JS changes and fixes
parent
b1d0776ad1
commit
15853df84c
File diff suppressed because one or more lines are too long
|
@ -29,4 +29,4 @@ table.footable>tbody>tr.footable-empty>td {
|
||||||
.container {
|
.container {
|
||||||
width: 80%;
|
width: 80%;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -44,6 +44,7 @@ endif;
|
||||||
<script src="/js/bootstrap-switch.min.js"></script>
|
<script src="/js/bootstrap-switch.min.js"></script>
|
||||||
<script src="/js/bootstrap-slider.min.js"></script>
|
<script src="/js/bootstrap-slider.min.js"></script>
|
||||||
<script src="/js/bootstrap-select.min.js"></script>
|
<script src="/js/bootstrap-select.min.js"></script>
|
||||||
|
<script src="/js/notifications.min.js"></script>
|
||||||
<script src="/js/u2f-api.js"></script>
|
<script src="/js/u2f-api.js"></script>
|
||||||
<script>
|
<script>
|
||||||
// Select language and reopen active URL without POST
|
// Select language and reopen active URL without POST
|
||||||
|
@ -53,14 +54,12 @@ function setLang(sel) {
|
||||||
}
|
}
|
||||||
|
|
||||||
$(document).ready(function() {
|
$(document).ready(function() {
|
||||||
function mailcow_alert_box(type, message) {
|
function mailcow_alert_box(message, type) {
|
||||||
$('.mailcow-alert-box').show();
|
$.notify({message: message},{type: type,placement: {from: "bottom",align: "right"},animate: {enter: 'animated fadeInUp',exit: 'animated fadeOutDown'}});
|
||||||
$('.mailcow-alert-box').addClass("alert-" + type);
|
|
||||||
$('#mailcow-alert-text').text(message);
|
|
||||||
}
|
}
|
||||||
// PHP error handler
|
<?php if (isset($_SESSION['return'])): ?>
|
||||||
|
mailcow_alert_box("<?=$_SESSION['return']['msg'];?>", "<?=$_SESSION['return']['type'];?>");
|
||||||
|
<?php endif; unset($_SESSION['return']); ?>
|
||||||
// Confirm TFA modal
|
// Confirm TFA modal
|
||||||
<?php if (isset($_SESSION['pending_tfa_method'])):?>
|
<?php if (isset($_SESSION['pending_tfa_method'])):?>
|
||||||
$('#ConfirmTFAModal').modal({
|
$('#ConfirmTFAModal').modal({
|
||||||
|
@ -226,30 +225,9 @@ $(document).ready(function() {
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
if ($('#mailcow-alert').hasClass('alert-success')) {
|
|
||||||
$('#mailcow-alert').delay(5000).animate({right: '-50%'}, 1000);
|
|
||||||
};
|
|
||||||
});
|
});
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
<div class="container">
|
|
||||||
<div id="mailcow-alert" class="alert" role="alert">
|
|
||||||
<span id="mailcow-alert-text"></span>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
</body>
|
</body>
|
||||||
<?php // Notifications ?>
|
|
||||||
<script>
|
|
||||||
function mailcow_alert_box(msg, type) {
|
|
||||||
document.getElementById('mailcow-alert').style.display = 'visible';
|
|
||||||
document.getElementById('mailcow-alert-text').innerHTML = msg;
|
|
||||||
document.getElementById("mailcow-alert").className = "alert alert-" + type;
|
|
||||||
}
|
|
||||||
<?php if (isset($_SESSION['return'])): ?>
|
|
||||||
mailcow_alert_box("<?=$_SESSION['return']['msg'];?>", "<?=$_SESSION['return']['type'];?>");
|
|
||||||
<?php endif; unset($_SESSION['return']); ?>
|
|
||||||
</script>
|
|
||||||
</html>
|
</html>
|
||||||
<?php $stmt = null; $pdo = null; ?>
|
<?php $stmt = null; $pdo = null; ?>
|
||||||
|
|
|
@ -457,10 +457,6 @@ function get_time_limited_aliases($username = null) {
|
||||||
$data = array();
|
$data = array();
|
||||||
if (isset($username) && filter_var($username, FILTER_VALIDATE_EMAIL)) {
|
if (isset($username) && filter_var($username, FILTER_VALIDATE_EMAIL)) {
|
||||||
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
|
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -687,19 +683,11 @@ function get_policy_list($object = null) {
|
||||||
if (!filter_var($object, FILTER_VALIDATE_EMAIL) && is_valid_domain_name($object)) {
|
if (!filter_var($object, FILTER_VALIDATE_EMAIL) && is_valid_domain_name($object)) {
|
||||||
$object = idn_to_ascii(strtolower(trim($object)));
|
$object = idn_to_ascii(strtolower(trim($object)));
|
||||||
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
