mail_domain_edit.php 17 KB
Newer Older
tbrehm's avatar
tbrehm committed
1 2
<?php
/*
tbrehm's avatar
tbrehm committed
3
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
tbrehm's avatar
tbrehm committed
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43
All rights reserved.

Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:

    * Redistributions of source code must retain the above copyright notice,
      this list of conditions and the following disclaimer.
    * Redistributions in binary form must reproduce the above copyright notice,
      this list of conditions and the following disclaimer in the documentation
      and/or other materials provided with the distribution.
    * Neither the name of ISPConfig nor the names of its contributors
      may be used to endorse or promote products derived from this software without
      specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/


/******************************************
* Begin Form configuration
******************************************/

$tform_def_file = "form/mail_domain.tform.php";

/******************************************
* End Form configuration
******************************************/

require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');

44 45
//* Check permissions for module
$app->auth->check_module_permissions('mail');
tbrehm's avatar
tbrehm committed
46 47 48 49 50 51

// Loading classes
$app->uses('tpl,tform,tform_actions');
$app->load('tform_actions');

class page_action extends tform_actions {
52

tbrehm's avatar
tbrehm committed
53 54
	function onShowNew() {
		global $app, $conf;
55

tbrehm's avatar
tbrehm committed
56 57
		// we will check only users, not admins
		if($_SESSION["s"]["user"]["typ"] == 'user') {
58 59 60 61 62
			if(!$app->tform->checkClientLimit('limit_maildomain')) {
				$app->error($app->tform->wordbook["limit_maildomain_txt"]);
			}
			if(!$app->tform->checkResellerLimit('limit_maildomain')) {
				$app->error('Reseller: '.$app->tform->wordbook["limit_maildomain_txt"]);
tbrehm's avatar
tbrehm committed
63 64
			}
		}
65

tbrehm's avatar
tbrehm committed
66 67
		parent::onShowNew();
	}
68

tbrehm's avatar
tbrehm committed
69 70
	function onShowEnd() {
		global $app, $conf;
71

tbrehm's avatar
Fixed:  
tbrehm committed
72
		if($_SESSION["s"]["user"]["typ"] == 'admin') {
73 74
			// Getting Clients of the user
			if($_SESSION["s"]["user"]["typ"] == 'admin') {
75
				$sql = "SELECT groupid, name FROM sys_group WHERE client_id > 0 ORDER BY name";
76 77
			} else {
				$client_group_id = $_SESSION["s"]["user"]["default_group"];
78
				$sql = "SELECT client.client_id, limit_web_domain, default_mailserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id";
79
			}
tbrehm's avatar
tbrehm committed
80
			$clients = $app->db->queryAllRecords($sql);
81 82
			$client_select = '';
			if($_SESSION["s"]["user"]["typ"] == 'admin') $client_select .= "<option value='0'></option>";
83
			$tmp_data_record = $app->tform->getDataRecord($this->id);
tbrehm's avatar
tbrehm committed
84 85
			if(is_array($clients)) {
				foreach( $clients as $client) {
86
					$selected = ($client["groupid"] == $tmp_data_record["sys_groupid"])?'SELECTED':'';
tbrehm's avatar
tbrehm committed
87 88 89
					$client_select .= "<option value='$client[groupid]' $selected>$client[name]</option>\r\n";
				}
			}
tbrehm's avatar
Fixed:  
tbrehm committed
90
			$app->tpl->setVar("client_group_id",$client_select);
91

tbrehm's avatar
Fixed:  
tbrehm committed
92 93 94 95
		} elseif ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {

			// Get the limits of the client
			$client_group_id = $_SESSION["s"]["user"]["default_group"];
96
			$client = $app->db->queryOneRecord("SELECT client.client_id, contact_name, default_mailserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id order by contact_name");
97

