From 5ca959fa688255a8de61f89fe2751eb4d24a6912 Mon Sep 17 00:00:00 2001
From: Florian Schaal <florian@schaal-24.de>
Date: Tue, 22 Mar 2016 09:22:07 -0400
Subject: [PATCH] fixed typo

---
 interface/lib/classes/remote.d/mail.inc.php |  152 +++++++++++++++++++++++++++++++++++++++++++++++---
 1 files changed, 143 insertions(+), 9 deletions(-)

diff --git a/interface/lib/classes/remote.d/mail.inc.php b/interface/lib/classes/remote.d/mail.inc.php
index 7adaf1f..9229899 100644
--- a/interface/lib/classes/remote.d/mail.inc.php
+++ b/interface/lib/classes/remote.d/mail.inc.php
@@ -208,11 +208,15 @@
 
 		//* Check if mail domain exists
 		$email_parts = explode('@', $params['email']);
-		$tmp = $app->db->queryOneRecord("SELECT domain FROM mail_domain WHERE domain = '".$app->db->quote($email_parts[1])."'");
+		$tmp = $app->db->queryOneRecord("SELECT domain FROM mail_domain WHERE domain = ?", $email_parts[1]);
 		if($tmp['domain'] != $email_parts[1]) {
 			throw new SoapFault('mail_domain_does_not_exist', 'Mail domain - '.$email_parts[1].' - does not exist.');
 			return false;
 		}
+
+		//* Set a few params to non empty values that will be overwritten by mail_plugin
+		if (!isset($params['uid'])) $params['uid'] = -1;
+		if (!isset($params['gid'])) $params['gid'] = -1;
 
 		$affected_rows = $this->insertQuery('../mail/form/mail_user.tform.php', $client_id, $params);
 		return $affected_rows;
@@ -231,7 +235,7 @@
 
 		//* Check if mail domain exists
 		$email_parts = explode('@', $params['email']);
-		$tmp = $app->db->queryOneRecord("SELECT domain FROM mail_domain WHERE domain = '".$app->db->quote($email_parts[1])."'");
+		$tmp = $app->db->queryOneRecord("SELECT domain FROM mail_domain WHERE domain = ?", $email_parts[1]);
 		if($tmp['domain'] != $email_parts[1]) {
 			throw new SoapFault('mail_domain_does_not_exist', 'Mail domain - '.$email_parts[1].' - does not exist.');
 			return false;
@@ -305,6 +309,73 @@
 		// $app->plugin->raiseEvent('mail:mail_user_filter:on_after_delete',$this);
 		return $affected_rows;
 	}
+	
+	// Mail backup list function by Dominik M�ller, info@profi-webdesign.net
+	public function mail_user_backup_list($session_id, $primary_id = null)
+	{
+		global $app;
+	
+		if(!$this->checkPerm($session_id, 'mail_user_backup')) {
+			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+			return false;
+		}
+	
+		$params = array();
+		if ($site_id != null) {
+			$params[] = $site_id;
+			$sql  = "SELECT * FROM mail_backup WHERE parent_domain_id = ?";
+		}
+		else {
+			$sql  = "SELECT * FROM mail_backup";
+		}
+	
+		$result = $app->db->queryAllRecords($sql, true, $params);
+		return $result;
+	}
+	
+	// Mail backup restore/download functions by Dominik M�ller, info@profi-webdesign.net
+	public function mail_user_backup($session_id, $primary_id, $action_type)
+	{
+		global $app;
+	
+		if(!$this->checkPerm($session_id, 'mail_user_backup')) {
+			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+			return false;
+		}
+	
+		//*Set variables
+		$backup_record  =       $app->db->queryOneRecord("SELECT * FROM `mail_backup` WHERE `backup_id`=?", $primary_id);
+		$server_id      =       $backup_record['server_id'];
+	
+		//*Set default action state
+		$action_state   =       "pending";
+		$tstamp         =       time();
+	
+		//* Basic validation of variables
+		if ($server_id <= 0) {
+			$this->server->fault('invalid_backup_id', "Invalid or non existant backup_id $primary_id");
+			return false;
+		}
+	
+		if (/*$action_type != 'backup_download_mail' and*/ $action_type != 'backup_restore_mail' and $action_type != 'backup_delete_mail') {
+			$this->server->fault('invalid_action', "Invalid action_type $action_type");
+			return false;
+		}
+	
+		//* Validate instance
+		$instance_record        =       $app->db->queryOneRecord("SELECT * FROM `sys_remoteaction` WHERE `action_param`=? and `action_type`=? and `action_state`='pending'", $primary_id, $action_type);
+		if ($instance_record['action_id'] >= 1) {
+			$this->server->fault('duplicate_action', "There is already a pending $action_type action");
+			return false;
+		}
+	
+		//* Save the record
+		if ($app->db->query("INSERT INTO `sys_remoteaction` SET `server_id` = ?, `tstamp` = ?, `action_type` = ?, `action_param` = ?, `action_state` = ?", $server_id, $tstamp, $action_type, $primary_id, $action_state)) {
+			return true;
+		} else {
+			return false;
+		}
+	}
 
