SF.net SVN: postfixadmin: [110] trunk/create-mailbox.php

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Revision: 110
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=110&view=rev
Author:   GingerDog
Date:     2007-10-02 04:58:11 -0700 (Tue, 02 Oct 2007)

Log Message:
-----------
ensure domain name is in a list of valid domain names; set for use within the template so the right one is selected if ?domain=XXX was in the url

Modified Paths:
--------------
    trunk/create-mailbox.php

Modified: trunk/create-mailbox.php
===================================================================

--- trunk/create-mailbox.php	2007-10-02 11:57:28 UTC (rev 109)
+++ trunk/create-mailbox.php	2007-10-02 11:58:11 UTC (rev 110)
@@ -46,7 +46,7 @@
    $list_domains = list_domains ();
 }
 else {
-   $list_domains = list_domains_for_admin ($SESSID_USERNAME);
+   $list_domains = list_domains_for_admin($SESSID_USERNAME);
 }
 
 
@@ -56,14 +56,18 @@
 
 if ($_SERVER['REQUEST_METHOD'] == "GET")
 {
+   $fDomain = $list_domains[0];
    if (isset ($_GET['domain'])) $fDomain = escape_string ($_GET['domain']);
 
+   if(!in_array($fDomain, $list_domains)) {
+      die("Invalid domain name selected, or you tried to select a domain you are not an admin for");
+   }
+   $tDomain = $fDomain;
    $result = db_query ("SELECT * FROM $table_domain WHERE domain='$fDomain'");
    if ($result['rows'] == 1)
    {
       $row = db_array ($result['result']);
       $tQuota = $row['maxquota'];
-
    }
 }
 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


