mailcow/src/mailcow-dockerized/data/web/inc/functions.address_rewriting.inc.php - kubeia - Gitiles

 <?php
 function bcc($_action, $_data = null, $_attr = null) {
 	global $pdo;
 	global $lang;
   if ($_SESSION['mailcow_cc_role'] != "admin" && $_SESSION['mailcow_cc_role'] != "domainadmin") {
     return false;
   }
   switch ($_action) {
     case 'add':
       if (!isset($_SESSION['acl']['bcc_maps']) || $_SESSION['acl']['bcc_maps'] != "1" ) {
         $_SESSION['return'][] = array(
           'type' => 'danger',
           'log' => array(__FUNCTION__, $_action, $_data, $_attr),
           'msg' => 'access_denied'
         );
         return false;
       }
       $local_dest = strtolower(trim($_data['local_dest']));
       $bcc_dest = $_data['bcc_dest'];
       $active = intval($_data['active']);
       $type = $_data['type'];
       if ($type != 'sender' && $type != 'rcpt') {
         $_SESSION['return'][] = array(
           'type' => 'danger',
           'log' => array(__FUNCTION__, $_action, $_data, $_attr),
           'msg' => 'invalid_bcc_map_type'
         );
         return false;
       }
       if (empty($bcc_dest)) {
         $_SESSION['return'][] = array(
           'type' => 'danger',
           'log' => array(__FUNCTION__, $_action, $_data, $_attr),
           'msg' => 'bcc_empty'
         );
         return false;
       }
       if (is_valid_domain_name($local_dest)) {
         if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $local_dest)) {
           $_SESSION['return'][] = array(
             'type' => 'danger',
             'log' => array(__FUNCTION__, $_action, $_data, $_attr),
             'msg' => 'access_denied'
           );
           return false;
         }
         $domain = idn_to_ascii($local_dest, 0, INTL_IDNA_VARIANT_UTS46);
         $local_dest_sane = '@' . idn_to_ascii($local_dest, 0, INTL_IDNA_VARIANT_UTS46);
       }
       elseif (filter_var($local_dest, FILTER_VALIDATE_EMAIL)) {
         $mailbox = mailbox('get', 'mailbox_details', $local_dest);
         $shared_aliases = mailbox('get', 'shared_aliases');
         $direct_aliases = mailbox('get', 'direct_aliases');
         if ($mailbox === false && in_array($local_dest, array_merge($direct_aliases, $shared_aliases)) === false) {
           $_SESSION['return'][] = array(
             'type' => 'danger',
             'log' => array(__FUNCTION__, $_action, $_data, $_attr),
             'msg' => 'access_denied'
           );
           return false;
         }
         if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $local_dest) &&
           !hasAliasObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $local_dest)) {
             $_SESSION['return'][] = array(
               'type' => 'danger',
               'log' => array(__FUNCTION__, $_action, $_data, $_attr),
               'msg' => 'access_denied'
             );
             return false;
         }
         $domain = idn_to_ascii(substr(strstr($local_dest, '@'), 1), 0, INTL_IDNA_VARIANT_UTS46);
         $local_dest_sane = $local_dest;
       }
       else {
         return false;
       }
       if (!filter_var($bcc_dest, FILTER_VALIDATE_EMAIL)) {
         $_SESSION['return'][] = array(
           'type' => 'danger',
           'log' => array(__FUNCTION__, $_action, $_data, $_attr),
           'msg' => array('bcc_must_be_email', htmlspecialchars($bcc_dest))
         );
         return false;
       }

       $stmt = $pdo->prepare("SELECT `id` FROM `bcc_maps`
         WHERE `local_dest` = :local_dest AND `type` = :type");
       $stmt->execute(array(':local_dest' => $local_dest_sane, ':type' => $type));
       $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));