|
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
elseif (filter_var($object, FILTER_VALIDATE_EMAIL)) {
|
elseif (filter_var($object, FILTER_VALIDATE_EMAIL)) {
|
||||||
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
|
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -885,10 +873,6 @@ function get_syncjobs($username = null) {
|
||||||
$data = array();
|
$data = array();
|
||||||
if (isset($username) && filter_var($username, FILTER_VALIDATE_EMAIL)) {
|
if (isset($username) && filter_var($username, FILTER_VALIDATE_EMAIL)) {
|
||||||
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
|
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -916,17 +900,9 @@ function get_syncjob_details($id) {
|
||||||
$syncjobdetails = array();
|
$syncjobdetails = array();
|
||||||
if ($_SESSION['mailcow_cc_role'] != "user" &&
|
if ($_SESSION['mailcow_cc_role'] != "user" &&
|
||||||
$_SESSION['mailcow_cc_role'] != "admin") {
|
$_SESSION['mailcow_cc_role'] != "admin") {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if (!is_numeric($id)) {
|
if (!is_numeric($id)) {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
|
@ -1301,10 +1277,6 @@ function get_tls_policy($username = null) {
|
||||||
$data = array();
|
$data = array();
|
||||||
if (isset($username) && filter_var($username, FILTER_VALIDATE_EMAIL)) {
|
if (isset($username) && filter_var($username, FILTER_VALIDATE_EMAIL)) {
|
||||||
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
|
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1687,26 +1659,14 @@ function get_domain_admin_details($domain_admin) {
|
||||||
global $lang;
|
global $lang;
|
||||||
$domainadmindata = array();
|
$domainadmindata = array();
|
||||||
if (isset($domain_admin) && $_SESSION['mailcow_cc_role'] != "admin") {
|
if (isset($domain_admin) && $_SESSION['mailcow_cc_role'] != "admin") {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if (!isset($domain_admin) && $_SESSION['mailcow_cc_role'] != "domainadmin") {
|
if (!isset($domain_admin) && $_SESSION['mailcow_cc_role'] != "domainadmin") {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
(!isset($domain_admin)) ? $domain_admin = $_SESSION['mailcow_cc_username'] : null;
|
(!isset($domain_admin)) ? $domain_admin = $_SESSION['mailcow_cc_username'] : null;
|
||||||
|
|
||||||
if (!ctype_alnum(str_replace(array('_', '.', '-'), '', $domain_admin))) {
|
if (!ctype_alnum(str_replace(array('_', '.', '-'), '', $domain_admin))) {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['username_invalid'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
|
@ -2351,10 +2311,6 @@ function get_admin_details() {
|
||||||
global $lang;
|
global $lang;
|
||||||
$data = array();
|
$data = array();
|
||||||
if ($_SESSION['mailcow_cc_role'] != 'admin') {
|
if ($_SESSION['mailcow_cc_role'] != 'admin') {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
|
@ -2469,15 +2425,16 @@ function dkim_add_key($postarray) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
function dkim_get_key_details($domain) {
|
function dkim_get_key_details($domain) {
|
||||||
$data = array();
|
|
||||||
global $redis;
|
global $redis;
|
||||||
if (hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
||||||
if ($redis_dkim_key_data = $redis->hGet('DKIM_PUB_KEYS', $domain)) {
|
return false;
|
||||||
$data['pubkey'] = $redis_dkim_key_data;
|
}
|
||||||
$data['length'] = (strlen($data['pubkey']) < 391) ? 1024 : 2048;
|
$data = array();
|
||||||
$data['dkim_txt'] = 'v=DKIM1;k=rsa;t=s;s=email;p=' . $redis_dkim_key_data;
|
if ($redis_dkim_key_data = $redis->hGet('DKIM_PUB_KEYS', $domain)) {
|
||||||
$data['dkim_selector'] = $redis->hGet('DKIM_SELECTORS', $domain);
|
$data['pubkey'] = $redis_dkim_key_data;
|
||||||
}
|
$data['length'] = (strlen($data['pubkey']) < 391) ? 1024 : 2048;
|
||||||
|
$data['dkim_txt'] = 'v=DKIM1;k=rsa;t=s;s=email;p=' . $redis_dkim_key_data;
|
||||||
|
$data['dkim_selector'] = $redis->hGet('DKIM_SELECTORS', $domain);
|
||||||
}
|
}
|
||||||
return $data;
|
return $data;
|
||||||
}
|
}
|
||||||
|
