commit - bbe1f7564bdbccc83182f3cc9f3746738d905254
commit + b29d176d4bbc17480a33536d7a2085eb78789df5
blob - 67a1ddaecb18dce35c55dc2a8fc5294b7680c726 (mode 644)
blob + /dev/null
--- users/index.php
+++ /dev/null
-<?php
-//
-// OpenSMTPD Admin
-// by Mischa Peters <mischa at high5 dot nl>
-// Copyright (c) 2022 High5!
-// License Info: LICENSE.TXT
-//
-// File: index.php
-//
-// Template File: -none-
-//
-// Template Variables:
-//
-// -none-
-//
-// POST / GET Variables:
-//
-// -none-
-//
-header("Location: login.php");
-exit;
-?>
blob - d940d52b99dd9fee2721f4781e54cfed403303ef (mode 644)
blob + /dev/null
--- users/login.php
+++ /dev/null
-<?php
-//
-// OpenSMTPD Admin
-// by Mischa Peters <mischa at high5 dot nl>
-// Copyright (c) 2022 High5!
-// License Info: LICENSE.TXT
-//
-// File: login.php
-//
-// Template File: login.tpl
-//
-// Template variables:
-//
-// message
-// username
-//
-// GET / POST variables:
-//
-// username
-// password
-//
-require_once '../functions.inc.php';
-include '../languages/' . check_language () . '.lang';
-
-if ($_SERVER['REQUEST_METHOD'] == "POST") {
- $username = filter_input(INPUT_POST, 'username', FILTER_VALIDATE_EMAIL);
- $password = filter_input(INPUT_POST, 'password', FILTER_DEFAULT);
-
- if (!empty($username) && !empty($password)) {
- $dbh = pdo_connect();
- $sth = $dbh->prepare("SELECT password FROM mailbox WHERE username=?");
- $sth->bindParam(1, $username, PDO::PARAM_STR);
- $sth->execute();
- $row = $sth->fetch(PDO::FETCH_COLUMN);
- }
-
- if (!empty($row)) {
- if (!password_verify($password, $row)) {
- $message = $LANG['Login_incorrect'];
- }
- } else {
- $message = $LANG['Login_incorrect'];
- }
-
- if (empty($message)) {
- session_start();
- $_SESSION['userid']['username'] = $username;
- header("Location: password.php");
- exit;
- }
-}
-include '../templates/header.tpl';
-include '../templates/users_login.tpl';
-include '../templates/footer.tpl';
-?>
blob - 24e0b0365b5411a3415d0fcced83b25847a4945a (mode 644)
blob + /dev/null
--- users/logout.php
+++ /dev/null
-<?php
-//
-// OpenSMTPD Admin
-// by Mischa Peters <mischa at high5 dot nl>
-// Copyright (c) 2022 High5!
-// License Info: LICENSE.TXT
-//
-// File: logout.php
-//
-// Template File: -none-
-//
-// Template Variables:
-//
-// -none-
-//
-// POST / GET Variables:
-//
-// -none-
-//
-require_once '../functions.inc.php';
-
-$USERID_USERNAME = check_session('userid');
-
-session_unset();
-session_destroy();
-
-header("Location: login.php");
-exit;
-?>
blob - 87b627ee58519db4df9926f112f499ec5264f982 (mode 644)
blob + /dev/null
--- users/password.php
+++ /dev/null
-<?php
-//
-// OpenSMTPD Admin
-// by Mischa Peters <mischa at high5 dot nl>
-// Copyright (c) 2022 High5!
