From 6fc8cce8f5cf1156fe27b1d49f228c80cbd42a85 Mon Sep 17 00:00:00 2001 From: "Michael Kaufmann (d00p)" Date: Mon, 12 Mar 2018 13:44:44 +0100 Subject: [PATCH] add EmailAccounts.add; added wrapper function ApiCommand.getMailTemplate() to reduce code-duplication Signed-off-by: Michael Kaufmann (d00p) --- customer_email.php | 210 ++----------------- lib/classes/api/abstract.ApiCommand.php | 28 +++ lib/classes/api/commands/class.Customers.php | 44 ++-- lib/classes/api/commands/class.Emails.php | 7 +- lib/classes/api/commands/class.Ftps.php | 35 +--- lib/classes/api/commands/class.Mysqls.php | 34 +-- 6 files changed, 74 insertions(+), 284 deletions(-) diff --git a/customer_email.php b/customer_email.php index 8be1013c..cf2d043c 100644 --- a/customer_email.php +++ b/customer_email.php @@ -269,210 +269,24 @@ if ($page == 'overview') { } } elseif ($page == 'accounts') { if ($action == 'add' && $id != 0) { - // ensure the int is a positive one - if (isset($_POST['email_quota'])) { - $quota = validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong'); - } - if ($userinfo['email_accounts'] == '-1' || ($userinfo['email_accounts_used'] < $userinfo['email_accounts'])) { - - // check for imap||pop3 == 1, see #1298 - if ($userinfo['imap'] != '1' && $userinfo['pop3'] != '1') { - standard_error('notallowedtouseaccounts'); + try { + $json_result = Emails::getLocal($userinfo, array( + 'id' => $id + ))->get(); + } catch (Exception $e) { + dynamic_error($e->getMessage()); } - - $stmt = Database::prepare(" - SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid`, `popaccountid`, `domainid` - FROM `" . TABLE_MAIL_VIRTUAL . "` - WHERE `customerid`= :cid AND `id`= :id - "); - $result = Database::pexecute_first($stmt, array("cid" => $userinfo['customerid'], "id" => $id)); + $result = json_decode($json_result, true)['data']; if (isset($result['email']) && $result['email'] != '' && $result['popaccountid'] == '0') { if (isset($_POST['send']) && $_POST['send'] == 'send') { - $email_full = $result['email_full']; - $username = $idna_convert->decode($email_full); - $password = validate($_POST['email_password'], 'password'); - $password = validatePassword($password); - - if (Settings::Get('panel.sendalternativemail') == 1) { - $alternative_email = $idna_convert->encode(validate($_POST['alternative_email'], 'alternative_email')); - } else { - $alternative_email = ''; - } - - if (Settings::Get('system.mail_quota_enabled') == 1) { - if ($userinfo['email_quota'] != '-1' && ($quota == 0 || ($quota + $userinfo['email_quota_used']) > $userinfo['email_quota'])) { - standard_error('allocatetoomuchquota', $quota); - } - } else { - $quota = 0; - } - - if ($email_full == '') { - standard_error(array('stringisempty', 'emailadd')); - } - elseif ($password == '' && !(Settings::Get('panel.sendalternativemail') == 1 && validateEmail($alternative_email))) { - standard_error(array('stringisempty', 'mypassword')); - } - elseif ($password == $email_full) { - standard_error('passwordshouldnotbeusername'); - } else { - if ($password == '') { - $password = generatePassword(); - } - - $cryptPassword = makeCryptPassword($password); - - $email_user=substr($email_full,0,strrpos($email_full,"@")); - $email_domain=substr($email_full,strrpos($email_full,"@")+1); - $maildirname=trim(Settings::Get('system.vmail_maildirname')); - // Add trailing slash to Maildir if needed - $maildirpath=$maildirname; - if (!empty($maildirname) && substr($maildirname,-1) != "/") { - $maildirpath.="/"; - } - - $stmt = Database::prepare("INSERT INTO `" . TABLE_MAIL_USERS . "` - (`customerid`, `email`, `username`, " . (Settings::Get('system.mailpwcleartext') == '1' ? '`password`, ' : '') . " `password_enc`, `homedir`, `maildir`, `uid`, `gid`, `domainid`, `postfix`, `quota`, `imap`, `pop3`) ". - "VALUES (:cid, :email, :username, " . (Settings::Get('system.mailpwcleartext') == '1' ? ":password, " : '') . ":password_enc, :homedir, :maildir, :uid, :gid, :domainid, 'y', :quota, :imap, :pop3)" - ); - $params = array( - "cid" => $userinfo['customerid'], - "email" => $email_full, - "username" => $username, - "password_enc" => $cryptPassword, - "homedir" => Settings::Get('system.vmail_homedir'), - "maildir" => $userinfo['loginname'] . '/' . $email_domain . "/" . $email_user . "/" . $maildirpath, - "uid" => Settings::Get('system.vmail_uid'), - "gid" => Settings::Get('system.vmail_gid'), - "domainid" => $result['domainid'], - "quota" => $quota, - "imap" => $userinfo['imap'], - "pop3" => $userinfo['pop3'] - ); - if (Settings::Get('system.mailpwcleartext') == '1') { $params["password"] = $password; } - Database::pexecute($stmt, $params); - - $popaccountid = Database::lastInsertId(); - $result['destination'].