You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1182 lines
29 KiB
1182 lines
29 KiB
<?php
|
|
use function Hestiacp\quoteshellarg\quoteshellarg;
|
|
|
|
ob_start();
|
|
$TAB = "MAIL";
|
|
|
|
// Main include
|
|
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
|
|
|
|
// Check domain argument
|
|
if (empty($_GET["domain"])) {
|
|
header("Location: /list/mail/");
|
|
exit();
|
|
}
|
|
|
|
// Edit as someone else?
|
|
if ($_SESSION["userContext"] === "admin" && !empty($_GET["user"])) {
|
|
$user = quoteshellarg($_GET["user"]);
|
|
$user_plain = htmlentities($_GET["user"]);
|
|
}
|
|
|
|
$v_username = $user;
|
|
|
|
// List mail domain
|
|
if (!empty($_GET["domain"]) && empty($_GET["account"])) {
|
|
$v_domain = $_GET["domain"];
|
|
|
|
exec(HESTIA_CMD . "v-list-sys-webmail json", $output, $return_var);
|
|
$webmail_clients = json_decode(implode("", $output), true);
|
|
unset($output);
|
|
|
|
exec(
|
|
HESTIA_CMD . "v-list-mail-domain " . $user . " " . quoteshellarg($v_domain) . " json",
|
|
$output,
|
|
$return_var,
|
|
);
|
|
$data = json_decode(implode("", $output), true);
|
|
check_return_code_redirect($return_var, $output, "/list/mail/");
|
|
unset($output);
|
|
|
|
// Parse domain
|
|
$v_antispam = $data[$v_domain]["ANTISPAM"];
|
|
$v_reject = $data[$v_domain]["REJECT"];
|
|
$v_antivirus = $data[$v_domain]["ANTIVIRUS"];
|
|
$v_dkim = $data[$v_domain]["DKIM"];
|
|
$v_catchall = $data[$v_domain]["CATCHALL"];
|
|
$v_rate = $data[$v_domain]["RATE_LIMIT"];
|
|
$v_date = $data[$v_domain]["DATE"];
|
|
$v_time = $data[$v_domain]["TIME"];
|
|
$v_suspended = $data[$v_domain]["SUSPENDED"];
|
|
$v_webmail_alias = $data[$v_domain]["WEBMAIL_ALIAS"];
|
|
$v_webmail = $data[$v_domain]["WEBMAIL"];
|
|
$v_smtp_relay = $data[$v_domain]["U_SMTP_RELAY"];
|
|
$v_smtp_relay_host = $data[$v_domain]["U_SMTP_RELAY_HOST"];
|
|
$v_smtp_relay_port = $data[$v_domain]["U_SMTP_RELAY_PORT"];
|
|
$v_smtp_relay_user = $data[$v_domain]["U_SMTP_RELAY_USERNAME"];
|
|
|
|
if ($v_suspended == "yes") {
|
|
$v_status = "suspended";
|
|
} else {
|
|
$v_status = "active";
|
|
}
|
|
|
|
$v_ssl = $data[$v_domain]["SSL"];
|
|
if (!empty($v_ssl)) {
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-list-mail-domain-ssl " .
|
|
$user .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" json",
|
|
$output,
|
|
$return_var,
|
|
);
|
|
$ssl_str = json_decode(implode("", $output), true);
|
|
unset($output);
|
|
$v_ssl_crt = $ssl_str[$v_domain]["CRT"];
|
|
$v_ssl_key = $ssl_str[$v_domain]["KEY"];
|
|
$v_ssl_ca = $ssl_str[$v_domain]["CA"];
|
|
$v_ssl_subject = $ssl_str[$v_domain]["SUBJECT"];
|
|
$v_ssl_aliases = $ssl_str[$v_domain]["ALIASES"];
|
|
$v_ssl_not_before = $ssl_str[$v_domain]["NOT_BEFORE"];
|
|
$v_ssl_not_after = $ssl_str[$v_domain]["NOT_AFTER"];
|
|
$v_ssl_signature = $ssl_str[$v_domain]["SIGNATURE"];
|
|
$v_ssl_pub_key = $ssl_str[$v_domain]["PUB_KEY"];
|
|
$v_ssl_issuer = $ssl_str[$v_domain]["ISSUER"];
|
|
}
|
|
$v_letsencrypt = $data[$v_domain]["LETSENCRYPT"];
|
|
if (empty($v_letsencrypt)) {
|
|
$v_letsencrypt = "no";
|
|
}
|
|
}
|
|
|
|
// List mail account
|
|
if (!empty($_GET["domain"]) && !empty($_GET["account"])) {
|
|
$v_domain = $_GET["domain"];
|
|
|
|
$v_account = $_GET["account"];
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-list-mail-account " .
