]>
Commit | Line | Data |
---|---|---|
6df4b805 | 1 | <?php |
6b3d5ba9 | 2 | /* vim: set ts=4 tw=0 sw=4 noet: */ |
b95d1cdb MR |
3 | require_once 'config.php'; |
4 | require_once $CFG->root . 'lib/db_factory.php'; | |
5 | require_once $CFG->root . 'lib/utils.inc.php'; | |
6df4b805 | 6 | |
b95d1cdb | 7 | function error($error) { |
3056d117 | 8 | $util = new Utils; |
b95d1cdb MR |
9 | $util->setHeading("Error"); |
10 | echo $util->getHeader(); | |
11 | echo $util->getHeading(); | |
12 | echo "<p style=\"color: red;\">$error</p>"; | |
13 | echo '<a href="index.php">Return</a>'; | |
14 | echo $util->getFooter(); | |
15 | } | |
6df4b805 | 16 | |
4e417241 | 17 | function handleRequest($util, $request, $ids) { |
6b8a5143 MR |
18 | global $CFG; |
19 | ||
acaa44d2 MR |
20 | $query = array(); |
21 | foreach ($ids as $id) { | |
22 | $mail_id = urldecode($id); | |
23 | $mail = unserialize($_SESSION['mailInfo']["$mail_id"]); | |
ebed9332 | 24 | |
2b099ad2 | 25 | if (is_object($mail) && true == $util->authorized($mail->recipient)) { |
af31b70b MR |
26 | $secret_id = $mail->secret_id; |
27 | $recipient = $mail->recipient; | |
91da83b5 | 28 | $sender = $mail->sender; |
acaa44d2 | 29 | |
af31b70b MR |
30 | if ($request == 'release') { |
31 | $amavisserver = $CFG->amavisd_db_host; | |
32 | $policy_port = $CFG->amavis_policy_port; | |
33 | ||
34 | $fp = fsockopen($amavisserver, $policy_port, $errno, $errstr, 30); | |
35 | if (!$fp) { | |
36 | error("$errstr ($errno)"); | |
37 | exit; | |
38 | } | |
39 | $out = "request=" . $request . "\r\n"; | |
40 | $out .= "mail_id=" . $mail_id . "\r\n"; | |
41 | $out .= "recipient=" . $recipient . "\r\n"; | |
42 | $out .= "secret_id=" . $secret_id . "\r\n\r\n"; | |
43 | fwrite($fp, $out); | |
44 | $response = fread($fp, 8192); | |
45 | fclose($fp); | |
46 | $response = urldecode($response); | |
47 | if (! preg_match("/^setreply=250\s+([\d\.]+)\s+(.*)/", $response, $matches)) { | |
48 | error("Request to release failed [$out][$response]"); | |
49 | exit; | |
50 | } | |
51 | if ($matches[1] != '2.0.0') { | |
52 | error($matches[2]); | |
53 | exit; | |
54 | } | |
55 | ||
56 | $query[] = "UPDATE msgrcpt SET rs = 'R' WHERE mail_id = '$mail_id'"; | |
57 | } else if ($request == 'delete') { | |
58 | $query[] = "UPDATE msgrcpt SET rs = 'D' WHERE mail_id = '$mail_id'"; | |
0da9e6e7 | 59 | } else if ($request == 'block') { |
91da83b5 | 60 | $query[] = $sender; |
af31b70b MR |
61 | } else { |
62 | error("Unknown operation [$request]"); | |
acaa44d2 MR |
63 | exit; |
64 | } | |
acaa44d2 | 65 | } |
acaa44d2 | 66 | } |
ebed9332 MR |
67 | |
68 | return $query; | |
acaa44d2 MR |
69 | } |
70 | ||
3056d117 | 71 | $util = new Utils; |
b95d1cdb MR |
72 | $loggedIn = $util->isLoggedIn(); |
73 | $request = isset($_GET['op']) ? $_GET['op'] : ''; | |
74 | if ($loggedIn && isset($_GET['id'])) { | |
acaa44d2 | 75 | $ids = explode(',', $_GET['id']); |
0da9e6e7 | 76 | if ($request == 'block') { |
f1c0988b MR |
77 | // /add/(whitelist|blacklist)/(.+) |
78 | $query = handleRequest($util, $request, $ids); | |
79 | $data = json_encode($query); | |
80 | if ($util->isAdmin()) { | |
81 | $method = '/add/blacklist'; | |
82 | } else { | |
83 | $method = '/add/blacklist/' . $util->getUser(); | |
84 | } | |
85 | $success = $util->makeRestCall($method, $data); | |
0da9e6e7 MR |
86 | } else { |
87 | $query = handleRequest($util, $request, $ids); | |
88 | $success = $DB->update($query); | |
f1c0988b MR |
89 | } |
90 | if (! $success) { | |
91 | if ($request == 'block') { | |
92 | error("Could not blacklist sender"); | |
93 | } else { | |
0da9e6e7 | 94 | error("Message not released, contact administrator [$query]"); |
0da9e6e7 | 95 | } |
f1c0988b | 96 | exit; |
b95d1cdb MR |
97 | } |
98 | header('Location: index.php'); | |
6df4b805 | 99 | } else if ($loggedIn && $request == 'purge') { |
b95d1cdb MR |
100 | $marked = unserialize($_SESSION['marked']); |
101 | unset($_SESSION['marked']); | |
102 | $query = array(); | |
103 | $error = array(); | |
104 | foreach ($marked as $mail_id) { | |
5ee14494 MR |
105 | $recipient = $DB->getRecipient($mail_id); |
106 | if ($recipient && true == $util->authorized($recipient)) { | |
af31b70b MR |
107 | $query[] = "delete from msgs where mail_id = '$mail_id'"; |
108 | $query[] = "delete from msgrcpt where mail_id = '$mail_id'"; | |
109 | $query[] = "delete from quarantine where mail_id = '$mail_id'"; | |
110 | $success = $DB->update($query); | |
111 | if (! $success) { | |
112 | $error[] = $mail_id; | |
113 | } | |
b95d1cdb MR |
114 | } |
115 | } | |
116 | if (count($error) > 0) { | |
117 | $str = implode(', ', $error); | |
118 | error("The following messages was not purged [$str], contact administrator"); | |
119 | exit; | |
120 | } | |
121 | header('Location: index.php'); | |
122 | } else if ($loggedIn) { | |
123 | header('Location: index.php'); | |
6df4b805 MR |
124 | } else { |
125 | header('Location: auth.php'); | |
126 | } | |
127 | ||
128 | ?> | |
129 |