mirror of
https://github.com/postfixadmin/postfixadmin.git
synced 2024-09-19 19:22:14 +02:00
- merge edit-active.php and admin/edit-active.php
- merge identical parts of GET and POST code git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@40 a1433add-5e2c-0410-b055-b7f2511e0802
This commit is contained in:
parent
9c5c053fab
commit
04ce4827e4
@ -18,84 +18,9 @@
|
||||
// fUsername
|
||||
// fDomain
|
||||
//
|
||||
require ("../variables.inc.php");
|
||||
require ("../config.inc.php");
|
||||
require ("../functions.inc.php");
|
||||
include ("../languages/" . check_language () . ".lang");
|
||||
|
||||
$SESSID_USERNAME = check_session ();
|
||||
(!check_admin($SESSID_USERNAME) ? header("Location: " . $CONF['postfix_admin_url'] . "/main.php") && exit : '1');
|
||||
$incpath = "..";
|
||||
require("../edit-active.php");
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] == "GET")
|
||||
{
|
||||
if (isset ($_GET['username'])) $fUsername = escape_string ($_GET['username']);
|
||||
if (isset ($_GET['alias'])) $fAlias = escape_string ($_GET['alias']); else $fAlias = escape_string ($_GET['username']);
|
||||
if (isset ($_GET['domain'])) $fDomain = escape_string ($_GET['domain']);
|
||||
if (isset ($_GET['return'])) $fReturn = escape_string ($_GET['return']);
|
||||
|
||||
if ($fUsername != '')
|
||||
{
|
||||
$query = "UPDATE $table_mailbox SET active=1-active WHERE username='$fUsername' AND domain='$fDomain'";
|
||||
if ('pgsql'==$CONF['database_type'])
|
||||
{
|
||||
$query = "UPDATE $table_mailbox SET active=NOT active WHERE username='$fUsername' AND domain='$fDomain'";
|
||||
}
|
||||
$result = db_query ($query);
|
||||
if ($result['rows'] != 1)
|
||||
{
|
||||
$error = 1;
|
||||
$tMessage = $PALANG['pEdit_mailbox_result_error'];
|
||||
}
|
||||
else
|
||||
{
|
||||
db_log ($CONF['admin_email'], $fDomain, "edit active", $fUsername);
|
||||
}
|
||||
}
|
||||
|
||||
if ($fAlias != '')
|
||||
{
|
||||
$query = "UPDATE $table_alias SET active=1-active WHERE address='$fAlias' AND domain='$fDomain'";
|
||||
if ('pgsql'==$CONF['database_type'])
|
||||
{
|
||||
$query = "UPDATE $table_alias SET active=NOT active WHERE address='$fAlias' AND domain='$fDomain'";
|
||||
}
|
||||
$result = db_query ($query);
|
||||
if ($result['rows'] != 1)
|
||||
{
|
||||
$error = 1;
|
||||
$tMessage = $PALANG['pEdit_mailbox_result_error'] . " alias" . $result['rows'];
|
||||
}
|
||||
else
|
||||
{
|
||||
db_log ($CONF['admin_email'], $fDomain, "edit alias active", $fAlias);
|
||||
}
|
||||
}
|
||||
|
||||
if ($error != 1)
|
||||
{
|
||||
if ( $fReturn != "" )
|
||||
{
|
||||
header ("Location: $fReturn");
|
||||
}
|
||||
else
|
||||
{
|
||||
header ("Location: list-virtual.php?domain=$fDomain");
|
||||
}
|
||||
exit;
|
||||
}
|
||||
|
||||
include ("../templates/header.tpl");
|
||||
include ("../templates/admin_menu.tpl");
|
||||
include ("../templates/message.tpl");
|
||||
include ("../templates/footer.tpl");
|
||||
}
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] == "POST")
|
||||
{
|
||||
include ("../templates/header.tpl");
|
||||
include ("../templates/admin_menu.tpl");
|
||||
include ("../templates/message.tpl");
|
||||
include ("../templates/footer.tpl");
|
||||
}
|
||||
/* vim: set expandtab softtabstop=3 tabstop=3 shiftwidth=3: */
|
||||
?>
|
||||
|
@ -19,12 +19,15 @@
|
||||
// fDomain
|
||||
// fReturn
|
||||
//
|
||||
require ("./variables.inc.php");
|
||||
require ("./config.inc.php");
|
||||
require ("./functions.inc.php");
|
||||
include ("./languages/" . check_language () . ".lang");
|
||||
|
||||
$SESSID_USERNAME = check_session();
|
||||
if (!isset($incpath)) $incpath = '.';
|
||||
|
||||
require ("$incpath/variables.inc.php");
|
||||
require ("$incpath/config.inc.php");
|
||||
require ("$incpath/functions.inc.php");
|
||||
include ("$incpath/languages/" . check_language () . ".lang");
|
||||
|
||||
$SESSID_USERNAME = check_session ();
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] == "GET")
|
||||
{
|
||||
@ -33,7 +36,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET")
|
||||
if (isset ($_GET['domain'])) $fDomain = escape_string ($_GET['domain']);
|
||||
if (isset ($_GET['return'])) $fReturn = escape_string ($_GET['return']);
|
||||
|
||||
if (!check_owner ($SESSID_USERNAME, $fDomain))
|
||||
if (! (check_owner ($SESSID_USERNAME, $fDomain) || check_admin($SESSID_USERNAME) ) )
|
||||
{
|
||||
$error = 1;
|
||||
$tMessage = $PALANG['pEdit_mailbox_domain_error'] . "<b>$fDomain</b>!</font>";
|
||||
@ -73,27 +76,31 @@ if ($_SERVER['REQUEST_METHOD'] == "GET")
|
||||
{
|
||||
if ( $fReturn != "" )
|
||||
{
|
||||
### TODO: prevent possible URL injection (return=http://www.irgendwas.de)
|
||||
### http://sourceforge.net/tracker/index.php?func=detail&aid=1770514&group_id=191583&atid=937964
|
||||
header ("Location: $fReturn");
|
||||
}
|
||||
else
|
||||
{
|
||||
header ("Location: overview.php?domain=$fDomain");
|
||||
if (check_admin($SESSID_USERNAME)) {
|
||||
header ("Location: list-virtual.php?domain=$fDomain");
|
||||
} else {
|
||||
header ("Location: overview.php?domain=$fDomain");
|
||||
}
|
||||
}
|
||||
exit;
|
||||
}
|
||||
|
||||
include ("./templates/header.tpl");
|
||||
include ("./templates/menu.tpl");
|
||||
include ("./templates/message.tpl");
|
||||
include ("./templates/footer.tpl");
|
||||
}
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] == "POST")
|
||||
{
|
||||
include ("./templates/header.tpl");
|
||||
include ("./templates/menu.tpl");
|
||||
include ("./templates/message.tpl");
|
||||
include ("./templates/footer.tpl");
|
||||
include ("$incpath/templates/header.tpl");
|
||||
|
||||
if (check_admin($SESSID_USERNAME)) {
|
||||
include ("$incpath/templates/admin_menu.tpl");
|
||||
} else {
|
||||
include ("$incpath/templates/menu.tpl");
|
||||
}
|
||||
|
||||
include ("$incpath/templates/message.tpl");
|
||||
include ("$incpath/templates/footer.tpl");
|
||||
/* vim: set expandtab softtabstop=3 tabstop=3 shiftwidth=3: */
|
||||
?>
|
||||
|
Loading…
Reference in New Issue
Block a user