hmrhkr
/
Mailadminscript
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Kleinere Bugfixes und Maillistenadministration (über virtualalias) hinzugefügt.

This commit is contained in:
Paul 2019-08-31 17:11:55 +02:00
parent 54cd16953b
commit cb81230798
13 changed files with 388 additions and 137 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
private/config.ini
View File

@ -7,4 +7,5 @@ dbname =
[misc] [misc]
mailfolderpath = mailfolderpath =
maildirencryption = maildirencryption =
captcha = captcha =
allowregistration =

1
public/admin.php
View File

@ -77,6 +77,7 @@ if ($_SESSION['log'] == 1 and $_SESSION['admin'] == 1) {
echo '</select></label> echo '</select></label>
<input type="submit" name="submit" value="ENTFERNEN"/> <input type="submit" name="submit" value="ENTFERNEN"/>
</form> </form>
<a href="bin/maillistsettings.php"><h3>Maillisten Einstellungen</h3></a>
</body> </body>
</html>'; </html>';
exit; exit;

2
public/bin/activatemail.php
View File

@ -22,7 +22,7 @@ try {
echo 'Connection failed'; echo 'Connection failed';
} }
session_start(); session_start();
if ($_SESSION['log'] == 1) { if ($_SESSION['log'] == 1 && $_SESSION['admin']) {
$mailuserID = $_POST['mailuserID']; $mailuserID = $_POST['mailuserID'];
$eintrag = "UPDATE `mailserver`.`virtual_users` SET `active`='1' WHERE `id` LIKE :mailuserID"; $eintrag = "UPDATE `mailserver`.`virtual_users` SET `active`='1' WHERE `id` LIKE :mailuserID";
$sth = $dbh->prepare($eintrag); $sth = $dbh->prepare($eintrag);

32
public/bin/addmaillist.php Normal file
View File

@ -0,0 +1,32 @@
<?php
/* Mailadminscript
Copyright (C) 2019 Paul Schürholz contact AT roteserver . de
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. */
$config = parse_ini_file('../../private/config.ini');
try {
$dbh = new PDO('mysql:host=' . $config['dbservername'] . ';dbname=' . $config['dbname'], $config['dbusername'], $config['dbpassword'], array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
} catch (PDOException $e) {
//echo 'Connection failled: '. $e->getMessage(); // Errormessage kann Sicherheitsrelevantes enthalen
echo 'Connection failed';
}
session_start();
if ($_SESSION['log'] == 1 && $_SESSION['admin']) {
$eintrag = "INSERT INTO `virtual_aliases` (`domain_id`, `source`, `destination`, `owner`, `private`, `name`) VALUES (1, :source, :destination, :owner, :private, :name)"; // Aliasdaten in MailServer DB eintragen
$sth = $dbh->prepare($eintrag);
$sth->execute(array('source' => $_POST['maillistsource'], 'destination' => $_POST['maillistadresses'], 'owner' => $_POST['maillistownerid'], 'private' => $_POST['listprivate'], 'name' => $_POST['maillistname']));
}
header("Location: maillistsettings.php");
exit;
?>

1
public/bin/changemailpw.php
View File

@ -42,7 +42,6 @@ if ($_SESSION['log'] == 1) {
$eintrag = "UPDATE `virtual_users` SET `password` = :newmailpwhashed WHERE `email` LIKE :mailusername"; $eintrag = "UPDATE `virtual_users` SET `password` = :newmailpwhashed WHERE `email` LIKE :mailusername";
$sth = $dbh->prepare($eintrag); $sth = $dbh->prepare($eintrag);
$sth->execute(array('newmailpwhashed' => $newmailpwhashed, 'mailusername' => $mailusername)); $sth->execute(array('newmailpwhashed' => $newmailpwhashed, 'mailusername' => $mailusername));
$eintragen = mysqli_query($link, $eintrag);
if ($config['maildirencryption']) { if ($config['maildirencryption']) {
if ($_POST['forcekeyregen']) { if ($_POST['forcekeyregen']) {
exec('sudo -u vmail /usr/bin/doveadm -o stats_writer_socket_path= -o plugin/mail_crypt_private_password=' . escapeshellarg($newmailpw) . ' mailbox cryptokey generate -U -f -u ' . escapeshellarg($mailusername)); exec('sudo -u vmail /usr/bin/doveadm -o stats_writer_socket_path= -o plugin/mail_crypt_private_password=' . escapeshellarg($newmailpw) . ' mailbox cryptokey generate -U -f -u ' . escapeshellarg($mailusername));

