webapp/postfixadmin
1
0
Fork 0
mirror of https://github.com/postfixadmin/postfixadmin.git synced 2025-08-01 21:06:51 +03:00
Code Activity

psalm fixes

Browse Source
This commit is contained in:
David Goodwin
2018-12-27 21:43:11 +00:00
parent 8d2a592aa9
commit 74002bbf57
26 changed files with 1398 additions and 536 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1527
composer.lock generated
View File

File diff suppressed because it is too large Load Diff

1
config.inc.php
View File

@ -31,6 +31,7 @@
################################################################################ ################################################################################
global $CONF;
/***************************************************************** /*****************************************************************
* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

24
functions.inc.php
View File

@ -319,11 +319,12 @@ function check_email($email) {
* Clean a string, escaping any meta characters that could be * Clean a string, escaping any meta characters that could be
* used to disrupt an SQL string. i.e. "'" => "\'" etc. * used to disrupt an SQL string. i.e. "'" => "\'" etc.
* *
* @param string|array $string parameters to escape * @param string $string parameters to escape
* @return string|array of cleaned data, suitable for use within an SQL statement. * @return string cleaned data, suitable for use within an SQL statement.
*/ */
function escape_string($string) { function escape_string($string) {
global $CONF; global $CONF;
// if the string is actually an array, do a recursive cleaning. // if the string is actually an array, do a recursive cleaning.
// Note, the array keys are not cleaned. // Note, the array keys are not cleaned.
if (is_array($string)) { if (is_array($string)) {
@ -846,13 +847,13 @@ function encode_header($string, $default_charset = "utf-8") {
return $string; return $string;
} }
/*
if (!function_exists('random_int')) { // PHP version < 7.0 if (!function_exists('random_int')) { // PHP version < 7.0
function random_int() { // someone might not be using php_crypt or ask for password generation, in which case random_int() won't be called function random_int() { // someone might not be using php_crypt or ask for password generation, in which case random_int() won't be called
die(__FILE__ . " Postfixadmin security: Please install https://github.com/paragonie/random_compat OR enable the 'Phar' extension."); die(__FILE__ . " Postfixadmin security: Please install https://github.com/paragonie/random_compat OR enable the 'Phar' extension.");
} }
} }
*/
/** /**
* Generate a random password of $length characters. * Generate a random password of $length characters.
@ -1315,19 +1316,6 @@ function create_salt() {
return $salt; return $salt;
} }
/**/ if (!function_exists('hex2bin')) { # PHP around 5.3.8 includes hex2bin as native function - http://php.net/hex2bin
function hex2bin($str) {
$len = strlen($str);
$nstr = "";
for ($i=0;$i<$len;$i+=2) {
$num = sscanf(substr($str, $i, 2), "%x");
$nstr.=chr($num[0]);
}
return $nstr;
}
/**/
}
/* /*
* remove item $item from array $array * remove item $item from array $array
*/ */
@ -1829,7 +1817,7 @@ function db_array($result) {
*/ */
function db_assoc($result) { function db_assoc($result) {
global $CONF; global $CONF;
$row = ""; $row = [];
if ($CONF['database_type'] == "mysql") { if ($CONF['database_type'] == "mysql") {
/* @var resource $result */ /* @var resource $result */
$row = mysql_fetch_assoc($result); $row = mysql_fetch_assoc($result);

8
model/AdminHandler.php
View File

@ -34,7 +34,7 @@ class AdminHandler extends PFAHandler {
$domains_grouped = 'group_concat(domain)'; $domains_grouped = 'group_concat(domain)';
} }
$passwordReset = Config::read('forgotten_admin_password_reset'); $passwordReset = (int) Config::bool('forgotten_admin_password_reset');
$reset_by_sms = 0; $reset_by_sms = 0;
if ($passwordReset && Config::read('sms_send_function')) { if ($passwordReset && Config::read('sms_send_function')) {
@ -44,10 +44,10 @@ class AdminHandler extends PFAHandler {
$this->struct=array( $this->struct=array(
# field name allow display in... type $PALANG label $PALANG description default / options / ... # field name allow display in... type $PALANG label $PALANG description default / options / ...
# editing? form list # editing? form list
'username' => pacol($this->new, 1, 1, 'text', 'admin' , 'email_address' , '', '', 'username' => pacol($this->new, 1, 1, 'text', 'admin' , 'email_address' , '', array(),
array('linkto' => 'list.php?table=domain&username=%s') ), array('linkto' => 'list.php?table=domain&username=%s') ),
'password' => pacol(1, 1, 0, 'pass', 'password' , '' ), 'password' => pacol(1, 1, 0, 'pass', 'password' , '' ),
'password2' => pacol(1, 1, 0, 'pass', 'password_again' , '' , '', '', 'password2' => pacol(1, 1, 0, 'pass', 'password_again' , '' , '', array(),
/*not_in_db*/ 0, /*not_in_db*/ 0,
/*dont_write_to_db*/ 1, /*dont_write_to_db*/ 1,
/*select*/ 'password as password2' /*select*/ 'password as password2'
@ -69,7 +69,7 @@ class AdminHandler extends PFAHandler {
/*extrafrom set in domain_count*/ /*extrafrom set in domain_count*/
), ),
'domain_count' => pacol(0, 0, 1, 'vnum', 'pAdminList_admin_count', '' , '', '', 'domain_count' => pacol(0, 0, 1, 'vnum', 'pAdminList_admin_count', '' , '', array(),
/*not_in_db*/ 0, /*not_in_db*/ 0,
/*dont_write_to_db*/ 1, /*dont_write_to_db*/ 1,
/*select*/ 'coalesce(__domain_count,0) as domain_count', /*select*/ 'coalesce(__domain_count,0) as domain_count',

4
model/AdminpasswordHandler.php
View File

@ -24,10 +24,10 @@ class AdminpasswordHandler extends PFAHandler {
# field name allow display in... type $PALANG label $PALANG description default / options / ... # field name allow display in... type $PALANG label $PALANG description default / options / ...
# editing? form list # editing? form list
'username' => pacol(0, 1, 1, 'text', 'admin' , '' ), 'username' => pacol(0, 1, 1, 'text', 'admin' , '' ),
'oldpass' => pacol(1, 1, 0, 'pass', 'pPassword_password_current' , '', '', '', 'oldpass' => pacol(1, 1, 0, 'pass', 'pPassword_password_current' , '', '', array(),
/*not_in_db*/ 1 ), /*not_in_db*/ 1 ),
'password' => pacol(1, 1, 0, 'pass', 'pPassword_password' , '' ), 'password' => pacol(1, 1, 0, 'pass', 'pPassword_password' , '' ),
'password2' => pacol(1, 1, 0, 'pass', 'pPassword_password2' , '' , '', '', 'password2' => pacol(1, 1, 0, 'pass', 'pPassword_password2' , '' , '', array(),
/*not_in_db*/ 0, /*not_in_db*/ 0,
/*dont_write_to_db*/ 1, /*dont_write_to_db*/ 1,
/*select*/ 'password as password2' /*select*/ 'password as password2'

