This commit has been accessed 594 times via Git panel.
commit 2f5d4854ebc77a9c0203504c693455414738e613
tree eefd8fe2b6b3a83cf51ee9e83f390ade84003805
parent 8e2ba22bb1eb9e3da108cbcbe854066b068934fc
author Engels Antonio <engels@majcms.org> 1320981141 +0800
committer Engels Antonio <engels@majcms.org> 1320981141 +0800
Add file attach list
diff --git a/core.php b/core.php
index a663636..25ae794 100644
--- a/core.php
+++ b/core.php
@@ -17,6 +17,10 @@ error_reporting(E_ERROR);
session_start();
+if ($_SESSION['logged_lvl'] == "subscriber") {
+ $fileUsr = sha1($_SESSION['logged_uid']);
+}
+
if (isset($_POST['mbox_min']) and !empty($_POST['mbox_min']) and is_numeric($_POST['mbox_min'])) {
$mbox_min = $_POST['mbox_min'];
}
@@ -61,8 +65,6 @@ function time_elapsed_string($ptime) {
function HumanReadableFilesize($size) {
- // Adapted from: http://www.php.net/manual/en/function.filesize.php
-
$mod = 1024;
$units = explode(' ','B KB MB GB TB PB');
@@ -124,15 +126,15 @@ function get_part($stream, $msg_number, $mime_type, $structure = false, $part_nu
if ($data) {
return $data;
}
- } // END OF WHILE
- } // END OF MULTIPART
- } // END OF STRUTURE
+ }
+ }
+ }
return false;
-} // END OF FUNCTION
+}
function extract_emails_from($string){
- preg_match_all("/[\._a-zA-Z0-9-]+@[\._a-zA-Z0-9-]+/i", $string, $matches);
- return $matches[0];
+ preg_match_all("/[\._a-zA-Z0-9-]+@[\._a-zA-Z0-9-]+/i", $string, $matches);
+ return $matches[0];
}
function return_bytes($val) {
@@ -150,8 +152,8 @@ function return_bytes($val) {
break;
default:
return $val;
- } //switch ($last)
-} //function return_bytes($val)
+ }
+}
$server_upload_max_filesize = return_bytes(ini_get('upload_max_filesize'));
$server_post_max_size = return_bytes(ini_get('post_max_size'));
@@ -182,4 +184,17 @@ function header_mime2text ($header) {
return ($header_text);
}
+function is_image($path) {
+
+ $a = getimagesize($path);
+ $image_type = $a[2];
+
+ if (in_array($image_type, array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG , IMAGETYPE_BMP))) {
+
+ return true;
+ }
+
+ return false;
+}
+
?>
diff --git a/filedrop.php b/filedrop.php
index 51372e2..363483f 100644
--- a/filedrop.php
+++ b/filedrop.php
@@ -6,8 +6,6 @@ if (!isset($_SESSION['logged_uid']) or !isset($_SESSION['logged_lvl']) or !isset
exit;
}
-echo "<img src=\"images/ajax-loader.gif\" class=\"loader\">";
-
if (isset($_FILES['filedrop_obj']) and !empty($_FILES['filedrop_obj']) and isset($_POST['filedrop_box']) and !empty($_POST['filedrop_box'])) {
if (is_uploaded_file($_FILES['filedrop_obj']['tmp_name'])) {
@@ -18,13 +16,13 @@ if (isset($_FILES['filedrop_obj']) and !empty($_FILES['filedrop_obj']) and isset
$filedrop_nom = str_replace(" ", "_", $_FILES['filedrop_obj']['name']);
- if (!file_exists(".tmp/$filedrop_box")) {
- mkdir(".tmp/$filedrop_box",0700,1);
+ if (!file_exists("attach/i/$fileUsr/$filedrop_box")) {
+ mkdir("attach/i/$fileUsr/$filedrop_box",0700,1);
}
- if (!file_exists(".tmp/$filedrop_box/$filedrop_nom")) {
+ if (!file_exists("attach/i/$fileUsr/$filedrop_box/$filedrop_nom")) {
- $res = copy($_FILES['filedrop_obj']['tmp_name'], ".tmp/$filedrop_box/$filedrop_nom");
+ $res = copy($_FILES['filedrop_obj']['tmp_name'], "attach/i/$fileUsr/$filedrop_box/$filedrop_nom");
unlink($_FILES['filedrop_obj']['tmp_name']);
echo "<script>alert(\"{$_FILES['filedrop_obj']['name']} saved as $filedrop_nom\");</script>";
}
@@ -42,6 +40,60 @@ if (isset($_FILES['filedrop_obj']) and !empty($_FILES['filedrop_obj']) and isset
}
}
+if (file_exists("attach/i/$fileUsr/$filedrop_box")) {
+
+ $fileAttachments = glob("attach/i/$fileUsr/$filedrop_box/*");
+
+ if (count($fileAttachments) > 0) {
+
+ if (file_exists("css.php")) {
+
+ $css = file_get_contents("css.php");
+ $css = str_replace("<style>","",$css);
+ $css = str_replace("</style>","",$css);
+
+ echo "<style>\r\n$css</style>\r\n\r\n";
+ }
+
+ echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\">";
+
+ foreach ($fileAttachments as $fileAttachment) {
+
+ $fileName = str_replace("attach/i/$fileUsr/$filedrop_box/","",$fileAttachment);
+
+ $fileSize = filesize($fileAttachment);
+ $fileSize = HumanReadableFilesize($fileSize);
+
+ if (is_image($fileAttachment)) {
+
+ $img_size = getimagesize($fileAttachment);
+
+ $imgSize = "";
+
+ if (($img_size[0] > 0) and ($img_size[1] > 0)) {
+
+ $imgSize = ", {$img_size[0]}x{$img_size[1]} pixels";
+
+ if ($img_size[bits] > 0) {
+
+ $imgSize = "$imgSize, {$img_size[bits]}-bit image";
+ }
+ }
+
+ echo "\r\n<tr><td><a href=\"$fileAttachment\" target=\"_blank\"><img src=\"images/file.png\" border=\"0\" width=\"36\" height=\"36\"></a></td><td><a href=\"$fileAttachment\" target=\"_blank\">$fileName</a><br>$fileSize{$imgSize}</td></tr>\r\n";
+ }
+ else {
+ echo "\r\n<tr><td><a href=\"$fileAttachment\"><img src=\"images/file.png\" border=\"0\" width=\"36\" height=\"36\"></a></td><td><a href=\"$fileAttachment\">$fileName</a><br>$fileSize</td></tr>\r\n";
+ }
+ }
+
+ echo "</table>";
+ }
+
+$_SESSION['clean_up_i'] = $filedrop_box;
+
+}
+
?>
<script>
diff --git a/index.php b/index.php
index 5870843..30de31b 100644
--- a/index.php
+++ b/index.php
@@ -149,6 +149,29 @@ if ($pw_put == $pw_get) {
unset($pw_mbox);
+ if ($_SESSION['logged_lvl'] == "subscriber") {
+
+ if (isset($_SESSION['clean_up_i']) and file_exists("attach/i/$fileUsr/{$_SESSION['clean_up_i']}") and (!isset($_POST['filedrop_box']) or empty($_POST['filedrop_box']))) {
+
+ rmdirr("attach/i/$fileUsr/{$_SESSION['clean_up_i']}");
+ unset($_SESSION['clean_up_i']);
+
+ if (count(glob("attach/i/$fileUsr/*")) == 0) {
+ rmdirr("attach/i/$fileUsr");
+ }
+ }
+
+ if (isset($_SESSION['clean_up_o']) and file_exists("attach/o/$fileUsr/{$_SESSION['clean_up_o']}")) {
+
+ rmdirr("attach/o/$fileUsr/{$_SESSION['clean_up_o']}");
+ unset($_SESSION['clean_up_o']);
+
+ if (count(glob("attach/o/$fileUsr/*")) == 0) {
+ rmdirr("attach/o/$fileUsr");
+ }
+ }
+ }
+
if (isset($_GET['do']) and ($_GET['do'] == "logout")) {
$_SESSION = array();
session_destroy();
@@ -178,6 +201,8 @@ if (!isset($_SESSION['logged_uid']) and (($pw_put != $pw_get) or !isset($_POST['
echo "</center></div>";
+ echo "<iframe name=\"preload\" src=\"preload.php\" frameborder=\"0\" scrolling=\"0\" width=\"0\" height=\"0\"></iframe>";
+
exit;
}
@@ -192,13 +217,6 @@ if (isset($_SESSION['logged_uid'])) {
if ($_SESSION['logged_lvl'] == "subscriber") {
- $fileUsr = sha1($_SESSION['logged_uid']);
-
- if (isset($_SESSION['clean_up']) and file_exists("attach/$fileUsr/{$_SESSION['clean_up']}")) {
- rmdirr("attach/$fileUsr/{$_SESSION['clean_up']}");
- unset($_SESSION['clean_up']);
- }
-
$usr_query = mysql_query("select * from users where id='{$_SESSION['logged_uid']}'");
$usr_data = mysql_fetch_row($usr_query);
@@ -798,48 +816,37 @@ if (isset($_SESSION['logged_uid'])) {
$do_filedrop_box = $_POST['filedrop_box'];
- if (file_exists(".tmp/$do_filedrop_box") and (count(glob(".tmp/$do_filedrop_dir/$do_filedrop_box/*")) > 0)) {
+ if (file_exists("attach/i/$fileUsr/$do_filedrop_box") and (count(glob("attach/i/$fileUsr/$do_filedrop_box/*")) > 0)) {
-$mime_boundary = md5(microtime(true));
-
-$reply_headers .= "\r\nMIME-Version: 1.0";
-$reply_headers .= "\r\nContent-Type: multipart/mixed; boundary=\"{$mime_boundary}\"";
-$reply_body = "\r\nThis is a multi-part message in MIME format.\r\n\r\n--{$mime_boundary}\r\nContent-type: text/plain; charset=UTF-8\r\nContent-Transfer-Encoding: 8bit\r\n{$reply_body}";
+ $mime_boundary = md5(microtime(true));
+ $reply_headers .= "\r\nMIME-Version: 1.0";
+ $reply_headers .= "\r\nContent-Type: multipart/mixed; boundary=\"{$mime_boundary}\"";
+
+ $reply_body = "\r\nThis is a multi-part message in MIME format.\r\n\r\n--{$mime_boundary}\r\nContent-type: text/plain; charset=UTF-8\r\nContent-Transfer-Encoding: 8bit\r\n\r\n{$reply_body}";
$do_reply_from = extract_emails_from($reply_from);
$do_reply_to = extract_emails_from($reply_to);
- if (!file_exists("filedrop")) {
- mkdir("filedrop",0700);
- }
-
- rename(".tmp/$do_filedrop_box","filedrop/$filedrop_box");
-
- $do_filedrop_msg = glob("filedrop/$filedrop_box/*");
+ $do_filedrop_msg = glob("attach/i/$fileUsr/$do_filedrop_box/*");
sort($do_filedrop_msg);
reset($do_filedrop_msg);
-/*
- foreach ($do_filedrop_msg as $do_filedrop_put) {
-
- $do_filedrop_nom = str_replace("filedrop/$filedrop_box/","",$do_filedrop_put);
-
- $reply_body = $reply_body . "\r\n\r\n$do_filedrop_nom (" . HumanReadableFilesize(filesize($do_filedrop_put)) . ")\r\n" . "http://" . $_SERVER['SERVER_NAME'] . "/$do_filedrop_put";
- }
-*/
-
foreach ($do_filedrop_msg as $do_filedrop_put) {
- $do_filedrop_nom = str_replace("filedrop/$filedrop_box/","",$do_filedrop_put);
+ $do_filedrop_nom = str_replace("attach/i/$fileUsr/$do_filedrop_box/","",$do_filedrop_put);
$reply_body = $reply_body . "\r\n\r\n--{$mime_boundary}\r\nContent-Type: application/octet-stream; name=\"$do_filedrop_nom\"\r\nContent-Disposition: attachment; filename=\"$do_filedrop_nom\"\r\nContent-Transfer-Encoding: base64\r\n\r\n" . chunk_split(base64_encode(file_get_contents($do_filedrop_put)));
}
$reply_body = $reply_body . "--{$mime_boundary}--";
- rmdirr("filedrop/$filedrop_box");
+ rmdirr("attach/i/$fileUsr/$do_filedrop_box");
+
+ if (count(glob("attach/i/$fileUsr/*")) == 0) {
+ rmdirr("attach/i/$fileUsr");
+ }
}
}
diff --git a/pgsql.php b/pgsql.php
deleted file mode 100644
index 5d2e561..0000000
--- a/pgsql.php
+++ /dev/null
@@ -1,854 +0,0 @@
-<?php
-
-/* modify the values of $db_host, $db_name, $db_user, $db_pass, and $mail_root for basic configuration */
-
-$db_host = "localhost";
-$db_port = "5432";
-$db_name = "kartero";
-$db_user = "postgres";
-$db_pass = "password";
-
-$mail_root = "/var/www/html/mailroot";
-
-/* feel free to hack the succeeding code to suit your needs (basic php and mysql skills required) */
-
-session_start();
-
-function rmdirr($recurse_dirname) {
-
- if (!file_exists($recurse_dirname)) {
- return false;
- }
-
- if (is_file($recurse_dirname)) {
- return unlink($recurse_dirname);
- }
-
- $recurse_dir = dir($recurse_dirname);
-
- while (false !== $recurse_entry = $recurse_dir->read()) {
-
- if ($recurse_entry == '.' || $recurse_entry == '..') {
- continue;
- }
-
- rmdirr("$recurse_dirname/$recurse_entry");
- }
-
- $recurse_dir->close();
- return rmdir($recurse_dirname);
-}
-
-function ack($ack_string) {
- echo "<table width=\"100%\"><tr></td><div class=\"ack\">$ack_string</div></td></tr></table>";
-}
-
-function nak($nak_string) {
- echo "<table width=\"100%\"><tr></td><div class=\"nak\">$nak_string</div></td></tr></table>";
-}
-
-if (file_exists("css.php")) {
-
- $css = file_get_contents("css.php");
- $css = str_replace("<style>","",$css);
- $css = str_replace("</style>","",$css);
-
- echo "<style>\r\n$css</style>\r\n\r\n";
