geos_one/go-mailzu
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Domainadmin patch

Browse Source
This commit is contained in:
Mikko Husari 2008-12-10 17:41:16 +02:00
parent 2572b1814b
commit 773cf4217a
12 changed files with 407 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
config/config.php.sample
View File

@ -293,6 +293,13 @@ $conf['auth']['imap_domain_name'] = 'example.com';
// change settings // change settings
$conf['auth']['s_admins'] = array ('user1', 'user2'); $conf['auth']['s_admins'] = array ('user1', 'user2');
// List Of Domain Admins
// List of usernames that can control whole domain they belong to
// ie: john has emails john@porche.com and john.doe@lambo.com
// and john is listed as d_admin, then john can see and
// administer all quarantines under porche.com and lambo.com
$conf['auth']['d_admins'] = array ('john');
// List of Mail Admins // List of Mail Admins
// Mail Admins can see other users' spam and attachments // Mail Admins can see other users' spam and attachments
// and can perform any action on them // and can perform any action on them
@ -390,6 +397,10 @@ $conf['app']['showEmailAdmin'] = 1;
// $conf['app']['siteSummary'] = 1 // $conf['app']['siteSummary'] = 1
$conf['app']['siteSummary'] = 1; $conf['app']['siteSummary'] = 1;
// Enable/Disable Domain Quarantine Summary
$conf['app']['domainSummary'] = 1;
// Show Site Quarantine in search only mode if set to 1. // Show Site Quarantine in search only mode if set to 1.
// No message is displayed when clicking on 'Site quarantine'. // No message is displayed when clicking on 'Site quarantine'.
// Keep the default for for large sites. // Keep the default for for large sites.

107
domainAdmin.php Normal file
View File

@ -0,0 +1,107 @@
<?php
/**
* This file is the messages index in quarantine for logged in users.
* It provides a listing of all messages corresponding to:
* - attachment ('B')
* - spam ('S')
* @author Samuel Tran
* @author Brian Wong
* @author Jeremy Fowler <jfowler06@users.sourceforge.net>
* @version 04-03-07
* @package MailZu
*
* Copyright (C) 2005 - 2007 MailZu
* License: GPL, see LICENSE
*/
/**
* Include Template class
*/
include_once('lib/Template.class.php');
/**
* Include common output functions
*/
include_once('templates/common.template.php');
/**
* Include quarantine-specific output functions
*/
include_once('templates/quarantine.template.php');
if (!Auth::is_logged_in()) {
Auth::print_login_msg(); // Check if user is logged in
}
// grab the display size limit set in config.php
$sizeLimit = isset ( $conf['app']['displaySizeLimit'] ) && is_numeric( $conf['app']['displaySizeLimit'] ) ?
$conf['app']['displaySizeLimit'] : 50;
// Get current page number
$requestedPage = CmnFns::getGlobalVar('page', GET);
$_SESSION['sessionNav'] = "Domain Quarantine";
$db = new DBEngine();
$t = new Template(translate('Domain Quarantine'));
$t->printHTMLHeader();
$t->printWelcome();
$t->startMain();
// Break table into 2 columns, put quick links on left side and all other tables on the right
startQuickLinksCol();
showQuickLinks(); // Print out My Quick Links
startDataDisplayCol();
if (!Auth::isDomainAdmin() && !Auth::isMailAdmin()) {
CmnFns::do_error_box(translate('Access Denied'));
} else {
// Draw search engine
printSearchEngine($content_type, $_SERVER['PHP_SELF'], 1);
echo '<br>';
if ( CmnFns::getGlobalVar('search_action', GET) == translate('Clear search results') ) {
CmnFns::redirect_js($_SERVER['PHP_SELF'] . '?searchOnly=' . $conf['app']['searchOnly']);
}
$search_array1 = $db->convertSearch2SQL( 'msgs.from_addr', CmnFns::getGlobalVar('f_criterion', GET), CmnFns::getGlobalVar('f_string', GET) );
$search_array2 = $db->convertSearch2SQL( 'msgs.subject', CmnFns::getGlobalVar('s_criterion', GET), CmnFns::getGlobalVar('s_string', GET) );
$search_array3 = $db->convertSearch2SQL( 'recip.email', CmnFns::getGlobalVar('t_criterion', GET), CmnFns::getGlobalVar('t_string', GET) );
$search_array4 = $db->convertSearch2SQL( 'msgs.mail_id', CmnFns::getGlobalVar('m_criterion', GET), CmnFns::getGlobalVar('m_string', GET) );
$search_array = array_merge( $search_array1, $search_array2, $search_array3, $search_array4 );
$order = array('msgs.time_num', 'from_addr', 'msgs.subject', 'spam_level', 'recip.email', 'msgs.content', 'mail_id');
// Arbitrary type for Admin
$content_type = (CmnFns::get_ctype() ? CmnFns::get_ctype() : 'A');
//echo "Before query: " . date("l dS of F Y h:i:s A") . "<br><br>";
if ( CmnFns::getGlobalVar('searchOnly', GET) != 1 ) {
// Print a loading message until database returns...
printMessage(translate('Retrieving Messages...'));
$messages = $db->get_user_messages($content_type, $_SESSION['sessionMail'], CmnFns::get_value_order($order), CmnFns::get_vert_order(), $search_array, 0, 0, $requestedPage, false, true);
}
// Compute maximum number of pages
$maxPage = (ceil($db->numRows/$sizeLimit)-1);
// If $requestedPage > $maxPage, then redirect to $maxPage instead of $requestedPage
if ( $requestedPage > $maxPage ) {
$query_string = CmnFns::array_to_query_string( $_GET, array( 'page' ) );
$query_string = str_replace ( '&amp;', '&', $query_string );
CmnFns::redirect_js($_SERVER['PHP_SELF'].'?'.$query_string.'&page='.$maxPage);
}
if ( CmnFns::getGlobalVar('searchOnly', GET) != 1 ) {
showMessagesTable($content_type, $messages, $requestedPage, CmnFns::get_value_order($order), CmnFns::get_vert_order(), $db->numRows );
// Hide the message after the table loads.
hideMessage(translate('Retrieving Messages...'));
}
}
endDataDisplayCol();
$t->endMain();
$t->printHTMLFooter();
?>