63
public/bin/createmailpre.php
View File

@ -22,38 +22,43 @@ try {
echo 'Connection failed'; echo 'Connection failed';
} }
session_start(); session_start();
if (!isset($_SESSION['log']) or $_SESSION['log'] != 1) { if ($config['allowregistration']) {
echo' <h3>Emailadresse hinzufügen:</h3> if (!isset($_SESSION['log']) or $_SESSION['log'] != 1) {
'; echo' <h3>Emailadresse hinzufügen:</h3>
if (isset($_GET['wrongcaptchacode']) AND $config['captcha']) { ';
echo '<h3>Captcha falsch</h3>'; if (isset($_GET['wrongcaptchacode']) AND $config['captcha']) {
echo '<h3>Captcha falsch</h3>';
}
if (isset($_GET['pwtooshort'])) {
echo '<h3>Passwort zu kurz. Bitte mindestens 8 Zeichen</h3>';
}
if (isset($_GET['mailalreadytaken'])) {
echo '<h3>Diese Mailadresse besteht leider schon</h3>';
}
if (isset($_GET['pwnotequal'])) {
echo '<h3>Passwörter nicht gleich!</h3>';
}
if (isset($_GET['wrongsymbols'])) {
echo '<h3>Verbotene Symbole in Passwort oder Adresse enthalten!</h3>';
}
echo '<form name="createmailuser" method=POST action="createmailuser.php">
<label>Neue email<input type="text" name="newmailusername"/>@roteserver.de (benutze nicht ' . "'" . ')</label>
<label>Neue Passwort<input type="password" name="newmailpw"/>(min. 8 Zeichen, benutze nicht ' . "'" . ')</label>
<label>Neue Passwort wiederholen<input type="password" name="newmailpwrep"/></label>';
if ($config['captcha']) {
echo '<label><p>Captcha:</p><p>gebe hier bitte den Zahlencode aus dem Bild ein</p><img src="captcha.php"/>
<input type="text" name="captchacode"/></label>';
}
echo '<input type="submit" name="submit" value="Hinzufügen"/>
</form>
<p>Dein Konto muss erst freigeschaltet werden, bevor du es benutzen kannst.</p>';
exit;
} }
if (isset($_GET['pwtooshort'])) { else {
echo '<h3>Passwort zu kurz. Bitte mindestens 8 Zeichen</h3>'; header("Location: ../settings.php");
} }
if (isset($_GET['mailalreadytaken'])) {
echo '<h3>Diese Mailadresse besteht leider schon</h3>';
}
if (isset($_GET['pwnotequal'])) {
echo '<h3>Passwörter nicht gleich!</h3>';
}
if (isset($_GET[ 'wrongsymbols'])) {
echo '<h3>Verbotene Symbole in Passwort oder Adresse enthalten!</h3>';
}
echo '<form name="createmailuser" method=POST action="createmailuser.php">
<label>Neue email<input type="text" name="newmailusername"/>@roteserver.de (benutze nicht ' . "'" . ')</label>
<label>Neue Passwort<input type="password" name="newmailpw"/>(min. 8 Zeichen, benutze nicht ' . "'" . ')</label>
<label>Neue Passwort wiederholen<input type="password" name="newmailpwrep"/></label>';
if ($config['captcha']) {
echo '<label><p>Captcha:</p><p>gebe hier bitte den Zahlencode aus dem Bild ein</p><img src="captcha.php"/>
<input type="text" name="captchacode"/></label>';
}
echo '<input type="submit" name="submit" value="Hinzufügen"/>
</form>
<p>Dein Konto muss erst freigeschaltet werden, bevor du es benutzen kannst.</p>';
exit;
} }
else { else {
header("Location: ../settings.php"); header("Location: ../index.php");
} }
?> ?>

