SF.net SVN: postfixadmin: [160] trunk
Brought to you by:
christian_boltz,
gingerdog
Menu
▾
▴
SF.net SVN: postfixadmin: [160] trunk
|
From: <chr...@us...> - 2007-10-23 00:01:27
|
Revision: 160
http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=160&view=rev
Author: christian_boltz
Date: 2007-10-22 17:01:31 -0700 (Mon, 22 Oct 2007)
Log Message:
-----------
fetchmail.php
- changed editable and display flags of some columns in $fm_struct
(this array is pretty useful once you understand how to use it ;-)
- completed support for $CONF['fetchmail_extra_options'] = 'NO'
- added several escape_string() calls
- fixed several $_GET/$_POST undefined index warnings
- fixed some MySQL vs. PgSQL issues
- some small fixes
fetchmail.tpl
- changed layout to separate list and edit view
- fixed an undefined index warning
- replaced ID column with edit link
Modified Paths:
--------------
trunk/fetchmail.php
trunk/templates/fetchmail.tpl
Modified: trunk/fetchmail.php
===================================================================
--- trunk/fetchmail.php 2007-10-22 23:49:10 UTC (rev 159)
+++ trunk/fetchmail.php 2007-10-23 00:01:31 UTC (rev 160)
@@ -54,20 +54,25 @@
authentication_require_role('admin');
+$extra_options = 0;
+if ($CONF['fetchmail_extra_options'] == 'YES') $extra_options = 1;
+
$fm_struct=array( // list($editible,$view,$type,$title,$comment)
- "id" =>array(0,1,'id', 'ID','Record ID'),
+ # first column: allow editing?
+ # second column: display field?
+ "id" =>array(0,0,'id', 'ID','Record ID'),
"mailbox" =>array(1,1,'enum', 'Mailbox','Local mailbox'),
"src_server" =>array(1,1,'text', 'Server','Remote Server'),
"src_auth" =>array(1,1,'enum', 'Auth Type','Mostly password'),
"src_user" =>array(1,1,'text', 'User','Remote User'),
- "src_password" =>array(1,1,'password', 'Password','Remote Password'),
+ "src_password" =>array(1,0,'password', 'Password','Remote Password'),
"src_folder" =>array(1,1,'text', 'Folder','Remote Folder'),
"pool_time" =>array(1,1,'num', 'Poll','Poll Time (min)'),
"fetchall" =>array(1,1,'bool', 'Fetch All','Retrieve both old (seen) and new messages'),
"keep" =>array(1,1,'bool', 'Keep','Keep retrieved messages on the remote mailserver'),
"protocol" =>array(1,1,'enum', 'Protocol','Protocol to use'),
- "extra_options" =>array(1,1,'longtext', 'Extra Options','Extra fetchmail Options'),
- "mda" =>array(1,1,'longtext', 'MDA','Mail Delivery Agent'),
+ "extra_options" =>array($extra_options,$extra_options,'longtext', 'Extra Options','Extra fetchmail Options'),
+ "mda" =>array($extra_options,$extra_options,'longtext', 'MDA','Mail Delivery Agent'),
"date" =>array(0,1,'text', 'Date','Date of last pooling/configuration change'),
"returned_text" =>array(0,1,'longtext', 'Returned Text','Text message from last pooling'),
);
@@ -86,10 +91,11 @@
array('POP3','IMAP','POP2','ETRN','AUTO'),
);
-
+
$list_domains = list_domains_for_admin ($SESSID_USERNAME);
-$user_domains=implode("','",array_values($list_domains));
-$sql="SELECT username FROM mailbox WHERE domain in ('".$user_domains."')";
+$user_domains=implode("','",array_values($list_domains)); # for displaying
+$user_domains_sql=implode("','",escape_string(array_values($list_domains))); # for SQL
+$sql="SELECT username FROM mailbox WHERE domain in ('".$user_domains_sql."')";
$res = db_query ($sql);
if ($res['rows'] > 0){
@@ -100,14 +106,14 @@
}
else{
$fm_defaults["mailbox"]=array();
- $fm_defaults["mailbox"][]=$SESSID_USERNAME;
+ $fm_defaults["mailbox"][]=$SESSID_USERNAME; # TODO: Does this really make sense? Or should we display a message "please create a mailbox first!"?
