paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Web] Fix time limited alias creation via API, thanks to @ntimo

master
andryyy 2020-04-25 09:44:04 +02:00
parent c6e6d3e8ee
commit 1db85df0db
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
data/web/inc/functions.mailbox.inc.php
View File

@ -43,9 +43,15 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
); );
return false; return false;
} }
$stmt = $pdo->prepare("SELECT `domain` FROM `mailbox` WHERE `username` = :username"); $domain = mailbox('get', 'mailbox_details', $username)
$stmt->execute(array(':username' => $_SESSION['mailcow_cc_username'])); if (!is_valid_domain_name($domain)) {
$domain = $stmt->fetch(PDO::FETCH_ASSOC)['domain']; $_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => 'domain_invalid'
);
return false;
}
$validity = strtotime("+".$_data["validity"]." hour"); $validity = strtotime("+".$_data["validity"]." hour");
$letters = 'abcefghijklmnopqrstuvwxyz1234567890'; $letters = 'abcefghijklmnopqrstuvwxyz1234567890';
$random_name = substr(str_shuffle($letters), 0, 24); $random_name = substr(str_shuffle($letters), 0, 24);
@ -59,7 +65,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$_SESSION['return'][] = array( $_SESSION['return'][] = array(
'type' => 'success', 'type' => 'success',
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr), 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
'msg' => array('mailbox_modified', htmlspecialchars($_SESSION['mailcow_cc_username'])) 'msg' => array('mailbox_modified', $username)
); );
break; break;
case 'global_filter': case 'global_filter':