refactoring of users (most app logic is now in /model)
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@575 a1433add-5e2c-0410-b055-b7f2511e0802postfixadmin-2.3
parent
351585fbb0
commit
53182c4922
@ -0,0 +1,185 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Handlers User level alias actions - e.g. add alias, get aliases, update etc.
|
||||
*/
|
||||
class AliasHandler {
|
||||
|
||||
private $username = null;
|
||||
|
||||
public function __construct($username) {
|
||||
$this->username = $username;
|
||||
|
||||
}
|
||||
/**
|
||||
* @return list of email addresses the user's mail is forwarded to.
|
||||
* (may be an empty list, especially if $CONF['alias_control'] is turned off...
|
||||
* @param boolean - by default we don't return special addresses (e.g. vacation and mailbox alias); pass in true here if you wish to.
|
||||
*/
|
||||
public function get($all=false) {
|
||||
$username = escape_string($this->username);
|
||||
$table_alias = table_by_key('alias');
|
||||
|
||||
$sql = "SELECT * FROM $table_alias WHERE address='$username'";
|
||||
$result = db_query($sql);
|
||||
if ($result['rows'] == 1)
|
||||
{
|
||||
$row = db_array ($result['result']);
|
||||
// At the moment Postfixadmin stores aliases in it's database in a comma seperated list; this may change one day.
|
||||
$list = explode(',', $row['goto']);
|
||||
if($all) {
|
||||
return $list;
|
||||
}
|
||||
|
||||
$new_list = array();
|
||||
/* if !$all, remove vacation & mailbox aliases */
|
||||
foreach($list as $address) {
|
||||
if($address != '' ) {
|
||||
if($this->is_vacation_address($address) || $this->is_mailbox_alias($address)) {
|
||||
}
|
||||
else {
|
||||
$new_list[] = $address;
|
||||
}
|
||||
}
|
||||
}
|
||||
$list = $new_list;
|
||||
return $list;
|
||||
}
|
||||
return array();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $address
|
||||
* @param string $username
|
||||
* @return boolean true if the username is an alias for the mailbox AND we have alias_control turned off.
|
||||
*/
|
||||
public function is_mailbox_alias($address) {
|
||||
global $CONF;
|
||||
$username = $this->username;
|
||||
if($address == $username) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $address
|
||||
* @return boolean true if the address contains the vacation domain
|
||||
*/
|
||||
public function is_vacation_address($address) {
|
||||
global $CONF;
|
||||
if($CONF['vacation'] == 'YES') {
|
||||
if(stripos($address, '@' . $CONF['vacation_domain'])) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
/**
|
||||
* @return boolean true on success
|
||||
* @param string $username
|
||||
* @param array $addresses - list of aliases to set for the user.
|
||||
* @param string flags - forward_and_store or remote_only or ''
|
||||
* @param boolean $vacation_persist - set to false to stop the vacation address persisting across updates
|
||||
* Set the user's aliases to those provided. If $addresses ends up being empty the alias record is removed.
|
||||
*/
|
||||
public function update($addresses, $flags = '', $vacation_persist=true) {
|
||||
// find out if the user is on vacation or not; if they are,
|
||||
// then the vacation alias needs adding to the db (as we strip it out in the get method)
|
||||
// likewise with the alias_control address.
|
||||
|
||||
$valid_flags = array('', 'forward_and_store', 'remote_only');
|
||||
if(!in_array($flags, $valid_flags)) {
|
||||
die("Invalid flag passed into update()... : $flag - valid options are :" . implode(',', $valid_flags));
|
||||
}
|
||||
$addresses = array_unique($addresses);
|
||||
|
||||
$original = $this->get(true);
|
||||
|
||||
foreach($original as $address) {
|
||||
if($vacation_persist) {
|
||||
if($this->is_vacation_address($address)) {
|
||||
$addresses[] = $address;
|
||||
}
|
||||
}
|
||||
if($flags != 'remote_only') {
|
||||
if($this->is_mailbox_alias($address)) {
|
||||
$addresses[] = $address;
|
||||
}
|
||||
}
|
||||
}
|
||||
$addresses = array_unique($addresses);
|
||||
|
||||
$new_list = array();
|
||||
if($flags == 'remote_only') {
|
||||
foreach($addresses as $address) {
|
||||
// strip out our username... if it's in the list given.
