quote(VMAIL_SHARED_USER); $sql = <<fetchObjectList($sql); } /* * Import from Password Plugin for Roundcube: password.php * distributed under the GNU GPL v3 or later * Author Aleksander Machniak */ protected static function random_salt($length) { $possible = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ./'; $str = ''; while (strlen($str) < $length) { $str .= substr($possible, (rand() % strlen($possible)), 1); } return $str; } protected static function encryptPasswd_encrypt($pw) { if (!defined('VMAIL_CRYPT_HASH')) return $pw; switch (VMAIL_CRYPT_HASH) { case 'MD5': return md5($pw); break; case 'MD5-CRYPT': return crypt($pw, '$1$' . static::random_salt(9)); break; case 'SHA256-CRYPT': return crypt($pw, '$5$' . static::random_salt(16)); break; case 'SHA512-CRYPT': return crypt($pw, '$6$' . static::random_salt(16)); break; default: throw new Exception('Please configure VMAIL_CRYPT_HASH properly'); } } protected function deleteFromSharedFolder($email, $commit=false) { $report = ''; $report .= "Suche Mitgliedschaft in gemeinsamen Mail-Foldern\n"; $sql = <<id); foreach ($this->db->fetchObjectList($sql) as $row) { $report .= sprintf("Lösche %s aus gemeinsamem Mail-Folder %s\n", $email, $row->folder); $cmd = sprintf('sudo -u vmail /etc/dovecot/share-folder-del %s %s %s > /dev/null 2>&1', $row->from_user, $row->folder, $email); debug($cmd); if (defined('IS_JOEY')) $report .= $cmd . PHP_EOL; // FIXME if ($commit && file_exists('/etc/dovecot/share-folder-add')) system($cmd); $sql = sprintf("DELETE FROM vmail_folder_user WHERE id = %d", $row->id); if (defined('IS_JOEY')) $report .= $sql . PHP_EOL; // FIXME if ($commit) $this->db->execute($sql); } return $report; } public function deleteUser($commit=false) { if (!$this->id) throw new Exception("No user id provided"); $report = ''; $domain = new VMail_Domain($this->data->vmail_domain_id); $email = sprintf("%s@%s", $this->data->username, $domain->get('name')); $alias = new VMail_Alias(); $report .= $alias->deleteFromDestination($email, $commit); $report .= $this->deleteFromSharedFolder($email, $commit); if (defined('ROUNDCUBE_DBDRIVER')) { $report .= $alias->deleteFromRoundcubeIdentities($email, $commit); } $report .= sprintf("Lösche %s aus Mailboxen\n", $email); $sql = sprintf("DELETE FROM %s WHERE id = %d", $this->table, $this->id); if (defined('IS_JOEY')) $report .= $sql . PHP_EOL; // FIXME if ($commit) $this->db->execute($sql); return $report; } public function ajaxCreateMailbox(Array $data) { if (!$this->id) throw new Exception("No user id provided"); debug('/etc/dovecot/auto-create-mailbox'); if (!file_exists('/etc/dovecot/auto-create-mailbox')) return true; $sql = sprintf("SELECT username,name FROM vmail_user JOIN vmail_domain ON vmail_domain.id = vmail_domain_id WHERE vmail_user.id = %d", $this->id); $row = $this->db->fetchObject($sql); $f = popen('sudo -u vmail /etc/dovecot/auto-create-mailbox', 'w'); if ($f === false) return false; fwrite($f, $row->name . "\n"); fwrite($f, $row->username . "\n"); pclose($f); return true; } public function ajaxSetPassword(Array $data) { return $this->modify(['password' => static::encryptPasswd_encrypt($data['passwd'])]); } public function ajaxSieveCopy(Array $data) { if (!