97
domainPendingAdmin.php Normal file
View File

@ -0,0 +1,97 @@
<?php
/**
* Display all pending requests for the site.
*
* @author Brian Wong
* @author Jeremy Fowler <jfowler06@users.sourceforge.net>
* @version 04-03-07
* @package MailZu
*
* Copyright (C) 2005 - 2007 MailZu
* License: GPL, see LICENSE
*/
/**
* Include Template class
*/
include_once('lib/Template.class.php');
/**
* Include common output functions
*/
include_once('templates/common.template.php');
/**
* Include quarantine-specific output functions
*/
include_once('templates/quarantine.template.php');
if (!Auth::is_logged_in()) {
Auth::print_login_msg(); // Check if user is logged in
}
// grab the display size limit set in config.php
$sizeLimit = isset ( $conf['app']['displaySizeLimit'] ) && is_numeric( $conf['app']['displaySizeLimit'] ) ?
$conf['app']['displaySizeLimit'] : 50;
$_SESSION['sessionNav'] = "Domain Pending Requests";
// Get current page number
$requestedPage = CmnFns::getGlobalVar('page', GET);
$db = new DBEngine();
$t = new Template(translate('Domain Pending Requests'));
$t->printHTMLHeader();
$t->printWelcome();
$t->startMain();
// Break table into 2 columns, put quick links on left side and all other tables on the right
startQuickLinksCol();
showQuickLinks(); // Print out My Quick Links
startDataDisplayCol();
if (! Auth::isMailAdmin() && ! Auth::isDomainAdmin()) {
CmnFns::do_error_box(translate('Access Denied'));
} else {
// Draw search engine
printSearchEngine($content_type, $_SERVER['PHP_SELF'], 1);
echo '<br>';
if ( CmnFns::getGlobalVar('search_action', GET) == translate('Clear search results') ) CmnFns::redirect_js($_SERVER['PHP_SELF']);
$search_array1 = $db->convertSearch2SQL( 'msgs.from_addr', CmnFns::getGlobalVar('f_criterion', GET), CmnFns::getGlobalVar('f_string', GET) );
$search_array2 = $db->convertSearch2SQL( 'msgs.subject', CmnFns::getGlobalVar('s_criterion', GET), CmnFns::getGlobalVar('s_string', GET) );
$search_array3 = $db->convertSearch2SQL( 'recip.email', CmnFns::getGlobalVar('t_criterion', GET), CmnFns::getGlobalVar('t_string', GET) );
$search_array4 = $db->convertSearch2SQL( 'msgs.mail_id', CmnFns::getGlobalVar('m_criterion', GET), CmnFns::getGlobalVar('m_string', GET) );
$search_array = array_merge( $search_array1, $search_array2, $search_array3, $search_array4 );
$order = array('msgs.time_num', 'from_addr', 'msgs.subject', 'spam_level', 'recip.email', 'msgs.content', 'mail_id');
// Arbitrary type for Admin
$content_type = (CmnFns::get_ctype() ? CmnFns::get_ctype() : 'A');
// Print a loading message until database returns...
printMessage(translate('Retrieving Messages...'));
$messages = $db->get_user_messages($content_type, $_SESSION['sessionMail'], CmnFns::get_value_order($order), CmnFns::get_vert_order(), $search_array, 1, 1, $requestedPage, false, true);
// Compute maximum number of pages
$maxPage = (ceil($db->numRows/$sizeLimit)-1);
// If $requestedPage > $maxPage, then redirect to $maxPage instead of $requestedPage
if ( $requestedPage > $maxPage ) {
$query_string = CmnFns::array_to_query_string( $_GET, array( 'page' ) );
$query_string = str_replace ( '&amp;', '&', $query_string );
CmnFns::redirect_js($_SERVER['PHP_SELF'].'?'.$query_string.'&page='.$maxPage);
}
showMessagesTable($content_type, $messages, $requestedPage, CmnFns::get_value_order($order), CmnFns::get_vert_order());
// Hide the message after the table loads.
hideMessage(translate('Retrieving Messages...'));
}
endDataDisplayCol();
$t->endMain();
$t->printHTMLFooter();
?>