@ -2485,10 +2442,6 @@ function dkim_get_blind_keys() {
|
||||||
global $redis;
|
global $redis;
|
||||||
global $lang;
|
global $lang;
|
||||||
if ($_SESSION['mailcow_cc_role'] != "admin") {
|
if ($_SESSION['mailcow_cc_role'] != "admin") {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$domains = array();
|
$domains = array();
|
||||||
|
@ -4044,10 +3997,6 @@ function mailbox_get_mailboxes($domain = null) {
|
||||||
global $pdo;
|
global $pdo;
|
||||||
$mailboxes = array();
|
$mailboxes = array();
|
||||||
if (isset($domain) && !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
if (isset($domain) && !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
elseif (isset($domain) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
elseif (isset($domain) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
||||||
|
@ -4096,10 +4045,6 @@ function mailbox_get_resources($domain = null) {
|
||||||
global $pdo;
|
global $pdo;
|
||||||
$resources = array();
|
$resources = array();
|
||||||
if (isset($domain) && !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
if (isset($domain) && !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
elseif (isset($domain) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
elseif (isset($domain) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
||||||
|
@ -4151,10 +4096,6 @@ function mailbox_get_alias_domains($domain = null) {
|
||||||
global $pdo;
|
global $pdo;
|
||||||
$aliasdomains = array();
|
$aliasdomains = array();
|
||||||
if (isset($domain) && !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
if (isset($domain) && !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
elseif (isset($domain) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
elseif (isset($domain) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
||||||
|
@ -4203,10 +4144,6 @@ function mailbox_get_aliases($domain) {
|
||||||
global $pdo;
|
global $pdo;
|
||||||
$aliases = array();
|
$aliases = array();
|
||||||
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -4268,10 +4205,6 @@ function mailbox_get_alias_details($address) {
|
||||||
$aliasdata['created'] = $row['created'];
|
$aliasdata['created'] = $row['created'];
|
||||||
$aliasdata['modified'] = $row['modified'];
|
$aliasdata['modified'] = $row['modified'];
|
||||||
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $aliasdata['domain'])) {
|
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $aliasdata['domain'])) {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -4317,10 +4250,6 @@ function mailbox_get_alias_domain_details($aliasdomain) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $aliasdomaindata['target_domain'])) {
|
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $aliasdomaindata['target_domain'])) {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
return $aliasdomaindata;
|
return $aliasdomaindata;
|
||||||
|
@ -4331,9 +4260,11 @@ function mailbox_get_domains() {
|
||||||
// Domain does not need to be active
|
// Domain does not need to be active
|
||||||
global $lang;
|
global $lang;
|
||||||
global $pdo;
|
global $pdo;
|
||||||
|
$domains = array();
|
||||||
|
if ($_SESSION['mailcow_cc_role'] != "admin" && $_SESSION['mailcow_cc_role'] != "domainadmin") {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
try {
|
try {
|
||||||
$domains = array();
|
|
||||||
$stmt = $pdo->prepare("SELECT `domain` FROM `domain`
|
$stmt = $pdo->prepare("SELECT `domain` FROM `domain`
|
||||||
WHERE (`domain` IN (
|
WHERE (`domain` IN (
|
||||||
SELECT `domain` from `domain_admins`
|
SELECT `domain` from `domain_admins`
|
||||||
|
@ -4367,10 +4298,6 @@ function mailbox_get_domain_details($domain) {
|
||||||
$domain = idn_to_ascii(strtolower(trim($domain)));
|
$domain = idn_to_ascii(strtolower(trim($domain)));
|
||||||
|
|
||||||
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -4461,10 +4388,6 @@ function mailbox_get_mailbox_details($mailbox) {
|
||||||
global $lang;
|
global $lang;
|
||||||
global $pdo;
|
global $pdo;
|
||||||
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $mailbox)) {
|
