Development

Navigation

← Previous Changeset
Next Changeset →

Changeset 1349

Timestamp:

09/14/08 23:31:35 (3 months ago)

Author:

scitech

Message:

Encrypt email password in database. Encrypt sql password in database. Fixed #1535: Wrong error text in user Email creation. Fixed #1396: Wordwrap in ticket system. Fixed #1533 Hardcoded FTP sepparator

Files:

trunk/CHANGELOG (modified) (1 diff)
trunk/engine/ispcp-mbox-mngr (modified) (10 diffs)
trunk/gui/admin/index.php (modified) (5 diffs)
trunk/gui/client/mail_add.php (modified) (12 diffs)
trunk/gui/client/mail_edit.php (modified) (4 diffs)
trunk/gui/client/sql_change_password.php (modified) (2 diffs)
trunk/gui/client/sql_execute_query.php (modified) (3 diffs)
trunk/gui/client/sql_manage.php (modified) (3 diffs)
trunk/gui/client/sql_pma_login.php (deleted)
trunk/gui/client/sql_user_add.php (modified) (8 diffs)
trunk/gui/include/admin-functions.php (modified) (38 diffs)
trunk/gui/include/client-functions.php (modified) (8 diffs)
trunk/gui/include/critical-update-functions.php (added)
trunk/gui/include/ispcp-config.php (modified) (1 diff)
trunk/gui/include/ispcp-lib.php (modified) (3 diffs)
trunk/gui/reseller/ticket_view.php (modified) (1 diff)
trunk/gui/themes/omega_original/admin/index.tpl (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

trunk/CHANGELOG

r1348	r1349
1	1	ispCP ω 1.0.0 Changelog
2	2	~~~~~~~~~~~~~~~~~~~~~~~~~~~
	3	2008-08-26 Daniel Andreca
	4	- GUI:
	5	* encript email password in database
	6	* encript sql password in database
	7	* Fixed #1535: Wrong error text in user Email creation
	8	* Fixed #1396: Wordwrap in ticket system
	9	* Fixed #1533 Hardcoded FTP sepparator
	10
3	11	2008-09-10 Daniel Andreca
4	12	- LANGUAGES:

trunk/engine/ispcp-mbox-mngr

r1333	r1349
1835	1835	my $mail_autorespond = @$mbox_data[8];
1836	1836
1837
1838	1837	my $virtual_mail_dir = $main::cfg{'MTA_VIRTUAL_MAIL_DIR'};
1839	1838
…	…
1842	1841	my $mbox_gid = $main::cfg{'MTA_MAILBOX_GID'};
1843	1842
1844
1845	1843	my $conf_dir = $main::cfg{'CONF_DIR'};
1846	1844
…	…
1849	1847	my $cmd_makeuserdb = $main::cfg{'CMD_MAKEUSERDB'};
1850	1848
1851
1852	1849	my $working_dir = "$conf_dir/courier/working";
1853	1850
…	…
1864	1861	my $userdb_backup_cfg = "$backup_dir/userdb.$timestamp";
1865	1862
	1863	if ($mail_type=~ /.normal_mail./ \|\| $mail_type=~ /.subdom_mail./ \|\| $mail_type=~ /.alias_mail./){
	1864
	1865	$mail_pass=decrypt_db_password($mail_pass);
	1866
	1867	}
	1868
1866	1869	($rs, $sys) = get_file($userdb_cfg);
1867	1870
…	…
1986	1989	my $mail_autorespond = @$mbox_data[8];
1987	1990
1988
1989	1991	my $virtual_mail_dir = $main::cfg{'MTA_VIRTUAL_MAIL_DIR'};
1990	1992
…	…
1993	1995	my $mbox_gid = $main::cfg{'MTA_MAILBOX_GID'};
1994	1996
1995
1996	1997	my $conf_dir = $main::cfg{'CONF_DIR'};
1997	1998
…	…
2000	2001	my $cmd_makeuserdb = $main::cfg{'CMD_MAKEUSERDB'};
2001	2002
2002
2003	2003	my $working_dir = "$conf_dir/courier/working";
2004	2004
…	…
2015	2015	my $userdb_backup_cfg = "$backup_dir/userdb.$timestamp";
2016	2016
	2017	if ($mail_type=~ /.normal_mail./ \|\| $mail_type=~ /.subdom_mail./ \|\| $mail_type=~ /.alias_mail./){
	2018
	2019	$mail_pass=decrypt_db_password($mail_pass);
	2020
	2021	}
	2022
2017	2023	($rs, $sys) = get_file($userdb_cfg);
2018	2024
…	…
2178	2184
2179	2185	my $check_user = undef;
	2186
	2187	if ($mail_type=~ /.normal_mail./ \|\| $mail_type=~ /.subdom_mail./ \|\| $mail_type=~ /.alias_mail./){
	2188
	2189	$mail_pass=decrypt_db_password($mail_pass);
	2190
	2191	}
2180	2192
2181	2193	do {
…	…
2351	2363
2352	2364	my $check_user = undef;
	2365
	2366	if ($mail_type=~ /.normal_mail./ \|\| $mail_type=~ /.subdom_mail./ \|\| $mail_type=~ /.alias_mail./){
	2367
	2368	$mail_pass=decrypt_db_password($mail_pass);
	2369
	2370	}
2353	2371
2354	2372	do {