|
|
$user .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
quoteshellarg($v_account) .
|
|
" 'json'",
|
|
$output,
|
|
$return_var,
|
|
);
|
|
$data = json_decode(implode("", $output), true);
|
|
check_return_code_redirect($return_var, $output, "/list/mail/");
|
|
unset($output);
|
|
|
|
// Parse mail account
|
|
$v_username = $user;
|
|
$v_password = "";
|
|
$v_aliases = str_replace(",", "\n", $data[$v_account]["ALIAS"]);
|
|
$valiases = explode(",", $data[$v_account]["ALIAS"]);
|
|
$v_fwd = str_replace(",", "\n", $data[$v_account]["FWD"]);
|
|
if ($v_fwd == ":blackhole:") {
|
|
$v_fwd = "";
|
|
$v_blackhole = "yes";
|
|
} else {
|
|
$v_blackhole = "no";
|
|
}
|
|
$vfwd = explode(",", $data[$v_account]["FWD"]);
|
|
$v_fwd_only = $data[$v_account]["FWD_ONLY"];
|
|
$v_rate = $data[$v_account]["RATE_LIMIT"];
|
|
$v_quota = $data[$v_account]["QUOTA"];
|
|
$v_autoreply = $data[$v_account]["AUTOREPLY"];
|
|
$v_suspended = $data[$v_account]["SUSPENDED"];
|
|
$v_webmail_alias = $data[$v_account]["WEBMAIL_ALIAS"];
|
|
if (empty($v_send_email)) {
|
|
$v_send_email = "";
|
|
}
|
|
if ($v_suspended == "yes") {
|
|
$v_status = "suspended";
|
|
} else {
|
|
$v_status = "active";
|
|
}
|
|
$v_date = $data[$v_account]["DATE"];
|
|
$v_time = $data[$v_account]["TIME"];
|
|
|
|
// Parse autoreply
|
|
if ($v_autoreply == "yes") {
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-list-mail-account-autoreply " .
|
|
$user .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
quoteshellarg($v_account) .
|
|
" json",
|
|
$output,
|
|
$return_var,
|
|
);
|
|
$autoreply_str = json_decode(implode("", $output), true);
|
|
unset($output);
|
|
$v_autoreply_message = $autoreply_str[$v_account]["MSG"];
|
|
$v_autoreply_message = str_replace("\\n", "\n", $v_autoreply_message);
|
|
} else {
|
|
$v_autoreply_message = "";
|
|
}
|
|
}
|
|
|
|
// Check POST request for mail domain
|
|
if (!empty($_POST["save"]) && !empty($_GET["domain"]) && empty($_GET["account"])) {
|
|
// Check token
|
|
verify_csrf($_POST);
|
|
|
|
exec(
|
|
HESTIA_CMD . "v-list-mail-domain " . $user . " " . quoteshellarg($v_domain) . " json",
|
|
$output,
|
|
$return_var,
|
|
);
|
|
$data = json_decode(implode("", $output), true);
|
|
check_return_code_redirect($return_var, $output, "/list/mail/");
|
|
unset($output);
|
|
|
|
// Delete antispam
|
|
if ($v_antispam == "yes" && empty($_POST["v_antispam"]) && empty($_SESSION["error_msg"])) {
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-delete-mail-domain-antispam " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain),
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
$v_antispam = "no";
|
|
unset($output);
|
|
}
|
|
|
|
// Add antispam
|
|
if ($v_antispam == "no" && !empty($_POST["v_antispam"]) && empty($_SESSION["error_msg"])) {
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-add-mail-domain-antispam " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain),
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
$v_antispam = "yes";
|
|
unset($output);
|
|
}
|
|
|
|
// Delete antivirus
|
|
if ($v_antivirus == "yes" && empty($_POST["v_antivirus"]) && empty($_SESSION["error_msg"])) {
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-delete-mail-domain-antivirus " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain),
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
$v_antivirus = "no";
|
|
unset($output);
|
|
}
|
|
|
|
// Add antivirus
|
|
if ($v_antivirus == "no" && !empty($_POST["v_antivirus"]) && empty($_SESSION["error_msg"])) {
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-add-mail-domain-antivirus " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain),
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
$v_antivirus = "yes";
|
|
unset($output);
|
|
}
|
|
|
|
// Delete DKIM
|
|
if ($v_dkim == "yes" && empty($_POST["v_dkim"]) && empty($_SESSION["error_msg"])) {
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-delete-mail-domain-dkim " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain),
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
$v_dkim = "no";
|
|
unset($output);
|
|
}
|
|
|
|
// Add DKIM
|
|
if ($v_dkim == "no" && !empty($_POST["v_dkim"]) && empty($_SESSION["error_msg"])) {
|
|
exec(
|
|
HESTIA_CMD . "v-add-mail-domain-dkim " . $v_username . " " . quoteshellarg($v_domain),
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
$v_dkim = "yes";
|
|
