Blob


1 <?php
2 //
3 // OpenSMTPD Admin
4 // by Mischa Peters <mischa at high5 dot nl>
5 // Copyright (c) 2022 High5!
6 // License Info: LICENSE.TXT
7 //
8 // File: edit-mailbox.php
9 //
10 // Template File: edit-mailbox.tpl
11 //
12 // Template Variables:
13 //
14 // message
15 // name
16 //
17 // POST / GET Variables:
18 //
19 // username
20 // domain
21 // password1
22 // password2
23 // name
24 //
25 require_once './functions.inc.php';
26 include './languages/' . check_language() . '.lang';
28 $SESSID_USERNAME = check_session();
29 $ROLE = check_role($SESSID_USERNAME);
31 if ($ROLE == ADMIN_ROLE) {
32 $list_domains = list_domains();
33 $list_admins = list_admins();
34 } else {
35 $list_domains = list_domains($SESSID_USERNAME);
36 }
38 if ($_SERVER['REQUEST_METHOD'] == "GET") {
39 $username = filter_input(INPUT_GET, 'username', FILTER_DEFAULT);
40 $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN);
41 $domain_key = array_search($domain, array_column($list_domains, 'domain'));
43 if (in_array($domain, array_column($list_domains, 'domain'))) {
44 try {
45 $dbh = pdo_connect();
46 $sth = $dbh->prepare("SELECT * FROM mailbox WHERE username=? AND domain=?");
47 $sth->bindParam(1, $username, PDO::PARAM_STR);
48 $sth->bindParam(2, $domain, PDO::PARAM_STR);
49 $sth->execute();
50 $mailbox_details = $sth->fetch();
51 $name = $mailbox_details['name'];
52 } catch(PDOException $e) {
53 $message = $LANG['Edit_mailbox_login_error'];
54 }
55 }
56 }
58 if ($_SERVER['REQUEST_METHOD'] == "POST") {
59 $username = strtolower(filter_input(INPUT_GET, 'username', FILTER_DEFAULT));
60 $domain = filter_input(INPUT_GET, 'domain', FILTER_VALIDATE_DOMAIN);
61 $password1 = filter_input(INPUT_POST, 'password1', FILTER_DEFAULT);
62 $password2 = filter_input(INPUT_POST, 'password2', FILTER_DEFAULT);
63 $name = filter_input(INPUT_POST, 'name', FILTER_DEFAULT);
64 $domain_key = array_search($domain, array_column($list_domains, 'domain'));
66 if ($password1 != $password2) {
67 $message = $LANG['Edit_mailbox_password_text_error'];
68 }
70 if (empty($message) && isset($domain_key) && !empty($password1)) {
71 $hashed = bcrypt($password1);
72 try {
73 $dbh = pdo_connect();
74 $sth = $dbh->prepare("UPDATE mailbox SET password=?,name=?,modified=NOW() WHERE username=? AND domain=?");
75 $sth->bindParam(1, $hashed, PDO::PARAM_STR);
76 $sth->bindParam(2, $name, PDO::PARAM_STR);
77 $sth->bindParam(3, $username, PDO::PARAM_STR);
78 $sth->bindParam(4, $domain, PDO::PARAM_STR);
79 $sth->execute();
80 } catch(PDOException $e) {
81 $message = $LANG['Edit_mailbox_result_error'];
82 }
83 }
85 if (empty($message) && in_array($domain, array_column($list_domains, 'domain'))) {
86 try {
87 $dbh = pdo_connect();
88 $sth = $dbh->prepare("UPDATE mailbox SET name=?,modified=NOW() WHERE username=? AND domain=?");
89 $sth->bindParam(1, $name, PDO::PARAM_STR);
90 $sth->bindParam(2, $username, PDO::PARAM_STR);
91 $sth->bindParam(3, $domain, PDO::PARAM_STR);
92 $sth->execute();
93 logging($SESSID_USERNAME, $domain, $LANG['Logging_mailbox_edit'], $username);
94 header("Location: list-virtual.php?domain=$domain");
95 } catch(PDOException $e) {
96 $message = $LANG['Edit_mailbox_result_error'];
97 }
98 }
99 }
100 include './templates/header.tpl';
101 include './templates/menu.tpl';
102 include './templates/edit-mailbox.tpl';
103 include './templates/footer.tpl';
104 ?>