Changeset 222 for bureau/class/m_mail.php

Timestamp:

02/21/06 23:52:15 (7 years ago)

Author:

anarcat

Message:

[project @ alternc: changeset 2004-05-19 14:23:06 by benjamin]
Inclusion du patch de securite 01/05/2004.

Original author: benjamin
Date: 2004-05-19 14:23:06

File:

• bureau/class/m_mail.php (modified) (27 diffs)

bureau/class/m_mail.php

@@ -1 +1 @@
 <?php
 /*
- $Id: m_mail.php,v 1.9 2004/02/17 15:38:26 remi Exp $
+ $Id: m_mail.php,v 1.10 2004/05/19 14:23:06 benjamin Exp $
  ----------------------------------------------------------------------
  LICENSE
@@ -33 +33 @@
 class m_mail {
 
-  /** Membre dont on gère les mails */
-  var $uid=0;
-
-  var $alternc_quota_name="mail";
-
   /** Connexion ldap
    * @access private
@@ -58 +53 @@
    * Constructeur
    */
-  function m_mail($membre=0) {
+  function m_mail() {
     global $L_LDAP_HOST,$L_LDAP_ROOT,$L_LDAP_ROOTPWD,$L_LDAP_POSTFIX;
-    $this->uid=$membre;
     $this->ldap=array(
                       "server"  =>      $L_LDAP_HOST,
@@ -70 +64 @@
 