= ' ' . $email_full; - $stmt = Database::prepare("UPDATE `" . TABLE_MAIL_VIRTUAL . "` - SET `destination` = :destination, - `popaccountid` = :popaccountid - WHERE `customerid`= :cid - AND `id`= :id" - ); - $params = array( - "destination" => makeCorrectDestination($result['destination']), - "popaccountid" => $popaccountid, - "cid" => $userinfo['customerid'], - "id" => $id - ); - Database::pexecute($stmt, $params); - - $stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` - SET `email_accounts_used`=`email_accounts_used`+1, - `email_quota_used`=`email_quota_used`+ :quota - WHERE `customerid`= :cid" - ); - Database::pexecute($stmt, array("quota" => $quota, "cid" => $userinfo['customerid'])); - - $log->logAction(USR_ACTION, LOG_INFO, "added email account for '" . $email_full . "'"); - $replace_arr = array( - 'EMAIL' => $email_full, - 'USERNAME' => $username, - 'PASSWORD' => $password - ); - - $stmt = Database::prepare("SELECT `name`, `email` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid`= :adminid"); - $admin = Database::pexecute_first($stmt, array("adminid" => $userinfo['adminid'])); - - $stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "` - WHERE `adminid`= :adminid - AND `language`= :lang - AND `templategroup`= 'mails' - AND `varname`= 'pop_success_subject'" - ); - $result = Database::pexecute_first($stmt, array("adminid" => $userinfo['adminid'], "lang" => $userinfo['def_language'])); - $mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['pop_success']['subject']), $replace_arr)); - - $stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "` - WHERE `adminid`= :adminid - AND `language`= :lang - AND `templategroup`= 'mails' - AND `varname`= 'pop_success_mailbody'" - ); - $result = Database::pexecute_first($stmt, array("adminid" => $userinfo['adminid'], "lang" => $userinfo['def_language'])); - $mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['pop_success']['mailbody']), $replace_arr)); - - $_mailerror = false; - try { - $mail->SetFrom($admin['email'], getCorrectUserSalutation($admin)); - $mail->Subject = $mail_subject; - $mail->AltBody = $mail_body; - $mail->MsgHTML(str_replace("\n", "
", $mail_body)); - $mail->AddAddress($email_full); - $mail->Send(); - } catch(phpmailerException $e) { - $mailerr_msg = $e->errorMessage(); - $_mailerror = true; - } catch (Exception $e) { - $mailerr_msg = $e->getMessage(); - $_mailerror = true; - } - - if ($_mailerror) { - $log->logAction(USR_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg); - standard_error('errorsendingmail', $email_full); - } - - $mail->ClearAddresses(); - - if (validateEmail($alternative_email) && Settings::Get('panel.sendalternativemail') == 1) { - $stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "` - WHERE `adminid`= :adminid - AND `language`= :lang - AND `templategroup`= 'mails' - AND `varname`= 'pop_success_alternative_subject'" - ); - $result = Database::pexecute_first($stmt, array("adminid" => $userinfo['adminid'], "lang" => $userinfo['def_language'])); - $mail_subject = replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['pop_success_alternative']['subject']), $replace_arr); - - $stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "` - WHERE `adminid`= :adminid - AND `language`= :lang - AND `templategroup`= 'mails' - AND `varname`= 'pop_success_alternative_mailbody'" - ); - $result = Database::pexecute_first($stmt, array("adminid" => $userinfo['adminid'], "lang" => $userinfo['def_language'])); - $mail_body = replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['pop_success_alternative']['mailbody']), $replace_arr); - - $_mailerror = false; - try { - $mail->SetFrom($admin['email'], getCorrectUserSalutation($admin)); - $mail->Subject = $mail_subject; - $mail->AltBody = $mail_body; - $mail->MsgHTML(str_replace("\n", "