98 99 100
			// Set the mailserver to the default server of the client
			$tmp = $app->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = $client[default_mailserver]");
			$app->tpl->setVar("server_id","<option value='$client[default_mailserver]'>$tmp[server_name]</option>");
tbrehm's avatar
Fixed:  
tbrehm committed
101
			unset($tmp);
102

tbrehm's avatar
Fixed:  
tbrehm committed
103 104 105
			// Fill the client select field
			$sql = "SELECT groupid, name FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id'];
			$clients = $app->db->queryAllRecords($sql);
106 107
			$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$client['client_id']);
			$client_select = '<option value="'.$tmp['groupid'].'">'.$client['contact_name'].'</option>';
108
			$tmp_data_record = $app->tform->getDataRecord($this->id);
tbrehm's avatar
Fixed:  
tbrehm committed
109 110
			if(is_array($clients)) {
				foreach( $clients as $client) {
111
					$selected = @($client["groupid"] == $tmp_data_record["sys_groupid"])?'SELECTED':'';
tbrehm's avatar
Fixed:  
tbrehm committed
112 113 114 115 116
					$client_select .= "<option value='$client[groupid]' $selected>$client[name]</option>\r\n";
				}
			}
			$app->tpl->setVar("client_group_id",$client_select);

tbrehm's avatar
tbrehm committed
117
		}
118

119 120 121
		/*
		 * Now we have to check, if we should use the domain-module to select the domain
		 * or not
122
		 */
123 124
		$app->uses('ini_parser,getconf');
		$settings = $app->getconf->get_global_config('domains');
125
		if ($settings['use_domain_module'] == 'y') {
126 127 128
			/*
			 * The domain-module is in use.
			*/
129
			$client_group_id = $_SESSION["s"]["user"]["default_group"];
130 131 132 133 134 135 136 137
			/*
			 * The admin can select ALL domains, the user only the domains assigned to him
			 */
			$sql = "SELECT domain FROM domain ";
			if ($_SESSION["s"]["user"]["typ"] != 'admin') {
				$sql .= "WHERE sys_groupid =" . $client_group_id;
			}
			$sql .= " ORDER BY domain";
138 139
			$domains = $app->db->queryAllRecords($sql);
			$domain_select = '';
140 141
			if(is_array($domains) && sizeof($domains) > 0) {
				/* We have domains in the list, so create the drop-down-list */
142
				foreach( $domains as $domain) {
143 144 145 146 147
					$domain_select .= "<option value=" . $domain['domain'] ;
					if ($domain['domain'] == $this->dataRecord["domain"]) {
						$domain_select .= " selected";
					}
					$domain_select .= ">" . $domain['domain'] . "</option>\r\n";
148
				}
149 150
			}
			else {
151 152 153 154
				/*
				 * We have no domains in the domain-list. This means, we can not add ANY new domain.
				 * To avoid, that the variable "domain_option" is empty and so the user can
				 * free enter a domain, we have to create a empty option!
155
				*/
156
				$domain_select .= "<option value=''></option>\r\n";
157 158 159
			}
			$app->tpl->setVar("domain_option",$domain_select);
		}
160 161


tbrehm's avatar
tbrehm committed
162 163 164 165 166 167 168 169 170 171 172 173 174 175 176
		// Get the spamfilter policys for the user
		$tmp_user = $app->db->queryOneRecord("SELECT policy_id FROM spamfilter_users WHERE email = '@".$this->dataRecord["domain"]."'");
		$sql = "SELECT id, policy_name FROM spamfilter_policy WHERE ".$app->tform->getAuthSQL('r');
		$policys = $app->db->queryAllRecords($sql);
		$policy_select = "<option value='0'>".$app->tform->wordbook["no_policy"]."</option>";
		if(is_array($policys)) {
			foreach( $policys as $p) {
				$selected = ($p["id"] == $tmp_user["policy_id"])?'SELECTED':'';
				$policy_select .= "<option value='$p[id]' $selected>$p[policy_name]</option>\r\n";
			}
		}
		$app->tpl->setVar("policy",$policy_select);
		unset($policys);
		unset($policy_select);
		unset($tmp_user);
177