-}
-
-if (!file_exists("$mail_root")) {
-
- $mail_dirs = explode("/",$mail_root);
-
- foreach ($mail_dirs as $mail_dir) {
-
- if (!empty($mail_dir)) {
- $mail_mkdir = $mail_mkdir . "/" . $mail_dir;
- mkdir("$mail_mkdir");
- }
- }
-
- if (!file_exists("$mail_root")) {
- nak("Can't create '$mail_root' (check filesystem permissions or change '$mail_root' and try again)");
- exit();
- }
-}
-
-$db_link = pg_pconnect("host=$db_host port=$db_port user=$db_user password=$db_pass dbname=$db_name");
-
-if (!$db_link) {
- nak(pg_last_error());
- exit;
-}
-
-$pw_crypt = crypt("password");
-//$db_query = pg_query($db_link,"create database $db_name");
-//$db_query = pg_query($db_link,"use $db_name");
-$db_query = pg_query($db_link,"create table admins (id varchar(16) not null, pw varchar(64) not null, primary key (id), unique key (id))");
-$db_query = pg_query($db_link,"create table domains (id varchar(128) not null, pw varchar(64) not null, max int(6) default '0', mode int(1) default '1', primary key (id), unique key (id), key id_2 (id))");
-$db_query = pg_query($db_link,"create table users (id varchar(255) not null, pw varchar(64) not null, maildir varchar(255) not null, name varchar(128), domain varchar(128), mode int(1) default '1', host varchar(255), primary key (id), unique key(id), key id_2 (id))");
-$db_query = pg_query($db_link,"create table aliases (id varchar(255) not null, alias varchar(255) not null, domain varchar(128), mode int(1) default '1', primary key (id), unique key (id), key id_2 (id))");
-$db_query = pg_query($db_link,"insert into admins values('root','$pw_crypt')");
-
-$id_put = trim($_POST['id']);
-
-if (get_magic_quotes_gpc()) {
- $id_put = stripslashes($id_put);
-}
-
-if (!is_int($value)) {
- $id_put = pg_escape_string($id_put);
-}
-
-$id_put = strip_tags($id_put);
-
-$lvl_put = strip_tags($_POST['lvl']);
-
-if ($lvl_put == "subscriber") {
- $pw_get = pg_query($db_link,"select pw from users where id='$id_put'");
-}
-
-if ($lvl_put == "postmaster") {
- $pw_get = pg_query($db_link,"select pw from domains where id='$id_put'");
-}
-
-if ($lvl_put == "administrator") {
- $pw_get = pg_query($db_link,"select pw from admins where id='$id_put'");
-}
-
-$pw_get = pg_fetch_row($pw_get);
-$pw_get = $pw_get[0];
-
-$pw_put = $_POST['pw'];
-
-if (get_magic_quotes_gpc()) {
- $pw_put = stripslashes($pw_put);
-}
-
-if (!is_int($value)) {
- $pw_put = pg_escape_string($pw_put);
-}
-
-$pw_put = strip_tags($pw_put);
-$pw_put = crypt($pw_put,$pw_get);
-
-if ($pw_put == $pw_get) {
- $_SESSION['logged_uid'] = $id_put;
- $_SESSION['logged_lvl'] = $lvl_put;
-}
-
-if (isset($_GET['do']) and ($_GET['do'] == "logout")) {
- $_SESSION = array();
- session_destroy();
- header("Location: .");
- exit;
-}
-
-/* logo here? */
-
-if (!isset($_SESSION['logged_uid']) and (($pw_put != $pw_get) or !isset($_POST['id']) or !isset($_POST['pw']) or empty($_POST['id']) or empty($_POST['pw']))) {
- echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\">";
- echo "<form method=\"post\">";
- echo "<tr bgcolor=\"#ffffff\"><td width=\"150\"><select class=\"input\" name=\"lvl\"><option value=\"subscriber\">subscriber</option><option value=\"postmaster\">postmaster</option><option value=\"administrator\">administrator</option></select></td></tr>";
- echo "<tr bgcolor=\"#ffffff\"><td width=\"150\"><input class=\"input\" type=\"text\" name=\"id\" autocomplete=\"off\" maxlength=\"128\"></td></tr>";
- echo "<tr bgcolor=\"#ffffff\"><td width=\"150\"><input class=\"input\" type=\"password\" name=\"pw\" autocomplete=\"off\" maxlength=\"64\"></td></tr>";
- echo "<tr bgcolor=\"#ffffff\"><td width=\"150\"><input class=\"input\" type=\"submit\" value=\"login\"></td></tr>";
- echo "</form>";
- echo "</table>";
- exit;
-}
-
-if (isset($_SESSION['logged_uid'])) {
-
- echo "<p><nobr>You are currently logged in to your {$_SESSION['logged_uid']} {$_SESSION['logged_lvl']} account. Click <a href=\"?do=logout\">here</a> to logout.</nobr></p>";
-
- echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">";
- echo "<tr><td colspan=\"3\" valign=\"top\">";
-
- if ($_SESSION['logged_lvl'] == "subscriber") {
-
- $usr_query = pg_query($db_link,"select * from users where id='{$_SESSION['logged_uid']}'");
- $usr_data = pg_fetch_row($usr_query);
-
- $dom_query = pg_query($db_link,"select mode from domains where id='{$usr_data[4]}'");
- $dom_data = pg_fetch_row($dom_query);
-
- if ($dom_data[0] == 0) {
- nak("{$usr_data[4]} disabled by admin - new settings will take effect once it is re-enabled");
- }
-
- if ($usr_data[5] == 0) {
- nak("{$_SESSION['logged_uid']} disabled by postmaster - new settings will take effect once it is re-enabled");
- }
-
- $usr_name = $usr_data[3];
-
- if (isset($_POST['usr_name']) and !empty($_POST['usr_name'])) {
-
- $usr_name = trim($_POST['usr_name']);
- $usr_name = ucwords($usr_name);
-
- if ($usr_name != $usr_data[3]) {
-
- $usr_query = pg_query($db_link,"update users set name='$usr_name' where id='{$_SESSION['logged_uid']}'");
-
- if (!usr_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("name changed");
- }
- }
- else {
- $usr_name = $usr_data[3];
- }
- }
-
- $usr_pw0 = $usr_data[1];
-
- if (isset($_POST['usr_pw1']) and !empty($_POST['usr_pw1']) and isset($_POST['usr_pw2']) and !empty($_POST['usr_pw2']) and isset($_POST['usr_pw3']) and !empty($_POST['usr_pw3'])) {
-
- $usr_pw1 = trim($_POST['usr_pw1']);
- $usr_pw2 = trim($_POST['usr_pw2']);
- $usr_pw3 = trim($_POST['usr_pw3']);
-
- if ($usr_pw0 == crypt($usr_pw1,$usr_pw0)) {
-
- if ($usr_pw2 == $usr_pw3) {
-
- $usr_pw = crypt($usr_pw2);
-
- $usr_query = pg_query($db_link,"update users set pw='$usr_pw' where id='{$_SESSION['logged_uid']}'");
-
- if (!usr_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("password changed");
- }
- }
- else {
- nak("new passwords do not match");
- }
- }
- else {
- nak("current password entered is incorrect");
- }
- }
- }
-
- if ($_SESSION['logged_lvl'] == "postmaster") {
-
- $dom_query = pg_query($db_link,"select mode from domains where id='{$_SESSION['logged_uid']}'");
- $dom_query = pg_fetch_row($dom_query);
-
- if ($dom_query[0] == "0") {
- nak("{$_SESSION['logged_uid']} disabled by admin - new settings will take effect once it is re-enabled");
- }
-
- if (isset($_POST['pm_id']) and isset($_POST['pm_name']) and isset($_POST['pm_pw']) and !empty($_POST['pm_id']) and !empty($_POST['pm_name']) and !empty($_POST['pm_pw'])) {
-
- $pm_id = trim($_POST['pm_id']);
- $pm_id = strtolower($pm_id);
-
- if (preg_match("/@/",$pm_id)) {
- $pm_id = substr($pm_id,0,strpos($pm_id,"@"));
- }
-
- $pm_addr = $pm_id . "@" . $_SESSION['logged_uid'];
-
- $alias_query = pg_query($db_link,"select id from aliases where id='$pm_addr'");
-
- if (pg_fetch_row($alias_query) > 0) {
- nak("$pm_addr alias exists");
- }
- else {
- $pm_name = trim($_POST['pm_name']);
- $pm_name = ucwords($pm_name);
-
- $pm_pw = trim($_POST['pm_pw']);
- $pm_pw = crypt($pm_pw);
-
- $pm_init = substr($pm_id,0,1);
-
- $pm_maildir = "{$_SESSION['logged_uid']}/$pm_init/$pm_id";
-
- $pm_host = trim($_POST['pm_host']);
- $pm_host = strtolower($pm_host);
-
- $pm_query = pg_query($db_link,"insert into users values('$pm_addr','$pm_pw','$pm_maildir/','$pm_name','{$_SESSION['logged_uid']}','1','$pm_host')");
-
- if (!$pm_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- if (!file_exists("$mail_root/{$_SESSION['logged_uid']}")) {
- mkdir("$mail_root/{$_SESSION['logged_uid']}");
- }
-
- if (!file_exists("$mail_root/{$_SESSION['logged_uid']}/$pm_init")) {
- mkdir("$mail_root/{$_SESSION['logged_uid']}/$pm_init");
- }
-
- if (!file_exists("$mail_root/$pm_maildir")) {
- mkdir("$mail_root/$pm_maildir");
- }
-
- if (!file_exists("$mail_root/$pm_maildir/cur")) {
- mkdir("$mail_root/$pm_maildir/cur");
- }
-
- if (!file_exists("$mail_root/$pm_maildir/new")) {
- mkdir("$mail_root/$pm_maildir/new");
- }
-
- if (!file_exists("$mail_root/$pm_maildir/tmp")) {
- mkdir("$mail_root/$pm_maildir/tmp");
- }
-
- ack("$pm_addr added");
- }
- }
- }
-
- if (isset($_POST['pm_mod']) and !empty($_POST['pm_mod'])) {
-
- $pm_mod = trim($_POST['pm_mod']);
-
- if (isset($_POST['pm_name']) and !empty($_POST['pm_name'])) {
-
- $pm_name = trim($_POST['pm_name']);
- $pm_name = ucwords($pm_name);
-
- $pm_query = pg_query($db_link,"select name from users where id='$pm_mod'");
-
- $name_get = pg_fetch_row($pm_query);
-
- if ($name_get[0] != $pm_name) {
-
- $pm_query = pg_query($db_link,"update users set name='$pm_name' where id='$pm_mod'");
-
- if (!$pm_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$pm_mod complete name updated");
- }
- }
- }
-
- if (isset($_POST['pm_pass']) and !empty($_POST['pm_pass'])) {
-
- $pm_pass = $_POST['pm_pass'];
- $pm_pass = crypt($pm_pass);
-
- $pm_query = pg_query($db_link,"update users set pw='$pm_pass' where id='$pm_mod'");
-
- if (!$pm_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$pm_mod password updated");
- }
- }
-
- if (isset($_POST['pm_host'])) {
-
- $pm_host = trim($_POST['pm_host']);
- $pm_host = strtolower($pm_host);
-
- $pm_query = pg_query($db_link,"select host from users where id='$pm_mod'");
-
- $host_get = pg_fetch_row($pm_query);
-
- if ($host_get[0] != $pm_host) {
-
- $pm_query = pg_query($db_link,"update users set host='$pm_host' where id='$pm_mod'");
-
- if (!$pm_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$pm_mod delivery host updated");
- }
- }
- }
- }
-
- if (isset($_POST['pm_set']) and !empty($_POST['pm_set']) and isset($_POST['pm_do']) and !empty($_POST['pm_do'])) {
-
- $pm_set = trim($_POST['pm_set']);
- $pm_do = trim($_POST['pm_do']);
-
- if ($pm_do == "disable") {
- $pm_do = "0";
- }
-
- if ($pm_do == "enable") {
- $pm_do = "1";
- }
-
- $pm_query = pg_query($db_link,"update aliases set mode='$pm_do' where alias='$pm_set'");
- $pm_query = pg_query($db_link,"update users set mode='$pm_do' where id='$pm_set'");
-
- if (!$pm_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
-
- $pm_query = pg_query($db_link,"select alias from aliases where alias='$pm_set'");
- $pm_aka = pg_num_rows($pm_query);
-
- if ($pm_do == "0") {
-
- if ($pm_aka > 0) {
-
- if ($pm_aka < 2) {
- ack("$pm_set account and 1 alias disabled");
- }
- else {
- ack("$pm_set account and $pm_aka aliases disabled");
- }
- }
- else {
- ack("$pm_set account disabled");
- }
- }
-
- if ($pm_do == "1") {
-
- if (pg_fetch_row($pm_query) > 0) {
-
- if ($pm_aka < 2) {
- ack("$pm_set account and 1 alias enabled");
- }
- else {
- ack("$pm_set account and $pm_aka aliases enabled");
- }
- }
- else {
- ack("$pm_set account enabled");
- }
- }
- }
- }
-
- if (isset($_POST['pm_del']) and !empty($_POST['pm_del'])) {
-
- $pm_del = trim($_POST['pm_del']);
-
- $pm_query = pg_query($db_link,"delete from aliases where alias='$pm_del'");