", $mail_body)); - $mail->AddAddress($idna_convert->encode($alternative_email), getCorrectUserSalutation($userinfo)); - $mail->Send(); - } catch(phpmailerException $e) { - $mailerr_msg = $e->errorMessage(); - $_mailerror = true; - } catch (Exception $e) { - $mailerr_msg = $e->getMessage(); - $_mailerror = true; - } - - if ($_mailerror) { - $log->logAction(USR_ACTION, LOG_ERR, "Error sending mail: " . $mailerr_msg); - standard_error(array('errorsendingmail'), $alternative_email); - } - - $mail->ClearAddresses(); - } - - redirectTo($filename, array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s)); + try { + EmailAccounts::getLocal($userinfo, $_POST)->add(); + } catch (Exception $e) { + dynamic_error($e->getMessage()); } + redirectTo($filename, array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s)); } else { if (checkMailAccDeletionState($result['email_full'])) { diff --git a/lib/classes/api/abstract.ApiCommand.php b/lib/classes/api/abstract.ApiCommand.php index a0c66726..77b3c58d 100644 --- a/lib/classes/api/abstract.ApiCommand.php +++ b/lib/classes/api/abstract.ApiCommand.php @@ -425,6 +425,34 @@ abstract class ApiCommand extends ApiParameter ), true, true); } + /** + * return email template content from database or global language file if not found in DB + * + * @param array $customerdata + * @param string $group + * @param string $varname + * @param array $replace_arr + * @param string $default + * + * @return string + */ + protected function getMailTemplate($customerdata = null, $group = null, $varname = null, $replace_arr = array(), $default = "") + { + // get template + $stmt = Database::prepare(" + SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "` WHERE `adminid`= :adminid + AND `language`= :lang AND `templategroup`= :group AND `varname`= :var + "); + $result = Database::pexecute_first($stmt, array( + "adminid" => $customerdata['adminid'], + "lang" => $customerdata['def_language'], + "group" => $group, + "var" => $varname + ), true, true); + $content = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $default), $replace_arr)); + return $content; + } + /** * read user data from database by api-request-header fields * diff --git a/lib/classes/api/commands/class.Customers.php b/lib/classes/api/commands/class.Customers.php index 7291dea3..ae02b9c5 100644 --- a/lib/classes/api/commands/class.Customers.php +++ b/lib/classes/api/commands/class.Customers.php @@ -589,25 +589,17 @@ class Customers extends ApiCommand implements ResourceEntity 'DOMAINNAME' => $_stdsubdomain ); - // Get mail templates from database; the ones from 'admin' are fetched for fallback - $result_stmt = Database::prepare(" - SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "` - WHERE `adminid` = :adminid AND `language` = :deflang AND `templategroup` = 'mails' AND `varname` = 'createcustomer_subject'"); - $result = Database::pexecute_first($result_stmt, array( + // get template for mail subject + $mail_subject = $this->getMailTemplate(array( 'adminid' => $this->getUserDetail('adminid'), - 'deflang' => $def_language - ), true, true); - $mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $this->lng['mails']['createcustomer']['subject']), $replace_arr)); - - $result_stmt = Database::prepare(" - SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "` - WHERE `adminid` = :adminid AND `language` = :deflang AND `templategroup` = 'mails' AND `varname` = 'createcustomer_mailbody'"); - $result = Database::pexecute_first($result_stmt, array( + 'def_language' => $def_language + ), 'mails', 'createcustomer_subject', $replace_arr, $this->lng['mails']['createcustomer']['subject']); + // get template for mail body + $mail_body = $this->getMailTemplate(array( 'adminid' => $this->getUserDetail('adminid'), - 'deflang' => $def_language - ), true, true); - $mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $this->lng['mails']['createcustomer']['mailbody']), $replace_arr)); - + 'def_language' => $def_language + ), 'mails', 'createcustomer_mailbody', $replace_arr, $this->lng['mails']['createcustomer']['mailbody']); + $_mailerror = false; try { $this->mailer()->Subject = $mail_subject; @@ -665,7 +657,7 @@ class Customers extends ApiCommand implements ResourceEntity $id = $this->getParam('id', true, 0); $ln_optional = ($id <= 0 ? false : true); $loginname = $this->getParam('loginname', $ln_optional, ''); - + $result = $this->apiCall('Customers.get', array( 'id' => $id, 'loginname' => $loginname @@ -921,7 +913,7 @@ class Customers extends ApiCommand implements ResourceEntity // At last flush the new privileges $dbm->getManager()->flushPrivileges(); Database::needRoot(false); - + // reactivate/deactivate api-keys $valid_until = $deactivated ? 0 : - 1; $stmt = Database::prepare("UPDATE `" . TABLE_API_KEYS . "` SET `valid_until` = :vu WHERE `customerid` = :id"); @@ -929,7 +921,7 @@ class Customers extends ApiCommand implements ResourceEntity 'id' => $id, 'vu' => $valid_until ), true, true); - + $this->logger()->logAction(ADM_ACTION, LOG_INFO, "[API] " . ($deactivated ? 'deactivated' : 'reactivated') . " user '" . $result['loginname'] . "'"); inserttask('1'); } @@ -1164,7 +1156,7 @@ class Customers extends ApiCommand implements ResourceEntity } } } - + $result = $this->apiCall('Customers.get', array( 'id' => $result['customerid'] )); @@ -1192,7 +1184,7 @@ class Customers extends ApiCommand implements ResourceEntity $ln_optional = ($id <= 0 ? false : true); $loginname = $this->getParam('loginname', $ln_optional, ''); $delete_userfiles = $this->getParam('delete_userfiles', true, 0); - + $result = $this->apiCall('Customers.get', array( 'id' => $id, 'loginname' => $loginname @@ -1331,7 +1323,7 @@ class Customers extends ApiCommand implements ResourceEntity Database::pexecute($stmt, array( 'id' => $id ), true, true); - + // Delete all waiting "create user" -tasks for this user, #276 // Note: the WHERE selects part of a serialized array, but it should be safe this way $del_stmt = Database::prepare(" @@ -1438,7 +1430,7 @@ class Customers extends ApiCommand implements ResourceEntity $id = $this->getParam('id', true, 0); $ln_optional = ($id <= 0 ? false : true); $loginname = $this->getParam('loginname', $ln_optional, ''); - + $result = $this->apiCall('Customers.get', array( 'id' => $id, 'loginname' => $loginname @@ -1482,7 +1474,7 @@ class Customers extends ApiCommand implements ResourceEntity $id = $this->getParam('id', true, 0); $ln_optional = ($id <= 0 ? false : true); $loginname = $this->getParam('loginname', $ln_optional, ''); - + $c_result = $this->apiCall('Customers.get', array( 'id' => $id, 'loginname' => $loginname @@ -1530,7 +1522,7 @@ class Customers extends ApiCommand implements ResourceEntity updateCounters(false); $this->logger()->logAction(ADM_ACTION, LOG_INFO, "[API] moved user '" . $c_result['loginname'] . "' from admin/reseller '" . $c_result['adminname'] . " to admin/reseller '" . $a_result['loginname'] . "'"); - + $result = $this->apiCall('Customers.get', array( 'id' => $c_result['customerid'] )); diff --git a/lib/classes/api/commands/class.Emails.php b/lib/classes/api/commands/class.Emails.php index 759cc3b4..d4a36fc6 100644 --- a/lib/classes/api/commands/class.Emails.php +++ b/lib/classes/api/commands/class.Emails.php @@ -332,8 +332,6 @@ class Emails extends ApiCommand implements ResourceEntity if ($result['destination'] != '') { $result['destination'] = explode(' ', $result['destination']); $number_forwarders = count($result['destination']); - Customers::decreaseUsage($customer['customerid'], 'email_forwarders_used', '', $number_forwarders); - Admins::decreaseUsage($customer['customerid'], 'email_forwarders_used', '', $number_forwarders); } // check whether this address is an account if ($result['popaccountid'] != 0) { @@ -357,8 +355,13 @@ class Emails extends ApiCommand implements ResourceEntity Customers::decreaseUsage($customer['customerid'], 'email_accounts_used'); Admins::decreaseUsage($customer['customerid'], 'email_accounts_used'); $this->logger()->logAction($this->isAdmin() ? ADM_ACTION : USR_ACTION, LOG_INFO, "[API] deleted email account '" . $result['email_full'] . "'"); + $number_forwarders --; } + // decrease forwarder counter + Customers::decreaseUsage($customer['customerid'], 