       if ($num_results != 0) {
         $_SESSION['return'][] = array(
           'type' => 'danger',
           'log' => array(__FUNCTION__, $_action, $_data, $_attr),
           'msg' => array('bcc_exists', htmlspecialchars($local_dest_sane), $type)
         );
         return false;
       }
       $stmt = $pdo->prepare("INSERT INTO `bcc_maps` (`local_dest`, `bcc_dest`, `domain`, `active`, `type`) VALUES
         (:local_dest, :bcc_dest, :domain, :active, :type)");
       $stmt->execute(array(
         ':local_dest' => $local_dest_sane,
         ':bcc_dest' => $bcc_dest,
         ':domain' => $domain,
         ':active' => $active,
         ':type' => $type
       ));
       $_SESSION['return'][] = array(
         'type' => 'success',
         'log' => array(__FUNCTION__, $_action, $_data, $_attr),
         'msg' => 'bcc_saved'
       );
     break;
     case 'edit':
       if (!isset($_SESSION['acl']['bcc_maps']) || $_SESSION['acl']['bcc_maps'] != "1" ) {
         $_SESSION['return'][] = array(
           'type' => 'danger',
           'log' => array(__FUNCTION__, $_action, $_data, $_attr),
           'msg' => 'access_denied'
         );
         return false;
       }
       $ids = (array)$_data['id'];
       foreach ($ids as $id) {
         $is_now = bcc('details', $id);
         if (!empty($is_now)) {
           $active = (isset($_data['active'])) ? intval($_data['active']) : $is_now['active'];
           $bcc_dest = (!empty($_data['bcc_dest'])) ? $_data['bcc_dest'] : $is_now['bcc_dest'];
           $local_dest = $is_now['local_dest'];
           $type = (!empty($_data['type'])) ? $_data['type'] : $is_now['type'];
         }
         else {
           $_SESSION['return'][] = array(
             'type' => 'danger',
             'log' => array(__FUNCTION__, $_action, $_data, $_attr),
             'msg' => 'access_denied'
           );
           continue;
         }
         if (!filter_var($bcc_dest, FILTER_VALIDATE_EMAIL)) {
           $_SESSION['return'][] = array(
             'type' => 'danger',
             'log' => array(__FUNCTION__, $_action, $_data, $_attr),
             'msg' => array('bcc_must_be_email', $bcc_dest)
           );
           continue;
         }
         if (empty($bcc_dest)) {
           $_SESSION['return'][] = array(
             'type' => 'danger',
             'log' => array(__FUNCTION__, $_action, $_data, $_attr),
             'msg' => array('bcc_must_be_email', $bcc_dest)
           );
           continue;
         }
         $stmt = $pdo->prepare("SELECT `id` FROM `bcc_maps`
           WHERE `local_dest` = :local_dest AND `type` = :type");
         $stmt->execute(array(':local_dest' => $local_dest, ':type' => $type));
         $id_now = $stmt->fetch(PDO::FETCH_ASSOC)['id'];

         if (isset($id_now) && $id_now != $id) {
           $_SESSION['return'][] = array(
             'type' => 'danger',
             'log' => array(__FUNCTION__, $_action, $_data, $_attr),
             'msg' => array('bcc_exists', htmlspecialchars($local_dest), $type)
           );
           continue;
         }

         $stmt = $pdo->prepare("UPDATE `bcc_maps` SET `bcc_dest` = :bcc_dest, `active` = :active, `type` = :type WHERE `id`= :id");
         $stmt->execute(array(
           ':bcc_dest' => $bcc_dest,
           ':active' => $active,
           ':type' => $type,
           ':id' => $id
         ));
         $_SESSION['return'][] = array(
           'type' => 'success',
           'log' => array(__FUNCTION__, $_action, $_data, $_attr),
           'msg' => array('bcc_edited', $bcc_dest)
         );
       }
     break;
     case 'details':
       $bccdata = array();
       $id = intval($_data);

       $stmt = $pdo->prepare("SELECT `id`,
         `local_dest`,
         `bcc_dest`,
         `active`,
         `type`,
         `created`,
         `domain`,
         `modified` FROM `bcc_maps`
           WHERE `id` = :id");
       $stmt->execute(array(':id' => $id));
       $bccdata = $stmt->fetch(PDO::FETCH_ASSOC);

       if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $bccdata['domain'])) {
         $bccdata = null;
         return false;
       }
       return $bccdata;
     break;
     case 'get':
       $bccdata = array();
       $all_items = array();
       $id = intval($_data);

