function crypt_password($password) { if (empty($password)) { return "** EMPTY PASSWORD **"; } return crypt($password, dtc_makesalt()); }
function mail_account_generate_postfix() { global $pro_mysql_domain_table; global $pro_mysql_admin_table; global $pro_mysql_subdomain_table; global $console; global $conf_generated_file_path; global $conf_addr_mail_server; global $conf_dtcadmin_path; global $conf_unix_type; global $conf_nobody_user_id; global $conf_dtc_system_uid; global $conf_dtc_system_username; global $conf_use_cyrus; global $conf_use_mail_alias_group; global $conf_support_ticket_email; global $conf_support_ticket_fw_email; global $conf_support_ticket_domain; global $conf_main_domain; global $adm_realpass; global $adm_pass; global $adm_random_pass; //global $conf_postfix_virtual_mailbox_domains_path; //global $conf_postfix_virtual_path; //global $conf_postfix_vmailbox_path; //global $conf_postfix_virtual_uid_mapping_path; // prepend the configured path here $conf_postfix_virtual_mailbox_domains_path = $conf_generated_file_path . "/postfix_virtual_mailbox_domains"; $conf_local_domains_path = $conf_generated_file_path . "/local_domains"; $conf_postfix_virtual_path = $conf_generated_file_path . "/postfix_virtual"; $conf_postfix_aliases_path = $conf_generated_file_path . "/postfix_aliases"; $conf_postfix_vmailbox_path = $conf_generated_file_path . "/postfix_vmailbox"; $conf_postfix_virtual_uid_mapping_path = $conf_generated_file_path . "/postfix_virtual_uid_mapping"; $conf_postfix_relay_domains_path = $conf_generated_file_path . "/postfix_relay_domains"; $conf_postfix_relay_recipients_path = $conf_generated_file_path . "/postfix_relay_recipients"; $conf_postfix_recipient_lists_path = $conf_generated_file_path . "/recipientlists"; // now for our variables to write out the db info to $domains_file = ""; $local_domains_file = ""; $domains_postmasters_file = ""; $aliases_file = ""; $vmailboxes_file = ""; $uid_mappings_file = ""; $relay_domains_file = ""; $relay_recipients_file = ""; //store ALL of the domains we know about //if we manage to get better information later, don't worry about the entry on this one $relay_recipients_all_domains = ""; $data = ""; // init var for use later on #CL: Don create sasldb password when using cyrus. if ($conf_use_cyrus != "yes") { genSasl2PasswdDBStart(); } // go through each admin login and find the domains associated $query = "SELECT * FROM {$pro_mysql_admin_table} ORDER BY adm_login;"; $result = mysql_query($query) or die("Cannot execute query : \"{$query}\""); $num_rows = mysql_num_rows($result); if ($num_rows < 1) { die("No account to generate"); } for ($i = 0; $i < $num_rows; $i++) { $row = mysql_fetch_array($result) or die("Cannot fetch user-admin"); $user_admin_name = $row["adm_login"]; $user_admin_pass = $row["adm_pass"]; $adm_realpass = $row["adm_pass"]; $adm_pass = $row["adm_pass"]; $adm_random_pass = $row["adm_pass"]; $admin = fetchAdmin($user_admin_name, $user_admin_pass); if (($error = $admin["err"]) != 0) { die("Error fetching admin : {$error}"); } //Path of user's mailing lists $admin_path = getAdminPath($user_admin_name); $info = $admin["info"]; $nbr_domain = 0; if (isset($admin["data"])) { $data = $admin["data"]; $nbr_domain = sizeof($data); } for ($j = 0; $j < $nbr_domain; $j++) { $domain = $data[$j]; $domain_full_name = $domain["name"]; //$console .= "Processing $domain_full_name ...\n"; //if we are primary mx, add to domains //else add to relay $primary_mx = 0; if ($domain["primary_mx"] == "" || $domain["primary_mx"] == "default") { $primary_mx = 1; $domains_file .= "{$domain_full_name} virtual\n"; $local_domains_file .= "{$domain_full_name}\n"; } else { $relay_domains_file .= "{$domain_full_name}\n"; $relay_recipients_all_domains .= "{$domain_full_name}\n"; } $store_catch_all = ""; //$store_catch_all_md = ""; $catch_all_id = $domain["catchall_email"]; $abuse_address = 0; $postmaster_address = 0; // This should handle domain parking without a lot of code! :) if ($domain["domain_parking"] != "no-parking") { for ($b = 0; $b < $nbr_domain; $b++) { if ($data[$b]["name"] == $domain["domain_parking"]) { if (isset($data[$b]["emails"])) { $domain["emails"] = $data[$b]["emails"]; } else { unset($domain["emails"]); } } } } //Mail Group Aliases Start if ($conf_use_mail_alias_group == "yes") { if ($primary_mx && $domain["domain_parking"] != "no-parking") { // @domain1 -> @domain2 $domains_postmasters_file .= "# Mail Alias Groups for " . $domain["name"] . "\n"; $domains_postmasters_file .= "@" . $domain["name"] . " @" . $domain["domain_parking"] . "\n"; $domains_postmasters_file .= "#\n"; } elseif ($primary_mx && isset($domain["aliases"])) { // name@domain1 -> othername@domain1,user@domain2,etc. $aliases = $domain["aliases"]; $nbr_boites = sizeof($aliases); // go through each of these emails and build the vmailbox file //also create our sasldb2 if we have a saslpasswd2 exe for ($k = 0; $k < $nbr_boites; $k++) { $alias = $aliases[$k]; $id = $alias["id"]; $domain_parent = $alias["domain_parent"]; $ainc = $alias["autoinc"]; $mailbox_cleanup1 = str_replace("\r\n", "\n", $alias["delivery_group"]); $mailbox_cleanup2 = split("\n", $mailbox_cleanup1); $deliver_mailbox = ''; if ($k == 0) { $domains_postmasters_file .= "# Mail Alias Groups for : " . $domain_parent . "\n"; } for ($x = 0; $x < count($mailbox_cleanup2); $x++) { if ($x < count($mailbox_cleanup2) - 1) { $deliver_mailbox .= trim($mailbox_cleanup2[$x]) . ","; } else { $deliver_mailbox .= trim($mailbox_cleanup2[$x]); } } $domains_postmasters_file .= $id . "@" . $domain_parent . " " . $deliver_mailbox . "\n"; if ($k == $nbr_boites - 1) { $domains_postmasters_file .= "#\n"; } } } } //Mail Group Aliases End if (isset($domain["emails"]) && $primary_mx && $domain["domain_parking"] == "no-parking") { $emails = $domain["emails"]; $nbr_boites = sizeof($emails); // go through each of these emails and build the vmailbox file //also create our sasldb2 if we have a saslpasswd2 exe for ($k = 0; $k < $nbr_boites; $k++) { $email = $emails[$k]; $id = $email["id"]; $uid = $email["uid"]; // if our uid is 65534, make sure it's the correct uid as per the OS (99 for redhat) /* if ($uid == 65534){ $uid = $conf_nobody_user_id; }*/ $localdeliver = $email["localdeliver"]; $redirect1 = $email["redirect1"]; $redirect2 = $email["redirect2"]; $_id = strtr($id, ".", ":"); $home = $email["home"]; $passwdtemp = $email["passwd"]; $passwd = crypt($passwdtemp, dtc_makesalt()); $spam_mailbox = $email["spam_mailbox"]; $spam_mailbox_enable = $email["spam_mailbox_enable"]; $vacation_flag = $email["vacation_flag"]; $vacation_text = stripslashes($email["vacation_text"]); if ($k == 0) { $domains_postmasters_file .