/login.php b/login.php new file mode 100644 index 00000000..4bc84afe --- /dev/null +++ b/login.php @@ -0,0 +1,71 @@ + $row[domain], + "username" => $row[username] + ); + + } else { + print_header(); + print "

Mail Admin

\n"; + print "
\n"; + print "

\n"; + print "Either the password that you supplied is incorrect, go back and try again.

\n"; + print "Or you are not authorized to view this page.\n"; + print_footer(); + exit; + } + + } else { + print_header(); + print "

Mail Admin

\n"; + print "
\n"; + print "

\n"; + print "The login that you supplied is not correct, please press BACK and try again.\n"; + print_footer(); + exit; + } + + header("Location: main.php?" . session_name() . "=" . session_id()); +} +print_header($welcome_title); +print "

$welcome_header

\n"; +?> +
+
+ + + + +
Login:(email address)
Password:
+
+

+Mailbox Password Change + diff --git a/logout.php b/logout.php new file mode 100644 index 00000000..e72ee394 --- /dev/null +++ b/logout.php @@ -0,0 +1,21 @@ +Mail Admin\n"; +print "

\n"; +print "You are logged out\n"; +print "

\n"; +print "Login again\n"; +print_footer(); +?> diff --git a/mailbox.php b/mailbox.php new file mode 100644 index 00000000..bad1d053 --- /dev/null +++ b/mailbox.php @@ -0,0 +1,100 @@ +\n"; + +if (!empty($_POST[submit])) { + $username = $_POST[username]; + $password = $_POST[password]; + $password2 = $_POST[password2]; + $name = $_POST[name]; + + $username = $username . "@" . $sessid[domain]; + $passwd = md5crypt ("$password"); + $maildir = $username . "/"; + + if (empty($username) or empty($password)) { + print "

\n"; + print "You need to fill all fields.\n"; + print_footer(); + exit; + } + + if (!check_email($username)) { + print "

\n"; + print "The email address that you have supplied at Email is not a valid email address, please go back.\n"; + print_footer(); + exit; + } + + if ($password != $password2) { + print "

\n"; + print "The passwords that you supplied don't match!\n"; + print_footer(); + exit; + } + + if (!check_string($name)) { + print "

\n"; + print "The name that you have supplied at Name is not valid, please go back.\n"; + print_footer(); + exit; + } + + $result = db_query ("SELECT * FROM alias WHERE address='$username'"); + if ($result[rows] == 1) { + print "

\n"; + print "This email address already exists, please choose a different one.\n"; + print_footer(); + exit; + } + + $result = db_query ("INSERT INTO alias (address,goto,domain,create_date,change_date) VALUES('$username','$username','$sessid[domain]',NOW(),NOW())"); + if ($result[rows] != 1) { + print "

\n"; + print "Unable to add: $username to the alias table!\n"; + print_footer(); + exit; + } + + $result = db_query ("INSERT INTO mailbox (username,password,name,maildir,domain,create_date,change_date) VALUES('$username','$passwd','$name','$maildir','$sessid[domain]',NOW(),NOW())"); + if ($result[rows] == 1) { + $headers = "From: $sessid[username]"; + $subject = "Welcome"; + $message = "Hi $name,\n\nWelcome to your new email account.\n\n"; + print "$username has been added to the mailbox table!\n"; + print "

\n"; + print "NOTE:\n"; + if (!mail($username, $subject, $message, $headers)) { + print "The user needs to first receive an email in order to use the account.
\n"; + } + print "User needs to login with the full email address, in this case: $username\n"; + print "

\n"; + } else { + print "

\n"; + print "Unable to add: $username to the mailbox table!\n"; + print_footer(); + exit; + } +} +?> +Create a new local mailbox for your domain. +

+

+ + + + + + +
Email:@
Password:Password for POP/IMAP
Password (again):
Name:Full name
+
+ diff --git a/main.php b/main.php new file mode 100644 index 00000000..c2e6413b --- /dev/null +++ b/main.php @@ -0,0 +1,73 @@ +\n"; +print "Domain: $sessid[domain]\n"; +print "

\n"; + +$query = "SELECT alias.address,alias.goto,alias.change_date FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.domain='$sessid[domain]' AND mailbox.maildir IS NULL ORDER BY alias.address"; + +$result = db_query ("$query"); + +if ($result[rows] > 0) { + print "