68
domainSummary.php Normal file
View File

@ -0,0 +1,68 @@
<?php
/**
* This file is the messages index in quarantine for the entire site.
* It provides a listing of all messages corresponding to:
* - attachment ('B')
* - spam ('S')
* - viruses ('V')
* - bad headers ('H')
* @author Samuel Tran
* @author Jeremy Fowler <jfowler06@users.sourceforge.net>
* @version 04-03-2007
* @package MailZu
*
* Copyright (C) 2005 - 2007 MailZu
* License: GPL, see LICENSE
*/
/**
* Include Template class
*/
include_once('lib/Template.class.php');
/**
* Include common output functions
*/
include_once('templates/common.template.php');
/**
* Include quarantine-specific output functions
*/
include_once('templates/summary.template.php');
if (!Auth::is_logged_in()) {
Auth::print_login_msg(); // Check if user is logged in
}
$_SESSION['sessionNav'] = "Domain Quarantine Summary";
$t = new Template(translate('Domain Quarantine Summary'));
$db = new DBEngine();
$t->printHTMLHeader();
$t->printWelcome();
$t->startMain();
// Break table into 2 columns, put quick links on left side and all other tables on the right
startQuickLinksCol();
showQuickLinks(); // Print out My Quick Links
startDataDisplayCol();
if ((! Auth::isDomainAdmin() && !Auth::isMailAdmin()) || ! $conf['app']['domainSummary']) {
CmnFns::do_error_box(translate('Access Denied'));
} else {
// Print a loading message until database returns...
printMessage(translate('Loading Summary...'));
$count_array = $db->get_user_summary($_SESSION['sessionMail'], true);
showSummary( $count_array );
// Hide the message after the table loads.
hideMessage(translate('Loading Summary...'));
}
endDataDisplayCol();
$t->endMain();
$t->printHTMLFooter();
?>

3
lang/en_US.lang.php
View File

@ -265,10 +265,12 @@ $strings['Showing messages'] = "Showing messages %s through %s &nbsp;&nbsp; (%s
$strings['View this message'] = 'View this message'; $strings['View this message'] = 'View this message';
$strings['Message Unavailable'] = 'Message Unavailable'; $strings['Message Unavailable'] = 'Message Unavailable';
$strings['My Quarantine'] = 'My Quarantine'; $strings['My Quarantine'] = 'My Quarantine';
$strings['Domain Quarantine'] = 'Domain Quarantine';
$strings['Site Quarantine'] = 'Site Quarantine'; $strings['Site Quarantine'] = 'Site Quarantine';
$strings['Message Processing'] = 'Message Processing'; $strings['Message Processing'] = 'Message Processing';
$strings['Quarantine Summary'] = 'Quarantine Summary'; $strings['Quarantine Summary'] = 'Quarantine Summary';
$strings['Site Quarantine Summary'] = 'Site Quarantine Summary'; $strings['Site Quarantine Summary'] = 'Site Quarantine Summary';
$strings['Domain Quarantine Summary'] = 'Domain Quarantine Summary';
$strings['Login'] = 'Login'; $strings['Login'] = 'Login';
$strings['spam(s)'] = 'spam(s)'; $strings['spam(s)'] = 'spam(s)';
$strings['attachment(s)'] = 'attachment(s)'; $strings['attachment(s)'] = 'attachment(s)';
@ -287,6 +289,7 @@ $strings['Select All'] = "Select All";
$strings['Clear All'] = "Clear All"; $strings['Clear All'] = "Clear All";
$strings['Access Denied'] = "Access Denied"; $strings['Access Denied'] = "Access Denied";
$strings['My Pending Requests'] = "My Pending Requests"; $strings['My Pending Requests'] = "My Pending Requests";
$strings['Domain Pending Requests'] = "Domain Pending Requests";
$strings['Site Pending Requests'] = "Site Pending Requests"; $strings['Site Pending Requests'] = "Site Pending Requests";
$strings['Cancel Request'] = "Cancel Request"; $strings['Cancel Request'] = "Cancel Request";
$strings['User is not allowed to login'] = "User is not allowed to login"; $strings['User is not allowed to login'] = "User is not allowed to login";