= "# Mailboxes for : " . $domain_full_name . "\n"; } $spam_stuff_done = 0; $homedir_created = 0; if (!isset($home) || $home == "" && $conf_use_cyrus != "yes") { $console .= "Missing home variable for {$id}"; } if (!is_dir($home) && $conf_use_cyrus != "yes" && strlen($home) > 0 && $id != "cyrus" && $id != "cyradm") { $PATH = getenv('PATH'); putenv("PATH=/usr/lib/courier-imap/bin:{$PATH}"); system("/bin/mkdir -p {$home} && maildirmake {$home}"); putenv("PATH={$PATH}"); $homedir_created = 1; } // if we have a $id equal to abuse if ($id == "abuse") { $abuse_address++; } if ($id == "postmaster") { $postmaster_address++; } // Previously: only generate sasl logins for local accounts // In fact, there is no reason to do so. We might want to create a mail account ONLY for sending // some mail, and not receiving. #CL: Not needed for cyrus if ($conf_use_cyrus != "yes") { genSasl2PasswdDBEntry($domain_full_name, $id, $passwdtemp, $conf_addr_mail_server); } // setup a postfix mapping for local delivery or vacation flags if ($localdeliver == "yes" || $localdeliver == "true" || $vacation_flag == "yes") { // setup the catch_all for locally delivered email addresses if ($id == $catch_all_id) { //$store_catch_all_md .= "@$domain_full_name $home/Maildir/\n"; $store_catch_all .= "@{$domain_full_name}\t{$id}@{$domain_full_name}\n"; } $vmailboxes_file .= "{$id}@{$domain_full_name} {$home}/Maildir/\n"; $uid_mappings_file .= "{$id}@{$domain_full_name} {$uid}\n"; if (isset($catch_all_id) || $catch_all_id != "") { //just so we can deliver to our vmailboxs if we have set a catch-all (otherwise postfix gets confused, and delivers all mail to the catch all) $domains_postmasters_file .= "{$id}@{$domain_full_name} {$id}@{$domain_full_name}\n"; } } if (isset($redirect1) && $redirect1 != "") { unset($extra_redirects); if ($localdeliver == "yes" || $localdeliver == "true" || $vacation_flag == "yes") { // need to generate .mailfilter file with "cc" and also local delivery if ($conf_use_cyrus != "yes" && (!isset($redirect2) || $redirect2 == "")) { genDotMailfilterFile($home, $id, $domain_full_name, $spam_mailbox_enable, $spam_mailbox, $localdeliver, $vacation_flag, $vacation_text, $redirect1); } $spam_stuff_done = 1; } else { $extra_redirects = " {$redirect1} "; } if ($redirect2 != "" && isset($redirect2)) { if ($localdeliver == "yes" || $localdeliver == "true" || $vacation_flag == "yes") { //need to generate .mailfilter file with "cc" and also local delivery if ($conf_use_cyrus != "yes") { genDotMailfilterFile($home, $id, $domain_full_name, $spam_mailbox_enable, $spam_mailbox, $localdeliver, $vacation_flag, $vacation_text, $redirect1, $redirect2); } $spam_stuff_done = 1; } else { if (isset($extra_redirects)) { $extra_redirects .= " , {$redirect2}"; } } } if ($store_catch_all == "" && ($id == "*" || $id == $catch_all_id)) { if (isset($extra_redirects)) { $store_catch_all .= "@{$domain_full_name} {$extra_redirects}\n"; } } else { if (isset($extra_redirects)) { $domains_postmasters_file .= "{$id}@{$domain_full_name}\t{$extra_redirects}\n"; } } unset($extra_redirects); } //if we haven't added the spam mailbox yet, do it here if ($spam_stuff_done == 0) { if ($conf_use_cyrus != "yes") { genDotMailfilterFile($home, $id, $domain_full_name, $spam_mailbox_enable, $spam_mailbox, $localdeliver, $vacation_flag, $vacation_text, $redirect1, $redirect2); } } if (is_dir($home) && $homedir_created == 1 && $id != "cyrus" && $id != "cyradm") { system("chown -R {$conf_dtc_system_username} {$home}"); } if ($k == $nbr_boites - 1) { $domains_postmasters_file .= "#\n"; } } } //add support for creation of mailing lists if (isset($domain["mailinglists"]) && $primary_mx) { $lists = $domain["mailinglists"]; $nbr_boites = sizeof($lists); // go through each of these lists and add to virtual maps and normal aliases for ($k = 0; $k < $nbr_boites; $k++) { $list = $lists[$k]; $list_id = $list["id"]; $list_name = $list["name"]; if ($list_name == "abuse") { $abuse_address++; } else { if ($list_name == "postmaster") { $postmaster_address++; } } $list_owner = $list["owner"]; $list_domain = $list["domain"]; $list_path = "{$admin_path}/{$list_domain}/lists"; $name = $list_domain . "_" . $list_name; if (!preg_match("/\\@/", $list_owner)) { $owner = $list_owner . "@" . $list_domain; } else { $owner = $list_owner; } $modified_name = str_replace("-", "_", $name); $domains_postmasters_file .= $list_name . "@" . $list_domain . " " . $modified_name . "\n"; $aliases_file .= $modified_name . ': "|/usr/bin/mlmmj-recieve -L ' . $list_path . '/' . $name . '/"' . "\n"; } } // if an abuse@ email hasn't been set, set one here to go to postmaster if ($abuse_address == 0 && $primary_mx) { $domains_postmasters_file .= "abuse@{$domain_full_name} postmaster\n"; } if ($postmaster_address == 0 && $primary_mx) { $domains_postmasters_file .= "postmaster@{$domain_full_name} postmaster\n"; } //always store catch all last... :) if (isset($store_catch_all) && $store_catch_all != "") { $domains_postmasters_file .= $store_catch_all; } //now store the Maildir version if (isset($store_catch_all_md) && $store_catch_all_md != "") { $vmailboxes_file .= $store_catch_all_md; } } } //check to see if the domain is in our local recipients first before adding to allowed relay domains $relay_domains_file_temp_list = explode("\n", get_remote_mail_domains()); foreach ($relay_domains_file_temp_list as $domain) { if (isset($domain) && strlen($domain) > 0) { if (!preg_match("/^{$domain}\\s/", $domains_file)) { $relay_domains_file .= "{$domain}\n"; } } } $relay_recipients_list = explode("\n", get_remote_mail_recipients()); foreach ($relay_recipients_list as $email) { if (isset($email) && strlen($email) > 0) { // echo "Stage 1 - adding $email"; $relay_recipients_file .= $email . " OK\n"; } } // if we haven't added the following domains to the $relay_recipients_file, then we need to add a wildcard, bad, but necessary for domains we don't have email lists for $relay_recipients_all_domains_list = explode("\n", $relay_recipients_all_domains); foreach ($relay_recipients_all_domains_list as $domain) { // if the $domain isn't set here, keep going if (!(isset($domain) && strlen($domain) > 0)) { continue; } //$console .= "$domain is being backed up\n"; //try and read a file here, and see if we have a list already created if (is_file("{$conf_postfix_recipient_lists_path}/{$domain}")) { //$console .