213
public/bin/createmailuser.php
View File

@ -21,118 +21,129 @@ try {
//echo 'Connection failled: '. $e->getMessage(); // Errormessage kann Sicherheitsrelevantes enthalen //echo 'Connection failled: '. $e->getMessage(); // Errormessage kann Sicherheitsrelevantes enthalen
echo 'Connection failed'; echo 'Connection failed';
} }
function createmailuser($newmailusername, $newmailpw, $newmailpwrep, $admin) { if ($config['allowregistration']) {
global $dbh;
global $config; function createmailuser($newmailusername, $newmailpw, $newmailpwrep, $admin) {
$pattern = array(); global $dbh;
$pattern[0] = ' '; global $config;
$pattern[1] = '@'; $pattern = array();
$pattern[2] = 'roteserver'; $pattern[0] = ' ';
$pattern[3] = 'roteserver.de'; $pattern[1] = '@';
$pattern[4] = 'admin'; $pattern[2] = 'roteserver';
$pattern[5] = 'noreply'; $pattern[3] = 'roteserver.de';
$pattern[6] = 'info'; $pattern[4] = 'admin';
$pattern[7] = 'webmaster'; $pattern[5] = 'noreply';
$newmailusername = str_replace($pattern, "", $newmailusername); $pattern[6] = 'info';
$newmailusernamefull = $newmailusername . '@roteserver.de'; $pattern[7] = 'webmaster';
if(strpos($newmailusername, "'") !== false) { $newmailusername = str_replace($pattern, "", $newmailusername);
if ($admin == 1) { $newmailusernamefull = $newmailusername . '@roteserver.de';
header("Location: ../admin.php?fehler=Falsche Zeichen in Adresse"); if (!filter_var($newmailuserfull, FILTER_VALIDATE_EMAIL)) {
exit; // nicht ordentliche EmailAdresse
} else {
header("Location: createmailpre.php?wrongsymbols=1");
exit;
}
}
if (strpos($newmailpw, "'") !== false) {
if ($admin == 1) {
header("Location: ../admin.php?fehler=Falsche Zeichen in Passwort");
exit;
} else {
header("Location: createmailpre.php?wrongsymbols=1"); header("Location: createmailpre.php?wrongsymbols=1");
exit; exit;
} }
} if(strpos($newmailusername, "'") !== false) {
if (strlen($newmailpw) >= 8) {
if ($newmailpw == $newmailpwrep) {
$abfrage = "SELECT 1 FROM `virtual_users` WHERE `email` = :newmailusernamefull";
$sth = $dbh->prepare($abfrage);
$sth->execute(array('newmailusernamefull' => $newmailusernamefull));
$result = $sth->fetchAll();
if ($result[0][1] !== 1) {
$newmailpwhashed = password_hash($newmailpw, PASSWORD_ARGON2I, ['memory_cost' => 32768, 'time_cost' => 4]);
$createdtimestamp = date("Y-m-d H:i:s");
if ($config['maildirencryption']) {
$eintrag = "INSERT INTO `virtual_users` (`domain_id`, `password`, `email`, `username`, `active`, `created`, `pre-pw-key`, `pw-key`, `admin`) VALUES ('1', :newmailpwhashed, :newmailusernamefull, :newmailusername, '1', '$createdtimestamp', '0', '0', '0')"; // Maildaten in MailServer DB eintragen
$sth = $dbh->prepare($eintrag); // der Nutzer muss erst kurzzeitig aktive geschaltet werden, damit die cryptkeys erstellt werden können. Danach wird er direkt wieder deaktiviert.
$sth->execute(array('newmailpwhashed' => $newmailpwhashed, 'newmailusernamefull' => $newmailusernamefull, 'newmailusername' =>$newmailusername));
$maildirpath = $config['mailfolderpath'] . $newmailusername;
umask(0);
mkdir($maildirpath, 0770);
exec('sudo -u vmail /usr/bin/doveadm -o stats_writer_socket_path= -o plugin/mail_crypt_private_password=' . escapeshellarg($newmailpw) . ' mailbox cryptokey generate -U -f -u ' . escapeshellarg($newmailusernamefull));
