Merge remote-tracking branch 'origin/staging' into nightly
This commit is contained in:
FreddleSpl0it
@@ -1,4 +1,11 @@
|
||||
<?php
|
||||
|
||||
// Block requests by checking the 'Sec-Fetch-Dest' header.
|
||||
if (isset($_SERVER['HTTP_SEC_FETCH_DEST']) && $_SERVER['HTTP_SEC_FETCH_DEST'] !== 'empty') {
|
||||
header('HTTP/1.1 403 Forbidden');
|
||||
exit;
|
||||
}
|
||||
|
||||
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php';
|
||||
if (!isset($_SESSION['mailcow_cc_role']) || $_SESSION['mailcow_cc_role'] != 'admin') {
|
||||
exit();
|
||||
|
||||
@@ -284,17 +284,17 @@ function last_login($action, $username, $sasl_limit_days = 7, $ui_offset = 1) {
|
||||
}
|
||||
if (!$sasl[$k]['location']) {
|
||||
$curl = curl_init();
|
||||
curl_setopt($curl, CURLOPT_URL,"https://dfdata.bella.network/lookup/" . $sasl[$k]['real_rip']);
|
||||
curl_setopt($curl, CURLOPT_URL,"https://dfdata.bella.network/country/" . $sasl[$k]['real_rip']);
|
||||
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
|
||||
curl_setopt($curl, CURLOPT_USERAGENT, 'Moocow');
|
||||
curl_setopt($curl, CURLOPT_TIMEOUT, 5);
|
||||
$ip_data = curl_exec($curl);
|
||||
if (!curl_errno($curl)) {
|
||||
$ip_data_array = json_decode($ip_data, true);
|
||||
if ($ip_data_array !== false and !empty($ip_data_array['location']['shortcountry'])) {
|
||||
$sasl[$k]['location'] = $ip_data_array['location']['shortcountry'];
|
||||
if ($ip_data_array !== false and !empty($ip_data_array['shortcountry'])) {
|
||||
$sasl[$k]['location'] = $ip_data_array['shortcountry'];
|
||||
try {
|
||||
$redis->hSet('IP_SHORTCOUNTRY', $sasl[$k]['real_rip'], $ip_data_array['location']['shortcountry']);
|
||||
$redis->hSet('IP_SHORTCOUNTRY', $sasl[$k]['real_rip'], $ip_data_array['shortcountry']);
|
||||
}
|
||||
catch (RedisException $e) {
|
||||
$_SESSION['return'][] = array(
|
||||
|
||||
@@ -3588,30 +3588,54 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
$footers['plain'] = isset($_data['plain']) ? $_data['plain'] : '';
|
||||
$footers['skip_replies'] = isset($_data['skip_replies']) ? (int)$_data['skip_replies'] : 0;
|
||||
$footers['mbox_exclude'] = array();
|
||||
if (isset($_data["mbox_exclude"])){
|
||||
if (!is_array($_data["mbox_exclude"])) {
|
||||
$_data["mbox_exclude"] = array($_data["mbox_exclude"]);
|
||||
$footers['alias_domain_exclude'] = array();
|
||||
if (isset($_data["exclude"])){
|
||||
if (!is_array($_data["exclude"])) {
|
||||
$_data["exclude"] = array($_data["exclude"]);
|
||||
}
|
||||
foreach ($_data["mbox_exclude"] as $mailbox) {
|
||||
if (!filter_var($mailbox, FILTER_VALIDATE_EMAIL)) {
|
||||
foreach ($_data["exclude"] as $exclude) {
|
||||
if (filter_var($exclude, FILTER_VALIDATE_EMAIL)) {
|
||||
$stmt = $pdo->prepare("SELECT `address` FROM `alias` WHERE `address` = :address
|
||||
UNION
|
||||
SELECT `username` FROM `mailbox` WHERE `username` = :username");
|
||||
$stmt->execute(array(
|
||||
':address' => $exclude,
|
||||
':username' => $exclude,
|
||||
));
|
||||
$row = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
if(!$row){
|
||||
$_SESSION['return'][] = array(
|
||||
'type' => 'danger',
|
||||
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
|
||||
'msg' => array('username_invalid', $exclude)
|
||||
);
|
||||
continue;
|
||||