= "File found with domain info - $conf_postfix_recipient_lists_path/$domain\n"; //check to see if we have already got this domain... //if we do, then it means that we have a rogue $domain file, and it should be deleted! :) if (preg_match("/\\@{$domain}\\s+OK/", $relay_recipients_file)) { unlink("{$conf_postfix_recipient_lists_path}/{$domain}"); } else { // echo "Reading $domain from recip file..."; $fp = fopen("{$conf_postfix_recipient_lists_path}/{$domain}", "r"); $contents = fread($fp, filesize("{$conf_postfix_recipient_lists_path}/{$domain}")); fclose($fp); //now we have found some domain email list, append it here $relay_recipients_file .= $contents; // echo "Stage 2 - adding $contents"; } } //finally check to see if we haven't got any entries for this domain if (!preg_match("/\\@{$domain}\\s+OK/", $relay_recipients_file)) { //$console .= "Faking domain entry for $domain...\n"; $relay_recipients_file .= "@{$domain} OK\n"; // echo "Stage 3 - adding $domain OK"; //write this to a file, so admin/users can edit later if (!file_exists("{$conf_postfix_recipient_lists_path}")) { //make a directory here if it doesn't exist yet mkdir("{$conf_postfix_recipient_lists_path}"); } $fp = fopen("{$conf_postfix_recipient_lists_path}/{$domain}", "w"); fwrite($fp, "@{$domain} OK\n"); fclose($fp); } } // Add the support@ email $aliases_file .= "dtc_support_ticket_messages: \"| " . $conf_dtcadmin_path . "/support-receive.php\"\n"; $domains_postmasters_file .= $conf_support_ticket_email . "@" . $conf_support_ticket_domain . " dtc_support_ticket_messages\n"; // Add the supportforward@ email $aliases_file .= "dtc_support_forward_ticket_messages: \"| reformime -e -s 1.2 | " . $conf_dtcadmin_path . "/support-receive.php\"\n"; $domains_postmasters_file .= $conf_support_ticket_fw_email . "@" . $conf_support_ticket_domain . " dtc_support_ticket_messages\n"; //write out our config files $fp = fopen("{$conf_postfix_virtual_mailbox_domains_path}", "w"); fwrite($fp, $domains_file); fclose($fp); $fp = fopen("{$conf_local_domains_path}", "w"); fwrite($fp, $local_domains_file); fclose($fp); $fp = fopen("{$conf_postfix_virtual_path}", "w"); fwrite($fp, $domains_postmasters_file); fclose($fp); $fp = fopen("{$conf_postfix_aliases_path}", "w"); fwrite($fp, $aliases_file); fclose($fp); $fp = fopen("{$conf_postfix_vmailbox_path}", "w"); fwrite($fp, $vmailboxes_file); fclose($fp); $fp = fopen("{$conf_postfix_virtual_uid_mapping_path}", "w"); fwrite($fp, $uid_mappings_file); fclose($fp); $fp = fopen("{$conf_postfix_relay_domains_path}", "w"); fwrite($fp, $relay_domains_file); fclose($fp); $fp = fopen("{$conf_postfix_relay_recipients_path}", "w"); fwrite($fp, $relay_recipients_file); fclose($fp); //now that we have our base files, go and rebuild the db's if ($conf_unix_type == "bsd") { $POSTMAP_BIN = "/usr/local/sbin/postmap -r"; $POSTALIAS_BIN = "/usr/local/sbin/postalias -r"; } else { $POSTMAP_BIN = "/usr/sbin/postmap -r"; $POSTALIAS_BIN = "/usr/sbin/postalias -r"; } system("{$POSTMAP_BIN} {$conf_postfix_virtual_mailbox_domains_path}"); system("{$POSTMAP_BIN} {$conf_postfix_virtual_path}"); system("{$POSTALIAS_BIN} {$conf_postfix_aliases_path}"); system("{$POSTMAP_BIN} {$conf_postfix_vmailbox_path}"); system("{$POSTMAP_BIN} {$conf_postfix_virtual_uid_mapping_path}"); system("{$POSTMAP_BIN} {$conf_postfix_relay_recipients_path}"); genSaslFinishConfigAndRights(); system("chown " . $conf_dtc_system_username . ":postfix " . $conf_generated_file_path . "/postfix_*"); //in case our relay_domains file hasn't been created correctly, we should touch it system("touch {$conf_postfix_relay_domains_path}"); }
function mail_account_generate_qmail() { global $pro_mysql_domain_table; global $pro_mysql_admin_table; global $pro_mysql_subdomain_table; global $pro_mysql_backup_table; global $console; global $conf_generated_file_path; global $conf_qmail_rcpthost_path; global $conf_qmail_virtualdomains_path; global $conf_qmail_assign_path; global $conf_qmail_poppasswd_path; global $conf_nobody_user_id; global $conf_nobody_group_id; global $conf_dtc_system_gid; global $conf_dtc_system_uid; global $conf_dtc_system_username; $rcpthosts_file = ""; $local_domains_file = ""; $virtualdomains_file = ""; $poppasswd_file = ""; $assign_file = ""; $more_rcpt = ""; $query = "SELECT * FROM {$pro_mysql_admin_table} ORDER BY adm_login;"; $result = mysql_query($query) or die("Cannot execute query : \"{$query}\""); $num_rows = mysql_num_rows($result); if ($num_rows < 1) { die("No account to generate"); } for ($i = 0; $i < $num_rows; $i++) { $row = mysql_fetch_array($result) or die("Cannot fetch user-admin"); $user_admin_name = $row["adm_login"]; $user_admin_pass = $row["adm_pass"]; $admin = fetchAdmin($user_admin_name, $user_admin_pass); $admin_path = getAdminPath($user_admin_name); if (($error = $admin["err"]) != 0) { die("Error fetching admin : {$error}"); } $info = $admin["info"]; if (isset($admin["data"])) { $data = $admin["data"]; $nbr_domain = sizeof($data); } else { $nbr_domain = 0; } for ($j = 0; $j < $nbr_domain; $j++) { $domain = $data[$j]; $domain_full_name = $domain["name"]; $domain_qmail_name = strtr($domain_full_name, ".", "-"); $rcpthosts_file .= "{$domain_full_name}\n"; $local_domains_file .= "{$domain_full_name}\n"; $more_rcpt .= "{$domain_full_name}\n"; if ($domain["primary_mx"] == "" || $domain["primary_mx"] == "default") { $virtualdomains_file .= "{$domain_full_name}:{$domain_qmail_name}\n"; $primary_mx = 1; } else { $primary_mx = 0; } if (isset($domain["mailinglists"]) && $primary_mx) { $lists = $domain["mailinglists"]; $nbr_boites = sizeof($lists); // go through each of these lists and add accounts to it for ($k = 0; $k < $nbr_boites; $k++) { $list = $lists[$k]; $list_id = $list["id"]; $list_name = $list["name"]; $list_owner = $list["owner"]; $list_domain = $list["domain"]; // add the missing domain to the list owner if (!preg_match("/\\@/", $list_owner)) { $list_owner .= "@" . $list_domain; } $list_path = "{$admin_path}/{$list_domain}/lists/{$list_domain}" . "_" . "{$list_name}"; writeMlmmjQmailFile($admin_path); $assign_file .