1 <?php
2 // 
3 // Postfix Admin 
4 // by Mischa Peters <mischa at high5 dot net>
5 // Copyright (c) 2002 - 2005 High5!
6 // License Info: http://www.postfixadmin.com/?file=LICENSE.TXT
7 //
8 // File: edit-mailbox.php
9 //
10 // Template File: edit-mailbox.tpl
11 //
12 // Template Variables:
13 //
14 // tMessage
15 // tName
16 // tQuota
17 //
18 // Form POST \ GET Variables:
19 //
20 // fUsername
21 // fDomain
22 // fPassword
23 // fPassword2
24 // fName
25 // fQuota
26 // fActive
27 //
28 require ("./variables.inc.php");
29 require ("./config.inc.php");
30 require ("./functions.inc.php");
31 include ("./languages/" . check_language () . ".lang");
32 
33 $SESSID_USERNAME = check_session ();
34 
35 if ($_SERVER['REQUEST_METHOD'] == "GET")
36 {
37    $fUsername = escape_string ($_GET['username']);
38    $fDomain = escape_string ($_GET['domain']);
39 
40    if (check_owner ($SESSID_USERNAME, $fDomain))
41    {
42       $result = db_query ("SELECT * FROM mailbox WHERE username='$fUsername' AND domain='$fDomain'");
43       if ($result['rows'] == 1)
44       {
45          $row = db_array ($result['result']);
46          $tName = $row['name'];
47          $tQuota = $row['quota'] / $CONF['quota_multiplier'];
48          $tActive = $row['active'];
49       }
50    }
51    else
52    {
53       $tMessage = $PALANG['pEdit_mailbox_login_error'];
54    }
55    
56    include ("./templates/header.tpl");
57    include ("./templates/menu.tpl");
58    include ("./templates/edit-mailbox.tpl");
59    include ("./templates/footer.tpl");
60 }
61 
62 if ($_SERVER['REQUEST_METHOD'] == "POST")
63 {
64    $pEdit_mailbox_password_text = $PALANG['pEdit_mailbox_password_text_error'];
65    $pEdit_mailbox_quota_text = $PALANG['pEdit_mailbox_quota_text'];
66    
67    $fUsername = escape_string ($_GET['username']);
68    $fUsername = strtolower ($fUsername);
69    $fDomain = escape_string ($_GET['domain']);
70    
71    $fPassword = escape_string ($_POST['fPassword']);
72    $fPassword2 = escape_string ($_POST['fPassword2']);
73    $fName = escape_string ($_POST['fName']);
74    if (isset ($_POST['fQuota'])) $fQuota = escape_string ($_POST['fQuota']);
75    if (isset ($_POST['fActive'])) $fActive = escape_string ($_POST['fActive']);
76   
77    if (!check_owner ($SESSID_USERNAME, $fDomain))
78    {
79       $error = 1;
80       $tName = $fName;
81       $tQuota = $fQuota;
82       $tActive = $fActive;
83       $tMessage = $PALANG['pEdit_mailbox_domain_error'] . "$fDomain</font>";
84    }
85 
86 	if ($fPassword != $fPassword2)
87 	{
88 	   $error = 1;
89       $tName = $fName;
90       $tQuota = $fQuota;
91       $tActive = $fActive;
92       $pEdit_mailbox_password_text = $PALANG['pEdit_mailbox_password_text_error'];
93    }
94 
95    if ($CONF['quota'] == "YES")
96    {
97       if (!check_quota ($fQuota, $fDomain))
98       {
99          $error = 1;
100          $tName = $fName;
101          $tQuota = $fQuota;
102          $tActive = $fActive;
103          $pEdit_mailbox_quota_text = $PALANG['pEdit_mailbox_quota_text_error'];
104       }
105    }
106 
107    if ($error != 1)
108    {
109       if (!empty ($fQuota))
110       {
111          $quota = $fQuota * $CONF['quota_multiplier'];
112       }
113       else
114       {
115          $quota = 0;
116       }
117       
118       if ($fActive == "on")
119       {
120          $fActive = 1;
121       }
122       else
123       {
124          $fActive = 0;
125       }
126       
127       if (empty ($fPassword) and empty ($fPassword2))
128       {
129          $result = db_query ("UPDATE mailbox SET name='$fName',quota='$quota',modified=NOW(),active='$fActive' WHERE username='$fUsername' AND domain='$fDomain'");
130       }
131       else
132       {
133          $password = pacrypt ($fPassword);
134          $result = db_query ("UPDATE mailbox SET password='$password',name='$fName',quota='$quota',modified=NOW(),active='$fActive' WHERE username='$fUsername' AND domain='$fDomain'");
135       }
136 
137       if ($result['rows'] != 1)
138       {
139          $tMessage = $PALANG['pEdit_mailbox_result_error'];
140       }
141       else
142       {
143          db_log ($SESSID_USERNAME, $fDomain, "edit mailbox", $fUsername);
144          
145          header ("Location: overview.php?domain=$fDomain");
146          exit;
147       }
148    }
149    
150    include ("./templates/header.tpl");
151    include ("./templates/menu.tpl");
152    include ("./templates/edit-mailbox.tpl");
153    include ("./templates/footer.tpl");
154 }
155 ?>