* tDomain
*
* Form POST \ GET Variables:
*
* fUsername
* fPassword
* fPassword2
* fName
* fQuota
* fDomain
* fActive
* fMail
*/
require_once 'common.php';
authentication_require_role('admin');
$SESSID_USERNAME = authentication_get_username();
if (authentication_has_role('global-admin')) {
$list_domains = list_domains();
} else {
$list_domains = list_domains_for_admin($SESSID_USERNAME);
}
$pCreate_mailbox_password_text = $PALANG['pCreate_mailbox_password_text'];
$pCreate_mailbox_name_text = $PALANG['pCreate_mailbox_name_text'];
$pCreate_mailbox_quota_text = $PALANG['pCreate_mailbox_quota_text'];
if ($_SERVER['REQUEST_METHOD'] == "GET") {
$fDomain = $list_domains[0];
if (isset($_GET['domain'])) {
$fDomain = escape_string($_GET['domain']);
}
if (!in_array($fDomain, $list_domains)) {
die("Invalid domain name selected, or you tried to select a domain you are not an admin for");
# no domains (for this admin at least) - redirect to domain list
exit;
}
if (is_array($list_domains) and sizeof($list_domains) > 0) {
if (empty($fDomain)) {
$fDomain = escape_string($list_domains[0]);
}
}
if (!in_array($fDomain, $list_domains)) {
flash_error($PALANG['invalid_parameter']);
unset($_SESSION['list-virtual:domain']);
header("Location: list.php?table=domain");
# invalid domain, or not owned by this admin
exit;
}
if (!check_owner(authentication_get_username(), $fDomain)) {
flash_error($PALANG['invalid_parameter'] . " If you see this message, please open a bugreport");
# this check is most probably obsoleted by the in_array() check above
unset($_SESSION['list-virtual:domain']);
header("Location: list.php?table=domain");
# domain not owned by this admin
exit(0);
}
// store domain and page browser offset in $_SESSION so after adding/editing aliases/mailboxes we can
// take the user back to the appropriate domain listing.
$_SESSION['list-virtual:domain'] = $fDomain;
$_SESSION['prefill:alias:domain'] = $fDomain;
$_SESSION['prefill:mailbox:domain'] = $fDomain;
$_SESSION['prefill:aliasdomain:target_domain'] = $fDomain;
$_SESSION['list-virtual:limit'] = $fDisplay;
#
$admin_properties = get_admin_properties($fUsername);
}
} else {
$list_admins = array(authentication_get_username());
$is_superadmin = 0;
$fUsername = "";
}
if (isset($admin_properties) && $admin_properties['domain_count'] == 'ALL') {
# list all domains for superadmins
$list_domains = list_domains();
} elseif (!empty($fUsername)) {
$list_domains = list_domains_for_admin($fUsername);
} elseif ($is_superadmin) {
$list_domains = list_domains();
} else {
$list_domains = list_domains_for_admin(authentication_get_username());
}
if (!empty($list_domains)) {
for ($i = 0; $i < sizeof($list_domains); $i++) {
$domain_properties[$i] = get_domain_properties($list_domains[$i]);
}
}
#}
include "templates/header.php";
include "templates/menu.php";
if ($is_superadmin) {
include "templates/admin_list-domain.php";
} else {
include "templates/overview-get.php";
}
include "templates/footer.php";
*
* Further details on the project are available at http://postfixadmin.sf.net
*
* @version $Id: delete.php 1733 2014-11-02 23:06:13Z christian_boltz $
* @license GNU GPL v2 or later.
*
* File: delete.php
* Used to delete admins, domains, mailboxes, aliases etc.
*
* Template File: none
*/
require_once 'common.php';
if (safeget('token') != $_SESSION['PFA_token']) {
die('Invalid token!');
}
$username = authentication_get_username();
# enforce login
$id = safeget('delete');
$table = safeget('table');
$handlerclass = ucfirst($table) . 'Handler';
if (!preg_match('/^[a-z]+$/', $table) || !file_exists("model/{$handlerclass}.php")) {
# validate $table
die("Invalid table name given!");
}
$is_admin = authentication_has_role('admin');
$handler = new $handlerclass(0, $username, $is_admin);
$formconf = $handler->webformConfig();
if ($is_admin) {
authentication_require_role($formconf['required_role']);
} else {
if (empty($formconf['user_hardcoded_field'])) {
<?php
if (!defined('POSTFIXADMIN')) {
die("This file cannot be used standalone.");
}
?>
<div id="footer">
<a target="_blank" href="http://postfixadmin.com/">Postfix Admin <?php
print $version;
?>
</a>
|
<?php
if (isset($_SESSION['sessid']['username'])) {
printf($PALANG['pFooter_logged_as'], authentication_get_username());
}
?>
|
<a target="_blank" href="http://postfixadmin.sf.net/update-check.php?version=<?php
print $version;
?>
"><?php
print $PALANG['check_update'];
?>
</a>
<?php
if ($CONF['show_footer_text'] == "YES" and $CONF['footer_link']) {
print " | ";
print "<a href=\"" . $CONF['footer_link'] . "\">" . $CONF['footer_text'] . "</a>\n";
}
/**
* db_log
* Action: Logs actions from admin
* Call: db_log (string domain, string action, string data)
* Possible actions are defined in $LANG["pViewlog_action_$action"]
*/
function db_log($domain, $action, $data)
{
$REMOTE_ADDR = getRemoteAddr();
$username = authentication_get_username();
if (Config::Lang("pViewlog_action_{$action}") == '') {
die("Invalid log action : {$action}");
// could do with something better?
}
if (Config::bool('logging')) {
$logdata = array('username' => "{$username} ({$REMOTE_ADDR})", 'domain' => $domain, 'action' => $action, 'data' => $data);
$result = db_insert('log', $logdata, array('timestamp'));
if ($result != 1) {
return false;
} else {
return true;
}
}
}