20
model/AliasHandler.php
View File

@ -26,11 +26,11 @@ class AliasHandler extends PFAHandler {
$this->struct=array( $this->struct=array(
# field name allow display in... type $PALANG label $PALANG description default / ... # field name allow display in... type $PALANG label $PALANG description default / ...
# editing? form list # editing? form list
'status' => pacol(0, 0, 0, 'html', '' , '' , '', '', 'status' => pacol(0, 0, 0, 'html', '' , '' , '', array(),
array('not_in_db' => 1) ), array('not_in_db' => 1) ),
'address' => pacol($this->new, 1, 1, 'mail', 'alias' , 'pCreate_alias_catchall_text' ), 'address' => pacol($this->new, 1, 1, 'mail', 'alias' , 'pCreate_alias_catchall_text' ),
'localpart' => pacol($this->new, 0, 0, 'text', 'alias' , 'pCreate_alias_catchall_text' , '', 'localpart' => pacol($this->new, 0, 0, 'text', 'alias' , 'pCreate_alias_catchall_text' , '',
/*options*/ '', /*options*/ array(),
/*not_in_db*/ 1 ), /*not_in_db*/ 1 ),
'domain' => pacol($this->new, 0, 1, 'enum', '' , '' , '', 'domain' => pacol($this->new, 0, 1, 'enum', '' , '' , '',
/*options*/ $this->allowed_domains ), /*options*/ $this->allowed_domains ),
@ -38,24 +38,24 @@ class AliasHandler extends PFAHandler {
'is_mailbox' => pacol(0, 0, 1, 'int', '' , '' , 0 , 'is_mailbox' => pacol(0, 0, 1, 'int', '' , '' , 0 ,
# technically 'is_mailbox' is bool, but the automatic bool conversion breaks the query. Flagging it as int avoids this problem. # technically 'is_mailbox' is bool, but the automatic bool conversion breaks the query. Flagging it as int avoids this problem.
# Maybe having a vbool type (without the automatic conversion) would be cleaner - we'll see if we need it. # Maybe having a vbool type (without the automatic conversion) would be cleaner - we'll see if we need it.
/*options*/ '', /*options*/ array(),
/*not_in_db*/ 0, /*not_in_db*/ 0,
/*dont_write_to_db*/ 1, /*dont_write_to_db*/ 1,
/*select*/ 'coalesce(__is_mailbox,0) as is_mailbox' ), /*select*/ 'coalesce(__is_mailbox,0) as is_mailbox' ),
/*extrafrom set via set_is_mailbox_extrafrom() */ /*extrafrom set via set_is_mailbox_extrafrom() */
'__mailbox_username' => pacol( 0, 0, 1, 'vtxt', '' , '' , 0), # filled via is_mailbox '__mailbox_username' => pacol( 0, 0, 1, 'vtxt', '' , '' , 0), # filled via is_mailbox
'goto_mailbox' => pacol($mbgoto, $mbgoto,$mbgoto,'bool', 'pEdit_alias_forward_and_store' , '' , 0, 'goto_mailbox' => pacol($mbgoto, $mbgoto,$mbgoto,'bool', 'pEdit_alias_forward_and_store' , '' , 0,
/*options*/ '', /*options*/ array(),
/*not_in_db*/ 1 ), # read_from_db_postprocess() sets the value /*not_in_db*/ 1 ), # read_from_db_postprocess() sets the value
'on_vacation' => pacol(1, 0, 1, 'bool', 'pUsersMenu_vacation' , '' , 0 , 'on_vacation' => pacol(1, 0, 1, 'bool', 'pUsersMenu_vacation' , '' , 0 ,
/*options*/ '', /*options*/ array(),
/*not_in_db*/ 1 ), # read_from_db_postprocess() sets the value - TODO: read active flag from vacation table instead? /*not_in_db*/ 1 ), # read_from_db_postprocess() sets the value - TODO: read active flag from vacation table instead?
'created' => pacol(0, 0, 0, 'ts', 'created' , '' ), 'created' => pacol(0, 0, 0, 'ts', 'created' , '' ),
'modified' => pacol(0, 0, 1, 'ts', 'last_modified' , '' ), 'modified' => pacol(0, 0, 1, 'ts', 'last_modified' , '' ),
'active' => pacol(1, 1, 1, 'bool', 'active' , '' , 1 ), 'active' => pacol(1, 1, 1, 'bool', 'active' , '' , 1 ),
'_can_edit' => pacol(0, 0, 1, 'vnum', '' , '' , 0 , '', '_can_edit' => pacol(0, 0, 1, 'vnum', '' , '' , 0 , array(),
array('select' => '1 as _can_edit') ), array('select' => '1 as _can_edit') ),
'_can_delete' => pacol(0, 0, 1, 'vnum', '' , '' , 0 , '', '_can_delete' => pacol(0, 0, 1, 'vnum', '' , '' , 0 , array(),
array('select' => '1 as _can_delete') ), # read_from_db_postprocess() updates the value array('select' => '1 as _can_delete') ), # read_from_db_postprocess() updates the value
# aliases listed in $CONF[default_aliases] are read-only for domain admins if $CONF[special_alias_control] is NO. # aliases listed in $CONF[default_aliases] are read-only for domain admins if $CONF[special_alias_control] is NO.
); );
@ -326,12 +326,12 @@ class AliasHandler extends PFAHandler {
# editing a default alias (postmaster@ etc.) is only allowed if special_alias_control is allowed or if the user is a superadmin # editing a default alias (postmaster@ etc.) is only allowed if special_alias_control is allowed or if the user is a superadmin
$tmp = preg_split('/\@/', $db_result[$key]['address']); $tmp = preg_split('/\@/', $db_result[$key]['address']);
if (!$this->is_superadmin && !Config::bool('special_alias_control') && array_key_exists($tmp[0], Config::Read('default_aliases'))) { if (!$this->is_superadmin && !Config::bool('special_alias_control') && array_key_exists($tmp[0], Config::read_array('default_aliases'))) {
$db_result[$key]['_can_edit'] = 0; $db_result[$key]['_can_edit'] = 0;
$db_result[$key]['_can_delete'] = 0; $db_result[$key]['_can_delete'] = 0;
} }
if ($this->struct['status']['display_in_list'] && Config::Bool('show_status')) { if ($this->struct['status']['display_in_list'] && Config::bool('show_status')) {
$db_result[$key]['status'] = gen_show_status($db_result[$key]['address']); $db_result[$key]['status'] = gen_show_status($db_result[$key]['address']);
} }
} }
@ -440,7 +440,7 @@ class AliasHandler extends PFAHandler {
*/ */
protected function getVacationAlias() { protected function getVacationAlias() {
$vacation_goto = str_replace('@', '#', $this->id); $vacation_goto = str_replace('@', '#', $this->id);
return $vacation_goto . '@' . Config::read('vacation_domain'); return $vacation_goto . '@' . Config::read_string('vacation_domain');
} }
/** /**

2
model/CliDelete.php
View File

@ -6,6 +6,8 @@
class CliDelete extends Shell { class CliDelete extends Shell {
protected $handler_to_use = '';
/** /**
* Execution method always used for tasks * Execution method always used for tasks
*/ */

3
model/CliEdit.php
View File

@ -77,7 +77,8 @@ class CliEdit extends Shell {
$form_fields = $handler->getStruct(); $form_fields = $handler->getStruct();
$id_field = $handler->getId_field(); $id_field = $handler->getId_field();
$values[$id_field] = '';
$values = array($id_field => '');
while ($form_fields[$id_field]['editable'] != 0) { # endlees loop - except if input is valid or id_field is not editable (like auto_increment) while ($form_fields[$id_field]['editable'] != 0) { # endlees loop - except if input is valid or id_field is not editable (like auto_increment)
$question = $form_fields[$id_field]['label'] . ":"; $question = $form_fields[$id_field]['label'] . ":";
if ($form_fields[$id_field]['desc'] != '') { if ($form_fields[$id_field]['desc'] != '') {

2
model/CliView.php
View File

@ -6,6 +6,8 @@
class CliView extends Shell { class CliView extends Shell {
protected $handler_to_use = 'invalid';
/** /**
* Execution method always used for tasks * Execution method always used for tasks
*/ */

58
model/Config.php
View File

@ -68,6 +68,39 @@ final class Config {
$_this->setAll($newConfig); $_this->setAll($newConfig);
} }
/**
* @return array
* @param string $var
*/
public static function read_array($var) {
$stuff = self::read($var);
if(!is_array($stuff)) {
trigger_error('In '.__FUNCTION__.": expected config $var to be a boolean, but received a " . gettype($stuff), E_USER_ERROR);
}
return $stuff;
}
/**
* @param string $var
* @return string
*/
public static function read_string($var) {
$stuff = self::read($var);
if($stuff === null) {
return '';
}
if(!is_string($stuff)) {
trigger_error('In '.__FUNCTION__.": expected config $var to be a string, but received a " . gettype($stuff), E_USER_ERROR);
return '';
}
return $stuff;
}
/** /**
* Used to read Configure::$var * Used to read Configure::$var
* *
@ -76,7 +109,7 @@ final class Config {
* Configure::read('Name.key'); will return only the value of Configure::Name[key] * Configure::read('Name.key'); will return only the value of Configure::Name[key]
* *
* @param string $var Variable to obtain * @param string $var Variable to obtain
* @return array|string string value of Configure::$var * @return array|string|null string value of Configure::$var
* @access public * @access public
*/ */
public static function read($var) { public static function read($var) {
@ -131,7 +164,7 @@ final class Config {
* @access public * @access public
*/ */
public static function read_f($var, $value) { public static function read_f($var, $value) {
$text = self::read($var); $text = self::read_string($var);
$newtext = sprintf($text, $value); $newtext = sprintf($text, $value);
@ -148,19 +181,28 @@ final class Config {
/** /**
* Used to read Config::$var, converted to boolean * Used to read Config::$var, converted to boolean
* (obviously only useful for settings that can be YES or NO) * (obviously only useful for settings that can be YES or NO, or boolean like values)
* *
* Usage * Usage
* Configure::read('Name'); will return the value for Name, converted to boolean * Configure::read('Name'); will return the value for Name, converted to boolean
* *
* @param string $var Variable to obtain * @param string $var Variable to obtain
* @return bool value of Configure::$var (TRUE (on YES/yes) or FALSE (on NO/no/not set/unknown value) * @return bool value of Configure::$var (TRUE (on YES/yes) or FALSE (on NO/no/not set/unknown value)
* @access public
*/ */
public static function bool($var) { public static function bool($var) {
$value = self::read($var); $value = self::read($var);
if(is_bool($value)) {
return $value;
}
if(!is_string($value)) {
trigger_error('In '.__FUNCTION__.": expected config $var to be a string, but received a " . gettype($value), E_USER_ERROR);
error_log("config $var should be a string, found: " . json_encode($value));
return false;
}
if (strtoupper($value) == 'YES') { # YES if (strtoupper($value) == 'YES') { # YES
return true; return true;
} elseif (strtoupper($value) == 'NO') { # NO } elseif (strtoupper($value) == 'NO') { # NO
@ -193,7 +235,11 @@ final class Config {
* @access public * @access public
*/ */
public static function lang($var) { public static function lang($var) {
return self::read(array('__LANG', $var)); $value = self::read("__LANG.{$var}");
if(!is_string($value)) {
throw new InvalidArgumentException("Expected string value for $var ");
}
return $value;
} }
/** /**
@ -206,7 +252,7 @@ final class Config {
* @access public * @access public
*/ */
public static function lang_f($var, $value) { public static function lang_f($var, $value) {
return self::read_f(array('__LANG', $var), $value); return self::read_f('__LANG'. $var, $value);
} }
/** /**