- $pm_query = pg_query($db_link,"delete from users where id='$pm_del'");
-
- if (!$pm_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- $pm_init = substr($pm_del,0,1);
- $pm_box = substr($pm_del,0,strpos($pm_del,"@"));
-
- if (file_exists("$mail_root/{$_SESSION['logged_uid']}/$pm_init/$pm_box")) {
- rmdirr("$mail_root/{$_SESSION['logged_uid']}/$pm_init/$pm_box");
- }
-
- if (count(glob("$mail_root/{$_SESSION['logged_uid']}/$pm_init/*")) < 1) {
- rmdir("$mail_root/{$_SESSION['logged_uid']}/$pm_init");
- }
-
- ack("$pm_del deleted");
- }
- }
-
- if (isset($_POST['alias_add']) and !empty($_POST['alias_add']) and isset($_POST['alias_to']) and !empty($_POST['alias_to'])) {
-
- $alias_add = trim($_POST['alias_add']);
-
- if (preg_match("/@/",$alias_add)) {
- $alias_add = substr($alias_add,0,strpos($alias_add,"@"));
- }
-
- $alias_add = "$alias_add@{$_SESSION['logged_uid']}";
-
- $alias_to = trim($_POST['alias_to']);
-
- $alias_query = pg_query($db_link,"select id from users where id='$alias_add'");
-
- if (pg_num_rows($alias_query) > 0) {
- nak("$alias_add account exists");
- }
- else {
- if (!preg_match("/@/",$alias_to) or preg_match("/@{$_SESSION['logged_uid']}/",$alias_to)) {
-
- if (preg_match("/@{$_SESSION['logged_uid']}/",$alias_to)) {
- $alias_to = substr($alias_to,0,strpos($alias_to,"@"));
- }
-
- $alias_to = "$alias_to@{$_SESSION['logged_uid']}";
-
- $alias_query = pg_query($db_link,"select id from users where id='$alias_to'");
-
- if (pg_num_rows($alias_query) < 1) {
- nak("$alias_to does not exist");
- }
- else {
- $alias_query = pg_query($db_link,"insert into aliases values('$alias_add','$alias_to','{$_SESSION['logged_uid']}','1')");
-
- if (!$alias_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$alias_add added");
- }
- }
- }
- else {
- $alias_query = pg_query($db_link,"insert into aliases values('$alias_add','$alias_to','{$_SESSION['logged_uid']}','1')");
-
- if (!$alias_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$alias_add added");
- }
- }
- }
- }
-
- if (isset($_POST['alias_mod']) and !empty($_POST['alias_mod']) and isset($_POST['alias_to']) and !empty($_POST['alias_to'])) {
-
- $alias_mod = trim($_POST['alias_mod']);
-
- $alias_to = trim($_POST['alias_to']);
-
- if (!preg_match("/@/",$alias_to) or preg_match("/@{$_SESSION['logged_uid']}/",$alias_to)) {
-
- if (preg_match("/@{$_SESSION['logged_uid']}/",$alias_to)) {
- $alias_to = substr($alias_to,0,strpos($alias_to,"@"));
- }
-
- $alias_to = "$alias_to@{$_SESSION['logged_uid']}";
-
- $alias_query = pg_query($db_link,"select id from users where id='$alias_to'");
-
- if (pg_num_rows($alias_query) < 1) {
- nak("$alias_to does not exist");
- }
- else {
- $alias_query = pg_query($db_link,"update aliases set alias='$alias_to' where id='$alias_mod'");
-
- if (!$alias_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$alias_mod updated");
- }
- }
- }
- else {
-
- $alias_query = pg_query($db_link,"update aliases set alias='$alias_to' where id='$alias_mod'");
-
- if (!$alias_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$alias_mod updated");
- }
- }
- }
-
- if (isset($_POST['alias_set']) and !empty($_POST['alias_set']) and isset($_POST['alias_do']) and !empty($_POST['alias_do'])) {
-
- $alias_set = trim($_POST['alias_set']);
- $alias_do = trim($_POST['alias_do']);
-
- if ($alias_do == "disable") {
- $alias_do = "0";
- $alias_query = pg_query($db_link,"update aliases set mode='$alias_do' where id='$alias_set'");
-
- if (!$alias_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$alias_set alias disabled");
- }
- }
-
- if ($alias_do == "enable") {
-
- $alias_query = pg_query($db_link,"select alias from aliases where id='$alias_set'");
- $alias_recipient = pg_fetch_row($alias_query);
- $alias_recipient = $alias_recipient[0];
-
- $usr_query = pg_query($db_link,"select mode from users where id='$alias_recipient'");
- $alias_recipient_mode = pg_fetch_row($usr_query);
- $alias_recipient_mode = $alias_recipient_mode[0];
-
- if ($alias_recipient_mode == "0") {
- nak("cannot enable $alias_set alias while $alias_recipient recipient account is disabled");
- }
- else {
- $alias_do = "1";
- $alias_query = pg_query($db_link,"update aliases set mode='$alias_do' where id='$alias_set'");
-
- if (!$alias_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$alias_set alias enabled");
- }
- }
- }
- }
-
- if (isset($_POST['alias_del']) and !empty($_POST['alias_del'])) {
-
- $alias_del = trim($_POST['alias_del']);
- $alias_query = pg_query($db_link,"delete from aliases where id='$alias_del'");
-
- if (!$alias_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$alias_del deleted");
- }
- }
- }
-
- if ($_SESSION['logged_lvl'] == "administrator") {
-
- if (isset($_POST['dom_name']) and isset($_POST['dom_pass']) and isset($_POST['dom_max']) and !empty($_POST['dom_name']) and !empty($_POST['dom_pass']) and is_numeric($_POST['dom_max'])) {
-
- $dom_name = trim($_POST['dom_name']);
-
- $dom_pass = trim($_POST['dom_pass']);
- $dom_pass = crypt($dom_pass);
-
- $dom_max = trim($_POST['dom_max']);
-
- $dom_query = pg_query($db_link,"insert into domains values('$dom_name','$dom_pass','$dom_max','1')");
-
- if (!$dom_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- if (!file_exists("$mail_root/$dom_name")) {
- mkdir("$mail_root/$dom_name");
- }
-
- ack("$dom_name added");
- }
- }
-
- if (isset($_POST['dom_mod']) and !empty($_POST['dom_mod'])) {
-
- $dom_mod = trim($_POST['dom_mod']);
-
- if (isset($_POST['dom_pass']) and !empty($_POST['dom_pass'])) {
-
- $dom_pass = $_POST['dom_pass'];
- $dom_pass = crypt($dom_pass);
-
- $dom_query = pg_query($db_link,"update domains set pw='$dom_pass' where id='$dom_mod'");
-
- if (!$dom_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$dom_mod postmaster password updated");
- }
- }
-
- if (isset($_POST['dom_max']) and is_numeric($_POST['dom_max'])) {
-
- $dom_max = $_POST['dom_max'];
-
- $dom_query = pg_query($db_link,"select max from domains where id='$dom_mod'");
-
- $max_get = pg_fetch_row($dom_query);
-
- if ($max_get[0] != $dom_max) {
-
- $dom_query = pg_query($db_link,"update domains set max='$dom_max' where id='$dom_mod'");
-
- if (!$dom_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$dom_mod account limit updated");
- }
- }
- }
- }
-
- if (isset($_POST['dom_set']) and !empty($_POST['dom_set']) and isset($_POST['dom_do']) and !empty($_POST['dom_do'])) {
-
- $dom_set = trim($_POST['dom_set']);
- $dom_do = trim($_POST['dom_do']);
-
- if ($dom_do == "disable") {
- $dom_do = "0";
- }
-
- if ($dom_do == "enable") {
- $dom_do = "1";
- }
-
- $dom_query = pg_query($db_link,"update domains set mode='$dom_do' where id='$dom_set'");
-
- if (!$dom_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- if ($dom_do == "0") {
- ack("$dom_set disabled");
- }
-
- if ($dom_do == "1") {
- ack("$dom_set enabled");
- }
- }
- }
-
- if (isset($_POST['dom_del']) and !empty($_POST['dom_del'])) {
-
- $dom_del = trim($_POST['dom_del']);
-
- $dom_query = pg_query($db_link,"delete from aliases where domain='$dom_del'");
- $dom_query = pg_query($db_link,"delete from users where domain='$dom_del'");
- $dom_query = pg_query($db_link,"delete from domains where id='$dom_del'");
-
- if (!$dom_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- if (file_exists("$mail_root/$dom_del")) {
- rmdirr("$mail_root/$dom_del");
- }
- ack("$dom_del deleted");
- }
- }
- }
-
- echo "</td></tr>";
-
- echo "<tr><td valign=\"top\">";
-
- if ($_SESSION['logged_lvl'] == "subscriber") {
-
- echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\">";
- echo "<form method=\"post\">";
- echo "<tr bgcolor=\"#ffffff\"><td align=\"center\" valign=\"middle\"><img src=\"images/user.png\" border=\"0\" width=\"16\" height=\"16\"></td><td><input class=\"input\" type=\"text\" name=\"usr_name\" value=\"$usr_name\" autocomplete=\"off\" maxlength=\"128\"></td></tr>";
- echo "<tr bgcolor=\"#ffffff\"><td align=\"center\" valign=\"middle\"><img src=\"images/pass.png\" border=\"0\" width=\"16\" height=\"16\"></td><td><input class=\"input\" type=\"password\" name=\"usr_pw1\" autocomplete=\"off\" maxlength=\"64\"></td></tr>";
- echo "<tr bgcolor=\"#ffffff\"><td align=\"center\" valign=\"middle\"><img src=\"images/pass.png\" border=\"0\" width=\"16\" height=\"16\"></td><td><input class=\"input\" type=\"password\" name=\"usr_pw2\" autocomplete=\"off\" maxlength=\"64\"></td></tr>";
- echo "<tr bgcolor=\"#ffffff\"><td align=\"center\" valign=\"middle\"><img src=\"images/pass.png\" border=\"0\" width=\"16\" height=\"16\"></td><td><input class=\"input\" type=\"password\" name=\"usr_pw3\" autocomplete=\"off\" maxlength=\"64\"></td></tr>";
- echo "<tr bgcolor=\"#ffffff\"><td align=\"center\" valign=\"middle\"></td><td><input class=\"input\" type=\"submit\" value=\"update\"></td></tr>";
- echo "</form>";
- echo "</table>";
- }
-
- if ($_SESSION['logged_lvl'] == "postmaster") {
-
- echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\">";
- echo "<tr bgcolor=\"#ffffff\"><td colspan=\"4\" align=\"center\"><b>status</b></td><td align=\"center\"><b>username</b></td><td align=\"center\"><b>complete name</b></td><td align=\"center\"><b>password</b></td><td align=\"center\"><b>host</b></td><td align=\"center\" colspan=\"2\"><b>action</b></td></tr>";
- echo "<form method=\"post\">";
- echo "<tr bgcolor=\"#ffffff\"><td align=\"center\">new</td><td align=\"center\">cur</td><td align=\"center\">aka</td><td align=\"center\">rcv</td><td><input class=\"input\" type=\"text\" name=\"pm_id\" autocomplete=\"off\" maxlength=\"255\"></td><td><input class=\"input\" type=\"text\" name=\"pm_name\" autocomplete=\"off\" maxlength=\"128\"></td><td><input class=\"input\" type=\"text\" name=\"pm_pw\" autocomplete=\"off\" maxlength=\"64\"></td><td><input class=\"input\" type=\"text\" name=\"pm_host\" autocomplete=\"off\" maxlength=\"255\"></td><td colspan=\"2\"><input class=\"input\" type=\"submit\" value=\"add\"></td></tr>";
- echo "</form>";
-
- $pm_get = pg_query($db_link,"select * from users where domain='{$_SESSION['logged_uid']}' order by id");
-
- while ($pm_row = pg_fetch_array($pm_get)) {
-
- if ($pm_row[5] == "1") {
- $pm_do = "disable";
- $pm_bg = "#ffffff";
- }
-
- if ($pm_row[5] == "0") {
- $pm_do = "enable";
- $pm_bg = "#eeeeee";
- }
-
- $msg_new = "$mail_root/{$_SESSION['logged_uid']}/" . substr($pm_row[0],0,1) . "/" . substr($pm_row[0],0,strpos($pm_row[0],"@")) . "/new/*";
- $msg_new = count(glob($msg_new));
-
- $msg_cur = "$mail_root/{$_SESSION['logged_uid']}/" . substr($pm_row[0],0,1) . "/" . substr($pm_row[0],0,strpos($pm_row[0],"@")) . "/cur/*";
- $msg_cur = count(glob($msg_cur));
-
- $pm_aka = pg_query($db_link,"select * from aliases where alias='{$pm_row[0]}'");
