prevent creation of lists with the address of existing accounts and the other way around
This commit is contained in:
parent
bf56072f20
commit
f203bec567
|
|
@ -25,9 +25,18 @@ session_start();
|
|||
if ($_SESSION['log'] == 1 && $_SESSION['admin']) {
|
||||
if (!isset($_POST['newlistislist'])) $islist = 0; // wenn die checkbox nicht ausgewählt wurde ist die Post Variable nicht gesetzt, dass stört die Datenbank, deshalb wird Null eingertragen
|
||||
else $islist = $_POST['newlistislist'];
|
||||
$eintrag = "INSERT INTO `alias_details` (`name`, `owners`, `destinations`, `security`, `islist`) VALUES (:newlistname, :owners, :destinations, :security, :islist)"; // Aliasdaten in MailServer DB eintragen
|
||||
|
||||
// check if an account with same address exists
|
||||
$abfrage = "SELECT 1 FROM `accounts` WHERE `username` = :username AND `domain` = :domain";
|
||||
$sth = $dbh->prepare($abfrage);
|
||||
$sth->execute(array(':username' => $_POST['newlistsourceadress'], ':domain' => $_POST['newlistsourcedomain']));
|
||||
$result = $sth->fetchAll();
|
||||
// only create the list if no account with the same adress exists
|
||||
if ($result[0][1] !== 1) {
|
||||
$newlistsource = $_POST['newlistsourceadress'] . '@' . $_POST['newlistsourcedomain'];
|
||||
$eintrag = "INSERT INTO `alias_details` (`name`, `owners`, `source`, `destinations`, `security`, `islist`) VALUES (:newlistname, :owners, :source, :destinations, :security, :islist)"; // Aliasdaten in MailServer DB eintragen
|
||||
$sth = $dbh->prepare($eintrag);
|
||||
$sth->execute(array(':newlistname' => $_POST['newlistname'], ':owners' => $_POST['newlistowners'], ':destinations' => $_POST['newlistdestinations'], ':security' => $_POST['newlistsecurity'], ':islist' => $islist));
|
||||
$sth->execute(array(':newlistname' => $_POST['newlistname'], ':owners' => $_POST['newlistowners'], ':source' => $newlistsource, ':destinations' => $_POST['newlistdestinations'], ':security' => $_POST['newlistsecurity'], ':islist' => $islist));
|
||||
$newlistid = $dbh->lastInsertID();
|
||||
foreach (explode(' ', $_POST['newlistowners']) as $maillistowner) {
|
||||
$maillistownerex = explode('@', $maillistowner);
|
||||
|
|
@ -42,6 +51,7 @@ if ($_SESSION['log'] == 1 && $_SESSION['admin']) {
|
|||
$sth->execute(array(':aliasid' => $newlistid, ':source_username' => $_POST['newlistsourceadress'], ':source_domain' => $_POST['newlistsourcedomain'], ':destination_username' => $maillistdestinationex[0], ':destination_domain' => $maillistdestinationex[1]));
|
||||
}
|
||||
}
|
||||
}
|
||||
header("Location: maillistsettings.php");
|
||||
exit;
|
||||
?>
|
||||
|
|
@ -65,12 +65,19 @@ function createmailuser($newmailusername, $newmaildomainid, $newmailpw, $newmail
|
|||
}
|
||||
if (strlen($newmailpw) >= 8) {
|
||||
if ($newmailpw == $newmailpwrep) {
|
||||
// check if an account with same address exists
|
||||
$abfrage = "SELECT 1 FROM `accounts` WHERE `username` = :newmailusername AND `domain` = :newmaildomain";
|
||||
$sth = $dbh->prepare($abfrage);
|
||||
$sth->execute(array(':newmailusername' => $newmailusername, ':newmaildomain' => $newmaildomain));
|
||||
$result = $sth->fetchAll();
|
||||
//print_r($result);
|
||||
if ($result[0][1] !== 1) {
|
||||
|
||||
// check if a list with same address exists
|
||||
$abfrage = "SELECT 1 FROM `aliases` WHERE `source_username` = :source_username AND `source_domain` = :source_domain";
|
||||
$sth = $dbh->prepare($abfrage);
|
||||
$sth->execute(array(':source_username' => $newmailusername, ':source_domain' => $newmaildomain));
|
||||
$result_list = $sth->fetchAll();
|
||||
|
||||
if ($result[0][1] !== 1 and $result_list[0][1] !== 1 ) {
|
||||
$newmailpwhashed = password_hash($newmailpw, PASSWORD_ARGON2I, ['memory_cost' => 32768, 'time_cost' => 4]);
|
||||
//$createdtimestamp = date("Y-m-d H:i:s");
|
||||
// if ($config['maildirencryption']) {
|
||||
|
|
@ -109,7 +116,7 @@ function createmailuser($newmailusername, $newmaildomainid, $newmailpw, $newmail
|
|||
exit;
|
||||
} else { // Emailadresse ist bereits registriert
|
||||
if ($admin == 1) {
|
||||
header("Location: ../admin.php?fehler=Mail besteht schon");
|
||||
header("Location: ../admin.php?fehler=Mail oder Liste besteht schon");
|
||||
exit;
|
||||
} else {
|
||||
header("Location: createmailpre.php?mailalreadytaken=1");
|
||||
|
|
|
|||
|
|
@ -59,6 +59,13 @@ if ($_SESSION['log'] == 1) {
|
|||
$newlistsource = $_POST['newlistsource'];
|
||||
$newlistsourceexp = explode('@', $newlistsource);
|
||||
if ($newlistsource != $oldlistsource) {
|
||||
// check if an account with same address exists
|
||||
$abfrage = "SELECT 1 FROM `accounts` WHERE `username` = :username AND `domain` = :domain";
|
||||
$sth = $dbh->prepare($abfrage);
|
||||
$sth->execute(array(':username' => $newlistsourceexp[0], ':domain' => $newlistsourceexp[1]));
|
||||
$result = $sth->fetchAll();
|
||||
|
||||
if ($result[0][1] !== 1) {
|
||||
$abfrage = "UPDATE `alias_details` SET `source` = :source WHERE `id` LIKE :alias_id";
|
||||
$result = $dbh->prepare($abfrage);
|
||||
$result->execute(array(':source' => $newlistsource, ':alias_id' => $_POST['editlistid']));
|
||||
|
|
@ -67,6 +74,11 @@ if ($_SESSION['log'] == 1) {
|
|||
$result = $dbh->prepare($abfrage);
|
||||
$result->execute(array(':source_username' => $newlistsourceexp[0], ':source_domain' => $newlistsourceexp[1], ':alias_id' => $_POST['editlistid']));
|
||||
}
|
||||
else {
|
||||
$newlistsource = $oldlistsource;
|
||||
$newlistsourceexp = explode('@', $newlistsource);
|
||||
}
|
||||
}
|
||||
}
|
||||
else {
|
||||
$newlistsource = $oldlistsource;
|
||||
|
|
|
|||
Loading…
Reference in New Issue