34
model/DomainHandler.php
View File

@ -46,62 +46,62 @@ class DomainHandler extends PFAHandler {
$this->struct=array( $this->struct=array(
# field name allow display in... type $PALANG label $PALANG description default / options / ... # field name allow display in... type $PALANG label $PALANG description default / options / ...
# editing? form list # editing? form list
'domain' => pacol($this->new, 1, 1, 'text', 'domain' , '' , '', '', 'domain' => pacol($this->new, 1, 1, 'text', 'domain' , '' , '', array(),
array('linkto' => 'list-virtual.php?domain=%s') ), array('linkto' => 'list-virtual.php?domain=%s') ),
'description' => pacol($super, $super, $super, 'text', 'description' , '' ), 'description' => pacol($super, $super, $super, 'text', 'description' , '' ),
# Aliases # Aliases
'aliases' => pacol($super, $super, 0, 'num' , 'aliases' , 'pAdminEdit_domain_aliases_text' , Config::read('aliases') ), 'aliases' => pacol($super, $super, 0, 'num' , 'aliases' , 'pAdminEdit_domain_aliases_text' , Config::read('aliases') ),
'alias_count' => pacol(0, 0, 1, 'vnum', '' , '' , '', '', 'alias_count' => pacol(0, 0, 1, 'vnum', '' , '' , '', array(),
/*not_in_db*/ 0, /*not_in_db*/ 0,
/*dont_write_to_db*/ 1, /*dont_write_to_db*/ 1,
/*select*/ 'coalesce(__alias_count,0) - coalesce(__mailbox_count,0) as alias_count', /*select*/ 'coalesce(__alias_count,0) - coalesce(__mailbox_count,0) as alias_count',
/*extrafrom*/ 'left join ( select count(*) as __alias_count, domain as __alias_domain from ' . table_by_key('alias') . /*extrafrom*/ 'left join ( select count(*) as __alias_count, domain as __alias_domain from ' . table_by_key('alias') .
' group by domain) as __alias on domain = __alias_domain'), ' group by domain) as __alias on domain = __alias_domain'),
'aliases_quot' => pacol(0, 0, 1, 'quot', 'aliases' , '' , 0, '', 'aliases_quot' => pacol(0, 0, 1, 'quot', 'aliases' , '' , 0, array(),
array('select' => db_quota_text( '__alias_count - coalesce(__mailbox_count,0)', 'aliases', 'aliases_quot')) ), array('select' => db_quota_text( '__alias_count - coalesce(__mailbox_count,0)', 'aliases', 'aliases_quot')) ),
'_aliases_quot_percent' => pacol( 0, 0, 1, 'vnum', '' ,'' , 0, '', '_aliases_quot_percent' => pacol( 0, 0, 1, 'vnum', '' ,'' , 0, array(),
array('select' => db_quota_percent('__alias_count - coalesce(__mailbox_count,0)', 'aliases', '_aliases_quot_percent')) ), array('select' => db_quota_percent('__alias_count - coalesce(__mailbox_count,0)', 'aliases', '_aliases_quot_percent')) ),
# Mailboxes # Mailboxes
'mailboxes' => pacol($super, $super, 0, 'num' , 'mailboxes' , 'pAdminEdit_domain_aliases_text' , Config::read('mailboxes') ), 'mailboxes' => pacol($super, $super, 0, 'num' , 'mailboxes' , 'pAdminEdit_domain_aliases_text' , Config::read('mailboxes') ),
'mailbox_count' => pacol(0, 0, 1, 'vnum', '' , '' , '', '', 'mailbox_count' => pacol(0, 0, 1, 'vnum', '' , '' , '', array(),
/*not_in_db*/ 0, /*not_in_db*/ 0,
/*dont_write_to_db*/ 1, /*dont_write_to_db*/ 1,
/*select*/ 'coalesce(__mailbox_count,0) as mailbox_count', /*select*/ 'coalesce(__mailbox_count,0) as mailbox_count',
/*extrafrom*/ 'left join ( select count(*) as __mailbox_count, sum(quota) as __total_quota, domain as __mailbox_domain from ' . table_by_key('mailbox') . /*extrafrom*/ 'left join ( select count(*) as __mailbox_count, sum(quota) as __total_quota, domain as __mailbox_domain from ' . table_by_key('mailbox') .
' group by domain) as __mailbox on domain = __mailbox_domain'), ' group by domain) as __mailbox on domain = __mailbox_domain'),
'mailboxes_quot' => pacol(0, 0, 1, 'quot', 'mailboxes' , '' , 0, '', 'mailboxes_quot' => pacol(0, 0, 1, 'quot', 'mailboxes' , '' , 0, array(),
array('select' => db_quota_text( '__mailbox_count', 'mailboxes', 'mailboxes_quot')) ), array('select' => db_quota_text( '__mailbox_count', 'mailboxes', 'mailboxes_quot')) ),
'_mailboxes_quot_percent' => pacol( 0, 0, 1, 'vnum', '' , '' , 0, '', '_mailboxes_quot_percent' => pacol( 0, 0, 1, 'vnum', '' , '' , 0, array(),
array('select' => db_quota_percent('__mailbox_count', 'mailboxes', '_mailboxes_quot_percent')) ), array('select' => db_quota_percent('__mailbox_count', 'mailboxes', '_mailboxes_quot_percent')) ),
'maxquota' => pacol($editquota,$editquota,$quota, 'num', 'pOverview_get_quota' , 'pAdminEdit_domain_maxquota_text' , Config::read('maxquota') ), 'maxquota' => pacol($editquota,$editquota,$quota, 'num', 'pOverview_get_quota' , 'pAdminEdit_domain_maxquota_text' , Config::read('maxquota') ),
# Domain quota # Domain quota
'quota' => pacol($edit_dom_q,$edit_dom_q, 0, 'num', 'pAdminEdit_domain_quota' , 'pAdminEdit_domain_maxquota_text' , Config::read('domain_quota_default') ), 'quota' => pacol($edit_dom_q,$edit_dom_q, 0, 'num', 'pAdminEdit_domain_quota' , 'pAdminEdit_domain_maxquota_text' , Config::read('domain_quota_default') ),
'total_quota' => pacol(0, 0, 1, 'vnum', '' , '' , '', '', 'total_quota' => pacol(0, 0, 1, 'vnum', '' , '' , '', array(),
array('select' => "$query_used_domainquota AS total_quota") /*extrafrom*//* already in mailbox_count */ ), array('select' => "$query_used_domainquota AS total_quota") /*extrafrom*//* already in mailbox_count */ ),
'total_quot' => pacol( 0, 0, $dom_q, 'quot', 'pAdminEdit_domain_quota' , '' , 0, '', 'total_quot' => pacol( 0, 0, $dom_q, 'quot', 'pAdminEdit_domain_quota' , '' , 0, array(),
array('select' => db_quota_text( $query_used_domainquota, 'quota', 'total_quot')) ), array('select' => db_quota_text( $query_used_domainquota, 'quota', 'total_quot')) ),
'_total_quot_percent'=> pacol( 0, 0, $dom_q, 'vnum', '' , '' , 0, '', '_total_quot_percent'=> pacol( 0, 0, $dom_q, 'vnum', '' , '' , 0, array(),
array('select' => db_quota_percent($query_used_domainquota, 'quota', '_total_quot_percent')) ), array('select' => db_quota_percent($query_used_domainquota, 'quota', '_total_quot_percent')) ),
'transport' => pacol($transp, $transp,$transp,'enum', 'transport' , 'pAdminEdit_domain_transport_text' , Config::read('transport_default') , 'transport' => pacol($transp, $transp,$transp,'enum', 'transport' , 'pAdminEdit_domain_transport_text' , Config::read('transport_default') ,
/*options*/ Config::read('transport_options') ), /*options*/ Config::read_array('transport_options') ),
'backupmx' => pacol($super, $super, 1, 'bool', 'pAdminEdit_domain_backupmx' , '' , 0), 'backupmx' => pacol($super, $super, 1, 'bool', 'pAdminEdit_domain_backupmx' , '' , 0),
'active' => pacol($super, $super, 1, 'bool', 'active' , '' , 1 ), 'active' => pacol($super, $super, 1, 'bool', 'active' , '' , 1 ),
'default_aliases' => pacol($this->new, $this->new, 0, 'bool', 'pAdminCreate_domain_defaultaliases', '' , 1,'', /*not in db*/ 1 ), 'default_aliases' => pacol($this->new, $this->new, 0, 'bool', 'pAdminCreate_domain_defaultaliases', '' , 1,array(), /*not in db*/ 1 ),
'created' => pacol(0, 0, 0, 'ts', 'created' , '' ), 'created' => pacol(0, 0, 0, 'ts', 'created' , '' ),
'modified' => pacol(0, 0, $super, 'ts', 'last_modified' , '' ), 'modified' => pacol(0, 0, $super, 'ts', 'last_modified' , '' ),
'password_expiry' => pacol($super, $super, $super, 'num', 'password_expiration' , 'password_expiration_desc', ''), 'password_expiry' => pacol($super, $super, $super, 'num', 'password_expiration' , 'password_expiration_desc', ''),
'_can_edit' => pacol(0, 0, 1, 'int', '' , '' , 0 , '_can_edit' => pacol(0, 0, 1, 'int', '' , '' , 0 ,
/*options*/ '', /*options*/ array(),
/*not_in_db*/ 0, /*not_in_db*/ 0,
/*dont_write_to_db*/ 1, /*dont_write_to_db*/ 1,
/*select*/ $this->is_superadmin . ' as _can_edit' ), /*select*/ $this->is_superadmin . ' as _can_edit' ),
'_can_delete' => pacol(0, 0, 1, 'int', '' , '' , 0 , '_can_delete' => pacol(0, 0, 1, 'int', '' , '' , 0 ,
/*options*/ '', /*options*/ array(),
/*not_in_db*/ 0, /*not_in_db*/ 0,
/*dont_write_to_db*/ 1, /*dont_write_to_db*/ 1,
/*select*/ $this->is_superadmin . ' as _can_delete' ), /*select*/ $this->is_superadmin . ' as _can_delete' ),
@ -146,7 +146,7 @@ class DomainHandler extends PFAHandler {
return true; return true;
} }
$this->errormsg[] = Config::Lang('edit_not_allowed', $this->id); $this->errormsg[] = Config::Lang_f('edit_not_allowed', $this->id);
return false; return false;
} }
@ -156,7 +156,7 @@ class DomainHandler extends PFAHandler {
*/ */
protected function storemore() { protected function storemore() {
if ($this->new && $this->values['default_aliases']) { if ($this->new && $this->values['default_aliases']) {
foreach (Config::read('default_aliases') as $address=>$goto) { foreach (Config::read_array('default_aliases') as $address=>$goto) {
$address = $address . "@" . $this->id; $address = $address . "@" . $this->id;
# if $goto doesn't contain @, let the alias point to the same domain # if $goto doesn't contain @, let the alias point to the same domain
if (!strstr($goto, '@')) { if (!strstr($goto, '@')) {
@ -233,7 +233,7 @@ class DomainHandler extends PFAHandler {
db_delete($this->db_table, $this->id_field, $this->id); db_delete($this->db_table, $this->id_field, $this->id);
if (!$this->domain_postdeletion()) { if (!$this->domain_postdeletion()) {
$this->error_msg[] = Config::Lang('domain_postdel_failed'); $this->errormsg[] = Config::Lang('domain_postdel_failed');
} }
db_log($this->id, 'delete_domain', $this->id); # TODO delete_domain is not a valid db_log keyword yet db_log($this->id, 'delete_domain', $this->id); # TODO delete_domain is not a valid db_log keyword yet