21
lib/Auth.class.php
View File

@ -71,6 +71,19 @@ class Auth {
return (isset($_SESSION['sessionMailAdmin']) || isset($_SESSION['sessionAdmin'])); return (isset($_SESSION['sessionMailAdmin']) || isset($_SESSION['sessionAdmin']));
} }
/**
* Check if user is a domain/site administrator
* This function checks to see if the currently
* logged in user is the administrator, granting
* them special permissions
* @param none
* @return boolean whether the user is a d_admin
*/
function isDomainAdmin() {
return (isset($_SESSION['sessionDomainAdmin']) || isset($_SESSION['sessionAdmin']));
}
/** /**
* Check user login * Check user login
* This function checks to see if the user has * This function checks to see if the user has
@ -113,6 +126,7 @@ class Auth {
$_SESSION['sessionMail'] = null; $_SESSION['sessionMail'] = null;
$_SESSION['sessionAdmin'] = null; $_SESSION['sessionAdmin'] = null;
$_SESSION['sessionMailAdmin'] = null; $_SESSION['sessionMailAdmin'] = null;
$_SESSION['sessionDomainAdmin'] = null;
$_SESSION['sessionNav'] = null; $_SESSION['sessionNav'] = null;
$login = stripslashes($login); $login = stripslashes($login);
@ -272,6 +286,13 @@ class Auth {
} }
} }
// If it is the mail admin, set session variable
foreach ($conf['auth']['d_admins'] as $d_admin) {
if (strtolower($d_admin) == strtolower($_SESSION['sessionID'])) {
$_SESSION['sessionDomainAdmin'] = true;
}
}
if ($lang != '') { if ($lang != '') {
set_language($lang); set_language($lang);
} }

6
lib/CmnFns.class.php
View File

@ -507,7 +507,7 @@ class CmnFns {
$fields_array = array("f" => translate('From'), $fields_array = array("f" => translate('From'),
"s" => translate('Subject') "s" => translate('Subject')
); );
if (Auth::isMailAdmin() || $conf['app']['allowMailid']) { if ((Auth::isMailAdmin() || Auth::isDomainAdmin()) || $conf['app']['allowMailid']) {
$fields_array = array_merge(array("m" => "Mail ID"), $fields_array); $fields_array = array_merge(array("m" => "Mail ID"), $fields_array);
} }
if ($full_search) $fields_array = array_merge(array("t" => translate('To')), $fields_array); if ($full_search) $fields_array = array_merge(array("t" => translate('To')), $fields_array);
@ -551,11 +551,11 @@ class CmnFns {
<? echo translate('Spam'); ?></option> <? echo translate('Spam'); ?></option>
<option value="B" <? echo ($content_type == 'B' ? ' selected="true"':''); ?>> <option value="B" <? echo ($content_type == 'B' ? ' selected="true"':''); ?>>
<? echo translate('Banned'); ?></option> <? echo translate('Banned'); ?></option>
<? if (Auth::isMailAdmin() || $conf['app']['allowViruses']) { ?> <? if ((Auth::isMailAdmin() || Auth::isDomainAdmin()) || $conf['app']['allowViruses']) { ?>
<option value="V" <? echo ($content_type == 'V' ? ' selected="true"':''); ?>> <option value="V" <? echo ($content_type == 'V' ? ' selected="true"':''); ?>>
<? echo translate('Virus'); ?></option> <? echo translate('Virus'); ?></option>
<? } <? }
if (Auth::isMailAdmin() || $conf['app']['allowBadHeaders']) { ?> if ((Auth::isMailAdmin() || Auth::isDomainAdmin()) || $conf['app']['allowBadHeaders']) { ?>
<option value="H" <? echo ($content_type == 'H' ? ' selected="true"':''); ?>> <option value="H" <? echo ($content_type == 'H' ? ' selected="true"':''); ?>>
<? echo translate('Bad Header'); ?></option> <? echo translate('Bad Header'); ?></option>
<? } <? }

