function checkForm()
{
global $first_name, $last_name, $login, $password1, $password2, $email;
try {
$secret = filter_input(INPUT_POST, 'secret');
if (empty($last_name) || empty($first_name) || empty($login) || empty($password1) || empty($password2) || empty($email) || empty($secret)) {
throw new Exception('Нужно заполнить все поля');
}
if (!validLogin($login)) {
throw new Exception('Логин должен состоять из не мене 3-х букв латинского алфавиа цыфр и подчерка');
}
if (!validEmail($email)) {
throw new Exception('Неправильный email');
}
if ($password1 != $password1) {
throw new Exception('Пароли не совпадают');
}
if (!validUserName($first_name, $last_name)) {
throw new Exception('Имя и фамилия могут состоять только из букв');
}
if (userExists($login, $email)) {
throw new Exception('Такой логин или email уже существует.');
}
if ($secret != $_SESSION['secret']) {
throw new Exception('Неверно указано число с картинки');
}
} catch (Exception $exc) {
return $exc->getMessage();
}
}
function validEmailAddress($email)
{
$emailParts = split('@', $email);
if (validUserName($emailParts[0]) && validDomain($emailParts[1])) {
return TRUE;
}
return FALSE;
}
if (!$res) {
$err = oci_error($stid);
echo htmlentities($err['message']);
}
$row = oci_fetch_array($stid, OCI_ASSOC);
//If no username is found
if ($row == NULL) {
header("location:admin.php?dError=invalidUsername");
exit;
}
}
//Delete a user is clicked
if (isset($_POST["submitDeleteUser"])) {
$username = $_POST["deleteUsername"];
//Checks if the username exists
validUserName($username);
//Statement to delete the user
$conn = connect();
$sql = 'DELETE FROM users WHERE (user_name = \'' . $username . '\')';
$stid = oci_parse($conn, $sql);
$res = oci_execute($stid, OCI_DEFAULT);
//Return with error on failure
if (!$res) {
$err = oci_error($stid);
echo htmlentities($err['message']);
header("location:admin.php?dError=general");
exit;
}
$res = oci_commit($conn);
//Return on success
header("location:admin.php?dSuccess=user");
function addUser($newUser)
{
$username = $newUser['username'];
$domainId = $newUser['domainId'];
$pass = $newUser['pass'];
$repPass = $newUser['repPass'];
$name = $newUser['name'];
$active = $newUser['active'];
$errors = array();
$foundError = FALSE;
if (!$username) {
$foundError = TRUE;
$errors['username'] = '******';
}
if (!$domainId) {
$foundError = TRUE;
$errors['domain'] = 'This field is required';
}
if (!$pass) {
$foundError = TRUE;
$errors['password'] = '******';
}
if (!$repPass) {
$foundError = TRUE;
$errors['reppassword'] = '******';
}
if (!$active) {
$foundError = TRUE;
$errors['active'] = 'This field is required';
}
if ($foundError) {
print json_encode(array('success' => false, 'errors' => $errors));
return;
}
$username = strtolower($username);
if (!validUserName($username)) {
$foundError = TRUE;
$errors['username'] = '******';
}
$domain = getDomain($domainId);
if (!$domain) {
$foundError = TRUE;
$errors['domain'] = 'Invalid domain';
}
if ($foundError) {
print json_encode(array('success' => false, 'errors' => $errors));
return;
}
$email = $username . '@' . $domain;
$errors = array();
$foundError = FALSE;
if (userExists($email) || localForwardExists($email)) {
$foundError = TRUE;
$errors['username'] = '******';
}
if (strlen($pass) < 8) {
$foundError = TRUE;
$errors['password'] = '******';
}
if ($pass != $repPass) {
$foundError = TRUE;
$errors['reppassword'] = '******';
}
$adminDomains = getAdminDomains();
if (!in_array($domain, $adminDomains)) {
$foundError = TRUE;
$errors['domain'] = 'Permission denied on domain: ' . $domain;
}
// TODO add password complexity requirements here
if ($foundError) {
print json_encode(array('success' => false, 'errors' => $errors));
return;
}
if (!$name) {
$name = '';
}
if ($active == 'true') {
$active = 't';
} else {
$active = 'f';
}
$sql = 'INSERT INTO virtual_users (' . ' username,' . ' domain_id,' . ' password,' . ' role_id,' . ' description,' . ' active' . ' ) VALUES (?, ?, CRYPT(?, GEN_SALT(\'bf\', 8)), ?, ?, ?)';
$params = array($username, $domainId, $pass, getRoleId('user'), $name, $active);
beginTransaction();
$rs = db_do($sql, $params);
if (!$rs) {
cancelTransaction();
print json_encode(array('success' => false, 'errors' => array('username' => 'Unknown Error')));
return;
}
$userId = getUserId($email);
if (!$userId) {
cancelTransaction();
print json_encode(array('success' => false, 'errors' => array('username' => 'Unknown Error')));
return;
}
$alias = array('username' => $username, 'domain_id' => $domainId, 'destination' => $email, 'active' => $active);
$aliasId = db_insert('virtual_aliases', $alias, 'alias_id');
if (!$aliasId) {
cancelTransaction();
print json_encode(array('success' => false, 'errors' => array('username' => 'Unknown Error')));
return;
}
