root . 'lib/db_factory.php'; require_once $CFG->root . 'lib/utils.inc.php'; function error($error) { $util = Utils::getInstance(); $util->setHeading("Error"); echo $util->getHeader(); echo $util->getHeading(); echo "

$error

"; echo 'Return'; echo $util->getFooter(); } function handleRequest($request, $ids) { global $CFG; $query = array(); foreach ($ids as $id) { $mail_id = urldecode($id); $mail = unserialize($_SESSION['mailInfo']["$mail_id"]); $secret_id = $mail->secret_id; $recipient = $mail->recipient; if ($request == 'release') { $amavisserver = $CFG->amavisd_db_host; $policy_port = $CFG->amavis_policy_port; $fp = fsockopen($amavisserver, $policy_port, $errno, $errstr, 30); if (!$fp) { error("$errstr ($errno)"); exit; } $out = "request=" . $request . "\r\n"; $out .= "mail_id=" . $mail_id . "\r\n"; $out .= "recipient=" . $recipient . "\r\n"; $out .= "secret_id=" . $secret_id . "\r\n\r\n"; fwrite($fp, $out); $response = fread($fp, 8192); fclose($fp); $response = urldecode($response); if (! preg_match("/^setreply=250\s+([\d\.]+)\s+(.*)/", $response, $matches)) { error("Request to release failed [$out][$response]"); exit; } if ($matches[1] != '2.0.0') { error($matches[2]); exit; } $query[] = "UPDATE msgrcpt SET rs = 'R' WHERE mail_id = '$mail_id'"; } else if ($request == 'delete') { $query[] = "UPDATE msgrcpt SET rs = 'D' WHERE mail_id = '$mail_id'"; } else { error("Unknown operation [$request]"); exit; } } return $query; } $util = Utils::getInstance(); $loggedIn = $util->isLoggedIn(); $request = isset($_GET['op']) ? $_GET['op'] : ''; if ($loggedIn && isset($_GET['id'])) { $ids = explode(',', $_GET['id']); $query = handleRequest($request, $ids); $success = $DB->update($query); if (! $success) { error("Message not released, contact administrator [$query]"); exit; } header('Location: index.php'); } else if ($loggedIn && $request == 'purge') { $marked = unserialize($_SESSION['marked']); unset($_SESSION['marked']); $query = array(); $error = array(); foreach ($marked as $mail_id) { $query[] = "delete from msgs where mail_id = '$mail_id'"; $query[] = "delete from msgrcpt where mail_id = '$mail_id'"; $query[] = "delete from quarantine where mail_id = '$mail_id'"; $success = $DB->update($query); if (! $success) { $error[] = $mail_id; } } if (count($error) > 0) { $str = implode(', ', $error); error("The following messages was not purged [$str], contact administrator"); exit; } header('Location: index.php'); } else if ($loggedIn) { header('Location: index.php'); } else { header('Location: auth.php'); } ?>