-// License Info: LICENSE.TXT
-//
-// File: password.php
-//
-// Template File: password.tpl
-//
-// Template Variables:
-//
-// message
-//
-// POST / GET Variables:
-//
-// password_current
-// password1
-// password2
-//
-require_once '../functions.inc.php';
-include '../languages/' . check_language() . '.lang';
-
-$SESSID_USERNAME = check_session('userid');
-$admin = $SESSID_USERNAME ?? ADMIN_EMAIL;
-
-if ($_SERVER['REQUEST_METHOD'] == "POST") {
- $username = $SESSID_USERNAME;
- $password_current = filter_input(INPUT_POST, 'password_current', FILTER_DEFAULT);
- $password1 = filter_input(INPUT_POST, 'password1', FILTER_DEFAULT);
- $password2 = filter_input(INPUT_POST, 'password2', FILTER_DEFAULT);
-
- if (empty($password_current) || empty($password1) || $password1 != $password2) {
- $message = $LANG['Password_password_text_error'];
- }
-
- if (empty($message) && !empty($password_current)) {
- $dbh = pdo_connect();
- $sth = $dbh->prepare("SELECT password FROM mailbox WHERE username=?");
- $sth->bindParam(1, $username, PDO::PARAM_STR);
- $sth->execute();
- $row = $sth->fetch(PDO::FETCH_COLUMN);
- if (!password_verify($password_current, $row)) {
- $message = $LANG['Password_password_current_text_error'];
- }
- }
-
- if (empty($message) && !empty($password1)) {
- $hashed = bcrypt($password1);
- try {
- $dbh = pdo_connect();
- $sth = $dbh->prepare("UPDATE mailbox SET password=?,modified=NOW() WHERE username=?");
- $sth->bindParam(1, $hashed, PDO::PARAM_STR);
- $sth->bindParam(2, $username, PDO::PARAM_STR);
- $sth->execute();
- logging($admin, substr(strrchr($SESSID_USERNAME, "@"), 1), $LANG['Logging_password_change'], $admin);
- $message = $LANG['Password_result_succes'];
- } catch(PDOException $e) {
- $message = $LANG['Password_result_error'];
- }
- }
-}
-include '../templates/header.tpl';
-include '../templates/users_menu.tpl';
-include '../templates/password.tpl';
-include '../templates/footer.tpl';
-?>
blob - 5d9e5f44a9319bf0fc99edeb0a3441c11895cb96 (mode 644)
blob + /dev/null
--- users/vacation.php
+++ /dev/null
-<?php
-//
-// OpenSMTPD Admin
-// by Mischa Peters <mischa at high5 dot nl>
-// Copyright (c) 2022 High5!
-// License Info: LICENSE.TXT
-//
-// File: vacation.php
-//
-// Template File: users_vacation.tpl
-//
-// Template Variables:
-//
-// tMessage
-// tSubject
-// tBody
-//
-// POST / GET Variables:
-//
-// fSubject
-// fBody
-//
-require_once '../functions.inc.php';
-include '../languages/' . check_language() . '.lang';
-
-$SESSID_USERNAME = check_session('userid');
-$USERID_DOMAIN = substr(strrchr($SESSID_USERNAME, "@"), 1);
-
-if ($_SERVER['REQUEST_METHOD'] == "GET") {
- $dbh = pdo_connect();
- $sth = $dbh->prepare("SELECT COUNT(*) FROM vacation WHERE email=?");
- $sth->execute(array($SESSID_USERNAME));
-
- if ($sth->fetchColumn() == 1) {
- $action = 'back';
- $message = $LANG['UsersVacation_welcome_text'];
- } else {
- $action = 'away';
- }
-}
-
-if ($_SERVER['REQUEST_METHOD'] == "POST") {
- $subject = filter_input(INPUT_POST, 'subject', FILTER_DEFAULT);
- $body = filter_input(INPUT_POST, 'body', FILTER_DEFAULT);
-
- if (!empty($_POST['back'])) {
- $action = 'back';
- $dbh = pdo_connect();
- $sth = $dbh->prepare("DELETE FROM vacation WHERE email=?");
- $sth->bindParam(1, $SESSID_USERNAME, PDO::PARAM_STR);
- $sth->execute();
- if ($sth->rowCount() != 1) {
- $message = $LANG['UsersVacation_result_error'];
- } else {
- $action = 'away';
- $essage = $LANG['UsersVacation_result_succes'];
- }
- }
-
- if (!empty($_POST['away'])) {
- $action = 'away';
- try {
- $dbh = pdo_connect();
- $sth = $dbh->prepare("INSERT INTO vacation (email,subject,body,cache,domain,created) VALUES (?,?,?,'',?,NOW())");
- $sth->bindParam(1, $SESSID_USERNAME, PDO::PARAM_STR);
- $sth->bindParam(2, $subject, PDO::PARAM_STR);
- $sth->bindParam(3, $body, PDO::PARAM_STR);
- $sth->bindParam(4, $USERID_DOMAIN, PDO::PARAM_STR);
- $sth->execute();
- header("Location: main.php");
- } catch(PDOException $e) {
- $message = $LANG['UsersVacation_result_error'] . " " . $e->getMessage();
- }
- }
-
-}
-include '../templates/header.tpl';
-include '../templates/users_menu.tpl';
-include '../templates/users_vacation.tpl';
-include '../templates/footer.tpl';
-?>