- $pm_aka = pg_num_rows($pm_aka);
-
- echo "<tr bgcolor=\"$pm_bg\"><td align=\"right\">$msg_new</td><td align=\"right\">$msg_cur</td><td align=\"right\">$pm_aka</td><form method=\"post\"><input type=\"hidden\" name=\"pm_set\" value=\"{$pm_row[0]}\"><input type=\"hidden\" name=\"pm_do\" value=\"$pm_do\"><td align=\"center\" valign=\"middle\" width=\"10\"><input type=\"image\" src=\"images/{$pm_do}.png\"></td></form><form method=\"post\"><input type=\"hidden\" name=\"pm_mod\" value=\"{$pm_row[0]}\"><td><b>{$pm_row[0]}</b></td><td><input class=\"input\" type=\"text\" name=\"pm_name\" maxlength=\"128\" autocomplete=\"off\" value=\"{$pm_row[3]}\"></td><td><input class=\"input\" type=\"text\" name=\"pm_pass\" maxlength=\"64\" autocomplete=\"off\"></td><td><input class=\"input\" type=\"text\" name=\"pm_host\" maxlength=\"255\" autocomplete=\"off\" value=\"{$pm_row[6]}\"></td><td><input class=\"input\" type=\"submit\" value=\"mod\"></td></form><form method=\"post\"><input type=\"hidden\" name=\"pm_del\" value=\"{$pm_row[0]}\"><td><input class=\"input\" type=\"submit\" value=\"del\" onclick=\"if (confirm('Do you really want to delete {$pm_row[0]} plus all messages and aliases associated with this account?')) {return true;} else {return false;}\"></td></form></tr>";
- }
-
- echo "</table>";
- }
-
- if ($_SESSION['logged_lvl'] == "administrator") {
-
- echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\">";
- echo "<tr bgcolor=\"#ffffff\"><td colspan=\"2\" align=\"center\"><b>status</b></td><td align=\"center\"><nobr><b>domain name</b></nobr></td><td align=\"center\"><nobr><b>account limit</b></nobr></td><td align=\"center\"><nobr><b>postmaster password</b></nobr></td><td align=\"center\" colspan=\"2\"><b>action</b></td></tr>";
- echo "<form method=\"post\"><tr bgcolor=\"#ffffff\"><td align=\"center\">usr</td><td align=\"center\">rcv</td><td align=\"center\"><input class=\"input\" type=\"text\" name=\"dom_name\" maxlength=\"128\" autocomplete=\"off\"></td><td align=\"center\"><input class=\"rinput\" type=\"text\" name=\"dom_max\" maxlength=\"6\" autocomplete=\"off\" value=\"0\"></td><td align=\"center\"><input class=\"input\" type=\"text\" name=\"dom_pass\" maxlength=\"64\" autocomplete=\"off\"></td><td align=\"center\" colspan=\"2\"><input class=\"input\" type=\"submit\" value=\"add\" autocomplete=\"off\"></td></tr></form>";
-
- $dom_get = pg_query($db_link,"select * from domains order by id");
-
- while ($dom_row = pg_fetch_array($dom_get)) {
-
- $dom_usr = pg_query($db_link,"select * from users where domain='{$dom_row[0]}'");
- $dom_usr = pg_num_rows($dom_usr);
-
- if ($dom_row[3] == "1") {
- $dom_do = "disable";
- $dom_bg = "#ffffff";
- }
-
- if ($dom_row[3] == "0") {
- $dom_do = "enable";
- $dom_bg = "#eeeeee";
- }
-
- echo "<tr bgcolor=\"$dom_bg\"><td align=\"right\">$dom_usr</td><form method=\"post\"><input type=\"hidden\" name=\"dom_set\" value=\"{$dom_row[0]}\"><input type=\"hidden\" name=\"dom_do\" value=\"$dom_do\"><td align=\"center\" valign=\"middle\" width=\"10\"><input type=\"image\" src=\"images/{$dom_do}.png\"></td></form><form method=\"post\"><input type=\"hidden\" name=\"dom_mod\" value=\"{$dom_row[0]}\"><td><b>{$dom_row[0]}</b></td><td><input class=\"rinput\" type=\"text\" name=\"dom_max\" maxlength=\"6\" autocomplete=\"off\" value=\"{$dom_row[2]}\"></td><td><input class=\"input\" type=\"text\" name=\"dom_pass\" maxlength=\"64\" autocomplete=\"off\"></td><td><input class=\"input\" type=\"submit\" value=\"mod\"></td></form><form method=\"post\"><input type=\"hidden\" name=\"dom_del\" value=\"{$dom_row[0]}\"><td><input class=\"input\" type=\"submit\" value=\"del\" onclick=\"if (confirm('Do you really want to delete {$dom_row[0]} plus all accounts and messages associated with this domain?')) {return true;} else {return false;}\"></td></form></tr>";
- }
-
- echo "</table>";
- }
-
- echo "</td>";
-
- if ($_SESSION['logged_lvl'] == "postmaster") {
-
- echo "<td width=\"10\"></td><td valign=\"top\">";
-
- echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\">";
- echo "<tr bgcolor=\"#ffffff\"><td align=\"center\"><b>alias</b></td><td align=\"center\"><b>recipient</b></td><td align=\"center\" colspan=\"3\"><b>action</b></td></tr>";
- echo "<form method=\"post\">";
- echo "<tr bgcolor=\"#ffffff\"><td><input class=\"input\" type=\"text\" name=\"alias_add\" autocomplete=\"off\" maxlength=\"255\"></td><td><input class=\"input\" type=\"text\" name=\"alias_to\" autocomplete=\"off\" maxlength=\"128\"></td><td colspan=\"3\"><input class=\"input\" type=\"submit\" value=\"add\"></td></tr>";
- echo "</form>";
-
- $get_aliases = pg_query($db_link,"select * from aliases where domain='{$_SESSION['logged_uid']}' order by id");
-
- while ($aliases_row = pg_fetch_array($get_aliases)) {
-
- if ($aliases_row[3] == "1") {
- $alias_do = "disable";
- $alias_bg = "#ffffff";
- }
-
- if ($aliases_row[3] == "0") {
- $alias_do = "enable";
- $alias_bg = "#eeeeee";
- }
-
- echo "<tr bgcolor=\"$alias_bg\"><form method=\"post\"><input type=\"hidden\" name=\"alias_mod\" value=\"{$aliases_row[0]}\"><td><b>{$aliases_row[0]}</b></td><td><input class=\"input\" type=\"text\" name=\"alias_to\" maxlength=\"255\" autocomplete=\"off\" value=\"{$aliases_row[1]}\"></td><td><input class=\"input\" type=\"submit\" value=\"mod\"></td></form><form method=\"post\"><input type=\"hidden\" name=\"alias_set\" value=\"{$aliases_row[0]}\"><input type=\"hidden\" name=\"alias_do\" value=\"$alias_do\"><td align=\"center\" valign=\"middle\" width=\"10\"><input type=\"image\" src=\"images/{$alias_do}.png\"></td></form><form method=\"post\"><input type=\"hidden\" name=\"alias_del\" value=\"{$aliases_row[0]}\"><td><input class=\"input\" type=\"submit\" value=\"del\" onclick=\"if (confirm('Do you really want to delete the {$aliases_row[0]} alias of {$aliases_row[1]}?')) {return true;} else {return false;}\"></td></form></tr>";
- }
-
- echo "</table>";
- }
-
- echo "</td></tr>";
- echo "</table>";
-}
-
-pg_close($db_link);
-
-?>
diff --git a/post.php b/post.php
index e8b2365..e00b2e4 100644
--- a/post.php
+++ b/post.php
@@ -68,8 +68,6 @@ if (isset($_POST['new']) and !empty($_POST['new']) and is_numeric($_POST['new'])
<div class="message">
-<iframe name="filedrop" src="filedrop.php" frameborder="0" scrolling="0" width="0" height="0"></iframe>
-
<table border="0" cellspacing="0" cellpadding="0">
<form name="filedrop_form" enctype="multipart/form-data" action="filedrop.php" method="post" target="filedrop" onsubmit="this.elements['filedrop_submit'].disabled = true;document.getElementById('filedrop_wait').innerHTML = '<img src=images/ajax-loader.gif border=0 width=16 height=16 hspace=5>';">
<tr><td>
@@ -87,3 +85,22 @@ if (isset($_POST['new']) and !empty($_POST['new']) and is_numeric($_POST['new'])
</table>
</div>
+
+<script>
+<!--
+function calcHeight(iframe_id)
+{
+ var iframe_height=document.getElementById(iframe_id).contentWindow.document.body.scrollHeight;
+
+ if (iframe_height<9)
+ {
+ document.getElementById(iframe_id).height=0;
+ }
+ else {
+ document.getElementById(iframe_id).height=iframe_height;
+ }
+}
+//-->
+</script>
+
+<iframe id="filedrop" onLoad="calcHeight('filedrop');" name="filedrop" src="filedrop.php" frameborder="0" scrolling="0" width="100%" height="0"></iframe>
diff --git a/preload.php b/preload.php
new file mode 100644
index 0000000..fe790d2
--- /dev/null
+++ b/preload.php
@@ -0,0 +1,20 @@
+<img src="images/ajax-loader.gif">
+<img src="images/attach.png">
+<img src="images/disable.png">
+<img src="images/enable.png">
+<img src="images/file.png">
+<img src="images/folder-close.png">
+<img src="images/folder-open.png">
+<img src="images/mail-forward.png">
+<img src="images/mail-new.png">
+<img src="images/mail-next.png">
+<img src="images/mail-prev.png">
+<img src="images/mail-read.png">
+<img src="images/mail-replied.png">
+<img src="images/mail-reply-all.png">
+<img src="images/mail-reply.png">
+<img src="images/mail-search.png">
+<img src="images/mail-unread.png">
+<img src="images/trashcan_empty.png">
+<img src="images/trashcan_full.png">
+<img src="images/trashcan_purge.png">
diff --git a/read.php b/read.php
index 8a41150..54bba45 100644
--- a/read.php
+++ b/read.php
@@ -280,16 +280,13 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
$msgBody = $dataHtml;
}
else {
- $msgBody = $dataTxt;
+ $msgBody = trim($dataTxt);
$msgBody = ereg_replace("\n","<br>",$msgBody);
$msgBody = preg_replace("/([^\w\/])(www\.[a-z0-9\-]+\.[a-z0-9\-]+)/i","$1http://$2",$msgBody);
$msgBody = preg_replace("/([\w]+:\/\/[\w-?&;#~=\.\/\@]+[\w\/])/i","<a target=\"_blank\" href=\"$1\">$1</a>",$msgBody);
$msgBody = preg_replace("/([\w-?&;#~=\.\/]+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,3}|[0-9]{1,3})(\]?))/i","<a href=\"mailto:$1\">$1</a>",$msgBody);
}
- //$msgBody = imap_utf8($msgBody);
- //$msgBody = utf8_decode($msgBody);
-
$msgBody = mb_convert_encoding($msgBody,"UTF-8","auto");
$msgBody = mb_convert_encoding($msgBody,"UTF-8","UTF-8");
@@ -300,10 +297,7 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
$do_fromaddress = extract_emails_from($header->fromaddress);
$do_toaddress = extract_emails_from($header->toaddress);
- //$filePath = $_SERVER['SERVER_NAME'] . $do_fromaddress[0] . $do_toaddress[0] . $header_subject . microtime(true);
- //$filePath = "attach/" . sha1($filePath);
-
- $filePath = "attach/$fileUsr/$fileDir";
+ $filePath = "attach/o/$fileUsr/$fileDir";
$struct = imap_fetchstructure($mbox, $msgno);
@@ -362,13 +356,33 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
$fileSize = filesize($fileAttachment);
$fileSize = HumanReadableFilesize($fileSize);
- echo "\r\n<tr><td><a href=\"$fileAttachment\"><img src=\"images/file.png\" border=\"0\" width=\"36\" height=\"36\"></a></td><td><a href=\"$fileAttachment\">$fileName</a><br>$fileSize</td></tr>\r\n";
+ if (is_image($fileAttachment)) {
+
+ $img_size = getimagesize($fileAttachment);
+
+ $imgSize = "";
+
+ if (($img_size[0] > 0) and ($img_size[1] > 0)) {
+
+ $imgSize = ", {$img_size[0]}x{$img_size[1]} pixels";
+
+ if ($img_size[bits] > 0) {
+
+ $imgSize = "$imgSize, {$img_size[bits]}-bit image";
+ }
+ }
+
+ echo "\r\n<tr><td><a href=\"$fileAttachment\" target=\"_blank\"><img src=\"images/file.png\" border=\"0\" width=\"36\" height=\"36\"></a></td><td><a href=\"$fileAttachment\" target=\"_blank\">$fileName</a><br>$fileSize{$imgSize}</td></tr>\r\n";
+ }
+ else {
+ echo "\r\n<tr><td><a href=\"$fileAttachment\"><img src=\"images/file.png\" border=\"0\" width=\"36\" height=\"36\"></a></td><td><a href=\"$fileAttachment\">$fileName</a><br>$fileSize</td></tr>\r\n";
+ }
}
echo "</table>";
echo "</div>";
- $_SESSION['clean_up'] = $fileDir;
+ $_SESSION['clean_up_o'] = $fileDir;
