From 2052e167f7dc04e37041443f640af4e8c18c3bc0 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 04 Dec 2012 08:36:35 -0500
Subject: [PATCH] Fixed: FS#2524 - Add check in remote api that no email alias can be added that exists as mailbox

---
 interface/lib/classes/remoting.inc.php |   34 +++++++++++++++++++++++++++-------
 1 files changed, 27 insertions(+), 7 deletions(-)

diff --git a/interface/lib/classes/remoting.inc.php b/interface/lib/classes/remoting.inc.php
index 1bcc1c2..ed7c3ed 100644
--- a/interface/lib/classes/remoting.inc.php
+++ b/interface/lib/classes/remoting.inc.php
@@ -481,11 +481,21 @@
 	//* aliasy email
 	public function mail_alias_add($session_id, $client_id, $params)
 	{
+		global $app;
+		
 		if (!$this->checkPerm($session_id, 'mail_alias_add'))
 		{
 			$this->server->fault('permission_denied','You do not have the permissions to access this function.');
 			return false;
 		}
+		
+		//* Check if there is no active mailbox with this address
+		$tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE postfix = 'y' AND email = '".$app->db->quote($params["source"])."'");
+		if($tmp['number'] > 0) {
+			$this->server->fault('duplicate','There is already a mailbox with this email address.');
+		}
+		unset($tmp);
+		
 		$affected_rows = $this->insertQuery('../mail/form/mail_alias.tform.php', $client_id, $params);
 		return $affected_rows;
 	}
@@ -493,13 +503,23 @@
 
 	public function mail_alias_update($session_id, $client_id, $primary_id, $params)
 	{
-			if (!$this->checkPerm($session_id, 'mail_alias_update'))
-			{
-					$this->server->fault('permission_denied','You do not have the permissions to access this function.');
-					return false;
-			}
-			$affected_rows = $this->updateQuery('../mail/form/mail_alias.tform.php', $client_id, $primary_id, $params);
-			return $affected_rows;
+		global $app;
+		
+		if (!$this->checkPerm($session_id, 'mail_alias_update'))
+		{
+			$this->server->fault('permission_denied','You do not have the permissions to access this function.');
+			return false;
+		}
+			
+			//* Check if there is no active mailbox with this address
+		$tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE postfix = 'y' AND email = '".$app->db->quote($params["source"])."'");
+		if($tmp['number'] > 0) {
+			$this->server->fault('duplicate','There is already a mailbox with this email address.');
+		}
+		unset($tmp);
+			
+		$affected_rows = $this->updateQuery('../mail/form/mail_alias.tform.php', $client_id, $primary_id, $params);
+		return $affected_rows;
 	}
 
 	public function mail_alias_delete($session_id, $primary_id)

--
Gitblit v1.9.1