3
model/FetchmailHandler.php
View File

@ -83,9 +83,6 @@ class FetchmailHandler extends PFAHandler {
); );
} }
protected function domain_from_id() {
# do nothing, setmore() does the work
}
protected function setmore($values) { protected function setmore($values) {
# set domain based on the target mailbox # set domain based on the target mailbox

24
model/MailboxHandler.php
View File

@ -12,9 +12,9 @@ class MailboxHandler extends PFAHandler {
# init $this->struct, $this->db_table and $this->id_field # init $this->struct, $this->db_table and $this->id_field
protected function initStruct() { protected function initStruct() {
$passwordReset = Config::read('forgotten_user_password_reset'); $passwordReset = (int) Config::bool('forgotten_user_password_reset');
$reset_by_sms = 0; $reset_by_sms = 0;
if ($passwordReset && Config::read('sms_send_function')) { if ($passwordReset && Config::read_string('sms_send_function')) {
$reset_by_sms = 1; $reset_by_sms = 1;
} }
@ -30,7 +30,7 @@ class MailboxHandler extends PFAHandler {
'maildir' => pacol($this->new, 0, 1, 'text', '' , '' , '' ), 'maildir' => pacol($this->new, 0, 1, 'text', '' , '' , '' ),
'password' => pacol(1, 1, 0, 'pass', 'password' , 'pCreate_mailbox_password_text' , '' ), 'password' => pacol(1, 1, 0, 'pass', 'password' , 'pCreate_mailbox_password_text' , '' ),
'password2' => pacol(1, 1, 0, 'pass', 'password_again' , '' , '', 'password2' => pacol(1, 1, 0, 'pass', 'password_again' , '' , '',
/*options*/ '', /*options*/ array(),
/*not_in_db*/ 0, /*not_in_db*/ 0,
/*dont_write_to_db*/ 1, /*dont_write_to_db*/ 1,
/*select*/ 'password as password2' /*select*/ 'password as password2'
@ -41,7 +41,7 @@ class MailboxHandler extends PFAHandler {
# TODO: read used quota from quota/quota2 table # TODO: read used quota from quota/quota2 table
'active' => pacol(1, 1, 1, 'bool', 'active' , '' , 1 ), 'active' => pacol(1, 1, 1, 'bool', 'active' , '' , 1 ),
'welcome_mail' => pacol($this->new, $this->new, 0, 'bool', 'pCreate_mailbox_mail' , '' , 1, 'welcome_mail' => pacol($this->new, $this->new, 0, 'bool', 'pCreate_mailbox_mail' , '' , 1,
/*options*/ '', /*options*/ array(),
/*not_in_db*/ 1 ), /*not_in_db*/ 1 ),
'phone' => pacol(1, $reset_by_sms, 0, 'text', 'pCreate_mailbox_phone' , 'pCreate_mailbox_phone_desc' , ''), 'phone' => pacol(1, $reset_by_sms, 0, 'text', 'pCreate_mailbox_phone' , 'pCreate_mailbox_phone_desc' , ''),
'email_other' => pacol(1, $passwordReset, 0, 'mail', 'pCreate_mailbox_email' , 'pCreate_mailbox_email_desc' , ''), 'email_other' => pacol(1, $passwordReset, 0, 'mail', 'pCreate_mailbox_email' , 'pCreate_mailbox_email_desc' , ''),
@ -97,7 +97,7 @@ class MailboxHandler extends PFAHandler {
# } elseif ($maxquota < 0) { # } elseif ($maxquota < 0) {
# TODO: show 'disabled' - at the moment, just shows '-1' # TODO: show 'disabled' - at the moment, just shows '-1'
} else { } else {
$this->struct['quota']['desc'] = Config::lang_f('mb_max', $maxquota); $this->struct['quota']['desc'] = Config::lang_f('mb_max', "" . $maxquota);
} }
} }
@ -219,7 +219,7 @@ class MailboxHandler extends PFAHandler {
protected function beforestore() { protected function beforestore() {
if (isset($this->values['quota']) && $this->values['quota'] != -1) { if (isset($this->values['quota']) && $this->values['quota'] != -1) {
$this->values['quota'] = $this->values['quota'] * Config::read('quota_multiplier'); # convert quota from MB to bytes $this->values['quota'] = $this->values['quota'] * Config::read_string('quota_multiplier'); # convert quota from MB to bytes
} }
$ah = new AliasHandler($this->new, $this->admin_username); $ah = new AliasHandler($this->new, $this->admin_username);
@ -320,7 +320,7 @@ class MailboxHandler extends PFAHandler {
db_delete($this->db_table, $this->id_field, $this->id); # finally delete the mailbox db_delete($this->db_table, $this->id_field, $this->id); # finally delete the mailbox
if (!$this->mailbox_postdeletion()) { if (!$this->mailbox_postdeletion()) {
$this->error_msg[] = Config::Lang('mailbox_postdel_failed'); $this->errormsg[] = Config::Lang('mailbox_postdel_failed');
} }
list(/*NULL*/, $domain) = explode('@', $this->id); list(/*NULL*/, $domain) = explode('@', $this->id);
@ -408,9 +408,9 @@ class MailboxHandler extends PFAHandler {
protected function _missing_maildir($field) { protected function _missing_maildir($field) {
list($local_part, $domain) = explode('@', $this->id); list($local_part, $domain) = explode('@', $this->id);
$maildir_name_hook = Config::read('maildir_name_hook'); $maildir_name_hook = Config::read_string('maildir_name_hook');
if ($maildir_name_hook != 'NO' && function_exists($maildir_name_hook)) { if (is_string($maildir_name_hook) && $maildir_name_hook != 'NO' && function_exists($maildir_name_hook)) {
$maildir = $maildir_name_hook($domain, $this->id); $maildir = $maildir_name_hook($domain, $this->id);
} elseif (Config::bool('domain_path')) { } elseif (Config::bool('domain_path')) {
if (Config::bool('domain_in_mailbox')) { if (Config::bool('domain_in_mailbox')) {
@ -650,7 +650,7 @@ class MailboxHandler extends PFAHandler {
return false; return false;
} }
$s_host = Config::read('create_mailbox_subdirs_host'); $s_host = Config::read_string('create_mailbox_subdirs_host');
if (empty($s_host)) { if (empty($s_host)) {
trigger_error('An IMAP/POP server host ($CONF["create_mailbox_subdirs_host"]) must be configured, if sub-folders are to be created', E_USER_ERROR); trigger_error('An IMAP/POP server host ($CONF["create_mailbox_subdirs_host"]) must be configured, if sub-folders are to be created', E_USER_ERROR);
return false; return false;
@ -670,7 +670,7 @@ class MailboxHandler extends PFAHandler {
} }
$s_port=''; $s_port='';
$create_mailbox_subdirs_hostport = Config::read('create_mailbox_subdirs_hostport'); $create_mailbox_subdirs_hostport = Config::read_string('create_mailbox_subdirs_hostport');
if (!empty($create_mailbox_subdirs_hostport)) { if (!empty($create_mailbox_subdirs_hostport)) {
$s_port = $create_mailbox_subdirs_hostport; $s_port = $create_mailbox_subdirs_hostport;
if (intval($s_port)!=$s_port) { if (intval($s_port)!=$s_port) {
@ -690,7 +690,7 @@ class MailboxHandler extends PFAHandler {
return false; return false;
} }
$s_prefix = Config::read('create_mailbox_subdirs_prefix'); $s_prefix = Config::read_string('create_mailbox_subdirs_prefix');
foreach ($create_mailbox_subdirs as $f) { foreach ($create_mailbox_subdirs as $f) {
$f='{'.$s_host.'}'.$s_prefix.$f; $f='{'.$s_host.'}'.$s_prefix.$f;
$res=imap_createmailbox($i, $f); $res=imap_createmailbox($i, $f);