$eintrag = "UPDATE `mailserver`.`virtual_users` SET `active`='0' WHERE `email` LIKE :newmailusernamefull";
}
else {
$eintrag = "INSERT INTO `virtual_users` (`domain_id`, `password`, `email`, `username`, `active`, `created`) VALUES ('1', :newmailpwhashed, :newmailusernamefull, :newmailusername, '0', '$createdtimestamp')"; // Maildaten in MailServer DB eintragen
$sth = $dbh->prepare($eintrag); // der Nutzer muss erst kurzzeitig aktive geschaltet werden, damit die cryptkeys erstellt werden können. Danach wird er direkt wieder deaktiviert.
$sth->execute(array('newmailpwhashed' => $newmailpwhashed, 'newmailusernamefull' => $newmailusernamefull, 'newmailusername' => $newmailusername));
$maildirpath = $config['mailfolderpath'] . $newmailusername;
umask(0);
mkdir($maildirpath, 0770);
}
$sth = $dbh->prepare($eintrag);
$sth->execute(array(':newmailusernamefull' => $newmailusernamefull));
$adminmailadress = $config['adminadress'];
$adresse = $config['domain'] . '/admin.php';
// eine Mail an den Admin verschicken, damit er die Mail freischalten kann
mail($adminmailadress, "Neue Mailadresse erstellt", "Eine neue Mailadresse wurde erstellt und muss freigeschaltet werden. \n \n" . htmlspecialchars($newmailusernamefull) . "\n " . $adresse, "From: mailservice");
if ($admin == 1) {
header("Location: ../admin.php?success=1");
exit;
} else {
header("Location: ../index.php");
exit;
}
exit;
} else { // Emailadresse ist bereits registriert
if ($admin == 1) {
header("Location: ../admin.php?fehler=Mail besteht schon");
exit;
} else {
header("Location: createmailpre.php?mailalreadytaken=1");
exit;
}
}
}
else {
if ($admin == 1) { if ($admin == 1) {
header("Location: ../admin.php?fehler=PW nicht gleich"); header("Location: ../admin.php?fehler=Falsche Zeichen in Adresse");
exit; exit;
} else { } else {
header("Location: createmailpre.php?pwnotequal=1"); header("Location: createmailpre.php?wrongsymbols=1");
exit;
}
}
if (strpos($newmailpw, "'") !== false) {
if ($admin == 1) {
header("Location: ../admin.php?fehler=Falsche Zeichen in Passwort");
exit;
} else {
header("Location: createmailpre.php?wrongsymbols=1");
exit; exit;
} }
} }
} else { // Passwort zu kurz if (strlen($newmailpw) >= 8) {
if ($admin == 1) { if ($newmailpw == $newmailpwrep) {
header("Location: ../admin.php?fehler=PW zu kurz"); $abfrage = "SELECT 1 FROM `virtual_users` WHERE `email` = :newmailusernamefull";
exit; $sth = $dbh->prepare($abfrage);
} else { $sth->execute(array('newmailusernamefull' => $newmailusernamefull));
header("Location: createmailpre.php?pwtooshort=1"); $result = $sth->fetchAll();
exit; if ($result[0][1] !== 1) {
$newmailpwhashed = password_hash($newmailpw, PASSWORD_ARGON2I, ['memory_cost' => 32768, 'time_cost' => 4]);
$createdtimestamp = date("Y-m-d H:i:s");
if ($config['maildirencryption']) {
$eintrag = "INSERT INTO `virtual_users` (`domain_id`, `password`, `email`, `username`, `active`, `created`, `pre-pw-key`, `pw-key`, `admin`) VALUES ('1', :newmailpwhashed, :newmailusernamefull, :newmailusername, '1', '$createdtimestamp', '0', '0', '0')"; // Maildaten in MailServer DB eintragen
$sth = $dbh->prepare($eintrag); // der Nutzer muss erst kurzzeitig aktive geschaltet werden, damit die cryptkeys erstellt werden können. Danach wird er direkt wieder deaktiviert.
$sth->execute(array('newmailpwhashed' => $newmailpwhashed, 'newmailusernamefull' => $newmailusernamefull, 'newmailusername' =>$newmailusername));
