}
if ($testmailroot && is_dir(realpath($_POST['maildir'])) === false) {
header("Location: site.php?failmaildirmissing={$_POST['maildir']}");
die;
}
$domainpath = $_POST['maildir'];
if (substr($domainpath, -1) !== '/') {
$domainpath .= '/';
}
$domainpath .= $_POST['domain'];
$smtphomepath = $domainpath . "/" . $_POST['localpart'] . "/Maildir";
$pophomepath = $domainpath . "/" . $_POST['localpart'];
}
//Gah. Transactions!! -- GCBirzan
if (validate_password($_POST['clear'], $_POST['vclear']) && $_POST['type'] != "alias") {
if (!password_strengthcheck($_POST['clear'])) {
header("Location: site.php?weakpass={$_POST['domain']}");
die;
}
$query = "INSERT INTO domains \n (domain, spamassassin, sa_tag, sa_refuse, avscan,\n max_accounts, quotas, maildir, pipe, enabled, uid, gid,\n type, maxmsgsize)\n VALUES (:domain, :spamassassin, :sa_tag, :sa_refuse,\n :avscan, :max_accounts, :quotas, :maildir, :pipe, :enabled,\n :uid, :gid, :type, :maxmsgsize)";
$sth = $dbh->prepare($query);
$success = $sth->execute(array(':domain' => $_POST['domain'], ':spamassassin' => $_POST['spamassassin'], ':sa_tag' => isset($_POST['sa_tag']) ? $_POST['sa_tag'] : $sa_tag, ':sa_refuse' => isset($_POST['sa_refuse']) ? $_POST['sa_refuse'] : $sa_refuse, ':avscan' => $_POST['avscan'], ':max_accounts' => $_POST['max_accounts'], ':quotas' => isset($_POST['quotas']) ? $_POST['quotas'] : 0, ':maildir' => isset($_POST['maildir']) ? $domainpath : '', ':pipe' => $_POST['pipe'], ':enabled' => $_POST['enabled'], ':uid' => $uid, ':gid' => $gid, ':type' => $_POST['type'], ':maxmsgsize' => isset($_POST['maxmsgsize']) ? $_POST['maxmsgsize'] : 0));
if ($success) {
if ($_POST['type'] == "local") {
$query = "INSERT INTO users\n (domain_id, localpart, username, crypt, uid, gid, smtp, pop, realname, type, admin)\n SELECT domain_id, :localpart, :username, :crypt, :uid, :gid, :smtp, :pop, 'Domain Admin', 'local', 1\n FROM domains\n WHERE domains.domain=:domain";
$sth = $dbh->prepare($query);
$success = $sth->execute(array(':localpart' => $_POST['localpart'], ':username' => $_POST['localpart'] . '@' . $_POST['domain'], ':crypt' => crypt_password($_POST['clear']), ':uid' => $uid, ':gid' => $gid, ':smtp' => $smtphomepath, ':pop' => $pophomepath, ':domain' => $_POST['domain']));
// Is using indexes worth setting the domain_id by hand? -- GCBirzan
if (!$success) {
header("Location: site.php?failaddedusrerr={$_POST['domain']}");
die;
$sth->execute(array(':domain_id' => $_SESSION['domain_id']));
$row = $sth->fetch();
if (isset($_POST['on_avscan']) && $row['avscan'] == 1) {
$_POST['on_avscan'] = 1;
} else {
$_POST['on_avscan'] = 0;
}
if (isset($_POST['on_spamassassin']) && $row['spamassassin'] == 1) {
$_POST['on_spamassassin'] = 1;
} else {
$_POST['on_spamassassin'] = 0;
}
# Update the password, if the password was given
if (isset($_POST['password']) && $_POST['password'] !== '') {
if (validate_password($_POST['password'], $_POST['vpassword'])) {
if (!password_strengthcheck($_POST['password'])) {
header("Location: adminalias.php?weakpass={$_POST['localpart']}");
die;
}
$cryptedpassword = crypt_password($_POST['password']);
$query = "UPDATE users SET crypt=:crypt WHERE user_id=:user_id AND domain_id=:domain_id AND type='alias'";
$sth = $dbh->prepare($query);
$success = $sth->execute(array(':crypt' => $cryptedpassword, ':user_id' => $_POST['user_id'], ':domain_id' => $_SESSION['domain_id']));
if ($success) {
if ($_POST['localpart'] == $_SESSION['localpart']) {
$_SESSION['crypt'] = $cryptedpassword;
}
} else {
header('Location: adminalias.php?failedupdated=' . $_POST['localpart']);
die;
}
