$domainid = hmailGetVar("domainid", null);
if (hmailGetAdminLevel() == 0) {
hmailHackingAttemp();
}
// Users are not allowed to show this page.
if (hmailGetAdminLevel() == 1 && $domainid != hmailGetDomainID()) {
hmailHackingAttemp();
}
// Domain admin but not for this domain.
echo '<table border="0" width="100%" cellpadding="5">';
$bgcolor = "#EEEEEE";
$obDomain = $obBaseApp->Domains->ItemByDBID($domainid);
$obAccounts = $obDomain->Accounts();
$Count = $obAccounts->Count();
$str_delete = $obLanguage->String("Remove");
$currentaccountid = hmailGetAccountID();
$str_accountaddress = $obLanguage->String("Address");
$str_maxsizemb = $obLanguage->String("Maximum size (MB)");
echo "<tr bgcolor=\"#CCCCCC\">";
echo "<td width=\"60%\">{$str_accountaddress}</td>";
echo "<td width=\"20%\">{$str_maxsizemb}</td>";
echo "<td width=\"20%\"></td>";
echo "</tr>";
$obAccounts = $obDomain->Accounts;
for ($i = 0; $i < $Count; $i++) {
$obAccount = $obAccounts->Item($i);
$accountaddress = $obAccount->Address;
$accountid = $obAccount->ID;
$accountmaxsize = $obAccount->MaxSize();
$accountaddress = PreprocessOutput($accountaddress);
$accountaddress_escaped = GetStringForJavaScript($accountaddress);
<?php
if (!defined('IN_WEBADMIN')) {
exit;
}
$domainid = hmailGetVar("domainid", 0);
$accountid = hmailGetVar("accountid", 0);
$faid = hmailGetVar("faid", 0);
$action = hmailGetVar("action", "");
if (hmailGetAdminLevel() == 0 && ($accountid != hmailGetAccountID() || $domainid != hmailGetDomainID())) {
hmailHackingAttemp();
}
if (hmailGetAdminLevel() == 1 && $domainid != hmailGetDomainID()) {
hmailHackingAttemp();
}
// Domain admin but not for this domain.
$obDomain = $obBaseApp->Domains->ItemByDBID($domainid);
$obAccount = $obDomain->Accounts->ItemByDBID($accountid);
$obFetchAccounts = $obAccount->FetchAccounts();
if ($action == "edit") {
$obFA = $obFetchAccounts->ItemByDBID($faid);
} elseif ($action == "add") {
$obFA = $obFetchAccounts->Add();
} elseif ($action == "delete") {
$obFetchAccounts->DeleteByDBID($faid);
header("Location: index.php?page=account_externalaccounts&domainid={$domainid}&accountid={$accountid}");
exit;
} elseif ($action == "downloadnow") {
$obFA = $obFetchAccounts->ItemByDBID($faid);
$obFA->DownloadNow();
header("Location: index.php?page=account_externalaccounts&domainid={$domainid}&accountid={$accountid}");
function GetHasRuleAccess($domainid, $accountid)
{
global $hmail_config;
if (hmailGetAdminLevel() == ADMIN_SERVER) {
// server admin always have access.
return true;
} else {
if (hmailGetAdminLevel() == ADMIN_DOMAIN) {
// Domain admin has access if domain access is enabled.
if ($hmail_config['rule_editing_level'] == ADMIN_DOMAIN && hmailGetDomainID() == $domainid && $accountid != 0) {
return true;
}
// Domain admin has access if user-level is permitted and the account
// is under the domain admins control.
if ($hmail_config['rule_editing_level'] == ADMIN_USER && hmailGetDomainID() == $domainid) {
return true;
}
} else {
if (hmailGetAdminLevel() == ADMIN_USER) {
// user has access if enabled and the rule is connected to his account.
if ($hmail_config['rule_editing_level'] == ADMIN_USER && hmailGetDomainID() == $domainid && hmailGetAccountID() == $accountid) {
return true;
}
}
}
}
return false;
}
$addomain = hmailGetVar("addomain", "0");
$adusername = hmailGetVar("adusername", "");
$SignatureEnabled = hmailGetVar("SignatureEnabled", "0");
$SignatureHTML = hmailGetVar("SignatureHTML", "");
$SignaturePlainText = hmailGetVar("SignaturePlainText", "0");
if ($action == "edit") {
$obAccount = $obDomain->Accounts->ItemByDBID($accountid);
} elseif ($action == "add") {
$obAccount = $obDomain->Accounts->Add();
} elseif ($action == "delete") {
$obAccount = $obDomain->Accounts->DeleteByDBID($accountid);
header("Location: index.php?page=accounts&domainid={$domainid}");
exit;
}
// If this is the current user, we need to update the session password.
if ($action == "edit" && $accountid == hmailGetAccountID()) {
if ($accountpassword != "") {
$_SESSION['session_password'] = $accountpassword;
}
}
if ($accountpassword != "") {
$obAccount->Password = "******";
}
$obAccount->PersonFirstName = $PersonFirstName;
$obAccount->PersonLastName = $PersonLastName;
$obAccount->VacationMessageIsOn = $vacationmessageon == "1";
$obAccount->VacationSubject = $vacationsubject;
$obAccount->VacationMessage = $vacationmessage;
$obAccount->VacationMessageExpires = $vacationmessageexpires;
$obAccount->VacationMessageExpiresDate = $vacationmessageexpiresdate;
$obAccount->ForwardEnabled = $forwardenabled == "1";
