function createuser($user = null)
{
global $pref, $atmail, $settings, $domains;
// If we are using LDAP, grab the user details via the LDAP server
if ($pref['ldap_auth']) {
$ldapuser = $this->ldap_auth_populate($this->username);
// LDAP mod --- changed user[FirstName], & user[LastName] to user[Industry], & user[Occupation]
$user['Industry'] = $ldapuser['FirstName'];
$user['Occupation'] = $ldapuser['LastName'];
$user['RealName'] = $ldapuser['RealName'];
//echo $user['FirstName'] . ":" . $user['LastName'] . "\n";
}
if (!$pref['crypt'] || !$atmail->isset_chk($domains[$this->pop3host])) {
// Plaintext password
$pass = $this->password;
} else {
// Encrypt the password
$pass = crypt($this->password);
}
$this->SessionID = session_id();
// Load our table names
$atmail->db->table_names($this->Account);
// Log the time we created the account
$time = time();
// Specify the 'default' user group if none exists
if (!$user['UGroup']) {
$user['UGroup'] = 'Default';
}
// Purge any invalid entries in the DB
$atmail->db->sqldo("delete from UserSession where Account=?", $this->Account);
// Create a new SessionID for the user
$query = "INSERT INTO UserSession (Account, Password, SessionID, LastLogin, PasswordMD5, SessionData) VALUES(?, ?, ?, ?, ?, ?)";
$data = array($this->Account, $pass, $this->SessionID, $time, md5($pass), '');
$res = $atmail->db->sqldo($query, $data);
if ($res != 1) {
return -1;
}
$settings['UseSSL'] = 0;
// Select the MailType - SQL or Flatfile
// All functions are based on what type of account the user has
if (!$domains[$this->pop3host]) {
$settings['MailType'] = $_REQUEST['MailType'];
if (strpos($settings['MailType'], 's')) {
$settings['UseSSL'] = 1;
$settings['MailType'] = str_replace('s', '', $settings['MailType']);
}
} elseif ($pref['sql_type'] && $domains[$this->pop3host]) {
$settings['MailType'] = 'sql';
} elseif (!$pref['sql_type'] && $domains[$this->pop3host]) {
$settings['MailType'] = 'file';
}
if ($pref['sql_type']) {
$settings['Mode'] = 'sql';
} else {
$settings['Mode'] = 'file';
}
if (!$user['UserQuota']) {
$user['UserQuota'] = $settings['UserQuota'];
}
// Build an SQL query for the new User
$query = "INSERT INTO Users (UGroup, Address, BirthDay, BirthMonth, BirthYear, City, Country, TelHome,\r\n\t\t\t\t FaxHome, TelWork, FaxWork, TelMobile, TelPager, FirstName, Gender, Industry, LastName,\r\n\t\t\t\t Occupation, OtherEmail, PasswordQuestion, PostCode, State, DateCreate, UserStatus,\r\n\t\t\t\t Account, MailDir, UserQuota) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, {$atmail->db->NOW},\r\n\t\t\t\t ?, ?, ?, ?)";
if (empty($user['BirthYear'])) {
$user['BirthYear'] = 0;
}
$data = array($user['UGroup'], $user['Address'], $user['BirthDay'], $user['BirthMonth'], $user['BirthYear'], $user['City'], $user['Country'], $user['TelHome'], $user['FaxHome'], $user['TelWork'], $user['FaxWork'], $user['TelMobile'], $user['TelPager'], $user['FirstName'], $user['Gender'], $user['Industry'], $user['LastName'], $user['Occupation'], $user['OtherEmail'], $user['PasswordQuestion'], $user['PostCode'], $user['State'], $pref['UserStatus'], $this->Account, $user['MailDir'], $user['UserQuota']);
if ($atmail->db->sqldo($query, $data) != 1) {
return -1;
}
// Build the query
$insert = '';
$values = '';
$data = array();
// Insert the users settings
foreach ($settings as $key => $value) {
if ($key == 'UserQuota') {
continue;
}
$insert .= Filter::cleanSqlFieldNames($key) . ',';
$values .= '?,';
// Insert custom preferences for account, depending on the
// new user form
if ($key == "RealName") {
$data[] = $user['FirstName'] . ' ' . $user['LastName'];
} elseif ($key == "LoginType") {
$data[] = $user['LoginType'];
} elseif ($key == "Service") {
$data[] = $user['Service'];
} elseif ($key == "ReplyTo" && $atmail->isset_chk($_REQUEST['email'])) {