$maildirpath = $config['mailfolderpath'] . $newmailusername;
umask(0);
mkdir($maildirpath, 0770);
exec('sudo -u vmail /usr/bin/doveadm -o stats_writer_socket_path= -o plugin/mail_crypt_private_password=' . escapeshellarg($newmailpw) . ' mailbox cryptokey generate -U -f -u ' . escapeshellarg($newmailusernamefull));
$eintrag = "UPDATE `mailserver`.`virtual_users` SET `active`='0' WHERE `email` LIKE :newmailusernamefull";
}
else {
$eintrag = "INSERT INTO `virtual_users` (`domain_id`, `password`, `email`, `username`, `active`, `created`) VALUES ('1', :newmailpwhashed, :newmailusernamefull, :newmailusername, '0', '$createdtimestamp')"; // Maildaten in MailServer DB eintragen
$sth = $dbh->prepare($eintrag); // der Nutzer muss erst kurzzeitig aktive geschaltet werden, damit die cryptkeys erstellt werden können. Danach wird er direkt wieder deaktiviert.
$sth->execute(array('newmailpwhashed' => $newmailpwhashed, 'newmailusernamefull' => $newmailusernamefull, 'newmailusername' => $newmailusername));
$maildirpath = $config['mailfolderpath'] . $newmailusername;
umask(0);
mkdir($maildirpath, 0770);
}
$sth = $dbh->prepare($eintrag);
$sth->execute(array(':newmailusernamefull' => $newmailusernamefull));
$adminmailadress = $config['adminadress'];
$adresse = $config['domain'] . '/admin.php';
// eine Mail an den Admin verschicken, damit er die Mail freischalten kann
mail($adminmailadress, "Neue Mailadresse erstellt", "Eine neue Mailadresse wurde erstellt und muss freigeschaltet werden. \n \n" . htmlspecialchars($newmailusernamefull) . "\n " . $adresse, "From: mailservice");
if ($admin == 1) {
header("Location: ../admin.php?success=1");
exit;
} else {
header("Location: ../index.php");
exit;
}
exit;
} else { // Emailadresse ist bereits registriert
if ($admin == 1) {
header("Location: ../admin.php?fehler=Mail besteht schon");
exit;
} else {
header("Location: createmailpre.php?mailalreadytaken=1");
exit;
}
}
}
else {
if ($admin == 1) {
header("Location: ../admin.php?fehler=PW nicht gleich");
exit;
} else {
header("Location: createmailpre.php?pwnotequal=1");
exit;
}
}
} else { // Passwort zu kurz
if ($admin == 1) {
header("Location: ../admin.php?fehler=PW zu kurz");
exit;
} else {
header("Location: createmailpre.php?pwtooshort=1");
exit;
}
} }
} }
session_start();
if ($_SESSION['log'] == 1 AND $_SESSION['admin'] == 1) {
createmailuser($_POST['newmailusername'], $_POST['newmailpw'], $_POST['newmailpwrep'], 1);
}
if ($_POST['captchacode'] == $_SESSION['captchacode']) {
createmailuser($_POST['newmailusername'], $_POST['newmailpw'], $_POST['newmailpwrep'], 0);
}
elseif ($_POST['captchacode'] != $_SESSION['captchacode']) {
header("Location: createmailpre.php?wrongcaptchacode=1");
exit;
}
header("Location: ../index.php");
} }
session_start(); else {
if ($_SESSION['log'] == 1 AND $_SESSION['admin'] == 1) { header("Location: ../index.php");
createmailuser($_POST['newmailusername'], $_POST['newmailpw'], $_POST['newmailpwrep'], 1);
} }
if ($_POST['captchacode'] == $_SESSION['captchacode']) {
createmailuser($_POST['newmailusername'], $_POST['newmailpw'], $_POST['newmailpwrep'], 0);
}
elseif ($_POST['captchacode'] != $_SESSION['captchacode']) {
header("Location: createmailpre.php?wrongcaptchacode=1");
exit;
}
header("Location: ../index.php");
?> ?>