26
lib/DBEngine.class.php
View File

@ -222,6 +222,8 @@ class DBEngine {
return $return; return $return;
} }
// User methods ------------------------------------------- // User methods -------------------------------------------
/** /**
@ -229,7 +231,7 @@ class DBEngine {
* @param string full email address * @param string full email address
* @return array of the 5 counts * @return array of the 5 counts
*/ */
function get_user_summary($emailaddresses) { function get_user_summary($emailaddresses,$domainsonly=false) {
global $conf; global $conf;
@ -237,7 +239,7 @@ class DBEngine {
$total = array('spam' => 0, 'banned' => 0, 'virus' => 0, 'header' => 0, 'pending' => 0, 'total' => 0); $total = array('spam' => 0, 'banned' => 0, 'virus' => 0, 'header' => 0, 'pending' => 0, 'total' => 0);
// Get where clause for recipient email address(es) // Get where clause for recipient email address(es)
$recipEmailClause = $this->convertEmailaddresses2SQL($emailaddresses); $recipEmailClause = $this->convertEmailaddresses2SQL($emailaddresses,$domainsonly);
# mysql seems to run faster with a left join # mysql seems to run faster with a left join
if ($conf['db']['dbtype'] == 'mysql') { if ($conf['db']['dbtype'] == 'mysql') {
@ -361,7 +363,7 @@ class DBEngine {
* @param boolean $get_all, if true get all messages. False by default. * @param boolean $get_all, if true get all messages. False by default.
* @return array of messages in quarantine * @return array of messages in quarantine
*/ */
function get_user_messages($content_type, $emailaddresses, $order = 'msgs.time_num', $vert = 'DESC', $search_array = '', $msgs_all = false, $rs_option = 0, $page = 0, $get_all = false) { function get_user_messages($content_type, $emailaddresses, $order = 'msgs.time_num', $vert = 'DESC', $search_array = '', $msgs_all = false, $rs_option = 0, $page = 0, $get_all = false, $domainsonly = false) {
global $conf; global $conf;
@ -388,7 +390,7 @@ class DBEngine {
if ( ! $msgs_all) { if ( ! $msgs_all) {
// Get where clause for recipient email address(es) // Get where clause for recipient email address(es)
$emailaddr_clause = ( ! empty($emailaddresses) ? $emailaddr_clause = ( ! empty($emailaddresses) ?
' AND ' . $this->convertEmailaddresses2SQL($emailaddresses) : ' AND ' . $this->convertEmailaddresses2SQL($emailaddresses, $domainsonly) :
'' ); '' );
} }
@ -406,7 +408,7 @@ class DBEngine {
$rs_clause = ''; $rs_clause = '';
} }
if ( Auth::isMailAdmin() ) { if ( Auth::isMailAdmin() || Auth::isDomainAdmin() ) {
$type_clause = ($content_type == 'A' ? ' msgs.content in (\'S\', \'B\', \'V\', \'H\')' $type_clause = ($content_type == 'A' ? ' msgs.content in (\'S\', \'B\', \'V\', \'H\')'
: ' msgs.content=?'); : ' msgs.content=?');
} else { } else {
@ -433,7 +435,6 @@ class DBEngine {
$search_clause $search_clause
AND msgs.quar_type <> '' AND msgs.quar_type <> ''
ORDER BY $order $vert "; ORDER BY $order $vert ";
// Prepare query // Prepare query
$q = $this->db->prepare($query); $q = $this->db->prepare($query);
@ -737,7 +738,7 @@ class DBEngine {
* @param array $emailaddresses list of email address(es) * @param array $emailaddresses list of email address(es)
* @return string containing SQL code * @return string containing SQL code
*/ */
function convertEmailaddresses2SQL($emailaddresses) { function convertEmailaddresses2SQL($emailaddresses, $domainsonly=false) {
global $conf; global $conf;
$result = ''; $result = '';
@ -746,10 +747,14 @@ class DBEngine {
if ( is_array($emailaddresses) && !empty($emailaddresses) ) { if ( is_array($emailaddresses) && !empty($emailaddresses) ) {
foreach ( $emailaddresses as $value ) { foreach ( $emailaddresses as $value ) {
// Append an address to lookup // Append an address to lookup
$emailtuple .= ( $emailtuple != '' ? ", '$value'" : "'$value'" ); if ($domainsonly) {
list($localpart, $domain) = explode("@", $value);
$value = "%@".$domain;
} }
$result = " recip.email in ($emailtuple) "; $emailtuple .= ( $emailtuple != '' ? " OR recip.email LIKE '$value'" : "'$value'" );
}
$result = " recip.email LIKE $emailtuple ";
if (!$domainsonly) {
// Configured to support recipient delimiters? // Configured to support recipient delimiters?
if(!empty($conf['recipient_delimiter']) ) { if(!empty($conf['recipient_delimiter']) ) {
$delimiter = $conf['recipient_delimiter']; $delimiter = $conf['recipient_delimiter'];
@ -761,6 +766,7 @@ class DBEngine {
} }
} }
} }
}
// Return results within parentheses to isolate OR statements // Return results within parentheses to isolate OR statements
return "($result)"; return "($result)";
} }

8
lib/Quarantine.lib.php
View File

@ -70,7 +70,7 @@ function releaseMessages($emailaddresses, $mail_id_array) {
$recip_email = $temp[1]; $recip_email = $temp[1];
// Check if logged in user is admin or logged in user is trying to release his own messages // Check if logged in user is admin or logged in user is trying to release his own messages
if ( Auth::isMailAdmin() || in_array($recip_email, $emailaddresses) ) if ( Auth::isMailAdmin() || Auth::isDomainAdmin() || in_array($recip_email, $emailaddresses) )
$result = $db->get_message($recip_email, $mail_id); $result = $db->get_message($recip_email, $mail_id);
else else
continue; continue;
@ -79,7 +79,7 @@ function releaseMessages($emailaddresses, $mail_id_array) {
// if content type is 'B' or 'V' and the logged in user is not admin // if content type is 'B' or 'V' and the logged in user is not admin
// add message to array of release request // add message to array of release request
if ( in_array($rs['content'], array( 'B', 'V')) && ! Auth::isMailAdmin() ) { if ( in_array($rs['content'], array( 'B', 'V')) && (! Auth::isMailAdmin() && ! Auth::isDomainAdmin()) ) {
$release_req_messages[ $j ] = array( $release_req_messages[ $j ] = array(
"mail_id" => $mail_id, "mail_id" => $mail_id,
"from_addr" => $rs[ 'from_addr' ], "from_addr" => $rs[ 'from_addr' ],
@ -234,7 +234,7 @@ function updateMessages($flag, $content_type, $emailaddresses, $mail_id_array, $
for ($i = 0; is_array($res) && $i < count($res); $i++) { for ($i = 0; is_array($res) && $i < count($res); $i++) {
$rs = $res[$i]; $rs = $res[$i];
if ( Auth::isMailAdmin() || in_array($rs['email'], $emailaddresses) ) { if ( Auth::isMailAdmin() || Auth::isDomainAdmin() || in_array($rs['email'], $emailaddresses) ) {
if ( ! $db->update_msgrcpt_rs($rs['mail_id'], $rs['email'], $flag ) ) { if ( ! $db->update_msgrcpt_rs($rs['mail_id'], $rs['email'], $flag ) ) {
$rs = $result[0]; $rs = $result[0];
$result_array[ $i ] = array( $result_array[ $i ] = array(
@ -263,7 +263,7 @@ function updateMessages($flag, $content_type, $emailaddresses, $mail_id_array, $
$recip_email = $temp[1]; $recip_email = $temp[1];
// Check if logged in user is admin or logged in user is trying to delete his own messages // Check if logged in user is admin or logged in user is trying to delete his own messages
if ( Auth::isMailAdmin() || in_array($recip_email, $emailaddresses) ) { if ( Auth::isMailAdmin() || Auth::isDomainAdmin() || in_array($recip_email, $emailaddresses) ) {
$result = $db->get_message($recip_email, $mail_id); $result = $db->get_message($recip_email, $mail_id);
} else { } else {
continue; continue;