       $stmt = $pdo->query("SELECT `id`, `domain` FROM `bcc_maps`");
       $all_items = $stmt->fetchAll(PDO::FETCH_ASSOC);

       foreach ($all_items as $i) {
         if (hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $i['domain'])) {
           $bccdata[] = $i['id'];
         }
       }
       $all_items = null;
       return $bccdata;
     break;
     case 'delete':
       if (!isset($_SESSION['acl']['bcc_maps']) || $_SESSION['acl']['bcc_maps'] != "1" ) {
         $_SESSION['return'][] = array(
           'type' => 'danger',
           'log' => array(__FUNCTION__, $_action, $_data, $_attr),
           'msg' => 'access_denied'
         );
         return false;
       }
       $ids = (array)$_data['id'];
       foreach ($ids as $id) {
         if (!is_numeric($id)) {
           return false;
         }
         $stmt = $pdo->prepare("SELECT `domain` FROM `bcc_maps` WHERE id = :id");
         $stmt->execute(array(':id' => $id));
         $domain = $stmt->fetch(PDO::FETCH_ASSOC)['domain'];
         if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
           $_SESSION['return'][] = array(
             'type' => 'danger',
             'log' => array(__FUNCTION__, $_action, $_data, $_attr),
             'msg' => 'access_denied'
           );
           continue;
         }
         $stmt = $pdo->prepare("DELETE FROM `bcc_maps` WHERE `id`= :id");
         $stmt->execute(array(':id' => $id));

         $_SESSION['return'][] = array(
           'type' => 'success',
           'log' => array(__FUNCTION__, $_action, $_data, $_attr),
           'msg' => array('bcc_deleted', $id)
         );
       }
     break;
   }
 }

 function recipient_map($_action, $_data = null, $attr = null) {
 	global $pdo;
 	global $lang;
   if ($_SESSION['mailcow_cc_role'] != "admin") {
     return false;
   }
   switch ($_action) {
     case 'add':
       $old_dest = strtolower(trim($_data['recipient_map_old']));
       if (substr($old_dest, 0, 1) == '@') {
         $old_dest = substr($old_dest, 1);
       }
       $new_dest = strtolower(trim($_data['recipient_map_new']));
       $active = intval($_data['active']);
       if (is_valid_domain_name($old_dest)) {
         $old_dest_sane = '@' . idn_to_ascii($old_dest, 0, INTL_IDNA_VARIANT_UTS46);
       }
       elseif (filter_var($old_dest, FILTER_VALIDATE_EMAIL)) {
         $old_dest_sane = $old_dest;
       }
       else {
         $_SESSION['return'][] = array(
           'type' => 'danger',
           'log' => array(__FUNCTION__, $_action, $_data, $_attr),
           'msg' => array('invalid_recipient_map_old', htmlspecialchars($old_dest))
         );
         return false;
       }
       if (!filter_var($new_dest, FILTER_VALIDATE_EMAIL)) {
         $_SESSION['return'][] = array(
           'type' => 'danger',
           'log' => array(__FUNCTION__, $_action, $_data, $_attr),
           'msg' => array('invalid_recipient_map_new', htmlspecialchars($new_dest))
         );
         return false;
       }
       $rmaps = recipient_map('get');
       foreach ($rmaps as $rmap) {
         if (recipient_map('details', $rmap)['recipient_map_old'] == $old_dest_sane) {
           $_SESSION['return'][] = array(
             'type' => 'danger',
             'log' => array(__FUNCTION__, $_action, $_data, $_attr),
             'msg' => array('recipient_map_entry_exists', htmlspecialchars($old_dest_sane))
           );
           return false;
         }
       }