trunk/gui/admin/index.php

r1327	r1349
33	33	$tpl->define_dynamic('update_message', 'page');
34	34	$tpl->define_dynamic('database_update_message', 'page');
	35	$tpl->define_dynamic('critical_update_message', 'page');
35	36	$tpl->define_dynamic('traff_warn', 'page');
36	37
…	…
38	39	$user_id = $_SESSION['user_id'];
39	40
40		$query = ~~<<<SQL_QUERY~~
41		select
42		~~count(ticket_id~~) as cnum
43		from
44		tickets
45		where
46		~~ticket_to~~ = ?
47		and
48		~~(ticket_status = '2' or ticket_status~~ = '5')
49		and
50		~~ticket_reply~~ = 0
51		~~SQL_QUERY~~;
	41	$query = "
	42	SELECT
	43	count(`ticket_id`) as cnum
	44	FROM
	45	`tickets`
	46	WHERE
	47	`ticket_to` = ?
	48	AND
	49	(`ticket_status` = '2' or `ticket_status` = '5')
	50	AND
	51	`ticket_reply` = 0
	52	";
52	53
53	54	$rs = exec_query($sql, $query, array($user_id));
…	…
113	114	$tpl->assign(array('DATABASE_UPDATE_MESSAGE' => ''));
114	115	}
	116	if (checkNewCriticalRevisionExists()) {
	117	executeCriticalUpdates();
	118	$tpl->assign(array('CRITICAL_MESSAGE' => 'Critical update has been performed'));
	119	$tpl->parse('CRITICAL_UPDATE_MESSAGE', 'critical_update_message');
	120	}
	121	else {
	122	$tpl->assign(array('CRITICAL_UPDATE_MESSAGE' => ''));
	123	}
115	124	}
116	125
117	126	function gen_server_trafic(&$tpl, &$sql) {
118		$query = <<<SQL_QUERY
119		select
120		straff_max,straff_warn
121		from
122		straff_settings
123		SQL_QUERY;
	127	$query = "SELECT `straff_max`, `straff_warn` FROM `straff_settings`";
124	128
125	129	$rs = exec_query($sql, $query, array());
…	…
131	135	$ldofmnth = mktime(1, 0, 0, date("m") + 1, 0, date("Y"));
132	136
133		$query = ~~<<<SQL_QUERY~~
134		select
135		~~IFNULL((sum(bytes_in) + sum(bytes_out)), 0) as~~ traffic
136		from
137		server_traffic
138		where
139		~~traff_time~~ > ?
140		and
141		~~traff_time~~ < ?
142		~~SQL_QUERY~~;
	137	$query = "
	138	SELECT
	139	IFNULL((sum(`bytes_in`) + sum(`bytes_out`)), 0) AS traffic
	140	FROM
	141	`server_traffic`
	142	WHERE
	143	`traff_time` > ?
	144	AND
	145	`traff_time` < ?
	146	";
143	147
144	148	$rs1 = exec_query($sql, $query, array($fdofmnth, $ldofmnth));
…	…
171	175
172	176	$tpl->assign(
173		array('TRAFFIC_WARNING' => $traff_msg,
	177	array(
	178	'TRAFFIC_WARNING' => $traff_msg,
174	179	'BAR_VALUE' => $bar_value,
175		)
176		);
	180	)
	181	);
177	182	}
178	183