}
else {
rmdirr($filePath);
tree eefd8fe2b6b3a83cf51ee9e83f390ade84003805
parent 8e2ba22bb1eb9e3da108cbcbe854066b068934fc
author Engels Antonio <engels@majcms.org> 1320981141 +0800
committer Engels Antonio <engels@majcms.org> 1320981141 +0800
Add file attach list
diff --git a/core.php b/core.php
index a663636..25ae794 100644
--- a/core.php
+++ b/core.php
@@ -17,6 +17,10 @@ error_reporting(E_ERROR);
session_start();
+if ($_SESSION['logged_lvl'] == "subscriber") {
+ $fileUsr = sha1($_SESSION['logged_uid']);
+}
+
if (isset($_POST['mbox_min']) and !empty($_POST['mbox_min']) and is_numeric($_POST['mbox_min'])) {
$mbox_min = $_POST['mbox_min'];
}
@@ -61,8 +65,6 @@ function time_elapsed_string($ptime) {
function HumanReadableFilesize($size) {
- // Adapted from: http://www.php.net/manual/en/function.filesize.php
-
$mod = 1024;
$units = explode(' ','B KB MB GB TB PB');
@@ -124,15 +126,15 @@ function get_part($stream, $msg_number, $mime_type, $structure = false, $part_nu
if ($data) {
return $data;
}
- } // END OF WHILE
- } // END OF MULTIPART
- } // END OF STRUTURE
+ }
+ }
+ }
return false;
-} // END OF FUNCTION
+}
function extract_emails_from($string){
- preg_match_all("/[\._a-zA-Z0-9-]+@[\._a-zA-Z0-9-]+/i", $string, $matches);
- return $matches[0];
+ preg_match_all("/[\._a-zA-Z0-9-]+@[\._a-zA-Z0-9-]+/i", $string, $matches);
+ return $matches[0];
}
function return_bytes($val) {
@@ -150,8 +152,8 @@ function return_bytes($val) {
break;
default:
return $val;
- } //switch ($last)
-} //function return_bytes($val)
+ }
+}
$server_upload_max_filesize = return_bytes(ini_get('upload_max_filesize'));
$server_post_max_size = return_bytes(ini_get('post_max_size'));
@@ -182,4 +184,17 @@ function header_mime2text ($header) {
return ($header_text);
}
+function is_image($path) {
+
+ $a = getimagesize($path);
+ $image_type = $a[2];
+
+ if (in_array($image_type, array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG , IMAGETYPE_BMP))) {
+
+ return true;
+ }
+
+ return false;
+}
+
?>
diff --git a/filedrop.php b/filedrop.php
index 51372e2..363483f 100644
--- a/filedrop.php
+++ b/filedrop.php
@@ -6,8 +6,6 @@ if (!isset($_SESSION['logged_uid']) or !isset($_SESSION['logged_lvl']) or !isset
exit;
}
-echo "<img src=\"images/ajax-loader.gif\" class=\"loader\">";
-
if (isset($_FILES['filedrop_obj']) and !empty($_FILES['filedrop_obj']) and isset($_POST['filedrop_box']) and !empty($_POST['filedrop_box'])) {
if (is_uploaded_file($_FILES['filedrop_obj']['tmp_name'])) {
@@ -18,13 +16,13 @@ if (isset($_FILES['filedrop_obj']) and !empty($_FILES['filedrop_obj']) and isset
$filedrop_nom = str_replace(" ", "_", $_FILES['filedrop_obj']['name']);
- if (!file_exists(".tmp/$filedrop_box")) {
- mkdir(".tmp/$filedrop_box",0700,1);
+ if (!file_exists("attach/i/$fileUsr/$filedrop_box")) {
+ mkdir("attach/i/$fileUsr/$filedrop_box",0700,1);
}
- if (!file_exists(".tmp/$filedrop_box/$filedrop_nom")) {
+ if (!file_exists("attach/i/$fileUsr/$filedrop_box/$filedrop_nom")) {
- $res = copy($_FILES['filedrop_obj']['tmp_name'], ".tmp/$filedrop_box/$filedrop_nom");
+ $res = copy($_FILES['filedrop_obj']['tmp_name'], "attach/i/$fileUsr/$filedrop_box/$filedrop_nom");
unlink($_FILES['filedrop_obj']['tmp_name']);
echo "<script>alert(\"{$_FILES['filedrop_obj']['name']} saved as $filedrop_nom\");</script>";
}
@@ -42,6 +40,60 @@ if (isset($_FILES['filedrop_obj']) and !empty($_FILES['filedrop_obj']) and isset
}
}
+if (file_exists("attach/i/$fileUsr/$filedrop_box")) {
+
+ $fileAttachments = glob("attach/i/$fileUsr/$filedrop_box/*");
+
+ if (count($fileAttachments) > 0) {
+
+ if (file_exists("css.php")) {
+
+ $css = file_get_contents("css.php");
+ $css = str_replace("<style>","",$css);
+ $css = str_replace("</style>","",$css);
+
+ echo "<style>\r\n$css</style>\r\n\r\n";
+ }
+
+ echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\">";
+
+ foreach ($fileAttachments as $fileAttachment) {
+
+ $fileName = str_replace("attach/i/$fileUsr/$filedrop_box/","",$fileAttachment);
+
+ $fileSize = filesize($fileAttachment);
+ $fileSize = HumanReadableFilesize($fileSize);
+
+ if (is_image($fileAttachment)) {
+
+ $img_size = getimagesize($fileAttachment);
+
+ $imgSize = "";
+
+ if (($img_size[0] > 0) and ($img_size[1] > 0)) {
+
+ $imgSize = ", {$img_size[0]}x{$img_size[1]} pixels";
+
+ if ($img_size[bits] > 0) {
+
+ $imgSize = "$imgSize, {$img_size[bits]}-bit image";
+ }
+ }
+
+ echo "\r\n<tr><td><a href=\"$fileAttachment\" target=\"_blank\"><img src=\"images/file.png\" border=\"0\" width=\"36\" height=\"36\"></a></td><td><a href=\"$fileAttachment\" target=\"_blank\">$fileName</a><br>$fileSize{$imgSize}</td></tr>\r\n";
+ }
+ else {
+ echo "\r\n<tr><td><a href=\"$fileAttachment\"><img src=\"images/file.png\" border=\"0\" width=\"36\" height=\"36\"></a></td><td><a href=\"$fileAttachment\">$fileName</a><br>$fileSize</td></tr>\r\n";
+ }
+ }
+
+ echo "</table>";
+ }
+
+$_SESSION['clean_up_i'] = $filedrop_box;
+
+}
+
?>
<script>
diff --git a/index.php b/index.php
index 5870843..30de31b 100644
--- a/index.php
+++ b/index.php
@@ -149,6 +149,29 @@ if ($pw_put == $pw_get) {
unset($pw_mbox);
+ if ($_SESSION['logged_lvl'] == "subscriber") {
+
+ if (isset($_SESSION['clean_up_i']) and file_exists("attach/i/$fileUsr/{$_SESSION['clean_up_i']}") and (!isset($_POST['filedrop_box']) or empty($_POST['filedrop_box']))) {
+
+ rmdirr("attach/i/$fileUsr/{$_SESSION['clean_up_i']}");
+ unset($_SESSION['clean_up_i']);
+
+ if (count(glob("attach/i/$fileUsr/*")) == 0) {
+ rmdirr("attach/i/$fileUsr");
+ }
+ }
+
+ if (isset($_SESSION['clean_up_o']) and file_exists("attach/o/$fileUsr/{$_SESSION['clean_up_o']}")) {
+
+ rmdirr("attach/o/$fileUsr/{$_SESSION['clean_up_o']}");
+ unset($_SESSION['clean_up_o']);
+
+ if (count(glob("attach/o/$fileUsr/*")) == 0) {
+ rmdirr("attach/o/$fileUsr");
+ }
+ }
+ }
+
if (isset($_GET['do']) and ($_GET['do'] == "logout")) {
$_SESSION = array();
session_destroy();
@@ -178,6 +201,8 @@ if (!isset($_SESSION['logged_uid']) and (($pw_put != $pw_get) or !isset($_POST['
echo "</center></div>";
+ echo "<iframe name=\"preload\" src=\"preload.php\" frameborder=\"0\" scrolling=\"0\" width=\"0\" height=\"0\"></iframe>";
+
exit;
}
@@ -192,13 +217,6 @@ if (isset($_SESSION['logged_uid'])) {
if ($_SESSION['logged_lvl'] == "subscriber") {
- $fileUsr = sha1($_SESSION['logged_uid']);
-
- if (isset($_SESSION['clean_up']) and file_exists("attach/$fileUsr/{$_SESSION['clean_up']}")) {
- rmdirr("attach/$fileUsr/{$_SESSION['clean_up']}");
- unset($_SESSION['clean_up']);
- }
-
$usr_query = mysql_query("select * from users where id='{$_SESSION['logged_uid']}'");
$usr_data = mysql_fetch_row($usr_query);
@@ -798,48 +816,37 @@ if (isset($_SESSION['logged_uid'])) {
$do_filedrop_box = $_POST['filedrop_box'];
- if (file_exists(".tmp/$do_filedrop_box") and (count(glob(".tmp/$do_filedrop_dir/$do_filedrop_box/*")) > 0)) {
+ if (file_exists("attach/i/$fileUsr/$do_filedrop_box") and (count(glob("attach/i/$fileUsr/$do_filedrop_box/*")) > 0)) {
-$mime_boundary = md5(microtime(true));
-
-$reply_headers .= "\r\nMIME-Version: 1.0";
-$reply_headers .= "\r\nContent-Type: multipart/mixed; boundary=\"{$mime_boundary}\"";
-$reply_body = "\r\nThis is a multi-part message in MIME format.\r\n\r\n--{$mime_boundary}\r\nContent-type: text/plain; charset=UTF-8\r\nContent-Transfer-Encoding: 8bit\r\n{$reply_body}";
+ $mime_boundary = md5(microtime(true));
+ $reply_headers .= "\r\nMIME-Version: 1.0";
+ $reply_headers .= "\r\nContent-Type: multipart/mixed; boundary=\"{$mime_boundary}\"";
+
+ $reply_body = "\r\nThis is a multi-part message in MIME format.\r\n\r\n--{$mime_boundary}\r\nContent-type: text/plain; charset=UTF-8\r\nContent-Transfer-Encoding: 8bit\r\n\r\n{$reply_body}";
$do_reply_from = extract_emails_from($reply_from);
$do_reply_to = extract_emails_from($reply_to);
- if (!file_exists("filedrop")) {
- mkdir("filedrop",0700);
- }
-
- rename(".tmp/$do_filedrop_box","filedrop/$filedrop_box");
-
- $do_filedrop_msg = glob("filedrop/$filedrop_box/*");
+ $do_filedrop_msg = glob("attach/i/$fileUsr/$do_filedrop_box/*");
sort($do_filedrop_msg);
reset($do_filedrop_msg);
-/*
- foreach ($do_filedrop_msg as $do_filedrop_put) {
-
- $do_filedrop_nom = str_replace("filedrop/$filedrop_box/","",$do_filedrop_put);
-
- $reply_body = $reply_body . "\r\n\r\n$do_filedrop_nom (" . HumanReadableFilesize(filesize($do_filedrop_put)) . ")\r\n" . "http://" . $_SERVER['SERVER_NAME'] . "/$do_filedrop_put";
- }
-*/
-
foreach ($do_filedrop_msg as $do_filedrop_put) {
- $do_filedrop_nom = str_replace("filedrop/$filedrop_box/","",$do_filedrop_put);
+ $do_filedrop_nom = str_replace("attach/i/$fileUsr/$do_filedrop_box/","",$do_filedrop_put);
$reply_body = $reply_body . "\r\n\r\n--{$mime_boundary}\r\nContent-Type: application/octet-stream; name=\"$do_filedrop_nom\"\r\nContent-Disposition: attachment; filename=\"$do_filedrop_nom\"\r\nContent-Transfer-Encoding: base64\r\n\r\n" . chunk_split(base64_encode(file_get_contents($do_filedrop_put)));
}
$reply_body = $reply_body . "--{$mime_boundary}--";
- rmdirr("filedrop/$filedrop_box");
+ rmdirr("attach/i/$fileUsr/$do_filedrop_box");
+
+ if (count(glob("attach/i/$fileUsr/*")) == 0) {
+ rmdirr("attach/i/$fileUsr");
+ }
}
}
diff --git a/pgsql.php b/pgsql.php
deleted file mode 100644
index 5d2e561..0000000
--- a/pgsql.php
+++ /dev/null
@@ -1,854 +0,0 @@
-<?php
-
-/* modify the values of $db_host, $db_name, $db_user, $db_pass, and $mail_root for basic configuration */
-
-$db_host = "localhost";
-$db_port = "5432";
-$db_name = "kartero";
-$db_user = "postgres";
-$db_pass = "password";
-
-$mail_root = "/var/www/html/mailroot";
-
-/* feel free to hack the succeeding code to suit your needs (basic php and mysql skills required) */
-
-session_start();
-
-function rmdirr($recurse_dirname) {
-
- if (!file_exists($recurse_dirname)) {
- return false;
- }
-
- if (is_file($recurse_dirname)) {
- return unlink($recurse_dirname);
- }
-
- $recurse_dir = dir($recurse_dirname);
-
- while (false !== $recurse_entry = $recurse_dir->read()) {
-
- if ($recurse_entry == '.' || $recurse_entry == '..') {
- continue;
- }
-
- rmdirr("$recurse_dirname/$recurse_entry");
- }
-
- $recurse_dir->close();
- return rmdir($recurse_dirname);
-}
-
-function ack($ack_string) {
- echo "<table width=\"100%\"><tr></td><div class=\"ack\">$ack_string</div></td></tr></table>";
-}
-
-function nak($nak_string) {
- echo "<table width=\"100%\"><tr></td><div class=\"nak\">$nak_string</div></td></tr></table>";
-}
-
-if (file_exists("css.php")) {
-
- $css = file_get_contents("css.php");
- $css = str_replace("<style>","",$css);
- $css = str_replace("</style>","",$css);
-
- echo "<style>\r\n$css</style>\r\n\r\n";
-}
-
-if (!file_exists("$mail_root")) {
-
- $mail_dirs = explode("/",$mail_root);
