commit 759223e7d7e28b6acf7d19f891b0fbdabb2e220e from: mischa date: Sun Sep 04 18:50:21 2022 UTC connect_db -> pdo_connect commit - a628e105b023de47f351df6d0097cdd032cc2a31 commit + 759223e7d7e28b6acf7d19f891b0fbdabb2e220e blob - 49c73dac4f362120e7d47f803c36defcb3299192 blob + d9404d56f6610698c3008d332c71b879557c6b73 --- add-alias.php +++ add-alias.php @@ -58,7 +58,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if ($domain_exist && empty($message)) { try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("INSERT INTO alias (address,goto,domain,created,modified) VALUES (?,?,?,NOW(),NOW())"); $sth->bindParam(1, $from, PDO::PARAM_STR); $sth->bindParam(2, $goto, PDO::PARAM_STR); blob - 7c33a7c5a634641cd662b9a8648202996dbb3590 blob + 11722940405517541a67012324839750a91e4965 --- add-mailbox.php +++ add-mailbox.php @@ -64,7 +64,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { $maildir = $from . "/"; try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("INSERT INTO alias (address,goto,domain,created,modified) VALUES (?,'vmail',?,NOW(),NOW())"); $sth->bindParam(1, $from, PDO::PARAM_STR); $sth->bindParam(2, $domain, PDO::PARAM_STR); @@ -75,7 +75,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { } try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("INSERT INTO mailbox (username,password,name,maildir,domain,created,modified) VALUES (?,?,?,?,?,NOW(),NOW())"); $sth->bindParam(1, $from, PDO::PARAM_STR); $sth->bindParam(2, $hashed, PDO::PARAM_STR); blob - 42233f00a0478882793d302b903a491569e6d4a3 blob + 5ee43521c2ddf420b15d4b39c08dc9469aa7a628 --- admin/add-alias.php +++ admin/add-alias.php @@ -57,7 +57,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if ($domain_exist && empty($message)) { try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("INSERT INTO alias (address,goto,domain,created,modified) VALUES (?,?,?,NOW(),NOW())"); $sth->bindParam(1, $from, PDO::PARAM_STR); $sth->bindParam(2, $goto, PDO::PARAM_STR); blob - 88ab3d219ee7ccb440431d099e887b57637c25c5 blob + bb6122699af48092296cf315e1b6e490abe1eca7 --- admin/add-mailbox.php +++ admin/add-mailbox.php @@ -63,7 +63,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { $maildir = $from . "/"; try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("INSERT INTO alias (address,goto,domain,created,modified) VALUES (?,'vmail',?,NOW(),NOW())"); $sth->bindParam(1, $from, PDO::PARAM_STR); $sth->bindParam(2, $domain, PDO::PARAM_STR); @@ -74,7 +74,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { } try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("INSERT INTO mailbox (username,password,name,maildir,domain,created,modified) VALUES (?,?,?,?,?,NOW(),NOW())"); $sth->bindParam(1, $from, PDO::PARAM_STR); $sth->bindParam(2, $hashed, PDO::PARAM_STR); blob - 7d8b93eb80e1e444b43137a229ef92d2cfb7b95a blob + f776b9019d751a378ed2c04f9770e2a5861bd9ca --- admin/admin.php +++ admin/admin.php @@ -62,7 +62,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if (empty($message)) { $hashed = bcrypt($password1); try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("INSERT INTO admin (username,password,created,modified) VALUES (?,?,NOW(),NOW())"); $sth->bindParam(1, $username, PDO::PARAM_STR); $sth->bindParam(2, $hashed, PDO::PARAM_STR); @@ -87,7 +87,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if (empty($message) && !empty($password1)) { $hashed = bcrypt($password1); try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("UPDATE admin SET password=?,modified=NOW() WHERE username=?"); $sth->bindParam(1, $hashed, PDO::PARAM_STR); $sth->bindParam(2, $username, PDO::PARAM_STR); @@ -102,7 +102,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { } if (empty($message)) { try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("SELECT COUNT(*) FROM domain_admins WHERE username=?"); $sth->execute(array($username)); $count_domain_admins = $sth->fetchColumn(); blob - aafc11ffa8a4055184f17c2bf621595f67e859e3 blob + c55757ff773149a540e5c4d84b71307b25b675f5 --- admin/backup.php +++ admin/backup.php @@ -36,7 +36,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") { include '../templates/footer.tpl'; } else { fwrite($fh, $header); - $dbh = connect_db(); + $dbh = pdo_connect(); foreach ($tables as $table) { $sth = $dbh->query("SHOW CREATE TABLE $table"); $row = $sth->fetch(PDO::FETCH_ASSOC); blob - 72e6b6744fa4441dab3f3a90b49bb333983b0ce8 blob + 7a1cec7a3a6c6f6b6814f7ca1e4138daa84618dd --- admin/delete.php +++ admin/delete.php @@ -35,7 +35,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") { if ($domain_exist && $table == "domain") { try { - $dbh = connect_db(); + $dbh = pdo_connect(); $dbh->beginTransaction(); $sth = $dbh->prepare("SELECT COUNT(*) FROM log WHERE domain=?"); @@ -110,7 +110,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") { if ($table == "admin") { try { - $dbh = connect_db(); + $dbh = pdo_connect(); $dbh->beginTransaction(); $sth = $dbh->prepare("SELECT COUNT(*) FROM admin WHERE username=?"); @@ -146,7 +146,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") { if ($domain_exist && ($table == 'alias' || $table == 'mailbox')) { try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("DELETE FROM alias WHERE address=? AND domain=?"); $sth->bindParam(1, $delete, PDO::PARAM_STR); $sth->bindParam(2, $domain, PDO::PARAM_STR); @@ -164,7 +164,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") { } try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("DELETE FROM mailbox WHERE username=? AND domain=?"); $sth->bindParam(1, $delete, PDO::PARAM_STR); $sth->bindParam(2, $domain, PDO::PARAM_STR); blob - 74f9fcaaff79cabdfadec665f583f319ebefb210 blob + 6ad2f5722a75085ea6cabf594e43f1d3833ab725 --- admin/domain.php +++ admin/domain.php @@ -50,7 +50,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if (!in_array($domain, array_column($list_domains, 'domain'))) { try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("INSERT INTO domain (domain,description,aliases,mailboxes,created,modified) VALUES (?,?,?,?,NOW(),NOW())"); $sth->bindParam(1, $domain, PDO::PARAM_STR); $sth->bindParam(2, $description, PDO::PARAM_STR); @@ -67,7 +67,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if (in_array($domain, array_column($list_domains, 'domain')) && $action == 'edit') { try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("UPDATE domain SET description=?,aliases=?,mailboxes=?,modified=NOW() WHERE domain=?"); $sth->bindParam(1, $description, PDO::PARAM_STR); $sth->bindParam(2, $aliases, PDO::PARAM_INT); blob - 12fa2a7c89af3caf0c0a1e06d80f2ea96db0beb6 blob + 102e7700579f1ecd9dcca3f5cd2c911aba8b914d --- admin/edit-alias.php +++ admin/edit-alias.php @@ -34,7 +34,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") { if ($domain_exist) { try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("SELECT goto FROM alias WHERE address=? AND domain=?"); $sth->bindParam(1, $address, PDO::PARAM_STR); $sth->bindParam(2, $domain, PDO::PARAM_STR); @@ -73,7 +73,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if ($domain_exist && empty($message)) { try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("UPDATE alias SET goto=?,modified=NOW() WHERE address=? AND domain=?"); $sth->bindParam(1, $goto, PDO::PARAM_STR); $sth->bindParam(2, $address, PDO::PARAM_STR); blob - 2ff56843846975ecd66029aa078e5d15f113516c blob + f5f32a73dc6dc23ccfc3b7a1002c10374fa6c2f4 --- admin/edit-mailbox.php +++ admin/edit-mailbox.php @@ -36,7 +36,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") { if ($domain_exist) { try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("SELECT * FROM mailbox WHERE username=? AND domain=?"); $sth->bindParam(1, $username, PDO::PARAM_STR); $sth->bindParam(2, $domain, PDO::PARAM_STR); @@ -65,7 +65,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if (empty($message) && isset($domain_key) && !empty($password1)) { $hashed = bcrypt($password1); try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("UPDATE mailbox SET password=?,name=?,modified=NOW() WHERE username=? AND domain=?"); $sth->bindParam(1, $hashed, PDO::PARAM_STR); $sth->bindParam(2, $name, PDO::PARAM_STR); @@ -79,7 +79,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if ($domain_exist && empty($message)) { try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("UPDATE mailbox SET name=?,modified=NOW() WHERE username=? AND domain=?"); $sth->bindParam(1, $name, PDO::PARAM_STR); $sth->bindParam(2, $username, PDO::PARAM_STR); blob - f9b1fcab2f3303151af0e372850c4da7c4c3590f blob + 3bdc5f928c785472f24225faa37d54a6ebf080e2 --- admin/search.php +++ admin/search.php @@ -26,7 +26,7 @@ $list_domains = list_domains(); $search = filter_input(INPUT_POST, 'search', FILTER_DEFAULT); if (isset($search)) { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("SELECT alias.address,alias.goto,alias.modified,alias.domain FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.address LIKE ? AND mailbox.maildir IS NULL ORDER BY alias.address"); $sth->bindValue(1, '%'.$search.'%', PDO::PARAM_STR); $sth->execute(); blob - 574bd084c23499fefe0d58a7cdd8f351e4b1667d blob + 8ff88fe637ded256b5f6abbb25526686b6fa6e93 --- admin/viewlog.php +++ admin/viewlog.php @@ -28,7 +28,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") { $domain_exist = in_array($domain, array_column($list_domains, 'domain')); if ($domain_exist) { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("SELECT * FROM log WHERE domain=? ORDER BY timestamp DESC LIMIT 10"); $sth->bindParam(1, $domain, PDO::PARAM_STR); $sth->execute(); blob - 8d76d06eec3bd3e15f46c8204f052ce3e363a2f4 blob + c64a5e227d2bbc4bc6dc251c6121386a471cadf2 --- delete.php +++ delete.php @@ -36,7 +36,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") { if ($domain_exist && ($table == 'alias' || $table == 'mailbox')) { try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("DELETE FROM alias WHERE address=? AND domain=?"); $sth->bindParam(1, $delete, PDO::PARAM_STR); $sth->bindParam(2, $domain, PDO::PARAM_STR); @@ -54,7 +54,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") { } try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("DELETE FROM mailbox WHERE username=? AND domain=?"); $sth->bindParam(1, $delete, PDO::PARAM_STR); $sth->bindParam(2, $domain, PDO::PARAM_STR); blob - bb51f29bb4e9ecfeeeb32cc85aee197bd33830c5 blob + 41a5571cd8605d9c0a4cd57c8957a60a0b0423fa --- edit-alias.php +++ edit-alias.php @@ -35,7 +35,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") { if ($domain_exist) { try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("SELECT goto FROM alias WHERE address=? AND domain=?"); $sth->bindParam(1, $address, PDO::PARAM_STR); $sth->bindParam(2, $domain, PDO::PARAM_STR); @@ -74,7 +74,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if ($domain_exist && empty($message)) { try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("UPDATE alias SET goto=?,modified=NOW() WHERE address=? AND domain=?"); $sth->bindParam(1, $goto, PDO::PARAM_STR); $sth->bindParam(2, $address, PDO::PARAM_STR); blob - 289b08c768d591f4cf9eb7cdaf7b56f7c4f31fed blob + 0235062080780d8327a6f45c89b99aceb9dfe992 --- edit-mailbox.php +++ edit-mailbox.php @@ -37,7 +37,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") { if ($domain_exist) { try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("SELECT * FROM mailbox WHERE username=? AND domain=?"); $sth->bindParam(1, $username, PDO::PARAM_STR); $sth->bindParam(2, $domain, PDO::PARAM_STR); @@ -66,7 +66,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if (empty($message) && isset($domain_key) && !empty($password1)) { $hashed = bcrypt($password1); try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("UPDATE mailbox SET password=?,name=?,modified=NOW() WHERE username=? AND domain=?"); $sth->bindParam(1, $hashed, PDO::PARAM_STR); $sth->bindParam(2, $name, PDO::PARAM_STR); @@ -80,7 +80,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if ($domain_exist && empty($message)) { try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("UPDATE mailbox SET name=?,modified=NOW() WHERE username=? AND domain=?"); $sth->bindParam(1, $name, PDO::PARAM_STR); $sth->bindParam(2, $username, PDO::PARAM_STR); blob - df06e5addcc2db09508f91180507664951b4db42 blob + bdbefe497215224e0afa51213c8bc39f289ba6c3 --- functions.inc.php +++ functions.inc.php @@ -55,11 +55,23 @@ function check_language() { } // -// connect_db +// bcrypt +// Action: Hashs the password with bcrypt +// Call: bcrypt(string cleartextpassword) +// +function bcrypt($password) { + $options = ['cost' => 8]; + $hashed = password_hash($password, PASSWORD_BCRYPT, $options); + $hashed = preg_replace('/\$2y\$/', '\$2b\$', $hashed); + return $hashed; +} + +// +// pdo_connect // Action: make db connection -// Call: connect_db() +// Call: pdo_connect() // -function connect_db() { +function pdo_connect() { try { $dbh = new PDO(DB_TYPE . ':host='. DB_HOST . ';dbname='. DB_NAME , DB_USER, DB_PASS, array(PDO::ATTR_PERSISTENT => true)); $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); @@ -76,7 +88,7 @@ function connect_db() { // Call: list_domains(string admin (optional)) // function list_domains($username = null) { - $dbh = connect_db(); + $dbh = pdo_connect(); if (isset($username)) { $sth = $dbh->prepare("SELECT * FROM domain INNER JOIN domain_admins ON domain.domain=domain_admins.domain WHERE domain_admins.username=? ORDER BY domain_admins.domain"); $sth->bindParam(1, $username, PDO::PARAM_STR); @@ -106,7 +118,7 @@ function list_domains($username = null) { // Call: list_aliases(string domain, int offset) // function list_aliases($domain, $offset, $limit) { - $dbh = connect_db(); + $dbh = pdo_connect(); if (ALIAS_CONTROL == 'NO') { $sth = $dbh->prepare("SELECT alias.address,alias.goto,alias.modified FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.domain=? AND mailbox.maildir IS NULL ORDER BY alias.address LIMIT ?, ?"); } else { @@ -126,7 +138,7 @@ function list_aliases($domain, $offset, $limit) { // Call: list_mailboxes(string domaini, int offset) // function list_mailboxes($domain, $offset, $limit) { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("SELECT * FROM mailbox WHERE domain=? ORDER BY username LIMIT ?, ?"); $sth->bindParam(1, $domain, PDO::PARAM_STR); $sth->bindParam(2, $offset, PDO::PARAM_INT); @@ -156,18 +168,6 @@ function list_admins() { return $list; } -// -// bcrypt -// Action: Hashs the password with bcrypt -// Call: bcrypt(string cleartextpassword) -// -function bcrypt($password) { - $options = ['cost' => 8]; - $hashed = password_hash($password, PASSWORD_BCRYPT, $options); - $hashed = preg_replace('/\$2y\$/', '\$2b\$', $hashed); - return $hashed; -} - // logging // Action: Logs actions from admin // Call: logging(string username, string domain, string action, string data) @@ -176,7 +176,7 @@ function logging($username, $domain, $action, $data) { $remote_addr = $_SERVER['HTTP_X_CLIENTIP'] ?? $_SERVER['REMOTE_ADDR']; $username = $username . ' (' . $remote_addr . ')'; if (LOGGING == 'YES') { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("INSERT INTO log (timestamp,username,domain,action,data) VALUES (NOW(),?,?,?,?)"); $sth->bindParam(1, $username, PDO::PARAM_STR); $sth->bindParam(2, $domain, PDO::PARAM_STR); blob - 8a716cbfe48f58176ebb91852b32a3b5081e1296 blob + 2521d020a06892c7802874afc30214d593830968 --- login.php +++ login.php @@ -27,7 +27,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { $password = filter_input(INPUT_POST, 'password', FILTER_DEFAULT); if (!empty($username) && !empty($password)) { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("SELECT password FROM admin WHERE username=?"); $sth->bindParam(1, $username, PDO::PARAM_STR); $sth->execute(); blob - fff4275a3a1d9230a72030ea72ac9905e162127d blob + 3cc408f5ebff4d1323d44b7ab8349b031947a77d --- password.php +++ password.php @@ -35,7 +35,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { } if (empty($message) && !empty($password_current)) { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("SELECT password FROM admin WHERE username=?"); $sth->bindParam(1, $username, PDO::PARAM_STR); $sth->execute(); @@ -48,7 +48,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if (empty($message) && !empty($password1)) { $hashed = bcrypt($password1); try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("UPDATE admin SET password=?,modified=NOW() WHERE username=?"); $sth->bindParam(1, $hashed, PDO::PARAM_STR); $sth->bindParam(2, $username, PDO::PARAM_STR); blob - 1e2032d65ccc000023d2db66a2f8459ba4e38b9c blob + 3aab1b6fa28421e3aa449636de4f6280d04ec50b --- search.php +++ search.php @@ -27,7 +27,7 @@ $list_domains = list_domains($SESSID_USERNAME); $search = filter_input(INPUT_POST, 'search', FILTER_DEFAULT); if (isset($search)) { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("SELECT alias.address,alias.goto,alias.modified,alias.domain FROM alias LEFT JOIN mailbox ON alias.address=mailbox.username WHERE alias.address LIKE ? AND mailbox.maildir IS NULL ORDER BY alias.address"); $sth->bindValue(1, '%'.$search.'%', PDO::PARAM_STR); $sth->execute(); blob - ede90483023bac75bee6a2770bb7ed56bb6060f4 blob + 5ceca7e55c1f51c6901eaa6c07f8b6a3c8bf31ba --- templates/search.tpl +++ templates/search.tpl @@ -45,6 +45,7 @@ if (count($list_mailbox) > 0) { echo " \n"; echo " " . $row['username'] . "\n"; echo " " . $row['name'] . "\n"; + echo " " . $row['modified'] . "\n"; echo " " . $LANG['edit'] . "\n"; echo " " . $LANG['del'] . "\n"; echo " \n"; blob - b63e0496eb962b6425f0ba813981bf255dfafc96 blob + f1fe900d55d8b995fe159a86d4ca555c88e941f6 --- users/login.php +++ users/login.php @@ -27,7 +27,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { $password = filter_input(INPUT_POST, 'password', FILTER_DEFAULT); if (!empty($username) && !empty($password)) { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("SELECT password FROM mailbox WHERE username=?"); $sth->bindParam(1, $username, PDO::PARAM_STR); $sth->execute(); blob - 044ff3d26c3b6ea691dbc9ce3a59b695d4730c3c blob + 9ddb89b1266bada35563c128942aeb00f533dc60 --- users/password.php +++ users/password.php @@ -36,7 +36,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { } if (empty($message) && !empty($password_current)) { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("SELECT password FROM mailbox WHERE username=?"); $sth->bindParam(1, $username, PDO::PARAM_STR); $sth->execute(); @@ -49,7 +49,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if (empty($message) && !empty($password1)) { $hashed = bcrypt($password1); try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("UPDATE mailbox SET password=?,modified=NOW() WHERE username=?"); $sth->bindParam(1, $hashed, PDO::PARAM_STR); $sth->bindParam(2, $username, PDO::PARAM_STR); blob - bece1138e1f7a11b551473e293f0564363a09c27 blob + b7bca0b787af639fce6e2090515e7fbd2cfd3ae5 --- users/vacation.php +++ users/vacation.php @@ -27,7 +27,7 @@ $SESSID_USERNAME = check_session('userid'); $USERID_DOMAIN = substr(strrchr($SESSID_USERNAME, "@"), 1); if ($_SERVER['REQUEST_METHOD'] == "GET") { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("SELECT COUNT(*) FROM vacation WHERE email=?"); $sth->execute(array($SESSID_USERNAME)); @@ -45,7 +45,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if (!empty($_POST['back'])) { $action = 'back'; - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("DELETE FROM vacation WHERE email=?"); $sth->bindParam(1, $SESSID_USERNAME, PDO::PARAM_STR); $sth->execute(); @@ -60,7 +60,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { if (!empty($_POST['away'])) { $action = 'away'; try { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("INSERT INTO vacation (email,subject,body,cache,domain,created) VALUES (?,?,?,'',?,NOW())"); $sth->bindParam(1, $SESSID_USERNAME, PDO::PARAM_STR); $sth->bindParam(2, $subject, PDO::PARAM_STR); blob - fdae458edd429d8f39778affdbbca728b41c23ca blob + 48c1249bd0c4780c7e11fa0facc4824bd6d07125 --- viewlog.php +++ viewlog.php @@ -29,7 +29,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") { $domain_exist = in_array($domain, array_column($list_domains, 'domain')); if ($domain_exist) { - $dbh = connect_db(); + $dbh = pdo_connect(); $sth = $dbh->prepare("SELECT * FROM log WHERE domain=? ORDER BY timestamp DESC LIMIT 10"); $sth->bindParam(1, $domain, PDO::PARAM_STR); $sth->execute();