trunk/gui/client/mail_add.php

r1346	r1349
40	40
41	41	function gen_page_form_data(&$tpl, $dmn_name, $post_check) {
42		$dmn_name = decode_idna($dmn_name);
43
44		if ($post_check === 'no') {
45
46		$tpl->assign(array('USERNAME' => "",
47		'DOMAIN_NAME' => $dmn_name,
48		'MAIL_DMN_CHECKED' => "checked=\"checked\"",
49		'MAIL_ALS_CHECKED' => "",
50		'MAIL_SUB_CHECKED' => "",
51		'NORMAL_MAIL_CHECKED' => "checked=\"checked\"",
52		'FORWARD_MAIL_CHECKED' => "",
53		'FORWARD_LIST' => ""));
54
55		} else {
56		if (!isset($_POST['forward_list'])) {
57		$f_list = '';
58		} else {
59		$f_list = $_POST['forward_list'];
60		}
61
62		$tpl->assign(
	42	$dmn_name = decode_idna($dmn_name);
	43
	44	if ($post_check === 'no') {
	45
	46	$tpl->assign(array('USERNAME' => "",
	47	'DOMAIN_NAME' => $dmn_name,
	48	'MAIL_DMN_CHECKED' => "checked=\"checked\"",
	49	'MAIL_ALS_CHECKED' => "",
	50	'MAIL_SUB_CHECKED' => "",
	51	'NORMAL_MAIL_CHECKED' => "checked=\"checked\"",
	52	'FORWARD_MAIL_CHECKED' => "",
	53	'FORWARD_LIST' => ""));
	54
	55	} else {
	56	if (!isset($_POST['forward_list'])) {
	57	$f_list = '';
	58	} else {
	59	$f_list = $_POST['forward_list'];
	60	}
	61
	62	$tpl->assign(
63	63	array(
64	64	'USERNAME' => clean_input($_POST['username']),
65		'DOMAIN_NAME' => $dmn_name,
66		'MAIL_DMN_CHECKED' => ($_POST['dmn_type'] === 'dmn') ? "checked=\"checked\"" : "",
67		'MAIL_ALS_CHECKED' => ($_POST['dmn_type'] === 'als') ? "checked=\"checked\"" : "",
68		'MAIL_SUB_CHECKED' => ($_POST['dmn_type'] === 'sub') ? "checked=\"checked\"" : "",
69		'NORMAL_MAIL_CHECKED' => (isset($_POST['mail_type_normal'])) ? "checked=\"checked\"" : "",
70		'FORWARD_MAIL_CHECKED' => (isset($_POST['mail_type_forward'])) ? "checked=\"checked\"" : "",
71		'FORWARD_LIST' => $f_list
	65	'DOMAIN_NAME' => $dmn_name,
	66	'MAIL_DMN_CHECKED' => ($_POST['dmn_type'] === 'dmn') ? "checked=\"checked\"" : "",
	67	'MAIL_ALS_CHECKED' => ($_POST['dmn_type'] === 'als') ? "checked=\"checked\"" : "",
	68	'MAIL_SUB_CHECKED' => ($_POST['dmn_type'] === 'sub') ? "checked=\"checked\"" : "",
	69	'NORMAL_MAIL_CHECKED' => (isset($_POST['mail_type_normal'])) ? "checked=\"checked\"" : "",
	70	'FORWARD_MAIL_CHECKED' => (isset($_POST['mail_type_forward'])) ? "checked=\"checked\"" : "",
	71	'FORWARD_LIST' => $f_list
72	72	)
73	73	);
74		}
	74	}
75	75	}
76	76
77	77	function gen_dmn_als_list(&$tpl, &$sql, $dmn_id, $post_check) {
78		$ok_status = Config::get('ITEM_OK_STATUS');
79
80		$query = <<<SQL_QUERY
81		SELECT
82		alias_id, alias_name
83		FROM
84		domain_aliasses
85		WHERE
86		~~domain_id~~ = ?
87		AND
88		~~alias_status~~ = ?
89		ORDER BY
90		alias_name
91		~~SQL_QUERY~~;
92
93		$rs = exec_query($sql, $query, array($dmn_id, $ok_status));
94		if ($rs->RecordCount() == 0) {
95		$tpl->assign(
96		array(
97		'ALS_ID' => '0',
98		'ALS_SELECTED' => 'selected',
99		'ALS_NAME' => tr('Empty list')
100		)
101		);
102		$tpl->parse('ALS_LIST', 'als_list');
103		$tpl->assign('TO_ALIAS_DOMAIN', '');
104		$_SESSION['alias_count'] = "no";
105		} else {
