git.datanom.net - qtadmin.git/blame_incremental

... / ...

Commit	Line	Data
	1	<?php
	2	/* vim: set ts=4 tw=0 sw=4 noet: */
	3	require_once 'config.php';
	4	require_once $CFG->root . 'lib/db_factory.php';
	5	require_once $CFG->root . 'lib/utils.inc.php';
	6
	7	function error($error) {
	8	$util = new Utils;
	9	$util->setHeading("Error");
	10	echo $util->getHeader();
	11	echo $util->getHeading();
	12	echo "<p style=\"color: red;\">$error</p>";
	13	echo '<a href="index.php">Return</a>';
	14	echo $util->getFooter();
	15	}
	16
	17	function handleRequest($util, $request, $ids) {
	18	global $CFG;
	19
	20	$query = array();
	21	foreach ($ids as $id) {
	22	$mail_id = urldecode($id);
	23	$mail = unserialize($_SESSION['mailInfo']["$mail_id"]);
	24
	25	if (is_object($mail) && true == $util->authorized($mail->recipient)) {
	26	$secret_id = $mail->secret_id;
	27	$recipient = $mail->recipient;
	28
	29	if ($request == 'release') {
	30	$amavisserver = $CFG->amavisd_db_host;
	31	$policy_port = $CFG->amavis_policy_port;
	32
	33	$fp = fsockopen($amavisserver, $policy_port, $errno, $errstr, 30);
	34	if (!$fp) {
	35	error("$errstr ($errno)");
	36	exit;
	37	}
	38	$out = "request=" . $request . "\r\n";
	39	$out .= "mail_id=" . $mail_id . "\r\n";
	40	$out .= "recipient=" . $recipient . "\r\n";
	41	$out .= "secret_id=" . $secret_id . "\r\n\r\n";
	42	fwrite($fp, $out);
	43	$response = fread($fp, 8192);
	44	fclose($fp);
	45	$response = urldecode($response);
	46	if (! preg_match("/^setreply=250\s+([\d\.]+)\s+(.*)/", $response, $matches)) {
	47	error("Request to release failed [$out][$response]");
	48	exit;
	49	}
	50	if ($matches[1] != '2.0.0') {
	51	error($matches[2]);
	52	exit;
	53	}
	54
	55	$query[] = "UPDATE msgrcpt SET rs = 'R' WHERE mail_id = '$mail_id'";
	56	} else if ($request == 'delete') {
	57	$query[] = "UPDATE msgrcpt SET rs = 'D' WHERE mail_id = '$mail_id'";
	58	} else if ($request == 'block') {
	59	$query[] = $recipient;
	60	} else {
	61	error("Unknown operation [$request]");
	62	exit;
	63	}
	64	}
	65	}
	66
	67	return $query;
	68	}
	69
	70	$util = new Utils;
	71	$loggedIn = $util->isLoggedIn();
	72	$request = isset($_GET['op']) ? $_GET['op'] : '';
	73	if ($loggedIn && isset($_GET['id'])) {
	74	$ids = explode(',', $_GET['id']);
	75	if ($request == 'block') {
	76	// /add/(whitelist\|blacklist)/(.+)
	77	$query = handleRequest($util, $request, $ids);
	78	$data = json_encode($query);
	79	if ($util->isAdmin()) {
	80	$method = '/add/blacklist';
	81	} else {
	82	$method = '/add/blacklist/' . $util->getUser();
	83	}
	84	$success = $util->makeRestCall($method, $data);
	85	} else {
	86	$query = handleRequest($util, $request, $ids);
	87	$success = $DB->update($query);
	88	}
	89	if (! $success) {
	90	if ($request == 'block') {
	91	error("Could not blacklist sender");
	92	} else {
	93	error("Message not released, contact administrator [$query]");
	94	}
	95	exit;
	96	}
	97	header('Location: index.php');
	98	} else if ($loggedIn && $request == 'purge') {
	99	$marked = unserialize($_SESSION['marked']);
	100	unset($_SESSION['marked']);
	101	$query = array();
	102	$error = array();
	103	foreach ($marked as $mail_id) {
	104	$recipient = $DB->getRecipient($mail_id);
	105	if ($recipient && true == $util->authorized($recipient)) {
	106	$query[] = "delete from msgs where mail_id = '$mail_id'";
	107	$query[] = "delete from msgrcpt where mail_id = '$mail_id'";
	108	$query[] = "delete from quarantine where mail_id = '$mail_id'";
	109	$success = $DB->update($query);
	110	if (! $success) {
	111	$error[] = $mail_id;
	112	}
	113	}
	114	}
	115	if (count($error) > 0) {
	116	$str = implode(', ', $error);
	117	error("The following messages was not purged [$str], contact administrator");
	118	exit;
	119	}
	120	header('Location: index.php');
	121	} else if ($loggedIn) {
	122	header('Location: index.php');
	123	} else {
	124	header('Location: auth.php');
	125	}
	126
	127	?>
	128