2
public/bin/deactivatemail.php
View File

@ -22,7 +22,7 @@ try {
echo 'Connection failed'; echo 'Connection failed';
} }
session_start(); session_start();
if ($_SESSION['log'] == 1) { if ($_SESSION['log'] == 1 && $_SESSION['admin']) {
$mailuserID = $_POST['mailuserID']; $mailuserID = $_POST['mailuserID'];
$eintrag = "UPDATE `mailserver`.`virtual_users` SET `active`='0' WHERE `id` LIKE :mailuserID"; $eintrag = "UPDATE `mailserver`.`virtual_users` SET `active`='0' WHERE `id` LIKE :mailuserID";
$sth = $dbh->prepare($eintrag); $sth = $dbh->prepare($eintrag);

32
public/bin/dellist.php Normal file
View File

@ -0,0 +1,32 @@
<?php
/* Mailadminscript
Copyright (C) 2019 Paul Schürholz contact AT roteserver . de
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. */
$config = parse_ini_file('../../private/config.ini');
try {
$dbh = new PDO('mysql:host=' . $config['dbservername'] . ';dbname=' . $config['dbname'], $config['dbusername'], $config['dbpassword'], array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
} catch (PDOException $e) {
//echo 'Connection failled: '. $e->getMessage(); // Errormessage kann Sicherheitsrelevantes enthalen
echo 'Connection failed';
}
session_start();
if ($_SESSION['log'] == 1 && $_SESSION['admin']) {
$eintrag = "DELETE FROM `mailserver`.`virtual_aliases` WHERE `id` LIKE :maillistid";
$sth = $dbh->prepare($eintrag);
$sth->execute(array(':maillistid' => $_GET['dellistid']));
header("Location: maillistsettings.php");
exit;
}
?>

32
public/bin/editlist.php Normal file
View File

@ -0,0 +1,32 @@
<?php
/* Mailadminscript
Copyright (C) 2019 Paul Schürholz contact AT roteserver . de
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. */
$config = parse_ini_file('../../private/config.ini');
try {
$dbh = new PDO('mysql:host=' . $config['dbservername'] . ';dbname=' . $config['dbname'], $config['dbusername'], $config['dbpassword'], array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
} catch (PDOException $e) {
//echo 'Connection failled: '. $e->getMessage(); // Errormessage kann Sicherheitsrelevantes enthalen
echo 'Connection failed';
}
session_start();
if ($_SESSION['log'] == 1 && $_SESSION['admin']) {
$eintrag = "UPDATE `virtual_aliases` SET `source` = :newsource, `destination` = :newdestination, `owner` = :newowner, `private` = :newprivate, `name` = :newname WHERE `id` LIKE :editlistid";
$sth = $dbh->prepare($eintrag);
$sth->execute(array('newsource' => $_POST['newlistsource'], 'newdestination' => $_POST['newlistdestination'], 'newowner' => $_POST['newlistownerid'], 'newprivate' => $_POST['newlistprivate'], 'newname' => $_POST['newlistname'], 'editlistid' => $_POST['editlistid']));
header("Location: maillistsettings.php");
exit;
}
?>

