]> git.datanom.net - qtadmin.git/blob - index.php
Enhance security
[qtadmin.git] / index.php
1 <?php
2 /* vim: set ts=4 tw=0 sw=4 noet: */
3 require_once 'config.php';
4 require_once $CFG->root . 'lib/db_factory.php';
5 require_once $CFG->root . 'lib/utils.inc.php';
6
7 $util = new Utils;
8 unset($_SESSION['mailInfo']);
9
10 if ($util->isLoggedIn()) {
11 if (isset($_GET['rowsperpage'])) {
12 $rowsPerPage = $_GET['rowsperpage'];
13 } else {
14 $rowsPerPage = 20;
15 }
16
17 $pageNum = 1;
18 if (isset($_GET['page'])) {
19 $pageNum = $_GET['page'];
20 }
21
22 $offset = ($pageNum - 1) * $rowsPerPage;
23
24 $util->setHeading('Quarantine Administration');
25 echo $util->getHeader();
26 echo $util->getHeading();
27
28 echo "Rows per page <input type=\"text\" value=\"$rowsPerPage\" id=\"rows\"
29 size=\"2\"/><input type=\"button\" onclick=\"javascript: updateRowsPerPage()\"
30 value=\"Change\"/><span class=\"user\">{$util->getUser()}
31 <a title=\"Logout\" href=\"auth.php?op=logout\">Logout</a></span>";
32 $which = ($util->isAdmin() == true) ? 'all' : $util->getUser();
33 $rows = $DB->getQMails($offset, $rowsPerPage, $which);
34 $numrows = $DB->numRows();
35 echo "<span class=\"total-rows\">$numrows quarantined mail(s)</span>";
36 echo "<table><tr>";
37 echo "<th>Received</th><th>Cause</th>";
38 echo "<th>Sender</th><th>Recipient</th><th>Subject</th><th>Action</th>";
39 echo "<th><input name=\"multiselect\" type=\"checkbox\" ";
40 echo "onchange=\"javascript: updateAction(this)\" /></th>";
41 echo "</tr>";
42
43 $mailInfo = array();
44 $i = 0;
45 foreach ($rows as $row) {
46 if ($i % 2)
47 echo '<tr class="bg_odd">';
48 else
49 echo '<tr class="bg_even">';
50 $id = $row->mail_id;
51 $mailInfo[$id] = serialize($row);
52 $url = urlencode($id);
53 $checkbox = "<input name=\"action\" type=\"checkbox\" value=\"$url\" />";
54 $recipient = "<a title=\"Show Report\" href=\"mail_report.php?id=$url\">{$row->recipient}</a>";
55 $action = "<a title=\"Release Mail\" href=\"quarantine.php?id=$url&amp;op=release\">";
56 $action .= "<img class=\"nav-img\" src=\"pics/release.png\" alt=\"Release\" /></a>";
57 $action .= "&nbsp;<a title=\"Delete Mail\" href=\"quarantine.php?id=$url&amp;op=delete\">";
58 $action .= "<img class=\"nav-img\" src=\"pics/delete.png\" alt=\"Delete\" /></a>";
59 $sender = $row->sender;
60 $received = strftime("%c", $row->time_iso);
61 $quaratinefor = $util->convertContent($row->quaratinefor);
62 $subject = $row->subject;
63 echo "<td>$received</td><td class=\"nav-action\">".
64 "$quaratinefor</td><td>$sender</td><td>$recipient</td>".
65 "<td>$subject</td><td class=\"nav-action\">$action</td><td class=\"nav-action\">$checkbox</td></tr>";
66 $i++;
67 }
68 $_SESSION['mailInfo'] = $mailInfo;
69 echo "</table>";
70
71 $maxPage = ceil($numrows/$rowsPerPage);
72 $self = $_SERVER['PHP_SELF'];
73
74 if ($pageNum > 1) {
75 $page = $pageNum - 1;
76 $prev = " <a title=\"Prev Page\" href=\"$self?page=$page&amp;rowsperpage=$rowsPerPage\"
77 class='whitefooter'><img class=\"nav-img\" src=\"pics/go-previous-symbolic.svg\" alt=\"Previous\" /></a> ";
78 $first = " <a title=\"First Page\" href=\"$self?page=1&amp;rowsperpage=$rowsPerPage\"
79 class='whitefooter'><img class=\"nav-img\" src=\"pics/go-first-symbolic.svg\" alt=\"First\" /></a> ";
80 } else {
81 $prev = '&nbsp;'; // we're on page one, don't print previous link
82 $first = '&nbsp;'; // nor the first page link
83 }
84
85 if ($pageNum < $maxPage) {
86 $page = $pageNum + 1;
87 $next = " <a title=\"Next Page\" href=\"$self?page=$page&amp;rowsperpage=$rowsPerPage\"
88 class='whitefooter'><img class=\"nav-img\" src=\"pics/go-next-symbolic.svg\" alt=\"Next\" /></a> ";
89 $last = " <a title=\"Last Page\" href=\"$self?page=$maxPage&amp;rowsperpage=$rowsPerPage\"
90 class='whitefooter'><img class=\"nav-img\" src=\"pics/go-last-symbolic.svg\" alt=\"Last\" /></a> ";
91 } else {
92 $next = '&nbsp;'; // we're on the last page, don't print next link
93 $last = '&nbsp;'; // nor the last page link
94 }
95 $marked = $DB->getMarked($which);
96 $_SESSION['marked'] = serialize($marked);
97 echo '<input class="mail-purge" type="button" value="Purge Mails ('.
98 count($marked).')" onclick="javascript: location.href=\'quarantine.php?op=purge\'"/>';
99 echo '<input class="mail-purge" type="button" value="Release checked"
100 onclick="javascript: checkAction(\'release\');"/>';
101 echo '<input class="mail-purge" type="button" value="Delete checked"
102 onclick="javascript: checkAction(\'delete\');"/>';
103 echo "<p class=\"page-nav\">$first$prev Showing page $pageNum of
104 $maxPage pages $next$last</p>";
105
106 echo $util->getFooter();
107 } else {
108 header('Location: auth.php');
109 }
110 ?>
This page took 0.274023 seconds and 6 git commands to generate.