$this->id) throw new Exception("No user id provided"); debug('/etc/dovecot/sieve-copy'); if (!file_exists('/etc/dovecot/sieve-copy')) return true; $sql = sprintf("SELECT username,name FROM vmail_user JOIN vmail_domain ON vmail_domain.id = vmail_domain_id WHERE vmail_user.id = %d", $this->id); $row = $this->db->fetchObject($sql); $f = popen('sudo -u vmail /etc/dovecot/sieve-copy', 'w'); if ($f === false) return false; fwrite($f, $row->name . "\n"); fwrite($f, $row->username . "\n"); pclose($f); $rdb = new Database(ROUNDCUBE_DBDRIVER, ROUNDCUBE_DBHOST, ROUNDCUBE_DBNAME, ROUNDCUBE_DBUSER, ROUNDCUBE_DBPASS); if (defined('MAIL_ERROR')) $rdb->setErrorMail(MAIL_ERROR); $sql = sprintf("SELECT name,email FROM identities JOIN users using(user_id) WHERE username = %s AND email not like '%%@localhost'", $rdb->quote($row->username)); $row = $rdb->fetchObject($sql); if ($row === false) { return array('need_identity' => true); } else { $sql = "SELECT user_id FROM users WHERE username = 'shared'"; $shared_id = $rdb->fetchValue($sql); $sql = sprintf("SELECT identity_id FROM identities WHERE user_id = %d AND email = %s", $shared_id, $rdb->quote($row->email)); $identity = $rdb->fetchValue($sql); if ($identity === false) { $sql = sprintf("INSERT INTO identities (user_id, changed, del, standard, name, email) " . "VALUES (%d, now(), 0, 1, %s, %s)", $shared_id, $rdb->quote($row->name), $rdb->quote($row->email)); $rdb->execute($sql); } } return ['need_identity' => false]; } public function ajaxSieveRestore(Array $data) { if (!$this->id) throw new Exception("No user id provided"); debug('/etc/dovecot/sieve-retrieve'); if (!file_exists('/etc/dovecot/sieve-retrieve')) return true; $sql = sprintf("SELECT username,name FROM vmail_user JOIN vmail_domain ON vmail_domain.id = vmail_domain_id WHERE vmail_user.id = %d", $this->id); $row = $db->fetchObject($sql); $f = popen('sudo -u vmail /etc/dovecot/sieve-retrieve', 'w'); if ($f === false) return false; fwrite($f, $row->name . "\n"); fwrite($f, $row->username . "\n"); pclose($f); $rdb = new Database(ROUNDCUBE_DBDRIVER, ROUNDCUBE_DBHOST, ROUNDCUBE_DBNAME, ROUNDCUBE_DBUSER, ROUNDCUBE_DBPASS); if (defined('MAIL_ERROR')) $rdb->setErrorMail(MAIL_ERROR); $sql = sprintf("SELECT name,email FROM identities JOIN users using(user_id) WHERE username = %s AND email not like '%%@localhost'", $rdb->quote($row->username)); $row = $rdb->fetchObject($sql); if ($row !== false) { $sql = "SELECT user_id FROM users WHERE username = 'shared'"; $shared_id = $rdb->fetchValue($sql); $sql = sprintf("DELETE FROM identities WHERE user_id = %d AND email = %s", $shared_id, $rdb->quote($row->email)); $rdb->execute($sql); } return true; } public function ajaxDeleteReport(Array $data) { $report = $this->deleteUser(false); debug(utf8_decode($report)); return ['report' => nl2br($report)]; } public function ajaxDeleteUser(Array $data) { $report = $this->deleteUser(IS_JOEY != false); debug(utf8_decode($report)); return ['text' => sprintf("Mailbox %s gelöscht", $this->data->username)]; } public function ajaxGetFolderList(Array $data) { if (!$this->id) throw new Exception("No user id provided"); $sql = sprintf("SELECT folder FROM vmail_folder WHERE vmail_user_id = %d", $this->id); $current_list = array(); foreach ($this->db->fetchObjectList($sql) as $row) $current_list[] = $row->folder; $sql = sprintf("SELECT username || '@' || name FROM vmail_user JOIN vmail_domain ON vmail_domain.id = vmail_domain_id WHERE vmail_user.id = %d", $this->id); $name = $this->db->fetchValue($sql); $options = array(); debug('/etc/dovecot/discover-folderlist ' . $name); if (file_exists('/etc/dovecot/discover-folderlist')) { if (($f = popen(sprintf('sudo -u vmail /etc/dovecot/discover-folderlist %s', $name), 'r')) !== false) { while (!feof($f)) { $line = trim(fgets($f)); if (!strlen($line)) continue; if (in_array($line, $current_list)) continue; $options[] = array('id' => $line, 'text' => $line); } pclose($f); } } return ['options' => $options]; } }