\n"; + print "\n"; + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + while ($row = mysql_fetch_array ($result[result])) { + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + print "\n"; + } + print "
FromToLast Modified 
$row[address]" . ereg_replace (",", "
", $row[goto]) . "		$row[change_date]editdel
\n"; + print "
\n"; + print "

\n"; +} else { + print "Nothing found in the alias table!\n"; + print "

\n"; +} + +$query = "SELECT * FROM mailbox WHERE domain='$sessid[domain]' ORDER BY username"; + +$result = db_query ("$query"); + +if ($result[rows] > 0) { + print "

\n"; + print "\n"; + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + while ($row = mysql_fetch_array ($result[result])) { + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + print "\n"; + } + print "
EmailNameLast Modified 
$row[username]$row[name]$row[change_date]editdel
\n"; + print "
\n"; +} else { + print "Nothing found in the mailbox table!\n"; +} + +print_footer(); +?> diff --git a/modify.php b/modify.php new file mode 100644 index 00000000..9e7c4afb --- /dev/null +++ b/modify.php @@ -0,0 +1,91 @@ +\n"; + print "

\n"; + print "You didn't enter anything at To:.\n"; + print_footer(); + exit; + } + + $goto = preg_replace('/\r\n/', ',', $goto); + $goto = preg_replace('/\,*$/', '', $goto); + $array = preg_split('/,/', $goto); + for ($i = 0; $i < sizeof($array); $i++) { + if (in_array("$array[$i]", $default_aliases)) continue; + if (empty($array[$i])) continue; + if (!check_email($array[$i])) { + print_header(); + print_menu(); + print "

\n"; + print "

\n"; + print "The email address $array[$i] is not a valid email address, please go back.\n"; + print_footer(); + exit; + } + } + + $result = db_query ("UPDATE alias SET goto='$goto', change_date=NOW() WHERE address='$modify' AND domain='$sessid[domain]'"); + if ($result[rows] == 1) { + header("Location: $url"); + } else { + print_header(); + print_menu(); + print "

\n"; + print "

\n"; + print "Unable to update: $address -> $goto in the alias table!\n"; + print_footer(); + exit; + } +} + +$query = "SELECT * FROM alias WHERE address='$modify' AND domain='$sessid[domain]'"; +$result = db_query ("$query"); +if ($result[rows] == 1) { + $row = mysql_fetch_array ($result[result]); +} else { + print_header(); + print_menu(); + print "

\n"; + print "

\n"; + print "Unable to find the alias!\n"; + print_footer(); + exit; +} +print_header(); +print_menu(); +print "

\n"; +?> +Change an alias for your domain. +

+

+ + + + + + +
Alias:
 