       $stmt = $pdo->prepare("INSERT INTO `recipient_maps` (`old_dest`, `new_dest`, `active`) VALUES
         (:old_dest, :new_dest, :active)");
       $stmt->execute(array(
         ':old_dest' => $old_dest_sane,
         ':new_dest' => $new_dest,
         ':active' => $active
       ));
       $_SESSION['return'][] = array(
         'type' => 'success',
         'log' => array(__FUNCTION__, $_action, $_data, $_attr),
         'msg' => array('recipient_map_entry_saved', htmlspecialchars($old_dest_sane))
       );
     break;
     case 'edit':
       $ids = (array)$_data['id'];
       foreach ($ids as $id) {
         $is_now = recipient_map('details', $id);
         if (!empty($is_now)) {
           $active = (isset($_data['active'])) ? intval($_data['active']) : $is_now['active'];
           $new_dest = (!empty($_data['recipient_map_new'])) ? $_data['recipient_map_new'] : $is_now['recipient_map_new'];
           $old_dest = (!empty($_data['recipient_map_old'])) ? $_data['recipient_map_old'] : $is_now['recipient_map_old'];
           if (substr($old_dest, 0, 1) == '@') {
             $old_dest = substr($old_dest, 1);
           }
         }
         else {
           $_SESSION['return'][] = array(
             'type' => 'danger',
             'log' => array(__FUNCTION__, $_action, $_data, $_attr),
             'msg' => 'access_denied'
           );
           continue;
         }
         if (is_valid_domain_name($old_dest)) {
           $old_dest_sane = '@' . idn_to_ascii($old_dest, 0, INTL_IDNA_VARIANT_UTS46);
         }
         elseif (filter_var($old_dest, FILTER_VALIDATE_EMAIL)) {
           $old_dest_sane = $old_dest;
         }
         else {
           $_SESSION['return'][] = array(
             'type' => 'danger',
             'log' => array(__FUNCTION__, $_action, $_data, $_attr),
             'msg' => array('invalid_recipient_map_old', htmlspecialchars($old_dest))
           );
           continue;
         }
         if (!filter_var($new_dest, FILTER_VALIDATE_EMAIL)) {
           $_SESSION['return'][] = array(
             'type' => 'danger',
             'log' => array(__FUNCTION__, $_action, $_data, $_attr),
             'msg' => array('invalid_recipient_map_new', htmlspecialchars($new_dest))
           );
           continue;
         }
         $rmaps = recipient_map('get');
         foreach ($rmaps as $rmap) {
           if ($rmap == $id) { continue; }
           if (recipient_map('details', $rmap)['recipient_map_old'] == $old_dest_sane) {
             $_SESSION['return'][] = array(
               'type' => 'danger',
               'log' => array(__FUNCTION__, $_action, $_data, $_attr),
               'msg' => array('recipient_map_entry_exists', htmlspecialchars($old_dest_sane))
             );
             return false;
           }
         }
         $stmt = $pdo->prepare("UPDATE `recipient_maps` SET
           `old_dest` = :old_dest,
           `new_dest` = :new_dest,
           `active` = :active
             WHERE `id`= :id");
         $stmt->execute(array(
           ':old_dest' => $old_dest_sane,
           ':new_dest' => $new_dest,
           ':active' => $active,
           ':id' => $id
         ));
         $_SESSION['return'][] = array(
           'type' => 'success',
           'log' => array(__FUNCTION__, $_action, $_data, $_attr),
           'msg' => array('recipient_map_entry_saved', htmlspecialchars($old_dest_sane))
         );
       }
     break;
     case 'details':
       $mapdata = array();
       $id = intval($_data);