}
|
||||
array_push($footers['mbox_exclude'], $exclude);
|
||||
}
|
||||
elseif (is_valid_domain_name($exclude)) {
|
||||
$stmt = $pdo->prepare("SELECT `alias_domain` FROM `alias_domain` WHERE `alias_domain` = :alias_domain");
|
||||
$stmt->execute(array(
|
||||
':alias_domain' => $exclude,
|
||||
));
|
||||
$row = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
if(!$row){
|
||||
$_SESSION['return'][] = array(
|
||||
'type' => 'danger',
|
||||
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
|
||||
'msg' => array('username_invalid', $exclude)
|
||||
);
|
||||
continue;
|
||||
}
|
||||
array_push($footers['alias_domain_exclude'], $exclude);
|
||||
}
|
||||
else {
|
||||
$_SESSION['return'][] = array(
|
||||
'type' => 'danger',
|
||||
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
|
||||
'msg' => array('username_invalid', $mailbox)
|
||||
'msg' => array('username_invalid', $exclude)
|
||||
);
|
||||
continue;
|
||||
}
|
||||
$is_now = mailbox('get', 'mailbox_details', $mailbox);
|
||||
if(empty($is_now)){
|
||||
$_SESSION['return'][] = array(
|
||||
'type' => 'danger',
|
||||
'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
|
||||
'msg' => array('username_invalid', $mailbox)
|
||||
);
|
||||
continue;
|
||||
}
|
||||
|
||||
array_push($footers['mbox_exclude'], $mailbox);
|
||||
}
|
||||
}
|
||||
foreach ($domains as $domain) {
|
||||
@@ -3636,12 +3660,13 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
try {
|
||||
$stmt = $pdo->prepare("DELETE FROM `domain_wide_footer` WHERE `domain`= :domain");
|
||||
$stmt->execute(array(':domain' => $domain));
|
||||
$stmt = $pdo->prepare("INSERT INTO `domain_wide_footer` (`domain`, `html`, `plain`, `mbox_exclude`, `skip_replies`) VALUES (:domain, :html, :plain, :mbox_exclude, :skip_replies)");
|
||||
$stmt = $pdo->prepare("INSERT INTO `domain_wide_footer` (`domain`, `html`, `plain`, `mbox_exclude`, `alias_domain_exclude`, `skip_replies`) VALUES (:domain, :html, :plain, :mbox_exclude, :alias_domain_exclude, :skip_replies)");
|
||||
$stmt->execute(array(
|
||||
':domain' => $domain,
|
||||
':html' => $footers['html'],
|
||||
':plain' => $footers['plain'],
|
||||
':mbox_exclude' => json_encode($footers['mbox_exclude']),
|
||||
':alias_domain_exclude' => json_encode($footers['alias_domain_exclude']),
|
||||
':skip_replies' => $footers['skip_replies'],
|
||||
));
|
||||
}
|
||||
@@ -4466,6 +4491,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
$domaindata['mboxes_in_domain'] = $MailboxDataDomain['count'];
|
||||
$domaindata['mboxes_left'] = $row['mailboxes'] - $MailboxDataDomain['count'];
|
||||
$domaindata['domain_name'] = $row['domain'];
|
||||
$domaindata['domain_h_name'] = idn_to_utf8($row['domain']);
|
||||
$domaindata['description'] = $row['description'];
|
||||
$domaindata['max_num_aliases_for_domain'] = $row['aliases'];
|
||||
$domaindata['max_num_mboxes_for_domain'] = $row['mailboxes'];
|
||||
@@ -4801,7 +4827,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
}
|
||||
|
||||
try {
|
||||
$stmt = $pdo->prepare("SELECT `html`, `plain`, `mbox_exclude`, `skip_replies` FROM `domain_wide_footer`
|
||||
$stmt = $pdo->prepare("SELECT `html`, `plain`, `mbox_exclude`, `alias_domain_exclude`, `skip_replies` FROM `domain_wide_footer`
|
||||
