Blame - mailcow/src/mailcow-dockerized/data/web/inc/triggers.inc.php - kubeia

blob: 8785759a192890bf96ddf759bfcf23eeb0c21099 [file] [log] [blame]

Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame]	1	<?php
				2	if (isset($_POST["verify_tfa_login"])) {
				3	if (verify_tfa_login($_SESSION['pending_mailcow_cc_username'], $_POST["token"])) {
				4	$_SESSION['mailcow_cc_username'] = $_SESSION['pending_mailcow_cc_username'];
				5	$_SESSION['mailcow_cc_role'] = $_SESSION['pending_mailcow_cc_role'];
				6	unset($_SESSION['pending_mailcow_cc_username']);
				7	unset($_SESSION['pending_mailcow_cc_role']);
				8	unset($_SESSION['pending_tfa_method']);
				9	header("Location: /user");
				10	}
				11	}
				12
				13	if (isset($_POST["quick_release"])) {
				14	quarantine('quick_release', $_POST["quick_release"]);
				15	}
				16
				17	if (isset($_POST["quick_delete"])) {
				18	quarantine('quick_delete', $_POST["quick_delete"]);
				19	}
				20
				21	if (isset($_POST["login_user"]) && isset($_POST["pass_user"])) {
				22	$login_user = strtolower(trim($_POST["login_user"]));
				23	$as = check_login($login_user, $_POST["pass_user"]);
				24	if ($as == "admin") {
				25	$_SESSION['mailcow_cc_username'] = $login_user;
				26	$_SESSION['mailcow_cc_role'] = "admin";
				27	$_SESSION['mailcow_cc_last_login'] = last_login($login_user);
				28	header("Location: /admin");
				29	}
				30	elseif ($as == "domainadmin") {
				31	$_SESSION['mailcow_cc_username'] = $login_user;
				32	$_SESSION['mailcow_cc_role'] = "domainadmin";
				33	$_SESSION['mailcow_cc_last_login'] = last_login($login_user);
				34	header("Location: /mailbox");
				35	}
				36	elseif ($as == "user") {
				37	$_SESSION['mailcow_cc_username'] = $login_user;
				38	$_SESSION['mailcow_cc_role'] = "user";
				39	$_SESSION['mailcow_cc_last_login'] = last_login($login_user);
				40	$http_parameters = explode('&', $_SESSION['index_query_string']);
				41	unset($_SESSION['index_query_string']);
				42	if (in_array('mobileconfig', $http_parameters)) {
				43	if (in_array('only_email', $http_parameters)) {
				44	header("Location: /mobileconfig.php?email_only");
				45	die();
				46	}
				47	header("Location: /mobileconfig.php");
				48	die();
				49	}
				50	header("Location: /user");
				51	}
				52	elseif ($as != "pending") {
				53	unset($_SESSION['pending_mailcow_cc_username']);
				54	unset($_SESSION['pending_mailcow_cc_role']);
				55	unset($_SESSION['pending_tfa_method']);
				56	unset($_SESSION['mailcow_cc_username']);
				57	unset($_SESSION['mailcow_cc_role']);
				58	}
				59	}
				60
				61	if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['acl']['login_as'] == "1") {
				62	if (isset($_GET["duallogin"])) {
				63	$duallogin = html_entity_decode(rawurldecode($_GET["duallogin"]));
				64	if (filter_var($duallogin, FILTER_VALIDATE_EMAIL)) {
				65	if (!empty(mailbox('get', 'mailbox_details', $duallogin))) {
				66	$_SESSION["dual-login"]["username"] = $_SESSION['mailcow_cc_username'];
				67	$_SESSION["dual-login"]["role"] = $_SESSION['mailcow_cc_role'];
				68	$_SESSION['mailcow_cc_username'] = $duallogin;
				69	$_SESSION['mailcow_cc_role'] = "user";
				70	header("Location: /user");
				71	}
				72	}
				73	else {
				74	if (!empty(domain_admin('details', $duallogin))) {
				75	$_SESSION["dual-login"]["username"] = $_SESSION['mailcow_cc_username'];
				76	$_SESSION["dual-login"]["role"] = $_SESSION['mailcow_cc_role'];
				77	$_SESSION['mailcow_cc_username'] = $duallogin;
				78	$_SESSION['mailcow_cc_role'] = "domainadmin";
				79	header("Location: /user");
				80	}
				81	}
				82	}
				83	}
				84
				85	if (isset($_SESSION['mailcow_cc_role']) && ($_SESSION['mailcow_cc_role'] == "admin" \|\| $_SESSION['mailcow_cc_role'] == "domainadmin")) {
				86	if (isset($_POST["set_tfa"])) {
				87	set_tfa($_POST);
				88	}
				89	if (isset($_POST["unset_tfa_key"])) {
				90	unset_tfa_key($_POST);
				91	}
				92	if (isset($_POST["unset_fido2_key"])) {
				93	fido2(array("action" => "unset_fido2_key", "post_data" => $_POST));
				94	}
				95	}
				96	if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "admin") {
				97	// TODO: Move file upload to API?
				98	if (isset($_POST["submit_main_logo"])) {
				99	if ($_FILES['main_logo']['error'] == 0) {
				100	customize('add', 'main_logo', $_FILES);
				101	}
				102	}
				103	if (isset($_POST["reset_main_logo"])) {
				104	customize('delete', 'main_logo');
				105	}
				106	// Some actions will not be available via API
				107	if (isset($_POST["license_validate_now"])) {
				108	license('verify');
				109	}
				110	if (isset($_POST["admin_api"])) {
				111	if (isset($_POST["admin_api"]["ro"])) {
				112	admin_api('ro', 'edit', $_POST);
				113	}
				114	elseif (isset($_POST["admin_api"]["rw"])) {
				115	admin_api('rw', 'edit', $_POST);
				116	}
				117	}
				118	if (isset($_POST["admin_api_regen_key"])) {
				119	if (isset($_POST["admin_api_regen_key"]["ro"])) {
				120	admin_api('ro', 'regen_key', $_POST);
				121	}
				122	elseif (isset($_POST["admin_api_regen_key"]["rw"])) {
				123	admin_api('rw', 'regen_key', $_POST);
				124	}
				125	}
				126	if (isset($_POST["rspamd_ui"])) {
				127	rspamd_ui('edit', $_POST);
				128	}
				129	if (isset($_POST["mass_send"])) {
				130	sys_mail($_POST);
				131	}
				132	}
				133	?>