106		$first_passed = false;
107		while (!$rs->EOF) {
108		if ($post_check === 'yes') {
109		if (!isset($_POST['als_id'])) {
110		$als_id = "";
111		} else {
112		$als_id = $_POST['als_id'];
113		}
114
115		if ($als_id == $rs->fields['alias_id']) {
116		$als_selected = 'selected';
117		} else {
118		$als_selected = '';
119		}
120		} else {
121		if (!$first_passed) {
122		$als_selected = 'selected';
123		} else {
124		$als_selected = '';
125		}
126		}
127
128		$alias_name = decode_idna($rs->fields['alias_name']);
129		$tpl->assign(array('ALS_ID' => $rs->fields['alias_id'],
130		'ALS_SELECTED' => $als_selected,
131		'ALS_NAME' => $alias_name));
132		$tpl->parse('ALS_LIST', '.als_list');
133		$rs->MoveNext();
134
135		if (!$first_passed)
	78	$ok_status = Config::get('ITEM_OK_STATUS');
	79
	80	$query = "
	81	SELECT
	82	`alias_id`, `alias_name`
	83	FROM
	84	`domain_aliasses`
	85	WHERE
	86	`domain_id` = ?
	87	AND
	88	`alias_status` = ?
	89	ORDER BY
	90	`alias_name`
	91	";
	92
	93	$rs = exec_query($sql, $query, array($dmn_id, $ok_status));
	94	if ($rs->RecordCount() == 0) {
	95	$tpl->assign(
	96	array(
	97	'ALS_ID' => '0',
	98	'ALS_SELECTED' => 'selected',
	99	'ALS_NAME' => tr('Empty list')
	100	)
	101	);
	102	$tpl->parse('ALS_LIST', 'als_list');
	103	$tpl->assign('TO_ALIAS_DOMAIN', '');
	104	$_SESSION['alias_count'] = "no";
	105	} else {
	106	$first_passed = false;
	107	while (!$rs->EOF) {
	108	if ($post_check === 'yes') {
	109	if (!isset($_POST['als_id'])) {
	110	$als_id = "";
	111	} else {
	112	$als_id = $_POST['als_id'];
	113	}
	114
	115	if ($als_id == $rs->fields['alias_id']) {
	116	$als_selected = 'selected';
	117	} else {
	118	$als_selected = '';
	119	}
	120	} else {
	121	if (!$first_passed) {
	122	$als_selected = 'selected';
	123	} else {
	124	$als_selected = '';
	125	}
	126	}
	127
	128	$alias_name = decode_idna($rs->fields['alias_name']);
	129	$tpl->assign(array('ALS_ID' => $rs->fields['alias_id'],
	130	'ALS_SELECTED' => $als_selected,
	131	'ALS_NAME' => $alias_name));
	132	$tpl->parse('ALS_LIST', '.als_list');
	133	$rs->MoveNext();
	134
	135	if (!$first_passed)
136	136	$first_passed = true;
137		}
138		}
	137	}
	138	}
139	139	}
140	140
141	141	function gen_dmn_sub_list(&$tpl, &$sql, $dmn_id, $dmn_name, $post_check) {
142		$ok_status = Config::get('ITEM_OK_STATUS');
143
144		$query = <<<SQL_QUERY
145		SELECT
146		subdomain_id as sub_id, subdomain_name as sub_name
147		FROM
148		subdomain
149		WHERE
150		domain_id = ?
151		AND
152		subdomain_status = ?
153		ORDER BY
154		subdomain_name
155		SQL_QUERY;
156
157		$rs = exec_query($sql, $query, array($dmn_id, $ok_status));
158
159		if ($rs->RecordCount() == 0) {
160		$tpl->assign(array('SUB_ID' => '0',
161		'SUB_SELECTED' => 'selected',
162		'SUB_NAME' => tr('Empty list')));
163		$tpl->parse('SUB_LIST', 'sub_list');
164		$tpl->assign('TO_SUBDOMAIN', '');
165		$_SESSION['subdomain_count'] = "no";
166		} else {
167		$first_passed = false;
168
169		while (!$rs->EOF) {
170		if ($post_check === 'yes') {
171		if (!isset($_POST['sub_id'])) {