67
public/bin/editlistpre.php Normal file
View File

@ -0,0 +1,67 @@
<?php
/* Mailadminscript
Copyright (C) 2019 Paul Schürholz contact AT roteserver . de
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. */
$config = parse_ini_file('../../private/config.ini');
try {
$dbh = new PDO('mysql:host=' . $config['dbservername'] . ';dbname=' . $config['dbname'], $config['dbusername'], $config['dbpassword'], array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
} catch (PDOException $e) {
//echo 'Connection failled: '. $e->getMessage(); // Errormessage kann Sicherheitsrelevantes enthalen
echo 'Connection failed';
}
session_start();
if ($_SESSION['log'] == 1 && $_SESSION['admin']) {
echo '<html>
<head>
<title>Mailliste editieren</title>
</head>
<body>
<a href="maillistsettings.php"><h3>Zurück zur Maillistoberfläche (Editieren abbrechen)</h3></a><br>';
$abfrage = "SELECT `source`, `destination`, `owner`, `private`, `name` FROM `virtual_aliases` WHERE `id` LIKE :editlistid";
$result = $dbh->prepare($abfrage);
$result->execute(array('editlistid' => $_GET['editlistid']));
while ($lists = $result->fetch()) {
echo'
<form name="editlist" method=POST action="editlist.php">
<label>Listenname:<input name="newlistname" type="text" placeholder="Listenname" value="' . $lists['name'] . '"/></label>
<label>Listenadresse:<input name="newlistsource" type="text" placeholder="Listenadresse" value="' . $lists['source'] . '"/></label>
<label>Listenbesitzer:<select name="newlistownerid">';
$abfrage = "SELECT `id`, `email` FROM `virtual_users`";
$result = $dbh->query($abfrage);
while ($emails = $result->fetch()) {
echo '<option value="' . $emails['id'] . '" ';
if ($emails['id'] == $lists['owner']) echo ' selected';
echo '>' . $emails['email'] . '</option>';
}
echo '</select></label><br>
<label>Listenempfänger (durch Leerzeichen getrennt):<br><textarea rows="4" cols="50" name="newlistdestination">' . $lists['destination'] . '</textarea></label>
<label>Listensicherheitseinstellungen:<select name="newlistprivate">
<option value="0"';
if ($lists['private'] == 0) echo ' selected';
echo '>0 (Jeder kann Mails an die Liste schicken)</option>
<option value="1"';
if ($lists['private'] == 1) echo ' selected';
echo '>1 (Mitglieder der Liste können Mails an die Liste schicken)</option>
<option value="2"';
if ($lists['private'] == 2) echo ' selected';
echo '>2 (Der Besitzer der Liste kann Mails an die Liste schicken)</option>
</select></label><br>
<input type="hidden" name="editlistid" value="' . $_GET['editlistid'] . '"/>
<input type="submit" name="submit" value="Editieren"/>
</body>
</html>';
}
}
?>

