1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
<?php
class identity_addresses extends rcube_plugin {
public $task = 'settings';
private $rcmail;
function init() {
$this->rcmail = rcmail::get_instance();
$this->load_config();
$this->add_hook('identity_form', array($this, 'fix_form'));
$this->add_hook('identity_create', array($this, 'validate_create'));
$this->add_hook('identity_update', array($this, 'validate_update'));
}
function fix_form($params) {
$options = array($_SESSION['username'] => $_SESSION['username']);
$permitted_addresses = $this->get_permitted_addresses();
foreach ($permitted_addresses as $addr) {
$options[$addr] = $addr;
}
$form = $params['form'];
$form['addressing']['content']['email'] = array(
'type' => 'select',
'skip-empty' => true,
'options' => $options
);
return array('form' => $form, 'record' => $params['record']);
}
function validate_create($params) {
$record = $params['record'];
return array(
'abort' => $this->validate_modification($record),
'record' => $record
);
}
function validate_update($params) {
$record = $params['record'];
return array(
'abort' => $this->validate_modification($record),
'record' => $record
);
}
function validate_modification($record) {
return !in_array($record['email'],
$this->get_permitted_addresses($record));
}
private function get_permitted_addresses() {
if (!($sql = $this->rcmail->config->get('identity_addresses_query'))) {
return [];
}
if ($dsn = $this->rcmail->config->get('identity_addresses_db_dsn')) {
$db = rcube_db::factory(self::parse_dsn($dsn), '', false);
$db->set_debug((bool) $this->rcmail->config->get('sql_debug'));
} else {
$db = $this->rcmail->get_dbh();
}
if ($db->is_error()) {
return [];
}
$local_part = $this->rcmail->user->get_username('local');
$domain_part = rcube_utils::idn_to_utf8($this->rcmail->user->get_username('domain'));
$username = rcube_utils::idn_to_utf8($_SESSION['username']);
$host = rcube_utils::idn_to_utf8($_SESSION['imap_host']);
$sql = str_replace('%l', $db->quote($local_part, 'text'), $sql);
$sql = str_replace('%d', $db->quote($domain_part, 'text'), $sql);
$sql = str_replace('%u', $db->quote($username, 'text'), $sql);
$sql = str_replace('%h', $db->quote($host, 'text'), $sql);
$result = $db->query($sql);
if ($db->is_error($result))
return [];
$permitted_addresses = [];
while ($row = $db->fetch_array($result))
$permitted_addresses[] = $row[0];
return $permitted_addresses;
}
private static function parse_dsn($dsn) {
if (strpos($dsn, '%')) {
// parse DSN and replace variables in hostname
$parsed = rcube_db::parse_dsn($dsn);
$host = rcube_utils::parse_host($parsed['hostspec']);
// build back the DSN string
if ($host != $parsed['hostspec']) {
$dsn = str_replace('@' . $parsed['hostspec'], '@' . $host, $dsn);
}
}
return $dsn;
}
}
?>
|