 	//* Get alias details
 	public function mail_alias_get($session_id, $primary_id)
@@ -332,7 +403,7 @@
 		}
 
 		//* Check if there is no active mailbox with this address
-		$tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE postfix = 'y' AND email = '".$app->db->quote($params["source"])."'");
+		$tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE postfix = 'y' AND email = ?", $params["source"]);
 		if($tmp['number'] > 0) {
 			throw new SoapFault('duplicate', 'There is already a mailbox with this email address.');
 		}
@@ -354,7 +425,7 @@
 		}
 
 		//* Check if there is no active mailbox with this address
-		$tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE postfix = 'y' AND email = '".$app->db->quote($params["source"])."'");
+		$tmp = $app->db->queryOneRecord("SELECT count(mailuser_id) as number FROM mail_user WHERE postfix = 'y' AND email = ?", $params["source"]);
 		if($tmp['number'] > 0) {
 			throw new SoapFault('duplicate', 'There is already a mailbox with this email address.');
 		}
@@ -523,6 +594,57 @@
 		return $affected_rows;
 	}
 
+	//* Get mail relay_recipient details
+	public function mail_relay_recipient_get($session_id, $primary_id)
+	{
+		global $app;
+
+		if(!$this->checkPerm($session_id, 'mail_relay_get')) {
+				$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+				return false;
+		}
+		$app->uses('remoting_lib');
+		$app->remoting_lib->loadFormDef('../mail/form/mail_relay_recipient.tform.php');
+		return $app->remoting_lib->getDataRecord($primary_id);
+	}
+
+
+	//* relay recipient email
+	public function mail_relay_recipient_add($session_id, $client_id, $params)
+	{
+		if (!$this->checkPerm($session_id, 'mail_relay_add'))
+		{
+			$this->server->fault('permission_denied','You do not have the permissions to access this function.');
+			return false;
+		}
+		$affected_rows = $this->insertQuery('../mail/form/mail_relay_recipient.tform.php', $client_id, $params);
+		return $affected_rows;
+	}
+
+
+	public function mail_relay_recipient_update($session_id, $client_id, $primary_id, $params)
+	{
+		if (!$this->checkPerm($session_id, 'mail_relay_update'))
+		{
+			$this->server->fault('permission_denied','You do not have the permissions to access this function.');
+			return false;
+		}
+		$affected_rows = $this->updateQuery('../mail/form/mail_relay_recipient.tform.php', $client_id, $primary_id, $params);
+		return $affected_rows;
+	}
+
+
+	public function mail_relay_recipient_delete($session_id, $primary_id)
+	{
+		if (!$this->checkPerm($session_id, 'mail_relay_delete'))
+		{
+			$this->server->fault('permission_denied','You do not have the permissions to access this function.');
+			return false;
+		}
+		$affected_rows = $this->deleteQuery('../mail/form/mail_relay_recipient.tform.php', $primary_id);
+		return $affected_rows;
+	}
+	
 	//* Get spamfilter whitelist details
 	public function mail_spamfilter_whitelist_get($session_id, $primary_id)
 	{
@@ -939,9 +1061,8 @@
 			return false;
 		}
 		if (!empty($domain)) {
-			$domain       = $app->db->quote($domain);
-			$sql            = "SELECT * FROM mail_domain WHERE domain = '$domain'";
-			$result         = $app->db->queryAllRecords($sql);
+			$sql            = "SELECT * FROM mail_domain WHERE domain = ?";
+			$result         = $app->db->queryAllRecords($sql, $domain);
 			return          $result;
 		}
 		return false;
@@ -959,8 +1080,8 @@
 			} else {
 				$status = 'n';
 			}
-			$sql = "UPDATE mail_domain SET active = '$status' WHERE domain_id = ".$app->functions->intval($primary_id);
-			$app->db->query($sql);
+			$sql = "UPDATE mail_domain SET active = ? WHERE domain_id = ?";
+			$app->db->query($sql, $status, $primary_id);
 			$result = $app->db->affectedRows();
 			return $result;
 		} else {
@@ -969,6 +1090,19 @@
 		}
 	}
 
+	//** quota functions -----------------------------------------------------------------------------------
+	public function mailquota_get_by_user($session_id, $client_id)
+	{
+		global $app;
+		$app->uses('quota_lib');
+		
+		if(!$this->checkPerm($session_id, 'mailquota_get_by_user')) {
+			$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+			return false;
+		}
+		
+		return $app->quota_lib->get_mailquota_data($client_id, false);
+	}
 
 }
 

--
Gitblit v1.9.1