unset($output);
|
|
}
|
|
|
|
// Delete catchall
|
|
if (!empty($v_catchall) && empty($_POST["v_catchall"]) && empty($_SESSION["error_msg"])) {
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-delete-mail-domain-catchall " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain),
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
$v_catchall = "";
|
|
unset($output);
|
|
}
|
|
|
|
// Change rate limit
|
|
if (
|
|
$v_rate != $_POST["v_rate"] &&
|
|
empty($_SESSION["error_msg"]) &&
|
|
$_SESSION["userContext"] == "admin"
|
|
) {
|
|
if (empty($_POST["v_rate"])) {
|
|
$v_rate = "system";
|
|
} else {
|
|
$v_rate = quoteshellarg($_POST["v_rate"]);
|
|
}
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-change-mail-domain-rate-limit " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
$v_rate,
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
if ($v_rate == "system") {
|
|
$v_rate = "";
|
|
}
|
|
unset($output);
|
|
}
|
|
|
|
if (!empty($_POST["v_reject"]) && $v_antispam == "yes" && $v_reject != "yes") {
|
|
exec(
|
|
HESTIA_CMD . "v-add-mail-domain-reject " . $user . " " . $v_domain . " yes",
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
$v_reject = "yes";
|
|
unset($output);
|
|
}
|
|
if (empty($_POST["v_reject"]) && $v_reject == "yes") {
|
|
exec(
|
|
HESTIA_CMD . "v-delete-mail-domain-reject " . $user . " " . $v_domain . " yes",
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
$v_reject = "";
|
|
unset($output);
|
|
}
|
|
|
|
// Change catchall address
|
|
if (!empty($v_catchall) && !empty($_POST["v_catchall"]) && empty($_SESSION["error_msg"])) {
|
|
if ($v_catchall != $_POST["v_catchall"]) {
|
|
$v_catchall = quoteshellarg($_POST["v_catchall"]);
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-change-mail-domain-catchall " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
$v_catchall,
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
}
|
|
}
|
|
|
|
// Add catchall
|
|
if (empty($v_catchall) && !empty($_POST["v_catchall"]) && empty($_SESSION["error_msg"])) {
|
|
$v_catchall = quoteshellarg($_POST["v_catchall"]);
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-add-mail-domain-catchall " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
$v_catchall,
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
}
|
|
|
|
if (!empty($_SESSION["IMAP_SYSTEM"]) && !empty($_SESSION["WEBMAIL_SYSTEM"])) {
|
|
if (empty($_SESSION["error_msg"])) {
|
|
if (!empty($_POST["v_webmail"])) {
|
|
$v_webmail = quoteshellarg($_POST["v_webmail"]);
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-add-mail-domain-webmail " .
|
|
$user .
|
|
" " .
|
|
$v_domain .
|
|
" " .
|
|
$v_webmail .
|
|
" yes",
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
}
|
|
}
|
|
}
|
|
|
|
if (!empty($_SESSION["IMAP_SYSTEM"]) && !empty($_SESSION["WEBMAIL_SYSTEM"])) {
|
|
if (empty($_POST["v_webmail"])) {
|
|
if (empty($_SESSION["error_msg"])) {
|
|
exec(
|
|
HESTIA_CMD . "v-delete-mail-domain-webmail " . $user . " " . $v_domain . " yes",
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
$v_webmail = "";
|
|
unset($output);
|
|
}
|
|
}
|
|
}
|
|
|
|
// Change SSL certificate
|
|
if (
|
|
$v_letsencrypt == "no" &&
|
|
empty($_POST["v_letsencrypt"]) &&
|
|
$v_ssl == "yes" &&
|
|
!empty($_POST["v_ssl"]) &&
|
|
empty($_SESSION["error_msg"])
|
|
) {
|
|
if (
|
|
$v_ssl_crt != str_replace("\r\n", "\n", $_POST["v_ssl_crt"]) ||
|
|
$v_ssl_key != str_replace("\r\n", "\n", $_POST["v_ssl_key"]) ||
|
|
$v_ssl_ca != str_replace("\r\n", "\n", $_POST["v_ssl_ca"])
|
|
) {
|
|
exec("mktemp -d", $mktemp_output, $return_var);
|
|
$tmpdir = $mktemp_output[0];
|
|
|
|
// Certificate
|
|
if (!empty($_POST["v_ssl_crt"])) {
|
|
$fp = fopen($tmpdir . "/" . $v_domain . ".crt", "w");
|
|
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_ssl_crt"]));
|
|
fwrite($fp, "\n");
|
|
fclose($fp);
|
|
}
|
|
|
|
// Key
|
|
if (!empty($_POST["v_ssl_key"])) {
|
|
$fp = fopen($tmpdir . "/" . $v_domain . ".key", "w");
|
|
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_ssl_key"]));
|
|
fwrite($fp, "\n");
|
|
fclose($fp);
|
|
}
|
|
|
|
// CA
|
|
if (!empty($_POST["v_ssl_ca"])) {
|
|
$fp = fopen($tmpdir . "/" . $v_domain . ".ca", "w");
|
|
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_ssl_ca"]));
|
|
fwrite($fp, "\n");
|
|
fclose($fp);
|
|
}
|
|
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-change-mail-domain-sslcert " .