Enter your email aliases below. One per line!
To:
+
+ diff --git a/my_lib.php b/my_lib.php new file mode 100644 index 00000000..19f2e87c --- /dev/null +++ b/my_lib.php @@ -0,0 +1,263 @@ +]*?>.*?'si", + "'<[\/\!]*?[^<>]*?>'si", + "'\''i"); + + $replace = array ("", + "", + ""); + + $escaped = preg_replace ($search, $replace, $var); + return $escaped; +} + + + +// +// check_email +// Action: Checks if email is valid and returns TRUE if this is the case. +// Call: check_email(string email) +// +function check_email($email) { + return (preg_match('/^[-!#$%&\'*+\\.\/0-9=?A-Z^_{|}~]+' . '@' . '([-0-9A-Z]+\.)+' . '([0-9A-Z]){2,4}$/i', trim($email))); +} + + + +// +// md5crypt +// Action: Creates an MD5 passwd that is readable by FreeBSD daemons +// Call: md5crypt(string cleartextpasswd) +// + +$MAGIC = "$1$"; +$ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; + +function md5crypt($pw, $salt="", $magic="") { + global $MAGIC; + if ($magic == "") $magic = $MAGIC; + if ($salt == "") $salt = create_salt(); + $slist = explode("$", $salt); + if ($slist[0] == "1") $salt = $slist[1]; + $salt = substr($salt, 0, 8); + $ctx = $pw . $magic . $salt; + $final = hex2bin(md5($pw . $salt . $pw)); + for ($i=strlen($pw); $i>0; $i-=16) { + if ($i > 16) + $ctx .= substr($final,0,16); + else + $ctx .= substr($final,0,$i); + } + $i = strlen($pw); + while ($i > 0) { + if ($i & 1) $ctx .= chr(0); + else $ctx .= $pw[0]; + $i = $i >> 1; + } + $final = hex2bin(md5($ctx)); + for ($i=0;$i<1000;$i++) { + $ctx1 = ""; + if ($i & 1) $ctx1 .= $pw; + else $ctx1 .= substr($final,0,16); + if ($i % 3) $ctx1 .= $salt; + if ($i % 7) $ctx1 .= $pw; + if ($i & 1) $ctx1 .= substr($final,0,16); + else $ctx1 .= $pw; + $final = hex2bin(md5($ctx1)); + } + $passwd = ""; + $passwd .= to64( ( (ord($final[0]) << 16) | (ord($final[6]) << 8) | (ord($final[12])) ), 4); + $passwd .= to64( ( (ord($final[1]) << 16) | (ord($final[7]) << 8) | (ord($final[13])) ), 4); + $passwd .= to64( ( (ord($final[2]) << 16) | (ord($final[8]) << 8) | (ord($final[14])) ), 4); + $passwd .= to64( ( (ord($final[3]) << 16) | (ord($final[9]) << 8) | (ord($final[15])) ), 4); + $passwd .= to64( ( (ord($final[4]) << 16) | (ord($final[10]) << 8) | (ord($final[5])) ), 4); + $passwd .= to64( ord($final[11]), 2); + return "$magic$salt\$$passwd"; +} +function create_salt() { + srand((double)microtime()*1000000); + $salt = substr(md5(rand(0,9999999)), 0, 8); + return $salt; +} +function hex2bin($str) { + $len = strlen($str); + $nstr = ""; + for ($i=0;$i<$len;$i+=2) { + $num = sscanf(substr($str,$i,2), "%x"); + $nstr.=chr($num[0]); + } + return $nstr; +} +function to64($v, $n) { + global $ITOA64; + $ret = ""; + while (($n - 1) >= 0) { + $n--; + $ret .= $ITOA64[$v & 0x3f]; + $v = $v >> 6; + } + return $ret; +} + + + +// +// print_header +// Action: Prints out the default header for every page +// Call: print_header([string title]) +// +function print_header($title = "") { + if (empty($title)) { + global $title; + } + print "\n"; + print "\n"; + if (file_exists(realpath("./stylesheet.css"))) { + print "\n"; + } + print "$title\n"; + print "\n"; + print "\n"; + print "
\n"; +} + + + +// +// print_footer +// Action: Prints out the default footer for every page +// Call: print_footer() +// +function print_footer() { + global $version; + print "
\n"; + print "

\n"; + print "$version\n"; + print "

\n"; + print "\n"; + print "\n"; +} + + + +// +// print_error +// Action: Prints an error message and exits/dies +// Call: print_error(string error message); +// +function print_error($msg, $header = "YES") { + if ($header == "YES") { + print_header(); + } + print "$msg"; + print_footer(); + exit; +} + + + +// +// db_connect +// Action: Makes a connection to the database if it doesn't exist +// Call: db_connect() +// +function db_connect() { + global $db_host; + global $db_name; + global $db_user; + global $db_pass; + $link = mysql_connect("$db_host", "$db_user", "$db_pass") or print_error("Could not connect to database server: $db_host."); + $succes = mysql_select_db("$db_name", $link) or print_error("Could not select database: $db_name."); + return ($link); +} + + + +// +// db_query +// Action: Sends a query to the database and returns query result and number of rows +// Call: db_query(string query) +// +function db_query($query) { + $link = db_connect(); + $result = mysql_query("$query", $link) or print_error("Could not query the table.
", "NO"); + // if $query was a select statement check the number of rows with mysql_num_rows(). + if (eregi("^select", $query)) { + $number_rows = mysql_num_rows($result); + // if $query was something else, UPDATE, DELETE or INSERT check the number of rows with + // mysql_affected_rows(). + } else { + $number_rows = mysql_affected_rows($link); + } + $return = array ( + "result" => $result, + "rows" => $number_rows + ); + return ($return); +} +?> diff --git a/passwd.php b/passwd.php new file mode 100644 index 00000000..efc58c74 --- /dev/null +++ b/passwd.php @@ -0,0 +1,81 @@ +\n"; + +if (!empty($_POST[submit])) { + $form_passwd = $_POST[form_passwd]; + $form_new_passwd1 = $_POST[form_new_passwd1]; + $form_new_passwd2 = $_POST[form_new_passwd2]; + + if (empty($form_passwd) or empty($form_new_passwd1) or empty($form_new_passwd2)) { + print "