tbrehm's avatar
tbrehm committed
178 179
		if($this->id > 0) {
			//* we are editing a existing record
180 181
			$app->tpl->setVar("edit_disabled", 1);
			$app->tpl->setVar("server_id_value", $this->dataRecord["server_id"]);
tbrehm's avatar
tbrehm committed
182
		} else {
183
			$app->tpl->setVar("edit_disabled", 0);
tbrehm's avatar
tbrehm committed
184
		}
185

tbrehm's avatar
tbrehm committed
186 187
		parent::onShowEnd();
	}
188

tbrehm's avatar
tbrehm committed
189
	function onSubmit() {
tbrehm's avatar
tbrehm committed
190 191
		global $app, $conf;
		if($_SESSION["s"]["user"]["typ"] != 'admin') {
192

tbrehm's avatar
tbrehm committed
193 194 195
			// Get the limits of the client
			$client_group_id = $_SESSION["s"]["user"]["default_group"];
			$client = $app->db->queryOneRecord("SELECT limit_maildomain, default_mailserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
196

tbrehm's avatar
tbrehm committed
197 198 199 200 201 202
			// When the record is updated
			if($this->id > 0) {
				// restore the server ID if the user is not admin and record is edited
				$tmp = $app->db->queryOneRecord("SELECT server_id FROM mail_domain WHERE domain_id = ".intval($this->id));
				$this->dataRecord["server_id"] = $tmp["server_id"];
				unset($tmp);
203
				// When the record is inserted
tbrehm's avatar
tbrehm committed
204 205 206
			} else {
				// set the server ID to the default mailserver of the client
				$this->dataRecord["server_id"] = $client["default_mailserver"];
207

tbrehm's avatar
tbrehm committed
208 209 210 211 212 213 214 215
				// Check if the user may add another mail_domain
				if($client["limit_maildomain"] >= 0) {
					$tmp = $app->db->queryOneRecord("SELECT count(domain_id) as number FROM mail_domain WHERE sys_groupid = $client_group_id");
					if($tmp["number"] >= $client["limit_maildomain"]) {
						$app->error($app->tform->wordbook["limit_maildomain_txt"]);
					}
				}
			}
216

tbrehm's avatar
tbrehm committed
217
			// Clients may not set the client_group_id, so we unset them if user is not a admin
218
			if(!$app->auth->has_clients($_SESSION['s']['user']['userid'])) unset($this->dataRecord["client_group_id"]);
tbrehm's avatar
tbrehm committed
219
		}
220

221 222
		//* make sure that the email domain is lowercase
		if(isset($this->dataRecord["domain"])) $this->dataRecord["domain"] = strtolower($this->dataRecord["domain"]);
223 224


tbrehm's avatar
tbrehm committed
225 226
		parent::onSubmit();
	}
227

tbrehm's avatar
tbrehm committed
228 229
	function onAfterInsert() {
		global $app, $conf;
230

231
		// make sure that the record belongs to the client group and not the admin group when a dmin inserts it
232
		// also make sure that the user can not delete domain created by a admin
tbrehm's avatar
tbrehm committed
233 234
		if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
			$client_group_id = intval($this->dataRecord["client_group_id"]);
235
			$app->db->query("UPDATE mail_domain SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE domain_id = ".$this->id);
tbrehm's avatar
tbrehm committed
236
		}
237 238 239 240
		if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
			$client_group_id = intval($this->dataRecord["client_group_id"]);
			$app->db->query("UPDATE mail_domain SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE domain_id = ".$this->id);
		}
241