|
|
$user .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
$tmpdir .
|
|
" 'no'",
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
$restart_web = "yes";
|
|
$restart_proxy = "yes";
|
|
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-list-mail-domain-ssl " .
|
|
$user .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" json",
|
|
$output,
|
|
$return_var,
|
|
);
|
|
$ssl_str = json_decode(implode("", $output), true);
|
|
unset($output);
|
|
$v_ssl_crt = $ssl_str[$v_domain]["CRT"];
|
|
$v_ssl_key = $ssl_str[$v_domain]["KEY"];
|
|
$v_ssl_ca = $ssl_str[$v_domain]["CA"];
|
|
$v_ssl_subject = $ssl_str[$v_domain]["SUBJECT"];
|
|
$v_ssl_aliases = $ssl_str[$v_domain]["ALIASES"];
|
|
$v_ssl_not_before = $ssl_str[$v_domain]["NOT_BEFORE"];
|
|
$v_ssl_not_after = $ssl_str[$v_domain]["NOT_AFTER"];
|
|
$v_ssl_signature = $ssl_str[$v_domain]["SIGNATURE"];
|
|
$v_ssl_pub_key = $ssl_str[$v_domain]["PUB_KEY"];
|
|
$v_ssl_issuer = $ssl_str[$v_domain]["ISSUER"];
|
|
|
|
// Cleanup certificate tempfiles
|
|
if (!empty($_POST["v_ssl_crt"])) {
|
|
unlink($tmpdir . "/" . $v_domain . ".crt");
|
|
}
|
|
if (!empty($_POST["v_ssl_key"])) {
|
|
unlink($tmpdir . "/" . $v_domain . ".key");
|
|
}
|
|
if (!empty($_POST["v_ssl_ca"])) {
|
|
unlink($tmpdir . "/" . $v_domain . ".ca");
|
|
}
|
|
rmdir($tmpdir);
|
|
}
|
|
}
|
|
|
|
// Delete Lets Encrypt support
|
|
if (
|
|
$v_letsencrypt == "yes" &&
|
|
(empty($_POST["v_letsencrypt"]) || empty($_POST["v_ssl"])) &&
|
|
empty($_SESSION["error_msg"])
|
|
) {
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-delete-letsencrypt-domain " .
|
|
$user .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" '' 'yes'",
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
$v_ssl_crt = "";
|
|
$v_ssl_key = "";
|
|
$v_ssl_ca = "";
|
|
$v_letsencrypt = "no";
|
|
$v_letsencrypt_deleted = "yes";
|
|
$v_ssl = "no";
|
|
$restart_mail = "yes";
|
|
}
|
|
|
|
// Delete SSL certificate
|
|
if ($v_ssl == "yes" && empty($_POST["v_ssl"]) && empty($_SESSION["error_msg"])) {
|
|
exec(
|
|
HESTIA_CMD . "v-delete-mail-domain-ssl " . $v_username . " " . quoteshellarg($v_domain),
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
$v_ssl_crt = "";
|
|
$v_ssl_key = "";
|
|
$v_ssl_ca = "";
|
|
$v_ssl = "no";
|
|
$restart_mail = "yes";
|
|
}
|
|
|
|
// Add Lets Encrypt support
|
|
if (
|
|
!empty($_POST["v_ssl"]) &&
|
|
$v_letsencrypt == "no" &&
|
|
!empty($_POST["v_letsencrypt"]) &&
|
|
empty($_SESSION["error_msg"])
|
|
) {
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-add-letsencrypt-domain " .