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $mailbox)) {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$mailboxdata = array();
|
$mailboxdata = array();
|
||||||
|
@ -4538,10 +4461,6 @@ function mailbox_get_resource_details($resource) {
|
||||||
global $pdo;
|
global $pdo;
|
||||||
$resourcedata = array();
|
$resourcedata = array();
|
||||||
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $resource)) {
|
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $resource)) {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
|
@ -4579,10 +4498,6 @@ function mailbox_get_resource_details($resource) {
|
||||||
}
|
}
|
||||||
if (!isset($resourcedata['domain']) ||
|
if (!isset($resourcedata['domain']) ||
|
||||||
(isset($resourcedata['domain']) && !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $resourcedata['domain']))) {
|
(isset($resourcedata['domain']) && !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $resourcedata['domain']))) {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -5047,10 +4962,6 @@ function mailbox_get_sender_acl_handles($mailbox) {
|
||||||
global $pdo;
|
global $pdo;
|
||||||
global $lang;
|
global $lang;
|
||||||
if ($_SESSION['mailcow_cc_role'] != "admin" && $_SESSION['mailcow_cc_role'] != "domainadmin") {
|
if ($_SESSION['mailcow_cc_role'] != "admin" && $_SESSION['mailcow_cc_role'] != "domainadmin") {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -5184,9 +5095,6 @@ function get_forwarding_host_details($host) {
|
||||||
if (!isset($host) || empty($host)) {
|
if (!isset($host) || empty($host)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if (filter_var($host, FILTER_VALIDATE_IP)) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
try {
|
try {
|
||||||
if ($source = $redis->hGet('WHITELISTED_FWD_HOST', $host)) {
|
if ($source = $redis->hGet('WHITELISTED_FWD_HOST', $host)) {
|
||||||
$data['host'] = $host;
|
$data['host'] = $host;
|
||||||
|
@ -5301,10 +5209,6 @@ function get_logs($container, $lines = 100) {
|
||||||
global $lang;
|
global $lang;
|
||||||
global $redis;
|
global $redis;
|
||||||
if ($_SESSION['mailcow_cc_role'] != "admin") {
|
if ($_SESSION['mailcow_cc_role'] != "admin") {
|
||||||
$_SESSION['return'] = array(
|
|
||||||
'type' => 'danger',
|
|
||||||
'msg' => sprintf($lang['danger']['access_denied'])
|
|
||||||
);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$lines = intval($lines);
|
$lines = intval($lines);
|
||||||
|
|
|
@ -18,6 +18,7 @@
|
||||||
<link rel="stylesheet" href="/css/footable.bootstrap.min.css">
|
<link rel="stylesheet" href="/css/footable.bootstrap.min.css">
|
||||||
<link rel="stylesheet" href="/inc/languages.min.css">
|
<link rel="stylesheet" href="/inc/languages.min.css">
|
||||||
<link rel="stylesheet" href="/css/mailcow.css">
|
<link rel="stylesheet" href="/css/mailcow.css">
|
||||||
|
<link rel="stylesheet" href="/css/animate.min.css">
|
||||||
<?=(preg_match("/mailbox.php/i", $_SERVER['REQUEST_URI'])) ? '<link rel="stylesheet" href="/css/mailbox.css">' : null;?>
|
<?=(preg_match("/mailbox.php/i", $_SERVER['REQUEST_URI'])) ? '<link rel="stylesheet" href="/css/mailbox.css">' : null;?>
|
||||||
<?=(preg_match("/admin.php/i", $_SERVER['REQUEST_URI'])) ? '<link rel="stylesheet" href="/css/admin.css">' : null;?>
|
<?=(preg_match("/admin.php/i", $_SERVER['REQUEST_URI'])) ? '<link rel="stylesheet" href="/css/admin.css">' : null;?>
|
||||||
<link rel="shortcut icon" href="/favicon.png" type="image/png">
|
<link rel="shortcut icon" href="/favicon.png" type="image/png">
|
||||||
|
|
|
@ -16,6 +16,18 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/lib/vendor/autoload.php';
|
||||||
$u2f = new u2flib_server\U2F('https://' . $_SERVER['HTTP_HOST']);
|
$u2f = new u2flib_server\U2F('https://' . $_SERVER['HTTP_HOST']);
|
||||||
$tfa = new RobThree\Auth\TwoFactorAuth('mailcow UI');
|
$tfa = new RobThree\Auth\TwoFactorAuth('mailcow UI');
|
||||||
|
|
||||||
|
// OWASP CSRF Protector
|
||||||
|
$csrfProtector = new csrfProtector;
|
||||||
|
class mailcowCsrfProtector extends csrfprotector {
|
||||||
|