       $stmt = $pdo->prepare("SELECT `id`,
         `old_dest` AS `recipient_map_old`,
         `new_dest` AS `recipient_map_new`,
         `active`,
         `created`,
         `modified` FROM `recipient_maps`
           WHERE `id` = :id");
       $stmt->execute(array(':id' => $id));
       $mapdata = $stmt->fetch(PDO::FETCH_ASSOC);

       return $mapdata;
     break;
     case 'get':
       $mapdata = array();
       $all_items = array();
       $id = intval($_data);

       $stmt = $pdo->query("SELECT `id` FROM `recipient_maps`");
       $all_items = $stmt->fetchAll(PDO::FETCH_ASSOC);

       foreach ($all_items as $i) {
         $mapdata[] = $i['id'];
       }
       $all_items = null;
       return $mapdata;
     break;
     case 'delete':
       $ids = (array)$_data['id'];
       foreach ($ids as $id) {
         if (!is_numeric($id)) {
           return false;
         }
         $stmt = $pdo->prepare("DELETE FROM `recipient_maps` WHERE `id`= :id");
         $stmt->execute(array(':id' => $id));
         $_SESSION['return'][] = array(
           'type' => 'success',
           'log' => array(__FUNCTION__, $_action, $_data, $_attr),
           'msg' => array('recipient_map_entry_deleted', htmlspecialchars($id))
         );
       }
     break;
   }
 }
	<?php
	function bcc($_action, $_data = null, $_attr = null) {
	global $pdo;
	global $lang;
	if ($_SESSION['mailcow_cc_role'] != "admin" && $_SESSION['mailcow_cc_role'] != "domainadmin") {
	return false;
	}
	switch ($_action) {
	case 'add':
	if (!isset($_SESSION['acl']['bcc_maps']) \|\| $_SESSION['acl']['bcc_maps'] != "1" ) {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => 'access_denied'
	);
	return false;
	}
	$local_dest = strtolower(trim($_data['local_dest']));
	$bcc_dest = $_data['bcc_dest'];
	$active = intval($_data['active']);
	$type = $_data['type'];
	if ($type != 'sender' && $type != 'rcpt') {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => 'invalid_bcc_map_type'
	);
	return false;
	}
	if (empty($bcc_dest)) {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => 'bcc_empty'
	);
	return false;
	}
	if (is_valid_domain_name($local_dest)) {
	if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $local_dest)) {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => 'access_denied'
	);
	return false;
	}
	$domain = idn_to_ascii($local_dest, 0, INTL_IDNA_VARIANT_UTS46);
	$local_dest_sane = '@' . idn_to_ascii($local_dest, 0, INTL_IDNA_VARIANT_UTS46);
	}
	elseif (filter_var($local_dest, FILTER_VALIDATE_EMAIL)) {
	$mailbox = mailbox('get', 'mailbox_details', $local_dest);
	$shared_aliases = mailbox('get', 'shared_aliases');
	$direct_aliases = mailbox('get', 'direct_aliases');
	if ($mailbox === false && in_array($local_dest, array_merge($direct_aliases, $shared_aliases)) === false) {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => 'access_denied'
	);
	return false;
	}
	if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $local_dest) &&
	!hasAliasObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $local_dest)) {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => 'access_denied'
	);
	return false;
	}
	$domain = idn_to_ascii(substr(strstr($local_dest, '@'), 1), 0, INTL_IDNA_VARIANT_UTS46);
	$local_dest_sane = $local_dest;
	}
	else {
	return false;
	}
	if (!filter_var($bcc_dest, FILTER_VALIDATE_EMAIL)) {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => array('bcc_must_be_email', htmlspecialchars($bcc_dest))
	);
	return false;
	}

	$stmt = $pdo->prepare("SELECT `id` FROM `bcc_maps`
	WHERE `local_dest` = :local_dest AND `type` = :type");
	$stmt->execute(array(':local_dest' => $local_dest_sane, ':type' => $type));
	$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));

	if ($num_results != 0) {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => array('bcc_exists', htmlspecialchars($local_dest_sane), $type)
	);
	return false;
	}
	$stmt = $pdo->prepare("INSERT INTO `bcc_maps` (`local_dest`, `bcc_dest`, `domain`, `active`, `type`) VALUES
	(:local_dest, :bcc_dest, :domain, :active, :type)");
	$stmt->execute(array(
	':local_dest' => $local_dest_sane,
	':bcc_dest' => $bcc_dest,
	':domain' => $domain,
	':active' => $active,
	':type' => $type
	));
	$_SESSION['return'][] = array(
	'type' => 'success',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => 'bcc_saved'
	);
	break;
	case 'edit':
	if (!isset($_SESSION['acl']['bcc_maps']) \|\| $_SESSION['acl']['bcc_maps'] != "1" ) {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => 'access_denied'
	);
	return false;
	}
	$ids = (array)$_data['id'];
	foreach ($ids as $id) {
	$is_now = bcc('details', $id);
	if (!empty($is_now)) {
	$active = (isset($_data['active'])) ? intval($_data['active']) : $is_now['active'];
	$bcc_dest = (!empty($_data['bcc_dest'])) ? $_data['bcc_dest'] : $is_now['bcc_dest'];
	$local_dest = $is_now['local_dest'];
	$type = (!empty($_data['type'])) ? $_data['type'] : $is_now['type'];
	}
	else {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => 'access_denied'
	);
	continue;
	}
	if (!filter_var($bcc_dest, FILTER_VALIDATE_EMAIL)) {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => array('bcc_must_be_email', $bcc_dest)
	);
	continue;
	}
	if (empty($bcc_dest)) {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => array('bcc_must_be_email', $bcc_dest)
	);
	continue;
	}
	$stmt = $pdo->prepare("SELECT `id` FROM `bcc_maps`
	WHERE `local_dest` = :local_dest AND `type` = :type");
	$stmt->execute(array(':local_dest' => $local_dest, ':type' => $type));
	$id_now = $stmt->fetch(PDO::FETCH_ASSOC)['id'];

	if (isset($id_now) && $id_now != $id) {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => array('bcc_exists', htmlspecialchars($local_dest), $type)
	);
	continue;
	}

