1<?php 2 include_once dirname(__FILE__) . '/config/variables.php'; 3 include_once dirname(__FILE__) . '/config/authpostmaster.php'; 4 include_once dirname(__FILE__) . '/config/functions.php'; 5 include_once dirname(__FILE__) . '/config/httpheaders.php'; 6 7 # confirm that the postmaster is updating an alias they are permitted to change before going further 8 $query = "SELECT localpart,realname,smtp,on_spamassassin,sa_tag,sa_refuse,spam_drop, 9 admin,enabled FROM users 10 WHERE user_id=:user_id AND domain_id=:domain_id AND type='alias'"; 11 $sth = $dbh->prepare($query); 12 $sth->execute(array(':user_id'=>$_POST['user_id'], ':domain_id'=>$_SESSION['domain_id'])); 13 if (!$sth->rowCount()) { 14 header ("Location: adminalias.php?failupdated={$_POST['localpart']}"); 15 die(); 16 } 17 18 # Fix the boolean values 19 if (isset($_POST['admin'])) { 20 $_POST['admin'] = 1; 21 } else { 22 $_POST['admin'] = 0; 23 } 24 if (isset($_POST['enabled'])) { 25 $_POST['enabled'] = 1; 26 } else { 27 $_POST['enabled'] = 0; 28 } 29 $query = "SELECT avscan,spamassassin from domains 30 WHERE domain_id=:domain_id"; 31 $sth = $dbh->prepare($query); 32 $sth->execute(array(':domain_id'=>$_SESSION['domain_id'])); 33 $row = $sth->fetch(); 34 if ((isset($_POST['on_avscan'])) && ($row['avscan'] == 1)) { 35 $_POST['on_avscan'] = 1; 36 } else { 37 $_POST['on_avscan'] = 0; 38 } 39 if ((isset($_POST['on_spamassassin'])) && ($row['spamassassin'] == 1)) { 40 $_POST['on_spamassassin'] = 1; 41 } else { 42 $_POST['on_spamassassin'] = 0; 43 } 44 45 # Update the password, if the password was given 46 if(isset($_POST['password']) && $_POST['password']!=='' ){ 47 if (validate_password($_POST['password'], $_POST['vpassword'])) { 48 if (!password_strengthcheck($_POST['password'])) { 49 header ("Location: adminalias.php?weakpass={$_POST['localpart']}"); 50 die; 51 } 52 $cryptedpassword = crypt_password($_POST['password']); 53 $query = "UPDATE users SET crypt=:crypt WHERE user_id=:user_id AND domain_id=:domain_id AND type='alias'"; 54 $sth = $dbh->prepare($query); 55 $success = $sth->execute(array(':crypt'=>$cryptedpassword, ':user_id'=>$_POST['user_id'], ':domain_id'=>$_SESSION['domain_id'])); 56 57 if ($success) { 58 if ($_POST['localpart'] == $_SESSION['localpart']) { 59 $_SESSION['crypt'] = $cryptedpassword; 60 } 61 } else { 62 header ('Location: adminalias.php?failedupdated=' . $_POST['localpart']); 63 die(); 64 } 65 } else { 66 header ('Location: adminalias.php?badaliaspass'); 67 die(); 68 } 69 } 70 71 # update the actual alias in the users table 72 $forwardto=explode(",",$_POST['target']); 73 for($i=0; $i<count($forwardto); $i++){ 74 $forwardto[$i]=trim($forwardto[$i]); 75 if(!filter_var($forwardto[$i], FILTER_VALIDATE_EMAIL)) { 76 header ("Location: adminalias.php?invalidforward=".htmlentities($forwardto[$i])); 77 die; 78 } 79 } 80 $aliasto = implode(",",$forwardto); 81 $query = "UPDATE users SET localpart=:localpart, 82 username=:username, smtp=:smtp, pop=:pop, 83 realname=:realname, admin=:admin, on_avscan=:on_avscan, 84 on_spamassassin=:on_spamassassin, sa_tag=:sa_tag, sa_refuse=:sa_refuse, 85 spam_drop=:spam_drop,enabled=:enabled 86 WHERE user_id=:user_id 87 AND domain_id=:domain_id AND type='alias'"; 88 $sth = $dbh->prepare($query); 89 $success = $sth->execute(array( 90 ':localpart'=>$_POST['localpart'], 91 ':username'=>$_POST['localpart'].'@'.$_SESSION['domain'], 92 ':smtp'=>$aliasto, 93 ':pop'=>$aliasto, 94 ':realname'=>$_POST['realname'], 95 ':admin'=>$_POST['admin'], 96 ':on_avscan'=>$_POST['on_avscan'], 97 ':on_spamassassin'=>$_POST['on_spamassassin'], 98 ':sa_tag'=>(isset($_POST['sa_tag']) ? $_POST['sa_tag'] : $sa_tag), 99 ':sa_refuse'=>(isset($_POST['sa_refuse']) ? $_POST['sa_refuse'] : $sa_refuse), 100 ':spam_drop'=>(isset($_POST['spam_drop']) ? $_POST['spam_drop'] : 0), 101 ':enabled'=>$_POST['enabled'], 102 ':user_id'=>$_POST['user_id'], 103 ':domain_id'=>$_SESSION['domain_id'] 104 )); 105 if ($success) { 106 header ("Location: adminalias.php?updated={$_POST['localpart']}"); 107 } else { 108 header ("Location: adminalias.php?failupdated={$_POST['localpart']}"); 109 } 110?> 111