From ec42003367df64c5645a9d5ee5bcd95c75a82b6c Mon Sep 17 00:00:00 2001
From: Michael Kaufmann <d00p@froxlor.org>
Date: Sun, 12 Jan 2025 16:53:05 +0100
Subject: [PATCH] add safety when unsetting isemaildomain flag in domain, fixes
 #1305

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
---
 admin_domains.php                             | 19 ++++++++++++++++++-
 lib/Froxlor/Api/Commands/Domains.php          | 10 +++++++++-
 lib/Froxlor/User.php                          |  2 +-
 .../admin/domains/formfield.domains_edit.php  |  4 ++++
 lng/de.lng.php                                |  2 ++
 lng/en.lng.php                                |  2 ++
 6 files changed, 36 insertions(+), 3 deletions(-)

diff --git a/admin_domains.php b/admin_domains.php
index 722cf21b..fbbe0d7a 100644
--- a/admin_domains.php
+++ b/admin_domains.php
@@ -319,7 +319,7 @@ if ($page == 'domains' || $page == 'overview') {
 			$alias_check = $alias_check['count'];
 
 			$domain_emails_result_stmt = Database::prepare("
-				SELECT `email`, `email_full`, `destination`, `popaccountid` AS `number_email_forwarders`
+				SELECT `email`, `email_full`, `destination`, `popaccountid`
 				FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid` = :customerid AND `domainid` = :id
 			");
 			Database::pexecute($domain_emails_result_stmt, [
@@ -593,6 +593,23 @@ if ($page == 'domains' || $page == 'overview') {
 		}
 		echo 0;
 		exit();
+	} elseif ($action == 'jqEmaildomainNote') {
+		$domainid = intval(Request::post('id'));
+		$newval = intval(Request::post('newval'));
+		try {
+			$json_result = Domains::getLocal($userinfo, [
+				'id' => $domainid
+			])->get();
+		} catch (Exception $e) {
+			Response::dynamicError($e->getMessage());
+		}
+		$result = json_decode($json_result, true)['data'];
+		if ((int)$newval == 0 && $newval != $result['isemaildomain']) {
+			echo json_encode(['changed' => true, 'info' => lng('admin.emaildomainwarning')]);
+			exit();
+		}
+		echo 0;
+		exit();
 	} elseif ($action == 'import') {
 		if (Request::post('send') == 'send') {
 			$separator = Validate::validate(Request::post('separator'), 'separator');
diff --git a/lib/Froxlor/Api/Commands/Domains.php b/lib/Froxlor/Api/Commands/Domains.php
index 10e6a97e..93203e9b 100644
--- a/lib/Froxlor/Api/Commands/Domains.php
+++ b/lib/Froxlor/Api/Commands/Domains.php
@@ -1063,6 +1063,9 @@ class Domains extends ApiCommand implements ResourceEntity
 	 *            (default yes), 3 = always, default 0 (never)
 	 * @param bool $isemaildomain
 	 *            optional, allow email usage with this domain, default 0 (false)
+	 * @param bool $emaildomainverified
+	 *            optional, when setting $isemaildomain to false, this needs to be set to true to confirm the action in case email addresses exist for this domain,
+	 *            default 0 (false)
 	 * @param bool $email_only
 	 *            optional, restrict domain to email usage, default 0 (false)
 	 * @param int $selectserveralias
@@ -1190,6 +1193,7 @@ class Domains extends ApiCommand implements ResourceEntity
 
 			$subcanemaildomain = $this->getParam('subcanemaildomain', true, $result['subcanemaildomain']);
 			$isemaildomain = $this->getBoolParam('isemaildomain', true, $result['isemaildomain']);
+			$emaildomainverified = $this->getBoolParam('emaildomainverified', true, 0);
 			$email_only = $this->getBoolParam('email_only', true, $result['email_only']);
 			$p_serveraliasoption = $this->getParam('selectserveralias', true, -1);
 			$speciallogfile = $this->getBoolParam('speciallogfile', true, $result['speciallogfile']);
@@ -1273,7 +1277,7 @@ class Domains extends ApiCommand implements ResourceEntity
 
 			// count where we are used in email-accounts
 			$domain_emails_result_stmt = Database::prepare("
-				SELECT `email`, `email_full`, `destination`, `popaccountid` AS `number_email_forwarders`
+				SELECT `email`, `email_full`, `destination`, `popaccountid`
 				FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid` = :customerid AND `domainid` = :id
 			");
 			Database::pexecute($domain_emails_result_stmt, [
@@ -1296,6 +1300,10 @@ class Domains extends ApiCommand implements ResourceEntity
 				}
 			}
 