	$stmt = $pdo->prepare("UPDATE `bcc_maps` SET `bcc_dest` = :bcc_dest, `active` = :active, `type` = :type WHERE `id`= :id");
	$stmt->execute(array(
	':bcc_dest' => $bcc_dest,
	':active' => $active,
	':type' => $type,
	':id' => $id
	));
	$_SESSION['return'][] = array(
	'type' => 'success',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => array('bcc_edited', $bcc_dest)
	);
	}
	break;
	case 'details':
	$bccdata = array();
	$id = intval($_data);

	$stmt = $pdo->prepare("SELECT `id`,
	`local_dest`,
	`bcc_dest`,
	`active`,
	`type`,
	`created`,
	`domain`,
	`modified` FROM `bcc_maps`
	WHERE `id` = :id");
	$stmt->execute(array(':id' => $id));
	$bccdata = $stmt->fetch(PDO::FETCH_ASSOC);

	if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $bccdata['domain'])) {
	$bccdata = null;
	return false;
	}
	return $bccdata;
	break;
	case 'get':
	$bccdata = array();
	$all_items = array();
	$id = intval($_data);

	$stmt = $pdo->query("SELECT `id`, `domain` FROM `bcc_maps`");
	$all_items = $stmt->fetchAll(PDO::FETCH_ASSOC);

	foreach ($all_items as $i) {
	if (hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $i['domain'])) {
	$bccdata[] = $i['id'];
	}
	}
	$all_items = null;
	return $bccdata;
	break;
	case 'delete':
	if (!isset($_SESSION['acl']['bcc_maps']) \|\| $_SESSION['acl']['bcc_maps'] != "1" ) {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => 'access_denied'
	);
	return false;
	}
	$ids = (array)$_data['id'];
	foreach ($ids as $id) {
	if (!is_numeric($id)) {
	return false;
	}
	$stmt = $pdo->prepare("SELECT `domain` FROM `bcc_maps` WHERE id = :id");
	$stmt->execute(array(':id' => $id));
	$domain = $stmt->fetch(PDO::FETCH_ASSOC)['domain'];
	if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => 'access_denied'
	);
	continue;
	}
	$stmt = $pdo->prepare("DELETE FROM `bcc_maps` WHERE `id`= :id");
	$stmt->execute(array(':id' => $id));

	$_SESSION['return'][] = array(
	'type' => 'success',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => array('bcc_deleted', $id)
	);
	}
	break;
	}
	}