\n"; + print "You will need to fill all fields!\n"; + print_footer(); + exit; + } + + if ($form_new_passwd1 != $form_new_passwd2) { + print "

\n"; + print "The new passwords that you supplied don't match!\n"; + print_footer(); + exit; + } + + + $result = db_query ("SELECT password FROM admin WHERE username='$sessid[username]'"); + if ($result[rows] == 1) { + $row = mysql_fetch_array($result[result]); + $db_passwd = $row[password]; + $keys = preg_split('/\$/', $row[password]); + $checked_passwd = md5crypt($form_passwd, $keys[2]); + + $result = db_query ("SELECT * FROM admin WHERE username='$sessid[username]' AND password='$checked_passwd' AND active='1'"); + if ($result[rows] != 1) { + print "

\n"; + print "The password that you have entered doesn't match your current password!\n"; + print_footer(); + exit; + } + + } + + $new_passwd = md5crypt($form_new_passwd1); + $result = db_query ("UPDATE admin SET password='$new_passwd',change_date=NOW() WHERE username='$sessid[username]'"); + if ($result[rows] == 1) { + print "Your password has been updated!\n"; + session_unset(); + session_destroy(); + print "

\n"; + print "Login\n"; + print_footer(); + exit; + } else { + print "

\n"; + print "Unable to update your password!\n"; + print_footer(); + exit; + } +} + +?> +Change your password. +

+

+ + + + + + +
Login:
Current Password:
New Password:
New Password (again):
+
+ diff --git a/pwd.php b/pwd.php new file mode 100644 index 00000000..d021b77c --- /dev/null +++ b/pwd.php @@ -0,0 +1,61 @@ +\n"; + +if (!empty($_POST[submit])) { + $form_new_passwd1 = $_POST[form_new_passwd1]; + $form_new_passwd2 = $_POST[form_new_passwd2]; + + if (empty($form_new_passwd1) or empty($form_new_passwd2)) { + print "

\n"; + print "You will need to fill all fields!\n"; + print_footer(); + exit; + } + + if ($form_new_passwd1 != $form_new_passwd2) { + print "

\n"; + print "The new passwords that you supplied don't match!\n"; + print_footer(); + exit; + } + + $new_passwd = md5crypt($form_new_passwd1); + $result = db_query ("UPDATE mailbox SET password='$new_passwd',change_date=NOW() WHERE username='$username' AND domain='$sessid[domain]'"); + if ($result[rows] == 1) { + print "The password has been updated!\n"; + print "

\n"; + print "Go Back\n"; + print_footer(); + exit; + } else { + print "

\n"; + print "Unable to update your password!\n"; + print_footer(); + exit; + } +} + +?> +Change password. +