172		$sub_id = "";
173		} else {
174		$sub_id = $_POST['sub_id'];
175		}
176
177		if ($sub_id == $rs->fields['sub_id']) {
178		$sub_selected = 'selected';
179		} else {
180		$sub_selected = '';
181		}
182		} else {
183		if (!$first_passed) {
184		$sub_selected = 'selected';
185		} else {
186		$sub_selected = '';
187		}
188		}
189
190		$sub_name = decode_idna($rs->fields['sub_name']);
191		$dmn_name = decode_idna($dmn_name);
192		$tpl->assign(
	142	$ok_status = Config::get('ITEM_OK_STATUS');
	143
	144	$query = "
	145	SELECT
	146	`subdomain_id` as sub_id, `subdomain_name` as sub_name
	147	FROM
	148	`subdomain`
	149	WHERE
	150	`domain_id` = ?
	151	AND
	152	`subdomain_status` = ?
	153	ORDER BY
	154	`subdomain_name`
	155	";
	156
	157	$rs = exec_query($sql, $query, array($dmn_id, $ok_status));
	158
	159	if ($rs->RecordCount() == 0) {
	160	$tpl->assign(
	161	array(
	162	'SUB_ID' => '0',
	163	'SUB_SELECTED' => 'selected',
	164	'SUB_NAME' => tr('Empty list')
	165	)
	166	);
	167	$tpl->parse('SUB_LIST', 'sub_list');
	168	$tpl->assign('TO_SUBDOMAIN', '');
	169	$_SESSION['subdomain_count'] = "no";
	170	} else {
	171	$first_passed = false;
	172
	173	while (!$rs->EOF) {
	174	if ($post_check === 'yes') {
	175	if (!isset($_POST['sub_id'])) {
	176	$sub_id = "";
	177	} else {
	178	$sub_id = $_POST['sub_id'];
	179	}
	180
	181	if ($sub_id == $rs->fields['sub_id']) {
	182	$sub_selected = 'selected';
	183	} else {
	184	$sub_selected = '';
	185	}
	186	} else {
	187	if (!$first_passed) {
	188	$sub_selected = 'selected';
	189	} else {
	190	$sub_selected = '';
	191	}
	192	}
	193
	194	$sub_name = decode_idna($rs->fields['sub_name']);
	195	$dmn_name = decode_idna($dmn_name);
	196	$tpl->assign(
193	197	array(
194	198	'SUB_ID' => $rs->fields['sub_id'],
195		'SUB_SELECTED' => $sub_selected,
196		'SUB_NAME' => $sub_name . '.' . $dmn_name
	199	'SUB_SELECTED' => $sub_selected,
	200	'SUB_NAME' => $sub_name . '.' . $dmn_name
197	201	)
198	202	);
199		$tpl->parse('SUB_LIST', '.sub_list');
200		$rs->MoveNext();
201
202		if (!$first_passed)
	203	$tpl->parse('SUB_LIST', '.sub_list');
	204	$rs->MoveNext();
	205
	206	if (!$first_passed)
203	207	$first_passed = true;
204		}
205		}
	208	}
	209	}
206	210	}
207	211
208	212	function schedule_mail_account(&$sql, $domain_id, $dmn_name) {
209		// 20080218: added support for the mail_addr field: complete mail address in the db
210
211		// standard whithout encoding
212		// $mail_acc = $_POST['username'];
213		// lets encode the mail ??? only crazy ones encode the local_part
214		$mail_acc_tmp = strtolower(clean_input($_POST['username']));
215		if (ispcp_check_local_part($mail_acc_tmp) == "0") {
216		set_page_message(tr("Invalid Mail Localpart Format used!"));
217		return;
218		} else {
219		$mail_acc = $mail_acc_tmp;
220		}
221		$mail_auto_respond = false;
222		$mail_auto_respond_text = '';
223		$mail_addr = '';
224
225		if ($_POST['mail_type_normal'] \|\| $_POST['mail_type_forward']) {
	213	// 20080218: added support for the mail_addr field: complete mail address in the db
