SF.net SVN: postfixadmin:[896] trunk/model/UserHandler.php

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Revision: 896
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=896&view=rev
Author:   christian_boltz
Date:     2010-12-17 22:53:46 +0000 (Fri, 17 Dec 2010)

Log Message:
-----------
UserHandler.php: merge in changes from scripts/models-ext/UserHandler.php

- merged in all new functions and changes (by valkum + some bugfixes 
  and notes from me) - for details see r831, r888 and r891 of 
  scripts/models-ext/UserHandler.php
- re-added change_pass() function (was removed/renamed by valkum) for 
  backward compatibility. 
  IMPORTANT: change_pass will only exist temporarily and is deprecated.
  Besides that, the new implementation has different return values etc.
  so existing code might break already.

Modified Paths:
--------------
    trunk/model/UserHandler.php

Modified: trunk/model/UserHandler.php
===================================================================

--- trunk/model/UserHandler.php	2010-12-16 00:35:39 UTC (rev 895)
+++ trunk/model/UserHandler.php	2010-12-17 22:53:46 UTC (rev 896)
@@ -6,11 +6,20 @@
 class UserHandler {
 
     protected $username = null;
+    
+    public $errormsg = array();
 
     public function __construct($username) {
-        $this->username = $username;
+        $this->username = strtolower($username);
+        
+        
     }
 
+    public function change_pass($old_password, $new_password) {
+        error_log('UserHandler->change_pass is deprecated. Please use UserHandler->change_pw!');
+        $this->change_pw($new_password, $old_password);
+    }
+
     /**
      * @return boolean true on success; false on failure 
      * @param string $username
@@ -20,23 +29,41 @@
      * All passwords need to be plain text; they'll be hashed appropriately
      * as per the configuration in config.inc.php
      */
-    public function change_pass($old_password, $new_password) {
+    public function change_pw($new_password, $old_password, $match = true) {
         global $config;
         $username = $this->username;
         $tmp = preg_split ('/@/', $username);
-        $USERID_DOMAIN = $tmp[1];
+        $domain = $tmp[1];
 
         $username = escape_string($username);
         $table_mailbox = table_by_key('mailbox');
-
-        $active = db_get_boolean(True);
-		$result = db_query("SELECT * FROM $table_mailbox WHERE username='$username' AND active='$active'");
+        
         $new_db_password = escape_string(pacrypt($new_password));
 
-        $result = db_query ("UPDATE $table_mailbox SET password='$new_db_password',modified=NOW() WHERE username='$username'");
+        if ($match == true) {
+                $active = db_get_boolean(True);
+                $result = db_query("SELECT * FROM $table_mailbox WHERE username='$username' AND active='$active'");
+                $result = $result['result'];
+                if ($new_db_password != $result['password']) {
+                      $this->errormsg[] = 'Passwords do not Match';
+                      return 1;
+                }
+        }
+        
+        $set = array(
+                'password' => $new_db_password
+              );
+        
+        $result = db_update('mailbox', 'username=\''.$username.'\'', $set, array('modified') );
 
-        db_log ($username, $USERID_DOMAIN, 'edit_password', "$username");
-        return true;
+        db_log ('CONSOLE', $domain, 'edit_password', "$username");
+        if ($result != 1) {
+            $this->errormsg[] = Lang::read('pEdit_mailbox_result_error');
+            return 1;
+        }
+        
+        return 0;
+        
     }
 