26
model/PFAHandler.php
View File

@ -97,7 +97,10 @@ abstract class PFAHandler {
# will be set to 0 if $admin_username is set and is not a superadmin # will be set to 0 if $admin_username is set and is not a superadmin
protected $is_superadmin = 1; protected $is_superadmin = 1;
# if set, switch to user (non-admin) mode /**
* @var string $username
* if set, switch to user (non-admin) mode
*/
protected $username = ''; protected $username = '';
# will be set to 0 if a user (non-admin) is logged in # will be set to 0 if a user (non-admin) is logged in
@ -159,9 +162,9 @@ abstract class PFAHandler {
/** /**
* Constructor: fill $struct etc. * Constructor: fill $struct etc.
* @param integer - 0 is edit mode, set to 1 to switch to create mode * @param int $new - 0 is edit mode, set to 1 to switch to create mode
* @param string - if an admin_username is specified, permissions will be restricted to the domains this admin may manage * @param string $username - if an admin_username is specified, permissions will be restricted to the domains this admin may manage
* @param integer - 0 if logged in as user, 1 if logged in as admin or superadmin * @param int $is_admin - 0 if logged in as user, 1 if logged in as admin or superadmin
*/ */
public function __construct($new = 0, $username = "", $is_admin = 1) { public function __construct($new = 0, $username = "", $is_admin = 1) {
# set label_field if not explicitely set # set label_field if not explicitely set
@ -207,7 +210,7 @@ abstract class PFAHandler {
$this->initStruct(); $this->initStruct();
if (!isset($this->struct['_can_edit'])) { if (!isset($this->struct['_can_edit'])) {
$this->struct['_can_edit'] = pacol(0, 0, 1, 'vnum', '' , '' , '', '', $this->struct['_can_edit'] = pacol(0, 0, 1, 'vnum', '' , '' , '', array(),
/*not_in_db*/ 0, /*not_in_db*/ 0,
/*dont_write_to_db*/ 1, /*dont_write_to_db*/ 1,
/*select*/ '1 as _can_edit' /*select*/ '1 as _can_edit'
@ -215,7 +218,7 @@ abstract class PFAHandler {
} }
if (!isset($this->struct['_can_delete'])) { if (!isset($this->struct['_can_delete'])) {
$this->struct['_can_delete'] = pacol(0, 0, 1, 'vnum', '' , '' , '', '', $this->struct['_can_delete'] = pacol(0, 0, 1, 'vnum', '' , '' , '', array(),
/*not_in_db*/ 0, /*not_in_db*/ 0,
/*dont_write_to_db*/ 1, /*dont_write_to_db*/ 1,
/*select*/ '1 as _can_delete' /*select*/ '1 as _can_delete'
@ -223,7 +226,7 @@ abstract class PFAHandler {
} }
$struct_hook = Config::read($this->db_table . '_struct_hook'); $struct_hook = Config::read($this->db_table . '_struct_hook');
if ($struct_hook != 'NO' && function_exists($struct_hook)) { if (!empty($struct_hook) && is_string($struct_hook) && $struct_hook != 'NO' && function_exists($struct_hook)) {
$this->struct = $struct_hook($this->struct); $this->struct = $struct_hook($this->struct);
} }
@ -727,9 +730,11 @@ abstract class PFAHandler {
$db_result = array(); $db_result = array();
if ($result['rows'] != 0) { if ($result['rows'] != 0) {
while ($row = db_assoc($result['result'])) { while ($row = db_assoc($result['result'])) {
if(is_array($row)) {
$db_result[$row[$this->id_field]] = $row; $db_result[$row[$this->id_field]] = $row;
} }
} }
}
$db_result = $this->read_from_db_postprocess($db_result); $db_result = $this->read_from_db_postprocess($db_result);
return $db_result; return $db_result;
@ -822,6 +827,9 @@ abstract class PFAHandler {
$result = db_query($query); $result = db_query($query);
if ($result['rows'] == 1) { if ($result['rows'] == 1) {
$row = db_assoc($result['result']); $row = db_assoc($result['result']);
if(!is_array($row)) {
return false;
}
$crypt_password = pacrypt($password, $row['password']); $crypt_password = pacrypt($password, $row['password']);
if ($row['password'] == $crypt_password) { if ($row['password'] == $crypt_password) {
@ -867,6 +875,10 @@ abstract class PFAHandler {
$result = db_query($query); $result = db_query($query);
if ($result['rows'] == 1) { if ($result['rows'] == 1) {
$row = db_assoc($result['result']); $row = db_assoc($result['result']);
if(!is_array($row)) {
return false;
}
$crypt_token = pacrypt($token, $row['token']); $crypt_token = pacrypt($token, $row['token']);
if ($row['token'] == $crypt_token) { if ($row['token'] == $crypt_token) {

2
model/Shell.php
View File

@ -141,7 +141,7 @@ class Shell {
* @param string $default Default input value. * @param string $default Default input value.
* @return string either the default value, or the user-provided input. * @return string either the default value, or the user-provided input.
*/ */
public function in($prompt, $options = null, $default = null) { public function in($prompt, $options = null, $default = '') {
if (!$this->interactive) { if (!$this->interactive) {
return $default; return $default;
} }

4
model/VacationHandler.php
View File

@ -196,6 +196,10 @@ class VacationHandler extends PFAHandler {
} }
$row = db_assoc($result['result']); $row = db_assoc($result['result']);
if(!is_array($row)) {
return false;
}
$boolean = ($row['active'] == db_get_boolean(true)); $boolean = ($row['active'] == db_get_boolean(true));
# TODO: only return true and store the db result array in $this->whatever for consistency with the other classes # TODO: only return true and store the db result array in $this->whatever for consistency with the other classes
return array( return array(

2
public/backup.php
View File

@ -108,7 +108,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") {
while ($row = db_assoc($result['result'])) { while ($row = db_assoc($result['result'])) {
$fields = array_keys($row); $fields = array_keys($row);
$values = array_values($row); $values = array_values($row);
$values = array_map('escape_string', $values); $values = array_map(function($str) { return escape_string($str); }, $values);
fwrite($fh, "INSERT INTO ". $tables[$i] . " (". implode(',', $fields) . ") VALUES ('" . implode('\',\'', $values) . "');\n"); fwrite($fh, "INSERT INTO ". $tables[$i] . " (". implode(',', $fields) . ") VALUES ('" . implode('\',\'', $values) . "');\n");
$fields = ""; $fields = "";

2
public/broadcast-message.php
View File

@ -66,9 +66,11 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
$result = db_query($q); $result = db_query($q);
if ($result['rows'] > 0) { if ($result['rows'] > 0) {
while ($row = db_assoc($result['result'])) { while ($row = db_assoc($result['result'])) {
if(is_array($row)) {
$recipients[] = $row['username']; $recipients[] = $row['username'];
} }
} }
}
$recipients = array_unique($recipients); $recipients = array_unique($recipients);

4
public/index.php
View File

@ -22,11 +22,13 @@
$CONF = array('configured' => false); $CONF = array('configured' => false);
clearstatcache();
if (file_exists(dirname(__FILE__) . '/../config.inc.php')) { if (file_exists(dirname(__FILE__) . '/../config.inc.php')) {
require_once(dirname(__FILE__) . '/../config.inc.php'); require_once(dirname(__FILE__) . '/../config.inc.php');
} }
if ($CONF['configured'] === true) { if ($CONF['configured']) {
header("Location: login.php"); header("Location: login.php");
exit; exit;
} }

7
public/list-virtual.php
View File

@ -59,6 +59,10 @@ if ((is_array($list_domains) and sizeof($list_domains) > 0)) {
} }
} }
if (!is_string($fDomain)) {
die(Config::Lang('invalid_parameter'));
}
if (!in_array($fDomain, $list_domains)) { if (!in_array($fDomain, $list_domains)) {
flash_error($PALANG['invalid_parameter']); flash_error($PALANG['invalid_parameter']);
unset($_SESSION['list-virtual:domain']); unset($_SESSION['list-virtual:domain']);
@ -226,6 +230,9 @@ if ($result['rows'] > 0) {
$goto_single_rec_del = ""; $goto_single_rec_del = "";
while ($row = db_assoc($result['result'])) { while ($row = db_assoc($result['result'])) {
if(!is_array($row)) {
continue;
}
if ($display_mailbox_aliases) { if ($display_mailbox_aliases) {
$goto_split = explode(",", $row['goto']); $goto_split = explode(",", $row['goto']);
$row['goto_mailbox'] = 0; $row['goto_mailbox'] = 0;

2
public/login.php
View File

@ -88,7 +88,7 @@ $_SESSION['PFA_token'] = md5(uniqid(rand(), true));
$smarty->assign('language_selector', language_selector(), false); $smarty->assign('language_selector', language_selector(), false);
$smarty->assign('smarty_template', 'login'); $smarty->assign('smarty_template', 'login');
$smarty->assign('logintype', 'admin'); $smarty->assign('logintype', 'admin');
$smarty->assign('forgotten_password_reset', Config::read('forgotten_admin_password_reset')); $smarty->assign('forgotten_password_reset', Config::bool('forgotten_admin_password_reset'));
$smarty->display('index.tpl'); $smarty->display('index.tpl');
/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */ /* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */

124
public/upgrade.php
View File

@ -3,6 +3,9 @@ if (!defined('POSTFIXADMIN')) {
require_once('common.php'); require_once('common.php');
} }
if(!isset($CONF) || !is_array($CONF)) {
die("config.inc.php seems invalid");
}
/* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */ /* vim: set expandtab softtabstop=4 tabstop=4 shiftwidth=4: */
# @version $Id$ # @version $Id$
@ -12,7 +15,7 @@ if (!defined('POSTFIXADMIN')) {
/** /**
* Use this to check whether an object (Table, index etc) exists within a * Use this to check whether an object (Table, index etc) exists within a
* PostgreSQL database. * PostgreSQL database.
* @param String the object name * @param string the object name
* @return boolean true if it exists * @return boolean true if it exists
*/ */
function _pgsql_object_exists($name) { function _pgsql_object_exists($name) {
@ -24,6 +27,11 @@ function _pgsql_object_exists($name) {
return false; return false;
} }
/**
* @param string $table
* @param string $field
* @return bool
*/
function _pgsql_field_exists($table, $field) { function _pgsql_field_exists($table, $field) {
# $table = table_by_key($table); # _pgsql_field_exists is always called with the expanded table name - don't expand it twice # $table = table_by_key($table); # _pgsql_field_exists is always called with the expanded table name - don't expand it twice
$sql = ' $sql = '
@ -97,7 +105,7 @@ function _db_add_field($table, $field, $fieldtype, $after = '') {
} }
if (! _db_field_exists(table_by_key($table), $field)) { if (! _db_field_exists(table_by_key($table), $field)) {
$result = db_query_parsed($query); db_query_parsed($query);
} else { } else {
printdebug("field already exists: $table.$field"); printdebug("field already exists: $table.$field");
} }
@ -218,7 +226,6 @@ function _do_upgrade($current_version) {
} }
} }
// Update config table so we don't run the same query twice in the future. // Update config table so we don't run the same query twice in the future.
$i = (int) $i;
$table = table_by_key('config'); $table = table_by_key('config');
$sql = "UPDATE $table SET value = $i WHERE name = 'version'"; $sql = "UPDATE $table SET value = $i WHERE name = 'version'";
db_query($sql); db_query($sql);
@ -227,10 +234,10 @@ function _do_upgrade($current_version) {
/** /**
* Replaces database specific parts in a query * Replaces database specific parts in a query
* @param String sql query with placeholders * @param string sql query with placeholders
* @param int (optional) whether errors should be ignored (0=false) * @param int (optional) whether errors should be ignored (0=false)
* @param String (optional) MySQL specific code to attach, useful for COMMENT= on CREATE TABLE * @param string (optional) MySQL specific code to attach, useful for COMMENT= on CREATE TABLE
* @return String sql query * @return void
*/ */
function db_query_parsed($sql, $ignore_errors = 0, $attach_mysql = "") { function db_query_parsed($sql, $ignore_errors = 0, $attach_mysql = "") {
@ -303,7 +310,7 @@ function db_query_parsed($sql, $ignore_errors = 0, $attach_mysql = "") {
'{DATECURRENT}' => 'timestamp with time zone default now()', '{DATECURRENT}' => 'timestamp with time zone default now()',
); );
} else { } else {
echo "Sorry, unsupported database type " . $conf['database_type']; echo "Sorry, unsupported database type " . $CONF['database_type'];
exit; exit;
} }
@ -312,14 +319,15 @@ function db_query_parsed($sql, $ignore_errors = 0, $attach_mysql = "") {
$query = trim(str_replace(array_keys($replace), $replace, $sql)); $query = trim(str_replace(array_keys($replace), $replace, $sql));
if (safeget('debug') != "") { $debug = safeget('debug', '') != '';
if ($debug) {
printdebug($query); printdebug($query);
} }
$result = db_query($query, $ignore_errors); $result = db_query($query, $ignore_errors);
if (safeget('debug') != "") { if ($debug) {
print "<div style='color:#f00'>" . $result['error'] . "</div>"; print "<div style='color:#f00'>" . $result['error'] . "</div>";
} }
return $result;
} }
function _drop_index($table, $index) { function _drop_index($table, $index) {
@ -331,7 +339,7 @@ function _drop_index($table, $index) {
} elseif ($CONF['database_type'] == 'pgsql' || db_sqlite()) { } elseif ($CONF['database_type'] == 'pgsql' || db_sqlite()) {
return "DROP INDEX $index"; # Index names are unique with a DB for PostgreSQL return "DROP INDEX $index"; # Index names are unique with a DB for PostgreSQL
} else { } else {
echo "Sorry, unsupported database type " . $conf['database_type']; echo "Sorry, unsupported database type " . $CONF['database_type'];
exit; exit;
} }
} }
@ -347,7 +355,7 @@ function _add_index($table, $indexname, $fieldlist) {
$pgindexname = $table . "_" . $indexname . '_idx'; $pgindexname = $table . "_" . $indexname . '_idx';
return "CREATE INDEX $pgindexname ON $table($fieldlist);"; # Index names are unique with a DB for PostgreSQL return "CREATE INDEX $pgindexname ON $table($fieldlist);"; # Index names are unique with a DB for PostgreSQL
} else { } else {
echo "Sorry, unsupported database type " . $conf['database_type']; echo "Sorry, unsupported database type " . $CONF['database_type'];
exit; exit;
} }
} }
@ -472,10 +480,10 @@ function upgrade_2_mysql() {
# from TABLE_BACKUP_MX.TXT # from TABLE_BACKUP_MX.TXT
$table_domain = table_by_key('domain'); $table_domain = table_by_key('domain');
if (!_mysql_field_exists($table_domain, 'transport')) { if (!_mysql_field_exists($table_domain, 'transport')) {
$result = db_query_parsed("ALTER TABLE $table_domain ADD COLUMN transport VARCHAR(255) AFTER maxquota;", true); db_query_parsed("ALTER TABLE $table_domain ADD COLUMN transport VARCHAR(255) AFTER maxquota;", true);
} }
if (!_mysql_field_exists($table_domain, 'backupmx')) { if (!_mysql_field_exists($table_domain, 'backupmx')) {
$result = db_query_parsed("ALTER TABLE $table_domain ADD COLUMN backupmx {BOOLEAN} AFTER transport;", true); db_query_parsed("ALTER TABLE $table_domain ADD COLUMN backupmx {BOOLEAN} AFTER transport;", true);
} }
} }
@ -600,8 +608,8 @@ function upgrade_2_pgsql() {
// this handles anyone who is upgrading... (and should have no impact on new installees) // this handles anyone who is upgrading... (and should have no impact on new installees)
$table_domain = table_by_key('domain'); $table_domain = table_by_key('domain');
$result = db_query_parsed("ALTER TABLE $table_domain ADD COLUMN transport VARCHAR(255)", true); db_query_parsed("ALTER TABLE $table_domain ADD COLUMN transport VARCHAR(255)", true);
$result = db_query_parsed("ALTER TABLE $table_domain ADD COLUMN backupmx BOOLEAN DEFAULT false", true); db_query_parsed("ALTER TABLE $table_domain ADD COLUMN backupmx BOOLEAN DEFAULT false", true);
} }
function upgrade_3_mysql() { function upgrade_3_mysql() {
@ -680,7 +688,7 @@ function upgrade_3_mysql() {
function upgrade_4_mysql() { # MySQL only function upgrade_4_mysql() { # MySQL only
# changes between 2.1 and moving to sourceforge # changes between 2.1 and moving to sourceforge
$table_domain = table_by_key('domain'); $table_domain = table_by_key('domain');
$result = db_query_parsed("ALTER TABLE $table_domain ADD COLUMN quota int(10) NOT NULL default '0' AFTER maxquota", true); db_query_parsed("ALTER TABLE $table_domain ADD COLUMN quota int(10) NOT NULL default '0' AFTER maxquota", true);
# Possible errors that can be ignored: # Possible errors that can be ignored:
# - Invalid query: Table 'postfix.domain' doesn't exist # - Invalid query: Table 'postfix.domain' doesn't exist
} }
@ -699,25 +707,25 @@ function upgrade_4_pgsql() {
$table_vacation_notification = table_by_key('vacation_notification'); $table_vacation_notification = table_by_key('vacation_notification');
if (!_pgsql_field_exists($table_domain, 'quota')) { if (!_pgsql_field_exists($table_domain, 'quota')) {
$result = db_query_parsed("ALTER TABLE $table_domain ADD COLUMN quota int NOT NULL default '0'"); db_query_parsed("ALTER TABLE $table_domain ADD COLUMN quota int NOT NULL default '0'");
} }
$result = db_query_parsed("ALTER TABLE $table_domain ALTER COLUMN domain DROP DEFAULT"); db_query_parsed("ALTER TABLE $table_domain ALTER COLUMN domain DROP DEFAULT");
if (!_pgsql_object_exists('domain_domain_active')) { if (!_pgsql_object_exists('domain_domain_active')) {
$result = db_query_parsed("CREATE INDEX domain_domain_active ON $table_domain(domain,active)"); db_query_parsed("CREATE INDEX domain_domain_active ON $table_domain(domain,active)");
} }
$result = db_query_parsed("ALTER TABLE $table_domain_admins ALTER COLUMN domain DROP DEFAULT"); db_query_parsed("ALTER TABLE $table_domain_admins ALTER COLUMN domain DROP DEFAULT");
$result = db_query_parsed("ALTER TABLE $table_alias ALTER COLUMN address DROP DEFAULT"); db_query_parsed("ALTER TABLE $table_alias ALTER COLUMN address DROP DEFAULT");
$result = db_query_parsed("ALTER TABLE $table_alias ALTER COLUMN domain DROP DEFAULT"); db_query_parsed("ALTER TABLE $table_alias ALTER COLUMN domain DROP DEFAULT");
if (!_pgsql_object_exists('alias_address_active')) { if (!_pgsql_object_exists('alias_address_active')) {
$result = db_query_parsed("CREATE INDEX alias_address_active ON $table_alias(address,active)"); db_query_parsed("CREATE INDEX alias_address_active ON $table_alias(address,active)");
} }
$result = db_query_parsed("ALTER TABLE $table_domain_admins ALTER COLUMN username DROP DEFAULT"); db_query_parsed("ALTER TABLE $table_domain_admins ALTER COLUMN username DROP DEFAULT");
$result = db_query_parsed("ALTER TABLE $table_domain_admins ALTER COLUMN domain DROP DEFAULT"); db_query_parsed("ALTER TABLE $table_domain_admins ALTER COLUMN domain DROP DEFAULT");
$result = db_query_parsed(" db_query_parsed("
BEGIN; BEGIN;
ALTER TABLE $table_log RENAME COLUMN data TO data_old; ALTER TABLE $table_log RENAME COLUMN data TO data_old;
ALTER TABLE $table_log ADD COLUMN data text NOT NULL default ''; ALTER TABLE $table_log ADD COLUMN data text NOT NULL default '';
@ -725,10 +733,10 @@ function upgrade_4_pgsql() {
ALTER TABLE $table_log DROP COLUMN data_old; ALTER TABLE $table_log DROP COLUMN data_old;
COMMIT;"); COMMIT;");
