From 212c76429a7bebb36ef10b44521283e01be4aba1 Mon Sep 17 00:00:00 2001
From: Humorhenker <36549980+Humorhenker@users.noreply.github.com>
Date: Mon, 25 Nov 2019 23:45:57 +0100
Subject: [PATCH] Verschiedene Fixes

---
 private/config.ini            |  8 ++++++++
 public/admin.php              |  1 +
 public/bin/changemailpw.php   |  2 +-
 public/bin/createmailuser.php | 10 +++++-----
 4 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/private/config.ini b/private/config.ini
index 97aa4eb..4db2db5 100644
--- a/private/config.ini
+++ b/private/config.ini
@@ -10,3 +10,11 @@ maildirencryption =
 captcha = 
 allowregistration = 
 adminadress = 
+deletedelrequestdaydiff = 
+sendactivationinfo = 
+prohibadminmailcreation = 
+
+[mailserver]
+mailsmtpserver=""
+mailadress=""
+mailpw=''
diff --git a/public/admin.php b/public/admin.php
index 3d0b427..8ca2bce 100644
--- a/public/admin.php
+++ b/public/admin.php
@@ -70,6 +70,7 @@ if ($_SESSION['log'] == 1 and $_SESSION['admin'] == 1) {
 echo '</select> (benutze nicht ' .  "'" . ')</label>
 <label>Neues Passwort<input type="password" name="newmailpw"/>(min. 8 Zeichen, benutze nicht ' .  "'" . ')</label>
 <label>Neues Passwort wiederholen<input type="password" name="newmailpwrep"/></label>
+<label>Passwortänderung erzwingen:<input type="checkbox" name="forcepwreset"/></label>
 <input type="submit" name="submit" value="Hinzufügen"/>
 </form>
 <h3>Passwort einer Email-Adresse ändern:</h3>
diff --git a/public/bin/changemailpw.php b/public/bin/changemailpw.php
index ec95093..f0d5fa8 100644
--- a/public/bin/changemailpw.php
+++ b/public/bin/changemailpw.php
@@ -28,7 +28,7 @@ if ($_SESSION['log'] == 1 or $_SESSION['forcepwreset']) {
         $oldmailpw = $_POST['oldmailpw'];
         if (strpos($newmailpw, "'") !== false) {
             if ($_SESSION['forcepwreset']) header("Location: ../index.php?wrongsymbols=1");
-            else header("Location: settings.php?wrongsymbols=1");
+            else header("Location: ../settings.php?wrongsymbols=1");
             exit;
         }
         $mailusername = $_SESSION['username'];
diff --git a/public/bin/createmailuser.php b/public/bin/createmailuser.php
index 0adb0ae..7342c10 100644
--- a/public/bin/createmailuser.php
+++ b/public/bin/createmailuser.php
@@ -21,7 +21,7 @@ try {
     //echo 'Connection failled: '. $e->getMessage(); // Errormessage kann Sicherheitsrelevantes enthalen
     echo 'Connection failed';
 }
-function createmailuser($newmailusername, $newmaildomainid, $newmailpw, $newmailpwrep, $admin) {
+function createmailuser($newmailusername, $newmaildomainid, $newmailpw, $newmailpwrep, $newmailforcepwreset, $admin) {
     global $dbh;
     global $config;
     $abfrage = "SELECT domain FROM `domains` WHERE `id` LIKE :newmaildomainid";
@@ -84,9 +84,9 @@ function createmailuser($newmailusername, $newmaildomainid, $newmailpw, $newmail
                 //     $eintrag = "UPDATE `mailserver`.`virtual_users` SET `active`='0' WHERE `email` LIKE :newmailusernamefull";
                 // }
                 //else {
-                    $eintrag = "INSERT INTO `accounts` (`username`, `domain`, `password`, `quota`, `enabled`, `forcepwreset`, `sendonly`, `admin`) VALUES (:newmailusername, :newmaildomain, :newmailpwhashed, '2048', '1', '0', '0', '0')"; // Maildaten in MailServer DB eintragen
+                    $eintrag = "INSERT INTO `accounts` (`username`, `domain`, `password`, `quota`, `enabled`, `forcepwreset`, `sendonly`, `admin`) VALUES (:newmailusername, :newmaildomain, :newmailpwhashed, '2048', '1', :forcepwreset, '0', '0')"; // Maildaten in MailServer DB eintragen
                     $sth = $dbh->prepare($eintrag);
-                    $sth->execute(array(':newmailusername' => $newmailusername, ':newmaildomain' => $newmaildomain, ':newmailpwhashed' => $newmailpwhashed));
+                    $sth->execute(array(':newmailusername' => $newmailusername, ':newmaildomain' => $newmaildomain, ':newmailpwhashed' => $newmailpwhashed, ':forcepwreset' =>  $newmailforcepwreset));
                     //$maildirpath = $config['mailfolderpath'] . $newmailusername;
                 //    umask(0);
                 //    mkdir($maildirpath, 0770);
@@ -139,13 +139,13 @@ function createmailuser($newmailusername, $newmaildomainid, $newmailpw, $newmail
 session_start();
 if ($_SESSION['log'] == 1 AND $_SESSION['admin'] == 1) {
     //print_r($_POST);
-    createmailuser($_POST['newmailusername'], $_POST['newmaildomainid'], $_POST['newmailpw'], $_POST['newmailpwrep'], 1);
+    createmailuser($_POST['newmailusername'], $_POST['newmaildomainid'], $_POST['newmailpw'], $_POST['newmailpwrep'], $_POST['forcepwreset'], 1);
     header("Location: ../admin.php");
     exit;
 }
 if ($config['allowregistration']) {
     if ($_POST['captchacode'] == $_SESSION['captchacode']) {
-        createmailuser($_POST['newmailusername'], $_POST['newmaildomainid'], $_POST['newmailpw'], $_POST['newmailpwrep'], 0);
+        createmailuser($_POST['newmailusername'], $_POST['newmaildomainid'], $_POST['newmailpw'], $_POST['newmailpwrep'], $_POST['forcepwreset'], 0);
     }
     elseif ($_POST['captchacode'] != $_SESSION['captchacode']) {
         header("Location: createmailpre.php?wrongcaptchacode=1");