|
|
$user .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" ' ' 'yes'",
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
$v_letsencrypt = "yes";
|
|
$v_ssl = "yes";
|
|
$restart_mail = "yes";
|
|
}
|
|
|
|
// Add SSL certificate
|
|
if (
|
|
$v_ssl == "no" &&
|
|
!empty($_POST["v_ssl"]) &&
|
|
empty($v_letsencrypt_deleted) &&
|
|
empty($_SESSION["error_msg"])
|
|
) {
|
|
if (empty($_POST["v_ssl_crt"])) {
|
|
$errors[] = "ssl certificate";
|
|
}
|
|
if (empty($_POST["v_ssl_key"])) {
|
|
$errors[] = "ssl key";
|
|
}
|
|
if (!empty($errors[0])) {
|
|
foreach ($errors as $i => $error) {
|
|
if ($i == 0) {
|
|
$error_msg = $error;
|
|
} else {
|
|
$error_msg = $error_msg . ", " . $error;
|
|
}
|
|
}
|
|
$_SESSION["error_msg"] = sprintf(_('Field "%s" can not be blank.'), $error_msg);
|
|
} else {
|
|
exec("mktemp -d", $mktemp_output, $return_var);
|
|
$tmpdir = $mktemp_output[0];
|
|
|
|
// Certificate
|
|
if (!empty($_POST["v_ssl_crt"])) {
|
|
$fp = fopen($tmpdir . "/" . $v_domain . ".crt", "w");
|
|
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_ssl_crt"]));
|
|
fclose($fp);
|
|
}
|
|
|
|
// Key
|
|
if (!empty($_POST["v_ssl_key"])) {
|
|
$fp = fopen($tmpdir . "/" . $v_domain . ".key", "w");
|
|
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_ssl_key"]));
|
|
fclose($fp);
|
|
}
|
|
|
|
// CA
|
|
if (!empty($_POST["v_ssl_ca"])) {
|
|
$fp = fopen($tmpdir . "/" . $v_domain . ".ca", "w");
|
|
fwrite($fp, str_replace("\r\n", "\n", $_POST["v_ssl_ca"]));
|
|
fclose($fp);
|
|
}
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-add-mail-domain-ssl " .
|
|
$user .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
$tmpdir .
|
|
" 'no'",
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
$v_ssl = "yes";
|
|
$restart_web = "yes";
|
|
$restart_proxy = "yes";
|
|
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-list-mail-domain-ssl " .
|
|
$user .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" json",
|
|
$output,
|
|
$return_var,
|
|
);
|
|
$ssl_str = json_decode(implode("", $output), true);
|
|
unset($output);
|
|
$v_ssl_crt = $ssl_str[$v_domain]["CRT"];
|
|
$v_ssl_key = $ssl_str[$v_domain]["KEY"];
|
|
$v_ssl_ca = $ssl_str[$v_domain]["CA"];
|
|
$v_ssl_subject = $ssl_str[$v_domain]["SUBJECT"];
|
|
$v_ssl_aliases = $ssl_str[$v_domain]["ALIASES"];
|
|
$v_ssl_not_before = $ssl_str[$v_domain]["NOT_BEFORE"];
|
|
$v_ssl_not_after = $ssl_str[$v_domain]["NOT_AFTER"];
|
|
$v_ssl_signature = $ssl_str[$v_domain]["SIGNATURE"];
|
|
$v_ssl_pub_key = $ssl_str[$v_domain]["PUB_KEY"];
|
|
$v_ssl_issuer = $ssl_str[$v_domain]["ISSUER"];
|
|
|
|
// Cleanup certificate tempfiles
|
|
if (!empty($_POST["v_ssl_crt"])) {
|
|
unlink($tmpdir . "/" . $v_domain . ".crt");
|
|
}
|
|
if (!empty($_POST["v_ssl_key"])) {
|
|
unlink($tmpdir . "/" . $v_domain . ".key");
|
|
}
|
|
if (!empty($_POST["v_ssl_ca"])) {
|
|
unlink($tmpdir . "/" . $v_domain . ".ca");
|
|
}
|
|
rmdir($tmpdir);
|
|
}
|
|
}
|
|
|
|
// Add SMTP Relay Support
|
|
if (empty($_SESSION["error_msg"])) {
|
|
if (isset($_POST["v_smtp_relay"]) && !empty($_POST["v_smtp_relay_host"])) {
|
|
if (
|
|
$_POST["v_smtp_relay_host"] != $v_smtp_relay_host ||
|
|
$_POST["v_smtp_relay_user"] != $v_smtp_relay_user ||
|
|
$_POST["v_smtp_relay_port"] != $v_smtp_relay_port ||
|
|
$_POST["v_smtp_relay_pass"] != ""
|
|
) {
|
|
$v_smtp_relay = true;
|
|
$v_smtp_relay_host = quoteshellarg($_POST["v_smtp_relay_host"]);
|
|
$v_smtp_relay_user = quoteshellarg($_POST["v_smtp_relay_user"]);
|
|
$v_smtp_relay_pass = quoteshellarg($_POST["v_smtp_relay_pass"]);
|
|
if (!empty($_POST["v_smtp_relay_port"])) {
|
|
$v_smtp_relay_port = quoteshellarg($_POST["v_smtp_relay_port"]);
|
|
} else {
|
|
$v_smtp_relay_port = "587";
|
|
}
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-add-mail-domain-smtp-relay " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
$v_smtp_relay_host .