$result = db_query_parsed("ALTER TABLE $table_mailbox ALTER COLUMN username DROP DEFAULT"); db_query_parsed("ALTER TABLE $table_mailbox ALTER COLUMN username DROP DEFAULT");
$result = db_query_parsed("ALTER TABLE $table_mailbox ALTER COLUMN domain DROP DEFAULT"); db_query_parsed("ALTER TABLE $table_mailbox ALTER COLUMN domain DROP DEFAULT");
$result = db_query_parsed( db_query_parsed(
" "
BEGIN; BEGIN;
ALTER TABLE $table_mailbox RENAME COLUMN domain TO domain_old; ALTER TABLE $table_mailbox RENAME COLUMN domain TO domain_old;
@ -742,12 +750,12 @@ function upgrade_4_pgsql() {
} }
$result = db_query_parsed("ALTER TABLE $table_vacation ALTER COLUMN body SET DEFAULT ''"); db_query_parsed("ALTER TABLE $table_vacation ALTER COLUMN body SET DEFAULT ''");
if (_pgsql_field_exists($table_vacation, 'cache')) { if (_pgsql_field_exists($table_vacation, 'cache')) {
$result = db_query_parsed("ALTER TABLE $table_vacation DROP COLUMN cache"); db_query_parsed("ALTER TABLE $table_vacation DROP COLUMN cache");
} }
$result = db_query_parsed(" db_query_parsed("
BEGIN; BEGIN;
ALTER TABLE $table_vacation RENAME COLUMN domain to domain_old; ALTER TABLE $table_vacation RENAME COLUMN domain to domain_old;
ALTER TABLE $table_vacation ADD COLUMN domain varchar(255) REFERENCES $table_domain; ALTER TABLE $table_vacation ADD COLUMN domain varchar(255) REFERENCES $table_domain;
@ -757,11 +765,11 @@ function upgrade_4_pgsql() {
"); ");
if (!_pgsql_object_exists('vacation_email_active')) { if (!_pgsql_object_exists('vacation_email_active')) {
$result = db_query_parsed("CREATE INDEX vacation_email_active ON $table_vacation(email,active)"); db_query_parsed("CREATE INDEX vacation_email_active ON $table_vacation(email,active)");
} }
if (!_pgsql_object_exists($table_vacation_notification)) { if (!_pgsql_object_exists($table_vacation_notification)) {
$result = db_query_parsed(" db_query_parsed("
CREATE TABLE $table_vacation_notification ( CREATE TABLE $table_vacation_notification (
on_vacation character varying(255) NOT NULL REFERENCES $table_vacation(email) ON DELETE CASCADE, on_vacation character varying(255) NOT NULL REFERENCES $table_vacation(email) ON DELETE CASCADE,
notified character varying(255) NOT NULL, notified character varying(255) NOT NULL,
@ -785,7 +793,7 @@ function upgrade_4_pgsql() {
* - removed creation of default superadmin * - removed creation of default superadmin
*/ */
function upgrade_5_mysql() { function upgrade_5_mysql() {
$result = db_query_parsed(" db_query_parsed("
CREATE TABLE {IF_NOT_EXISTS} " . table_by_key('admin') . " ( CREATE TABLE {IF_NOT_EXISTS} " . table_by_key('admin') . " (
`username` varchar(255) NOT NULL default '', `username` varchar(255) NOT NULL default '',
`password` varchar(255) NOT NULL default '', `password` varchar(255) NOT NULL default '',
@ -796,7 +804,7 @@ function upgrade_5_mysql() {
KEY username (`username`) KEY username (`username`)
) DEFAULT {LATIN1} COMMENT='Postfix Admin - Virtual Admins'; "); ) DEFAULT {LATIN1} COMMENT='Postfix Admin - Virtual Admins'; ");
$result = db_query_parsed(" db_query_parsed("
CREATE TABLE {IF_NOT_EXISTS} " . table_by_key('alias') . " ( CREATE TABLE {IF_NOT_EXISTS} " . table_by_key('alias') . " (
`address` varchar(255) NOT NULL default '', `address` varchar(255) NOT NULL default '',
`goto` text NOT NULL, `goto` text NOT NULL,
@ -809,7 +817,7 @@ function upgrade_5_mysql() {
) DEFAULT {LATIN1} COMMENT='Postfix Admin - Virtual Aliases'; ) DEFAULT {LATIN1} COMMENT='Postfix Admin - Virtual Aliases';
"); ");
$result = db_query_parsed(" db_query_parsed("
CREATE TABLE {IF_NOT_EXISTS} " . table_by_key('domain') . " ( CREATE TABLE {IF_NOT_EXISTS} " . table_by_key('domain') . " (
`domain` varchar(255) NOT NULL default '', `domain` varchar(255) NOT NULL default '',
`description` varchar(255) NOT NULL default '', `description` varchar(255) NOT NULL default '',
@ -827,7 +835,7 @@ function upgrade_5_mysql() {
) DEFAULT {LATIN1} COMMENT='Postfix Admin - Virtual Domains'; ) DEFAULT {LATIN1} COMMENT='Postfix Admin - Virtual Domains';
"); ");
$result = db_query_parsed(" db_query_parsed("
CREATE TABLE {IF_NOT_EXISTS} " . table_by_key('domain_admins') . " ( CREATE TABLE {IF_NOT_EXISTS} " . table_by_key('domain_admins') . " (
`username` varchar(255) NOT NULL default '', `username` varchar(255) NOT NULL default '',
`domain` varchar(255) NOT NULL default '', `domain` varchar(255) NOT NULL default '',
@ -837,7 +845,7 @@ function upgrade_5_mysql() {
) DEFAULT {LATIN1} COMMENT='Postfix Admin - Domain Admins'; ) DEFAULT {LATIN1} COMMENT='Postfix Admin - Domain Admins';
"); ");
$result = db_query_parsed(" db_query_parsed("
CREATE TABLE {IF_NOT_EXISTS} " . table_by_key('log') . " ( CREATE TABLE {IF_NOT_EXISTS} " . table_by_key('log') . " (
`timestamp` {DATETIME}, `timestamp` {DATETIME},
`username` varchar(255) NOT NULL default '', `username` varchar(255) NOT NULL default '',
@ -848,7 +856,7 @@ function upgrade_5_mysql() {
) DEFAULT {LATIN1} COMMENT='Postfix Admin - Log'; ) DEFAULT {LATIN1} COMMENT='Postfix Admin - Log';
"); ");
$result = db_query_parsed(" db_query_parsed("
CREATE TABLE {IF_NOT_EXISTS} " . table_by_key('mailbox') . " ( CREATE TABLE {IF_NOT_EXISTS} " . table_by_key('mailbox') . " (
`username` varchar(255) NOT NULL default '', `username` varchar(255) NOT NULL default '',
`password` varchar(255) NOT NULL default '', `password` varchar(255) NOT NULL default '',
@ -864,7 +872,7 @@ function upgrade_5_mysql() {
) DEFAULT {LATIN1} COMMENT='Postfix Admin - Virtual Mailboxes'; ) DEFAULT {LATIN1} COMMENT='Postfix Admin - Virtual Mailboxes';
"); ");
$result = db_query_parsed(" db_query_parsed("
CREATE TABLE {IF_NOT_EXISTS} " . table_by_key('vacation') . " ( CREATE TABLE {IF_NOT_EXISTS} " . table_by_key('vacation') . " (
`email` varchar(255) NOT NULL , `email` varchar(255) NOT NULL ,
`subject` varchar(255) NOT NULL, `subject` varchar(255) NOT NULL,
@ -883,10 +891,10 @@ function upgrade_5_mysql() {
* drop useless indicies (already available as primary key) * drop useless indicies (already available as primary key)
*/ */
function upgrade_79_mysql() { # MySQL only function upgrade_79_mysql() { # MySQL only
$result = db_query_parsed(_drop_index('admin', 'username'), true); db_query_parsed(_drop_index('admin', 'username'), true);
$result = db_query_parsed(_drop_index('alias', 'address'), true); db_query_parsed(_drop_index('alias', 'address'), true);
$result = db_query_parsed(_drop_index('domain', 'domain'), true); db_query_parsed(_drop_index('domain', 'domain'), true);
$result = db_query_parsed(_drop_index('mailbox', 'username'), true); db_query_parsed(_drop_index('mailbox', 'username'), true);
} }
function upgrade_81_mysql() { # MySQL only function upgrade_81_mysql() { # MySQL only
@ -905,7 +913,7 @@ function upgrade_81_mysql() { # MySQL only
")); "));
foreach ($all_sql as $sql) { foreach ($all_sql as $sql) {
$result = db_query_parsed($sql, true); db_query_parsed($sql, true);
} }
} }
@ -913,9 +921,9 @@ function upgrade_81_mysql() { # MySQL only
* Make logging translatable - i.e. create alias => create_alias * Make logging translatable - i.e. create alias => create_alias
*/ */
function upgrade_90_mysql_pgsql() { function upgrade_90_mysql_pgsql() {
$result = db_query_parsed("UPDATE " . table_by_key('log') . " SET action = REPLACE(action,' ','_')", true); db_query_parsed("UPDATE " . table_by_key('log') . " SET action = REPLACE(action,' ','_')", true);
# change edit_alias_state to edit_alias_active # change edit_alias_state to edit_alias_active
$result = db_query_parsed("UPDATE " . table_by_key('log') . " SET action = 'edit_alias_state' WHERE action = 'edit_alias_active'", true); db_query_parsed("UPDATE " . table_by_key('log') . " SET action = 'edit_alias_state' WHERE action = 'edit_alias_active'", true);
} }
/** /**
@ -924,9 +932,9 @@ function upgrade_90_mysql_pgsql() {
function upgrade_169_mysql() { function upgrade_169_mysql() {
$table_domain = table_by_key('domain'); $table_domain = table_by_key('domain');
$table_mailbox = table_by_key('mailbox'); $table_mailbox = table_by_key('mailbox');
$result = db_query_parsed("ALTER TABLE $table_domain MODIFY COLUMN `quota` bigint(20) NOT NULL default '0'", true); db_query_parsed("ALTER TABLE $table_domain MODIFY COLUMN `quota` bigint(20) NOT NULL default '0'", true);
$result = db_query_parsed("ALTER TABLE $table_domain MODIFY COLUMN `maxquota` bigint(20) NOT NULL default '0'", true); db_query_parsed("ALTER TABLE $table_domain MODIFY COLUMN `maxquota` bigint(20) NOT NULL default '0'", true);
$result = db_query_parsed("ALTER TABLE $table_mailbox MODIFY COLUMN `quota` bigint(20) NOT NULL default '0'", true); db_query_parsed("ALTER TABLE $table_mailbox MODIFY COLUMN `quota` bigint(20) NOT NULL default '0'", true);
} }
@ -963,7 +971,7 @@ function upgrade_318_mysql() {
# (not a great loss) and re-create it using this function. # (not a great loss) and re-create it using this function.
foreach ($all_sql as $sql) { foreach ($all_sql as $sql) {
$result = db_query_parsed($sql); db_query_parsed($sql);
} }
} }
@ -1090,7 +1098,7 @@ function upgrade_373_mysql() { # MySQL only
")); "));
foreach ($all_sql as $sql) { foreach ($all_sql as $sql) {
$result = db_query_parsed($sql); db_query_parsed($sql);
} }
} }
@ -1162,7 +1170,7 @@ function upgrade_473_mysql() {
")); "));
foreach ($all_sql as $sql) { foreach ($all_sql as $sql) {
$result = db_query_parsed($sql); db_query_parsed($sql);
} }
} }
@ -1408,6 +1416,10 @@ function upgrade_1284_mysql_pgsql() {
if ($result['rows'] > 0) { if ($result['rows'] > 0) {
while ($row = db_assoc($result['result'])) { while ($row = db_assoc($result['result'])) {
if(!is_array($row)) {
break;
}
printdebug("Setting superadmin flag for " . $row['username']); printdebug("Setting superadmin flag for " . $row['username']);
db_update('admin', 'username', $row['username'], array('superadmin' => db_get_boolean(true))); db_update('admin', 'username', $row['username'], array('superadmin' => db_get_boolean(true)));
} }
@ -1676,7 +1688,7 @@ function upgrade_1836_mysql() {
")); "));
foreach ($all_sql as $sql) { foreach ($all_sql as $sql) {
$result = db_query_parsed($sql, true); db_query_parsed($sql, true);
} }
} }