   /* ----------------------------------------------------------------- */
+  /**
+   * Liste des quotas
+   */
+  function alternc_quota_names() {
+    return "mail";
+  }
+
+  /* ----------------------------------------------------------------- */
   /** Retourne la liste des domaines hébergés en mails sur le compte.
    * @return array Tableau indexé des domaines hébergés en mail.
    */
   function enum_domains() {
-    global $db,$err;
+    global $db,$err,$cuid;
     $err->log("mail","enum_domains");
     if (!is_array($this->domains)) {
-      $db->query("select * from domaines where compte=".$this->uid." AND gesmx=1;");
+      $db->query("select * from domaines where compte='$cuid' AND gesmx=1;");
       $this->domains=array();
       if ($db->num_rows()>0) {
@@ -100 +102 @@
    */
   function enum_doms_mails($dom,$sort=0) {
-    global $err;
+    global $err,$cuid;
     $err->log("mail","enum_doms_mails",$dom);
     if (!$this->_connectldap()) {
@@ -106 +108 @@
       return false;
     }
-    $sr=ldap_search($this->ds,"dc=domains,".$this->ldap["basedn"],"(&(uid=".$this->uid.")(type=mail)(mail=*@".$dom."))",array("mail","pop"));
+    $sr=ldap_search($this->ds,"dc=domains,".$this->ldap["basedn"],"(&(uid=$cuid)(type=mail)(mail=*@".$dom."))",array("mail","pop"));
     $info = ldap_get_entries($this->ds, $sr);
     if ($info["count"]==0) {
@@ -115 +117 @@
     for($i=0;$i<$info["count"];$i++) {
       if ($info[$i]["pop"][0]) {
+        /*
         $size=exec("/usr/lib/alternc/du.pl /var/alternc/mail/".substr($info[$i]["mail"][0],0,1)."/".str_replace("@","_",$info[$i]["mail"][0]));
         $size=$size*1024;
+        */
+        $size=0;
       } else {
         $size=0;
@@ -218 +223 @@
    */
   function add_wrapper($login,$domain,$command,$type) {
-    global $err;
+    global $err,$cuid;
     if (!$this->_connectldap()) {
       $err->raise("mail",1);
@@ -227 +232 @@
       return false;
     }
-    $res=array("mail" => $login."@".$domain, "uid" => $this->uid, "type" => $type, "objectclass" => "mail", "pop" => "0", "account"=>$login."_".$domain );
+    $res=array("mail" => $login."@".$domain, "uid" => $cuid, "type" => $type, "objectclass" => "mail", "pop" => "0", "account"=>$login."_".$domain );
     if (!ldap_add($this->ds,"mail=".$res["mail"].",dc=domains,".$this->ldap["basedn"],$res)) {
       $err->raise("mail",5,ldap_error($this->ds));
@@ -304 +309 @@
    */
   function put_mail_details($mail,$pop,$pass,$alias) {
-    global $err;
+    global $err,$cuid;
     $err->log("mail","put_mail_details",$mail);
     $account=array();
@@ -355 +360 @@
     }
     if ($pop) $pop="1"; else $pop="0";
-    $res=array("mail" => $mail."@".$dom, "uid" => $this->uid, "type" => "mail", "objectclass" => "mail", "pop"=> $pop);
+    $res=array("mail" => $mail."@".$dom, "uid" => $cuid, "type" => "mail", "objectclass" => "mail", "pop"=> $pop);
     $res["account"]=$account;
     //modification du mail dans ldap-domains
@@ -389 +394 @@
    */
   function add_mail($dom,$mail,$pop,$pass,$alias) {
-    global $quota,$err;
+    global $quota,$err,$cuid;
     $err->log("mail","add_mail",$dom."/".$mail);
     $account=array();
@@ -446 +451 @@
     }
     if ($pop!="1" && $pop!="0") $pop="0";
-    $res=array("mail" => $mail."@".$dom, "uid" => $this->uid, "type" => "mail", "objectclass" => "mail", "pop" => $pop);
+    $res=array("mail" => $mail."@".$dom, "uid" => $cuid, "type" => "mail", "objectclass" => "mail", "pop" => $pop);
     $res["account"]=$account;
     /* QuotaCheck */
@@ -512 +517 @@
    */
   function _createpop($mail,$dom,$pass) {
-    global $err;
+    global $err,$cuid;
     $err->log("mail","_createpop",$mail."@".$dom);
     $m=substr($mail,0,1);
@@ -523 +528 @@
     $res=array(
                "uid" => $mail."_".$dom,
-               "gidnumber" => $this->uid,
+               "gidnumber" => $cuid,
                "uidnumber" => 33,
                "objectclass" => array("posixAccount","shadowAccount"),
@@ -529 +534 @@
                "gecos" => $gecos,
                "status" => "y",
-               "userpassword" => "{CRYPT}".$this->_md5cr($pass)
+               "userpassword" => "{CRYPT}"._md5cr($pass)
                );
     @ldap_add($this->ds,"uid=".$mail."_".$dom.",dc=users,".$this->ldap["basedn"],$res);
@@ -535 +540 @@
     $res=array(
                "uid" => $mail."@".$dom,
-               "gidnumber" => $this->uid,
+               "gidnumber" => $cuid,
                "uidnumber" => 33,
                "objectclass" => array("posixAccount","shadowAccount"),
@@ -541 +546 @@
                "gecos" => $gecos,
                "status" => "y",
-               "userpassword" => "{CRYPT}".$this->_md5cr($pass)
+               "userpassword" => "{CRYPT}"._md5cr($pass)
                );
     if (!ldap_add($this->ds,"uid=".$mail."@".$dom.",dc=users,".$this->ldap["basedn"],$res)) {
@@ -563 +568 @@
         return false;
       } else {
-        exec("/usr/lib/alternc/mail_add ".$mail."_".$dom." ".$this->uid);
+        exec("/usr/lib/alternc/mail_add ".$mail."_".$dom." ".$cuid);
         exec("/bin/echo ".escapeshellarg($pass)." | /usr/sbin/saslpasswd -u postfix -c -p ".$mail."@".$dom);
         exec("/bin/echo ".escapeshellarg($pass)." | /usr/sbin/saslpasswd -u postfix -c -p ".$mail."_".$dom);
@@ -580 +585 @@
    */
   function _updatepop($mail,$dom,$pass) {
-    global $err;
+    global $err,$cuid;
     $err->log("mail","_updatepop",$mail."@".$dom);
     $m=substr($mail,0,1);
@@ -586 +591 @@
     $res=array(
                "uid" => $mail."_".$dom,
-               "gidnumber" => $this->uid,
+               "gidnumber" => $cuid,
                "uidnumber" => 33,
                "objectclass" => array("posixAccount","shadowAccount"),
@@ -592 +597 @@
                "gecos" => $mail,
                "status" => "y",
-               "userpassword" => "{CRYPT}".$this->_md5cr($pass)
+               "userpassword" => "{CRYPT}"._md5cr($pass)
                );
     @ldap_modify($this->ds,"uid=".$mail."_".$dom.",dc=users,".$this->ldap["basedn"],$res);
     $res=array(
                "uid" => $mail."@".$dom,
-               "gidnumber" => $this->uid,
+               "gidnumber" => $cuid,
                "uidnumber" => 33,
                "objectclass" => array("posixAccount","shadowAccount"),
@@ -603 +608 @@
                "gecos" => $mail,
                "status" => "y",
-               "userpassword" => "{CRYPT}".$this->_md5cr($pass)
+               "userpassword" => "{CRYPT}"._md5cr($pass)
                );
     if (!ldap_modify($this->ds,"uid=".$mail."@".$dom.",dc=users,".$this->ldap["basedn"],$res)) {
@@ -705 +710 @@
    * @return boolean TRUE si le domaine a bien été créé, FALSE si une erreur s'est produite.
    * @access private
+   * TODO : ne créer les entrées que si le MX est à true ! (déplacer a alternc_add_mx_domain
    */
   function alternc_add_domain($dom) {
-    global $err;
+    global $err,$cuid;
     $err->log("mail","add_dom",$dom);
     if (!$this->_connectldap()) {
@@ -719 +725 @@
       return false;
     }
-    $res=array("mail" => $dom, "uid" => $this->uid, "type" => "domain", "objectclass" => "mail", "account"=> $dom);
+    $res=array("mail" => $dom, "uid" => $cuid, "type" => "domain", "objectclass" => "mail", "account"=> $dom);
     if (!ldap_add($this->ds,"mail=$dom,dc=domains,".$this->ldap["basedn"],$res)) {
       $err->raise("mail",5,ldap_error($this->ds));
@@ -730 +736 @@
   function alternc_quota_check($id=-1) {
     global $quota,$err;
-    $err->log("mail","checkquota");
-    if ($id==-1) $id=$this->uid;
-    if (!$this->_connectldap()) {
-      $err->raise("mail",1);
-      return false;
-    }
-    $sr=ldap_search($this->ds,"dc=domains,".$this->ldap["basedn"],"(&(uid=".$this->uid.")(type=mail))",array(""));
-    $info = ldap_get_entries($this->ds, $sr);
-    $quota->setquota("mail",$info[count],1,$id);  
-
+    if ($id==-1) $id=$cuid;
     return true;
   }
@@ -771 +768 @@
   }
 
-  /* ----------------------------------------------------------------- */
-  /** Crypte un mot de passe en clair en MD5 avec un salt aléatoire
-   * @param string $pass Mot de passe à crypter (max 32 caractères)
-   * @return string Retourne le mot de passe crypté
-   * @access private
-   */
-  function _md5cr($pass) {
-    $salt="";     //generate a salt using characters [A-Z][a-z][0-9]./
-    $chars="./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
-    for ($i=0;$i<16;$i++) {
-      $salt.=substr($chars,(mt_rand(0,strlen($chars))),1);
-    }
-    return crypt($pass,"$1$".$salt);
-    /* " */
-  }
-
 } /* Class m_mail */