15
messagesProcessing.php
View File

@ -35,7 +35,6 @@ if (!Auth::is_logged_in()) {
error_reporting(0); error_reporting(0);
$db = new DBEngine(); $db = new DBEngine();
$t = new Template(translate('Message Processing')); $t = new Template(translate('Message Processing'));
$t->printHTMLHeader(); $t->printHTMLHeader();
@ -52,16 +51,30 @@ $content_type = CmnFns::get_ctype();
$query_string = CmnFns::get_query_string(); $query_string = CmnFns::get_query_string();
$mail_id_array = CmnFns::getGlobalVar('mail_id_array', POST); $mail_id_array = CmnFns::getGlobalVar('mail_id_array', POST);
/*
echo "<pre>";
print_r($mail_id_array);
echo "</pre>";
*/
switch ( $_SESSION['sessionNav'] ) { switch ( $_SESSION['sessionNav'] ) {
case 'My Quarantine': case 'My Quarantine':
$referral = 'messagesIndex.php'; $referral = 'messagesIndex.php';
break; break;
case 'Domain Quarantine':
$referral = 'domainAdmin.php';
break;
case 'Site Quarantine': case 'Site Quarantine':
$referral = 'messagesAdmin.php'; $referral = 'messagesAdmin.php';
break; break;
case 'My Pending Requests': case 'My Pending Requests':
$referral = 'messagesPending.php'; $referral = 'messagesPending.php';
break; break;
case 'Domain Pending Requests':
$referral = 'domainPendingAdmin.php';
break;
case 'Site Pending Requests': case 'Site Pending Requests':
$referral = 'messagesPending.php'; $referral = 'messagesPending.php';
break; break;

31
templates/common.template.php
View File

@ -78,7 +78,30 @@ function showQuickLinks() {
?> ?>
</p> </p>
<br> <br>
<? if (Auth::isMailAdmin()) { <?
if (Auth::isDomainAdmin()) {
if ($conf['app']['domainSummary']) {
echo "Domain Quarantine Summary" == $_SESSION['sessionNav'] ?
' <p class="selectedLink"><b>&raquo;</b>':
" <p><b>&#8250;</b>\t";
$link->doLink('domainSummary.php', translate('Domain Quarantine Summary'));
echo '</p>';
}
echo "Domain Quarantine" == $_SESSION['sessionNav'] ?
' <p class="selectedLink"><b>&raquo;</b>':
" <p><b>&#8250;</b>\t";
$link->doLink('domainAdmin.php?ctype=A&searchOnly='.$conf['app']['searchOnly'], translate('Domain Quarantine'));
echo '</p>';
echo "Domain Pending Requests" == $_SESSION['sessionNav'] ?
' <p class="selectedLink"><b>&raquo;</b>':
" <p><b>&#8250;</b>\t";
$link->doLink('domainPendingAdmin.php?ctype=A', translate('Domain Pending Requests'));
echo '</p>';
echo '<br>';
}
if (Auth::isMailAdmin()) {
if ($conf['app']['siteSummary']) { if ($conf['app']['siteSummary']) {
echo "Site Quarantine Summary" == $_SESSION['sessionNav'] ? echo "Site Quarantine Summary" == $_SESSION['sessionNav'] ?
' <p class="selectedLink"><b>&raquo;</b>': ' <p class="selectedLink"><b>&raquo;</b>':
@ -99,7 +122,7 @@ function showQuickLinks() {
echo '</p>'; echo '</p>';
echo '<br>'; echo '<br>';
} }
if ((! Auth::isMailAdmin()) && ($conf['app']['showEmailAdmin'])) { if ((! Auth::isMailAdmin() && ! Auth::isDomainAdmin()) && ($conf['app']['showEmailAdmin'])) {
echo "Email Administrator" == $_SESSION['sessionNav'] ? echo "Email Administrator" == $_SESSION['sessionNav'] ?
' <p class="selectedLink"><b>&raquo;</b>': ' <p class="selectedLink"><b>&raquo;</b>':
" <p><b>&#8250;</b>\t"; " <p><b>&#8250;</b>\t";
@ -194,10 +217,10 @@ function printActionButtons( $printDeleteAll = true ) {
<? <?
echo "<td align=\"left\"><input type=\"submit\" class=\"button\" name=\"action\" value=\""; echo "<td align=\"left\"><input type=\"submit\" class=\"button\" name=\"action\" value=\"";
if ($_SESSION['sessionNav'] == "My Pending Requests") { if ($_SESSION['sessionNav'] == "My Pending Requests") {
echo ( Auth::isMailAdmin() ? translate('Release') : translate('Cancel Request') ); echo ( Auth::isMailAdmin()|| Auth::isDomainAdmin() ? translate('Release') : translate('Cancel Request') );
} else { } else {
echo ( Auth::isMailAdmin() ? translate('Release') : translate('Release/Request release') ); echo ( Auth::isMailAdmin() || Auth::isDomainAdmin() ? translate('Release') : translate('Release/Request release') );
} }
echo "\"></td>"; echo "\"></td>";
?> ?>