|
|
" " .
|
|
$v_smtp_relay_user .
|
|
" " .
|
|
$v_smtp_relay_pass .
|
|
" " .
|
|
$v_smtp_relay_port,
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
}
|
|
}
|
|
if (!isset($_POST["v_smtp_relay"]) && $v_smtp_relay == true) {
|
|
$v_smtp_relay = false;
|
|
$v_smtp_relay_host = $v_smtp_relay_user = $v_smtp_relay_pass = $v_smtp_relay_port = "";
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-delete-mail-domain-smtp-relay " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain),
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
}
|
|
}
|
|
|
|
// Set success message
|
|
if (empty($_SESSION["error_msg"])) {
|
|
$_SESSION["ok_msg"] = _("Changes have been saved.");
|
|
}
|
|
}
|
|
|
|
// Check POST request for mail account
|
|
if (!empty($_POST["save"]) && !empty($_GET["domain"]) && !empty($_GET["account"])) {
|
|
// Check token
|
|
verify_csrf($_POST);
|
|
|
|
// Validate email
|
|
if (!empty($_POST["v_send_email"]) && empty($_SESSION["error_msg"])) {
|
|
if (!filter_var($_POST["v_send_email"], FILTER_VALIDATE_EMAIL)) {
|
|
$_SESSION["error_msg"] = _("Please enter a valid email address.");
|
|
}
|
|
}
|
|
|
|
$v_account = $_POST["v_account"];
|
|
$v_send_email = $_POST["v_send_email"];
|
|
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-list-mail-account " .
|
|
$user .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
quoteshellarg($v_account) .
|
|
" json",
|
|
$output,
|
|
$return_var,
|
|
);
|
|
$data = json_decode(implode("", $output), true);
|
|
check_return_code_redirect($return_var, $output, "/list/mail/");
|
|
unset($output);
|
|
|
|
// Change password
|
|
if (!empty($_POST["v_password"]) && empty($_SESSION["error_msg"])) {
|
|
if (!validate_password($_POST["v_password"])) {
|
|
$_SESSION["error_msg"] = _("Password does not match the minimum requirements.");
|
|
} else {
|
|
$v_password = tempnam("/tmp", "vst");
|
|
$fp = fopen($v_password, "w");
|
|
fwrite($fp, $_POST["v_password"] . "\n");
|
|
fclose($fp);
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-change-mail-account-password " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
quoteshellarg($v_account) .
|
|
" " .
|
|
$v_password,
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
unlink($v_password);
|
|
$v_password = quoteshellarg($_POST["v_password"]);
|
|
}
|
|
}
|
|
|
|
// Change quota
|
|
if ($v_quota != $_POST["v_quota"] && empty($_SESSION["error_msg"])) {
|
|
if (empty($_POST["v_quota"])) {
|
|
$v_quota = 0;
|
|
} else {
|
|
$v_quota = quoteshellarg($_POST["v_quota"]);
|
|
}
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-change-mail-account-quota " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
quoteshellarg($v_account) .
|
|
" " .
|
|
$v_quota,
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
}
|
|
// Change rate limit
|
|
if (
|
|
$v_rate != $_POST["v_rate"] &&
|
|
empty($_SESSION["error_msg"]) &&
|
|
$_SESSION["userContext"] == "admin"
|
|
) {
|
|
if (empty($_POST["v_rate"])) {
|
|
$v_rate = "system";
|
|
} else {
|
|
$v_rate = quoteshellarg($_POST["v_rate"]);
|
|
}
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-change-mail-account-rate-limit " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
quoteshellarg($v_account) .
|
|
" " .
|
|
$v_rate,
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
if ($v_rate == "system") {
|
|
$v_rate = "";
|
|
}
|
|
unset($output);
|
|
}
|
|
|
|
// Change account aliases
|
|
if (empty($_SESSION["error_msg"])) {
|
|
$waliases = preg_replace("/\n/", " ", $_POST["v_aliases"]);
|
|
$waliases = preg_replace("/,/", " ", $waliases);
|
|
$waliases = preg_replace("/\s+/", " ", $waliases);
|
|
$waliases = trim($waliases);
|
|
$aliases = explode(" ", $waliases);
|
|
$v_aliases = str_replace(" ", "\n", $waliases);
|
|
$result = array_diff($valiases, $aliases);
|
|
foreach ($result as $alias) {
|
|
if (empty($_SESSION["error_msg"]) && !empty($alias)) {
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-delete-mail-account-alias " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
quoteshellarg($v_account) .