= "+{$domain_qmail_name}-{$list_name}:{$conf_dtc_system_username}:{$conf_dtc_system_uid}:{$conf_dtc_system_gid}:{$list_path}:::\n"; } } if ($primary_mx && isset($domain["emails"])) { $emails = $domain["emails"]; $catch_all = $domain["catchall_email"]; $nbr_boites = sizeof($emails); $catch_all_flag = "no"; // Handles all domain parking nicely if ($domain["domain_parking"] != "no-parking") { for ($b = 0; $b < $nbr_domain; $b++) { if ($data[$b]["name"] == $domain["domain_parking"]) { $domain["emails"] = $data[$b]["emails"]; } } } // Loop for all mailboxes for ($k = 0; $k < $nbr_boites; $k++) { $email = $emails[$k]; $id = $email["id"]; $home = $email["home"]; // $box_path = "$admin_path/Mailboxs/$id"; $qmail_id = strtr($id, ".", ":"); $passwdtemp = $email["passwd"]; $passwd = crypt($passwdtemp, dtc_makesalt()); // This one is if you use the jedi's checkpassword programm // $poppasswd_file .= "$id@$domain_full_name:$passwd:nobody:$home\n"; // This one is for cmd5checkpw $poppasswd_file .= "{$id}@{$domain_full_name}:{$passwdtemp}\n"; if ($catch_all == $id) { $catch_all_flag = "yes"; $catchall_home = $home; } else { $assign_file .= "={$domain_qmail_name}-{$id}:{$conf_dtc_system_username}:{$conf_dtc_system_uid}:{$conf_dtc_system_gid}:{$home}:::\n"; } } // Gen the catchall if there is a box like that if ($catch_all_flag == "yes") { $assign_file .= "+{$domain_qmail_name}:{$conf_dtc_system_username}:{$conf_dtc_system_ui}:{$conf_dtc_system_gid}:" . getAdminPath($user_admin_name) . "/" . $domain["name"] . "/Mailboxs:::\n"; } } } } $rcpthosts_file .= get_remote_mail_domains(); $assign_file .= ".\n"; $fp = fopen("{$conf_generated_file_path}/{$conf_qmail_rcpthost_path}", "w"); fwrite($fp, $rcpthosts_file); fclose($fp); $fp = fopen("{$conf_generated_file_path}/local_domains", "w"); fwrite($fp, $local_domains_file); fclose($fp); $fp = fopen("{$conf_generated_file_path}/{$conf_qmail_virtualdomains_path}", "w"); fwrite($fp, $virtualdomains_file); fclose($fp); $fp = fopen("{$conf_generated_file_path}/{$conf_qmail_poppasswd_path}", "w"); fwrite($fp, $poppasswd_file); fclose($fp); $fp = fopen("{$conf_generated_file_path}/{$conf_qmail_assign_path}", "w"); fwrite($fp, $assign_file); fclose($fp); $fp = fopen("{$conf_generated_file_path}/morercpthosts", "w"); fwrite($fp, $more_rcpt); fclose($fp); }
function emailAccountsEditCallback($id) { global $cyrus_used; global $pro_mysql_pop_table; $q = "SELECT * FROM {$pro_mysql_pop_table} WHERE autoinc='{$id}';"; $r = mysql_query($q) or die("Cannot query {$q} line: " . __LINE__ . " file " . __FILE__ . " sql said:" . mysql_error()); $n = mysql_num_rows($r); if ($n != 1) { die("Cannot find created email line " . __LINE__ . " file " . __FILE__); } $a = mysql_fetch_array($r); $crypted_pass = crypt($a["passwd"], dtc_makesalt()); $q = "UPDATE {$pro_mysql_pop_table} SET crypt='{$crypted_pass}',quota_couriermaildrop=CONCAT(1024000*quota_size,'S,',quota_files,'C') WHERE autoinc='{$id}';"; $r = mysql_query($q) or die("Cannot query {$q} line: " . __LINE__ . " file " . __FILE__ . " sql said:" . mysql_error()); if (!$cyrus_used) { writeDotQmailFile($a["id"], $a["mbox_host"]); } updateUsingCron("gen_qmail='yes', qmail_newu='yes'"); if ($cyrus_used) { // login to cyradm $cyr_conn = new cyradm(); $error = $cyr_conn->imap_login(); if ($error != 0) { die("imap_login Error {$error}"); } if (!$a["quota_size"]) { die("invalid quota"); } $result = $cyr_conn->setmbquota("user/" . $a["fullemail"], $a["quota_size"]); } return ""; }
mysql_query($adm_query) or die("Cannot execute query \"{$adm_query}\""); updateUsingCron("gen_ssh='yes'"); } // $edssh_account $edit_domain $edssh_pass if (isset($_REQUEST["update_ssh_account"]) && $_REQUEST["update_ssh_account"] == "Ok") { checkLoginPassAndDomain($adm_login, $adm_pass, $edit_domain); $adm_path = getAdminPath($adm_login); if (!hasSSHLoginFlag($adm_login)) { $submit_err .= "You don't have the SSH login flag!"; $commit_flag = "no"; } if (0 != strncmp($adm_path, $_REQUEST["edssh_path"], strlen($adm_path) - 1) || strstr($_REQUEST["edssh_path"], '..') || strstr($_REQUEST["edssh_path"], "'") || strstr($_REQUEST["edssh_path"], "\\")) { $submit_err .= _("Your path is restricted to ") . ""{$adm_path}/{$edit_domain}/subdomains"<br>\n"; $commit_flag = "no"; } $new_path = $_REQUEST["edssh_path"]; if (!isFtpLogin($_REQUEST["edssh_account"])) { $submit_err .= _("Incorrect ssh login : this is not a good string for a ssh login, please enter a new one."); $commit_flag = "no"; } if (!isDTCPassword($_REQUEST["edssh_pass"])) { $submit_err .= _("Incorrect SSH password: from 6 to 16 chars, a-z A-Z 0-9"); $commit_flag = "no"; } $crypt_ssh_password = crypt($_REQUEST["edssh_pass"], dtc_makesalt()); if ($commit_flag == "yes") { $adm_query = "UPDATE {$pro_mysql_ssh_table} SET homedir='" . addslashes($new_path) . "', crypt='" . $crypt_ssh_password . "', password='******' WHERE login ='******' AND hostname='{$edit_domain}' LIMIT 1;"; mysql_query($adm_query) or die("Cannot execute query \"{$adm_query}\""); } updateUsingCron("gen_ssh='yes'"); }
function dtcListItemsEdit($dsc) { global $adm_pass; $out = "<h3>" . $dsc["title"] . "</u></b></h3>"; // Calculate the forwards parameters for links and forms $nbr_forwards = sizeof($dsc["forward"]); $keys_fw = array_keys($dsc["forward"]); $fw = ""; $fw_link = $_SERVER["PHP_SELF"] . "?"; for ($i = 0; $i < $nbr_forwards; $i++) { if ($dsc["forward"][$i] == "adm_pass") { $fw .= "<input type=\"hidden\" name=\"" . $dsc["forward"][$i] . "\" value=\"" . $adm_pass . "\">"; } else { $fw .= "<input type=\"hidden\" name=\"" . $dsc["forward"][$i] . "\" value=\"" . $_REQUEST[$dsc["forward"][$i]] . "\">"; } if ($i != 0) { $fw_link .= "&"; } if ($dsc["forward"][$i] == "adm_pass") { $fw_link .= $dsc["forward"][$i] . "={$adm_pass}"; } else { $fw_link .= $dsc["forward"][$i] . "=" . $_REQUEST[$dsc["forward"][$i]]; } } // Condition to add to each queries $where = "WHERE 1"; if (isset($dsc["order_by"])) { $order_by = " ORDER BY " . $dsc["order_by"]; } else { $order_by = ""; } $added_insert_names = ""; $added_insert_values = ""; if (isset($dsc["where_list"])) { $nbr_where = sizeof($dsc["where_list"]); $where_keys = array_keys($dsc["where_list"]); for ($i = 0; $i < $nbr_where; $i++) { if ($i != 0) { $added_insert_names .= ","; $added_insert_values .= ","; } $added_insert_names .= $where_keys[$i]; $added_insert_values .= "'" . $dsc["where_list"][$where_keys[$i]] . "'"; $where .= " AND " . $where_keys[$i] . "='" . $dsc["where_list"][$where_keys[$i]] . "'"; } // As there will be other fields, we need that one $added_insert_names .= ","; $added_insert_values .