fix bug

[qtadmin.git] / quarantine.php

<?php
/* vim: set ts=4 tw=0 sw=4 noet: */
    require_once 'config.php';
    require_once $CFG->root . 'lib/db_factory.php';
    require_once $CFG->root . 'lib/utils.inc.php';

    function error($error) {
        $util = Utils::getInstance();
        $util->setHeading("Error");
        echo $util->getHeader();
        echo $util->getHeading();
        echo "<p style=\"color: red;\">$error</p>";
        echo '<a href="index.php">Return</a>';
        echo $util->getFooter();
    }

    function handleRequest($request, $ids) {
        global $CFG;

        $query = array();
        foreach ($ids as $id) {
            $mail_id = urldecode($id);
            $mail = unserialize($_SESSION['mailInfo']["$mail_id"]);
            $secret_id = $mail->secret_id;
            $recipient = $mail->recipient;
            //echo "$mail_id $secret_id $recipient";

            if ($request == 'release') {
                $amavisserver = $CFG->amavisd_db_host;
                $policy_port = $CFG->amavis_policy_port;

                $fp = fsockopen($amavisserver, $policy_port, $errno, $errstr, 30);
                if (!$fp) {
                    error("$errstr ($errno)");
                    exit;
                }
                $out = "request=" . $request . "\r\n";
                $out .= "mail_id=" . $mail_id . "\r\n";
                $out .= "recipient=" . $recipient . "\r\n";
                $out .= "secret_id=" . $secret_id . "\r\n\r\n";
                fwrite($fp, $out);
                $response = fread($fp, 8192);
                fclose($fp);
                $response = urldecode($response);
                if (! preg_match("/^setreply=250\s+([\d\.]+)\s+(.*)/", $response, $matches)) {
                    error("Request to release failed [$out][$response]");
                    exit;
                }
                if ($matches[1] != '2.0.0') {
                    error($matches[2]);
                    exit;
                }

                $query[] = "UPDATE msgrcpt SET rs = 'R' WHERE mail_id = '$mail_id'";
            } else if ($request == 'delete') {
                $query[] = "UPDATE msgrcpt SET rs = 'D' WHERE mail_id = '$mail_id'";
            } else {
                error("Unknown operation [$request]");
                exit;
            }
        }

        return $query;
    }

    $util = Utils::getInstance();
    $loggedIn = $util->isLoggedIn();
    $request = isset($_GET['op']) ? $_GET['op'] : '';
    if ($loggedIn && isset($_GET['id'])) {
        $ids = explode(',', $_GET['id']);
        $query = handleRequest($request, $ids);
/*        exit;
        $mail_id = urldecode($_GET['id']);
        $mail = unserialize($_SESSION['mailInfo']["$mail_id"]);
        $secret_id = $mail->secret_id;
        $recipient = $mail->recipient;

        $query = array();
        if ($request == 'release') {
            $amavisserver = $CFG->amavisd_db_host;
            $policy_port = $CFG->amavis_policy_port;

            $fp = fsockopen($amavisserver, $policy_port, $errno, $errstr, 30);
            if (!$fp) {
                error("$errstr ($errno)");
                exit;
            }
            $out = "request=" . $request . "\r\n";
            $out .= "mail_id=" . $mail_id . "\r\n";
            $out .= "recipient=" . $recipient . "\r\n";
            $out .= "secret_id=" . $secret_id . "\r\n\r\n";
            fwrite($fp, $out);
            $response = fread($fp, 8192);
            fclose($fp);
            $response = urldecode($response);
            if (! preg_match("/^setreply=250\s+([\d\.]+)\s+(.*)/", $response, $matches)) {
                error("Request to release failed [$out][$response]");
                exit;
            }
            if ($matches[1] != '2.0.0') {
                error($matches[2]);
                exit;
            }

            $query[] = "UPDATE msgrcpt SET rs = 'R' WHERE mail_id = '$mail_id'";
        } else if ($request == 'delete') {
            $query[] = "UPDATE msgrcpt SET rs = 'D' WHERE mail_id = '$mail_id'";
        } else {
            error("Unknown operation [$request]");
            exit;
        }
        print_r($query);
        exit;*/
        $success = $DB->update($query);
        if (! $success) {
            error("Message not released, contact administrator [$query]");
            exit;
        }
        header('Location: index.php');
    } else if ($loggedIn && $request == 'purge') {
        $marked = unserialize($_SESSION['marked']);
        unset($_SESSION['marked']);
        $query = array();
        $error = array();
        foreach ($marked as $mail_id) {
            $query[] = "delete from msgs where mail_id = '$mail_id'";
            $query[] = "delete from msgrcpt where mail_id = '$mail_id'";
            $query[] = "delete from quarantine where mail_id = '$mail_id'";
            $success = $DB->update($query);
            if (! $success) {
                $error[] = $mail_id;
            }
        }
        if (count($error) > 0) {
            $str = implode(', ', $error);
            error("The following messages was not purged [$str], contact administrator");
            exit;
        }
        header('Location: index.php');
    } else if ($loggedIn) {
        header('Location: index.php');
    } else {
        header('Location: auth.php');
    }

?>