}
-$new=$_REQUEST["new"];
-$edit=(int)$_REQUEST["edit"];
-$delete=$_REQUEST["delete"];
-$save=$_REQUEST["save"];
-$cancel=$_REQUEST["cancel"];
+$new = (int) safeget ("new");
+$edit = (int) safeget ("edit");
+$delete = safepost("delete");
+$save = safepost("save");
+$cancel = safepost("cancel");
if ($cancel){
$edit=0;
@@ -116,11 +122,11 @@
$_vals=array();
foreach($fm_struct as $key=>$row){
list($editible,$view,$type,$title,$comment)=$row;
- if ($editible){
+ if ($editible != 0){
$func="_inp_".$type;
- $val=$_REQUEST[$key];
+ $val=safepost($key);
if ($type!="password" || substr($val,0,1)!="*"){
- $_vals[]=$key."='".mysql_escape_string(
+ $_vals[]=$key."='".escape_string(
function_exists($func)
?$func($val)
:$val)."'";
@@ -132,22 +138,23 @@
}
elseif($delete){
db_query ("delete from fetchmail WHERE id=".$edit);
+ $edit=0;
}
elseif ($new){
$_keys=array();
$_vals=array();
foreach($fm_defaults as $key=>$val){
$_keys[]=$key;
- $_vals[]="'".(is_array($val)?$val[0]:mysql_escape_string($val))."'";
+ $_vals[]="'".(is_array($val)?$val[0]:$val)."'";
}
- $sql="INSERT fetchmail (".implode(",",$_keys).") VALUES (".implode(",",$_vals).")";
+ $sql="INSERT fetchmail (".implode(",",escape_string($_keys)).") VALUES (".implode(",",escape_string($_vals)).")";
$res= db_query ($sql);
$sql="SELECT id FROM fetchmail order by id desc limit 1";
$res= db_query ($sql);
list($edit)=mysql_fetch_row($res['result']);
}
-$res = db_query ("SELECT ".implode(",",array_keys($fm_struct))." FROM fetchmail order by id desc");
+$res = db_query ("SELECT ".implode(",",escape_string(array_keys($fm_struct)))." FROM fetchmail order by id desc");
if ($res['rows'] > 0){
while ($row = db_array ($res['result'])){
$tFmail[] = $row;
@@ -159,7 +166,7 @@
}
function _inp_bool($val){
- return $val?1:0;
+ return $val?db_get_boolean(true):db_get_boolean(false);
}
function _inp_password($val){
Modified: trunk/templates/fetchmail.tpl
===================================================================
--- trunk/templates/fetchmail.tpl 2007-10-22 23:49:10 UTC (rev 159)
+++ trunk/templates/fetchmail.tpl 2007-10-23 00:01:31 UTC (rev 160)
@@ -1,6 +1,3 @@
-<div id="overview">
-<form name="overview" method="post">
-
<?php
# fields to display in table view
@@ -40,7 +37,21 @@
}
}
- print "<table id=\"log_table\" border=0>\n";
+if ($edit) { # edit mode
+ echo '<div id="edit_form">';
+ echo '<form name="fetchmail" method="post">';
+ if (sizeof ($tFmail) > 0){
+ foreach($tFmail as $row) {
+ if ($edit && $edit==$row["id"]) {
+ print fetchmail_edit_row($row);
+ }
+ }
+ }
+} else { # display mode
+
+ print '<div id="overview">';
+ print '<form name="overview" method="post">';
+ print "<table id=\"log_table\" border=0>\n";
print " <tr>\n";
print " <td colspan=\"".(sizeof($headers)-1)."\"><h3>".$PALANG['pFetchmail_welcome'].$user_domains."</h3></td>\n";
print " <td align=right><a href='?new=1'>>> ".$PALANG['pFetchmail_new_entry']."</a></td>\n";
@@ -50,14 +61,15 @@
list($editible,$view,$type,$title,$comment)=$row;
print " <td>" . $title . "</td>\n";
}
+ print "<td> </td>";
print " </tr>\n";
if (sizeof ($tFmail) > 0){
foreach($tFmail as $row){
- if ($edit && $edit==$row["id"]){
- print "<tr><td colspan=".sizeof($headers).">".fetchmail_edit_row($row)."</td></tr>\n";
- }
- else{
+# if ($edit && $edit==$row["id"]){
+# print "<tr><td colspan=".sizeof($headers).">".fetchmail_edit_row($row)."</td></tr>\n";
+# }
+# else{
print " <tr class=\"hilightoff\" onMouseOver=\"className='hilighton';\" onMouseOut=\"className='hilightoff';\">\n";
foreach($display_fields as $key){
@@ -69,16 +81,19 @@
}
}
+ print "<td><a href=\"fetchmail.php?edit=" . $row['id'] . "\">" . $PALANG['edit'] . "</a></td>";
print " </tr>\n";
- }
+# }
}
}
+} # end display mode
function fetchmail_edit_row($data=array()){
- global $fm_struct,$fm_defaults;
+ global $fm_struct,$fm_defaults,$PALANG;
$id=$data["id"];
$_id=$data["id"]*100+1;
- $ret="<table cellspacing=1 cellpadding=0 border=0 width=100%>";
+ $ret="<table>";
+ $ret .= '<tr><td colspan="3"><h3>' . $PALANG['pMenu_fetchmail'] . '</h3></td></tr>';
foreach($fm_struct as $key=>$struct){
list($editible,$view,$type,$title,$comment)=$struct;
if ($editible){
@@ -93,7 +108,8 @@
?$fm_defaults[$key]
:''
);
- $ret.=$func($_id++,$key,$fm_defaults[$key],$val);
+ $fm_defaults_key = ""; if (isset($fm_defaults[$key])) $fm_defaults_key = $fm_defaults[$key];
+ $ret.=$func($_id++,$key,$fm_defaults_key,$val);
$ret.="</td><td align=left valign=top><i> ${comment}</i></td></tr>\n";
}
elseif($view){
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