	214
	215	// standard whithout encoding
	216	// $mail_acc = $_POST['username'];
	217	// lets encode the mail ??? only crazy ones encode the local_part
	218	$mail_acc_tmp = strtolower(clean_input($_POST['username']));
	219	if (ispcp_check_local_part($mail_acc_tmp) == "0") {
	220	set_page_message(tr("Invalid Mail Localpart Format used!"));
	221	return;
	222	} else {
	223	$mail_acc = $mail_acc_tmp;
	224	}
	225	$mail_auto_respond = false;
	226	$mail_auto_respond_text = '';
	227	$mail_addr = '';
	228
	229	if ($_POST['mail_type_normal'] \|\| $_POST['mail_type_forward']) {
226	230	if ($_POST['mail_type_normal']) {
227	231	if ($_POST['dmn_type'] === 'dmn') {
…	…
237	241	$sub_id = $_POST['sub_id'];
238	242	// search the complete address
239		$query = ~~<<<SQL_QUERY~~
	243	$query = "
240	244	SELECT
241	245	`subdomain_name`
…	…
244	248	WHERE
245	249	`subdomain_id` = ?
246		~~SQL_QUERY~~;
247		$rs = exec_query($sql, $query, array($sub_id));
248		$mail_addr = $mail_acc.'@'.decode_idna($rs->fields['subdomain_name']).'.'.$dmn_name; // the complete address
249		} else if ($_POST['dmn_type'] === 'als') {
	250	";
	251	$rs = exec_query($sql, $query, array($sub_id));
	252	$mail_addr = $mail_acc.'@'.decode_idna($rs->fields['subdomain_name']).'.'.$dmn_name; // the complete address
	253	} else if ($_POST['dmn_type'] === 'als') {
250	254	$mail_pass = $_POST['pass'];
251	255	$mail_forward = '_no_';
…	…
253	257	$sub_id = $_POST['als_id'];
254	258	// search the complete address
255		$query = ~~<<<SQL_QUERY~~
	259	$query = "
256	260	SELECT
257	261	`alias_name`
…	…
260	264	WHERE
261	265	`alias_id` = ?
262		~~SQL_QUERY~~;
	266	";
263	267	$rs = exec_query($sql, $query, array($sub_id));
264	268	$mail_addr = $mail_acc.'@'.decode_idna($rs->fields['alias_name']); // the complete address
…	…
304	308	$mail_accs[] = $value;
305	309	}
306		$mail_forward = implode(',', $mail_accs);
	310	$mail_forward = implode(',', $mail_accs);
307	311	}
308	312
…	…
310	314	list($dmn_type, $type) = split('_', $mail_type, 2);
311	315
312		$check_acc_query = ~~<<<SQL_QUERY~~
	316	$check_acc_query = "
313	317	SELECT
314	318	COUNT(mail_id) AS cnt
…	…
323	327	AND
324	328	LEFT (`mail_type`, LOCATE('_', `mail_type`)-1) = ?
325		SQL_QUERY;
326
327		$rs = exec_query($sql, $check_acc_query, array($mail_acc, $domain_id, $sub_id, $dmn_type));
328		}
329
330		if ($rs->fields['cnt'] > 0) {
331		set_page_message(tr('Mail account already exists!'));
332		return false;
333		}
334
335		check_for_lock_file();
336
337		$query = <<<SQL_QUERY
338		INSERT INTO mail_users
339		(mail_acc,
340		mail_pass,
341		mail_forward,
342		domain_id,
343		mail_type,
344		sub_id,
345		status,
346		mail_auto_respond,
347		mail_auto_respond_text,
348		mail_addr)
349		VALUES
350		(?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
351		SQL_QUERY;
352
353		$rs = exec_query($sql, $query, array($mail_acc,
354		$mail_pass,
355		$mail_forward,
356		$domain_id,
357		$mail_type,
358		$sub_id,
359		Config::get('ITEM_ADD_STATUS'),
