]> git.datanom.net - qtadmin.git/blob - quarantine.php
projects / qtadmin.git / blob
? search:


28bd2bd0a607a42ab823c4bf7707d2c3982f4b95
[qtadmin.git] / quarantine.php
1 <?php
2 /* vim: set ts=4 tw=0 sw=4 noet: */
3 require_once 'config.php';
4 require_once $CFG->root . 'lib/db_factory.php';
5 require_once $CFG->root . 'lib/utils.inc.php';
6
7 function error($error) {
8 $util = new Utils;
9 $util->setHeading("Error");
10 echo $util->getHeader();
11 echo $util->getHeading();
12 echo "<p style=\"color: red;\">$error</p>";
13 echo '<a href="index.php">Return</a>';
14 echo $util->getFooter();
15 }
16
17 function handleRequest($util, $request, $ids) {
18 global $CFG;
19
20 $query = array();
21 foreach ($ids as $id) {
22 $mail_id = urldecode($id);
23 $mail = unserialize($_SESSION['mailInfo']["$mail_id"]);
24
25 if (is_object($mail) && true == $util->authorized($mail->recipient)) {
26 $secret_id = $mail->secret_id;
27 $recipient = $mail->recipient;
28
29 if ($request == 'release') {
30 $amavisserver = $CFG->amavisd_db_host;
31 $policy_port = $CFG->amavis_policy_port;
32
33 $fp = fsockopen($amavisserver, $policy_port, $errno, $errstr, 30);
34 if (!$fp) {
35 error("$errstr ($errno)");
36 exit;
37 }
38 $out = "request=" . $request . "\r\n";
39 $out .= "mail_id=" . $mail_id . "\r\n";
40 $out .= "recipient=" . $recipient . "\r\n";
41 $out .= "secret_id=" . $secret_id . "\r\n\r\n";
42 fwrite($fp, $out);
43 $response = fread($fp, 8192);
44 fclose($fp);
45 $response = urldecode($response);
46 if (! preg_match("/^setreply=250\s+([\d\.]+)\s+(.*)/", $response, $matches)) {
47 error("Request to release failed [$out][$response]");
48 exit;
49 }
50 if ($matches[1] != '2.0.0') {
51 error($matches[2]);
52 exit;
53 }
54
55 $query[] = "UPDATE msgrcpt SET rs = 'R' WHERE mail_id = '$mail_id'";
56 } else if ($request == 'delete') {
57 $query[] = "UPDATE msgrcpt SET rs = 'D' WHERE mail_id = '$mail_id'";
58 } else if ($request == 'block') {
59 $query[] = $recipient;
60 } else {
61 error("Unknown operation [$request]");
62 exit;
63 }
64 }
65 }
66
67 return $query;
68 }
69
70 $util = new Utils;
71 $loggedIn = $util->isLoggedIn();
72 $request = isset($_GET['op']) ? $_GET['op'] : '';
73 if ($loggedIn && isset($_GET['id'])) {
74 $ids = explode(',', $_GET['id']);
75 if ($request == 'block') {
76 // /add/(whitelist|blacklist)/(.+)
77 $query = handleRequest($util, $request, $ids);
78 $data = json_encode($query);
79 if ($util->isAdmin()) {
80 $method = '/add/blacklist';
81 } else {
82 $method = '/add/blacklist/' . $util->getUser();
83 }
84 $success = $util->makeRestCall($method, $data);
85 } else {
86 $query = handleRequest($util, $request, $ids);
87 $success = $DB->update($query);
88 }
89 if (! $success) {
90 if ($request == 'block') {
91 error("Could not blacklist sender");
92 } else {
93 error("Message not released, contact administrator [$query]");
94 }
95 exit;
96 }
97 header('Location: index.php');
98 } else if ($loggedIn && $request == 'purge') {
99 $marked = unserialize($_SESSION['marked']);
100 unset($_SESSION['marked']);
101 $query = array();
102 $error = array();
103 foreach ($marked as $mail_id) {
104 $recipient = $DB->getRecipient($mail_id);
105 if ($recipient && true == $util->authorized($recipient)) {
106 $query[] = "delete from msgs where mail_id = '$mail_id'";
107 $query[] = "delete from msgrcpt where mail_id = '$mail_id'";
108 $query[] = "delete from quarantine where mail_id = '$mail_id'";
109 $success = $DB->update($query);
110 if (! $success) {
111 $error[] = $mail_id;
112 }
113 }
114 }
115 if (count($error) > 0) {
116 $str = implode(', ', $error);
117 error("The following messages was not purged [$str], contact administrator");
118 exit;
119 }
120 header('Location: index.php');
121 } else if ($loggedIn) {
122 header('Location: index.php');
123 } else {
124 header('Location: auth.php');
125 }
126
127 ?>
128
An Amavisd qurantine administration interface
This page took 0.070426 seconds and 4 git commands to generate.