WHERE `domain` = :domain");
|
||||
$stmt->execute(array(
|
||||
':domain' => $domain
|
||||
|
||||
@@ -145,17 +145,22 @@ function rspamd_maps($_action, $_data = null) {
|
||||
$maps = (array)$_data['map'];
|
||||
$valid_maps = array();
|
||||
foreach ($maps as $map) {
|
||||
$is_valid = false;
|
||||
foreach ($RSPAMD_MAPS as $rspamd_map_type) {
|
||||
if (!in_array($map, $rspamd_map_type)) {
|
||||
$_SESSION['return'][] = array(
|
||||
'type' => 'danger',
|
||||
'log' => array(__FUNCTION__, $_action, '-'),
|
||||
'msg' => array('global_map_invalid', $map)
|
||||
);
|
||||
} else {
|
||||
array_push($valid_maps, $map);
|
||||
if (in_array($map, $rspamd_map_type)) {
|
||||
$is_valid = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if ($is_valid) {
|
||||
array_push($valid_maps, $map);
|
||||
} else {
|
||||
$_SESSION['return'][] = array(
|
||||
'type' => 'danger',
|
||||
'log' => array(__FUNCTION__, $_action, '-'),
|
||||
'msg' => array('global_map_invalid', $map)
|
||||
);
|
||||
}
|
||||
}
|
||||
foreach ($valid_maps as $map) {
|
||||
try {
|
||||
|
||||
@@ -78,7 +78,6 @@ $globalVariables = [
|
||||
'app_links_processed' => $app_links_processed,
|
||||
'is_root_uri' => (parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH) == '/'),
|
||||
'uri' => $_SERVER['REQUEST_URI'],
|
||||
'last_login' => last_login('get', $_SESSION['mailcow_cc_username'], 7, 0)['ui']['time']
|
||||
];
|
||||
|
||||
foreach ($globalVariables as $globalVariableName => $globalVariableValue) {
|
||||
|
||||
@@ -3,7 +3,7 @@ function init_db_schema() {
|
||||
try {
|
||||
global $pdo;
|
||||
|
||||
$db_version = "06062024_1210";
|
||||
$db_version = "31072024_1012";
|
||||
|
||||
$stmt = $pdo->query("SHOW TABLES LIKE 'versions'");
|
||||
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
|
||||
@@ -273,6 +273,7 @@ function init_db_schema() {
|
||||
"html" => "LONGTEXT",
|
||||
"plain" => "LONGTEXT",
|
||||
"mbox_exclude" => "JSON NOT NULL DEFAULT ('[]')",
|
||||
"alias_domain_exclude" => "JSON NOT NULL DEFAULT ('[]')",
|
||||
"skip_replies" => "TINYINT(1) NOT NULL DEFAULT '0'"
|
||||
),
|
||||
"keys" => array(
|
||||
@@ -1004,7 +1005,7 @@ function init_db_schema() {
|
||||
)
|
||||
),
|
||||
"attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC"
|
||||
),
|
||||
),
|
||||
"pushover" => array(
|
||||
"cols" => array(
|
||||
"username" => "VARCHAR(255) NOT NULL",
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
headline: lang.sieve_preset_1
|
||||
content: |
|
||||
require ["reject","body","regex"];
|
||||
if anyof (body :raw :regex ["filename=.*\.doc","filename=.*\.exe","filename=.*\.moo"]) {
|
||||
if anyof (body :raw :regex ["filename=\".*\\.(doc|exe|moo)\""]) {
|
||||
reject text:
|
||||
doc, exe and moo are dangerous file extensions.
|
||||
Why would you do that? I am a sad cow.
|
||||
|
||||
@@ -95,6 +95,8 @@ $AVAILABLE_LANGUAGES = array(
|
||||
'it-it' => 'Italiano (Italian)',
|
||||
'ko-kr' => '한국어 (Korean)',
|
||||
'lv-lv' => 'latviešu (Latvian)',
|
||||
'lt-lt' => 'Lietuvių (Lithuanian)',
|
||||
'nb-no' => 'Norsk (Norwegian)',
|
||||
'nl-nl' => 'Nederlands (Dutch)',
|
||||
'pl-pl' => 'Język Polski (Polish)',
|
||||
'pt-br' => 'Português brasileiro (Brazilian Portuguese)',
|
||||
|
||||
Reference in New Issue
Block a user