} $query = "INSERT INTO domains \n (domain, spamassassin, sa_tag, sa_refuse, avscan,\n max_accounts, quotas, maildir, pipe, enabled, uid, gid,\n type, maxmsgsize)\n VALUES (:domain, :spamassassin, :sa_tag, :sa_refuse,\n :avscan, :max_accounts, :quotas, :maildir, :pipe, :enabled,\n :uid, :gid, :type, :maxmsgsize)"; $sth = $dbh->prepare($query); $success = $sth->execute(array(':domain' => $_POST['domain'], ':spamassassin' => $_POST['spamassassin'], ':sa_tag' => isset($_POST['sa_tag']) ? $_POST['sa_tag'] : $sa_tag, ':sa_refuse' => isset($_POST['sa_refuse']) ? $_POST['sa_refuse'] : $sa_refuse, ':avscan' => $_POST['avscan'], ':max_accounts' => $_POST['max_accounts'], ':quotas' => isset($_POST['quotas']) ? $_POST['quotas'] : 0, ':maildir' => isset($_POST['maildir']) ? $domainpath : '', ':pipe' => $_POST['pipe'], ':enabled' => $_POST['enabled'], ':uid' => $uid, ':gid' => $gid, ':type' => $_POST['type'], ':maxmsgsize' => isset($_POST['maxmsgsize']) ? $_POST['maxmsgsize'] : 0)); if ($success) { if ($_POST['type'] == "local") { $query = "INSERT INTO users\n (domain_id, localpart, username, crypt, uid, gid, smtp, pop, realname, type, admin)\n SELECT domain_id, :localpart, :username, :crypt, :uid, :gid, :smtp, :pop, 'Domain Admin', 'local', 1\n FROM domains\n WHERE domains.domain=:domain"; $sth = $dbh->prepare($query); $success = $sth->execute(array(':localpart' => $_POST['localpart'], ':username' => $_POST['localpart'] . '@' . $_POST['domain'], ':crypt' => crypt_password($_POST['clear']), ':uid' => $uid, ':gid' => $gid, ':smtp' => $smtphomepath, ':pop' => $pophomepath, ':domain' => $_POST['domain'])); // Is using indexes worth setting the domain_id by hand? -- GCBirzan if (!$success) { header("Location: site.php?failaddedusrerr={$_POST['domain']}"); die; } else { header("Location: site.php?added={$_POST['domain']}" . "&type={$_POST['type']}"); mail("{$_POST['localpart']}@{$_POST['domain']}", vexim_encode_header(_("Welcome Domain Admin!")), "{$welcome_newdomain}", "From: {$_POST['localpart']}@{$_POST['domain']}\r\nMIME-Version: 1.0\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Transfer-Encoding: 8bit\r\n"); die; } } else { header("Location: site.php?added={$_POST['domain']}" . "&type={$_POST['type']}"); die; } } else { header("Location: site.php?failaddeddomerr={$_POST['domain']}"); die; } } else { if ($_POST['type'] == "alias") { $query = "INSERT INTO domainalias (domain_id, alias)\n SELECT domains.domain_id, :alias FROM domains WHERE domains.domain_id=:domain_id"; $sth = $dbh->prepare($query); $sth->execute(array(':domain_id' => $_POST['aliasdest'], ':alias' => $_POST['domain']));
if ($sth->rowCount()) { $row = $sth->fetch(); } if ($_POST['on_piped'] == 1 && $_POST['smtp'] != '') { $smtphomepath = $_POST['smtp']; $pophomepath = "{$row['maildir']}/{$_POST['localpart']}"; $_POST['type'] = 'piped'; } else { $smtphomepath = "{$row['maildir']}/{$_POST['localpart']}/Maildir"; $pophomepath = "{$row['maildir']}/{$_POST['localpart']}"; $_POST['type'] = 'local'; } if (validate_password($_POST['clear'], $_POST['vclear'])) { $query = "INSERT INTO users (localpart, username, domain_id, crypt,\n smtp, pop, uid, gid, realname, type, admin, on_avscan, on_piped,\n on_spamassassin, sa_tag, sa_refuse, maxmsgsize, enabled, quota)\n VALUES (:localpart, :username, :domain_id, :crypt, :smtp, :pop, :uid, :gid,\n :realname, :type, :admin, :on_avscan, :on_piped, :on_spamassassin,\n :sa_tag, :sa_refuse, :maxmsgsize, :enabled, :quota)"; $sth = $dbh->prepare($query); $success = $sth->execute(array(':localpart' => $_POST['localpart'], ':localpart' => $_POST['localpart'], ':username' => $_POST['localpart'] . '@' . $_SESSION['domain'], ':domain_id' => $_SESSION['domain_id'], ':crypt' => crypt_password($_POST['clear'], $salt), ':smtp' => $smtphomepath, ':pop' => $pophomepath, ':uid' => $_POST['uid'], ':gid' => $_POST['gid'], ':realname' => $_POST['realname'], ':type' => $_POST['type'], ':admin' => $_POST['admin'], ':on_avscan' => $_POST['on_avscan'], ':on_piped' => $_POST['on_piped'], ':on_spamassassin' => $_POST['on_spamassassin'], ':sa_tag' => isset($_POST['sa_tag']) ? $_POST['sa_tag'] : 0, ':sa_refuse' => isset($_POST['sa_refuse']) ? $_POST['sa_refuse'] : 0, ':maxmsgsize' => $_POST['maxmsgsize'], ':enabled' => $_POST['enabled'], ':quota' => $_POST['quota'])); if ($success) { header("Location: adminuser.php?added={$_POST['localpart']}"); mail("{$_POST['localpart']}@{$_SESSION['domain']}", vexim_encode_header(sprintf(_("Welcome %s!"), $_POST['realname'])), "{$welcome_message}", "From: {$_SESSION['localpart']}@{$_SESSION['domain']}\r\nMIME-Version: 1.0\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Transfer-Encoding: 8bit\r\n"); die; } else { header("Location: adminuser.php?failadded={$_POST['localpart']}"); die; } } else { header("Location: adminuser.php?badpass={$_POST['localpart']}"); die; } ?> <!-- Layout and CSS tricks obtained from http://www.bluerobot.com/web/layouts/ -->