= ","; } // Number of fields that we are about to manage here and theire names $nbr_fld = sizeof($dsc["cols"]); $keys = array_keys($dsc["cols"]); // We need the current number of items now to check against the max number for addition $q = "SELECT " . $dsc["id_fld"] . "," . $dsc["list_fld_show"] . " FROM " . $dsc["table_name"] . " {$where};"; $r_item_list = mysql_query($q) or die("Cannot query {$q} in " . __FILE__ . " line " . __LINE__ . " sql said: " . mysql_error()); $current_num_items = mysql_num_rows($r_item_list); // SQL submit stuffs if (isset($_REQUEST["action"]) && $_REQUEST["action"] == $dsc["action"] . "_new_item") { // Todo: do the fields checkings $commit_flag = "yes"; $commit_err = ""; for ($i = 0; $i < $nbr_fld; $i++) { switch ($dsc["cols"][$keys[$i]]["type"]) { case "popup": case "radio": $nbr_choices = sizeof($dsc["cols"][$keys[$i]]["values"]); $is_one_of_them = "no"; for ($j = 0; $j < $nbr_choices; $j++) { if ($dsc["cols"][$keys[$i]]["values"][$j] == $_REQUEST[$keys[$i]]) { $is_one_of_them = "yes"; } } if ($is_one_of_them == "no") { $commit_flag = "no"; $commit_err = "the variable " . $keys[$i] . " is not one of the allowed values<br>"; } break; default: break; } if (isset($dsc["cols"][$keys[$i]]["check"])) { switch ($dsc["cols"][$keys[$i]]["check"]) { case "subdomain": if (!checkSubdomainFormat($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a subdomain<br>"; } } break; case "subdomain_or_ip": if (!checkSubdomainFormat($_REQUEST[$keys[$i]]) && !isIP($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a subdomain or IP addresse<br>"; } } break; case "ip6": if (!isIP6($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { if (!isset($dsc["cols"][$keys[$i]]["empty_makes_default"]) || $dsc["cols"][$keys[$i]]["empty_makes_default"] != "yes" || $_REQUEST[$keys[$i]] != "default") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not an IPv6 address<br>"; } } } break; case "ip_addr": if (!isIP($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not an IP address<br>"; } } break; case "domain_or_ip": if (!isIP($_REQUEST[$keys[$i]]) && !isHostname($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a domain or IP addresse<br>"; } } break; case "dtc_login": if (!isFtpLogin($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct login format.<br>"; } } break; case "dtc_login_or_email": if (!isFtpLogin($_REQUEST[$keys[$i]]) && !isValidEmail($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct login format.<br>"; } } break; case "mail_alias_group": $mail_alias_group_raw = trim($_REQUEST[$keys[$i]], "\r\n"); $mail_alias_nocr = str_replace("\r", "", $mail_alias_group_raw); $mail_alias_array = split("\n", $mail_alias_nocr); for ($x = 0; $x < count($mail_alias_array); $x++) { if (!isValidEmail($mail_alias_array[$x])) { $commit_flag = "no"; $commit_err .= $mail_alias_array[$x] . ": not a valid email format.<br>"; } } break; case "dtc_pass": if (!isDTCPassword($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct password format<br>"; } } break; case "email": if (!isValidEmail($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct email format<br>"; } } break; case "number": if (!isRandomNum($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct number format<br>"; } } break; case "max_value_2096": if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { if (!isRandomNum($_REQUEST[$keys[$i]])) { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct number format<br>"; } if ($_REQUEST[$keys[$i]] >= 2096) { $commit_flag = "no"; $commit_err .= $keys[$i] . ": is greater or equal than the max value 2096<br>"; } } break; default: $commit_flag = "no"; $commit_err .= $keys[$i] . ": unknown field checking type (" . $dsc["cols"][$keys[$i]]["check"] . ").<br>"; break; } } } if (isset($dsc["max_item"]) && $current_num_items >= $dsc["max_item"]) { $commit_flag = "no"; $commit_err = "Max number of items reached!"; } if (isset($dsc["check_unique"])) { $nbr_unique_check = sizeof($dsc["check_unique"]); $where_clause = ""; for ($i = 0; $i < $nbr_unique_check; $i++) { if ($i != 0) { $where_clause .= " AND "; } if (isset($dsc["cols"][$dsc["check_unique"][$i]]["happen_domain"])) { $where_clause .= $dsc["check_unique"][$i] . "='" . $_REQUEST[$dsc["check_unique"][$i]] . $dsc["cols"][$dsc["check_unique"][$i]]["happen_domain"] . "' "; } else { $where_clause .= $dsc["check_unique"][$i] . "='" . $_REQUEST[$dsc["check_unique"][$i]] . "' "; } } if (!isset($dsc["check_unique_use_where_list"]) || $dsc["check_unique_use_where_list"] == "yes") { $nbr_where_list_fld = sizeof($dsc["where_list"]); $where_list_keys_fld = array_keys($dsc["where_list"]); for ($i = 0; $i < $nbr_where_list_fld; $i++) { $where_clause .= " AND " . $where_list_keys_fld[$i] . "='" . $dsc["where_list"][$where_list_keys_fld[$i]] . "'"; } } $q = "SELECT * FROM " . $dsc["table_name"] . " WHERE {$where_clause} "; $r = mysql_query($q) or die("Cannot query \"{$q}\" line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); $n = mysql_num_rows($r); if ($n > 0) { $commit_flag = "no"; $commit_err = $dsc["check_unique_msg"]; } } // Build the request $fld_names = ""; $values = ""; $added_one = "no"; for ($i = 0; $i < $nbr_fld; $i++) { switch ($dsc["cols"][$keys[$i]]["type"]) { case "password": if ($added_one == "yes") { $fld_names .= ","; $values .= ","; } $fld_names .= $keys[$i]; if (isset($dsc["cols"][$keys[$i]]["empty_makes_sql_null"]) && $dsc["cols"][$keys[$i]]["empty_makes_sql_null"] == "yes" && $_REQUEST[$keys[$i]] == "") { $values .= "NULL"; } else { if (isset($dsc["cols"][$keys[$i]]["empty_makes_default"]) && $dsc["cols"][$keys[$i]]["empty_makes_default"] == "yes" && $_REQUEST[$keys[$i]] == "") { $values .= "'default'"; } else { if (isset($dsc["cols"][$keys[$i]]["happen_domain"])) { $values .= "'" . addslashes($_REQUEST[$keys[$i]]) . $dsc["cols"][$keys[$i]]["happen_domain"] . "'"; } else { $values .= "'" . addslashes($_REQUEST[$keys[$i]]) . "'"; } // if the crypt field is set, then we use this as the SQL field to populate the crypted password into if (isset($dsc["cols"][$keys[$i]]["cryptfield"])) { if ($added_one == "yes") { $fld_names .= ","; $values .= ","; } $fld_names .= $dsc["cols"][$keys[$i]]["cryptfield"]; $values .= "'" . crypt($_REQUEST[$keys[$i]], dtc_makesalt()) . "'"; } } } $added_one = "yes"; break; case "text": case "textarea": if ($added_one == "yes") { $fld_names .= ","; $values .= ","; } $fld_names .= $keys[$i]; if (isset($dsc["cols"][$keys[$i]]["empty_makes_sql_null"]) && $dsc["cols"][$keys[$i]]["empty_makes_sql_null"] == "yes" && $_REQUEST[$keys[$i]] == "") { $values .= "NULL"; } else { if (isset($dsc["cols"][$keys[$i]]["empty_makes_default"]) && $dsc["cols"][$keys[$i]]["empty_makes_default"] == "yes" && $_REQUEST[$keys[$i]] == "") { $values .= "'default'"; } else { if (isset($dsc["cols"][$keys[$i]]["happen_domain"])) { $values .