From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty
---
interface/lib/plugins/mail_user_filter_plugin.inc.php | 92 +++++++++++++++++++++++++++++----------------
1 files changed, 59 insertions(+), 33 deletions(-)
diff --git a/interface/lib/plugins/mail_user_filter_plugin.inc.php b/interface/lib/plugins/mail_user_filter_plugin.inc.php
index 8faeab5..e831789 100644
--- a/interface/lib/plugins/mail_user_filter_plugin.inc.php
+++ b/interface/lib/plugins/mail_user_filter_plugin.inc.php
@@ -61,7 +61,7 @@
function mail_user_filter_edit($event_name, $page_form) {
global $app, $conf;
- $mailuser = $app->db->queryOneRecord("SELECT custom_mailfilter FROM mail_user WHERE mailuser_id = ".$page_form->dataRecord["mailuser_id"]);
+ $mailuser = $app->db->queryOneRecord("SELECT custom_mailfilter FROM mail_user WHERE mailuser_id = ?", $page_form->dataRecord["mailuser_id"]);
$skip = false;
$lines = explode("\n", $mailuser['custom_mailfilter']);
$out = '';
@@ -86,8 +86,7 @@
$out = $new_rule . $out;
}
- $out = $app->db->quote($out);
- $app->db->datalogUpdate('mail_user', "custom_mailfilter = '$out'", 'mailuser_id', $page_form->dataRecord["mailuser_id"]);
+ $app->db->datalogUpdate('mail_user', array("custom_mailfilter" => $out), 'mailuser_id', $page_form->dataRecord["mailuser_id"]);
}
@@ -95,7 +94,7 @@
function mail_user_filter_del($event_name, $page_form) {
global $app, $conf;
- $mailuser = $app->db->queryOneRecord("SELECT custom_mailfilter FROM mail_user WHERE mailuser_id = ".$page_form->dataRecord["mailuser_id"]);
+ $mailuser = $app->db->queryOneRecord("SELECT custom_mailfilter FROM mail_user WHERE mailuser_id = ?", $page_form->dataRecord["mailuser_id"]);
$skip = false;
$lines = explode("\n", $mailuser['custom_mailfilter']);
$out = '';
@@ -111,8 +110,7 @@
}
}
- $out = $app->db->quote($out);
- $app->db->datalogUpdate('mail_user', "custom_mailfilter = '$out'", 'mailuser_id', $page_form->dataRecord["mailuser_id"]);
+ $app->db->datalogUpdate('mail_user', array("custom_mailfilter" => $out), 'mailuser_id', $page_form->dataRecord["mailuser_id"]);
}
@@ -124,7 +122,7 @@
global $app, $conf;
$app->uses("getconf");
- $mailuser_rec = $app->db->queryOneRecord("SELECT server_id FROM mail_user WHERE mailuser_id = ".$app->functions->intval($page_form->dataRecord["mailuser_id"]));
+ $mailuser_rec = $app->db->queryOneRecord("SELECT server_id FROM mail_user WHERE mailuser_id = ?", $page_form->dataRecord["mailuser_id"]);
$mail_config = $app->getconf->get_server_config($app->functions->intval($mailuser_rec["server_id"]), 'mail');
if($mail_config['mail_filter_syntax'] == 'sieve') {
@@ -137,41 +135,69 @@
$content .= '### BEGIN FILTER_ID:'.$page_form->id."\n";
//$content .= 'require ["fileinto", "regex", "vacation"];'."\n";
+
+ if($page_form->dataRecord["op"] == 'domain') {
+ $content .= 'if address :domain :is "'.strtolower($page_form->dataRecord["source"]).'" "'.$page_form->dataRecord["searchterm"].'" {'."\n";
+ } elseif ($page_form->dataRecord["op"] == 'localpart') {
+ $content .= 'if address :localpart :is "'.strtolower($page_form->dataRecord["source"]).'" "'.$page_form->dataRecord["searchterm"].'" {'."\n";
+ } elseif ($page_form->dataRecord["source"] == 'Size') {
+ if(substr(trim($page_form->dataRecord["searchterm"]),-1) == 'k' || substr(trim($page_form->dataRecord["searchterm"]),-1) == 'K') {
+ $unit = 'k';
+ } else {
+ $unit = 'm';
+ }
+ $content .= 'if size :over '.intval($page_form->dataRecord["searchterm"]).$unit.' {'."\n";
+ } else {
+
+ if($page_form->dataRecord["source"] == 'Header') {
+ $parts = explode(':',trim($page_form->dataRecord["searchterm"]));
+ $page_form->dataRecord["source"] = trim($parts[0]);
+ unset($parts[0]);
+ $page_form->dataRecord["searchterm"] = trim(implode(':',$parts));
+ unset($parts);
+ }
- $content .= 'if header :regex ["'.strtolower($page_form->dataRecord["source"]).'"] ["';
+ $content .= 'if header :regex ["'.strtolower($page_form->dataRecord["source"]).'"] ["';
- $searchterm = preg_quote($page_form->dataRecord["searchterm"]);
- $searchterm = str_replace(
- array(
- '"',
- '\\[',
- '\\]'
- ),
- array(
- '\\"',
- '\\\\[',
- '\\\\]'
- ), $searchterm);
+ $searchterm = preg_quote($page_form->dataRecord["searchterm"]);
+ $searchterm = str_replace(
+ array(
+ '"',
+ '\\[',
+ '\\]'
+ ),
+ array(
+ '\\"',
+ '\\\\[',
+ '\\\\]'
+ ), $searchterm);
- if($page_form->dataRecord["op"] == 'contains') {
- $content .= ".*".$searchterm;
- } elseif ($page_form->dataRecord["op"] == 'is') {
- $content .= "^".$searchterm."$";
- } elseif ($page_form->dataRecord["op"] == 'begins') {
- $content .= "^".$searchterm.".*";
- } elseif ($page_form->dataRecord["op"] == 'ends') {
- $content .= ".*".$searchterm."$";
+ if($page_form->dataRecord["op"] == 'contains') {
+ $content .= ".*".$searchterm;
+ } elseif ($page_form->dataRecord["op"] == 'is') {
+ $content .= "^".$searchterm."$";
+ } elseif ($page_form->dataRecord["op"] == 'begins') {
+ $content .= " ".$searchterm."";
+ } elseif ($page_form->dataRecord["op"] == 'ends') {
+ $content .= ".*".$searchterm."$";
+ }
+
+ $content .= '"] {'."\n";
}
-
- $content .= '"] {'."\n";
if($page_form->dataRecord["action"] == 'move') {
- $content .= ' fileinto "'.$page_form->dataRecord["target"].'";' . "\n";
+ $content .= ' fileinto "'.$page_form->dataRecord["target"].'";' . "\n stop;\n";
+ } elseif ($page_form->dataRecord["action"] == 'keep') {
+ $content .= " keep;\n";
+ } elseif ($page_form->dataRecord["action"] == 'stop') {
+ $content .= " stop;\n";
+ } elseif ($page_form->dataRecord["action"] == 'reject') {
+ $content .= ' reject "'.$page_form->dataRecord["target"].'"; stop;\n\n';
} else {
- $content .= " discard;\n";
+ $content .= " discard;\n stop;\n";
}
- $content .= " stop;\n}\n";
+ $content .= "}\n";
$content .= '### END FILTER_ID:'.$page_form->id."\n";
--
Gitblit v1.9.1