public static function logCSRFattack() {
|
||||||
|
$_SESSION['return'] = array(
|
||||||
|
'type' => 'danger',
|
||||||
|
'msg' => 'CSRF violation'
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
mailcowCsrfProtector::init();
|
||||||
|
|
||||||
// Redis
|
// Redis
|
||||||
$redis = new Redis();
|
$redis = new Redis();
|
||||||
$redis->connect('redis-mailcow', 6379);
|
$redis->connect('redis-mailcow', 6379);
|
||||||
|
|
|
@ -48,8 +48,8 @@ $(document).ready(function() {
|
||||||
jsonp: false,
|
jsonp: false,
|
||||||
complete: function (data) {
|
complete: function (data) {
|
||||||
// var reponse = (JSON.parse(data.responseText));
|
// var reponse = (JSON.parse(data.responseText));
|
||||||
// alert(reponse.type);
|
// console.log(reponse.type);
|
||||||
// alert(reponse.msg);
|
// console.log(reponse.msg);
|
||||||
location.assign(window.location);
|
location.assign(window.location);
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
@ -133,8 +133,8 @@ jQuery(function($){
|
||||||
dataType: 'json',
|
dataType: 'json',
|
||||||
url: '/api/v1/get/domain/all',
|
url: '/api/v1/get/domain/all',
|
||||||
jsonp: false,
|
jsonp: false,
|
||||||
error: function () {
|
error: function (data) {
|
||||||
alert('Cannot draw domain table');
|
console.log('Cannot draw domain table');
|
||||||
},
|
},
|
||||||
success: function (data) {
|
success: function (data) {
|
||||||
$.each(data, function (i, item) {
|
$.each(data, function (i, item) {
|
||||||
|
@ -201,7 +201,7 @@ jQuery(function($){
|
||||||
url: '/api/v1/get/mailbox/all',
|
url: '/api/v1/get/mailbox/all',
|
||||||
jsonp: false,
|
jsonp: false,
|
||||||
error: function () {
|
error: function () {
|
||||||
alert('Cannot draw mailbox table');
|
console.log('Cannot draw mailbox table');
|
||||||
},
|
},
|
||||||
success: function (data) {
|
success: function (data) {
|
||||||
$.each(data, function (i, item) {
|
$.each(data, function (i, item) {
|
||||||
|
@ -260,7 +260,7 @@ jQuery(function($){
|
||||||
url: '/api/v1/get/resource/all',
|
url: '/api/v1/get/resource/all',
|
||||||
jsonp: false,
|
jsonp: false,
|
||||||
error: function () {
|
error: function () {
|
||||||
alert('Cannot draw resource table');
|
console.log('Cannot draw resource table');
|
||||||
},
|
},
|
||||||
success: function (data) {
|
success: function (data) {
|
||||||
$.each(data, function (i, item) {
|
$.each(data, function (i, item) {
|
||||||
|
@ -304,7 +304,7 @@ jQuery(function($){
|
||||||
url: '/api/v1/get/alias/all',
|
url: '/api/v1/get/alias/all',
|
||||||
jsonp: false,
|
jsonp: false,
|
||||||
error: function () {
|
error: function () {
|
||||||
alert('Cannot draw alias table');
|
console.log('Cannot draw alias table');
|
||||||
},
|
},
|
||||||
success: function (data) {
|
success: function (data) {
|
||||||
$.each(data, function (i, item) {
|
$.each(data, function (i, item) {
|
||||||
|
@ -353,7 +353,7 @@ jQuery(function($){
|
||||||
url: '/api/v1/get/alias-domain/all',
|
url: '/api/v1/get/alias-domain/all',
|
||||||
jsonp: false,
|
jsonp: false,
|
||||||
error: function () {
|
error: function () {
|
||||||
alert('Cannot draw alias domain table');
|
console.log('Cannot draw alias domain table');
|
||||||
},
|
},
|
||||||
success: function (data) {
|
success: function (data) {
|
||||||
$.each(data, function (i, item) {
|
$.each(data, function (i, item) {
|
||||||
|
|
File diff suppressed because one or more lines are too long
|
@ -93,7 +93,7 @@ $_SESSION['return_to'] = $_SERVER['REQUEST_URI'];
|
||||||
<h3 class="panel-title"><?=$lang['mailbox']['resources'];?></h3>
|
<h3 class="panel-title"><?=$lang['mailbox']['resources'];?></h3>
|
||||||
</div>
|
</div>
|
||||||
<div class="table-responsive">
|
<div class="table-responsive">
|
||||||
<table id="resources_table" class="table table-striped"></table>
|
<table id="resource_table" class="table table-striped"></table>
|
||||||
</div>
|
</div>
|
||||||
<div class="mass-actions-mailbox">
|
<div class="mass-actions-mailbox">
|
||||||
<div class="btn-group">
|
<div class="btn-group">
|
||||||
|
|
Loading…
Reference in New Issue