-
- foreach ($mail_dirs as $mail_dir) {
-
- if (!empty($mail_dir)) {
- $mail_mkdir = $mail_mkdir . "/" . $mail_dir;
- mkdir("$mail_mkdir");
- }
- }
-
- if (!file_exists("$mail_root")) {
- nak("Can't create '$mail_root' (check filesystem permissions or change '$mail_root' and try again)");
- exit();
- }
-}
-
-$db_link = pg_pconnect("host=$db_host port=$db_port user=$db_user password=$db_pass dbname=$db_name");
-
-if (!$db_link) {
- nak(pg_last_error());
- exit;
-}
-
-$pw_crypt = crypt("password");
-//$db_query = pg_query($db_link,"create database $db_name");
-//$db_query = pg_query($db_link,"use $db_name");
-$db_query = pg_query($db_link,"create table admins (id varchar(16) not null, pw varchar(64) not null, primary key (id), unique key (id))");
-$db_query = pg_query($db_link,"create table domains (id varchar(128) not null, pw varchar(64) not null, max int(6) default '0', mode int(1) default '1', primary key (id), unique key (id), key id_2 (id))");
-$db_query = pg_query($db_link,"create table users (id varchar(255) not null, pw varchar(64) not null, maildir varchar(255) not null, name varchar(128), domain varchar(128), mode int(1) default '1', host varchar(255), primary key (id), unique key(id), key id_2 (id))");
-$db_query = pg_query($db_link,"create table aliases (id varchar(255) not null, alias varchar(255) not null, domain varchar(128), mode int(1) default '1', primary key (id), unique key (id), key id_2 (id))");
-$db_query = pg_query($db_link,"insert into admins values('root','$pw_crypt')");
-
-$id_put = trim($_POST['id']);
-
-if (get_magic_quotes_gpc()) {
- $id_put = stripslashes($id_put);
-}
-
-if (!is_int($value)) {
- $id_put = pg_escape_string($id_put);
-}
-
-$id_put = strip_tags($id_put);
-
-$lvl_put = strip_tags($_POST['lvl']);
-
-if ($lvl_put == "subscriber") {
- $pw_get = pg_query($db_link,"select pw from users where id='$id_put'");
-}
-
-if ($lvl_put == "postmaster") {
- $pw_get = pg_query($db_link,"select pw from domains where id='$id_put'");
-}
-
-if ($lvl_put == "administrator") {
- $pw_get = pg_query($db_link,"select pw from admins where id='$id_put'");
-}
-
-$pw_get = pg_fetch_row($pw_get);
-$pw_get = $pw_get[0];
-
-$pw_put = $_POST['pw'];
-
-if (get_magic_quotes_gpc()) {
- $pw_put = stripslashes($pw_put);
-}
-
-if (!is_int($value)) {
- $pw_put = pg_escape_string($pw_put);
-}
-
-$pw_put = strip_tags($pw_put);
-$pw_put = crypt($pw_put,$pw_get);
-
-if ($pw_put == $pw_get) {
- $_SESSION['logged_uid'] = $id_put;
- $_SESSION['logged_lvl'] = $lvl_put;
-}
-
-if (isset($_GET['do']) and ($_GET['do'] == "logout")) {
- $_SESSION = array();
- session_destroy();
- header("Location: .");
- exit;
-}
-
-/* logo here? */
-
-if (!isset($_SESSION['logged_uid']) and (($pw_put != $pw_get) or !isset($_POST['id']) or !isset($_POST['pw']) or empty($_POST['id']) or empty($_POST['pw']))) {
- echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\">";
- echo "<form method=\"post\">";
- echo "<tr bgcolor=\"#ffffff\"><td width=\"150\"><select class=\"input\" name=\"lvl\"><option value=\"subscriber\">subscriber</option><option value=\"postmaster\">postmaster</option><option value=\"administrator\">administrator</option></select></td></tr>";
- echo "<tr bgcolor=\"#ffffff\"><td width=\"150\"><input class=\"input\" type=\"text\" name=\"id\" autocomplete=\"off\" maxlength=\"128\"></td></tr>";
- echo "<tr bgcolor=\"#ffffff\"><td width=\"150\"><input class=\"input\" type=\"password\" name=\"pw\" autocomplete=\"off\" maxlength=\"64\"></td></tr>";
- echo "<tr bgcolor=\"#ffffff\"><td width=\"150\"><input class=\"input\" type=\"submit\" value=\"login\"></td></tr>";
- echo "</form>";
- echo "</table>";
- exit;
-}
-
-if (isset($_SESSION['logged_uid'])) {
-
- echo "<p><nobr>You are currently logged in to your {$_SESSION['logged_uid']} {$_SESSION['logged_lvl']} account. Click <a href=\"?do=logout\">here</a> to logout.</nobr></p>";
-
- echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">";
- echo "<tr><td colspan=\"3\" valign=\"top\">";
-
- if ($_SESSION['logged_lvl'] == "subscriber") {
-
- $usr_query = pg_query($db_link,"select * from users where id='{$_SESSION['logged_uid']}'");
- $usr_data = pg_fetch_row($usr_query);
-
- $dom_query = pg_query($db_link,"select mode from domains where id='{$usr_data[4]}'");
- $dom_data = pg_fetch_row($dom_query);
-
- if ($dom_data[0] == 0) {
- nak("{$usr_data[4]} disabled by admin - new settings will take effect once it is re-enabled");
- }
-
- if ($usr_data[5] == 0) {
- nak("{$_SESSION['logged_uid']} disabled by postmaster - new settings will take effect once it is re-enabled");
- }
-
- $usr_name = $usr_data[3];
-
- if (isset($_POST['usr_name']) and !empty($_POST['usr_name'])) {
-
- $usr_name = trim($_POST['usr_name']);
- $usr_name = ucwords($usr_name);
-
- if ($usr_name != $usr_data[3]) {
-
- $usr_query = pg_query($db_link,"update users set name='$usr_name' where id='{$_SESSION['logged_uid']}'");
-
- if (!usr_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("name changed");
- }
- }
- else {
- $usr_name = $usr_data[3];
- }
- }
-
- $usr_pw0 = $usr_data[1];
-
- if (isset($_POST['usr_pw1']) and !empty($_POST['usr_pw1']) and isset($_POST['usr_pw2']) and !empty($_POST['usr_pw2']) and isset($_POST['usr_pw3']) and !empty($_POST['usr_pw3'])) {
-
- $usr_pw1 = trim($_POST['usr_pw1']);
- $usr_pw2 = trim($_POST['usr_pw2']);
- $usr_pw3 = trim($_POST['usr_pw3']);
-
- if ($usr_pw0 == crypt($usr_pw1,$usr_pw0)) {
-
- if ($usr_pw2 == $usr_pw3) {
-
- $usr_pw = crypt($usr_pw2);
-
- $usr_query = pg_query($db_link,"update users set pw='$usr_pw' where id='{$_SESSION['logged_uid']}'");
-
- if (!usr_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("password changed");
- }
- }
- else {
- nak("new passwords do not match");
- }
- }
- else {
- nak("current password entered is incorrect");
- }
- }
- }
-
- if ($_SESSION['logged_lvl'] == "postmaster") {
-
- $dom_query = pg_query($db_link,"select mode from domains where id='{$_SESSION['logged_uid']}'");
- $dom_query = pg_fetch_row($dom_query);
-
- if ($dom_query[0] == "0") {
- nak("{$_SESSION['logged_uid']} disabled by admin - new settings will take effect once it is re-enabled");
- }
-
- if (isset($_POST['pm_id']) and isset($_POST['pm_name']) and isset($_POST['pm_pw']) and !empty($_POST['pm_id']) and !empty($_POST['pm_name']) and !empty($_POST['pm_pw'])) {
-
- $pm_id = trim($_POST['pm_id']);
- $pm_id = strtolower($pm_id);
-
- if (preg_match("/@/",$pm_id)) {
- $pm_id = substr($pm_id,0,strpos($pm_id,"@"));
- }
-
- $pm_addr = $pm_id . "@" . $_SESSION['logged_uid'];
-
- $alias_query = pg_query($db_link,"select id from aliases where id='$pm_addr'");
-
- if (pg_fetch_row($alias_query) > 0) {
- nak("$pm_addr alias exists");
- }
- else {
- $pm_name = trim($_POST['pm_name']);
- $pm_name = ucwords($pm_name);
-
- $pm_pw = trim($_POST['pm_pw']);
- $pm_pw = crypt($pm_pw);
-
- $pm_init = substr($pm_id,0,1);
-
- $pm_maildir = "{$_SESSION['logged_uid']}/$pm_init/$pm_id";
-
- $pm_host = trim($_POST['pm_host']);
- $pm_host = strtolower($pm_host);
-
- $pm_query = pg_query($db_link,"insert into users values('$pm_addr','$pm_pw','$pm_maildir/','$pm_name','{$_SESSION['logged_uid']}','1','$pm_host')");
-
- if (!$pm_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- if (!file_exists("$mail_root/{$_SESSION['logged_uid']}")) {
- mkdir("$mail_root/{$_SESSION['logged_uid']}");
- }
-
- if (!file_exists("$mail_root/{$_SESSION['logged_uid']}/$pm_init")) {
- mkdir("$mail_root/{$_SESSION['logged_uid']}/$pm_init");
- }
-
- if (!file_exists("$mail_root/$pm_maildir")) {
- mkdir("$mail_root/$pm_maildir");
- }
-
- if (!file_exists("$mail_root/$pm_maildir/cur")) {
- mkdir("$mail_root/$pm_maildir/cur");
- }
-
- if (!file_exists("$mail_root/$pm_maildir/new")) {
- mkdir("$mail_root/$pm_maildir/new");
- }
-
- if (!file_exists("$mail_root/$pm_maildir/tmp")) {
- mkdir("$mail_root/$pm_maildir/tmp");
- }
-
- ack("$pm_addr added");
- }
- }
- }
-
- if (isset($_POST['pm_mod']) and !empty($_POST['pm_mod'])) {
-
- $pm_mod = trim($_POST['pm_mod']);
-
- if (isset($_POST['pm_name']) and !empty($_POST['pm_name'])) {
-
- $pm_name = trim($_POST['pm_name']);
- $pm_name = ucwords($pm_name);
-
- $pm_query = pg_query($db_link,"select name from users where id='$pm_mod'");
-
- $name_get = pg_fetch_row($pm_query);
-
- if ($name_get[0] != $pm_name) {
-
- $pm_query = pg_query($db_link,"update users set name='$pm_name' where id='$pm_mod'");
-
- if (!$pm_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$pm_mod complete name updated");
- }
- }
- }
-
- if (isset($_POST['pm_pass']) and !empty($_POST['pm_pass'])) {
-
- $pm_pass = $_POST['pm_pass'];
- $pm_pass = crypt($pm_pass);
-
- $pm_query = pg_query($db_link,"update users set pw='$pm_pass' where id='$pm_mod'");
-
- if (!$pm_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$pm_mod password updated");
- }
- }
-
- if (isset($_POST['pm_host'])) {
-
- $pm_host = trim($_POST['pm_host']);
- $pm_host = strtolower($pm_host);
-
- $pm_query = pg_query($db_link,"select host from users where id='$pm_mod'");
-
- $host_get = pg_fetch_row($pm_query);
-
- if ($host_get[0] != $pm_host) {
-
- $pm_query = pg_query($db_link,"update users set host='$pm_host' where id='$pm_mod'");
-
- if (!$pm_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$pm_mod delivery host updated");
- }
- }
- }
- }
-
- if (isset($_POST['pm_set']) and !empty($_POST['pm_set']) and isset($_POST['pm_do']) and !empty($_POST['pm_do'])) {
-
- $pm_set = trim($_POST['pm_set']);
- $pm_do = trim($_POST['pm_do']);
-
- if ($pm_do == "disable") {
- $pm_do = "0";
- }
-
- if ($pm_do == "enable") {
- $pm_do = "1";
- }
-
- $pm_query = pg_query($db_link,"update aliases set mode='$pm_do' where alias='$pm_set'");
- $pm_query = pg_query($db_link,"update users set mode='$pm_do' where id='$pm_set'");
-
- if (!$pm_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
-
- $pm_query = pg_query($db_link,"select alias from aliases where alias='$pm_set'");
- $pm_aka = pg_num_rows($pm_query);
-
- if ($pm_do == "0") {
-
- if ($pm_aka > 0) {
-
- if ($pm_aka < 2) {
- ack("$pm_set account and 1 alias disabled");
- }
- else {
- ack("$pm_set account and $pm_aka aliases disabled");
- }
- }
- else {
- ack("$pm_set account disabled");
- }
- }
-
- if ($pm_do == "1") {
-
- if (pg_fetch_row($pm_query) > 0) {
-
- if ($pm_aka < 2) {
- ack("$pm_set account and 1 alias enabled");
- }
- else {
- ack("$pm_set account and $pm_aka aliases enabled");
- }
- }
- else {
- ack("$pm_set account enabled");
- }
- }
- }
- }
-
- if (isset($_POST['pm_del']) and !empty($_POST['pm_del'])) {
-
- $pm_del = trim($_POST['pm_del']);
-
- $pm_query = pg_query($db_link,"delete from aliases where alias='$pm_del'");
- $pm_query = pg_query($db_link,"delete from users where id='$pm_del'");