= "'" . addslashes($_REQUEST[$keys[$i]]) . $dsc["cols"][$keys[$i]]["happen_domain"] . "'"; } else { $values .= "'" . addslashes($_REQUEST[$keys[$i]]) . "'"; } } } $added_one = "yes"; break; case "checkbox": if ($added_one == "yes") { $fld_names .= ","; $values .= ","; } $added_one = "yes"; $fld_names .= $keys[$i]; if (isset($_REQUEST[$keys[$i]])) { $values .= "'" . $dsc["cols"][$keys[$i]]["values"][0] . "'"; } else { $values .= "'" . $dsc["cols"][$keys[$i]]["values"][1] . "'"; } break; case "popup": case "radio": if ($added_one == "yes") { $fld_names .= ","; $values .= ","; } $fld_names .= $keys[$i]; $values .= "'" . addslashes($_REQUEST[$keys[$i]]) . "'"; $added_one = "yes"; break; } } if ($commit_flag == "yes") { $q = "INSERT INTO " . $dsc["table_name"] . " ({$added_insert_names} {$fld_names}) VALUES ({$added_insert_values} {$values});"; $success = "yes"; $r = mysql_query($q) or $success = "no"; if ($success == "yes") { $insert_id = mysql_insert_id(); if (isset($dsc["create_item_callback"])) { $out .= $dsc["create_item_callback"]($insert_id); } } else { $out .= "<font color=\"red\">Cannot query {$q} in " . __FILE__ . " line " . __LINE__ . " sql said: " . mysql_error() . "</font>"; } } else { $out .= "<font color=\"red\">Could not commit the changes because of an error in field format: <br>{$commit_err}</font><br>"; } } else { if (isset($_REQUEST["action"]) && $_REQUEST["action"] == $dsc["action"] . "_save_item") { // Todo: do the fields checkings $commit_flag = "yes"; $commit_err = ""; for ($i = 0; $i < $nbr_fld; $i++) { switch ($dsc["cols"][$keys[$i]]["type"]) { case "checkbox": break; case "popup": case "radio": case "checkbox": $nbr_choices = sizeof($dsc["cols"][$keys[$i]]["values"]); $is_one_of_them = "no"; for ($j = 0; $j < $nbr_choices; $j++) { if ($dsc["cols"][$keys[$i]]["values"][$j] == $_REQUEST[$keys[$i]]) { $is_one_of_them = "yes"; } } if ($is_one_of_them == "no") { $commit_flag = "no"; $commit_err = "the variable " . $keys[$i] . " is not one of the allowed values<br>"; } break; default: break; } if (isset($dsc["cols"][$keys[$i]]["check"]) && (!isset($dsc["cols"][$keys[$i]]["disable_edit"]) || $dsc["cols"][$keys[$i]]["disable_edit"] != "yes")) { switch ($dsc["cols"][$keys[$i]]["check"]) { case "subdomain": if (!checkSubdomainFormat($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a subdomain<br>"; } } break; case "subdomain_or_ip": if (!checkSubdomainFormat($_REQUEST[$keys[$i]]) && !isIP($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a subdomain or IP addresse<br>"; } } break; case "ip6": if (!isIP6($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { if (!isset($dsc["cols"][$keys[$i]]["empty_makes_default"]) || $dsc["cols"][$keys[$i]]["empty_makes_default"] != "yes" || $_REQUEST[$keys[$i]] != "default") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not an IPv6 address<br>"; } } } break; case "ip_addr": if (!isIP($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not an IP address<br>"; } } break; case "domain_or_ip": if (!isIP($_REQUEST[$keys[$i]]) && !isHostname($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a domain or IP addresse<br>"; } } break; case "dtc_login": if (!isFtpLogin($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct login format.<br>"; } } break; case "dtc_login_or_email": if (!isFtpLogin($_REQUEST[$keys[$i]]) && !isValidEmail($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct login format.<br>"; } } break; case "mail_alias_group": $mail_alias_group_raw = trim($_REQUEST[$keys[$i]], "\r\n"); $mail_alias_nocr = str_replace("\r", "", $mail_alias_group_raw); $mail_alias_array = split("\n", $mail_alias_nocr); for ($x = 0; $x < count($mail_alias_array); $x++) { if (!isValidEmail($mail_alias_array[$x])) { $commit_flag = "no"; $commit_err .= $mail_alias_array[$x] . ": not a valid email format.<br>"; } } break; case "dtc_pass": if (!isDTCPassword($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct password format<br>"; } } break; case "email": if (!isValidEmail($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct email format<br>"; } } break; case "number": if (!isRandomNum($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct number format<br>"; } } break; case "max_value_2096": if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { if (!isRandomNum($_REQUEST[$keys[$i]])) { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct number format<br>"; } if ($_REQUEST[$keys[$i]] >= 2096) { $commit_flag = "no"; $commit_err .= $keys[$i] . ": is greater or equal than the max value 2096<br>"; } } break; default: $commit_flag = "no"; $commit_err .= $keys[$i] . ": unknown field checking type (" . $dsc["cols"][$keys[$i]]["check"] . ").<br>"; break; } } } // Build the request $added_one = "no"; $reqs = ""; for ($i = 0; $i < $nbr_fld; $i++) { switch ($dsc["cols"][$keys[$i]]["type"]) { case "id": $id_fldname = $keys[$i]; $id_fld_value = addslashes($_REQUEST[$keys[$i]]); break; case "readonly": break; case "text": case "textarea": case "password": if (!isset($dsc["cols"][$keys[$i]]["disable_edit"]) || $dsc["cols"][$keys[$i]]["disable_edit"] != "yes") { if ($added_one == "yes") { $reqs .= ","; } if (isset($dsc["cols"][$keys[$i]]["happen_domain"])) { $happen = $dsc["cols"][$keys[$i]]["happen_domain"]; } else { $happen = ""; } if (isset($dsc["cols"][$keys[$i]]["empty_makes_sql_null"]) && $dsc["cols"][$keys[$i]]["empty_makes_sql_null"] == "yes" && $_REQUEST[$keys[$i]] == "") { $reqs .= $keys[$i] . "=NULL"; } else { if (isset($dsc["cols"][$keys[$i]]["empty_makes_default"]) && $dsc["cols"][$keys[$i]]["empty_makes_default"] == "yes" && $_REQUEST[$keys[$i]] == "") { $reqs .= $keys[$i] . "='default'"; } else { $reqs .= $keys[$i] . "='" . addslashes($_REQUEST[$keys[$i]]) . $happen . "'"; // if the crypt field is set, then we use this as the SQL field to populate the crypted password into if (isset($dsc["cols"][$keys[$i]]["cryptfield"])) { if ($added_one == "yes") { $reqs .= ", "; } $reqs .= " " . $dsc["cols"][$keys[$i]]["cryptfield"] . "='" . crypt($_REQUEST[$keys[$i]], dtc_makesalt()) . "' "; } } } $added_one = "yes"; } break; case "popup": case "radio": if ($added_one == "yes") { $reqs .= ","; } $reqs .= $keys[$i] . "='" . addslashes($_REQUEST[$keys[$i]]) . "'"; $added_one = "yes"; break; case "checkbox": if ($added_one == "yes") { $reqs .= ","; } if (isset($_REQUEST[$keys[$i]])) { $reqs .= $keys[$i] . "='" . $dsc["cols"][$keys[$i]]["values"][0] . "'"; } else { $reqs .