9
public/users/password-recover.php
View File

@ -58,6 +58,11 @@ function sendCodebySMS($to, $username, $code) {
if ($_SERVER['REQUEST_METHOD'] === "POST") { if ($_SERVER['REQUEST_METHOD'] === "POST") {
$start_time = microtime(true); $start_time = microtime(true);
$tUsername = escape_string(safepost('fUsername')); $tUsername = escape_string(safepost('fUsername'));
if(empty($tUsername) || !is_string($tUsername)) {
die("fUsername field required");
}
$handler = $context === 'admin' ? new AdminHandler : new MailboxHandler; $handler = $context === 'admin' ? new AdminHandler : new MailboxHandler;
$token = $handler->getPasswordRecoveryCode($tUsername); $token = $handler->getPasswordRecoveryCode($tUsername);
if ($token !== false) { if ($token !== false) {
@ -65,8 +70,8 @@ if ($_SERVER['REQUEST_METHOD'] === "POST") {
$result = db_query("SELECT * FROM $table WHERE username='$tUsername'"); $result = db_query("SELECT * FROM $table WHERE username='$tUsername'");
$row = db_assoc($result['result']); $row = db_assoc($result['result']);
$email_other = trim($row['email_other']); $email_other = isset($row['email_other']) ? trim($row['email_other']) : null;
$phone = trim($row['phone']); $phone = isset($row['phone']) ? trim($row['phone']) : null;
if ($email_other) { if ($email_other) {
sendCodeByEmail($email_other, $tUsername, $token); sendCodeByEmail($email_other, $tUsername, $token);

10
public/viewlog.php
View File

@ -55,7 +55,6 @@ if (! (check_owner($SESSID_USERNAME, $fDomain) || authentication_has_role('globa
flash_error($PALANG['pViewlog_result_error']); flash_error($PALANG['pViewlog_result_error']);
} }
// we need to initialize $tLog as an array!
$tLog = array(); $tLog = array();
if ($error != 1) { if ($error != 1) {
@ -69,7 +68,7 @@ if ($error != 1) {
$result = db_query($query); $result = db_query($query);
if ($result['rows'] > 0) { if ($result['rows'] > 0) {
while ($row = db_assoc($result['result'])) { while ($row = db_assoc($result['result'])) {
if (db_pgsql()) { if (is_array($row) && db_pgsql()) {
$row['timestamp'] = gmstrftime('%c %Z', $row['timestamp']); $row['timestamp'] = gmstrftime('%c %Z', $row['timestamp']);
} }
$tLog[] = $row; $tLog[] = $row;
@ -77,8 +76,11 @@ if ($error != 1) {
} }
} }
for ($i = 0; $i < count($tLog); $i++) { foreach($tLog as $k => $v) {
$tLog[$i]['action'] = $PALANG ['pViewlog_action_'.$tLog [$i]['action']]; if(isset($v['action'])) {
$v['action'] = $PALANG['pViewlog_action_' . $v['action']];
$tLog[$k] = $v;
}
} }
$smarty->assign('domain_list', $list_domains); $smarty->assign('domain_list', $list_domains);

2
public/xmlrpc.php
View File

@ -162,7 +162,7 @@ class AliasProxy {
$ah = new AliasHandler(); $ah = new AliasHandler();
$ah->init($_SESSION['sessid']['username']); $ah->init($_SESSION['sessid']['username']);
$values['goto'] = $addresses; $values = ['goto' => $addresses];
if ($flags == 'forward_and_store') { if ($flags == 'forward_and_store') {
$values['goto_mailbox'] = 1; $values['goto_mailbox'] = 1;

6
templates/header.php
View File

@ -1,5 +1,9 @@
<?php if( !defined('POSTFIXADMIN') ) die( "This file cannot be used standalone." ); ?>
<?php <?php
if( !defined('POSTFIXADMIN') ) die( "This file cannot be used standalone." );
if( !isset($CONF) || !is_array($CONF) ) {
die("Configuration not loaded. Check " . __FILE__);
}
@header ("Expires: Sun, 16 Mar 2003 05:00:00 GMT"); @header ("Expires: Sun, 16 Mar 2003 05:00:00 GMT");
@header ("Last-Modified: " . gmdate ("D, d M Y H:i:s") . " GMT"); @header ("Last-Modified: " . gmdate ("D, d M Y H:i:s") . " GMT");
@header ("Cache-Control: no-store, no-cache, must-revalidate"); @header ("Cache-Control: no-store, no-cache, must-revalidate");