     /**
@@ -65,4 +92,227 @@
         }
         return false;
     }
+/**
+ * Add mailbox
+ * @param password string password of account 
+ * @param gen boolean
+ * @param name string
+ *
+ */
+    public function add($password, $name = '', $quota = 0, $active = true, $mail = true  ) {
+# FIXME: change default value of $quota to something that is not an allowed value, like "-9" (0 is "unlimited", and I don't like that as default)
+# FIXME: Should the parameters be optional at all?
+# TODO: check if parameters are valid/allowed (quota?). Checks should live in a separate function that can be used by add and edit.
+# TODO: On the longer term, the web interface should also use this class.
+        global $config;
+        $username = $this->username;
+        $tmp = preg_split ('/@/', $username);
+        $domain = $tmp[1];
+        $address = escape_string($username);
+        $username = $tmp[0];
+
+        $table_mailbox = table_by_key('mailbox');
+        $table_alias = table_by_key('alias');
+        
+        $active = db_get_boolean($active);
+        
+        if(!check_mailbox ($domain)) {
+            $this->errormsg[] = Lang::read('pCreate_mailbox_username_text_error3');
+            return 1;
+        }
+        $result = db_query ("SELECT * FROM $table_alias WHERE address='$address'");
+        if ($result['rows'] == 1){
+            $this->errormsg[] = Lang::read('pCreate_mailbox_username_text_error2');
+            return 1;
+        }
+        
+        
+        $plain = $password;
+        $password = pacrypt ($password);
+
+# TODO: Decide if we want to have the encryption method in the encrypted password string, and edit pacrypt() accordingly. No special handling here, please!
+        if ( preg_match("/^dovecot:/", Config::read('encrypt')) ) {
+            $split_method = preg_split ('/:/', Config::read('encrypt'));
+            $method       = strtoupper($split_method[1]);
+            $password = '{' . $method . '}' . $password;
+        }
+
+        if (Config::read('domain_path') == "YES")
+        {
+            if (Config::read('domain_in_mailbox') == "YES")
+            {
+                $maildir = $domain . "/" . $address . "/";
+            }
+            else
+            {
+                $maildir = $domain . "/" . $username . "/";
+            }
+        }
+        else
+        {
+            $maildir = $address . "/";
+        }
+
+        $quota = multiply_quota ($quota);
+
+
+        if ('pgsql'== Config::read('database_type'))
+        {
+            db_query('BEGIN');
+        }
+
+        //$result = db_query ("INSERT INTO $table_alias (address,goto,domain,created,modified,active) VALUES ('$address','$address','$domain',NOW(),NOW(),'$active')");
+        $arr = array(
+            'address' => $address,
+            'goto' => $address,
+            'domain' => $domain,
+            'active' => $active,
+            );
+        
+        $result = db_insert('alias', $arr, array('created', 'modified') );
+        if ($result != 1)
+        {
+            $this->errormsg[] = Lang::read('pAlias_result_error') . "\n($address -> $address)\n";
+            return 1;
+        }
+
+        // apparently uppercase usernames really confuse some IMAP clients.
+        $local_part = '';
+        if(preg_match('/^(.*)@/', $address, $matches)) {
+            $local_part = $matches[1];
+        }
+
+        //$result = db_query ("INSERT INTO $table_mailbox (username,password,name,maildir,local_part,quota,domain,created,modified,active) VALUES ('$username','$password','$name','$maildir','$local_part','$quota','$domain',NOW(),NOW(),'$active')");
+                                                          
+
+        $arr2 = array(
+            'username' => $address,
+            'password' => $password,
+            'name' => $name,
+            'maildir' => $maildir,
+            'local_part' => $local_part,
+            'quota' => $quota,
+            'domain' => $domain,
+            'active' => $active,
+            );
+        $result = db_insert('mailbox', $arr2, array('created', 'modified') );
+        if ($result != 1 || !mailbox_postcreation($address,$domain,$maildir, $quota))
+        {
+            $this->errormsg[] = Lang::read('pCreate_mailbox_result_error') . "\n($address)\n";
+            db_query('ROLLBACK');
+            return 1;
+        }
+        else
+        {