67
public/bin/maillistsettings.php Normal file
View File

@ -0,0 +1,67 @@
<?php
/* Mailadminscript
Copyright (C) 2019 Paul Schürholz contact AT roteserver . de
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. */
$config = parse_ini_file('../../private/config.ini');
try {
$dbh = new PDO('mysql:host=' . $config['dbservername'] . ';dbname=' . $config['dbname'], $config['dbusername'], $config['dbpassword'], array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
} catch (PDOException $e) {
//echo 'Connection failled: '. $e->getMessage(); // Errormessage kann Sicherheitsrelevantes enthalen
echo 'Connection failed';
}
session_start();
if ($_SESSION['log'] == 1 && $_SESSION['admin']) {
echo '<html>
<head>
<title>Maillist Einstellung</title>
</head>
<body>
<h2>Maillinglisten Einstellungen</h2>
<a href="../admin.php"><h3>Zurück zur Adminoberfläche</h3></a><br>
<form name="addmaillist" method=POST action="addmaillist.php">
<label>Listenname:<input name="maillistname" type="text" placeholder="Listenname"/></label>
<label>Listenadresse:<input name="maillistsource" type="text" placeholder="Listenadresse"/></label>
<label>Listenbesitzer:<select name="maillistownerid">';
$abfrage = "SELECT `id`, `email` FROM `virtual_users`";
$result = $dbh->query($abfrage);
while ($emails = $result->fetch()) {
echo '<option value="' . $emails['id'] . '">' . $emails['email'] . '</option>';
}
echo '</select></label><br>
<label>Listenempfänger (durch Leerzeichen getrennt):<br><textarea rows="4" cols="50" name="maillistadresses"></textarea></label>
<label>Listensicherheitseinstellungen:<select name="listprivate">
<option value="0">0 (Jeder kann Mails an die Liste schicken)</option>
<option value="1">1 (Mitglieder der Liste können Mails an die Liste schicken)</option>
<option value="2">2 (Der Besitzer der Liste kann Mails an die Liste schicken)</option>
</select></label><br>
<input type="submit" name="submit" value="Hinzufügen"/>
<br>
<h3>Bestehende Listen:</h3>
';
$abfrage = "SELECT `id`, `source`, `destination`, `owner`, `private`, `name` FROM `virtual_aliases`";
$result = $dbh->query($abfrage);
echo '<table style="text-align: center; vertical-align: middle;"><tr><th>Listenname</th><th>Listenadresse</th><th>Listenempfänger</th><th>Listenbesitzer</th><th>Listensicherheit</th><th>Optionen</th></tr>';
while ($lists = $result->fetch()) {
$abfrage2 = "SELECT `email` FROM `virtual_users` WHERE `id` LIKE :ownerid";
$sth = $dbh->prepare($abfrage2);
$sth->execute(array('ownerid' => $lists['owner']));
$result2 = $sth->fetchAll();
echo '<tr><td>' . $lists['name'] . '</td><td>' . $lists['source'] . '</td><td>' . $lists['destination'] . '</td><td>' . $result2[0]['email'] . '</td><td>' . $lists['private'] . '</td><td><a href="dellist.php?dellistid=' . $lists['id'] . '">Löschen</a><br><a href="editlistpre.php?editlistid=' . $lists['id'] . '">Editieren</a></td></tr>';
}
echo '</table>';
echo '</body>
</html>';
}
?>

10
public/index.php
View File

@ -15,6 +15,7 @@
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. */ along with this program. If not, see <http://www.gnu.org/licenses/>. */
session_start(); session_start();
$config = parse_ini_file('../private/config.ini');
if (!isset($_SESSION['log']) OR $_SESSION['log'] != 1) { if (!isset($_SESSION['log']) OR $_SESSION['log'] != 1) {
echo '<html> echo '<html>
<head> <head>
@ -29,9 +30,12 @@ if (!isset($_SESSION['log']) OR $_SESSION['log'] != 1) {
<label>Nutzername<input name="username" type="text"/></label> <label>Nutzername<input name="username" type="text"/></label>
<label>Passwort<input name="password" type="password"/></label> <label>Passwort<input name="password" type="password"/></label>
<input name="Submit" type="submit" value="Einloggen"/> <input name="Submit" type="submit" value="Einloggen"/>
</form> </form>';
<h3>Neues Konto erstellen:</h3> if ($config['allowregistration']) {
<a href="bin/createmailpre.php"><button>Kontoerstellung</button></a> echo '<h3>Neues Konto erstellen:</h3>
<a href="bin/createmailpre.php"><button>Kontoerstellung</button></a>';
}
echo '
</body> </body>
</html> </html>
'; ';