|
||||
if($address != $this->username) {
|
||||
$new_list[] = $address;
|
||||
}
|
||||
}
|
||||
$addresses = $new_list;
|
||||
}
|
||||
|
||||
if($flags == 'forward_and_store') {
|
||||
if(!in_array($this->username, $addresses)) {
|
||||
$addresses[] = $this->username;
|
||||
}
|
||||
}
|
||||
$new_list = array();
|
||||
foreach($addresses as $address) {
|
||||
if($address != '') {
|
||||
$new_list[] = $address;
|
||||
}
|
||||
}
|
||||
$addresses = array_unique($new_list);
|
||||
$username = escape_string($this->username);
|
||||
$goto = escape_string(implode(',', $addresses));
|
||||
$table_alias = table_by_key('alias');
|
||||
if(sizeof($addresses) == 0) {
|
||||
$sql = "DELETE FROM $table_alias WHERE address = '$username'";
|
||||
}
|
||||
if($this->hasAliasRecord() == false) {
|
||||
$true = db_get_boolean(True);
|
||||
$tmp = preg_split('/@/', $username);
|
||||
$domain = $tmp[1];
|
||||
$sql = "INSERT INTO $table_alias (address, goto, domain, created, modified, active) VALUES ('$username', '$goto', '$domain', NOW(), NOW(), $true)";
|
||||
}
|
||||
else {
|
||||
$sql = "UPDATE $table_alias SET goto = '$goto', modified = NOW() WHERE address = '$username'";
|
||||
}
|
||||
$result = db_query($sql);
|
||||
if($result['rows'] != 1) {
|
||||
return false;
|
||||
}
|
||||
db_log($username, $domain, 'edit_alias', "$username -> $goto");
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine whether a local delivery address is present. This is
|
||||
* stores as an alias with the same name as the mailbox name (username)
|
||||
* @return boolean true if local delivery is enabled
|
||||
*/
|
||||
public function hasStoreAndForward() {
|
||||
$aliases = $this->get(true);
|
||||
if(in_array($this->username, $aliases)) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return boolean true if the user has an alias record (i.e row in alias table); else false.
|
||||
*/
|
||||
public function hasAliasRecord() {
|
||||
$username = escape_string($this->username);
|
||||
$table_alias = table_by_key('alias');
|
||||
$sql = "SELECT * FROM $table_alias WHERE address = '$username'";
|
||||
$result = db_query($sql);
|
||||
if($result['rows'] == 1) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
}
|
@ -0,0 +1,65 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Simple class to represent a user.
|
||||
*/
|
||||
class UserHandler {
|
||||
|
||||
/**
|
||||
* @return boolean true on success; false on failure
|
||||
* @param string $username
|
||||
* @param string $old_password
|
||||
* @param string $new_passwords
|
||||
*
|
||||
* All passwords need to be plain text; they'll be hashed appropriately
|
||||
* as per the configuration in config.inc.php
|
||||
*/
|
||||
public function change_pass($username, $old_password, $new_password) {
|
||||
global $config;
|
||||
if(!UserHandler::login($username, $old_password)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$tmp = preg_split ('/@/', $username);
|
||||
$USERID_DOMAIN = $tmp[1];
|
||||
|
||||
$username = escape_string($username);
|
||||
$table_mailbox = table_by_key('mailbox');
|
||||
|
||||
$active = db_get_boolean(True);
|
||||
$result = db_query("SELECT * FROM $table_mailbox WHERE username='$username' AND active=$active");
|
||||
$new_db_password = escape_string(pacrypt($new_password));
|
||||
|
||||
$result = db_query ("UPDATE $table_mailbox SET password='$new_db_password',modified=NOW() WHERE username='$username'");
|
||||
|
||||
db_log ($username, $USERID_DOMAIN, 'edit_password', "$USERID_USERNAME");
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Attempt to log a user in.
|
||||
* @param string $username
|
||||
* @param string $password
|
||||
* @return boolean true on successful login (i.e. password matches etc)
|
||||
*/
|
||||
public static function login($username, $password) {
|
||||
global $config;
|
||||
$username = escape_string($username);
|
||||
|
||||
$table_mailbox = table_by_key('mailbox');
|
||||
$active = db_get_boolean(True);
|
||||
$query = "SELECT password FROM $table_mailbox WHERE username='$username' AND active=$active";
|
||||
|
||||
$result = db_query ($query);
|
||||
if ($result['rows'] == 1)
|
||||
{
|
||||
$row = db_array ($result['result']);
|
||||
$password = pacrypt ($password, $row['password']);
|
||||
|
||||
if($row['password'] == $password) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
}
|
@ -0,0 +1,126 @@
|
||||
<?php
|
||||
|
||||
class VacationHandler {
|
||||
protected $username = null;
|
||||
function __construct($username) {
|
||||
$this->username = $username;
|
||||
}
|
||||
|
||||
/**
|
||||
* Removes the autoreply alias etc for this user; namely, if they're away we remove their vacation alias and
|
||||
* set the vacation table record to false.
|
||||
* @return boolean true on success.
|
||||
*/
|
||||
function remove() {
|
||||
$ah = new AliasHandler($this->username);
|
||||
$aliases = $ah->get(true); // fetch all.