+            db_query('COMMIT');
+            db_log ('CONSOLE', $domain, 'create_mailbox', "$address");
+
+
+            if ($mail == true)
+            {
+                $fTo = $address;
+                $fFrom = Config::read('admin_email');
+                $fHeaders = "To: " . $fTo . "\n";
+                $fHeaders .= "From: " . $fFrom . "\n";
+
+                $fHeaders .= "Subject: " . encode_header (Lang::read('pSendmail_subject_text')) . "\n";
+                $fHeaders .= "MIME-Version: 1.0\n";
+                $fHeaders .= "Content-Type: text/plain; charset=utf-8\n";
+                $fHeaders .= "Content-Transfer-Encoding: 8bit\n";
+
+                $fHeaders .= Config::read('welcome_text');
+
+                if (!smtp_mail ($fTo, $fFrom, $fHeaders))
+                {
+                    $this->errormsg[] = Lang::read('pSendmail_result_error');
+                    return 1;
+                }
+            }
+
+            create_mailbox_subfolders($address,$plain);
+
+        }
+        return 0;
+    }
+    
+    
+    
+    
+    public function view() {
+        global $config;
+
+        
+
+        $username = $this->username;
+        $table_mailbox = table_by_key('mailbox');
+        
+        $result = db_query("SELECT username, name, maildir, quota, local_part, domain, DATE_FORMAT(created, '%d.%m.%y') AS created, DATE_FORMAT(modified, '%d.%m.%y') AS modified, active FROM $table_mailbox WHERE username='$username'");
+        if ($result['rows'] != 0) {
+          $this->return = db_array($result['result']);
+          return 0;
+        }
+        $this->errormsg = $result['error'];
+        return 1;
+    }
+    
+    public function delete() {
+        global $config;
+        $username = $this->username;
+        $tmp = preg_split ('/@/', $username);
+        $domain = $tmp[1];
+        $username = escape_string($username);
+        
+
+
+        $table_mailbox = table_by_key('mailbox');
+        $table_alias = table_by_key('alias');
+        $table_vacation = table_by_key('vacation');
+        $table_vacation_notification = table_by_key('vacation_notification');
+
+         if (Config::read('database_type') == "pgsql") db_query('BEGIN');
+        /* there may be no aliases to delete */
+        $result = db_query("SELECT * FROM $table_alias WHERE address = '$username' AND domain = '$domain'");
+        if($result['rows'] == 1) {
+            //$result = db_query ("DELETE FROM $table_alias WHERE address='$username' AND domain='$domain'");
+            $result = db_delete('alias', 'address', $username);
+            db_log ('CONSOLE', $domain, 'delete_alias', $username);
+        }
+
+        /* is there a mailbox? if do delete it from orbit; it's the only way to be sure */
+        $result = db_query ("SELECT * FROM $table_mailbox WHERE username='$username' AND domain='$domain'");
+        if ($result['rows'] == 1)
+        {
+            //$result = db_query ("DELETE FROM $table_mailbox WHERE username='$username' AND domain='$domain'");
+            $result = db_delete('mailbox', 'username', $username);
+            $postdel_res=mailbox_postdeletion($username,$domain);
+            if ($result != 1 || !$postdel_res)
+            {
+
+                $tMessage = Lang::read('pDelete_delete_error') . "$username (";
+                if ($result['rows']!=1)
+                {
+                    $tMessage.='mailbox';
+                    if (!$postdel_res) $tMessage.=', ';
+                }
+                if (!$postdel_res)
+                {
+                    $tMessage.='post-deletion';
+                }
+                $this->errormsg[] = $tMessage.')';
+                return 1;
+            }
+            db_log ('CONSOLE', $domain, 'delete_mailbox', $username);
+        }
+        $result = db_query("SELECT * FROM $table_vacation WHERE email = '$username' AND domain = '$domain'");
+        if($result['rows'] == 1) {
+            //db_query ("DELETE FROM $table_vacation WHERE email='$username' AND domain='$domain'");
+            db_delete('vacation', 'email', $username);
+            //db_query ("DELETE FROM $table_vacation_notification WHERE on_vacation ='$username' "); /* should be caught by cascade, if PgSQL */
+            db_delete('vacation_notification', 'on_vacation', $username);
+        }
+        return 0;
+    }
+
 }
+
+/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