+			if ($emails > 0 && (int)$isemaildomain == 0 && (int)$result['isemaildomain'] == 1 && (int)$emaildomainverified == 0) {
+				Response::standardError('emaildomainstillhasaddresses', '', true);
+			}
+
 			// handle change of customer (move domain from customer to customer)
 			if ($customerid > 0 && $customerid != $result['customerid'] && Settings::Get('panel.allow_domain_change_customer') == '1') {
 				// check whether target customer has enough resources
diff --git a/lib/Froxlor/User.php b/lib/Froxlor/User.php
index c2f7857f..a60ffc06 100644
--- a/lib/Froxlor/User.php
+++ b/lib/Froxlor/User.php
@@ -152,7 +152,7 @@ class User
 			]);
 			$customer['emails_used_new'] = (int)$customer_emails['number_emails'];
 
-			$customer_emails_result_stmt = Database::prepare('SELECT `email`, `email_full`, `destination`, `popaccountid` AS `number_email_forwarders` FROM `' . TABLE_MAIL_VIRTUAL . '`
+			$customer_emails_result_stmt = Database::prepare('SELECT `email`, `email_full`, `destination`, `popaccountid` FROM `' . TABLE_MAIL_VIRTUAL . '`
 			WHERE `customerid` = :cid');
 			Database::pexecute($customer_emails_result_stmt, [
 				"cid" => $customer['customerid']
diff --git a/lib/formfields/admin/domains/formfield.domains_edit.php b/lib/formfields/admin/domains/formfield.domains_edit.php
index 7dd7f869..c4b884e1 100644
--- a/lib/formfields/admin/domains/formfield.domains_edit.php
+++ b/lib/formfields/admin/domains/formfield.domains_edit.php
@@ -213,6 +213,10 @@ return [
 						'type' => 'hidden',
 						'value' => '0'
 					],
+					'emaildomainverified' => [
+						'type' => 'hidden',
+						'value' => '0'
+					],
 				]
 			],
 			'section_bssl' => [
diff --git a/lng/de.lng.php b/lng/de.lng.php
index f1f75488..89e3c57b 100644
--- a/lng/de.lng.php
+++ b/lng/de.lng.php
@@ -504,6 +504,7 @@ return [
 		'apiguide' => 'API Guide',
 		'domain_duplicate' => 'Domain duplizieren',
 		'domain_duplicate_named' => '%s duplizieren',
+		'emaildomainwarning' => '<div id="emaildomainnote" class="invalid-feedback">ACHTUNG: Durch die Änderung dieser Einstellung löschen Sie alle bestehenden E-Mail-Adressen und -Konten unwiderruflich.</div>',
 	],
 	'apikeys' => [
 		'no_api_keys' => 'Keine API Keys gefunden',
@@ -976,6 +977,7 @@ return [
 		'invalidpgppublickey' => 'Der angegebene PGP Public Key ist ungültig',
 		'invalid_validtime' => 'Wert der valid_time in Sekunden muss zwischen 10 und 120 liegen.',
 		'customerphpenabledbutnoconfig' => 'Kunde hat PHP aktiviert aber keine PHP-Konfiguration wurde gewählt.',
+		'emaildomainstillhasaddresses' => 'Maildomain-Flag kann nicht deaktiviert werden, da für diese Domain noch E-Mail-Adressen vorhanden sind.',
 	],
 	'extras' => [
 		'description' => 'Hier können Sie zusätzliche Extras einrichten, wie zum Beispiel einen Verzeichnisschutz.<br />Die Änderungen sind erst nach einer kurzen Zeit wirksam.',
diff --git a/lng/en.lng.php b/lng/en.lng.php
index 031314c0..5065b5b1 100644
--- a/lng/en.lng.php
+++ b/lng/en.lng.php
@@ -519,6 +519,7 @@ return [
 		'backups' => [
 			'backups' => 'Backups',
 		],
+		'emaildomainwarning' => '<div id="emaildomainnote" class="invalid-feedback">WARNING: By changing this setting you will delete all existing e-mail addresses and -accounts permanently.</div>',
 	],
 	'apcuinfo' => [
 		'clearcache' => 'Clear APCu cache',
@@ -1048,6 +1049,7 @@ return [
 		'invalidpgppublickey' => 'The PGP Public Key is not valid',
 		'invalid_validtime' => 'Valid time in seconds can only be between 10 and 120',
 		'customerphpenabledbutnoconfig' => 'Customer has PHP activated but no PHP-configuration was selected.',
+		'emaildomainstillhasaddresses' => 'Cannot deactivate mail-domain flag, as there are still email-addresses for this domain.',
 	],
 	'extras' => [
 		'description' => 'Here you can add some extras, for example directory protection.<br />The system will need some time to apply the new settings after every change.',