34
templates/quarantine.template.php
View File

@ -60,7 +60,7 @@ function showMessagesTable($content_type, $res, $page, $order, $vert, $numRows =
<input type="hidden" name="query_string" value="<? echo $query_string; ?>"> <input type="hidden" name="query_string" value="<? echo $query_string; ?>">
<? // Draw 'Release', 'Delete' and 'Delete All' buttons <? // Draw 'Release', 'Delete' and 'Delete All' buttons
printActionButtons((! CmnFns::didSearch() && ! ("Site Quarantine" == $_SESSION['sessionNav'])) ); printActionButtons((! CmnFns::didSearch() && ! ("Site Quarantine" == $_SESSION['sessionNav']) && !("Domain Quarantine" == $_SESSION['sessionNav'])) );
// Draw 'Select All, Clear All' and multi pages links // Draw 'Select All, Clear All' and multi pages links
printSelectAndPager($pager_html); printSelectAndPager($pager_html);
@ -93,8 +93,11 @@ function showMessagesTable($content_type, $res, $page, $order, $vert, $numRows =
<!-- Print table's headers --> <!-- Print table's headers -->
<tr class="rowHeaders"> <tr class="rowHeaders">
<td width="3%">&nbsp;</td> <td width="3%">&nbsp;</td>
<? if ( (count($_SESSION['sessionMail']) > 1) || ((Auth::isMailAdmin()) && <? if ( (count($_SESSION['sessionMail']) > 1) || ((Auth::isMailAdmin() || Auth::isDomainAdmin()) &&
("Site Quarantine" == $_SESSION['sessionNav'] || "Site Pending Requests" == $_SESSION['sessionNav']))) { ?> ("Site Quarantine" == $_SESSION['sessionNav'] || "Site Pending Requests" == $_SESSION['sessionNav'])
||
("Domain Quarantine" == $_SESSION['sessionNav'] || "Domain Pending Requests" == $_SESSION['sessionNav'])
)) { ?>
<td width="15%" <? echo "recip.email"==$order?' class="reservedCell"':''; ?>> <td width="15%" <? echo "recip.email"==$order?' class="reservedCell"':''; ?>>
<? $link->doLink($_SERVER['PHP_SELF'] . '?' . CmnFns::querystring_exclude_vars( array('order','vert')) <? $link->doLink($_SERVER['PHP_SELF'] . '?' . CmnFns::querystring_exclude_vars( array('order','vert'))
. '&amp;order=recip.email&amp;vert=' . $new_vert, translate('To'), '', '', $mouseover_text) ?> . '&amp;order=recip.email&amp;vert=' . $new_vert, translate('To'), '', '', $mouseover_text) ?>
@ -120,8 +123,9 @@ function showMessagesTable($content_type, $res, $page, $order, $vert, $numRows =
<? $link->doLink($_SERVER['PHP_SELF'] . '?' . CmnFns::querystring_exclude_vars( array('order','vert')) <? $link->doLink($_SERVER['PHP_SELF'] . '?' . CmnFns::querystring_exclude_vars( array('order','vert'))
. '&amp;order=msgs.content&amp;vert=' . $new_vert, translate('Content Type'), '', '', $mouseover_text) ?> . '&amp;order=msgs.content&amp;vert=' . $new_vert, translate('Content Type'), '', '', $mouseover_text) ?>
</td> </td>
<? if ( (Auth::isMailAdmin()) && <? if ( Auth::isMailAdmin() &&
("Site Quarantine" == $_SESSION['sessionNav'] || "Site Pending Requests" == $_SESSION['sessionNav'])) { ?> ("Site Quarantine" == $_SESSION['sessionNav'] || "Site Pending Requests" == $_SESSION['sessionNav'])
) { ?>
<td width="10%" <? echo "mail_id"==$order?' class="reservedCell"':''; ?>> <td width="10%" <? echo "mail_id"==$order?' class="reservedCell"':''; ?>>
<? $link->doLink($_SERVER['PHP_SELF'] . '?' . CmnFns::querystring_exclude_vars( array('order','vert')) <? $link->doLink($_SERVER['PHP_SELF'] . '?' . CmnFns::querystring_exclude_vars( array('order','vert'))
. '&amp;order=mail_id&amp;vert=' . $new_vert, translate('Mail ID'), '', '', $mouseover_text) ?> . '&amp;order=mail_id&amp;vert=' . $new_vert, translate('Mail ID'), '', '', $mouseover_text) ?>
@ -135,8 +139,10 @@ function showMessagesTable($content_type, $res, $page, $order, $vert, $numRows =