|
|
" " .
|
|
quoteshellarg($alias),
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
}
|
|
}
|
|
$result = array_diff($aliases, $valiases);
|
|
foreach ($result as $alias) {
|
|
if (empty($_SESSION["error_msg"]) && !empty($alias)) {
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-add-mail-account-alias " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
quoteshellarg($v_account) .
|
|
" " .
|
|
quoteshellarg($alias),
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
}
|
|
}
|
|
}
|
|
// Change forwarders to :blackhole:
|
|
if (empty($_SESSION["error_msg"]) && !empty($_POST["v_blackhole"])) {
|
|
foreach ($vfwd as $forward) {
|
|
if (empty($_SESSION["error_msg"]) && !empty($forward)) {
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-delete-mail-account-forward " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
quoteshellarg($v_account) .
|
|
" " .
|
|
quoteshellarg($forward),
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
}
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-add-mail-account-forward " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
quoteshellarg($v_account) .
|
|
" :blackhole:",
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
$v_fwd = "";
|
|
$v_blackhole = "yes";
|
|
}
|
|
}
|
|
// Change forwarders
|
|
if (empty($_SESSION["error_msg"]) && empty($_POST["v_blackhole"])) {
|
|
$wfwd = preg_replace("/\n/", " ", $_POST["v_fwd"]);
|
|
$wfwd = preg_replace("/,/", " ", $wfwd);
|
|
$wfwd = preg_replace("/\s+/", " ", $wfwd);
|
|
$wfwd = trim($wfwd);
|
|
$fwd = explode(" ", $wfwd);
|
|
$v_fwd = str_replace(" ", "\n", $wfwd);
|
|
$result = array_diff($vfwd, $fwd);
|
|
foreach ($result as $forward) {
|
|
if (empty($_SESSION["error_msg"]) && !empty($forward)) {
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-delete-mail-account-forward " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
quoteshellarg($v_account) .
|
|
" " .
|
|
quoteshellarg($forward),
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
}
|
|
}
|
|
$result = array_diff($fwd, $vfwd);
|
|
foreach ($result as $forward) {
|
|
if (empty($_SESSION["error_msg"]) && !empty($forward)) {
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-add-mail-account-forward " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
quoteshellarg($v_account) .
|
|
" " .
|
|
quoteshellarg($forward),
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
}
|
|
}
|
|
$v_blackhole = "no";
|
|
}
|
|
|
|
// Delete FWD_ONLY flag
|
|
if ($v_fwd_only == "yes" && empty($_POST["v_fwd_only"]) && empty($_SESSION["error_msg"])) {
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-delete-mail-account-fwd-only " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
quoteshellarg($v_account),
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
$v_fwd_only = "";
|
|
}
|
|
|
|
// Add FWD_ONLY flag
|
|
if ($v_fwd_only != "yes" && !empty($_POST["v_fwd_only"]) && empty($_SESSION["error_msg"])) {
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-add-mail-account-fwd-only " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
quoteshellarg($v_account),
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
$v_fwd_only = "yes";
|
|
}
|
|
|
|
// Delete autoreply
|
|
if ($v_autoreply == "yes" && empty($_POST["v_autoreply"]) && empty($_SESSION["error_msg"])) {
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-delete-mail-account-autoreply " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
quoteshellarg($v_account),
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
$v_autoreply = "no";
|
|
$v_autoreply_message = "";
|
|
}
|
|
|
|
// Add autoreply
|
|
if (!empty($_POST["v_autoreply"]) && empty($_SESSION["error_msg"])) {
|
|
if ($v_autoreply_message != str_replace("\r\n", "\n", $_POST["v_autoreply_message"])) {
|
|
$v_autoreply_message = str_replace("\r\n", "\n", $_POST["v_autoreply_message"]);
|
|
$v_autoreply_message = quoteshellarg($v_autoreply_message);
|
|
exec(
|
|
HESTIA_CMD .
|
|
"v-add-mail-account-autoreply " .
|
|
$v_username .
|
|
" " .
|
|
quoteshellarg($v_domain) .
|
|
" " .
|
|
quoteshellarg($v_account) .
|
|
" " .