+

+ + + + + +
Login:
New Password:
New Password (again):
+
+ diff --git a/site_lib.php b/site_lib.php new file mode 100644 index 00000000..a99f3d3f --- /dev/null +++ b/site_lib.php @@ -0,0 +1,61 @@ +\n2003 © High5!"; + + + +// +// print_menu +// Action: Prints out the requirement menu bar +// Call: print_menu() +// +function print_menu() { + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "\n"; + print "
 \n"; + print "Overview"; + print " \n"; + print "Add Alias"; + print " \n"; + print "Add Mailbox"; + print " \n"; + print "Passwd"; + print " \n"; + print "Logout"; + print " 
\n"; +} +?> diff --git a/stylesheet.css b/stylesheet.css new file mode 100644 index 00000000..9e259e5a --- /dev/null +++ b/stylesheet.css @@ -0,0 +1,192 @@ +body { + background: white; + color: black; + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 13px; + margin: 8px; + padding: 0px; + text-align: center; +} + +h1 { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 18px; + font-weight: bold; + margin-bottom: 0px; + margin-top: 20px; +} + +a { + color: blue; + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; + text-decoration: none; +} + +a:visited { + color: blue; + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; + text-decoration: none; +} + +a:hover { + color: red; + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; + text-decoration: underline; +} + +hr { + line-heigt: 1px; + margin-top: 10px; + margin-bottom: 10px; + width: 640px; + text-align: center; +} + +hr.footer { + margin-top: 10px; + margin-bottom: 0px; + width: 640px; +} + +p { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 13px; + margin-top: 13px; + text-align: center; +} + +p.footer { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; + margin-top: 0px; + text-align: center; +} + +p.error { + color: red; + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 14px; + text-align: center; +} + +table { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; + width: 640px; + text-align: left; + margin-top: 0px; + margin-bottom: 0px; + padding-top: 0px; +} + +table.auto { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; + width: auto; + text-align: left; + margin-top: 0px; + margin-bottom: 0px; + padding-top: 0px; +} + + +table.form { + font-size: 11px; + padding-left: 0px; + padding-right: 0px; + text-align: left; + width: auto; +} + + +td { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; + padding-left: 5px; + padding-right: 5px; +} + +tr.header { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-weight: bold; + padding-left: 11px; + padding-right: 11px; +} + +td.center { + text-align: center; +} + +td.header { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-weight: bold; + padding-left: 11px; + padding-right: 11px; + text-align: center; +} + +td.highlight { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + background: rgb(169,194,162); + padding-left: 5px; + padding-right: 5px; +} + +td.menu { + text-align: center; + background: #dfdfdf; + border-top: 1px solid #999; + border-right: 1px solid #999; + border-left: 1px solid #999; + border-bottom: 1px solid #999; + border-radius: 2px; + -moz-border-radius: 2px; + padding-bottom: 5px; + padding-top: 5px; + +} + +td.right { + text-align: center; + padding-left: 0px; + padding-right: 0px; + margin-left: 0px; + margin-right: 0px; +} + +input { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; + float: none; + clear: none; +} + +input.button { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + background: rgb(232,236,176) +} + +textarea { + font-family: Verdana; + font-family: Verdana, Arial, Helvetica, sans-serif; + font-size: 11px; +} diff --git a/vcp.php b/vcp.php new file mode 100644 index 00000000..76c03890 --- /dev/null +++ b/vcp.php @@ -0,0 +1,85 @@ +Mail Admin\n"; +print "
\n"; + +if (!empty($_POST[submit])) { + $form_login = $_POST[form_login]; + $form_passwd = $_POST[form_passwd]; + $form_new_passwd1 = $_POST[form_new_passwd1]; + $form_new_passwd2 = $_POST[form_new_passwd2]; + + if (empty($form_login) or empty($form_passwd) or empty($form_new_passwd1) or empty($form_new_passwd2)) { + print "

\n"; + print "You didn't enter all fields!\n"; + print_footer(); + exit; + } + + if ($form_new_passwd1 != $form_new_passwd2) { + print "

\n"; + print "The passwords that you supplied don't match!\n"; + print_footer(); + exit; + } + + $result = db_query ("SELECT * FROM mailbox WHERE username='$form_login' AND active='1'"); + + if ($result[rows] != 1) { + print "

\n"; + print "The mailbox does not exist!\n"; + print_footer(); + exit; + } + + $result = db_query ("SELECT password FROM mailbox WHERE username='$form_login'"); + + if ($result[rows] == 1) { + $row = mysql_fetch_array($result[result]); + $db_passwd = $row[password]; + $keys = preg_split('/\$/', $row[password]); + $checked_passwd = md5crypt($form_passwd, $keys[2]); + + $result = db_query ("SELECT * FROM mailbox WHERE username='$form_login' AND password='$checked_passwd' AND active='1'"); + + if ($result[rows] != 1) { + print "

\n"; + print "The password that you have entered doesn't match your current password!\n"; + print_footer(); + exit; + } + } + + $new_passwd = md5crypt($form_new_passwd1); + + $result = db_query ("UPDATE mailbox SET password='$new_passwd',change_date=NOW() WHERE username='$form_login'"); + + if ($result[rows] == 1) { + print "Your password has been updated!\n"; + print_footer(); + exit; + } else { + print "

\n"; + print "Unable to update your password!\n"; + print_footer(); + exit; + } +} +?> +Change your mailbox password. +

+

+ + + + + + +
Email:
Current Password:
New Password:
New Password (again):
+
+