|
||||
$new_aliases = array();
|
||||
$table_vacation = table_by_key('vacation');
|
||||
$table_vacation_notification = table_by_key('vacation_notification');
|
||||
|
||||
/* go through the user's aliases and remove any that look like a vacation address */
|
||||
foreach($aliases as $alias) {
|
||||
if(!$ah->is_vacation_address($alias)) {
|
||||
$new_aliases[] = $alias;
|
||||
}
|
||||
}
|
||||
$ah->update($new_aliases, '', false);
|
||||
|
||||
// tidy up vacation table.
|
||||
$active = db_get_boolean(False);
|
||||
$username = escape_string($this->username);
|
||||
$result = db_query("UPDATE $table_vacation SET active = $active WHERE email='$username'");
|
||||
$result = db_query("DELETE FROM $table_vacation_notification WHERE on_vacation='$username'");
|
||||
/* crap error handling; oh for exceptions... */
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return boolean true indicates this server supports vacation messages, and users are able to change their own.
|
||||
* @global array $CONF
|
||||
*/
|
||||
function vacation_supported() {
|
||||
global $CONF;
|
||||
return $CONF['vacation'] == 'YES' && $CONF['vacation_control'] == 'YES';
|
||||
}
|
||||
|
||||
/**
|
||||
* @return boolean true if on vacation, otherwise false
|
||||
* Why do we bother storing true/false in the vacation table if the alias dictates it anyway?
|
||||
*/
|
||||
function check_vacation() {
|
||||
$ah = new AliasHandler($this->username);
|
||||
$aliases = $ah->get(true); // fetch all.
|
||||
foreach($aliases as $alias) {
|
||||
if($ah->is_vacation_address($alias)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieve information on someone who is on vacation
|
||||
* @return mixed stored information on vacation - array(subject - string, message - string, active - boolean) or false if they've never been on vacation.
|
||||
*/
|
||||
function get_details() {
|
||||
$table_vacation = table_by_key('vacation');
|
||||
$username = escape_string($this->username);
|
||||
|
||||
$sql = "SELECT * FROM $table_vacation WHERE email = '$username'";
|
||||
$result = db_query($sql);
|
||||
if($result['rows'] == 1) {
|
||||
$row = db_array($result['result']);
|
||||
$boolean = ($row['active'] == db_get_boolean(true));
|
||||
return array( 'subject' => $row['subject'],
|
||||
'body' => $row['body'],
|
||||
'active' => $boolean );
|
||||
}
|
||||
return false;
|
||||
}
|
||||
/**
|
||||
* @param string $username
|
||||
* @param string $subject
|
||||
* @param string $body
|
||||
*/
|
||||
function set_away($subject, $body) {
|
||||
$this->remove(); // clean out any notifications that might already have been sent.
|
||||
// is there an entry in the vacaton table for the user, or do we need to insert?
|
||||
$table_vacation = table_by_key('vacation');
|
||||
$username = escape_string($this->username);
|
||||
$body = escape_string($body);
|
||||
$subject = escape_string($subject);
|
||||
|
||||
$result = db_query("SELECT * FROM $table_vacation WHERE email = '$username'");
|
||||
// check if the user has a vacation entry already, if so just update it
|
||||
if($result['rows'] == 1) {
|
||||
$active = db_get_boolean(True);
|
||||
$result = db_query("UPDATE $table_vacation SET active = $active, body = '$body', subject = '$subject', created = NOW() WHERE email = '$username'");
|
||||
}
|
||||
else {
|
||||
$tmp = preg_split ('/@/', $username);
|
||||
$domain = escape_string($tmp[1]);
|
||||
$result = db_query ("INSERT INTO $table_vacation (email,subject,body,domain,created,active) VALUES ('$username','$subject','$body','$domain',NOW(),$Active)");
|
||||
}
|
||||
|
||||
$ah = new AliasHandler($this->username);
|
||||
$aliases = $ah->get(true);
|
||||
$vacation_address = $this->getVacationAlias();
|
||||
$aliases[] = $vacation_address;
|
||||
return $ah->update($aliases, '', false);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the vacation alias for this user.
|
||||
* i.e. if this user's username was roger@example.com, and the autoreply domain was set to
|
||||
* autoreply.fish.net in config.inc.php we'd return roger#example.com@autoreply.fish.net
|
||||
* @return string an email alias.
|
||||
*/
|
||||
public function getVacationAlias() {
|
||||
global $CONF;
|
||||
$vacation_domain = $CONF['vacation_domain'];
|
||||
$vacation_goto = preg_replace('/@/', '#', $this->username);
|
||||
$vacation_goto = "{$vacation_goto}@{$vacation_domain}";
|
||||
return $vacation_goto;
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue