function add_policy($email)
{
global $dbh;
$policy_id = 0;
$domain = "@" . get_domain_from_email($email);
$select = "SELECT virus_lover, " . "spam_lover, " . "banned_files_lover, " . "bad_header_lover, " . "bypass_virus_checks, " . "bypass_spam_checks, " . "bypass_banned_checks, " . "bypass_header_checks, " . "discard_viruses, " . "discard_spam, " . "discard_banned_files, " . "discard_bad_headers, " . "spam_modifies_subj, " . "spam_tag_level, " . "spam_tag2_level, " . "spam_kill_level " . "FROM policy WHERE policy_name = ?";
// Try to find a domain-based set of defaults for this user,
// based on his e-mail address.
$sth = $dbh->query($select, array($domain));
if ($row = $sth->fetchRow()) {
$virus_lover = $row["virus_lover"];
$spam_lover = $row["spam_lover"];
$bad_header_lover = $row["bad_header_lover"];
$banned_files_lover = $row["banned_files_lover"];
$bypass_virus_checks = $row["bypass_virus_checks"];
$bypass_spam_checks = $row["bypass_spam_checks"];
$bypass_banned_checks = $row["bypass_banned_checks"];
$bypass_header_checks = $row["bypass_header_checks"];
$discard_viruses = $row["discard_viruses"];
$discard_spam = $row["discard_spam"];
$discard_banned_files = $row["discard_banned_files"];
$discard_bad_headers = $row["discard_bad_headers"];
$spam_modifies_subj = $row["spam_modifies_subj"];
$spam_tag_level = $row["spam_tag_level"];
$spam_tag2_level = $row["spam_tag2_level"];
$spam_kill_level = $row["spam_kill_level"];
$nodefault = false;
} else {
$sth->free();
// Try to find a "Default" policy (@.) to copy defaults from.
$sth = $dbh->query($select, array("Default"));
if ($row = $sth->fetchRow()) {
$virus_lover = $row["virus_lover"];
$spam_lover = $row["spam_lover"];
$bad_header_lover = $row["bad_header_lover"];
$banned_files_lover = $row["banned_files_lover"];
$bypass_virus_checks = $row["bypass_virus_checks"];
$bypass_spam_checks = $row["bypass_spam_checks"];
$bypass_banned_checks = $row["bypass_banned_checks"];
$bypass_header_checks = $row["bypass_header_checks"];
$discard_viruses = $row["discard_viruses"];
$discard_spam = $row["discard_spam"];
$discard_banned_files = $row["discard_banned_files"];
$discard_bad_headers = $row["discard_bad_headers"];
$spam_modifies_subj = $row["spam_modifies_subj"];
$spam_tag_level = $row["spam_tag_level"];
$spam_tag2_level = $row["spam_tag2_level"];
$spam_kill_level = $row["spam_kill_level"];
$nodefault = false;
} else {
// No suitable defaults found.
$nodefault = true;
}
}
$sth->free();
if ($nodefault) {
// Use the database defaults as our last resort.
$insert = "INSERT INTO policy (policy_name) VALUES (?)";
$dbh->query($insert, array($email));
} else {
// Use the domain or system default values found above.
$insert = "INSERT INTO policy (policy_name, " . "virus_lover, " . "spam_lover, " . "banned_files_lover, " . "bad_header_lover, " . "bypass_virus_checks, " . "bypass_spam_checks, " . "bypass_banned_checks, " . "bypass_header_checks, " . "discard_viruses, " . "discard_spam, " . "discard_banned_files, " . "discard_bad_headers, " . "spam_modifies_subj, " . "spam_tag_level, " . "spam_tag2_level, " . "spam_kill_level" . ") VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)";
$dbh->query($insert, array($email, $virus_lover, $spam_lover, $banned_files_lover, $bad_header_lover, $bypass_virus_checks, $bypass_spam_checks, $bypass_banned_checks, $bypass_header_checks, $discard_viruses, $discard_spam, $discard_banned_files, $discard_bad_headers, $spam_modifies_subj, $spam_tag_level, $spam_tag2_level, $spam_kill_level));
}
$select = "SELECT id FROM policy WHERE policy_name = ?";
$sth = $dbh->query($select, array($email));
if ($row = $sth->fetchRow()) {
$policy_id = $row["id"];
}
$sth->free();
return $policy_id;
}
/**
* Queries the domain for this email address to see if it supports WebFinger, and
* if it does returns the right URL to call to get information on the address
*
* @param string $email The email address of the user
* @return string The URL to call to get information, or null if none found
*/
function webfinger_query_url_for_email($email)
{
$domain = get_domain_from_email($email);
if (empty($domain)) {
return null;
}
// First, ask the server for a list of the services it supports, so we can
// look through that list for WebFinger
$endpoint_url = WEBFINGER_ENDPOINT_PREFIX;
$endpoint_url .= $domain;
$endpoint_url .= WEBFINGER_ENDPOINT_SUFFIX;
$endpoint_result = http_request($endpoint_url);
if (!did_http_succeed($endpoint_result)) {
return null;
}
$endpoint_xml = $endpoint_result['body'];
$endpoint_data = convert_xml_string_to_array($endpoint_xml);
if (!isset($endpoint_data['xrd']['link'])) {
return null;
}
$endpoint_links = $endpoint_data['xrd']['link'];
// If there was a single link tag, we'll get its contents in $endpoint_links, but
// if multiple links were present, the contents will be an numeric array of them all.
// To normalize this, put lone tags into their own array.
if (!isset($endpoint_links[0])) {
$endpoint_links_list = array($endpoint_links);
} else {
$endpoint_links_list = $endpoint_links;
}
// Now search for a link with the right service rel tag, and get the URL template
$template = null;
foreach ($endpoint_links_list as $link) {
if (!isset($link['@attributes']['rel'])) {
continue;
}
$rel = $link['@attributes']['rel'];
if ($rel !== WEBFINGER_SERVICE_REL_TYPE) {
continue;
}
if (!isset($link['@attributes']['template'])) {
continue;
}
$template = $link['@attributes']['template'];
}
if (empty($template)) {
return null;
}
if (!strpos($template, '{uri}')) {
return null;
}
// Finally substitute the actual email address into the generic template
$result = str_replace('{uri}', urlencode('acct:' . $email), $template);
return $result;
}
header("Location: index.php" . $sid);
exit;
}
$id = trim($_GET["id"]);
// Make sure this administrator has the right to impersonate
// this specific user.
$privilege = false;
if (is_a_domain_default_user($id)) {
$domain_id = get_domain_id(get_user_name($id));
$privilege = is_admin_for_domain($uid, $domain_id);
} else {
if (!is_superadmin($uid)) {
$select = "SELECT email FROM users WHERE maia_user_id = ?";
$sth = $dbh->query($select, array($id));
while (!$privilege && ($row = $sth->fetchRow())) {
$domain_id = get_domain_id("@" . get_domain_from_email($row["email"]));
$privilege = is_admin_for_domain($uid, $domain_id);
}
$sth->free();
} else {
// superadmin gets privs
$privilege = true;
}
}
if ($id < 1 || !$privilege) {
header("Location: admindex.php" . $sid);
exit;
}
// Assume the user's UID as our EUID
$_SESSION["euid"] = $id;
// Go to the main page as if the user we're impersonating
$logger->err("xsettings.php: address_id not found.");
header("Location: index.php{$msid}");
exit;
}
$sth = $dbh->prepare("SELECT policy_id, email, maia_user_id FROM users\n WHERE users.maia_user_id = ? AND users.id = ?");
$res = $sth->execute(array($euid, $address_id));
if (PEAR::isError($sth)) {
die($sth->getMessage());
}
if ($res->numRows() == 0) {
$logger->err("xsettings.php: address_id doesn't belong to effective user: {$address_id}");
header("Location: logout.php");
exit;
}
$row = $res->fetchRow();
if (!(is_admin_for_domain($uid, get_domain_id("@" . get_domain_from_email($row["email"]))) || $super || $row["maia_user_id"] == $euid)) {
$logger->err("xsettings.php: failed security check.");
header("Location: logout.php");
exit;
}
$policy_id = $row['policy_id'];
$sth->free();
$sth = $dbh->prepare("SELECT virus_lover, " . "spam_lover, " . "banned_files_lover, " . "bad_header_lover, " . "bypass_virus_checks, " . "bypass_spam_checks, " . "bypass_banned_checks, " . "bypass_header_checks, " . "discard_viruses, " . "discard_spam, " . "discard_banned_files, " . "discard_bad_headers, " . "spam_modifies_subj, " . "spam_tag_level, " . "spam_tag2_level, " . "spam_kill_level " . "FROM policy WHERE id = ?");
$res = $sth->execute(array($policy_id));
if (PEAR::isError($sth)) {
die($sth->getMessage());
}
if ($row = $res->fetchRow()) {
$default_quarantine_viruses = $row["virus_lover"] == "N";
$default_quarantine_spam = $row["spam_lover"] == "N";
$default_quarantine_banned_files = $row["banned_files_lover"] == "N";
$new_email = $username . "@" . $routing_domain;
} elseif ($auth_method == "imap") {
$new_email = get_rewritten_email_address($new_email, $address_rewriting_type);
$username = get_user_from_email($new_email);
} elseif ($auth_method == "internal") {
$new_email = get_rewritten_email_address($new_email, $address_rewriting_type);
$username = $new_email;
} else {
$username = get_user_from_email($new_email);
}
$bad_user = empty($username);
$smarty->assign("bad_user", $bad_user);
if (!$super && !$bad_user) {
// Make sure the new address is in a domain that
// this administrator controls.
$domain = "@" . get_domain_from_email($new_email);
$select = "SELECT id " . "FROM maia_domains, maia_domain_admins " . "WHERE maia_domains.id = maia_domain_admins.domain_id " . "AND maia_domain_admins.admin_id = ? " . "AND maia_domains.domain = ?";
$sth = $dbh->prepare($select);
$res = $sth->execute(array($uid, $domain));
if (PEAR::isError($sth)) {
die($sth->getMessage());
}
$bad_domain = !$res->fetchrow();
$smarty->assign("bad_domain", $bad_domain);
$sth->free();
}
if (($super || !$bad_domain) && !$bad_user) {
// Only add the new address if it doesn't already exist.
$sth = $dbh->prepare("SELECT maia_user_id FROM users WHERE email = ?");
$res = $sth->execute(array($new_email));
if (PEAR::isError($sth)) {
function add_user($user_name, $email)
{
global $dbh;
global $logger;
// get domain default if available....
$domain = get_domain_from_email($email);
$domain_id = get_user_id("@" . $domain, "@" . $domain);
if ($domain_id != 0) {
$domain_defaults = get_maia_user_row($domain_id);
} else {
$domain_defaults = get_maia_user_row(get_user_id("@.", "@."));
}
// Add an entry to the maia_users table
$sth = $dbh->prepare("INSERT INTO maia_users (user_name, reminders, charts, language, auto_whitelist, " . "items_per_page, theme_id, quarantine_digest_interval, truncate_subject, truncate_email, spamtrap) " . "VALUES (?,?,?,?,?,?,?,?,?,?,'N')");
$res = $sth->execute(array($user_name, $domain_defaults["reminders"], $domain_defaults["charts"], $domain_defaults["language"], $domain_defaults["auto_whitelist"], $domain_defaults["items_per_page"], $domain_defaults["theme_id"], $domain_defaults["quarantine_digest_interval"], $domain_defaults["truncate_subject"], $domain_defaults["truncate_email"]));
if (PEAR::isError($res)) {
$logger->err("Can't insert new user: "******"SELECT id FROM maia_users WHERE user_name = ?");
$res = $sth->execute(array($user_name));
if (PEAR::isError($sth)) {
die($sth->getMessage());
}
if ($row = $res->fetchRow()) {
$uid = $row["id"];
}
$sth->free();
// Link this e-mail address to this user
$email_id = add_email_address_to_user($uid, $email);
// Make this e-mail address the user's primary address
set_primary_email($uid, $email_id);
return $uid;
}