'email_forwarders_used', '', $number_forwarders); + Admins::decreaseUsage($customer['customerid'], 'email_forwarders_used', '', $number_forwarders); + if ($delete_userfiles) { inserttask('7', $customer['loginname'], $result['email_full']); } diff --git a/lib/classes/api/commands/class.Ftps.php b/lib/classes/api/commands/class.Ftps.php index 5fde2ed3..30276706 100644 --- a/lib/classes/api/commands/class.Ftps.php +++ b/lib/classes/api/commands/class.Ftps.php @@ -189,36 +189,11 @@ class Ftps extends ApiCommand implements ResourceEntity 'USR_PASS' => $password, 'USR_PATH' => makeCorrectDir(str_replace($customer['documentroot'], "/", $path)) ); - - $def_language = $customer['def_language']; - $result_stmt = Database::prepare(" - SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "` - WHERE `adminid` = :adminid - AND `language` = :lang - AND `templategroup`='mails' - AND `varname`='new_ftpaccount_by_customer_subject' - "); - Database::pexecute($result_stmt, array( - "adminid" => $customer['adminid'], - "lang" => $def_language - )); - $result = $result_stmt->fetch(PDO::FETCH_ASSOC); - $mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $this->lng['mails']['new_ftpaccount_by_customer']['subject']), $replace_arr)); - - $def_language = $customer['def_language']; - $result_stmt = Database::prepare(" - SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "` - WHERE `adminid` = :adminid - AND `language` = :lang - AND `templategroup`='mails' - AND `varname`='new_ftpaccount_by_customer_mailbody'"); - Database::pexecute($result_stmt, array( - "adminid" => $customer['adminid'], - "lang" => $def_language - )); - $result = $result_stmt->fetch(PDO::FETCH_ASSOC); - $mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $this->lng['mails']['new_ftpaccount_by_customer']['mailbody']), $replace_arr)); - + // get template for mail subject + $mail_subject = $this->getMailTemplate($customer, 'mails', 'new_ftpaccount_by_customer_subject', $replace_arr, $this->lng['mails']['new_ftpaccount_by_customer']['subject']); + // get template for mail body + $mail_body = $this->getMailTemplate($customer, 'mails', 'new_ftpaccount_by_customer_mailbody', $replace_arr, $this->lng['mails']['new_ftpaccount_by_customer']['mailbody']); + $_mailerror = false; try { $this->mailer()->Subject = $mail_subject; diff --git a/lib/classes/api/commands/class.Mysqls.php b/lib/classes/api/commands/class.Mysqls.php index 2954660b..a68f57eb 100644 --- a/lib/classes/api/commands/class.Mysqls.php +++ b/lib/classes/api/commands/class.Mysqls.php @@ -131,34 +131,12 @@ class Mysqls extends ApiCommand implements ResourceEntity 'DB_SRV' => $sql_root['host'], 'PMA_URI' => $pma ); - - $def_language = $userinfo['def_language']; - $result_stmt = Database::prepare(" - SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "` - WHERE `adminid` = :adminid - AND `language` = :lang - AND `templategroup`='mails' - AND `varname`='new_database_by_customer_subject' - "); - $result = Database::pexecute_first($result_stmt, array( - "adminid" => $userinfo['adminid'], - "lang" => $def_language - ), true, true); - $mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $this->lng['mails']['new_database_by_customer']['subject']), $replace_arr)); - - $result_stmt = Database::prepare(" - SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "` - WHERE `adminid`= :adminid - AND `language`= :lang - AND `templategroup` = 'mails' - AND `varname` = 'new_database_by_customer_mailbody' - "); - $result = Database::pexecute_first($result_stmt, array( - "adminid" => $userinfo['adminid'], - "lang" => $def_language - )); - $mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $this->lng['mails']['new_database_by_customer']['mailbody']), $replace_arr)); - + + // get template for mail subject + $mail_subject = $this->getMailTemplate($userinfo, 'mails', 'new_database_by_customer_subject', $replace_arr, $this->lng['mails']['new_database_by_customer']['subject']); + // get template for mail body + $mail_body = $this->getMailTemplate($userinfo, 'mails', 'new_database_by_customer_mailbody', $replace_arr, $this->lng['mails']['new_database_by_customer']['mailbody']); + $_mailerror = false; try { $this->mail->Subject = $mail_subject;