$alias['active'] = $active;
$alias['destination'] = $email . '@autoreply.' . $domain;
$aliasId = db_insert('virtual_aliases', $alias, 'alias_id');
if (!$aliasId) {
cancelTransaction();
print json_encode(array('success' => false, 'errors' => array('username' => 'Unknown Error')));
return;
}
endTransaction();
print json_encode(array('success' => true));
}
function modifyLocalAlias($aliasId, $name, $destination, $active)
{
if (!$active) {
$active = 'f';
} else {
$active = 't';
}
if (!$aliasId || !$name || !$destination || !$active) {
return FALSE;
}
if (!isSiteAdmin()) {
return FALSE;
}
if (!localAliasExistsById($aliasId)) {
return FALSE;
}
if (!validUserName($name)) {
return FALSE;
}
if (!validLocalAliasDestination($destination)) {
return FALSE;
}
$updates = array('name' => $name, 'destination' => $destination, 'active' => $active);
$conditions = array('alias_id' => $aliasId);
return db_update('local_aliases', $updates, $conditions);
}
function addLocalForward($username, $domainId, $destination, $active, $printErrors = TRUE)
{
if (!isSiteAdmin()) {
if ($printErrors) {
print json_encode(array('success' => false, 'errors' => array('username' => 'Permission denied')));
}
return FALSE;
}
if ($active) {
$active = 't';
} else {
$active = 'f';
}
$errors = array();
$foundError = FALSE;
if (!$username) {
$foundError = TRUE;
$errors['username'] = '******';
}
if (!$domainId) {
$foundError = TRUE;
$errors['domain'] = 'This field is required';
}
if (!$destination) {
$foundError = TRUE;
$errors['destination'] = 'This field is required';
}
if (!$active) {
$foundError = TRUE;
$errors['active'] = 'This field is required';
}
if ($foundError) {
if ($printErrors) {
print json_encode(array('success' => false, 'errors' => $errors));
}
return FALSE;
}
$username = strtolower($username);
if (!validUserName($username)) {
$foundError = TRUE;
$errors['username'] = '******';
}
$domain = getDomain($domainId);
if (!$domain) {
$foundError = TRUE;
$errors['domain'] = 'Invalid domain';
}
if (!validUserName($destination)) {
$foundError = TRUE;
$errors['destination'] = 'Invalid destination';
}
if ($foundError) {
if ($printErrors) {
print json_encode(array('success' => false, 'errors' => $errors));
}
return FALSE;
}
$email = $username . '@' . $domain;
if (userExists($email) || localForwardExists($email)) {
if ($printErrors) {
print json_encode(array('success' => false, 'errors' => array('username' => 'Username already exists')));
}
return FALSE;
}
$params = array('username' => $username, 'domain_id' => $domainId, 'destination' => $destination, 'active' => $active);
return db_insert('virtual_aliases', $params, 'alias_id');
}
function addAlias($username, $domainId, $destinationId, $active)
{
if ($active) {
$active = 't';
} else {
$active = 'f';
}
$foundError = FALSE;
$errors = array();
if (!$username) {
$errors['username'] = '******';
$foundError = TRUE;
}
if (!$domainId) {
$errors['domain'] = 'This field is required';
$foundError = TRUE;
}
if (!$destinationId) {
$errors['destination'] = 'This field is required';
$foundError = TRUE;
}
if ($foundError) {
print json_encode(array('success' => false, 'errors' => $errors));
return FALSE;
}
$username = strtolower($username);
if (!validUserName($username)) {
$errors['username'] = '******';
print json_encode(array('success' => false, 'errors' => $errors));
return FALSE;
}
$domain = getDomain($domainId);
if (!$domain) {
$errors['domain'] = 'Invalid domain';
$foundError = TRUE;
}
$email = $username . '@' . $domain;
if (userExists($email) || localForwardExists($email)) {
$errors['username'] = '******';
$foundError = TRUE;
}
$destination = getUserEmail($destinationId);
if (!$destination) {
$errors['destination'] = 'Invalid destination';
$foundError = TRUE;
}
if ($foundError) {
print json_encode(array('success' => false, 'errors' => $errors));
return FALSE;
}
if (aliasExists($email, $destination)) {
$errors['username'] = '******';
$foundError = TRUE;
}
$adminDomains = getAdminDomains();
if (!in_array($domain, $adminDomains)) {
$errors['domain'] = 'Permission denied on domain: ' . $domain;
$foundError = TRUE;
}
$destinationParts = split('@', $destination);
$destinationDomain = $destinationParts[1];
if (!in_array($destinationDomain, $adminDomains)) {
$errors['destination'] = 'Permission denied on domain: ' . $destinationDomain;
$foundError = TRUE;
}
if ($foundError) {
print json_encode(array('success' => false, 'errors' => $errors));
return FALSE;
}
$params = array('username' => $username, 'domain_id' => $domainId, 'destination' => $destination, 'active' => $active);
$ret = db_insert('virtual_aliases', $params, 'alias_id');
if ($ret) {
print json_encode(array('success' => TRUE));
return;
}
print json_encode(array('success' => FALSE, 'msg' => 'Unknown error'));
}