1<?php 2/********************************************************************* 3 banlist.php 4 5 List of banned email addresses 6 7 Peter Rotich <peter@osticket.com> 8 Copyright (c) 2006-2013 osTicket 9 http://www.osticket.com 10 11 Released under the GNU General Public License WITHOUT ANY WARRANTY. 12 See LICENSE.TXT for details. 13 14 vim: expandtab sw=4 ts=4 sts=4: 15**********************************************************************/ 16require('admin.inc.php'); 17include_once(INCLUDE_DIR.'class.banlist.php'); 18 19/* Get the system ban list filter */ 20if(!($filter=Banlist::getFilter())) 21 $warn = __('System ban list is empty.'); 22elseif(!$filter->isActive()) 23 // XXX: This should never happen and can no longer be enabled via 24 // this link 25 $warn = __('SYSTEM BAN LIST filter is <b>DISABLED</b>').' - <a href="filters.php">'.__('enable here').'</a>.'; 26 27$rule=null; //ban rule obj. 28if($filter && $_REQUEST['id'] && !($rule=$filter->getRule($_REQUEST['id']))) 29 $errors['err'] = sprintf(__('%s: Unknown or invalid ID.'), __('ban list')); 30 31if($_POST && !$errors && $filter){ 32 switch(strtolower($_POST['do'])){ 33 case 'update': 34 if(!$rule){ 35 $errors['err']=sprintf(__('%s: Unknown or invalid'), __('ban rule')); 36 }elseif(!$_POST['val'] || !Validator::is_email($_POST['val'])){ 37 $errors['err']=$errors['val']=__('Valid email address is required'); 38 }elseif(!$errors){ 39 $vars=array('what'=>'email', 40 'how'=>'equal', 41 'val'=>trim($_POST['val']), 42 'filter_id'=>$filter->getId(), 43 'isactive'=>$_POST['isactive'], 44 'notes'=>$_POST['notes']); 45 if($rule->update($vars,$errors)){ 46 $msg=sprintf(__('Successfully updated %s.'), Format::htmlchars($_POST['val'])); 47 }elseif(!$errors['err']){ 48 $errors['err'] = sprintf('%s %s', 49 sprintf(__('Unable to update %s.'), __('this ban rule')), 50 __('Correct any errors below and try again.')); 51 } 52 } 53 break; 54 case 'add': 55 if(!$filter) { 56 $errors['err']=sprintf(__('%s: Unknown or invalid'), __('ban list')); 57 }elseif(!$_POST['val'] || !Validator::is_email($_POST['val'])) { 58 $errors['err']=$errors['val']=__('Valid email address is required'); 59 }elseif(BanList::includes(trim($_POST['val']))) { 60 $errors['err']=$errors['val']=__('Email already in the ban list'); 61 }elseif($filter->addRule('email','equal',trim($_POST['val']),array('isactive'=>$_POST['isactive'],'notes'=>$_POST['notes']))) { 62 $msg=__('Email address added to ban list successfully'); 63 $_REQUEST['a']=null; 64 //Add filter rule here. 65 }elseif(!$errors['err']){ 66 $errors['err']=sprintf('%s %s', sprintf(__('Error creating %s.'), __('ban rule')), __('Please try again!')); 67 } 68 break; 69 case 'mass_process': 70 if(!$_POST['ids'] || !is_array($_POST['ids']) || !count($_POST['ids'])) { 71 $errors['err'] = sprintf(__('You must select at least %s to process.'), 72 __('one email')); 73 } else { 74 $count=count($_POST['ids']); 75 switch(strtolower($_POST['a'])) { 76 case 'enable': 77 $sql='UPDATE '.FILTER_RULE_TABLE.' SET isactive=1 ' 78 .' WHERE filter_id='.db_input($filter->getId()) 79 .' AND id IN ('.implode(',', db_input($_POST['ids'])).')'; 80 if(db_query($sql) && ($num=db_affected_rows())){ 81 if($num==$count) 82 $msg = sprintf(__('Successfully enabled %s'), 83 _N('selected ban rule', 'selected ban rules', $count)); 84 else 85 $warn = sprintf(__('%1$d of %2$d %3$s enabled'), $num, $count, 86 _N('selected ban rule', 'selected ban rules', $count)); 87 } else { 88 $errors['err'] = sprintf(__('Unable to enable %s'), 89 _N('selected ban rule', 'selected ban rules', $count)); 90 } 91 break; 92 case 'disable': 93 $sql='UPDATE '.FILTER_RULE_TABLE.' SET isactive=0 ' 94 .' WHERE filter_id='.db_input($filter->getId()) 95 .' AND id IN ('.implode(',', db_input($_POST['ids'])).')'; 96 if(db_query($sql) && ($num=db_affected_rows())) { 97 if($num==$count) 98 $msg = sprintf(__('Successfully disabled %s'), 99 _N('selected ban rule', 'selected ban rules', $count)); 100 else 101 $warn = sprintf(__('%1$d of %2$d %3$s disabled'), $num, $count, 102 _N('selected ban rule', 'selected ban rules', $count)); 103 } else { 104 $errors['err'] = sprintf(__('Unable to disable %s'), 105 _N('selected ban rule', 'selected ban rules', $count)); 106 } 107 break; 108 case 'delete': 109 $i=0; 110 foreach($_POST['ids'] as $k=>$v) { 111 if(($r=FilterRule::lookup($v)) && $r->getFilterId()==$filter->getId() && $r->delete()) 112 $i++; 113 } 114 if($i && $i==$count) 115 $msg = sprintf(__('Successfully deleted %s.'), 116 _N('selected ban rule', 'selected ban rules', $count)); 117 elseif($i>0) 118 $warn = sprintf(__('%1$d of %2$d %3$s deleted'), $i, $count, 119 _N('selected ban rule', 'selected ban rules', $count)); 120 elseif(!$errors['err']) 121 $errors['err'] = sprintf(__('Unable to delete %s.'), 122 _N('selected ban rule', 'selected ban rules', $count)); 123 124 break; 125 default: 126 $errors['err'] = sprintf('%s - %s', __('Unknown action'), __('Get technical help!')); 127 } 128 } 129 break; 130 default: 131 $errors['err']=__('Unknown action'); 132 break; 133 } 134} 135 136$page='banlist.inc.php'; 137$tip_namespace = 'emails.banlist'; 138if(!$filter || ($rule || ($_REQUEST['a'] && !strcasecmp($_REQUEST['a'],'add')))) { 139 $page='banrule.inc.php'; 140} 141 142$nav->setTabActive('emails'); 143$ost->addExtraHeader('<meta name="tip-namespace" content="' . $tip_namespace . '" />', 144 "$('#content').data('tipNamespace', '".$tip_namespace."');"); 145require(STAFFINC_DIR.'header.inc.php'); 146require(STAFFINC_DIR.$page); 147include(STAFFINC_DIR.'footer.inc.php'); 148?> 149