= $keys[$i] . "='" . $dsc["cols"][$keys[$i]]["values"][1] . "'"; } break; default: die($dsc["cols"][$keys[$i]]["type"] . ": Not implemented yet line " . __LINE__ . " file " . __FILE__); break; } } if ($commit_flag != "yes") { $out .= "<font color=\"red\">Could not commit the changes because of an error in field format: [todo: error desc]<br>{$commit_err}</font>"; } else { if (!isset($id_fldname) || !isset($id_fld_value)) { $out .= "<font color=\"red\">Could not commit the changes because the id is not set!</font>"; } else { $q = "UPDATE " . $dsc["table_name"] . " SET {$reqs} {$where} AND {$id_fldname}='{$id_fld_value}';"; $r = mysql_query($q) or $out .= "<font color=\"red\">Cannot query {$q} in " . __FILE__ . " line " . __LINE__ . " sql said: " . mysql_error() . "</font>"; if (isset($dsc["edit_item_callback"])) { $dsc["edit_item_callback"]($id_fld_value); } } } } else { if (isset($_REQUEST["action"]) && $_REQUEST["action"] == $dsc["action"] . "_delete_item") { for ($i = 0; $i < $nbr_fld; $i++) { if ($dsc["cols"][$keys[$i]]["type"] == "id") { $id_fldname = $keys[$i]; $id_fld_value = addslashes($_REQUEST[$keys[$i]]); } } if (isset($id_fldname) && isset($id_fld_value)) { if (isset($dsc["delete_item_callback"])) { $dsc["delete_item_callback"]($id_fld_value); } $q = "DELETE FROM " . $dsc["table_name"] . " {$where} AND {$id_fldname}='" . $id_fld_value . "';"; $r = mysql_query($q) or $out .= "<font color=\"red\">Cannot query {$q} in " . __FILE__ . " line " . __LINE__ . " sql said: " . mysql_error() . "</font>"; } else { $out .= "<font color=\"red\">Could not commit the deletion because the id field could not be found.</font>"; } } } } // We have to query it again, in case an insert or a delete has occured! $q = "SELECT " . $dsc["id_fld"] . "," . $dsc["list_fld_show"] . " FROM " . $dsc["table_name"] . " {$where} {$order_by};"; $r_item_list = mysql_query($q) or die("Cannot query {$q} in " . __FILE__ . " line " . __LINE__ . " sql said: " . mysql_error()); $current_num_items = mysql_num_rows($r_item_list); if (isset($dsc["max_item"])) { if ($current_num_items >= $dsc["max_item"]) { $out .= "<font color=\"red\">"; } $out .= $dsc["num_item_txt"] . $current_num_items . "/" . $dsc["max_item"]; if ($current_num_items >= $dsc["max_item"]) { $out .= "</font>"; } $out .= "<br><br>"; } // First display a list of items for ($i = 0; $i < $current_num_items; $i++) { $a = mysql_fetch_array($r_item_list); if ($i != 0) { $out .= " - "; } if (isset($_REQUEST["subaction"]) && $_REQUEST["subaction"] == $dsc["action"] . "_edit_item" && $_REQUEST["item"] == $a[$dsc["id_fld"]]) { $out .= $a[$dsc["list_fld_show"]]; } else { $out .= "<a href=\"{$fw_link}&subaction=" . $dsc["action"] . "_edit_item&item=" . $a[$dsc["id_fld"]] . "\">" . $a[$dsc["list_fld_show"]] . "</a>"; } } $out .= "<br><br>"; // Creation of new items if (!isset($_REQUEST["subaction"]) || $_REQUEST["subaction"] != $dsc["action"] . "_edit_item") { $out .= $dsc["new_item_link"] . "<br><br>"; $out .= "<h3>" . $dsc["new_item_title"] . "</h3><br>"; if (isset($dsc["max_item"]) && $current_num_items >= $dsc["max_item"]) { $out .= "<font color=\"red\">" . _("Maximum number reached") . "!</font><br>"; } else { $out .= "<form name=\"" . $dsc["action"] . "_new_item_frm\" action=\"" . $_SERVER["PHP_SELF"] . "\">{$fw}\n\t\t\t\t<input type=\"hidden\" name=\"action\" value=\"" . $dsc["action"] . "_new_item\">" . dtcFormTableAttrs(); for ($i = 0; $i < $nbr_fld; $i++) { if (isset($dsc["cols"][$keys[$i]]["help"])) { $help = $dsc["cols"][$keys[$i]]["help"]; } else { $help = ""; } switch ($dsc["cols"][$keys[$i]]["type"]) { case "id": $out .= "<input type=\"hidden\" name=\"" . $keys[$i] . "\" value=\"\">"; break; case "password": $genpass = autoGeneratePassButton($dsc["action"] . "_new_item_frm", $keys[$i]); $ctrl = "<input type=\"password\" name=\"" . $keys[$i] . "\" value=\"\">{$genpass}"; $out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help); break; case "text": case "readonly": if (isset($dsc["cols"][$keys[$i]]["hide_create"]) && $dsc["cols"][$keys[$i]]["hide_create"] == "yes") { break; } if (isset($dsc["cols"][$keys[$i]]["happen_domain"])) { $happen = $dsc["cols"][$keys[$i]]["happen_domain"]; } else { $happen = ""; } if (isset($dsc["cols"][$keys[$i]]["happen"])) { $happen .= $dsc["cols"][$keys[$i]]["happen"]; } if (isset($dsc["cols"][$keys[$i]]["default"])) { $ctrl_value = $dsc["cols"][$keys[$i]]["default"]; } else { $ctrl_value = ""; } if ($dsc["cols"][$keys[$i]]["type"] == "readonly") { $ctrl = "<input type=\"text\" name=\"" . $keys[$i] . "\" value=\"{$ctrl_value}\" READONLY>{$happen}"; } else { $ctrl = "<input type=\"text\" name=\"" . $keys[$i] . "\" value=\"{$ctrl_value}\">{$happen}"; } $out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help); break; case "textarea": if (isset($dsc["cols"][$keys[$i]]["cols"])) { $ctrl_cols = " cols=\"" . $dsc["cols"][$keys[$i]]["cols"] . "\" "; } else { $ctrl_cols = ""; } if (isset($dsc["cols"][$keys[$i]]["rows"])) { $ctrl_rows = " rows=\"" . $dsc["cols"][$keys[$i]]["rows"] . "\" "; } else { $ctrl_rows = ""; } $ctrl = "<textarea {$ctrl_cols} {$ctrl_rows} name=\"" . $keys[$i] . "\"></textarea>"; $out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help); break; case "radio": $nbr_choices = sizeof($dsc["cols"][$keys[$i]]["values"]); $ctrl = ""; for ($x = 0; $x < $nbr_choices; $x++) { if (isset($dsc["cols"][$keys[$i]]["default"])) { if ($dsc["cols"][$keys[$i]]["values"][$x] == $dsc["cols"][$keys[$i]]["default"]) { $selected = " checked "; } else { $selected = ""; } } else { if ($x == 0) { $selected = " checked "; } else { $selected = ""; } } if (isset($dsc["cols"][$keys[$i]]["display_replace"][$x])) { $display_val = $dsc["cols"][$keys[$i]]["display_replace"][$x]; } else { $display_val = $dsc["cols"][$keys[$i]]["values"][$x]; } $ctrl .= "<input type=\"radio\" name=\"" . $keys[$i] . "\" value=\"" . $dsc["cols"][$keys[$i]]["values"][$x] . "\" {$selected}> "; $ctrl .= $display_val; } $out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help); break; case "checkbox": if (!isset($dsc["cols"][$keys[$i]]["default"])) { $checked = " checked "; } else { $checked = " "; } $ctrl = "<input type=\"checkbox\" name=\"" . $keys[$i] . "\" value=\"yes\" {$checked}>"; $out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help); break; case "popup": $nbr_choices = sizeof($dsc["cols"][$keys[$i]]["values"]); $ctrl = "<select name=\"" . $keys[$i] . "\">"; for ($x = 0; $x < $nbr_choices; $x++) { $selected = ""; if (isset($dsc["cols"][$keys[$i]]["default"])) { if ($dsc["cols"][$keys[$i]]["values"][$x] == $dsc["cols"][$keys[$i]]["default"]) { $selected = " selected "; } else { $selected = ""; } } if (isset($dsc["cols"][$keys[$i]]["display_replace"][$x])) { $display_val = $dsc["cols"][$keys[$i]]["display_replace"][$x]; } else { $display_val = $dsc["cols"][$keys[$i]]["values"][$x]; } $ctrl .