-
- if (!$pm_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- $pm_init = substr($pm_del,0,1);
- $pm_box = substr($pm_del,0,strpos($pm_del,"@"));
-
- if (file_exists("$mail_root/{$_SESSION['logged_uid']}/$pm_init/$pm_box")) {
- rmdirr("$mail_root/{$_SESSION['logged_uid']}/$pm_init/$pm_box");
- }
-
- if (count(glob("$mail_root/{$_SESSION['logged_uid']}/$pm_init/*")) < 1) {
- rmdir("$mail_root/{$_SESSION['logged_uid']}/$pm_init");
- }
-
- ack("$pm_del deleted");
- }
- }
-
- if (isset($_POST['alias_add']) and !empty($_POST['alias_add']) and isset($_POST['alias_to']) and !empty($_POST['alias_to'])) {
-
- $alias_add = trim($_POST['alias_add']);
-
- if (preg_match("/@/",$alias_add)) {
- $alias_add = substr($alias_add,0,strpos($alias_add,"@"));
- }
-
- $alias_add = "$alias_add@{$_SESSION['logged_uid']}";
-
- $alias_to = trim($_POST['alias_to']);
-
- $alias_query = pg_query($db_link,"select id from users where id='$alias_add'");
-
- if (pg_num_rows($alias_query) > 0) {
- nak("$alias_add account exists");
- }
- else {
- if (!preg_match("/@/",$alias_to) or preg_match("/@{$_SESSION['logged_uid']}/",$alias_to)) {
-
- if (preg_match("/@{$_SESSION['logged_uid']}/",$alias_to)) {
- $alias_to = substr($alias_to,0,strpos($alias_to,"@"));
- }
-
- $alias_to = "$alias_to@{$_SESSION['logged_uid']}";
-
- $alias_query = pg_query($db_link,"select id from users where id='$alias_to'");
-
- if (pg_num_rows($alias_query) < 1) {
- nak("$alias_to does not exist");
- }
- else {
- $alias_query = pg_query($db_link,"insert into aliases values('$alias_add','$alias_to','{$_SESSION['logged_uid']}','1')");
-
- if (!$alias_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$alias_add added");
- }
- }
- }
- else {
- $alias_query = pg_query($db_link,"insert into aliases values('$alias_add','$alias_to','{$_SESSION['logged_uid']}','1')");
-
- if (!$alias_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$alias_add added");
- }
- }
- }
- }
-
- if (isset($_POST['alias_mod']) and !empty($_POST['alias_mod']) and isset($_POST['alias_to']) and !empty($_POST['alias_to'])) {
-
- $alias_mod = trim($_POST['alias_mod']);
-
- $alias_to = trim($_POST['alias_to']);
-
- if (!preg_match("/@/",$alias_to) or preg_match("/@{$_SESSION['logged_uid']}/",$alias_to)) {
-
- if (preg_match("/@{$_SESSION['logged_uid']}/",$alias_to)) {
- $alias_to = substr($alias_to,0,strpos($alias_to,"@"));
- }
-
- $alias_to = "$alias_to@{$_SESSION['logged_uid']}";
-
- $alias_query = pg_query($db_link,"select id from users where id='$alias_to'");
-
- if (pg_num_rows($alias_query) < 1) {
- nak("$alias_to does not exist");
- }
- else {
- $alias_query = pg_query($db_link,"update aliases set alias='$alias_to' where id='$alias_mod'");
-
- if (!$alias_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$alias_mod updated");
- }
- }
- }
- else {
-
- $alias_query = pg_query($db_link,"update aliases set alias='$alias_to' where id='$alias_mod'");
-
- if (!$alias_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$alias_mod updated");
- }
- }
- }
-
- if (isset($_POST['alias_set']) and !empty($_POST['alias_set']) and isset($_POST['alias_do']) and !empty($_POST['alias_do'])) {
-
- $alias_set = trim($_POST['alias_set']);
- $alias_do = trim($_POST['alias_do']);
-
- if ($alias_do == "disable") {
- $alias_do = "0";
- $alias_query = pg_query($db_link,"update aliases set mode='$alias_do' where id='$alias_set'");
-
- if (!$alias_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$alias_set alias disabled");
- }
- }
-
- if ($alias_do == "enable") {
-
- $alias_query = pg_query($db_link,"select alias from aliases where id='$alias_set'");
- $alias_recipient = pg_fetch_row($alias_query);
- $alias_recipient = $alias_recipient[0];
-
- $usr_query = pg_query($db_link,"select mode from users where id='$alias_recipient'");
- $alias_recipient_mode = pg_fetch_row($usr_query);
- $alias_recipient_mode = $alias_recipient_mode[0];
-
- if ($alias_recipient_mode == "0") {
- nak("cannot enable $alias_set alias while $alias_recipient recipient account is disabled");
- }
- else {
- $alias_do = "1";
- $alias_query = pg_query($db_link,"update aliases set mode='$alias_do' where id='$alias_set'");
-
- if (!$alias_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$alias_set alias enabled");
- }
- }
- }
- }
-
- if (isset($_POST['alias_del']) and !empty($_POST['alias_del'])) {
-
- $alias_del = trim($_POST['alias_del']);
- $alias_query = pg_query($db_link,"delete from aliases where id='$alias_del'");
-
- if (!$alias_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$alias_del deleted");
- }
- }
- }
-
- if ($_SESSION['logged_lvl'] == "administrator") {
-
- if (isset($_POST['dom_name']) and isset($_POST['dom_pass']) and isset($_POST['dom_max']) and !empty($_POST['dom_name']) and !empty($_POST['dom_pass']) and is_numeric($_POST['dom_max'])) {
-
- $dom_name = trim($_POST['dom_name']);
-
- $dom_pass = trim($_POST['dom_pass']);
- $dom_pass = crypt($dom_pass);
-
- $dom_max = trim($_POST['dom_max']);
-
- $dom_query = pg_query($db_link,"insert into domains values('$dom_name','$dom_pass','$dom_max','1')");
-
- if (!$dom_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- if (!file_exists("$mail_root/$dom_name")) {
- mkdir("$mail_root/$dom_name");
- }
-
- ack("$dom_name added");
- }
- }
-
- if (isset($_POST['dom_mod']) and !empty($_POST['dom_mod'])) {
-
- $dom_mod = trim($_POST['dom_mod']);
-
- if (isset($_POST['dom_pass']) and !empty($_POST['dom_pass'])) {
-
- $dom_pass = $_POST['dom_pass'];
- $dom_pass = crypt($dom_pass);
-
- $dom_query = pg_query($db_link,"update domains set pw='$dom_pass' where id='$dom_mod'");
-
- if (!$dom_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$dom_mod postmaster password updated");
- }
- }
-
- if (isset($_POST['dom_max']) and is_numeric($_POST['dom_max'])) {
-
- $dom_max = $_POST['dom_max'];
-
- $dom_query = pg_query($db_link,"select max from domains where id='$dom_mod'");
-
- $max_get = pg_fetch_row($dom_query);
-
- if ($max_get[0] != $dom_max) {
-
- $dom_query = pg_query($db_link,"update domains set max='$dom_max' where id='$dom_mod'");
-
- if (!$dom_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- ack("$dom_mod account limit updated");
- }
- }
- }
- }
-
- if (isset($_POST['dom_set']) and !empty($_POST['dom_set']) and isset($_POST['dom_do']) and !empty($_POST['dom_do'])) {
-
- $dom_set = trim($_POST['dom_set']);
- $dom_do = trim($_POST['dom_do']);
-
- if ($dom_do == "disable") {
- $dom_do = "0";
- }
-
- if ($dom_do == "enable") {
- $dom_do = "1";
- }
-
- $dom_query = pg_query($db_link,"update domains set mode='$dom_do' where id='$dom_set'");
-
- if (!$dom_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- if ($dom_do == "0") {
- ack("$dom_set disabled");
- }
-
- if ($dom_do == "1") {
- ack("$dom_set enabled");
- }
- }
- }
-
- if (isset($_POST['dom_del']) and !empty($_POST['dom_del'])) {
-
- $dom_del = trim($_POST['dom_del']);
-
- $dom_query = pg_query($db_link,"delete from aliases where domain='$dom_del'");
- $dom_query = pg_query($db_link,"delete from users where domain='$dom_del'");
- $dom_query = pg_query($db_link,"delete from domains where id='$dom_del'");
-
- if (!$dom_query) {
- nak(strtolower(pg_last_error()));
- }
- else {
- if (file_exists("$mail_root/$dom_del")) {
- rmdirr("$mail_root/$dom_del");
- }
- ack("$dom_del deleted");
- }
- }
- }
-
- echo "</td></tr>";
-
- echo "<tr><td valign=\"top\">";
-
- if ($_SESSION['logged_lvl'] == "subscriber") {
-
- echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\">";
- echo "<form method=\"post\">";
- echo "<tr bgcolor=\"#ffffff\"><td align=\"center\" valign=\"middle\"><img src=\"images/user.png\" border=\"0\" width=\"16\" height=\"16\"></td><td><input class=\"input\" type=\"text\" name=\"usr_name\" value=\"$usr_name\" autocomplete=\"off\" maxlength=\"128\"></td></tr>";
- echo "<tr bgcolor=\"#ffffff\"><td align=\"center\" valign=\"middle\"><img src=\"images/pass.png\" border=\"0\" width=\"16\" height=\"16\"></td><td><input class=\"input\" type=\"password\" name=\"usr_pw1\" autocomplete=\"off\" maxlength=\"64\"></td></tr>";
- echo "<tr bgcolor=\"#ffffff\"><td align=\"center\" valign=\"middle\"><img src=\"images/pass.png\" border=\"0\" width=\"16\" height=\"16\"></td><td><input class=\"input\" type=\"password\" name=\"usr_pw2\" autocomplete=\"off\" maxlength=\"64\"></td></tr>";
- echo "<tr bgcolor=\"#ffffff\"><td align=\"center\" valign=\"middle\"><img src=\"images/pass.png\" border=\"0\" width=\"16\" height=\"16\"></td><td><input class=\"input\" type=\"password\" name=\"usr_pw3\" autocomplete=\"off\" maxlength=\"64\"></td></tr>";
- echo "<tr bgcolor=\"#ffffff\"><td align=\"center\" valign=\"middle\"></td><td><input class=\"input\" type=\"submit\" value=\"update\"></td></tr>";
- echo "</form>";
- echo "</table>";
- }
-
- if ($_SESSION['logged_lvl'] == "postmaster") {
-
- echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\">";
- echo "<tr bgcolor=\"#ffffff\"><td colspan=\"4\" align=\"center\"><b>status</b></td><td align=\"center\"><b>username</b></td><td align=\"center\"><b>complete name</b></td><td align=\"center\"><b>password</b></td><td align=\"center\"><b>host</b></td><td align=\"center\" colspan=\"2\"><b>action</b></td></tr>";
- echo "<form method=\"post\">";
- echo "<tr bgcolor=\"#ffffff\"><td align=\"center\">new</td><td align=\"center\">cur</td><td align=\"center\">aka</td><td align=\"center\">rcv</td><td><input class=\"input\" type=\"text\" name=\"pm_id\" autocomplete=\"off\" maxlength=\"255\"></td><td><input class=\"input\" type=\"text\" name=\"pm_name\" autocomplete=\"off\" maxlength=\"128\"></td><td><input class=\"input\" type=\"text\" name=\"pm_pw\" autocomplete=\"off\" maxlength=\"64\"></td><td><input class=\"input\" type=\"text\" name=\"pm_host\" autocomplete=\"off\" maxlength=\"255\"></td><td colspan=\"2\"><input class=\"input\" type=\"submit\" value=\"add\"></td></tr>";
- echo "</form>";
-
- $pm_get = pg_query($db_link,"select * from users where domain='{$_SESSION['logged_uid']}' order by id");
-
- while ($pm_row = pg_fetch_array($pm_get)) {
-
- if ($pm_row[5] == "1") {
- $pm_do = "disable";
- $pm_bg = "#ffffff";
- }
-
- if ($pm_row[5] == "0") {
- $pm_do = "enable";
- $pm_bg = "#eeeeee";
- }
-
- $msg_new = "$mail_root/{$_SESSION['logged_uid']}/" . substr($pm_row[0],0,1) . "/" . substr($pm_row[0],0,strpos($pm_row[0],"@")) . "/new/*";
- $msg_new = count(glob($msg_new));
-
- $msg_cur = "$mail_root/{$_SESSION['logged_uid']}/" . substr($pm_row[0],0,1) . "/" . substr($pm_row[0],0,strpos($pm_row[0],"@")) . "/cur/*";
- $msg_cur = count(glob($msg_cur));
-
- $pm_aka = pg_query($db_link,"select * from aliases where alias='{$pm_row[0]}'");
- $pm_aka = pg_num_rows($pm_aka);
-