// Make sure that there is a clickable subject // Make sure that there is a clickable subject
$subject = $rs['subject'] ? htmlspecialchars($rs['subject']) : '(none)'; $subject = $rs['subject'] ? htmlspecialchars($rs['subject']) : '(none)';
$from = $rs['from_addr'] ? htmlspecialchars($rs['from_addr']) : '(none)'; $from = $rs['from_addr'] ? htmlspecialchars($rs['from_addr']) : '(none)';
if ( (count($_SESSION['sessionMail']) > 1) || (Auth::isMailAdmin() && if ( (count($_SESSION['sessionMail']) > 1) || ((Auth::isMailAdmin() || Auth::isDomainAdmin()) &&
("Site Quarantine" == $_SESSION['sessionNav'] || "Site Pending Requests" == $_SESSION['sessionNav']))) { (
("Site Quarantine" == $_SESSION['sessionNav'] || "Site Pending Requests" == $_SESSION['sessionNav'])
|| ("Domain Quarantine" == $_SESSION['sessionNav'] || "Domain Pending Requests" == $_SESSION['sessionNav'])))) {
$to = $rs['email'] ? htmlspecialchars($rs['email']) : '(none)'; $to = $rs['email'] ? htmlspecialchars($rs['email']) : '(none)';
} }
$class = ( $rs['content'] == 'V' ? 'cellVirus' : 'cellColor') . ($i%2); $class = ( $rs['content'] == 'V' ? 'cellVirus' : 'cellColor') . ($i%2);
@ -144,8 +150,12 @@ function showMessagesTable($content_type, $res, $page, $order, $vert, $numRows =
echo ' <td><input type="checkbox" onclick="ColorRow(this,\'lightyellow\')" echo ' <td><input type="checkbox" onclick="ColorRow(this,\'lightyellow\')"
name="mail_id_array[]" value="' . $rs['mail_id'] . '_' . $rs['email'] . '"></td>'; name="mail_id_array[]" value="' . $rs['mail_id'] . '_' . $rs['email'] . '"></td>';
if ( (count($_SESSION['sessionMail']) > 1) || (Auth::isMailAdmin() && if ( (count($_SESSION['sessionMail']) > 1) || ((Auth::isMailAdmin() || Auth::isDomainAdmin()) &&
("Site Quarantine" == $_SESSION['sessionNav'] || "Site Pending Requests" == $_SESSION['sessionNav']))) { (
("Site Quarantine" == $_SESSION['sessionNav'] || "Site Pending Requests" == $_SESSION['sessionNav']))
|| ("Domain Quarantine" == $_SESSION['sessionNav'] || "Domain Pending Requests" == $_SESSION['sessionNav'])
)
) {
echo ' <td>' . $to . '</td>'; echo ' <td>' . $to . '</td>';
} }
echo ' <td>' . $from . '</td>'; echo ' <td>' . $from . '</td>';
@ -180,7 +190,8 @@ function showMessagesTable($content_type, $res, $page, $order, $vert, $numRows =
echo ( $rs['content'] == 'V' ? '<td class="typeVirus">' : '<td>') . $type . '</td>'; echo ( $rs['content'] == 'V' ? '<td class="typeVirus">' : '<td>') . $type . '</td>';
if ( Auth::isMailAdmin() && if ( Auth::isMailAdmin() &&
("Site Quarantine" == $_SESSION['sessionNav'] || "Site Pending Requests" == $_SESSION['sessionNav'])) { ("Site Quarantine" == $_SESSION['sessionNav'] || "Site Pending Requests" == $_SESSION['sessionNav'])
) {
echo ' <td>' . $rs['mail_id'] . '</td>'; echo ' <td>' . $rs['mail_id'] . '</td>';
} }
@ -195,7 +206,8 @@ function showMessagesTable($content_type, $res, $page, $order, $vert, $numRows =
<? // Draw 'Select All, Clear All' and multi pages links <? // Draw 'Select All, Clear All' and multi pages links
printSelectAndPager($pager_html); printSelectAndPager($pager_html);
// Draw 'Release', 'Delete' and 'Delete All' buttons // Draw 'Release', 'Delete' and 'Delete All' buttons
printActionButtons((! CmnFns::didSearch() && ! ("Site Quarantine" == $_SESSION['sessionNav'])) ); // printActionButtons((! CmnFns::didSearch() && ! ("Site Quarantine" == $_SESSION['sessionNav'])) );
printActionButtons((! CmnFns::didSearch() && ! ("Site Quarantine" == $_SESSION['sessionNav']) && !("Domain Quarantine" == $_SESSION['sessionNav'])) );
unset($res); ?> unset($res); ?>