tbrehm's avatar
tbrehm committed
242 243 244
		// Spamfilter policy
		$policy_id = intval($this->dataRecord["policy"]);
		if($policy_id > 0) {
245
			$tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '@".mysql_real_escape_string($this->dataRecord["domain"])."'");
tbrehm's avatar
tbrehm committed
246 247
			if($tmp_user["id"] > 0) {
				// There is already a record that we will update
tbrehm's avatar
tbrehm committed
248
				$app->db->datalogUpdate('spamfilter_users', "policy_id = $ploicy_id", 'id', $tmp_user["id"]);
tbrehm's avatar
tbrehm committed
249 250 251
			} else {
				$tmp_domain = $app->db->queryOneRecord("SELECT sys_groupid FROM mail_domain WHERE domain_id = ".$this->id);
				// We create a new record
252
				$insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `priority`, `policy_id`, `email`, `fullname`, `local`)
fantu's avatar
fantu committed
253
				        VALUES (".$_SESSION["s"]["user"]["userid"].", ".$tmp_domain["sys_groupid"].", 'riud', 'riud', '', ".$this->dataRecord["server_id"].", 5, ".$policy_id.", '@".mysql_real_escape_string($this->dataRecord["domain"])."', '@".mysql_real_escape_string($this->dataRecord["domain"])."', 'Y')";
254
				$app->db->datalogInsert('spamfilter_users', $insert_data, 'id');
tbrehm's avatar
tbrehm committed
255 256 257
				unset($tmp_domain);
			}
		}  // endif spamfilter policy
tbrehm's avatar
tbrehm committed
258
	}
259

260 261
	function onBeforeUpdate() {
		global $app, $conf;
262

263 264 265
		//* Check if the server has been changed
		// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
		if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
266
			$rec = $app->db->queryOneRecord("SELECT server_id, domain from mail_domain WHERE domain_id = ".$this->id);
267 268 269 270 271 272
			if($rec['server_id'] != $this->dataRecord["server_id"]) {
				//* Add a error message and switch back to old server
				$app->tform->errorMessage .= $app->lng('The Server can not be changed.');
				$this->dataRecord["server_id"] = $rec['server_id'];
			}
			unset($rec);
273
			//* If the user is neither admin nor reseller
274 275 276 277 278 279 280 281 282
		} else {
			//* We do not allow users to change a domain which has been created by the admin
			$rec = $app->db->queryOneRecord("SELECT domain from mail_domain WHERE domain_id = ".$this->id);
			if($rec['domain'] != $this->dataRecord["domain"] && $app->tform->checkPerm($this->id,'u')) {
				//* Add a error message and switch back to old server
				$app->tform->errorMessage .= $app->lng('The Domain can not be changed. Please ask your Administrator if you want to change the domain name.');
				$this->dataRecord["domain"] = $rec['domain'];
			}
			unset($rec);
283 284
		}
	}
285 286 287



tbrehm's avatar
tbrehm committed
288 289
	function onAfterUpdate() {
		global $app, $conf;
290

291
		// make sure that the record belongs to the clinet group and not the admin group when admin inserts it
292
		// also make sure that the user can not delete domain created by a admin
tbrehm's avatar
tbrehm committed
293 294
		if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
			$client_group_id = intval($this->dataRecord["client_group_id"]);
295
			$app->db->query("UPDATE mail_domain SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE domain_id = ".$this->id);
tbrehm's avatar
tbrehm committed
296
		}
297 298 299 300
		if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
			$client_group_id = intval($this->dataRecord["client_group_id"]);
			$app->db->query("UPDATE mail_domain SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE domain_id = ".$this->id);
		}
301