- echo "<tr bgcolor=\"$pm_bg\"><td align=\"right\">$msg_new</td><td align=\"right\">$msg_cur</td><td align=\"right\">$pm_aka</td><form method=\"post\"><input type=\"hidden\" name=\"pm_set\" value=\"{$pm_row[0]}\"><input type=\"hidden\" name=\"pm_do\" value=\"$pm_do\"><td align=\"center\" valign=\"middle\" width=\"10\"><input type=\"image\" src=\"images/{$pm_do}.png\"></td></form><form method=\"post\"><input type=\"hidden\" name=\"pm_mod\" value=\"{$pm_row[0]}\"><td><b>{$pm_row[0]}</b></td><td><input class=\"input\" type=\"text\" name=\"pm_name\" maxlength=\"128\" autocomplete=\"off\" value=\"{$pm_row[3]}\"></td><td><input class=\"input\" type=\"text\" name=\"pm_pass\" maxlength=\"64\" autocomplete=\"off\"></td><td><input class=\"input\" type=\"text\" name=\"pm_host\" maxlength=\"255\" autocomplete=\"off\" value=\"{$pm_row[6]}\"></td><td><input class=\"input\" type=\"submit\" value=\"mod\"></td></form><form method=\"post\"><input type=\"hidden\" name=\"pm_del\" value=\"{$pm_row[0]}\"><td><input class=\"input\" type=\"submit\" value=\"del\" onclick=\"if (confirm('Do you really want to delete {$pm_row[0]} plus all messages and aliases associated with this account?')) {return true;} else {return false;}\"></td></form></tr>";
- }
-
- echo "</table>";
- }
-
- if ($_SESSION['logged_lvl'] == "administrator") {
-
- echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\">";
- echo "<tr bgcolor=\"#ffffff\"><td colspan=\"2\" align=\"center\"><b>status</b></td><td align=\"center\"><nobr><b>domain name</b></nobr></td><td align=\"center\"><nobr><b>account limit</b></nobr></td><td align=\"center\"><nobr><b>postmaster password</b></nobr></td><td align=\"center\" colspan=\"2\"><b>action</b></td></tr>";
- echo "<form method=\"post\"><tr bgcolor=\"#ffffff\"><td align=\"center\">usr</td><td align=\"center\">rcv</td><td align=\"center\"><input class=\"input\" type=\"text\" name=\"dom_name\" maxlength=\"128\" autocomplete=\"off\"></td><td align=\"center\"><input class=\"rinput\" type=\"text\" name=\"dom_max\" maxlength=\"6\" autocomplete=\"off\" value=\"0\"></td><td align=\"center\"><input class=\"input\" type=\"text\" name=\"dom_pass\" maxlength=\"64\" autocomplete=\"off\"></td><td align=\"center\" colspan=\"2\"><input class=\"input\" type=\"submit\" value=\"add\" autocomplete=\"off\"></td></tr></form>";
-
- $dom_get = pg_query($db_link,"select * from domains order by id");
-
- while ($dom_row = pg_fetch_array($dom_get)) {
-
- $dom_usr = pg_query($db_link,"select * from users where domain='{$dom_row[0]}'");
- $dom_usr = pg_num_rows($dom_usr);
-
- if ($dom_row[3] == "1") {
- $dom_do = "disable";
- $dom_bg = "#ffffff";
- }
-
- if ($dom_row[3] == "0") {
- $dom_do = "enable";
- $dom_bg = "#eeeeee";
- }
-
- echo "<tr bgcolor=\"$dom_bg\"><td align=\"right\">$dom_usr</td><form method=\"post\"><input type=\"hidden\" name=\"dom_set\" value=\"{$dom_row[0]}\"><input type=\"hidden\" name=\"dom_do\" value=\"$dom_do\"><td align=\"center\" valign=\"middle\" width=\"10\"><input type=\"image\" src=\"images/{$dom_do}.png\"></td></form><form method=\"post\"><input type=\"hidden\" name=\"dom_mod\" value=\"{$dom_row[0]}\"><td><b>{$dom_row[0]}</b></td><td><input class=\"rinput\" type=\"text\" name=\"dom_max\" maxlength=\"6\" autocomplete=\"off\" value=\"{$dom_row[2]}\"></td><td><input class=\"input\" type=\"text\" name=\"dom_pass\" maxlength=\"64\" autocomplete=\"off\"></td><td><input class=\"input\" type=\"submit\" value=\"mod\"></td></form><form method=\"post\"><input type=\"hidden\" name=\"dom_del\" value=\"{$dom_row[0]}\"><td><input class=\"input\" type=\"submit\" value=\"del\" onclick=\"if (confirm('Do you really want to delete {$dom_row[0]} plus all accounts and messages associated with this domain?')) {return true;} else {return false;}\"></td></form></tr>";
- }
-
- echo "</table>";
- }
-
- echo "</td>";
-
- if ($_SESSION['logged_lvl'] == "postmaster") {
-
- echo "<td width=\"10\"></td><td valign=\"top\">";
-
- echo "<table border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#cccccc\">";
- echo "<tr bgcolor=\"#ffffff\"><td align=\"center\"><b>alias</b></td><td align=\"center\"><b>recipient</b></td><td align=\"center\" colspan=\"3\"><b>action</b></td></tr>";
- echo "<form method=\"post\">";
- echo "<tr bgcolor=\"#ffffff\"><td><input class=\"input\" type=\"text\" name=\"alias_add\" autocomplete=\"off\" maxlength=\"255\"></td><td><input class=\"input\" type=\"text\" name=\"alias_to\" autocomplete=\"off\" maxlength=\"128\"></td><td colspan=\"3\"><input class=\"input\" type=\"submit\" value=\"add\"></td></tr>";
- echo "</form>";
-
- $get_aliases = pg_query($db_link,"select * from aliases where domain='{$_SESSION['logged_uid']}' order by id");
-
- while ($aliases_row = pg_fetch_array($get_aliases)) {
-
- if ($aliases_row[3] == "1") {
- $alias_do = "disable";
- $alias_bg = "#ffffff";
- }
-
- if ($aliases_row[3] == "0") {
- $alias_do = "enable";
- $alias_bg = "#eeeeee";
- }
-
- echo "<tr bgcolor=\"$alias_bg\"><form method=\"post\"><input type=\"hidden\" name=\"alias_mod\" value=\"{$aliases_row[0]}\"><td><b>{$aliases_row[0]}</b></td><td><input class=\"input\" type=\"text\" name=\"alias_to\" maxlength=\"255\" autocomplete=\"off\" value=\"{$aliases_row[1]}\"></td><td><input class=\"input\" type=\"submit\" value=\"mod\"></td></form><form method=\"post\"><input type=\"hidden\" name=\"alias_set\" value=\"{$aliases_row[0]}\"><input type=\"hidden\" name=\"alias_do\" value=\"$alias_do\"><td align=\"center\" valign=\"middle\" width=\"10\"><input type=\"image\" src=\"images/{$alias_do}.png\"></td></form><form method=\"post\"><input type=\"hidden\" name=\"alias_del\" value=\"{$aliases_row[0]}\"><td><input class=\"input\" type=\"submit\" value=\"del\" onclick=\"if (confirm('Do you really want to delete the {$aliases_row[0]} alias of {$aliases_row[1]}?')) {return true;} else {return false;}\"></td></form></tr>";
- }
-
- echo "</table>";
- }
-
- echo "</td></tr>";
- echo "</table>";
-}
-
-pg_close($db_link);
-
-?>
diff --git a/post.php b/post.php
index e8b2365..e00b2e4 100644
--- a/post.php
+++ b/post.php
@@ -68,8 +68,6 @@ if (isset($_POST['new']) and !empty($_POST['new']) and is_numeric($_POST['new'])
<div class="message">
-<iframe name="filedrop" src="filedrop.php" frameborder="0" scrolling="0" width="0" height="0"></iframe>
-
<table border="0" cellspacing="0" cellpadding="0">
<form name="filedrop_form" enctype="multipart/form-data" action="filedrop.php" method="post" target="filedrop" onsubmit="this.elements['filedrop_submit'].disabled = true;document.getElementById('filedrop_wait').innerHTML = '<img src=images/ajax-loader.gif border=0 width=16 height=16 hspace=5>';">
<tr><td>
@@ -87,3 +85,22 @@ if (isset($_POST['new']) and !empty($_POST['new']) and is_numeric($_POST['new'])
</table>
</div>
+
+<script>
+<!--
+function calcHeight(iframe_id)
+{
+ var iframe_height=document.getElementById(iframe_id).contentWindow.document.body.scrollHeight;
+
+ if (iframe_height<9)
+ {
+ document.getElementById(iframe_id).height=0;
+ }
+ else {
+ document.getElementById(iframe_id).height=iframe_height;
+ }
+}
+//-->
+</script>
+
+<iframe id="filedrop" onLoad="calcHeight('filedrop');" name="filedrop" src="filedrop.php" frameborder="0" scrolling="0" width="100%" height="0"></iframe>
diff --git a/preload.php b/preload.php
new file mode 100644
index 0000000..fe790d2
--- /dev/null
+++ b/preload.php
@@ -0,0 +1,20 @@
+<img src="images/ajax-loader.gif">
+<img src="images/attach.png">
+<img src="images/disable.png">
+<img src="images/enable.png">
+<img src="images/file.png">
+<img src="images/folder-close.png">
+<img src="images/folder-open.png">
+<img src="images/mail-forward.png">
+<img src="images/mail-new.png">
+<img src="images/mail-next.png">
+<img src="images/mail-prev.png">
+<img src="images/mail-read.png">
+<img src="images/mail-replied.png">
+<img src="images/mail-reply-all.png">
+<img src="images/mail-reply.png">
+<img src="images/mail-search.png">
+<img src="images/mail-unread.png">
+<img src="images/trashcan_empty.png">
+<img src="images/trashcan_full.png">
+<img src="images/trashcan_purge.png">
diff --git a/read.php b/read.php
index 8a41150..54bba45 100644
--- a/read.php
+++ b/read.php
@@ -280,16 +280,13 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
$msgBody = $dataHtml;
}
else {
- $msgBody = $dataTxt;
+ $msgBody = trim($dataTxt);
$msgBody = ereg_replace("\n","<br>",$msgBody);
$msgBody = preg_replace("/([^\w\/])(www\.[a-z0-9\-]+\.[a-z0-9\-]+)/i","$1http://$2",$msgBody);
$msgBody = preg_replace("/([\w]+:\/\/[\w-?&;#~=\.\/\@]+[\w\/])/i","<a target=\"_blank\" href=\"$1\">$1</a>",$msgBody);
$msgBody = preg_replace("/([\w-?&;#~=\.\/]+\@(\[?)[a-zA-Z0-9\-\.]+\.([a-zA-Z]{2,3}|[0-9]{1,3})(\]?))/i","<a href=\"mailto:$1\">$1</a>",$msgBody);
}
- //$msgBody = imap_utf8($msgBody);
- //$msgBody = utf8_decode($msgBody);
-
$msgBody = mb_convert_encoding($msgBody,"UTF-8","auto");
$msgBody = mb_convert_encoding($msgBody,"UTF-8","UTF-8");
@@ -300,10 +297,7 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
$do_fromaddress = extract_emails_from($header->fromaddress);
$do_toaddress = extract_emails_from($header->toaddress);
- //$filePath = $_SERVER['SERVER_NAME'] . $do_fromaddress[0] . $do_toaddress[0] . $header_subject . microtime(true);
- //$filePath = "attach/" . sha1($filePath);
-
- $filePath = "attach/$fileUsr/$fileDir";
+ $filePath = "attach/o/$fileUsr/$fileDir";
$struct = imap_fetchstructure($mbox, $msgno);
@@ -362,13 +356,33 @@ if (isset($_POST['msg']) and !empty($_POST['msg']) and is_numeric($_POST['msg'])
$fileSize = filesize($fileAttachment);
$fileSize = HumanReadableFilesize($fileSize);
- echo "\r\n<tr><td><a href=\"$fileAttachment\"><img src=\"images/file.png\" border=\"0\" width=\"36\" height=\"36\"></a></td><td><a href=\"$fileAttachment\">$fileName</a><br>$fileSize</td></tr>\r\n";
+ if (is_image($fileAttachment)) {
+
+ $img_size = getimagesize($fileAttachment);
+
+ $imgSize = "";
+
+ if (($img_size[0] > 0) and ($img_size[1] > 0)) {
+
+ $imgSize = ", {$img_size[0]}x{$img_size[1]} pixels";
+
+ if ($img_size[bits] > 0) {
+
+ $imgSize = "$imgSize, {$img_size[bits]}-bit image";
+ }
+ }
+
+ echo "\r\n<tr><td><a href=\"$fileAttachment\" target=\"_blank\"><img src=\"images/file.png\" border=\"0\" width=\"36\" height=\"36\"></a></td><td><a href=\"$fileAttachment\" target=\"_blank\">$fileName</a><br>$fileSize{$imgSize}</td></tr>\r\n";
+ }
+ else {
+ echo "\r\n<tr><td><a href=\"$fileAttachment\"><img src=\"images/file.png\" border=\"0\" width=\"36\" height=\"36\"></a></td><td><a href=\"$fileAttachment\">$fileName</a><br>$fileSize</td></tr>\r\n";
+ }
}
echo "</table>";
echo "</div>";
- $_SESSION['clean_up'] = $fileDir;
+ $_SESSION['clean_up_o'] = $fileDir;
}
else {
rmdirr($filePath);