= " <option value=\"" . $dsc["cols"][$keys[$i]]["values"][$x] . "\" {$selected}>{$display_val}</option>"; } $out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help); break; default: $ctrl = "Not implemented yet!!!"; $out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help); break; } } $out .= dtcFromOkDraw(); $out .= "</table></form>"; } // Edition of existing items } else { $out .= "<a href=\"{$fw_link}&subaction=" . $dsc["action"] . "_new_item\">" . $dsc["new_item_link"] . "</a><br><br>"; $out .= "<h3>" . $dsc["edit_item_title"] . "</h3><br>"; $q = "SELECT * FROM " . $dsc["table_name"] . " {$where} AND " . $dsc["id_fld"] . "='" . addslashes($_REQUEST["item"]) . "';"; $r = mysql_query($q) or die("Cannot query {$q} in " . __FILE__ . " line " . __LINE__ . " sql said: " . mysql_error()); $n = mysql_num_rows($r); if ($n == 1) { $a = mysql_fetch_array($r); $out .= "<form name=\"" . $dsc["action"] . "_save_item_frm\" action=\"" . $_SERVER["PHP_SELF"] . "\">{$fw}"; $out .= "<input type=\"hidden\" name=\"action\" value=\"" . $dsc["action"] . "_save_item\">"; $out .= "<input type=\"hidden\" name=\"subaction\" value=\"" . $dsc["action"] . "_edit_item\">"; $out .= "<input type=\"hidden\" name=\"item\" value=\"" . $a[$dsc["id_fld"]] . "\">"; $out .= dtcFormTableAttrs(); for ($j = 0; $j < $nbr_fld; $j++) { $the_fld = $dsc["cols"][$keys[$j]]; if (isset($dsc["cols"][$keys[$j]]["help"])) { $help = $dsc["cols"][$keys[$j]]["help"]; } else { $help = ""; } switch ($the_fld["type"]) { case "id": $out .= "<input type=\"hidden\" name=\"" . $keys[$j] . "\" value=\"" . $a[$keys[$j]] . "\">"; $id_fldname = $keys[$j]; $id_fld_value = $a[$keys[$j]]; break; case "textarea": if (isset($dsc["cols"][$keys[$j]]["cols"])) { $ctrl_cols = " cols=\"" . $dsc["cols"][$keys[$j]]["cols"] . "\" "; } else { $ctrl_cols = ""; } if (isset($dsc["cols"][$keys[$j]]["rows"])) { $ctrl_rows = " rows=\"" . $dsc["cols"][$keys[$j]]["rows"] . "\" "; } else { $ctrl_rows = ""; } $ctrl = "<textarea {$ctrl_cols} {$ctrl_rows} name=\"" . $keys[$j] . "\">" . stripslashes($a[$keys[$j]]) . "</textarea>"; $out .= dtcFormLineDraw($dsc["cols"][$keys[$j]]["legend"], $ctrl, $j % 2, $help); break; case "password": case "text": case "readonly": if (isset($dsc["cols"][$keys[$j]]["disable_edit"]) && $dsc["cols"][$keys[$j]]["disable_edit"] == "yes") { $disabled = " disabled "; } else { $disabled = " "; } if (isset($dsc["cols"][$keys[$j]]["size"])) { $size = " size=\"" . $dsc["cols"][$keys[$j]]["size"] . "\" "; } else { $size = ""; } if (isset($dsc["cols"][$keys[$j]]["happen_domain"]) && preg_match("/" . $dsc["cols"][$keys[$j]]["happen_domain"] . "\$/", $a[$keys[$j]])) { $input_disp_value = substr($a[$keys[$j]], 0, strlen($a[$keys[$j]]) - strlen($dsc["cols"][$keys[$j]]["happen_domain"])); $happen = $dsc["cols"][$keys[$j]]["happen_domain"]; } else { if ($dsc["cols"][$keys[$j]]["type"] != "readonly") { $input_disp_value = $a[$keys[$j]]; } $happen = ""; } if (isset($dsc["cols"][$keys[$j]]["happen"])) { $happen .= $dsc["cols"][$keys[$j]]["happen"]; } if ($the_fld["type"] == "password") { $genpass = autoGeneratePassButton($dsc["action"] . "_save_item_frm", $keys[$j]); $input_disp_type = "password"; } else { $genpass = ""; $input_disp_type = "text"; } // Do this only for readonly if ($dsc["cols"][$keys[$j]]["type"] == "readonly") { $disabled = " READONLY"; isset($dsc["cols"][$keys[$j]]["default"]) ? $input_disp_value = $dsc["cols"][$keys[$j]]["default"] : ($input_disp_value = ''); isset($dsc["cols"][$keys[$j]]["happen"]) ? $happen = $dsc["cols"][$keys[$j]]["happen"] : ($happen = ''); } if (isset($dsc["cols"][$keys[$j]]["callback"])) { $retArray = $dsc["cols"][$keys[$j]]["callback"]($id_fld_value); $input_disp_value = $retArray["value"]; $happen = $retArray["happen"]; } $ctrl = "<input type=\"{$input_disp_type}\" {$size} name=\"" . $keys[$j] . "\" value=\"" . stripslashes($input_disp_value) . "\" {$disabled}>{$genpass}{$happen}"; $out .= dtcFormLineDraw($dsc["cols"][$keys[$j]]["legend"], $ctrl, $j % 2, $help); break; case "radio": $nbr_choices = sizeof($dsc["cols"][$keys[$j]]["values"]); $ctrl = ""; for ($x = 0; $x < $nbr_choices; $x++) { if ($dsc["cols"][$keys[$j]]["values"][$x] == $a[$keys[$j]]) { $selected = " checked "; } else { $selected = ""; } $ctrl .= " <input type=\"radio\" name=\"" . $keys[$j] . "\" value=\"" . $dsc["cols"][$keys[$j]]["values"][$x] . "\" {$selected}> "; $ctrl .= $dsc["cols"][$keys[$j]]["values"][$x]; } $out .= dtcFormLineDraw($dsc["cols"][$keys[$j]]["legend"], $ctrl, $j % 2, $help); break; case "checkbox": if ($dsc["cols"][$keys[$j]]["values"][0] == $a[$keys[$j]]) { $selected = " checked "; } else { $selected = " "; } $ctrl = "<input type=\"checkbox\" name=\"" . $keys[$j] . "\" value=\"yes\" " . $selected . ">"; $out .= dtcFormLineDraw($dsc["cols"][$keys[$j]]["legend"], $ctrl, $j % 2, $help); break; case "popup": $nbr_choices = sizeof($dsc["cols"][$keys[$j]]["values"]); $ctrl = "<select name=\"" . $keys[$j] . "\">"; for ($x = 0; $x < $nbr_choices; $x++) { if ($dsc["cols"][$keys[$j]]["values"][$x] == $a[$keys[$j]]) { $selected = " selected "; } else { $selected = ""; } if (isset($dsc["cols"][$keys[$j]]["display_replace"][$x])) { $display_val = $dsc["cols"][$keys[$j]]["display_replace"][$x]; } else { $display_val = $dsc["cols"][$keys[$j]]["values"][$x]; } $ctrl .= " <option value=\"" . $dsc["cols"][$keys[$j]]["values"][$x] . "\" {$selected}>{$display_val}</option>"; } $out .= dtcFormLineDraw($dsc["cols"][$keys[$j]]["legend"], $ctrl, $j % 2, $help); break; default: $ctrl = "Not implemented yet!!!"; $out .= dtcFormLineDraw($dsc["cols"][$keys[$j]]["legend"], $ctrl, $j % 2, $help); break; } } $delete_button = "<form action=\"" . $_SERVER["PHP_SELF"] . "\">{$fw}\n\t\t\t<input type=\"hidden\" name=\"action\" value=\"" . $dsc["action"] . "_delete_item" . "\">\n\t\t\t<input type=\"hidden\" name=\"{$id_fldname}\" value=\"{$id_fld_value}\">\n\t\t\t" . dtcDeleteButton() . "</form>"; $out .= "<tr><td> </td><td><table cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n\t\t\t<tr><td>" . dtcApplyButton() . "</form></td><td>{$delete_button}</td></tr></table></td></tr>"; $out .= "</table>"; } else { $out .= "No item by this number!"; } } return $out; }