	function recipient_map($_action, $_data = null, $attr = null) {
	global $pdo;
	global $lang;
	if ($_SESSION['mailcow_cc_role'] != "admin") {
	return false;
	}
	switch ($_action) {
	case 'add':
	$old_dest = strtolower(trim($_data['recipient_map_old']));
	if (substr($old_dest, 0, 1) == '@') {
	$old_dest = substr($old_dest, 1);
	}
	$new_dest = strtolower(trim($_data['recipient_map_new']));
	$active = intval($_data['active']);
	if (is_valid_domain_name($old_dest)) {
	$old_dest_sane = '@' . idn_to_ascii($old_dest, 0, INTL_IDNA_VARIANT_UTS46);
	}
	elseif (filter_var($old_dest, FILTER_VALIDATE_EMAIL)) {
	$old_dest_sane = $old_dest;
	}
	else {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => array('invalid_recipient_map_old', htmlspecialchars($old_dest))
	);
	return false;
	}
	if (!filter_var($new_dest, FILTER_VALIDATE_EMAIL)) {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => array('invalid_recipient_map_new', htmlspecialchars($new_dest))
	);
	return false;
	}
	$rmaps = recipient_map('get');
	foreach ($rmaps as $rmap) {
	if (recipient_map('details', $rmap)['recipient_map_old'] == $old_dest_sane) {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => array('recipient_map_entry_exists', htmlspecialchars($old_dest_sane))
	);
	return false;
	}
	}
	$stmt = $pdo->prepare("INSERT INTO `recipient_maps` (`old_dest`, `new_dest`, `active`) VALUES
	(:old_dest, :new_dest, :active)");
	$stmt->execute(array(
	':old_dest' => $old_dest_sane,
	':new_dest' => $new_dest,
	':active' => $active
	));
	$_SESSION['return'][] = array(
	'type' => 'success',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => array('recipient_map_entry_saved', htmlspecialchars($old_dest_sane))
	);
	break;
	case 'edit':
	$ids = (array)$_data['id'];
	foreach ($ids as $id) {
	$is_now = recipient_map('details', $id);
	if (!empty($is_now)) {
	$active = (isset($_data['active'])) ? intval($_data['active']) : $is_now['active'];
	$new_dest = (!empty($_data['recipient_map_new'])) ? $_data['recipient_map_new'] : $is_now['recipient_map_new'];
	$old_dest = (!empty($_data['recipient_map_old'])) ? $_data['recipient_map_old'] : $is_now['recipient_map_old'];
	if (substr($old_dest, 0, 1) == '@') {
	$old_dest = substr($old_dest, 1);
	}
	}
	else {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => 'access_denied'
	);
	continue;
	}
	if (is_valid_domain_name($old_dest)) {
	$old_dest_sane = '@' . idn_to_ascii($old_dest, 0, INTL_IDNA_VARIANT_UTS46);
	}
	elseif (filter_var($old_dest, FILTER_VALIDATE_EMAIL)) {
	$old_dest_sane = $old_dest;
	}
	else {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => array('invalid_recipient_map_old', htmlspecialchars($old_dest))
	);
	continue;
	}
	if (!filter_var($new_dest, FILTER_VALIDATE_EMAIL)) {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => array('invalid_recipient_map_new', htmlspecialchars($new_dest))
	);
	continue;
	}
	$rmaps = recipient_map('get');
	foreach ($rmaps as $rmap) {
	if ($rmap == $id) { continue; }
	if (recipient_map('details', $rmap)['recipient_map_old'] == $old_dest_sane) {
	$_SESSION['return'][] = array(
	'type' => 'danger',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => array('recipient_map_entry_exists', htmlspecialchars($old_dest_sane))
	);
	return false;
	}
	}
	$stmt = $pdo->prepare("UPDATE `recipient_maps` SET
	`old_dest` = :old_dest,
	`new_dest` = :new_dest,
	`active` = :active
	WHERE `id`= :id");
	$stmt->execute(array(
	':old_dest' => $old_dest_sane,
	':new_dest' => $new_dest,
	':active' => $active,
	':id' => $id
	));
	$_SESSION['return'][] = array(
	'type' => 'success',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => array('recipient_map_entry_saved', htmlspecialchars($old_dest_sane))
	);
	}
	break;
	case 'details':
	$mapdata = array();
	$id = intval($_data);

	$stmt = $pdo->prepare("SELECT `id`,
	`old_dest` AS `recipient_map_old`,
	`new_dest` AS `recipient_map_new`,
	`active`,
	`created`,
	`modified` FROM `recipient_maps`
	WHERE `id` = :id");
	$stmt->execute(array(':id' => $id));
	$mapdata = $stmt->fetch(PDO::FETCH_ASSOC);

	return $mapdata;
	break;
	case 'get':
	$mapdata = array();
	$all_items = array();
	$id = intval($_data);

	$stmt = $pdo->query("SELECT `id` FROM `recipient_maps`");
	$all_items = $stmt->fetchAll(PDO::FETCH_ASSOC);

	foreach ($all_items as $i) {
	$mapdata[] = $i['id'];
	}
	$all_items = null;
	return $mapdata;
	break;
	case 'delete':
	$ids = (array)$_data['id'];
	foreach ($ids as $id) {
	if (!is_numeric($id)) {
	return false;
	}
	$stmt = $pdo->prepare("DELETE FROM `recipient_maps` WHERE `id`= :id");
	$stmt->execute(array(':id' => $id));
	$_SESSION['return'][] = array(
	'type' => 'success',
	'log' => array(__FUNCTION__, $_action, $_data, $_attr),
	'msg' => array('recipient_map_entry_deleted', htmlspecialchars($id))
	);
	}
	break;
	}
	}