|
|
$v_autoreply_message,
|
|
$output,
|
|
$return_var,
|
|
);
|
|
check_return_code($return_var, $output);
|
|
unset($output);
|
|
$v_autoreply = "yes";
|
|
$v_autoreply_message = $_POST["v_autoreply_message"];
|
|
}
|
|
}
|
|
|
|
$hostname = get_hostname();
|
|
$webmail = "http://" . $hostname . "/" . $v_webmail_alias . "/";
|
|
if (!empty($_SESSION["WEBMAIL_ALIAS"])) {
|
|
$webmail = $_SESSION["WEBMAIL_ALIAS"];
|
|
}
|
|
|
|
// Email login credentials
|
|
if (!empty($_POST["v_send_email"]) && empty($_SESSION["error_msg"])) {
|
|
$to = $_POST["v_send_email"];
|
|
$template = get_email_template("email_credentials", $_SESSION["language"]);
|
|
if (!empty($template)) {
|
|
preg_match("/<subject>(.*?)<\/subject>/si", $template, $matches);
|
|
$subject = $matches[1];
|
|
$subject = str_replace(
|
|
["{{hostname}}", "{{appname}}", "{{account}}", "{{domain}}"],
|
|
[
|
|
get_hostname(),
|
|
$_SESSION["APP_NAME"],
|
|
htmlentities(strtolower($_POST["v_account"])),
|
|
htmlentities($_POST["v_domain"]),
|
|
],
|
|
$subject,
|
|
);
|
|
$template = str_replace($matches[0], "", $template);
|
|
} else {
|
|
$template = _(
|
|
"Mail account has been created.\n" .
|
|
"\n" .
|
|
"Common Account Settings:\n" .
|
|
"Username: {{account}}@{{domain}}\n" .
|
|
"Password: {{password}}\n" .
|
|
"Webmail: {{webmail}}\n" .
|
|
"Hostname: {{hostname}}\n" .
|
|
"\n" .
|
|
"IMAP Settings\n" .
|
|
"Authentication: Normal Password\n" .
|
|
"SSL/TLS: Port 993\n" .
|
|
"STARTTLS: Port 143\n" .
|
|
"No encryption: Port 143\n" .
|
|
"\n" .
|
|
"POP3 Settings\n" .
|
|
"Authentication: Normal Password\n" .
|
|
"SSL/TLS: Port 995\n" .
|
|
"STARTTLS: Port 110\n" .
|
|
"No encryption: Port 110\n" .
|
|
"\n" .
|
|
"SMTP Settings\n" .
|
|
"Authentication: Normal Password\n" .
|
|
"SSL/TLS: Port 465\n" .
|
|
"STARTTLS: Port 587\n" .
|
|
"No encryption: Port 25\n" .
|
|
"\n" .
|
|
"Best regards,\n" .
|
|
"\n" .
|
|
"--\n" .
|
|
"{{appname}}",
|
|
);
|
|
}
|
|
if (empty($subject)) {
|
|
$subject = str_replace(
|
|
["{{subject}}", "{{hostname}}", "{{appname}}"],
|
|
[
|
|
sprintf(
|
|
_("Email Credentials: %s@%s"),
|
|
htmlentities(strtolower($_POST["v_account"])),
|
|
htmlentities($_POST["v_domain"]),
|
|
),
|
|
get_hostname(),
|
|
$_SESSION["APP_NAME"],
|
|
],
|
|
$_SESSION["SUBJECT_EMAIL"],
|
|
);
|
|
}
|
|
|
|
$hostname = get_hostname();
|
|
$from = !empty($_SESSION["FROM_EMAIL"]) ? $_SESSION["FROM_EMAIL"] : "noreply@" . $hostname;
|
|
$from_name = !empty($_SESSION["FROM_NAME"])
|
|
? $_SESSION["FROM_NAME"]
|
|
: $_SESSION["APP_NAME"];
|
|
|
|
$mailtext = translate_email($template, [
|
|
"domain" => htmlentities($_POST["v_domain"]),
|
|
"account" => htmlentities(strtolower($_POST["v_account"])),
|
|
"password" => htmlentities($_POST["v_password"]),
|
|
"webmail" => $webmail . "." . htmlentities($_POST["v_domain"]),
|
|
"hostname" => "mail." . htmlentities($_POST["v_domain"]),
|
|
"appname" => $_SESSION["APP_NAME"],
|
|
]);
|
|
|
|
send_email($to, $subject, $mailtext, $from, $from_name);
|
|
}
|
|
|
|
// Set success message
|
|
if (empty($_SESSION["error_msg"])) {
|
|
$_SESSION["ok_msg"] = _("Changes have been saved.");
|
|
}
|
|
}
|
|
|
|
// Render page
|
|
if (empty($_GET["account"])) {
|
|
// Display body for mail domain
|
|
render_page($user, $TAB, "edit_mail");
|
|
} else {
|
|
// Display body for mail account
|
|
render_page($user, $TAB, "edit_mail_acc");
|
|
}
|
|
|
|
// Flush session messages
|
|
unset($_SESSION["error_msg"]);
|
|
unset($_SESSION["ok_msg"]);
|