tbrehm's avatar
tbrehm committed
302 303
		// Spamfilter policy
		$policy_id = intval($this->dataRecord["policy"]);
304
		$tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '@".mysql_real_escape_string($this->dataRecord["domain"])."'");
tbrehm's avatar
tbrehm committed
305 306 307
		if($policy_id > 0) {
			if($tmp_user["id"] > 0) {
				// There is already a record that we will update
308
				$app->db->datalogUpdate('spamfilter_users', "policy_id = $policy_id", 'id', $tmp_user["id"]);
tbrehm's avatar
tbrehm committed
309 310 311
			} else {
				$tmp_domain = $app->db->queryOneRecord("SELECT sys_groupid FROM mail_domain WHERE domain_id = ".$this->id);
				// We create a new record
312
				$insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `priority`, `policy_id`, `email`, `fullname`, `local`)
fantu's avatar
fantu committed
313
				        VALUES (".$_SESSION["s"]["user"]["userid"].", ".$tmp_domain["sys_groupid"].", 'riud', 'riud', '', ".$this->dataRecord["server_id"].", 5, ".$policy_id.", '@".mysql_real_escape_string($this->dataRecord["domain"])."', '@".mysql_real_escape_string($this->dataRecord["domain"])."', 'Y')";
314
				$app->db->datalogInsert('spamfilter_users', $insert_data, 'id');
tbrehm's avatar
tbrehm committed
315 316
				unset($tmp_domain);
			}
317
		} else {
tbrehm's avatar
tbrehm committed
318 319
			if($tmp_user["id"] > 0) {
				// There is already a record but the user shall have no policy, so we delete it
320
				$app->db->datalogDelete('spamfilter_users', 'id', $tmp_user["id"]);
tbrehm's avatar
tbrehm committed
321 322
			}
		} // endif spamfilter policy
tbrehm's avatar
tbrehm committed
323 324
		//** If the domain name or owner has been changed, change the domain and owner in all mailbox records
		if($this->oldDataRecord['domain'] != $this->dataRecord['domain'] || (isset($this->dataRecord['client_group_id']) && $this->oldDataRecord['sys_groupid'] != $this->dataRecord['client_group_id'])) {
325 326
			$app->uses('getconf');
			$mail_config = $app->getconf->get_server_config($this->dataRecord["server_id"],'mail');
327

328
			//* Update the mailboxes
329
			$mailusers = $app->db->queryAllRecords("SELECT * FROM mail_user WHERE email like '%@".mysql_real_escape_string($this->oldDataRecord['domain'])."'");
tbrehm's avatar
tbrehm committed
330
			$sys_groupid = (isset($this->dataRecord['client_group_id']))?$this->dataRecord['client_group_id']:$this->oldDataRecord['sys_groupid'];
331 332 333 334 335 336
			if(is_array($mailusers)) {
				foreach($mailusers as $rec) {
					// setting Maildir, Homedir, UID and GID
					$mail_parts = explode("@",$rec['email']);
					$maildir = str_replace("[domain]",$this->dataRecord['domain'],$mail_config["maildir_path"]);
					$maildir = str_replace("[localpart]",$mail_parts[0],$maildir);
337 338
					$maildir = mysql_real_escape_string($maildir);
					$email = mysql_real_escape_string($mail_parts[0].'@'.$this->dataRecord['domain']);
tbrehm's avatar
tbrehm committed
339
					$app->db->datalogUpdate('mail_user', "maildir = '$maildir', email = '$email', sys_groupid = '$sys_groupid'", 'mailuser_id', $rec['mailuser_id']);
340 341
				}
			}
342

343
			//* Update the aliases
344
			$forwardings = $app->db->queryAllRecords("SELECT * FROM mail_forwarding WHERE source like '%@".mysql_real_escape_string($this->oldDataRecord['domain'])."' OR destination like '%@".mysql_real_escape_string($this->oldDataRecord['domain'])."'");
345 346
			if(is_array($forwardings)) {
				foreach($forwardings as $rec) {
347 348
					$destination = mysql_real_escape_string(str_replace($this->oldDataRecord['domain'],$this->dataRecord['domain'],$rec['destination']));
					$source = mysql_real_escape_string(str_replace($this->oldDataRecord['domain'],$this->dataRecord['domain'],$rec['source']));
tbrehm's avatar
tbrehm committed
349
					$app->db->datalogUpdate('mail_forwarding', "source = '$source', destination = '$destination', sys_groupid = '$sys_groupid'", 'forwarding_id', $rec['forwarding_id']);
350 351
				}
			}
352

353 354 355 356
			//* Delete the old spamfilter record
			$tmp = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '@".mysql_real_escape_string($this->oldDataRecord["domain"])."'");
			$app->db->datalogDelete('spamfilter_users', 'id', $tmp["id"]);
			unset($tmp);
357

358
		} // end if domain name changed
359

tbrehm's avatar
tbrehm committed
360
	}
361

tbrehm's avatar
tbrehm committed
362 363 364 365 366
}

$page = new page_action;
$page->onLoad();

tbrehm's avatar
tbrehm committed
367
?>