360		$mail_auto_respond,
361		$mail_auto_respond_text,
362		$mail_addr));
363
364		write_log($_SESSION['user_logged'] . ": adds new mail account: " . (isset($mail_addr) ? $mail_addr : $mail_acc));
365		set_page_message(tr('Mail account scheduled for addition!'));
366		send_request();
367		header("Location: mail_accounts.php");
368		exit(0);
	329	";
	330
	331	$rs = exec_query($sql, $check_acc_query, array($mail_acc, $domain_id, $sub_id, $dmn_type));
	332	}
	333
	334	if ($rs->fields['cnt'] > 0) {
	335	set_page_message(tr('Mail account already exists!'));
	336	return false;
	337	}
	338
	339	if (preg_match("/^normal_mail/",$mail_type)\|\|preg_match("/^alias_mail/",$mail_type)\|\|preg_match("/^subdom_mail/",$mail_type)){
	340	$mail_pass=encrypt_db_password($mail_pass);
	341	}
	342
	343	check_for_lock_file();
	344
	345	$query = "
	346	INSERT INTO mail_users (
	347	mail_acc,
	348	mail_pass,
	349	mail_forward,
	350	domain_id,
	351	mail_type,
	352	sub_id,
	353	status,
	354	mail_auto_respond,
	355	mail_auto_respond_text,
	356	mail_addr
	357	) VALUES
	358	(?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
	359	";
	360
	361	$rs = exec_query($sql, $query, array($mail_acc,
	362	$mail_pass,
	363	$mail_forward,
	364	$domain_id,
	365	$mail_type,
	366	$sub_id,
	367	Config::get('ITEM_ADD_STATUS'),
	368	$mail_auto_respond,
	369	$mail_auto_respond_text,
	370	$mail_addr));
	371
	372	write_log($_SESSION['user_logged'] . ": adds new mail account: " . (isset($mail_addr) ? $mail_addr : $mail_acc));
	373	set_page_message(tr('Mail account scheduled for addition!'));
	374	send_request();
	375	header("Location: mail_accounts.php");
	376	exit(0);
369	377	}
370	378
…	…
379	387	}
380	388
381		if ($mail_type_normal) {
382		$pass = clean_input($_POST['pass']);
383		$pass_rep = clean_input($_POST['pass_rep']);
384		}
385
386		if (!isset($_POST['username']) \|\| $_POST['username'] === '') {
387		set_page_message(tr('Please enter mail account username!'));
388		return false;
389		}
390
391		if ($mail_type_normal) {
392		if (trim($pass) === '' \|\| trim($pass_rep) === '') {
393		set_page_message(tr('Password data is missing!'));
394		return false;
395		} else if ($pass !== $pass_rep) {
396		set_page_message(tr('Entered passwords differ!'));
397		return false;
398		} else if (!chk_password($pass, 50, "/[`\xb4'\"\\\\\x01-\x1f\015\012\|<>^$]/i")) {
399		// Not permitted chars
400		set_page_message(tr('Password data is shorter than %s signs or includes not permitted signs!', Config::get('PASSWD_CHARS')));
401		return false;
402		}
403		}
404
405		if ($_POST['dmn_type'] === 'sub' && !isset($_POST['sub_id'])) {
406		set_page_message(tr('Subdomain list is empty! You cannot add mail accounts!'));
407		return false;
408		}
409
410		if ($_POST['dmn_type'] === 'als' && !isset($_POST['als_id'])) {
411		set_page_message(tr('Alias list is empty! You cannot add mail accounts!'));
412		return false;
413		}
414
415		if ($mail_type_forward && empty($_POST['forward_list'])) {
416		set_page_message(tr('Forward list is empty!'));