$data[] = $_REQUEST['email'];
} elseif ($key == "ReplyTo" && !$atmail->isset_chk($_REQUEST['email'])) {
$data[] = $this->Account;
} elseif ($key == "Language" && $atmail->isset_chk($_REQUEST['Language'])) {
$data[] = $_REQUEST['Language'];
} else {
$data[] = $value;
}
}
$user_settings = $atmail->db->get('UserSettings');
$query = "INSERT INTO {$user_settings} ({$insert} Account) values ({$values} ?)";
$data[] = $this->Account;
if ($atmail->db->sqldo($query, $data) != 1) {
return -1;
}
list($this->username, $this->pop3host) = explode('@', $this->Account);
require_once 'GetMail.php';
//'Username' 'Pop3host' 'Type' 'Mode'
$mail = new GetMail(array('Username' => $this->username, 'Pop3host' => $this->pop3host, 'Type' => $settings['MailType'], 'Mode' => 'sql', 'UseSSL' => $settings['UseSSL']));
$mail->login();
// Create the users default folders
$folders = array('Inbox', 'Sent', 'Trash', 'Drafts', 'Spam');
foreach ($folders as $folder) {
$mail->newfolder($folder);
}
return 1;
}
}
if (!$atmail->Langage && !$atmail->LoginType) {
$atmail->Language = $settings['Language'];
$atmail->LoginType = 'xp';
}
$var['newfolder'] = $_REQUEST['NewFolder'];
$var['atmailstyle'] = $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle.css");
$var['atmailstyle'] .= $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle-form.css");
$var['mailstyle'] = $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/atmailstyle-mail.css");
// Make a new mail object, used to search and list the users folders
$mail = new GetMail(array('Username' => $atmail->username, 'Pop3host' => $atmail->pop3host, 'Password' => $auth->password, 'Type' => $atmail->MailType, 'Mode' => $atmail->Mode));
// Load an array of msgs selected to be moved
$msgs = $_REQUEST['id'];
// If a value exists in the array, start to move the messages.
if ($msgs[0]) {
$mail->login();
// Loop through the selected msgs to move, the new folder to move to
// is seperated by :: . e.g 56::Trash , msg 56 from the Trash folder
foreach ($msgs as $id) {
if (preg_match('/::(.*)/', $id, $m)) {
$folder = $m[1];
}
$id = preg_replace('/::.*/', '', $id);
// Don't move messages if we are already in the same folder
if ($folder == $var['newfolder']) {
continue;
}
$mail->move($id, $folder, $var['newfolder']);
$var['move']++;
}
print $atmail->parse("html/{$atmail->Language}/{$atmail->LoginType}/searchmove.html", $var);
$var['XML'] = $_REQUEST['XML'];
$var['suffix'] = '_ajax';
// Make sure we are ordering the query with an allowed field
if ($var['sort'] != "EmailFrom" && $var['sort'] != "EmailTo" && $var['sort'] != "EmailSubject" && $var['sort'] != "EmailAttach" && $var['sort'] != "EmailDate" && $var['sort'] != "id" && $var['sort'] != "EmailSize") {
$atmail->end();
}
// Load an array of msgs selected to be moved
$msgs = $_REQUEST['id'];
if (!is_array($msgs)) {
settype($msgs, 'array');
}
if (isset($_REQUEST['msgmove'])) {
$msgmove = $_REQUEST['msgmove'];
}
$mail = new GetMail(array('Username' => $atmail->username, 'Pop3host' => $atmail->pop3host, 'Password' => $auth->password, 'Type' => $atmail->MailType, 'Mode' => $atmail->Mode));
$status = $mail->login();
// We have an error while logging in. Tell the user
if ($status) {
print $atmail->parse("html/{$atmail->Language}/auth_misc.html", array('status' => "Remote mail-server not responding - Check connection - {$status}"));
$mail->quit();
$atmail->end();
}
// Receive the list of mailbox folders
$folders = GetMail::_sort_folders($mail->listfolders());
// Make sure the requested folder exists (help avoid XSS etc)
if (!empty($var['folder']) && !in_array($var['folder'], $folders)) {
die("requested folder does not exist");
}
$fol = array();
// Create the select box for moving messages to another folder
$var['folderbox'] = $mail->folder_select($var['folder'], $folders);