417		return false;
418		}
419
420		schedule_mail_account($sql, $dmn_id, $dmn_name);
	389	if ($mail_type_normal) {
	390	$pass = clean_input($_POST['pass']);
	391	$pass_rep = clean_input($_POST['pass_rep']);
	392	}
	393
	394	if (!isset($_POST['username']) \|\| $_POST['username'] === '') {
	395	set_page_message(tr('Please enter mail account username!'));
	396	return false;
	397	}
	398
	399	if ($mail_type_normal) {
	400	if (trim($pass) === '' \|\| trim($pass_rep) === '') {
	401	set_page_message(tr('Password data is missing!'));
	402	return false;
	403	} else if ($pass !== $pass_rep) {
	404	set_page_message(tr('Entered passwords differ!'));
	405	return false;
	406	} else if (!chk_password($pass, 50, "/[`\xb4'\"\\\\\x01-\x1f\015\012\|<>^$]/i")) {
	407	// Not permitted chars
	408	set_page_message(tr('Password data is shorter than %s signs or includes not permitted signs!', Config::get('PASSWD_CHARS')));
	409	return false;
	410	}
	411	}
	412
	413	if ($_POST['dmn_type'] === 'sub' && !isset($_POST['sub_id'])) {
	414	set_page_message(tr('Subdomain list is empty! You cannot add mail accounts!'));
	415	return false;
	416	}
	417
	418	if ($_POST['dmn_type'] === 'als' && !isset($_POST['als_id'])) {
	419	set_page_message(tr('Alias list is empty! You cannot add mail accounts!'));
	420	return false;
	421	}
	422
	423	if ($mail_type_forward && empty($_POST['forward_list'])) {
	424	set_page_message(tr('Forward list is empty!'));
	425	return false;
	426	}
	427
	428	schedule_mail_account($sql, $dmn_id, $dmn_name);
421	429	}
422	430
423	431	function gen_page_mail_acc_props(&$tpl, &$sql, $user_id) {
424		list($dmn_id,
425		$dmn_name,
426		$dmn_gid,
427		$dmn_uid,
428		$dmn_created_id,
429		$dmn_created,
430		$dmn_last_modified,
431		$dmn_mailacc_limit,
432		$dmn_ftpacc_limit,
433		$dmn_traff_limit,
434		$dmn_sqld_limit,
435		$dmn_sqlu_limit,
436		$dmn_status,
437		$dmn_als_limit,
438		$dmn_subd_limit,
439		$dmn_ip_id,
440		$dmn_disk_limit,
441		$dmn_disk_usage,
442		$dmn_php,
443		$dmn_cgi) = get_domain_default_props($sql, $user_id);
444
445		list($mail_acc_cnt,
446		$dmn_mail_acc_cnt,
447		$sub_mail_acc_cnt,
448		$als_mail_acc_cnt) = get_domain_running_mail_acc_cnt($sql, $dmn_id);
449
450		if ($dmn_mailacc_limit != 0 && $mail_acc_cnt >= $dmn_mailacc_limit) {
451		set_page_message(tr('Mail accounts limit reached!'));
452		header("Location: mail_accounts.php");
453		die();
454		} else {
455		if (!isset($_POST['uaction'])) {
456		gen_page_form_data($tpl, $dmn_name, 'no');
457		gen_dmn_als_list($tpl, $sql, $dmn_id, 'no');
458		gen_dmn_sub_list($tpl, $sql, $dmn_id, $dmn_name, 'no');
459		gen_page_js($tpl);
460		} else if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_user') {
461		gen_page_form_data($tpl, $dmn_name, 'yes');
462		gen_dmn_als_list($tpl, $sql, $dmn_id, 'yes');
463		gen_dmn_sub_list($tpl, $sql, $dmn_id, $dmn_name, 'yes');
464		check_mail_acc_data($sql, $dmn_id, $dmn_name);
465		}
466		}
	432	list($dmn_id,
	433	$dmn_name,
	434	$dmn_gid,
	435	$dmn_uid,
	436	&nbs